--- loncom/interface/createaccount.pm 2014/02/12 20:47:40 1.58 +++ loncom/interface/createaccount.pm 2017/08/03 20:06:21 1.75 @@ -4,7 +4,7 @@ # kerberos, or SSO) or an e-mail address. Requests to use an e-mail address as # username may be processed automatically, or may be queued for approval. # -# $Id: createaccount.pm,v 1.58 2014/02/12 20:47:40 raeburn Exp $ +# $Id: createaccount.pm,v 1.75 2017/08/03 20:06:21 raeburn Exp $ # # Copyright Michigan State University Board of Trustees # @@ -59,7 +59,7 @@ sub handler { my $sso_domain = $r->subprocess_env->get('SSOUserDomain'); &Apache::loncommon::get_unprocessed_cgi($ENV{'QUERY_STRING'}, - ['token','courseid','domain']); + ['token','courseid','domain','type']); &Apache::lonacc::get_posted_cgi($r); &Apache::lonlocal::get_language_handle($r); @@ -124,7 +124,7 @@ sub handler { my %domconfig = &Apache::lonnet::get_dom('configuration',['usercreation'],$domain); - my ($cancreate,$statustocreate,$emailusername) = + my ($cancreate,$statustocreate) = &get_creation_controls($domain,$domconfig{'usercreation'}); my ($result,$output) = @@ -146,17 +146,37 @@ sub handler { return OK; } } - $start_page = &Apache::loncommon::start_page($title,$js); - my %domconfig = + my %domconfig = &Apache::lonnet::get_dom('configuration',['usercreation'],$domain); - my ($cancreate,$statustocreate,$emailusername) = + my ($cancreate,$statustocreate,$statusforemail,$emailusername, + $emailoptions,$verification,$emaildomain,$types,$usertypes,$othertitle) = &get_creation_controls($domain,$domconfig{'usercreation'}); + my ($additems,$pagetitle); + if (ref($cancreate) eq 'ARRAY') { + unless (($env{'form.token'}) || ($sso_username ne '') || ($env{'form.phase'}) || + ($env{'form.create_with_email'})) { + if ((grep(/^email$/,@{$cancreate})) && (ref($statusforemail) eq 'ARRAY')) { + my $usertype = &get_usertype($domain); + if ((($usertype eq '') || (!grep(/^\Q$usertype\E$/,@{$statusforemail}))) && + (@{$statusforemail} > 0)) { + $js .= &setelements_js($statusforemail,$types,$usertypes,$othertitle); + $additems = {'add_entries' => { 'onload' => "setElements();"} }; + if ((@{$cancreate} == 1) && (@{$statusforemail} > 0)) { + $pagetitle = 'Select affiliation'; + } + } else { + $js .= &username_js(); + } + } + } + } + $start_page = &Apache::loncommon::start_page($title,$js,$additems); if (@{$cancreate} == 0) { - &print_header($r,$start_page,$courseid); + &print_header($r,$start_page,$courseid,$pagetitle); my $output = '

'.&mt('Account creation unavailable').'

'. ''. - &mt('Creation of a new user account using an e-mail address or an institutional log-in ID as username is not permitted at this institution ([_1]).',$domdesc). + &mt('Creation of a new user account using an institutional log-in ID or e-mail verification is not permitted for: [_1].',$domdesc). '

'; $r->print($output); &print_footer($r); @@ -170,10 +190,37 @@ sub handler { if (grep(/^sso$/,@{$cancreate})) { $msg = '

'.&mt('Account creation').'

