--- loncom/interface/createaccount.pm 2009/03/12 14:13:34 1.31 +++ loncom/interface/createaccount.pm 2012/10/29 16:59:03 1.53 @@ -3,7 +3,7 @@ # institutional log-in ID (institutional authentication required - localauth # or kerberos) or an e-mail address. # -# $Id: createaccount.pm,v 1.31 2009/03/12 14:13:34 bisitz Exp $ +# $Id: createaccount.pm,v 1.53 2012/10/29 16:59:03 raeburn Exp $ # # Copyright Michigan State University Board of Trustees # @@ -39,12 +39,13 @@ use Apache::lonhtmlcommon; use Apache::lonlocal; use Apache::lonauth; use Apache::resetpw; -use Authen::Captcha; use DynaLoader; # for Crypt::DES version use Crypt::DES; use LONCAPA qw(:DEFAULT :match); use HTML::Entities; +#TODO this module needs documentation + sub handler { my $r = shift; &Apache::loncommon::content_type($r,'text/html'); @@ -65,14 +66,8 @@ sub handler { if ($sso_username ne '' && $sso_domain ne '') { $domain = $sso_domain; } else { - $domain = &Apache::lonnet::default_login_domain(); - if (defined($env{'form.courseid'})) { - if (&validate_course($env{'form.courseid'})) { - if ($env{'form.courseid'} =~ /^($match_domain)_($match_courseid)$/) { - $domain = $1; - } - } - } + ($domain, undef) = Apache::lonnet::is_course($env{'form.courseid'}); + $domain ||= &Apache::lonnet::default_login_domain(); } my $domdesc = &Apache::lonnet::domain($domain,'description'); my $contact_name = &mt('LON-CAPA helpdesk'); @@ -92,15 +87,13 @@ sub handler { my $end_page = &Apache::loncommon::end_page(); $r->print($start_page."\n".'

'.&mt('You are already logged in').'

'. - '

'.&mt('Please either [_1]continue the current session[_2] or [_3]logout[_4].','','','',''). + '

'.&mt('Please either [_1]continue the current session[_2] or [_3]log out[_4].','','','',''). '

'.&mt('Login problems?').'

'.$end_page); return OK; } my ($js,$courseid,$title); - if (defined($env{'form.courseid'})) { - $courseid = &validate_course($env{'form.courseid'}); - } + $courseid = Apache::lonnet::is_course($env{'form.courseid'}); if ($courseid ne '') { $js = &catreturn_js(); $title = 'Self-enroll in a LON-CAPA course'; @@ -112,41 +105,34 @@ sub handler { if ($env{'form.udom'} ne '') { $domain = $env{'form.udom'}; } + + my %domconfig = + &Apache::lonnet::get_dom('configuration',['usercreation'],$domain); + my ($cancreate,$statustocreate) = + &get_creation_controls($domain,$domconfig{'usercreation'}); + my ($result,$output) = &username_validation($r,$env{'form.uname'},$domain,$domdesc, $contact_name,$contact_email,$courseid, - $lonhost); + $lonhost,$statustocreate); if ($result eq 'existingaccount') { $r->print($output); &print_footer($r); return OK; } else { - $start_page = - &Apache::loncommon::start_page($title,$js, - {'no_inline_link' => 1,}); + $start_page = &Apache::loncommon::start_page($title,$js); &print_header($r,$start_page,$courseid); $r->print($output); &print_footer($r); return OK; } } - $start_page = - &Apache::loncommon::start_page($title,$js, - {'no_inline_link' => 1,}); - my @cancreate; - my %domconfig = &Apache::lonnet::get_dom('configuration',['usercreation'],$domain); - if (ref($domconfig{'usercreation'}) eq 'HASH') { - if (ref($domconfig{'usercreation'}{'cancreate'}) eq 'HASH') { - if (ref($domconfig{'usercreation'}{'cancreate'}{'selfcreate'}) eq 'ARRAY') { - @cancreate = @{$domconfig{'usercreation'}{'cancreate'}{'selfcreate'}}; - } elsif (($domconfig{'usercreation'}{'cancreate'}{'selfcreate'} ne 'none') && - ($domconfig{'usercreation'}{'cancreate'}{'selfcreate'} ne '')) { - @cancreate = ($domconfig{'usercreation'}{'cancreate'}{'selfcreate'}); - } - } - } + $start_page = &Apache::loncommon::start_page($title,$js); - if (@cancreate == 0) { + my %domconfig = + &Apache::lonnet::get_dom('configuration',['usercreation'],$domain); + my ($cancreate,$statustocreate) = &get_creation_controls($domain,$domconfig{'usercreation'}); + if (@{$cancreate} == 0) { &print_header($r,$start_page,$courseid); my $output = '

'.&mt('Account creation unavailable').'

