--- loncom/interface/lonuserutils.pm 2019/05/06 19:28:17 1.199
+++ loncom/interface/lonuserutils.pm 2019/08/25 02:42:56 1.202
@@ -1,7 +1,7 @@
# The LearningOnline Network with CAPA
# Utility functions for managing LON-CAPA user accounts
#
-# $Id: lonuserutils.pm,v 1.199 2019/05/06 19:28:17 raeburn Exp $
+# $Id: lonuserutils.pm,v 1.202 2019/08/25 02:42:56 raeburn Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -656,9 +656,14 @@ sub passwd_validation_js {
my %passwdconf = &Apache::lonnet::get_passwdconf($domain);
my ($min,$max,@chars,$numrules,$intargjs,%alert);
$numrules = 0;
+ $min = $Apache::lonnet::passwdmin;
if (ref($passwdconf{'chars'}) eq 'ARRAY') {
if ($passwdconf{'min'} =~ /^\d+$/) {
- $min = $passwdconf{'min'};
+ if ($passwdconf{'min'} > $min) {
+ $min = $passwdconf{'min'};
+ $numrules ++;
+ }
+ } else {
$numrules ++;
}
if ($passwdconf{'max'} =~ /^\d+$/) {
@@ -670,10 +675,9 @@ sub passwd_validation_js {
$numrules ++;
}
} else {
- $min = 7;
$numrules ++;
}
- if (($min ne '') || ($max ne '') || (@chars > 0)) {
+ if (($min > 0) || ($max ne '') || (@chars > 0)) {
my $alertmsg = &mt('Initial password did not satisfy requirement(s):').'\n\n';
if ($min) {
$alert{'min'} = &mt('minimum [quant,_1,character]',$min).'\n';
@@ -750,7 +754,7 @@ sub passwd_validation_js {
}
if ($rules{'spec'}) {
$intargjs .= q|
- var specRegExp = /[!"#$%&'()*+,\-.\/:;<=>?@[\\\]^_`{\|}~]/;
+ var specRegExp = /[!"#$%&'()*+,\-.\/:;<=>?@[\\^\]_`{\|}~]/;
if (!specRegExp.test(currpwval)) {
brokerules.push('spec');
}
@@ -2433,7 +2437,6 @@ sub build_user_record {
sub courses_selector {
my ($cdom,$formname) = @_;
- my %coursecodes = ();
my %codes = ();
my @codetitles = ();
my %cat_titles = ();
@@ -2446,14 +2449,15 @@ sub courses_selector {
my $jscript = '';
my $totcodes = 0;
- $totcodes =
- &Apache::courseclassifier::retrieve_instcodes(\%coursecodes,
- $cdom,$totcodes);
- if ($totcodes > 0) {
- $format_reply =
- &Apache::lonnet::auto_instcode_format($caller,$cdom,\%coursecodes,
- \%codes,\@codetitles,\%cat_titles,\%cat_order);
- if ($format_reply eq 'ok') {
+ my $instcats = &Apache::lonnet::get_dom_instcats($cdom);
+ if (ref($instcats) eq 'HASH') {
+ if ((ref($instcats->{'codetitles'}) eq 'ARRAY') && (ref($instcats->{'codes'}) eq 'HASH') &&
+ (ref($instcats->{'cat_titles'}) eq 'HASH') && (ref($instcats->{'cat_order'}) eq 'HASH')) {
+ %codes = %{$instcats->{'codes'}};
+ @codetitles = @{$instcats->{'codetitles'}};
+ %cat_titles = %{$instcats->{'cat_titles'}};
+ %cat_order = %{$instcats->{'cat_order'}};
+ $totcodes = scalar(keys(%codes));
my $numtypes = @codetitles;
&Apache::courseclassifier::build_code_selections(\%codes,\@codetitles,\%cat_titles,\%cat_order,\%idlist,\%idnums,\%idlist_titles);
my ($scripttext,$longtitles) = &Apache::courseclassifier::javascript_definitions(\@codetitles,\%idlist,\%idlist_titles,\%idnums,\%cat_titles);
@@ -4377,6 +4381,7 @@ sub upfile_drop_add {
}
my $amode = '';
my $genpwd = '';
+ my @genpwdfail;
if ($env{'form.login'} eq 'krb') {
$amode='krb';
$amode.=$env{'form.krbver'};
@@ -4385,6 +4390,8 @@ sub upfile_drop_add {
$amode='internal';
if ((defined($env{'form.intarg'})) && ($env{'form.intarg'})) {
$genpwd=$env{'form.intarg'};
+ @genpwdfail =
+ &Apache::loncommon::check_passwd_rules($domain,$genpwd);
}
} elsif ($env{'form.login'} eq 'loc') {
$amode='localauth';
@@ -4465,7 +4472,6 @@ sub upfile_drop_add {
\@statuses,\@poss_roles);