'. &mt("Although your username and password were authenticated by your institution's Single Sign On system, you do not currently have a LON-CAPA account at this institution.").'
'; - + my $shibenv; + if (($r->dir_config('lonOtherAuthen') eq 'yes') && + ($r->dir_config('lonOtherAuthenType') eq 'Shibboleth')) { + if (ref($domconfig{'usercreation'}) eq 'HASH') { + if (ref($domconfig{'usercreation'}{'cancreate'}) eq 'HASH') { + if (ref($domconfig{'usercreation'}{'cancreate'}{'shibenv'}) eq 'HASH') { + my @possfields = ('firstname','middlename','lastname','generation', + 'permanentemail','id'); + $shibenv= {}; + foreach my $key (keys(%{$domconfig{'usercreation'}{'cancreate'}{'shibenv'}})) { + if ($key eq 'inststatus') { + if (ref($usertypes) eq 'HASH') { + if ($domconfig{'usercreation'}{'cancreate'}{'shibenv'}{$key} ne '') { + if (exists($usertypes->{$domconfig{'usercreation'}{'cancreate'}{'shibenv'}{$key}})) { + $shibenv->{$key} = $domconfig{'usercreation'}{'cancreate'}{'shibenv'}{$key}; + } + } + } + } elsif (grep(/^\Q$key\E/,@possfields)) { + if ($domconfig{'usercreation'}{'cancreate'}{'shibenv'}{$key} ne '') { + $shibenv->{$key} = $domconfig{'usercreation'}{'cancreate'}{'shibenv'}{$key}; + } + } + } + } + } + } + } $msg .= &username_check($sso_username,$domain,$domdesc,$courseid, $lonhost,$contact_email,$contact_name, - $sso_logout,$statustocreate); + $sso_logout,$statustocreate,$shibenv); } else { $msg = '

'.&mt('Account creation unavailable').'

'. ''.&mt("Although your username and password were authenticated by your institution's Single Sign On system, you do not currently have a LON-CAPA account at this institution, and you are not permitted to create one.").'

