--- loncom/interface/lonuserutils.pm 2013/12/09 21:33:32 1.159
+++ loncom/interface/lonuserutils.pm 2019/08/25 02:42:56 1.202
@@ -1,7 +1,7 @@
# The LearningOnline Network with CAPA
# Utility functions for managing LON-CAPA user accounts
#
-# $Id: lonuserutils.pm,v 1.159 2013/12/09 21:33:32 raeburn Exp $
+# $Id: lonuserutils.pm,v 1.202 2019/08/25 02:42:56 raeburn Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -30,12 +30,29 @@
package Apache::lonuserutils;
+=pod
+
+=head1 NAME
+
+Apache::lonuserutils.pm
+
+=head1 SYNOPSIS
+
+ Utilities for management of users and custom roles
+
+ Provides subroutines called by loncreateuser.pm
+
+=head1 OVERVIEW
+
+=cut
+
use strict;
use Apache::lonnet;
use Apache::loncommon();
use Apache::lonhtmlcommon;
use Apache::lonlocal;
use Apache::longroup;
+use HTML::Entities;
use LONCAPA qw(:DEFAULT :match);
###############################################################
@@ -401,7 +418,7 @@ sub javascript_validations {
my $showcredits;
my %domdefaults = &Apache::lonnet::get_domain_defaults($domain);
- if ($domdefaults{'officialcredits'} || $domdefaults{'unofficialcredits'}) {
+ if ($domdefaults{'officialcredits'} || $domdefaults{'unofficialcredits'} || $domdefaults{'textbookcredits'}) {
$showcredits = 1;
}
@@ -421,7 +438,7 @@ sub javascript_validations {
} elsif ($context eq 'domain') {
$setsection_call = 'setCourse()';
$setsections_js = &dc_setcourse_js($param{'formname'},$mode,
- $context,$showcredits);
+ $context,$showcredits,$domain);
}
$finish = " var checkSec = $setsection_call\n".
" if (checkSec == 'ok') {\n".
@@ -450,6 +467,7 @@ sub javascript_validations {
if (($mode eq 'upload') && ($context eq 'domain')) {
$alert{'inststatus'} = &mt('The optional affiliation field was not specified');
}
+ &js_escape(\%alert);
my $function_name = <<"END";
$setsections_js
@@ -513,21 +531,26 @@ END
/* regexp here to check for non \d \. in credits */
END
} else {
+ my ($numrules,$intargjs) =
+ &passwd_validation_js('vf.elements[current.argfield].value',$domain);
$auth_checks .= (< 0) {
+$intargjs
+ }
}
END
}
@@ -623,6 +650,140 @@ END
$section_checks.$authheader;
return $result;
}
+
+sub passwd_validation_js {
+ my ($currpasswdval,$domain) = @_;
+ my %passwdconf = &Apache::lonnet::get_passwdconf($domain);
+ my ($min,$max,@chars,$numrules,$intargjs,%alert);
+ $numrules = 0;
+ $min = $Apache::lonnet::passwdmin;
+ if (ref($passwdconf{'chars'}) eq 'ARRAY') {
+ if ($passwdconf{'min'} =~ /^\d+$/) {
+ if ($passwdconf{'min'} > $min) {
+ $min = $passwdconf{'min'};
+ $numrules ++;
+ }
+ } else {
+ $numrules ++;
+ }
+ if ($passwdconf{'max'} =~ /^\d+$/) {
+ $max = $passwdconf{'max'};
+ $numrules ++;
+ }
+ @chars = @{$passwdconf{'chars'}};
+ if (@chars) {
+ $numrules ++;
+ }
+ } else {
+ $numrules ++;
+ }
+ if (($min > 0) || ($max ne '') || (@chars > 0)) {
+ my $alertmsg = &mt('Initial password did not satisfy requirement(s):').'\n\n';
+ if ($min) {
+ $alert{'min'} = &mt('minimum [quant,_1,character]',$min).'\n';
+ }
+ if ($max) {
+ $alert{'max'} = &mt('maximum [quant,_1,character]',$max).'\n';
+ }
+ my (@charalerts,@charrules);
+ if (@chars) {
+ if (grep(/^uc$/,@chars)) {
+ push(@charalerts,&mt('contain at least one upper case letter'));
+ push(@charrules,'uc');
+ }
+ if (grep(/^lc$/,@chars)) {
+ push(@charalerts,&mt('contain at least one lower case letter'));
+ push(@charrules,'lc');
+ }
+ if (grep(/^num$/,@chars)) {
+ push(@charalerts,&mt('contain at least one number'));
+ push(@charrules,'num');
+ }
+ if (grep(/^spec$/,@chars)) {
+ push(@charalerts,&mt('contain at least one non-alphanumeric'));
+ push(@charrules,'spec');
+ }
+ }
+ $intargjs = qq| var rulesmsg = '';\n|.