'. ''. @@ -160,12 +146,13 @@ sub handler { &print_header($r,$start_page,$courseid); my ($msg,$sso_logout); $sso_logout = &sso_logout_frag($r,$domain); - if (grep(/^sso$/,@cancreate)) { + if (grep(/^sso$/,@{$cancreate})) { $msg = '

'.&mt('Account creation').'

'. &mt("Although your username and password were authenticated by your institution's Single Sign On system, you do not currently have a LON-CAPA account at this institution.").'
'; $msg .= &username_check($sso_username,$domain,$domdesc,$courseid, - $lonhost,$contact_email,$contact_name,$sso_logout); + $lonhost,$contact_email,$contact_name, + $sso_logout,$statustocreate); } else { $msg = '

'.&mt('Account creation unavailable').'

'. ''.&mt("Although your username and password were authenticated by your institution's Single Sign On system, you do not currently have a LON-CAPA account at this institution, and you are not permitted to create one.").'

'.&mt('Please contact the [_1] ([_2]) for assistance.',$contact_name,$contact_email).'
'. @@ -201,7 +188,7 @@ sub handler { if ($env{'form.phase'} eq 'username_activation') { (my $result,$output,$nostart) = &username_activation($r,$env{'form.uname'},$domain,$domdesc, - $lonhost,$courseid); + $courseid); if ($result eq 'ok') { if ($nostart) { return OK; @@ -215,7 +202,7 @@ sub handler { (my $result,$output) = &username_validation($r,$env{'form.uname'},$domain,$domdesc, $contact_name,$contact_email,$courseid, - $lonhost); + $lonhost,$statustocreate); if ($result eq 'existingaccount') { $r->print($output); &print_footer($r); @@ -226,21 +213,21 @@ sub handler { } elsif ($env{'form.create_with_email'}) { &print_header($r,$start_page,$courseid); $output = &process_email_request($env{'form.useremail'},$domain,$domdesc, - $contact_name,$contact_email,\@cancreate, + $contact_name,$contact_email,$cancreate, $lonhost,$domconfig{'usercreation'}, $courseid); } elsif (!$token) { &print_header($r,$start_page,$courseid); my $now=time; - if (grep(/^login$/,@cancreate)) { + if (grep(/^login$/,@{$cancreate})) { my $jsh=Apache::File->new($include."/londes.js"); $r->print(<$jsh>); $r->print(&javascript_setforms($now)); } - if (grep(/^email$/,@cancreate)) { + if (grep(/^email$/,@{$cancreate})) { $r->print(&javascript_validmail()); } - $output = &print_username_form($domain,$domdesc,\@cancreate,$now,$lonhost, + $output = &print_username_form($domain,$domdesc,$cancreate,$now,$lonhost, $courseid); } $r->print($output); @@ -280,7 +267,7 @@ sub selfenroll_crumbs { my ($r,$courseid,$desc) = @_; &Apache::lonhtmlcommon::add_breadcrumb ({href=>"javascript:ToCatalog('backupcrumbs','')", - text=>"Course Catalog"}); + text=>"Course/Community Catalog"}); if ($env{'form.coursenum'} ne '') { &Apache::lonhtmlcommon::add_breadcrumb ({href=>"javascript:ToCatalog('backupcrumbs','details')", @@ -288,7 +275,7 @@ sub selfenroll_crumbs { } my $last_crumb; if ($desc ne '') { - $last_crumb = &mt('Self-enroll in [_1]',''.$desc.''); + $last_crumb = &mt('Self-enroll in [_1]',"$desc"); } else { $last_crumb = &mt('Self-enroll'); } @@ -299,23 +286,13 @@ sub selfenroll_crumbs { return; } -sub validate_course { - my ($courseid) = @_; - my ($cdom,$cnum) = ($courseid =~ /^($match_domain)_($match_courseid)$/); - if (($cdom ne '') && ($cnum ne '')) { - if (&Apache::lonnet::is_course($cdom,$cnum)) { - return ($courseid); - } - } - return; -} - sub javascript_setforms { my ($now) = @_; my $js = < + ENDSCRIPT @@ -404,8 +381,14 @@ sub print_username_form { } if (grep(/^email$/,@{$cancreate})) { $output .= '

'.&mt('Create account with an e-mail address as your username').'

'; - my $captchaform = &create_captcha(); - if ($captchaform) { + my ($captchaform,$error) = &Apache::loncommon::captcha_display('usercreation',$lonhost); + if ($error) { + my $helpdesk = '/adm/helpdesk?origurl=%2fadm%2fcreateaccount'; + if ($courseid ne '') { + $helpdesk .= '&courseid='.$courseid; + } + $output .= ''.&mt('An error occurred generating the validation code[_1] required for an e-mail address to be used as username.','
').'