'.&mt('Please contact the [_1] ([_2]) for assistance.',$contact_name,$contact_email).'
'. @@ -190,7 +237,7 @@ sub handler { ($output,$nostart,$noend,$redirect) = &process_mailtoken($r,$token,$contact_name,$contact_email,$domain, $domdesc,$lonhost,$include,$start_page,$cancreate, - $domconfig{'usercreation'}); + $domconfig{'usercreation'},$types); if ($redirect) { $r->internal_redirect('/adm/switchserver'); return OK; @@ -209,7 +256,35 @@ sub handler { return OK; } } - + my ($usernameset,$condition,$excluded,$hascustom); + if ((grep(/^email$/,@{$cancreate})) && (($env{'form.create_with_email'}) || + ((!$token) && ($env{'form.phase'} eq '')))) { + my $usertype = &get_usertype($domain); + if ($usertype eq '') { + $usertype = 'default'; + } + if (ref($verification) eq 'HASH') { + if ($verification->{$usertype} =~ /^(free|first)$/) { + $usernameset = $verification->{$usertype}; + } + } + if (ref($emailoptions) eq 'HASH') { + if ($emailoptions->{$usertype} =~ /^(inst|noninst)$/) { + my $chosen = $1; + if (ref($emaildomain) eq 'HASH') { + if (ref($emaildomain->{$usertype}) eq 'HASH') { + if ($chosen eq 'inst') { + $condition = $emaildomain->{$usertype}->{$chosen}; + } else { + $excluded = $emaildomain->{$usertype}->{$chosen}; + } + } + } + } elsif ($emailoptions->{$usertype} eq 'custom') { + $hascustom = 1; + } + } + } if ($env{'form.phase'} eq 'username_activation') { (my $result,$output,$nostart) = &username_activation($r,$env{'form.uname'},$domain,$domdesc, @@ -240,29 +315,35 @@ sub handler { } } elsif ($env{'form.create_with_email'}) { &print_header($r,$start_page,$courseid); + my $usertype = &get_usertype($domain); + if ($usertype eq '') { + $usertype = 'default'; + } $output = &process_email_request($env{'form.uname'},$domain,$domdesc, $contact_name,$contact_email,$cancreate, $lonhost,$domconfig{'usercreation'}, - $emailusername,$courseid); + $emailusername,$courseid,$usertype, + $usernameset,$condition,$excluded,$hascustom); } elsif (!$token) { - &print_header($r,$start_page,$courseid); + &print_header($r,$start_page,$courseid,$pagetitle); my $now=time; - my $gotlondes; - if (grep(/^login$/,@{$cancreate})) { + if ((grep(/^login$/,@{$cancreate})) && (!grep(/^email$/,@{$cancreate}))) { if (open(my $jsh,"<$include/londes.js")) { while(my $line = <$jsh>) { $r->print($line); } close($jsh); $r->print(&javascript_setforms($now)); - $gotlondes = 1; } } - if (grep(/^email(|approval)$/,@{$cancreate})) { - $r->print(&javascript_validmail()); + if (grep(/^email$/,@{$cancreate})) { + $r->print(&javascript_validmail($condition)); } + my $usertype = &get_usertype($domain); $output = &print_username_form($r,$domain,$domdesc,$cancreate,$now,$lonhost, - $include,$courseid,$gotlondes,$emailusername); + $include,$courseid,$emailusername, + $statusforemail,$usernameset,$condition, + $excluded,$usertype,$types,$usertypes,$othertitle); } $r->print($output); &print_footer($r); @@ -270,16 +351,25 @@ sub handler { } sub print_header { - my ($r,$start_page,$courseid) = @_; + my ($r,$start_page,$courseid,$pagetitle) = @_; $r->print($start_page); &Apache::lonhtmlcommon::clear_breadcrumbs(); + my $url = '/adm/createaccount'; + if ($pagetitle eq '') { + $pagetitle = 'New username'; + } if ($courseid ne '') { my %coursehash = &Apache::lonnet::coursedescription($courseid); &selfenroll_crumbs($r,$courseid,$coursehash{'description'}); } + if ($env{'form.reportedtype'}) { + &Apache::lonhtmlcommon::add_breadcrumb + ({href=>$url, + text=>"Select affiliation"}); + } &Apache::lonhtmlcommon::add_breadcrumb - ({href=>"/adm/createuser", - text=>"New username"}); + ({href=>$url, + text=>$pagetitle}); $r->print(&Apache::lonhtmlcommon::breadcrumbs('Create account')); return; } @@ -290,13 +380,29 @@ sub print_footer { $r->print('
'. &Apache::lonhtmlcommon::echo_form_input(['backto','logtoken', 'token','serverid','uname','upass','phase','create_with_email', - 'code','crypt','cfirstname','clastname', + 'code','crypt','cfirstname','clastname','g-recaptcha-response', + 'recaptcha_challenge_field','recaptcha_response_field', 'cmiddlename','cgeneration','cpermanentemail','cid']). '
