--- loncom/interface/lonuserutils.pm 2013/12/06 12:11:09 1.157
+++ loncom/interface/lonuserutils.pm 2019/05/06 18:25:58 1.198
@@ -1,7 +1,7 @@
# The LearningOnline Network with CAPA
# Utility functions for managing LON-CAPA user accounts
#
-# $Id: lonuserutils.pm,v 1.157 2013/12/06 12:11:09 bisitz Exp $
+# $Id: lonuserutils.pm,v 1.198 2019/05/06 18:25:58 raeburn Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -30,12 +30,29 @@
package Apache::lonuserutils;
+=pod
+
+=head1 NAME
+
+Apache::lonuserutils.pm
+
+=head1 SYNOPSIS
+
+ Utilities for management of users and custom roles
+
+ Provides subroutines called by loncreateuser.pm
+
+=head1 OVERVIEW
+
+=cut
+
use strict;
use Apache::lonnet;
use Apache::loncommon();
use Apache::lonhtmlcommon;
use Apache::lonlocal;
use Apache::longroup;
+use HTML::Entities;
use LONCAPA qw(:DEFAULT :match);
###############################################################
@@ -401,7 +418,7 @@ sub javascript_validations {
my $showcredits;
my %domdefaults = &Apache::lonnet::get_domain_defaults($domain);
- if ($domdefaults{'officialcredits'} || $domdefaults{'unofficialcredits'}) {
+ if ($domdefaults{'officialcredits'} || $domdefaults{'unofficialcredits'} || $domdefaults{'textbookcredits'}) {
$showcredits = 1;
}
@@ -421,7 +438,7 @@ sub javascript_validations {
} elsif ($context eq 'domain') {
$setsection_call = 'setCourse()';
$setsections_js = &dc_setcourse_js($param{'formname'},$mode,
- $context,$showcredits);
+ $context,$showcredits,$domain);
}
$finish = " var checkSec = $setsection_call\n".
" if (checkSec == 'ok') {\n".
@@ -450,6 +467,7 @@ sub javascript_validations {
if (($mode eq 'upload') && ($context eq 'domain')) {
$alert{'inststatus'} = &mt('The optional affiliation field was not specified');
}
+ &js_escape(\%alert);
my $function_name = <<"END";
$setsections_js
@@ -513,21 +531,26 @@ END
/* regexp here to check for non \d \. in credits */
END
} else {
+ my ($numrules,$intargjs) =
+ &passwd_validation_js('vf.elements[current.argfield].value',$domain);
$auth_checks .= (< 0) {
+$intargjs
+ }
}
END
}
@@ -623,6 +650,136 @@ END
$section_checks.$authheader;
return $result;
}
+
+sub passwd_validation_js {
+ my ($currpasswdval,$domain) = @_;
+ my %passwdconf = &Apache::lonnet::get_passwdconf($domain);
+ my ($min,$max,@chars,$numrules,$intargjs,%alert);
+ $numrules = 0;
+ if (ref($passwdconf{'chars'}) eq 'ARRAY') {
+ if ($passwdconf{'min'} =~ /^\d+$/) {
+ $min = $passwdconf{'min'};
+ $numrules ++;
+ }
+ if ($passwdconf{'max'} =~ /^\d+$/) {
+ $max = $passwdconf{'max'};
+ $numrules ++;
+ }
+ @chars = @{$passwdconf{'chars'}};
+ if (@chars) {
+ $numrules ++;
+ }
+ } else {
+ $min = 7;
+ $numrules ++;
+ }
+ if (($min ne '') || ($max ne '') || (@chars > 0)) {
+ my $alertmsg = &mt('Initial password did not satisfy requirement(s):').'\n\n';
+ if ($min) {
+ $alert{'min'} = &mt('minimum [quant,_1,character]',$min).'\n';
+ }
+ if ($max) {
+ $alert{'max'} = &mt('maximum [quant,_1,character]',$max).'\n';
+ }
+ my (@charalerts,@charrules);
+ if (@chars) {
+ if (grep(/^uc$/,@chars)) {
+ push(@charalerts,&mt('contain at least one upper case letter'));
+ push(@charrules,'uc');
+ }
+ if (grep(/^lc$/,@chars)) {
+ push(@charalerts,&mt('contain at least one lower case letter'));
+ push(@charrules,'lc');
+ }
+ if (grep(/^num$/,@chars)) {
+ push(@charalerts,&mt('contain at least one number'));
+ push(@charrules,'num');
+ }
+ if (grep(/^spec$/,@chars)) {
+ push(@charalerts,&mt('contain at least one non-alphanumeric'));
+ push(@charrules,'spec');
+ }
+ }
+ $intargjs = qq| var rulesmsg = '';\n|.