'.&mt('[_1]Contact the helpdesk[_2] or [_3]reload[_2] the page and try again.','','',''); + } else { my $submit_text = &mt('Request LON-CAPA account'); my $emailform = ''; if (grep(/^login$/,@{$cancreate})) { @@ -413,19 +396,23 @@ sub print_username_form { } else { $output .= '
'; } - $output .= '
'. + $output .= ''. &Apache::lonhtmlcommon::start_pick_box()."\n". &Apache::lonhtmlcommon::row_title(&mt('E-mail address'), - 'LC_pick_box_title')."\n". - $emailform."\n". - &Apache::lonhtmlcommon::row_closure(1). - &Apache::lonhtmlcommon::row_title(&mt('Validation'), - 'LC_pick_box_title')."\n". - $captchaform."\n".'

'; + 'LC_pick_box_title')."\n". + $emailform."\n"; + if ($captchaform) { + $output .= &Apache::lonhtmlcommon::row_closure(1). + &Apache::lonhtmlcommon::row_title(&mt('Validation'), + 'LC_pick_box_title')."\n". + $captchaform."\n".'

'; + } if ($courseid ne '') { $output .= ''."\n"; } - $output .= ''. &Apache::lonhtmlcommon::row_closure(1). &Apache::lonhtmlcommon::end_pick_box().'

'; @@ -433,12 +420,6 @@ sub print_username_form { $output .= &Apache::lonhtmlcommon::echo_form_input(['courseid']); } $output .= '
'; - } else { - my $helpdesk = '/adm/helpdesk?origurl=%2fadm%2fcreateaccount'; - if ($courseid ne '') { - $helpdesk .= '&courseid='.$courseid; - } - $output .= ''.&mt('An error occurred generating the validation code[_1] required for an e-mail address to be used as username.','
').'


'.&mt('[_1]Contact the helpdesk[_2] or [_3]reload[_2] the page and try again.','
','',''); } $output .= '
'; } @@ -460,14 +441,14 @@ sub login_box { ); my ($lkey,$ukey) = &Apache::lonpreferences::des_keys(); my ($lextkey,$uextkey) = &getkeys($lkey,$ukey); - my $logtoken=Apache::lonnet::reply('tmpput:'.$ukey.$lkey.'&createaccount', + my $logtoken=Apache::lonnet::reply('tmpput:'.$ukey.$lkey.'&createaccount:createaccount', $lonhost); $output = &serverform($logtoken,$lonhost,undef,$courseid,$context); - my $unameform = ''; - my $upassform = ''; - $output .= '
'."\n". - &Apache::lonhtmlcommon::start_pick_box()."\n"; - $output .= &Apache::lonhtmlcommon::row_title($titles{$context}, + my $unameform = ''; + my $upassform = ''; + $output .= ''."\n". + &Apache::lonhtmlcommon::start_pick_box()."\n". + &Apache::lonhtmlcommon::row_title($titles{$context}, 'LC_pick_box_title')."\n". $unameform."\n". &Apache::lonhtmlcommon::row_closure(1)."\n". @@ -475,25 +456,29 @@ sub login_box { 'LC_pick_box_title')."\n". $upassform; if ($context eq 'selfenroll') { - my $udomform = ''; $output .= &Apache::lonhtmlcommon::row_closure(1)."\n". &Apache::lonhtmlcommon::row_title(&mt('Domain'), 'LC_pick_box_title')."\n". $udomform."\n"; + } else { + $output .= ''; } - - $output .= &Apache::lonhtmlcommon::row_closure(0). + $output .= &Apache::lonhtmlcommon::row_closure(1). &Apache::lonhtmlcommon::row_title(). - ''."\n". - &Apache::lonhtmlcommon::row_closure(1)."\n". - &Apache::lonhtmlcommon::end_pick_box(); - $output .= '

'. - ''.&mt('Forgot password?').''. - '

'."\n"; - $output .= ''."\n". - ''."\n". + '
'."\n"; + if ($context eq 'selfenroll') { + $output .= '