+ qq| var currpwval = $currpasswdval;\n|;
+ if ($min) {
+ $intargjs .= qq|
+ if (currpwval.length < $min) {
+ rulesmsg += ' - $alert{min}';
+ }
+|;
+ }
+ if ($max) {
+ $intargjs .= qq|
+ if (currpwval.length > $max) {
+ rulesmsg += ' - $alert{max}';
+ }
+|;
+ }
+ if (@chars > 0) {
+ my $charrulestr = '"'.join('","',@charrules).'"';
+ my $charalertstr = '"'.join('","',@charalerts).'"';
+ $intargjs .= qq| var brokerules = new Array();\n|.
+ qq| var charrules = new Array($charrulestr);\n|.
+ qq| var charalerts = new Array($charalertstr);\n|;
+ my %rules;
+ map { $rules{$_} = 1; } @chars;
+ if ($rules{'uc'}) {
+ $intargjs .= qq|
+ var ucRegExp = /[A-Z]/;
+ if (!ucRegExp.test(currpwval)) {
+ brokerules.push('uc');
+ }
+|;
+ }
+ if ($rules{'lc'}) {
+ $intargjs .= qq|
+ var lcRegExp = /[a-z]/;
+ if (!lcRegExp.test(currpwval)) {
+ brokerules.push('lc');
+ }
+|;
+ }
+ if ($rules{'num'}) {
+ $intargjs .= qq|
+ var numRegExp = /[0-9]/;
+ if (!numRegExp.test(currpwval)) {
+ brokerules.push('num');
+ }
+|;
+ }
+ if ($rules{'spec'}) {
+ $intargjs .= q|
+ var specRegExp = /[!"#$%&'()*+,\-.\/:;<=>?@[\\^\]_`{\|}~]/;
+ if (!specRegExp.test(currpwval)) {
+ brokerules.push('spec');
+ }
+|;
+ }
+ $intargjs .= qq|
+ if (brokerules.length > 0) {
+ for (var i=0; i{'int'}) {
- my $warning = &mt('You may not specify an initial password for each user, as this is only available when new users use LON-CAPA internal authentication.').'\n'.
+ my $warning = &mt('You may not specify an initial password for each user, as this is only available when new users use LON-CAPA internal authentication.')."\n".
&mt('Your current role does not have rights to create users with that authentication type.');
+ &js_escape(\$warning);
$auth_update = <<"END";
// Currently the initial password field is only supported for internal auth
// (see bug 6368).
@@ -781,6 +943,7 @@ sub upload_manager_javascript_reverse_as
if (!$can_assign->{'int'}) {
my $warning = &mt('You may not specify an initial password, as this is only available when new users use LON-CAPA internal authentication.\n').
&mt('Your current role does not have rights to create users with that authentication type.');
+ &js_escape(\$warning);
$auth_update = <<"END";
// Currently the initial password field is only supported for internal auth
// (see bug 6368).
@@ -878,6 +1041,7 @@ sub print_upload_manager_footer {
my $krbform = &Apache::loncommon::authform_kerberos(%param);
my $intform = &Apache::loncommon::authform_internal(%param);
my $locform = &Apache::loncommon::authform_local(%param);
+ my $ltiform = &Apache::loncommon::authform_lti(%param);
my $date_table = &date_setting_table(undef,undef,$context,undef,
$formname,$permission,$crstype);
@@ -906,7 +1070,7 @@ sub print_upload_manager_footer {
&Apache::loncommon::help_open_topic('Auth_Options').