+ qq| var currpwval = $currpasswdval;\n|;
+ if ($min) {
+ $intargjs .= qq|
+ if (currpwval.length < $min) {
+ rulesmsg += ' - $alert{min}';
+ }
+|;
+ }
+ if ($max) {
+ $intargjs .= qq|
+ if (currpwval.length > $max) {
+ rulesmsg += ' - $alert{max}';
+ }
+|;
+ }
+ if (@chars > 0) {
+ my $charrulestr = '"'.join('","',@charrules).'"';
+ my $charalertstr = '"'.join('","',@charalerts).'"';
+ $intargjs .= qq| var brokerules = new Array();\n|.
+ qq| var charrules = new Array($charrulestr);\n|.
+ qq| var charalerts = new Array($charalertstr);\n|;
+ my %rules;
+ map { $rules{$_} = 1; } @chars;
+ if ($rules{'uc'}) {
+ $intargjs .= qq|
+ var ucRegExp = /[A-Z]/;
+ if (!ucRegExp.test(currpwval)) {
+ brokerules.push('uc');
+ }
+|;
+ }
+ if ($rules{'lc'}) {
+ $intargjs .= qq|
+ var lcRegExp = /[a-z]/;
+ if (!lcRegExp.test(currpwval)) {
+ brokerules.push('lc');
+ }
+|;
+ }
+ if ($rules{'num'}) {
+ $intargjs .= qq|
+ var numRegExp = /[0-9]/;
+ if (!numRegExp.test(currpwval)) {
+ brokerules.push('num');
+ }
+|;
+ }
+ if ($rules{'spec'}) {
+ $intargjs .= q|
+ var specRegExp = /[!"#$%&'()*+,\-.\/:;<=>?@[\\\]^_`{\|}~]/;
+ if (!specRegExp.test(currpwval)) {
+ brokerules.push('spec');
+ }
+|;
+ }
+ $intargjs .= qq|
+ if (brokerules.length > 0) {
+ for (var i=0; i{'int'}) {
- my $warning = &mt('You may not specify an initial password for each user, as this is only available when new users use LON-CAPA internal authentication.').'\n'.
+ my $warning = &mt('You may not specify an initial password for each user, as this is only available when new users use LON-CAPA internal authentication.')."\n".
&mt('Your current role does not have rights to create users with that authentication type.');
+ &js_escape(\$warning);
$auth_update = <<"END";
// Currently the initial password field is only supported for internal auth
// (see bug 6368).
@@ -781,6 +939,7 @@ sub upload_manager_javascript_reverse_as
if (!$can_assign->{'int'}) {
my $warning = &mt('You may not specify an initial password, as this is only available when new users use LON-CAPA internal authentication.\n').
&mt('Your current role does not have rights to create users with that authentication type.');
+ &js_escape(\$warning);
$auth_update = <<"END";
// Currently the initial password field is only supported for internal auth
// (see bug 6368).
@@ -878,6 +1037,7 @@ sub print_upload_manager_footer {
my $krbform = &Apache::loncommon::authform_kerberos(%param);
my $intform = &Apache::loncommon::authform_internal(%param);
my $locform = &Apache::loncommon::authform_local(%param);
+ my $ltiform = &Apache::loncommon::authform_lti(%param);
my $date_table = &date_setting_table(undef,undef,$context,undef,
$formname,$permission,$crstype);
@@ -906,7 +1066,7 @@ sub print_upload_manager_footer {
&Apache::loncommon::help_open_topic('Auth_Options').