'. + ''. + ''.&mt('Forgot password?').''. + '
'."\n"; + } + $output .= &Apache::lonhtmlcommon::row_closure(1)."\n". + &Apache::lonhtmlcommon::end_pick_box().'
'."\n"; + $output .= ''."\n". + ''."\n". '
'; return $output; } @@ -519,30 +504,17 @@ sub process_email_request { $contact_name,$contact_email); return $output; } else { - my $code = $env{'form.code'}; - my $md5sum = $env{'form.crypt'}; - my %captcha_params = &captcha_settings(); - my $captcha = Authen::Captcha->new( - output_folder => $captcha_params{'output_dir'}, - data_folder => $captcha_params{'db_dir'}, - ); - my $captcha_chk = $captcha->check_code($code,$md5sum); - my %captcha_hash = ( - 0 => 'Code not checked (file error)', - -1 => 'Failed: code expired', - -2 => 'Failed: invalid code (not in database)', - -3 => 'Failed: invalid code (code does not match crypt)', - ); + my ($captcha_chk,$captcha_error) = &Apache::loncommon::captcha_response('usercreation',$server); if ($captcha_chk != 1) { $output = &invalid_state('captcha',$domdesc,$contact_name, - $contact_email,$captcha_hash{$captcha_chk}); + $contact_email,$captcha_error); return $output; } my $uhome=&Apache::lonnet::homeserver($useremail,$domain); if ($uhome eq 'no_host') { my (%rulematch,%inst_results,%curr_rules,%got_rules,%alerts); &call_rulecheck($useremail,$domain,\%alerts,\%rulematch, - \%inst_results,\%curr_rules,%got_rules,'username'); + \%inst_results,\%curr_rules,\%got_rules,'username'); if (ref($alerts{'username'}) eq 'HASH') { if (ref($alerts{'username'}{$domain}) eq 'HASH') { if ($alerts{'username'}{$domain}{$useremail}) { @@ -594,7 +566,7 @@ sub send_token { 'domain' => $domain, 'username' => $email, 'courseid' => $courseid); - my $token = &Apache::lonnet::tmpput(\%info,$server); + my $token = &Apache::lonnet::tmpput(\%info,$server,'createaccount'); if ($token !~ /^error/ && $token ne 'no_such_host') { my $esc_token = &escape($token); my $showtime = localtime(time); @@ -635,12 +607,12 @@ sub process_mailtoken { ($data{'username'} =~ /^[^\@]+\@[^\@]+\.[^\@\.]+$/)) { if ($now - $data{'time'} < 7200) { if ($env{'form.phase'} eq 'createaccount') { - my ($result,$output) = &create_account($r,$domain,$lonhost, - $data{'username'},$domdesc); + my ($result,$output,$uhome) = + &create_account($r,$domain,$data{'username'},$domdesc); if ($result eq 'ok') { $msg = $output; my $shownow = &Apache::lonlocal::locallocaltime($now); - my $mailmsg = &mt('A LON-CAPA account for the institution: [_1] has been created [_2] from IP address: [_3]. If you did not perform this action or authorize it, please contact the [_4] ([_5]).',$domdesc,$shownow,$ENV{'REMOTE_ADDR'},$contact_name,$contact_email)."\n"; + my $mailmsg = &mt('A LON-CAPA account for the institution: [_1] has been created [_2] from IP address: [_3]. If you did not perform this action or authorize it, please contact the [_4] ([_5]).',$domdesc,$shownow,$ENV{'REMOTE_ADDR'},$contact_name,$contact_email)."\n"; my $mailresult = &Apache::resetpw::send_mail($domdesc,$data{'email'}, $mailmsg,$contact_name, $contact_email); @@ -649,9 +621,8 @@ sub process_mailtoken { } else { $msg .= &mt('An error occurred when sending e-mail to [_1] confirming creation of your LON-CAPA account.',$data{'username'}); } - my %form = &start_session($r,$data{'username'},$domain, - $lonhost,$data{'courseid'}, - $token); + &start_session($r,$data{'username'},$domain,$uhome, + $data{'courseid'},$token); $nostart = 1; $noend = 1; } else { @@ -678,34 +649,31 @@ sub process_mailtoken { } sub start_session { - my ($r,$username,$domain,$lonhost,$courseid,$token) = @_; - my %form = ( - uname => $username, - udom => $domain, - ); - my $firsturl = '/adm/roles'; - if (defined($courseid)) { - $courseid = &validate_course($courseid); - if ($courseid ne '') { - $form{'courseid'} = $courseid; - $firsturl = '/adm/selfenroll?courseid='.$courseid; - } - } + my ($r,$username,$domain,$uhome,$courseid,$token) = @_; + if ($r->dir_config('lonBalancer') eq 'yes') { - &Apache::lonauth::success($r,$form{'uname'},$form{'udom'}, - $lonhost,'noredirect',undef,\%form); - if ($token ne '') { - my $delete = &Apache::lonnet::tmpdel($token); - } + Apache::lonauth::success($r, $username, $domain, $uhome, + 'noredirect', undef, {}); + + Apache::lonnet::tmpdel($token) if $token; + $r->internal_redirect('/adm/switchserver'); } else { - &Apache::lonauth::success($r,$form{'uname'},$form{'udom'}, - $lonhost,$firsturl,undef,\%form); + $courseid = Apache::lonnet::is_course($courseid); + + Apache::lonauth::success($r, $username, $domain, $uhome, + ($courseid ? "/adm/selfenroll?courseid=$courseid" : '/adm/roles'), + undef, {}); } - return %form; -} + return; +} +# +# The screen that the user gets to create his or her account +# Desired username, desired password, etc +# Stores token to store DES-key and stage during creation session +# sub print_dataentry_form { my ($r,$domain,$lonhost,$include,$mailtoken,$now,$username,$start_page) = @_; my ($error,$output); @@ -718,91 +686,122 @@ sub print_dataentry_form { $output .= &javascript_setforms($now)."\n".&javascript_checkpass($now); my ($lkey,$ukey) = &Apache::lonpreferences::des_keys(); my ($lextkey,$uextkey) = &getkeys($lkey,$ukey); - my $logtoken=Apache::lonnet::reply('tmpput:'.$ukey.$lkey.'&createaccount', + my $logtoken=Apache::lonnet::reply('tmpput:'.$ukey.$lkey.'&createaccount:createaccount', $lonhost); - my @userinfo = ('firstname','middlename','lastname','generation','id', - 'permanentemail'); - my %lt=&Apache::lonlocal::texthash( - 'pd' => "Personal Data", - 'firstname' => "First Name", - 'middlename' => "Middle Name", - 'lastname' => "Last Name", - 'generation' => "Generation", - 'permanentemail' => "Permanent e-mail address", - 'id' => "Student/Employee ID", - 'lg' => "Login Data" - ); - my %textboxsize = ( - firstname => '15', - middlename => '15', - lastname => '15', - generation => '5', - id => '15', - ); - my $genhelp=&Apache::loncommon::help_open_topic('Generation'); - $output .= '

