--- loncom/interface/createaccount.pm 2014/03/03 17:11:41 1.61
+++ loncom/interface/createaccount.pm 2015/01/09 15:41:49 1.69
@@ -4,7 +4,7 @@
# kerberos, or SSO) or an e-mail address. Requests to use an e-mail address as
# username may be processed automatically, or may be queued for approval.
#
-# $Id: createaccount.pm,v 1.61 2014/03/03 17:11:41 raeburn Exp $
+# $Id: createaccount.pm,v 1.69 2015/01/09 15:41:49 raeburn Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -170,10 +170,38 @@ sub handler {
if (grep(/^sso$/,@{$cancreate})) {
$msg = '
'.&mt('Account creation').'
'.
&mt("Although your username and password were authenticated by your institution's Single Sign On system, you do not currently have a LON-CAPA account at this institution.").'
';
-
+ my $shibenv;
+ if (($r->dir_config('lonOtherAuthen') eq 'yes') &&
+ ($r->dir_config('lonOtherAuthenType') eq 'Shibboleth')) {
+ if (ref($domconfig{'usercreation'}) eq 'HASH') {
+ if (ref($domconfig{'usercreation'}{'cancreate'}) eq 'HASH') {
+ if (ref($domconfig{'usercreation'}{'cancreate'}{'shibenv'}) eq 'HASH') {
+ my @possfields = ('firstname','middlename','lastname','generation',
+ 'permanentemail','id');
+ my ($othertitle,$usertypes,$types) = &Apache::loncommon::sorted_inst_types($domain);
+ $shibenv= {};
+ foreach my $key (keys(%{$domconfig{'usercreation'}{'cancreate'}{'shibenv'}})) {
+ if ($key eq 'inststatus') {
+ if (ref($usertypes) eq 'HASH') {
+ if ($domconfig{'usercreation'}{'cancreate'}{'shibenv'}{$key} ne '') {
+ if (exists($usertypes->{$domconfig{'usercreation'}{'cancreate'}{'shibenv'}{$key}})) {
+ $shibenv->{$key} = $domconfig{'usercreation'}{'cancreate'}{'shibenv'}{$key};
+ }
+ }
+ }
+ } elsif (grep(/^\Q$key\E/,@possfields)) {
+ if ($domconfig{'usercreation'}{'cancreate'}{'shibenv'}{$key} ne '') {
+ $shibenv->{$key} = $domconfig{'usercreation'}{'cancreate'}{'shibenv'}{$key};
+ }
+ }
+ }
+ }
+ }
+ }
+ }
$msg .= &username_check($sso_username,$domain,$domdesc,$courseid,
$lonhost,$contact_email,$contact_name,
- $sso_logout,$statustocreate);
+ $sso_logout,$statustocreate,$shibenv);
} else {
$msg = ''.&mt('Account creation unavailable').'
'.
''.&mt("Although your username and password were authenticated by your institution's Single Sign On system, you do not currently have a LON-CAPA account at this institution, and you are not permitted to create one.").'
'.&mt('Please contact the [_1] ([_2]) for assistance.',$contact_name,$contact_email).'
'.
@@ -187,10 +215,11 @@ sub handler {
my ($output,$nostart,$noend,$redirect);
my $token = $env{'form.token'};
if ($token) {
+ my $usertype = &get_usertype($domain);
($output,$nostart,$noend,$redirect) =
&process_mailtoken($r,$token,$contact_name,$contact_email,$domain,
$domdesc,$lonhost,$include,$start_page,$cancreate,
- $domconfig{'usercreation'});
+ $domconfig{'usercreation'},$usertype);
if ($redirect) {
$r->internal_redirect('/adm/switchserver');
return OK;
@@ -248,24 +277,21 @@ sub handler {
} elsif (!$token) {
&print_header($r,$start_page,$courseid);
my $now=time;
- my $gotlondes;
- if (grep(/^login$/,@{$cancreate})) {
+ if ((grep(/^login$/,@{$cancreate})) && (!grep(/^email$/,@{$cancreate}))) {
if (open(my $jsh,"<$include/londes.js")) {
while(my $line = <$jsh>) {
$r->print($line);
}
close($jsh);
$r->print(&javascript_setforms($now));
- $gotlondes = 1;
}
}
- if (grep(/^email(|approval)$/,@{$cancreate})) {
+ if (grep(/^email$/,@{$cancreate})) {
$r->print(&javascript_validmail());
}
my $usertype = &get_usertype($domain);
$output = &print_username_form($r,$domain,$domdesc,$cancreate,$now,$lonhost,
- $include,$courseid,$gotlondes,$emailusername,
- $usertype);
+ $include,$courseid,$emailusername,$usertype);
}
$r->print($output);
&print_footer($r);
@@ -328,7 +354,7 @@ sub selfenroll_crumbs {
}
my $last_crumb;
if ($desc ne '') {
- $last_crumb = &mt('Self-enroll in [_1]',"$desc");
+ $last_crumb = &mt("Self-enroll in [_1]","'$desc'");
} else {
$last_crumb = &mt('Self-enroll');
}
@@ -483,7 +509,7 @@ ENDSCRIPT
}
sub print_username_form {
- my ($r,$domain,$domdesc,$cancreate,$now,$lonhost,$include,$courseid,$gotlondes,$emailusername,
+ my ($r,$domain,$domdesc,$cancreate,$now,$lonhost,$include,$courseid,$emailusername,
$usertype) = @_;
my %lt = &Apache::lonlocal::texthash (
unam => 'username',
@@ -511,7 +537,7 @@ sub print_username_form {
$domain,'createaccount').'';
}
}
- if (grep(/^email(|approval)$/,@{$cancreate})) {
+ if (grep(/^email$/,@{$cancreate})) {
$output .= ''.&mt('Create account with an e-mail address as your username').'