"
\n";
}
- $Str .= &set_login($defdom,$krbform,$intform,$locform);
+ $Str .= &set_login($defdom,$krbform,$intform,$locform,$ltiform);
my ($home_server_pick,$numlib) =
&Apache::loncommon::home_server_form_item($defdom,'lcserver',
@@ -923,8 +1083,14 @@ sub print_upload_manager_footer {
&Apache::lonhtmlcommon::row_closure();
}
+ my ($trusted,$untrusted);
+ if ($context eq 'course') {
+ ($trusted,$untrusted) = &Apache::lonnet::trusted_domains('enroll',$defdom);
+ } elsif ($context eq 'author') {
+ ($trusted,$untrusted) = &Apache::lonnet::trusted_domains('othcoau',$defdom);
+ }
$Str .= &Apache::lonhtmlcommon::row_title(&mt('Default domain'))
- .&Apache::loncommon::select_dom_form($defdom,'defaultdomain',undef,1)
+ .&Apache::loncommon::select_dom_form($defdom,'defaultdomain',undef,1,undef,$trusted,$untrusted)
.&Apache::lonhtmlcommon::row_closure();
$Str .= &Apache::lonhtmlcommon::row_title(&mt('Starting and Ending Dates'))
@@ -1013,7 +1179,9 @@ sub print_upload_manager_footer {
.&Apache::lonhtmlcommon::row_closure();
}
if ($context eq 'course' || $context eq 'domain') {
- $Str .= &forceid_change($context);
+ $Str .= &Apache::lonhtmlcommon::row_title(&mt('Student/Employee ID'))
+ .&forceid_change($context)
+ .&Apache::lonhtmlcommon::row_closure(1); # last row in pick_box
}
$Str .= &Apache::lonhtmlcommon::end_pick_box();
@@ -1047,10 +1215,12 @@ sub get_defaultcredits {
return unless(($cdom =~ /^$match_domain$/) && ($cnum =~ /^$match_courseid$/));
my ($defaultcredits,$domdefcredits);
my %domdefaults = &Apache::lonnet::get_domain_defaults($cdom);
- if ($domdefaults{'officialcredits'} || $domdefaults{'unofficialcredits'}) {
+ if ($domdefaults{'officialcredits'} || $domdefaults{'unofficialcredits'} || $domdefaults{'textbookcredits'}) {
my $instcode = $env{'course.'.$cdom.'_'.$cnum.'.internal.coursecode'};
if ($instcode) {
$domdefcredits = $domdefaults{'officialcredits'};
+ } elsif ($env{'course.'.$cdom.'_'.$cnum.'.internal.textbook'}) {
+ $domdefcredits = $domdefaults{'textbookcredits'};
} else {
$domdefcredits = $domdefaults{'unofficialcredits'};
}
@@ -1076,18 +1246,15 @@ sub get_defaultcredits {
sub forceid_change {
my ($context) = @_;
my $output =
- &Apache::lonhtmlcommon::row_title(&mt('Student/Employee ID'))
- .' '."\n"
- .&mt('(only do if you know what you are doing.)')."\n";
+ ''.&Apache::loncommon::help_open_topic('ForceIDChange')."\n";
if ($context eq 'domain') {
- $output .= ' '."\n";
+ $output .=
+ ' '
+ .''."\n";
}
- $output .= &Apache::lonhtmlcommon::row_closure(1); # last row in pick_box
return $output;
}
@@ -1100,8 +1267,15 @@ sub print_upload_manager_form {
if (!$env{'form.datatoken'}) {
$datatoken=&Apache::loncommon::upfile_store($r);
} else {
- $datatoken=$env{'form.datatoken'};
- &Apache::loncommon::load_tmp_file($r);
+ $datatoken=&Apache::loncommon::valid_datatoken($env{'form.datatoken'});
+ if ($datatoken ne '') {
+ &Apache::loncommon::load_tmp_file($r,$datatoken);
+ }
+ }
+ if ($datatoken eq '') {
+ $r->print('
'.&mt('Error').': '.
+ &mt('Invalid datatoken').'
');
+ return 'missingdata';
}
my @records=&Apache::loncommon::upfile_record_sep();
if($env{'form.noFirstLine'}){
@@ -1185,6 +1359,7 @@ sub print_upload_manager_form {
}
&print_upload_manager_footer($r,$i,$keyfields,$defdom,$today,$halfyear,
$context,$permission,$crstype,$showcredits);
+ return 'ok';
}
sub setup_date_selectors {
@@ -1392,9 +1567,9 @@ sub default_role_selector {
&default_course_roles($context,$checkpriv,'Course',%customroles)."\n".
'
'.
'
'.
- '
'.
+ '
'.
$lt{'exs'}.'
'.
'
'.
'
'.$lt{'new'}.' '.