'.$lt{'pd'}.'

'. - '
'. - &Apache::lonhtmlcommon::start_pick_box(); - foreach my $item (@userinfo) { - my $rowtitle = $lt{$item}; - if ($item eq 'generation') { - $rowtitle = $genhelp.$rowtitle; - } - $output .= &Apache::lonhtmlcommon::row_title($rowtitle,undef,'LC_oddrow_value')."\n"; - if ($item eq 'permanentemail') { - $output .= $username; - } else { - $output .= ''; - } - $output .= &Apache::lonhtmlcommon::row_closure(1); + my $formtag = ''; + my ($datatable,$rowcount) = + &Apache::loncreateuser::personal_data_display($username,$domain, + 'email','selfcreate'); + if ($rowcount) { + $output .= '
'.$formtag.$datatable; + } else { + $output .= $formtag; } - $output .= &Apache::lonhtmlcommon::end_pick_box(); $output .= <<"ENDSERVERFORM"; + -
+ ENDSERVERFORM + if ($rowcount) { + $output .= '
'. + '
'; + } my $upassone = ''; my $upasstwo = ''; my $submit_text = &mt('Create LON-CAPA account'); - $output .= '

'.$lt{'lg'}.'

'."\n". - '
'."\n". + $output .= '

'.&mt('Login Data').'

'."\n". + ''."\n". &Apache::lonhtmlcommon::start_pick_box()."\n". &Apache::lonhtmlcommon::row_title(&mt('Username'), - 'LC_pick_box_title')."\n". + 'LC_pick_box_title', + 'LC_oddrow_value')."\n". $username."\n". &Apache::lonhtmlcommon::row_closure(1)."\n". &Apache::lonhtmlcommon::row_title(&mt('Password'), - 'LC_pick_box_title')."\n". + 'LC_pick_box_title', + 'LC_oddrow_value')."\n". $upassone."\n". &Apache::lonhtmlcommon::row_closure(1)."\n". &Apache::lonhtmlcommon::row_title(&mt('Confirm password'), - 'LC_pick_box_title')."\n". - $upasstwo."\n". + 'LC_pick_box_title', + 'LC_oddrow_value')."\n". + $upasstwo. + &Apache::lonhtmlcommon::row_closure(1)."\n". + &Apache::lonhtmlcommon::row_title()."\n". + '
'. &Apache::lonhtmlcommon::row_closure(1)."\n". &Apache::lonhtmlcommon::end_pick_box()."\n". - ''."\n". - ''."\n". - ''."\n". - '
'."\n". - ''; + ''."\n". + ''."\n". + ''."\n". + ''."\n". + ''; + if ($rowcount) { + $output .= '
'."\n". + ''."\n"; + } } else { $output = &mt('Could not load javascript file [_1]','londes.js'); } return $output; } +# +# Retrieve rules for generating accounts from domain configuration +# Can the user make a new account or just self-enroll? + +sub get_creation_controls { + my ($domain,$usercreation) = @_; + my (@cancreate,@statustocreate); + if (ref($usercreation) eq 'HASH') { + if (ref($usercreation->{'cancreate'}) eq 'HASH') { + if (ref($usercreation->{'cancreate'}{'statustocreate'}) eq 'ARRAY') { + @statustocreate = @{$usercreation->{'cancreate'}{'statustocreate'}}; + if (@statustocreate == 0) { + my ($othertitle,$usertypes,$types) = + &Apache::loncommon::sorted_inst_types($domain); + if (ref($types) eq 'ARRAY') { + if (@{$types} == 0) { + @statustocreate = ('default'); + } + } else { + @statustocreate = ('default'); + } + } + } else { + @statustocreate = ('default'); + my ($othertitle,$usertypes,$types) = + &Apache::loncommon::sorted_inst_types($domain); + if (ref($types) eq 'ARRAY') { + push(@statustocreate,@{$types}); + } + } + if (ref($usercreation->{'cancreate'}{'selfcreate'}) eq 'ARRAY') { + @cancreate = @{$usercreation->{'cancreate'}{'selfcreate'}}; + } elsif (($usercreation->{'cancreate'}{'selfcreate'} ne 'none') && + ($usercreation->{'cancreate'}{'selfcreate'} ne '')) { + @cancreate = ($usercreation->{'cancreate'}{'selfcreate'}); + } + } + } + return (\@cancreate,\@statustocreate); +} + sub create_account { - my ($r,$domain,$lonhost,$username,$domdesc) = @_; + my ($r,$domain,$username,$domdesc) = @_; +# Get the token info my ($retrieved,$output,$upass) = &process_credentials($env{'form.logtoken'}, $env{'form.serverid'}); +# $retrieved is 'ok' if things worked +# $output is user error output +# $upass is the decrypted password # Error messages my $error = ''.&mt('Error:').' '; my $end = '