';
my ($captchaform,$error,$captcha) = &Apache::loncommon::captcha_display('usercreation',$lonhost);
if ($error) {
@@ -542,8 +568,7 @@ sub print_username_form {
$lt{'yopw'}.'
';
}
$output .= &print_dataentry_form($r,$domain,$lonhost,$include,$now,$captchaform,
- $courseid,$gotlondes,$emailusername,$captcha,
- $usertype);
+ $courseid,$emailusername,$captcha,$usertype);
}
$output .= '';
}
@@ -612,7 +637,7 @@ sub process_email_request {
$server,$settings,$emailusername,$courseid,$usertype) = @_;
my $output;
if (ref($cancreate) eq 'ARRAY') {
- if (!grep(/^email(|approval)$/,@{$cancreate})) {
+ if (!grep(/^email$/,@{$cancreate})) {
$output = &invalid_state('noemails',$domdesc,
$contact_name,$contact_email);
return $output;
@@ -755,7 +780,7 @@ sub send_token {
sub process_mailtoken {
my ($r,$token,$contact_name,$contact_email,$domain,$domdesc,$lonhost,
- $include,$start_page,$cancreate,$settings) = @_;
+ $include,$start_page,$cancreate,$settings,$usertype) = @_;
my ($msg,$nostart,$noend,$redirect);
my %data = &Apache::lonnet::tmpget($token);
my $now = time;
@@ -772,36 +797,46 @@ sub process_mailtoken {
if ($now - $data{'time'} < 7200) {
# Check if request should be queued.
if (ref($cancreate) eq 'ARRAY') {
+ my $disposition;
if (grep(/^email$/,@{$cancreate})) {
- my ($result,$output,$uhome) =
- &create_account($r,$domain,$domdesc,\%data);
- if ($result eq 'ok') {
- $msg = $output;
- my $shownow = &Apache::lonlocal::locallocaltime($now);
- my $mailmsg = &mt('A LON-CAPA account for the institution: [_1] has been created [_2] from IP address: [_3]. If you did not perform this action or authorize it, please contact the [_4] ([_5]).',$domdesc,$shownow,$ENV{'REMOTE_ADDR'},$contact_name,$contact_email)."\n";
- my $mailresult = &Apache::resetpw::send_mail($domdesc,$data{'email'},
- $mailmsg,$contact_name,
- $contact_email);
- if ($mailresult eq 'ok') {
- $msg .= &mt('An e-mail confirming creation of your new LON-CAPA account has been sent to [_1].',$data{'username'});
- } else {
- $msg .= &mt('An error occurred when sending e-mail to [_1] confirming creation of your LON-CAPA account.',$data{'username'});
+ if (ref($settings) eq 'HASH') {
+ if (ref($settings->{'cancreate'}) eq 'HASH') {
+ if (ref($settings->{'cancreate'}{'selfcreateprocessing'}) eq 'HASH') {
+ $disposition = $settings->{'cancreate'}{'selfcreateprocessing'}{$usertype};
+ }
}
- $redirect = &start_session($r,$data{'username'},$domain,$uhome,
- $data{'courseid'},$token);
- $nostart = 1;
- $noend = 1;
+ }
+ if ($disposition eq 'approval') {
+ $msg = &store_request($domain,$data{'username'},'approval',\%data,$settings);
+ my $delete = &Apache::lonnet::tmpdel($token);
} else {
- $msg .= &mt('A problem occurred when attempting to create your new LON-CAPA account.')
- .'
'.$output;
- if (($contact_name ne '') && ($contact_email ne '')) {
- $msg .= &mt('Please contact the [_1] ([_2]) for assistance.',$contact_name,$contact_email);
+ my ($result,$output,$uhome) =
+ &create_account($r,$domain,$domdesc,\%data);
+ if ($result eq 'ok') {
+ $msg = $output;
+ my $shownow = &Apache::lonlocal::locallocaltime($now);
+ my $mailmsg = &mt('A LON-CAPA account for the institution: [_1] has been created [_2] from IP address: [_3]. If you did not perform this action or authorize it, please contact the [_4] ([_5]).',$domdesc,$shownow,$ENV{'REMOTE_ADDR'},$contact_name,$contact_email)."\n";
+ my $mailresult = &Apache::resetpw::send_mail($domdesc,$data{'email'},
+ $mailmsg,$contact_name,
+ $contact_email);
+ if ($mailresult eq 'ok') {
+ $msg .= &mt('An e-mail confirming creation of your new LON-CAPA account has been sent to [_1].',$data{'username'});
+ } else {
+ $msg .= &mt('An error occurred when sending e-mail to [_1] confirming creation of your LON-CAPA account.',$data{'username'});
+ }
+ $redirect = &start_session($r,$data{'username'},$domain,$uhome,
+ $data{'courseid'},$token);
+ $nostart = 1;
+ $noend = 1;
+ } else {
+ $msg .= &mt('A problem occurred when attempting to create your new LON-CAPA account.')
