--- loncom/interface/createaccount.pm 2014/04/19 20:48:43 1.63 +++ loncom/interface/createaccount.pm 2014/06/19 23:36:54 1.68 @@ -4,7 +4,7 @@ # kerberos, or SSO) or an e-mail address. Requests to use an e-mail address as # username may be processed automatically, or may be queued for approval. # -# $Id: createaccount.pm,v 1.63 2014/04/19 20:48:43 raeburn Exp $ +# $Id: createaccount.pm,v 1.68 2014/06/19 23:36:54 raeburn Exp $ # # Copyright Michigan State University Board of Trustees # @@ -170,10 +170,38 @@ sub handler { if (grep(/^sso$/,@{$cancreate})) { $msg = '

'.&mt('Account creation').'

'. &mt("Although your username and password were authenticated by your institution's Single Sign On system, you do not currently have a LON-CAPA account at this institution.").'
'; - + my $shibenv; + if (($r->dir_config('lonOtherAuthen') eq 'yes') && + ($r->dir_config('lonOtherAuthenType') eq 'Shibboleth')) { + if (ref($domconfig{'usercreation'}) eq 'HASH') { + if (ref($domconfig{'usercreation'}{'cancreate'}) eq 'HASH') { + if (ref($domconfig{'usercreation'}{'cancreate'}{'shibenv'}) eq 'HASH') { + my @possfields = ('firstname','middlename','lastname','generation', + 'permanentemail','id'); + my ($othertitle,$usertypes,$types) = &Apache::loncommon::sorted_inst_types($domain); + $shibenv= {}; + foreach my $key (keys(%{$domconfig{'usercreation'}{'cancreate'}{'shibenv'}})) { + if ($key eq 'inststatus') { + if (ref($usertypes) eq 'HASH') { + if ($domconfig{'usercreation'}{'cancreate'}{'shibenv'}{$key} ne '') { + if (exists($usertypes->{$domconfig{'usercreation'}{'cancreate'}{'shibenv'}{$key}})) { + $shibenv->{$key} = $domconfig{'usercreation'}{'cancreate'}{'shibenv'}{$key}; + } + } + } + } elsif (grep(/^\Q$key\E/,@possfields)) { + if ($domconfig{'usercreation'}{'cancreate'}{'shibenv'}{$key} ne '') { + $shibenv->{$key} = $domconfig{'usercreation'}{'cancreate'}{'shibenv'}{$key}; + } + } + } + } + } + } + } $msg .= &username_check($sso_username,$domain,$domdesc,$courseid, $lonhost,$contact_email,$contact_name, - $sso_logout,$statustocreate); + $sso_logout,$statustocreate,$shibenv); } else { $msg = '

'.&mt('Account creation unavailable').'

'. ''.&mt("Although your username and password were authenticated by your institution's Single Sign On system, you do not currently have a LON-CAPA account at this institution, and you are not permitted to create one.").'

'.&mt('Please contact the [_1] ([_2]) for assistance.',$contact_name,$contact_email).'
'. @@ -187,10 +215,11 @@ sub handler { my ($output,$nostart,$noend,$redirect); my $token = $env{'form.token'}; if ($token) { + my $usertype = &get_usertype($domain); ($output,$nostart,$noend,$redirect) = &process_mailtoken($r,$token,$contact_name,$contact_email,$domain, $domdesc,$lonhost,$include,$start_page,$cancreate, - $domconfig{'usercreation'}); + $domconfig{'usercreation'},$usertype); if ($redirect) { $r->internal_redirect('/adm/switchserver'); return OK; @@ -248,24 +277,21 @@ sub handler { } elsif (!$token) { &print_header($r,$start_page,$courseid); my $now=time; - my $gotlondes; - if (grep(/^login$/,@{$cancreate})) { + if ((grep(/^login$/,@{$cancreate})) && (!grep(/^email$/,@{$cancreate}))) { if (open(my $jsh,"<$include/londes.js")) { while(my $line = <$jsh>) { $r->print($line); } close($jsh); $r->print(&javascript_setforms($now)); - $gotlondes = 1; } } - if (grep(/^email(|approval)$/,@{$cancreate})) { + if (grep(/^email$/,@{$cancreate})) { $r->print(&javascript_validmail()); } my $usertype = &get_usertype($domain); $output = &print_username_form($r,$domain,$domdesc,$cancreate,$now,$lonhost, - $include,$courseid,$gotlondes,$emailusername, - $usertype); + $include,$courseid,$emailusername,$usertype); } $r->print($output); &print_footer($r); @@ -483,7 +509,7 @@ ENDSCRIPT } sub print_username_form { - my ($r,$domain,$domdesc,$cancreate,$now,$lonhost,$include,$courseid,$gotlondes,$emailusername, + my ($r,$domain,$domdesc,$cancreate,$now,$lonhost,$include,$courseid,$emailusername, $usertype) = @_; my %lt = &Apache::lonlocal::texthash ( unam => 'username', @@ -511,7 +537,7 @@ sub print_username_form { $domain,'createaccount').''; } } - if (grep(/^email(|approval)$/,@{$cancreate})) { + if (grep(/^email$/,@{$cancreate})) { $output .= '