'; @@ -811,6 +810,7 @@ sub create_account { &Apache::loncommon::end_page(); if ($retrieved eq 'ok') { if ($env{'form.courseid'} ne '') { +# See if we are allowed to use this username per domain rules (number of characters, etc) my ($result,$userchkmsg) = &check_id($username,$domain,$domdesc); if ($result eq 'fail') { $output = $error.&mt('Invalid ID format').$end. @@ -821,22 +821,32 @@ sub create_account { } else { return ('fail',$error.$output.$end.$rtnlink); } - # Call modifyuser + # Yes! We can do this. Valid token, valid username format + # Create an internally authenticated account with password $upass + # if the account does not exist yet + # Assign student/staff number $env{'form.cid'}, first name, last name, etc my $result = &Apache::lonnet::modifyuser($domain,$username,$env{'form.cid'}, 'internal',$upass,$env{'form.cfirstname'}, $env{'form.cmiddlename'},$env{'form.clastname'}, $env{'form.cgeneration'},undef,undef,$username); $output = &mt('Generating user: [_1]',$result); + # Now that the user exists, we can have a homeserver my $uhome = &Apache::lonnet::homeserver($username,$domain); $output .= '
'.&mt('Home server: [_1]',$uhome).' '. &Apache::lonnet::hostname($uhome).'

'; - return ('ok',$output); + return ('ok',$output,$uhome); } sub username_validation { my ($r,$username,$domain,$domdesc,$contact_name,$contact_email,$courseid, - $lonhost) = @_; + $lonhost,$statustocreate) = @_; +# $username,$domain: for the user who needs to be validated +# $domdesc: full name of the domain (for error messages) +# $contact_name, $contact_email: name and email for user assistance (for error messages in &username_check +# $courseid: ID of the course that the user should be validated for, goes into start_session +# $statustocreate: -> inststatus in username_check ('faculty', 'staff', 'student', ...) + my ($retrieved,$output,$upass); $username= &LONCAPA::clean_username($username); @@ -851,7 +861,7 @@ sub username_validation { if ($uhome ne 'no_host') { my $result = &Apache::lonnet::authenticate($username,$upass,$domain); if ($result ne 'no_host') { - my %form = &start_session($r,$username,$domain,$lonhost,$courseid); + &start_session($r,$username,$domain,$uhome,$courseid); $output = '