+ .'
'.$output;
+ if (($contact_name ne '') && ($contact_email ne '')) {
+ $msg .= &mt('Please contact the [_1] ([_2]) for assistance.',$contact_name,$contact_email);
+ }
}
+ my $delete = &Apache::lonnet::tmpdel($token);
}
- my $delete = &Apache::lonnet::tmpdel($token);
- } elsif (grep(/^emailapproval$/,@{$cancreate})) {
- $msg = &store_request($domain,$data{'username'},'approval',\%data,$settings);
- my $delete = &Apache::lonnet::tmpdel($token);
} else {
$msg = &invalid_state('noemails',$domdesc,$contact_name,$contact_email);
}
@@ -821,8 +856,8 @@ sub process_mailtoken {
sub start_session {
my ($r,$username,$domain,$uhome,$courseid,$token) = @_;
-
- if ($r->dir_config('lonBalancer') eq 'yes') {
+ my ($is_balancer) = &Apache::lonnet::check_loadbalancing($username,$domain);
+ if ($is_balancer) {
Apache::lonauth::success($r, $username, $domain, $uhome,
'noredirect', undef, {});
@@ -836,7 +871,6 @@ sub start_session {
($courseid ? "/adm/selfenroll?courseid=$courseid" : '/adm/roles'),
undef, {});
}
-
return;
}
@@ -846,21 +880,16 @@ sub start_session {
# Stores token to store DES-key and stage during creation session
#
sub print_dataentry_form {
- my ($r,$domain,$lonhost,$include,$now,$captchaform,$courseid,$gotlondes,$emailusername,$captcha,
+ my ($r,$domain,$lonhost,$include,$now,$captchaform,$courseid,$emailusername,$captcha,
$usertype) = @_;
my ($error,$output);
- unless ($gotlondes) {
- if (open(my $jsh,"<$include/londes.js")) {
- while(my $line = <$jsh>) {
- $r->print($line);
- }
- close($jsh);
- $output = &javascript_setforms($now,$emailusername,$captcha,$usertype)."\n";
- $gotlondes = 1;
- }
- }
- if ($gotlondes) {
- $output .= &javascript_checkpass($now,'email');
+ if (open(my $jsh,"<$include/londes.js")) {
+ while(my $line = <$jsh>) {
+ $r->print($line);
+ }
+ close($jsh);
+ $output = &javascript_setforms($now,$emailusername,$captcha,$usertype)."\n".
+ &javascript_checkpass($now,'email');
my ($lkey,$ukey) = &Apache::loncommon::des_keys();
my ($lextkey,$uextkey) = &getkeys($lkey,$ukey);
my $logtoken=Apache::lonnet::reply('tmpput:'.$ukey.$lkey.'&createaccount:createaccount',
@@ -964,7 +993,12 @@ sub get_creation_controls {
if (ref($usercreation->{'cancreate'}{'emailusername'}) eq 'HASH') {
$emailusername = $usercreation->{'cancreate'}{'emailusername'};
} else {
- $emailusername = {'lastname' => '1', 'firstname' => 1, };
+ $emailusername = {
+ default => {
+ 'lastname' => '1',
+ 'firstname' => 1,
+ },
+ };
}
}
}
@@ -991,8 +1025,8 @@ sub create_account {
$middlename = $dataref->{'middlename'};
$lastname = $dataref->{'lastname'};
$generation = $dataref->{'generation'};
- $inststatus = $dataref->{'usertype'};
-
+ $inststatus = $dataref->{'inststatus'};
+
my $currhome = &Apache::lonnet::homeserver($username,$domain);
unless ($currhome eq 'no_host') {
$output = &mt('User account requested for username: [_1] in domain: [_2] already exists.',$username,$domain);
@@ -1153,7 +1187,7 @@ sub login_failure_msg {
sub username_check {
my ($username,$domain,$domdesc,$courseid,$lonhost,$contact_email,
- $contact_name,$sso_logout,$statustocreate) = @_;
+ $contact_name,$sso_logout,$statustocreate,$shibenv) = @_;
my (%rulematch,%inst_results,$checkfail,$rowcount,$editable,$output,$msg,
%alerts,%curr_rules,%got_rules);
&call_rulecheck($username,$domain,\%alerts,\%rulematch,
@@ -1189,6 +1223,13 @@ sub username_check {
}
if (!$checkfail) {
$output = '