"
\n";
}
- $Str .= &set_login($defdom,$krbform,$intform,$locform);
+ $Str .= &set_login($defdom,$krbform,$intform,$locform,$ltiform);
my ($home_server_pick,$numlib) =
&Apache::loncommon::home_server_form_item($defdom,'lcserver',
@@ -923,8 +1087,14 @@ sub print_upload_manager_footer {
&Apache::lonhtmlcommon::row_closure();
}
+ my ($trusted,$untrusted);
+ if ($context eq 'course') {
+ ($trusted,$untrusted) = &Apache::lonnet::trusted_domains('enroll',$defdom);
+ } elsif ($context eq 'author') {
+ ($trusted,$untrusted) = &Apache::lonnet::trusted_domains('othcoau',$defdom);
+ }
$Str .= &Apache::lonhtmlcommon::row_title(&mt('Default domain'))
- .&Apache::loncommon::select_dom_form($defdom,'defaultdomain',undef,1)
+ .&Apache::loncommon::select_dom_form($defdom,'defaultdomain',undef,1,undef,$trusted,$untrusted)
.&Apache::lonhtmlcommon::row_closure();
$Str .= &Apache::lonhtmlcommon::row_title(&mt('Starting and Ending Dates'))
@@ -1013,7 +1183,9 @@ sub print_upload_manager_footer {
.&Apache::lonhtmlcommon::row_closure();
}
if ($context eq 'course' || $context eq 'domain') {
- $Str .= &forceid_change($context);
+ $Str .= &Apache::lonhtmlcommon::row_title(&mt('Student/Employee ID'))
+ .&forceid_change($context)
+ .&Apache::lonhtmlcommon::row_closure(1); # last row in pick_box
}
$Str .= &Apache::lonhtmlcommon::end_pick_box();
@@ -1047,10 +1219,12 @@ sub get_defaultcredits {
return unless(($cdom =~ /^$match_domain$/) && ($cnum =~ /^$match_courseid$/));
my ($defaultcredits,$domdefcredits);
my %domdefaults = &Apache::lonnet::get_domain_defaults($cdom);
- if ($domdefaults{'officialcredits'} || $domdefaults{'unofficialcredits'}) {
+ if ($domdefaults{'officialcredits'} || $domdefaults{'unofficialcredits'} || $domdefaults{'textbookcredits'}) {
my $instcode = $env{'course.'.$cdom.'_'.$cnum.'.internal.coursecode'};
if ($instcode) {
$domdefcredits = $domdefaults{'officialcredits'};
+ } elsif ($env{'course.'.$cdom.'_'.$cnum.'.internal.textbook'}) {
+ $domdefcredits = $domdefaults{'textbookcredits'};
} else {
$domdefcredits = $domdefaults{'unofficialcredits'};
}
@@ -1076,18 +1250,15 @@ sub get_defaultcredits {
sub forceid_change {
my ($context) = @_;
my $output =
- &Apache::lonhtmlcommon::row_title(&mt('Student/Employee ID'))
- .' '."\n"
- .&mt('(only do if you know what you are doing.)')."\n";
+ ''.&Apache::loncommon::help_open_topic('ForceIDChange')."\n";
if ($context eq 'domain') {
- $output .= ' '."\n";
+ $output .=
+ ' '
+ .''."\n";
}
- $output .= &Apache::lonhtmlcommon::row_closure(1); # last row in pick_box
return $output;
}
@@ -1100,8 +1271,15 @@ sub print_upload_manager_form {
if (!$env{'form.datatoken'}) {
$datatoken=&Apache::loncommon::upfile_store($r);
} else {
- $datatoken=$env{'form.datatoken'};
- &Apache::loncommon::load_tmp_file($r);
+ $datatoken=&Apache::loncommon::valid_datatoken($env{'form.datatoken'});
+ if ($datatoken ne '') {
+ &Apache::loncommon::load_tmp_file($r,$datatoken);
+ }
+ }
+ if ($datatoken eq '') {
+ $r->print('
'.&mt('Error').': '.
+ &mt('Invalid datatoken').'
');
+ return 'missingdata';
}
my @records=&Apache::loncommon::upfile_record_sep();
if($env{'form.noFirstLine'}){
@@ -1185,6 +1363,7 @@ sub print_upload_manager_form {
}
&print_upload_manager_footer($r,$i,$keyfields,$defdom,$today,$halfyear,
$context,$permission,$crstype,$showcredits);
+ return 'ok';
}
sub setup_date_selectors {
@@ -1392,9 +1571,9 @@ sub default_role_selector {
&default_course_roles($context,$checkpriv,'Course',%customroles)."\n".
'
'.
'
'.
- '
'.
+ '
'.
$lt{'exs'}.'
'.
'
'.
'
'.$lt{'new'}.' '.