'.&mt('Create account with an e-mail address as your username').'

'; my ($captchaform,$error,$captcha) = &Apache::loncommon::captcha_display('usercreation',$lonhost); if ($error) { @@ -542,8 +568,7 @@ sub print_username_form { $lt{'yopw'}.'
'; } $output .= &print_dataentry_form($r,$domain,$lonhost,$include,$now,$captchaform, - $courseid,$gotlondes,$emailusername,$captcha, - $usertype); + $courseid,$emailusername,$captcha,$usertype); } $output .= '
'; } @@ -612,7 +637,7 @@ sub process_email_request { $server,$settings,$emailusername,$courseid,$usertype) = @_; my $output; if (ref($cancreate) eq 'ARRAY') { - if (!grep(/^email(|approval)$/,@{$cancreate})) { + if (!grep(/^email$/,@{$cancreate})) { $output = &invalid_state('noemails',$domdesc, $contact_name,$contact_email); return $output; @@ -755,7 +780,7 @@ sub send_token { sub process_mailtoken { my ($r,$token,$contact_name,$contact_email,$domain,$domdesc,$lonhost, - $include,$start_page,$cancreate,$settings) = @_; + $include,$start_page,$cancreate,$settings,$usertype) = @_; my ($msg,$nostart,$noend,$redirect); my %data = &Apache::lonnet::tmpget($token); my $now = time; @@ -772,36 +797,46 @@ sub process_mailtoken { if ($now - $data{'time'} < 7200) { # Check if request should be queued. if (ref($cancreate) eq 'ARRAY') { + my $disposition; if (grep(/^email$/,@{$cancreate})) { - my ($result,$output,$uhome) = - &create_account($r,$domain,$domdesc,\%data); - if ($result eq 'ok') { - $msg = $output; - my $shownow = &Apache::lonlocal::locallocaltime($now); - my $mailmsg = &mt('A LON-CAPA account for the institution: [_1] has been created [_2] from IP address: [_3]. If you did not perform this action or authorize it, please contact the [_4] ([_5]).',$domdesc,$shownow,$ENV{'REMOTE_ADDR'},$contact_name,$contact_email)."\n"; - my $mailresult = &Apache::resetpw::send_mail($domdesc,$data{'email'}, - $mailmsg,$contact_name, - $contact_email); - if ($mailresult eq 'ok') { - $msg .= &mt('An e-mail confirming creation of your new LON-CAPA account has been sent to [_1].',$data{'username'}); - } else { - $msg .= &mt('An error occurred when sending e-mail to [_1] confirming creation of your LON-CAPA account.',$data{'username'}); + if (ref($settings) eq 'HASH') { + if (ref($settings->{'cancreate'}) eq 'HASH') { + if (ref($settings->{'cancreate'}{'selfcreateprocessing'}) eq 'HASH') { + $disposition = $settings->{'cancreate'}{'selfcreateprocessing'}{$usertype}; + } } - $redirect = &start_session($r,$data{'username'},$domain,$uhome, - $data{'courseid'},$token); - $nostart = 1; - $noend = 1; + } + if ($disposition eq 'approval') { + $msg = &store_request($domain,$data{'username'},'approval',\%data,$settings); + my $delete = &Apache::lonnet::tmpdel($token); } else { - $msg .= &mt('A problem occurred when attempting to create your new LON-CAPA account.') - .'
'.$output; - if (($contact_name ne '') && ($contact_email ne '')) { - $msg .= &mt('Please contact the [_1] ([_2]) for assistance.',$contact_name,$contact_email); + my ($result,$output,$uhome) = + &create_account($r,$domain,$domdesc,\%data); + if ($result eq 'ok') { + $msg = $output; + my $shownow = &Apache::lonlocal::locallocaltime($now); + my $mailmsg = &mt('A LON-CAPA account for the institution: [_1] has been created [_2] from IP address: [_3]. If you did not perform this action or authorize it, please contact the [_4] ([_5]).',$domdesc,$shownow,$ENV{'REMOTE_ADDR'},$contact_name,$contact_email)."