@@ -1526,10 +1701,10 @@ sub curr_role_permissions {
# ======================================================= Existing Custom Roles
sub my_custom_roles {
- my ($crstype) = @_;
+ my ($crstype,$udom,$uname) = @_;
my %returnhash=();
my $extra = &Apache::lonnet::freeze_escape({'skipcheck' => 1});
- my %rolehash=&Apache::lonnet::dump('roles');
+ my %rolehash=&Apache::lonnet::dump('roles',$udom,$uname);
foreach my $key (keys(%rolehash)) {
if ($key=~/^rolesdef\_(\w+)$/) {
if ($crstype eq 'Community') {
@@ -1637,7 +1812,7 @@ sub print_userlist {
return;
}
my ($indexhash,$keylist) = &make_keylist_array();
- my (%userlist,%userinfo,$clearcoursepick);
+ my (%userlist,%userinfo,$clearcoursepick,$needauthorquota,$needauthorusage);
if (($context eq 'domain') &&
($env{'form.roletype'} eq 'course') ||
($env{'form.roletype'} eq 'community')) {
@@ -1709,6 +1884,12 @@ sub print_userlist {
\%cstr_roles,$permission);
} elsif ($context eq 'domain') {
if ($env{'form.roletype'} eq 'domain') {
+ if (grep(/^authorusage$/,@cols)) {
+ $needauthorusage = 1;
+ }
+ if (grep(/^authorquota$/,@cols)) {
+ $needauthorquota = 1;
+ }
%dom_roles = &Apache::lonnet::get_domain_roles($env{'request.role.domain'});
foreach my $key (keys(%dom_roles)) {
if (ref($dom_roles{$key}) eq 'HASH') {
@@ -1821,7 +2002,7 @@ sub print_userlist {
} else {
($usercount) = &show_users_list($r,$context,$env{'form.output'},
$permission,$env{'form.Status'},\%userlist,
- $keylist,'',$showcredits);
+ $keylist,'',$showcredits,$needauthorquota,$needauthorusage);
}
if (!$usercount) {
$r->print(' '
@@ -1991,7 +2172,7 @@ sub get_cols_array {
push(@cols,'photo');
}
if ($context eq 'domain') {
- push (@cols,'extent');
+ push (@cols,('authorusage','authorquota','extent'));
}
}
return @cols;
@@ -2027,6 +2208,8 @@ sub column_checkboxes {
if (($env{'form.roletype'} eq 'course') ||
($env{'form.roletype'} eq 'community')) {
$disabledchk{'status'} = 1;
+ $disabledchk{'authorusage'} = 1;
+ $disabledchk{'authorquota'} = 1;
} elsif ($env{'form.roletype'} eq 'domain') {
$disabledchk{'extent'} = 1;
}
@@ -2078,7 +2261,11 @@ sub column_checkboxes {
if (($env{'form.roletype'} eq 'domain') || ($env{'form.roletype'} eq '')) {
$style = ' style="display: none;"';
}
- }
+ } elsif (($cols[$i] eq 'authorusage') || ($cols[$i] eq 'authorquota')) {
+ if ($env{'form.roletype'} ne 'domain') {
+ $style = ' style="display: none;"';
+ }
+ }
$output .= '
'.&mt('[_1]Your CSV file[_2] is ready for download.', '','')."
\n");
$r->rflush();
}
if ($mode eq 'autoenroll') {
@@ -3121,6 +3375,10 @@ sub bulkaction_javascript {
my $noaction = &mt("You need to select an action to take for the user(s) you have selected");
my $singconfirm = &mt(' for a single user?');
my $multconfirm = &mt(' for multiple users?');
+ &js_escape(\$alert);
+ &js_escape(\$noaction);
+ &js_escape(\$singconfirm);
+ &js_escape(\$multconfirm);
my $output = <<"ENDJS";
function verify_action (field) {
var numchecked = 0;
@@ -3787,7 +4045,6 @@ sub show_drop_list {
$check_uncheck_js
// ]]>
-
END
my ($indexhash,$keylist) = &make_keylist_array();
@@ -3824,6 +4081,7 @@ END
$classlist,$keylist,$cdom,$cnum);
my %lt=&Apache::lonlocal::texthash('usrn' => "username",
'dom' => "domain",
+ 'id' => "ID",
'sn' => "student name",
'mn' => "member name",
'sec' => "section",
@@ -3842,7 +4100,7 @@ END