@@ -1526,10 +1705,10 @@ sub curr_role_permissions {
# ======================================================= Existing Custom Roles
sub my_custom_roles {
- my ($crstype) = @_;
+ my ($crstype,$udom,$uname) = @_;
my %returnhash=();
my $extra = &Apache::lonnet::freeze_escape({'skipcheck' => 1});
- my %rolehash=&Apache::lonnet::dump('roles');
+ my %rolehash=&Apache::lonnet::dump('roles',$udom,$uname);
foreach my $key (keys(%rolehash)) {
if ($key=~/^rolesdef\_(\w+)$/) {
if ($crstype eq 'Community') {
@@ -2258,7 +2437,6 @@ sub build_user_record {
sub courses_selector {
my ($cdom,$formname) = @_;
- my %coursecodes = ();
my %codes = ();
my @codetitles = ();
my %cat_titles = ();
@@ -2271,14 +2449,15 @@ sub courses_selector {
my $jscript = '';
my $totcodes = 0;
- $totcodes =
- &Apache::courseclassifier::retrieve_instcodes(\%coursecodes,
- $cdom,$totcodes);
- if ($totcodes > 0) {
- $format_reply =
- &Apache::lonnet::auto_instcode_format($caller,$cdom,\%coursecodes,
- \%codes,\@codetitles,\%cat_titles,\%cat_order);
- if ($format_reply eq 'ok') {
+ my $instcats = &Apache::lonnet::get_dom_instcats($cdom);
+ if (ref($instcats) eq 'HASH') {
+ if ((ref($instcats->{'codetitles'}) eq 'ARRAY') && (ref($instcats->{'codes'}) eq 'HASH') &&
+ (ref($instcats->{'cat_titles'}) eq 'HASH') && (ref($instcats->{'cat_order'}) eq 'HASH')) {
+ %codes = %{$instcats->{'codes'}};
+ @codetitles = @{$instcats->{'codetitles'}};
+ %cat_titles = %{$instcats->{'cat_titles'}};
+ %cat_order = %{$instcats->{'cat_order'}};
+ $totcodes = scalar(keys(%codes));
my $numtypes = @codetitles;
&Apache::courseclassifier::build_code_selections(\%codes,\@codetitles,\%cat_titles,\%cat_order,\%idlist,\%idnums,\%idlist_titles);
my ($scripttext,$longtitles) = &Apache::courseclassifier::javascript_definitions(\@codetitles,\%idlist,\%idlist_titles,\%idnums,\%cat_titles);
@@ -2286,7 +2465,7 @@ sub courses_selector {
my $allidlist = $idlist{$codetitles[0]};
$jscript .= &Apache::courseclassifier::courseset_js_start($formname,$longtitles_str,$allidlist);
$jscript .= $scripttext;
- $jscript .= &Apache::courseclassifier::javascript_code_selections($formname,@codetitles);
+ $jscript .= &Apache::courseclassifier::javascript_code_selections($formname,\@codetitles);
}
}
my $cb_jscript = &Apache::loncommon::coursebrowser_javascript($cdom);
@@ -2315,7 +2494,8 @@ function setCourseCat(formname) {
}
courseSet('$codetitles[1]');
for (var j=0; j{'photo'} = &Apache::loncoursedata::CL_PHOTO();
$index->{'thumbnail'} = &Apache::loncoursedata::CL_THUMBNAIL();
$index->{'credits'} = &Apache::loncoursedata::CL_CREDITS();
+ $index->{'instsec'} = &Apache::loncoursedata::CL_INSTSEC();
$index->{'authorquota'} = &Apache::loncoursedata::CL_AUTHORQUOTA();
$index->{'authorusage'} = &Apache::loncoursedata::CL_AUTHORUSAGE();
foreach my $key (keys(%{$index})) {
@@ -2541,14 +2722,22 @@ $verify_action_js
function username_display_launch(username,domain) {
var target;
- for (var i=0; i "Open in a new window",
'modify' => "Modify a user's information",
'track' => "View a user's recent activity",
+ 'activity' => "View a user's access log",
);
my %lt = (%coltxt,%acttxt);
my $rolefilter = $env{'form.showrole'};
@@ -2693,12 +2883,17 @@ END
if ($permission->{'cusr'}) {
unshift (@linkdests,'modify');
}
- if (&Apache::lonnet::allowed('vsa', $env{'request.course.id'}) ||
- &Apache::lonnet::allowed('vsa', $env{'request.course.id'}.'/'.
- $env{'request.course.sec'})) {
- push(@linkdests,'track');
+ if ($context eq 'course') {
+ if (&Apache::lonnet::allowed('vsa', $env{'request.course.id'}) ||
+ &Apache::lonnet::allowed('vsa', $env{'request.course.id'}.'/'.