\n"; + my $mailresult = &Apache::resetpw::send_mail($domdesc,$data{'email'}, + $mailmsg,$contact_name, + $contact_email); + if ($mailresult eq 'ok') { + $msg .= &mt('An e-mail confirming creation of your new LON-CAPA account has been sent to [_1].',$data{'username'}); + } else { + $msg .= &mt('An error occurred when sending e-mail to [_1] confirming creation of your LON-CAPA account.',$data{'username'}); + } + $redirect = &start_session($r,$data{'username'},$domain,$uhome, + $data{'courseid'},$token); + $nostart = 1; + $noend = 1; + } else { + $msg .= &mt('A problem occurred when attempting to create your new LON-CAPA account.') + .'
'.$output; + if (($contact_name ne '') && ($contact_email ne '')) { + $msg .= &mt('Please contact the [_1] ([_2]) for assistance.',$contact_name,$contact_email); + } } + my $delete = &Apache::lonnet::tmpdel($token); } - my $delete = &Apache::lonnet::tmpdel($token); - } elsif (grep(/^emailapproval$/,@{$cancreate})) { - $msg = &store_request($domain,$data{'username'},'approval',\%data,$settings); - my $delete = &Apache::lonnet::tmpdel($token); } else { $msg = &invalid_state('noemails',$domdesc,$contact_name,$contact_email); } @@ -846,21 +881,16 @@ sub start_session { # Stores token to store DES-key and stage during creation session # sub print_dataentry_form { - my ($r,$domain,$lonhost,$include,$now,$captchaform,$courseid,$gotlondes,$emailusername,$captcha, + my ($r,$domain,$lonhost,$include,$now,$captchaform,$courseid,$emailusername,$captcha, $usertype) = @_; my ($error,$output); - unless ($gotlondes) { - if (open(my $jsh,"<$include/londes.js")) { - while(my $line = <$jsh>) { - $r->print($line); - } - close($jsh); - $output = &javascript_setforms($now,$emailusername,$captcha,$usertype)."\n"; - $gotlondes = 1; - } - } - if ($gotlondes) { - $output .= &javascript_checkpass($now,'email'); + if (open(my $jsh,"<$include/londes.js")) { + while(my $line = <$jsh>) { + $r->print($line); + } + close($jsh); + $output = &javascript_setforms($now,$emailusername,$captcha,$usertype)."\n". + &javascript_checkpass($now,'email'); my ($lkey,$ukey) = &Apache::loncommon::des_keys(); my ($lextkey,$uextkey) = &getkeys($lkey,$ukey); my $logtoken=Apache::lonnet::reply('tmpput:'.$ukey.$lkey.'&createaccount:createaccount', @@ -964,7 +994,12 @@ sub get_creation_controls { if (ref($usercreation->{'cancreate'}{'emailusername'}) eq 'HASH') { $emailusername = $usercreation->{'cancreate'}{'emailusername'}; } else { - $emailusername = {'lastname' => '1', 'firstname' => 1, }; + $emailusername = { + default => { + 'lastname' => '1', + 'firstname' => 1, + }, + }; } } } @@ -1153,7 +1188,7 @@ sub login_failure_msg { sub username_check { my ($username,$domain,$domdesc,$courseid,$lonhost,$contact_email, - $contact_name,$sso_logout,$statustocreate) = @_; + $contact_name,$sso_logout,$statustocreate,$shibenv) = @_; my (%rulematch,%inst_results,$checkfail,$rowcount,$editable,$output,$msg, %alerts,%curr_rules,%got_rules); &call_rulecheck($username,$domain,\%alerts,\%rulematch, @@ -1189,6 +1224,13 @@ sub username_check { } if (!$checkfail) { $output = '
'; + if (ref($shibenv) eq 'HASH') { + foreach my $key (keys(%{$shibenv})) { + if ($ENV{$shibenv->{$key}} ne '') { + $inst_results{$username.':'.$domain}{$key} = $ENV{$shibenv->{$key}}; + } + } + } (my $datatable,$rowcount,$editable) = &Apache::loncreateuser::personal_data_display($username,$domain,1,'selfcreate', $inst_results{$username.':'.$domain});