'.&mt('A LON-CAPA account already exists for username [_1] at this institution ([_2]).',''.$username.'',$domdesc).'
'.&mt('The password entered was also correct so you have been logged in.'); return ('existingaccount',$output); } else { @@ -870,7 +880,8 @@ sub username_validation { } if ($authok eq 'authorized') { $output = &username_check($username,$domain,$domdesc,$courseid,$lonhost, - $contact_email,$contact_name); + $contact_email,$contact_name,undef, + $statustocreate); } else { $output = &login_failure_msg($courseid); } @@ -895,12 +906,12 @@ sub login_failure_msg { } sub username_check { - my ($username,$domain,$domdesc,$courseid,$lonhost,$contact_email,$contact_name, - $sso_logout) = @_; + my ($username,$domain,$domdesc,$courseid,$lonhost,$contact_email, + $contact_name,$sso_logout,$statustocreate) = @_; my (%rulematch,%inst_results,$checkfail,$rowcount,$editable,$output,$msg, %alerts,%curr_rules,%got_rules); &call_rulecheck($username,$domain,\%alerts,\%rulematch, - \%inst_results,\%curr_rules,%got_rules,'username'); + \%inst_results,\%curr_rules,\%got_rules,'username'); if (ref($alerts{'username'}) eq 'HASH') { if (ref($alerts{'username'}{$domain}) eq 'HASH') { if ($alerts{'username'}{$domain}{$username}) { @@ -916,6 +927,21 @@ sub username_check { } } if (!$checkfail) { + if (ref($statustocreate) eq 'ARRAY') { + $checkfail = 'inststatus'; + if (ref($inst_results{$username.':'.$domain}{inststatus}) eq 'ARRAY') { + foreach my $inststatus (@{$inst_results{$username.':'.$domain}{inststatus}}) { + if (grep(/^\Q$inststatus\E$/,@{$statustocreate})) { + undef($checkfail); + last; + } + } + } elsif (grep(/^default$/,@{$statustocreate})) { + undef($checkfail); + } + } + } + if (!$checkfail) { $output = '
'; (my $datatable,$rowcount,$editable) = &Apache::loncreateuser::personal_data_display($username,$domain,1,'selfcreate', @@ -931,7 +957,7 @@ sub username_check { 'time' => $now, 'domain' => $domain, 'username' => $username); - my $authtoken = &Apache::lonnet::tmpput(\%info,$lonhost); + my $authtoken = &Apache::lonnet::tmpput(\%info,$lonhost,'createaccount'); if ($authtoken !~ /^error/ && $authtoken ne 'no_such_host') { $output .= ''; } else { @@ -942,7 +968,7 @@ sub username_check { } } if ($checkfail) { - $msg = '

'.&mt('Account creation unavailable').'

'; + $msg = '

'.&mt('Account creation unavailable').'

'; if ($checkfail eq 'username') { $msg .= ''. &mt('A LON-CAPA account may not be created with the username you use.'). @@ -950,6 +976,10 @@ sub username_check { } elsif ($checkfail eq 'authtoken') { $msg .= ''.&mt('Error creating token.').''. '
'.$output; + } elsif ($checkfail eq 'inststatus') { + $msg .= ''. + &mt('You are not permitted to create a LON-CAPA account.'). + '

'.$output; } $msg .= &mt('Please contact the [_1] ([_2]) for assistance.', $contact_name,$contact_email).'

'. @@ -964,7 +994,7 @@ sub username_check { if ($rowcount) { if ($editable) { if ($courseid ne '') { - $msg = '

'.&mt('User information').'

'; + $msg = '

'.&mt('User information').'

'; } $msg .= &mt('To create one, use the table below to provide information about yourself, then click the [_1]Create LON-CAPA account[_2] button.','','').'
'; } else { @@ -985,7 +1015,7 @@ sub username_check { } sub username_activation { - my ($r,$username,$domain,$domdesc,$lonhost,$courseid) = @_; + my ($r,$username,$domain,$domdesc,$courseid) = @_; my $output; my $error = ''.&mt('Error:').' '; my $end = '

'; @@ -1028,7 +1058,7 @@ sub username_activation { # Call modifyuser my (%rulematch,%inst_results,%curr_rules,%got_rules,%alerts,%info); &call_rulecheck($username,$domain,\%alerts,\%rulematch, - \%inst_results,\%curr_rules,%got_rules); + \%inst_results,\%curr_rules,\%got_rules); my @userinfo = ('firstname','middlename','lastname','generation', 'permanentemail','id'); my %canmodify = @@ -1055,7 +1085,8 @@ sub username_activation { if ($result eq 'ok') { my $delete = &Apache::lonnet::tmpdel($env{'form.authtoken'}); $output = &mt('A LON-CAPA account has been created for username: [_1] in domain: [_2].',$username,$domain); - my %form = &start_session($r,$username,$domain,$lonhost,$courseid); + my $uhome=&Apache::lonnet::homeserver($username,$domain,'true'); + &start_session($r,$username,$domain,$uhome,$courseid); my $nostart = 1; return ('ok',$output,$nostart); } else { @@ -1071,6 +1102,9 @@ sub username_activation { sub check_id { my ($username,$domain,$domdesc) = @_; # Check ID format + # Is $username in an okay format for $domain + # (right number of characters, special characters, etc - follow domain rules)? + # $domdesc is just used for user error messages my (%alerts,%rulematch,%inst_results,%curr_rules,%checkhash); my %checks = ('id' => 1); %{$checkhash{$username.':'.$domain}} = ( @@ -1101,71 +1135,44 @@ sub invalid_state { my ($error,$domdesc,$contact_name,$contact_email,$msgtext) = @_; my $msg = '

'.&mt('Account creation unavailable').'