'); } $r->print(&Apache::loncommon::end_page()); } +sub get_usertype { + my ($domain) = @_; + my $usertype; + my ($othertitle,$usertypes,$types) = &Apache::loncommon::sorted_inst_types($domain); + if (ref($types) eq 'ARRAY') { + push(@{$types},'default'); + my $posstype = $env{'form.type'}; + $posstype =~ s/^\s+|\s$//g; + if (grep(/^\Q$posstype\E$/,@{$types})) { + $usertype = $posstype; + } + } + return $usertype; +} + sub selfenroll_crumbs { my ($r,$courseid,$desc) = @_; &Apache::lonhtmlcommon::add_breadcrumb @@ -309,7 +415,7 @@ sub selfenroll_crumbs { } my $last_crumb; if ($desc ne '') { - $last_crumb = &mt('Self-enroll in [_1]',"$desc"); + $last_crumb = &mt("Self-enroll in [_1]","'$desc'"); } else { $last_crumb = &mt('Self-enroll'); } @@ -321,12 +427,57 @@ sub selfenroll_crumbs { } sub javascript_setforms { - my ($now,$emailusername) = @_; - my $setuserinfo; + my ($now,$emailusername,$captcha,$usertype,$recaptchaversion,$usernameset,$condition,$excluded) = @_; + my ($setuserinfo,@required,$requiredchk); if (ref($emailusername) eq 'HASH') { - foreach my $key (sort(keys(%{$emailusername}))) { - $setuserinfo .= ' server.elements.'.$key.'.value=client.elements.'.$key.'.value;'."\n"; - } + if (ref($emailusername->{$usertype}) eq 'HASH') { + foreach my $key (sort(keys(%{$emailusername->{$usertype}}))) { + if ($emailusername->{$usertype}{$key} eq 'required') { + push(@required,$key); + } + $setuserinfo .= ' server.elements.'.$key.'.value=client.elements.'.$key.'.value;'."\n"; + } + $setuserinfo .= ' server.elements.type.value=client.elements.type.value;'."\n"; + } + if ($captcha eq 'original') { + $setuserinfo .= ' server.elements.code.value=client.elements.code.value;'."\n". + ' server.elements.crypt.value=client.elements.crypt.value;'."\n"; + } elsif ($captcha eq 'recaptcha') { + if ($recaptchaversion ne '2') { + $setuserinfo .= + ' server.elements.recaptcha_challenge_field.value=client.elements.recaptcha_challenge_field.value;'."\n". + ' server.elements.recaptcha_response_field.value=client.elements.recaptcha_response_field.value;'."\n"; + } + } + if ($usernameset eq 'free') { + $setuserinfo .= + ' server.elements.username.value=client.elements.username.value;'."\n"; + } + } + if (@required) { + my $missprompt = &mt('One or more required fields are currently blank.'); + &js_escape(\$missprompt); + my $reqstr = join("','",@required); + $requiredchk = <<"ENDCHK"; + var requiredfields = new Array('$reqstr'); + missing = 0; + for (var i=0; i 0) { + alert("$missprompt"); + return false; + } + +ENDCHK } my $js = < @@ -338,40 +489,43 @@ sub javascript_setforms { server = document.forms[one]; if (document.forms[two]) { client = document.forms[two]; +$requiredchk server.elements.uname.value = client.elements.uname.value; server.elements.udom.value = client.elements.udom.value; - if (context == 'email') { - $setuserinfo - } - server.elements.code.value=client.elements.code.value; - server.elements.crypt.value=client.elements.crypt.value; uextkey=client.elements.uextkey.value; lextkey=client.elements.lextkey.value; initkeys(); - server.elements.upass.value - = crypted(client.elements.upass$now.value); - + = getCrypted(client.elements.upass$now.value); client.elements.uname.value=''; client.elements.upass$now.value=''; - client.elements.upasscheck$now.value=''; + if (context == 'email') { +$setuserinfo + client.elements.upasscheck$now.value=''; + } server.submit(); } } return false; } + // ]]> ENDSCRIPT + if (($captcha eq 'recaptcha') && ($recaptchaversion eq '2')) { + $js .= "\n".''."\n"; + } return $js; } sub javascript_checkpass { my ($now,$context) = @_; my $nopass = &mt('You must enter a password.'); - my $mismatchpass = &mt('The passwords you entered did not match.').'\\n'. + my $mismatchpass = &mt('The passwords you entered did not match.')."\n". &mt('Please try again.'); + &js_escape(\$nopass); + &js_escape(\$mismatchpass); my $js = <<"ENDSCRIPT"; +ENDSCRIPT + +} + +sub setelements_js { + my ($statusforemail,$types,$usertypes,$othertitle) = @_; + my ($posstypes,$posstypesnames,$availabletypes); + if ((ref($statusforemail) eq 'ARRAY') && (ref($types) eq 'ARRAY') && + (ref($usertypes) eq 'HASH')) { + $posstypes = join("','",@{$types},'default'); + $posstypesnames = join("','",(map {$usertypes->{$_};} @{$types}),$othertitle); + $availabletypes = join("','", @{$statusforemail}); + } + return <<"ENDSCRIPT"; + +ENDSCRIPT + +} + +sub username_js { + return <<"ENDSCRIPT"; + ENDSCRIPT