+ $env{'request.course.sec'})) {
+ push(@linkdests,'track');
+ }
+ } elsif ($context eq 'domain') {
+ if (&Apache::lonnet::allowed('vac',$env{'request.role.domain'})) {
+ push(@linkdests,'activity');
+ }
}
-
$output .= '
';
my $usernamelink = $env{'form.usernamelink'};
if ($usernamelink eq '') {
@@ -2721,7 +2916,7 @@ END
.''.$lt{'owin'}
.'
';
}
- $output .= "\n".' '."\n".
+ $output .= "\n".''."\n".
&Apache::loncommon::start_data_table().
&Apache::loncommon::start_data_table_header_row();
if ($mode eq 'autoenroll') {
@@ -2967,6 +3162,12 @@ END
} (keys(%$userlist));
}
my $rowcount = 0;
+ my $disabled;
+ if ($mode eq 'autoenroll') {
+ unless ($permission->{'cusr'}) {
+ $disabled = ' disabled="disabled"';
+ }
+ }
foreach my $user (@sorted_users) {
my %in;
my $sdata = $userlist->{$user};
@@ -3003,16 +3204,16 @@ END
if ($mode eq 'autoenroll') {
my $cellentry;
if ($in{'type'} eq 'auto') {
- $cellentry = ''.&mt('auto').' ';
+ $cellentry = ''.&mt('auto').' ';
$autocount ++;
} else {
- $cellentry = '
'.&mt('[_1]Your CSV file[_2] is ready for download.', '','')."
\n");
$r->rflush();
}
if ($mode eq 'autoenroll') {
@@ -3172,6 +3379,10 @@ sub bulkaction_javascript {
my $noaction = &mt("You need to select an action to take for the user(s) you have selected");
my $singconfirm = &mt(' for a single user?');
my $multconfirm = &mt(' for multiple users?');
+ &js_escape(\$alert);
+ &js_escape(\$noaction);
+ &js_escape(\$singconfirm);
+ &js_escape(\$multconfirm);
my $output = <<"ENDJS";
function verify_action (field) {
var numchecked = 0;
@@ -3838,7 +4049,6 @@ sub show_drop_list {
$check_uncheck_js
// ]]>
-
END
my ($indexhash,$keylist) = &make_keylist_array();
@@ -3875,6 +4085,7 @@ END
$classlist,$keylist,$cdom,$cnum);
my %lt=&Apache::lonlocal::texthash('usrn' => "username",
'dom' => "domain",
+ 'id' => "ID",
'sn' => "student name",
'mn' => "member name",
'sec' => "section",
@@ -3893,7 +4104,7 @@ END
';
@@ -4056,7 +4266,10 @@ sub print_first_users_upload_form {
# ================================================= Drop/Add from uploaded file
sub upfile_drop_add {
my ($r,$context,$permission,$showcredits) = @_;
- &Apache::loncommon::load_tmp_file($r);
+ my $datatoken = &Apache::loncommon::valid_datatoken($env{'form.datatoken'});
+ if ($datatoken ne '') {
+ &Apache::loncommon::load_tmp_file($r,$datatoken);
+ }
my @userdata=&Apache::loncommon::upfile_record_sep();
if($env{'form.noFirstLine'}){shift(@userdata);}
my @keyfields = split(/\,/,$env{'form.keyfields'});
@@ -4070,10 +4283,6 @@ sub upfile_drop_add {
$fields{$env{'form.f'.$i}}=$keyfields[$i];
}
}
- if ($env{'form.fullup'} ne 'yes') {
- $r->print(''."\n");
+ $r->print('
'.
+ &mt('There are no students with current/future access to the course.').
+ '
'."\n");
} elsif (ref($classlist) eq 'HASH') {
# Remove the students we just added from the list of students.
foreach my $line (@userdata) {
@@ -4701,9 +5127,7 @@ sub upfile_drop_add {
}
}
} # end of unless
- if ($env{'form.fullup'} ne 'yes') {
- $r->print('');
- }
+ return 'ok';
}
sub print_namespacing_alerts {
@@ -4746,15 +5170,48 @@ sub print_namespacing_alerts {
}
}
+sub passwdrule_alerts {
+ my ($domain,$passwdrules) = @_;
+ my $warning;
+ if (ref($passwdrules) eq 'HASH') {
+ my %showrules = %{$passwdrules};
+ if (keys(%showrules)) {
+ my %passwdconf = &Apache::lonnet::get_passwdconf($domain);
+ $warning = ''.&mt('Password requirement(s) unmet for one or more users:').'