'; if ($error eq 'baduseremail') { - $msg = &mt('The e-mail address you provided does not appear to be a valid address.'); + $msg .= &mt('The e-mail address you provided does not appear to be a valid address.'); } elsif ($error eq 'existinguser') { - $msg = &mt('The e-mail address you provided is already in use as a username in LON-CAPA at this institution.'); + $msg .= &mt('The e-mail address you provided is already in use as a username in LON-CAPA at this institution.'); } elsif ($error eq 'userrules') { - $msg = &mt('Username rules at this institution do not allow the e-mail address you provided to be used as a username.'); + $msg .= &mt('Username rules at this institution do not allow the e-mail address you provided to be used as a username.'); } elsif ($error eq 'userformat') { - $msg = &mt('The e-mail address you provided may not be used as a username at this LON-CAPA institution.'); + $msg .= &mt('The e-mail address you provided may not be used as a username at this LON-CAPA institution.'); } elsif ($error eq 'captcha') { - $msg = &mt('Validation of the code your entered failed.'); + $msg .= &mt('Validation of the code you entered failed.'); } elsif ($error eq 'noemails') { - $msg = &mt('Creation of a new user account using an e-mail address as username is not permitted at this LON-CAPA institution.'); + $msg .= &mt('Creation of a new user account using an e-mail address as username is not permitted at this LON-CAPA institution.'); } $msg .= ''; if ($msgtext) { $msg .= '
'.$msgtext; } - $msg .= &linkto_email_help($contact_email,$domdesc); + $msg .= &linkto_email_help($contact_email,$domdesc,$error); return $msg; } sub linkto_email_help { - my ($contact_email,$domdesc) = @_; + my ($contact_email,$domdesc,$error) = @_; my $msg; + my $href = '/adm/helpdesk'; if ($contact_email ne '') { my $escuri = &HTML::Entities::encode('/adm/createaccount','&<>"'); - $msg .= '
'.&mt('You may wish to contact the [_1]LON-CAPA helpdesk[_2] for [_3].','','',$domdesc).'
'; + $href .= '?origurl='.$escuri; + if ($error eq 'existinguser') { + my $escemail = &HTML::Entities::encode($env{'form.useremail'}); + $href .= '&useremail='.$escemail.'&useraccount='.$escemail; + } + $msg .= '
'.&mt('You may wish to contact the [_1]LON-CAPA helpdesk[_2] for [_3].','','',$domdesc).'
'; } else { $msg .= '
'.&mt('You may wish to send an e-mail to the server administrator: [_1] for [_2].',$Apache::lonnet::perlvar{'AdminEmail'},$domdesc).'
'; } return $msg; } -sub create_captcha { - my ($output_dir,$db_dir) = @_; - my %captcha_params = &captcha_settings(); - my ($output,$maxtries,$tries) = ('',10,0); - while ($tries < $maxtries) { - $tries ++; - my $captcha = Authen::Captcha->new ( - output_folder => $captcha_params{'output_dir'}, - data_folder => $captcha_params{'db_dir'}, - ); - my $md5sum = $captcha->generate_code($captcha_params{'numchars'}); - - if (-e $Apache::lonnet::perlvar{'lonCaptchaDir'}.'/'.$md5sum.'.png') { - $output = ''."\n". - &mt('Type in the letters/numbers shown below').' '. - '
'. - ''; - last; - } - } - return $output; -} - -sub captcha_settings { - my %captcha_params = ( - output_dir => $Apache::lonnet::perlvar{'lonCaptchaDir'}, - www_output_dir => "/captchaspool", - db_dir => $Apache::lonnet::perlvar{'lonCaptchaDb'}, - numchars => '5', - ); - return %captcha_params; -} - sub getkeys { my ($lkey,$ukey) = @_; my $lextkey=hex($lkey); @@ -1193,6 +1200,7 @@ sub serverform { + $catalog_elements @@ -1202,6 +1210,12 @@ ENDSERVERFORM } sub process_credentials { +# +# Fetches the information from the logtoken via tmpget +# Token contains the DES-key and the stage of the process (would only be "createaccount") +# $lonhost in this routine is *not* necessarily the machine that this runs on, +# but $env{'form.serverid'}, the machine that issued the token. +# my ($logtoken,$lonhost) = @_; my $tmpinfo=Apache::lonnet::reply('tmpget:'.$logtoken,$lonhost); my ($retrieved,$output,$upass); @@ -1223,6 +1237,10 @@ sub process_credentials { } else { $output = &mt('Unable to retrieve your log-in information - unexpected context'); } +# $retrieved is 'ok' if retrieved okay +# $output is screen output for the user +# $upass is $env{'form.upass'}, decrypted with the DES-key, if stage was 'createaccount' + return ($retrieved,$output,$upass); }