&gather_userinfo($context,'view',\%userlist,$indexhash,\%info,
\%cstr_roles,$permission);
-
}
}
}
@@ -4543,7 +4549,8 @@ sub upfile_drop_add {
my $newuserdom = $env{'request.role.domain'};
map { $cancreate{$_} = &can_create_user($newuserdom,$context,$_); } keys(%longtypes);
# Get new users list
- my (%existinguser,%userinfo,%disallow,%rulematch,%inst_results,%alerts,%checkuname);
+ my (%existinguser,%userinfo,%disallow,%rulematch,%inst_results,%alerts,%checkuname,
+ %showpasswdrules,$haspasswdmap);
my $counter = -1;
my (%willtrust,%trustchecked);
foreach my $line (@userdata) {
@@ -4694,12 +4701,44 @@ sub upfile_drop_add {
}
}
# determine user password
- my $password = $genpwd;
+ my $password;
+ my $passwdfromfile;
if (defined($fields{'ipwd'})) {
if ($entries{$fields{'ipwd'}}) {
$password=$entries{$fields{'ipwd'}};
+ $passwdfromfile = 1;
+ if ($env{'form.login'} eq 'int') {
+ my $uhome=&Apache::lonnet::homeserver($username,$userdomain);
+ if (($uhome eq 'no_host') || ($changeauth)) {
+ my @brokepwdrules =
+ &Apache::loncommon::check_passwd_rules($domain,$password);
+ if (@brokepwdrules) {
+ $disallow{$counter} = &mt('[_1]: Password included in file for this user did not meet requirements.',
+ '<b>'.$username.'</b>');
+ map { $showpasswdrules{$_} = 1; } @brokepwdrules;
+ next;
+ }
+ }
+ }
}
}
+ unless ($passwdfromfile) {
+ if ($env{'form.login'} eq 'int') {
+ if (@genpwdfail) {
+ my $uhome=&Apache::lonnet::homeserver($username,$userdomain);
+ if (($uhome eq 'no_host') || ($changeauth)) {
+ $disallow{$counter} = &mt('[_1]: No specific password in file for this user; default password did not meet requirements',
+ '<b>'.$username.'</b>');
+ unless ($haspasswdmap) {
+ map { $showpasswdrules{$_} = 1; } @genpwdfail;
+ $haspasswdmap = 1;
+ }
+ }
+ next;
+ }
+ }
+ $password = $genpwd;
+ }
# determine user role
my $role = '';
if (defined($fields{'role'})) {
@@ -5061,6 +5100,7 @@ sub upfile_drop_add {
$counts{'auth'})."</p>\n");
}
$r->print(&print_namespacing_alerts($domain,\%alerts,\%curr_rules));
+ $r->print(&passwdrule_alerts($domain,\%showpasswdrules));
#####################################
# Display list of students to drop #
#####################################
@@ -5130,6 +5170,38 @@ sub print_namespacing_alerts {
}
}
+sub passwdrule_alerts {
+ my ($domain,$passwdrules) = @_;
+ my $warning;
+ if (ref($passwdrules) eq 'HASH') {
+ my %showrules = %{$passwdrules};
+ if (keys(%showrules)) {
+ my %passwdconf = &Apache::lonnet::get_passwdconf($domain);
+ $warning = '<b>'.&mt('Password requirement(s) unmet for one or more users:').'</b><ul>';
+ if ($showrules{'min'}) {
+ $warning .= '<li>'.&mt('minimum [quant,_1,character]',$passwdconf{'min'}).'</li>';
+ }
+ if ($showrules{'max'}) {
+ $warning .= '<li>'.&mt('maximum [quant,_1,character]',$passwdconf{'max'}).'</li>';
+ }
+ if ($showrules{'uc'}) {
+ $warning .= '<li>'.&mt('contain at least one upper case letter').'</li>';
+ }
+ if ($showrules{'lc'}) {
+ $warning .= '<li>'.&mt('contain at least one lower case letter').'</li>';
+ }
+ if ($showrules{'num'}) {
+ $warning .= '<li>'.&mt('contain at least one number').'</li>';
+ }
+ if ($showrules{'spec'}) {
+ $warning .= '<li>'.&mt('contain at least one non-alphanumeric').'</li>';
+ }
+ $warning .= '</ul>';
+ }
+ }
+ return $warning;
+}
+
sub user_change_result {
my ($r,$userresult,$authresult,$roleresult,$idresult,$counts,$flushc,
$username,$userdomain,$userchg) = @_;