--- loncom/interface/domainprefs.pm 2017/01/23 22:46:44 1.288 +++ loncom/interface/domainprefs.pm 2017/03/20 03:19:43 1.295 @@ -1,7 +1,7 @@ # The LearningOnline Network with CAPA # Handler to set domain-wide configuration settings # -# $Id: domainprefs.pm,v 1.288 2017/01/23 22:46:44 raeburn Exp $ +# $Id: domainprefs.pm,v 1.295 2017/03/20 03:19:43 raeburn Exp $ # # Copyright Michigan State University Board of Trustees # @@ -265,6 +265,8 @@ sub handler { help => 'Domain_Configuration_LangTZAuth', header => [{col1 => 'Setting', col2 => 'Value'}, + {col1 => 'Internal Authentication', + col2 => 'Value'}, {col1 => 'Institutional user types', col2 => 'Assignable to e-mail usernames'}], print => \&print_defaults, @@ -499,6 +501,8 @@ sub handler { col2 => 'Certificate Status'}, {col1 => 'Connections to other servers', col2 => 'Rules'}, + {col1 => 'Connections from other servers', + col2 => 'Rules'}, {col1 => "Replicating domain's published content", col2 => 'Rules'}], print => \&print_ssl, @@ -673,7 +677,7 @@ sub process_changes { } elsif ($action eq 'autocreate') { $output = &modify_autocreate($dom,%domconfig); } elsif ($action eq 'directorysrch') { - $output = &modify_directorysrch($dom,%domconfig); + $output = &modify_directorysrch($dom,$lastactref,%domconfig); } elsif ($action eq 'usercreation') { $output = &modify_usercreation($dom,%domconfig); } elsif ($action eq 'selfcreation') { @@ -806,7 +810,7 @@ sub print_config_box { if (($action eq 'autoupdate') || ($action eq 'usercreation') || ($action eq 'selfcreation') || ($action eq 'selfenrollment') || ($action eq 'usersessions') || ($action eq 'coursecategories') || - ($action eq 'ssl') || ($action eq 'trust') || ($action eq 'contacts')) { + ($action eq 'trust') || ($action eq 'contacts') || ($action eq 'defaults')) { if ($action eq 'coursecategories') { $output .= &print_coursecategories('middle',$dom,$item,$settings,\$rowtotal); $colspan = ' colspan="2"'; @@ -866,6 +870,28 @@ sub print_config_box { ($action eq 'defaults') || ($action eq 'directorysrch') || ($action eq 'helpsettings')) { $output .= $item->{'print'}->('bottom',$dom,$settings,\$rowtotal); + } elsif ($action eq 'ssl') { + $output .= $item->{'print'}->('connto',$dom,$settings,\$rowtotal).' + + + + + + + + + '. + $item->{'print'}->('connfrom',$dom,$settings,\$rowtotal).' +
'.&mt($item->{'header'}->[2]->{'col1'}).''.&mt($item->{'header'}->[2]->{'col2'}).'
+ + + + + + + + '. + $item->{'print'}->('bottom',$dom,$settings,\$rowtotal); } elsif ($action eq 'login') { if ($numheaders == 4) { $output .= &print_login('page',$dom,$confname,$phase,$settings,\$rowtotal).' @@ -3024,7 +3050,7 @@ sub print_contacts { if (exists($settings->{'helpform'}{'maxsize'})) { $maxsize = $settings->{'helpform'}{'maxsize'}; } else { - $maxsize = '1.0'; + $maxsize = '1.0'; } } else { if (ref($fields) eq 'ARRAY') { @@ -3041,7 +3067,7 @@ sub print_contacts { $to{'adminemail'} = $Apache::lonnet::perlvar{'lonAdmEMail'}; $checked{'errormail'}{'adminemail'} = ' checked="checked" '; $checked{'packagesmail'}{'adminemail'} = ' checked="checked" '; - $checked{'lonstatusmail'}{'adminemail'} = ' checked="checked" '; + $checked{'lonstatusmail'}{'adminemail'} = ' checked="checked" '; $checked{'requestsmail'}{'adminemail'} = ' checked="checked" '; $checked{'updatesmail'}{'adminemail'} = ' checked="checked" '; $checked{'idconflictsmail'}{'adminemail'} = ' checked="checked" '; @@ -3117,8 +3143,8 @@ sub print_contacts { if ($position eq 'middle') { my %choices; $choices{'reporterrors'} = &mt('E-mail error reports to [_1]', - &Apache::loncommon::modal_link('http://loncapa.org/core.html', - &mt('LON-CAPA core group - MSU'),600,500)); + &Apache::loncommon::modal_link('http://loncapa.org/core.html', + &mt('LON-CAPA core group - MSU'),600,500)); $choices{'reportupdates'} = &mt('E-mail record of completed LON-CAPA updates to [_1]', &Apache::loncommon::modal_link('http://loncapa.org/core.html', &mt('LON-CAPA core group - MSU'),600,500)); @@ -3134,7 +3160,7 @@ sub print_contacts { ''."\n"; $itemcount ++; @@ -4655,7 +4683,32 @@ sub print_ssl { my @domservers = &Apache::lonnet::get_servers($dom); my %servers = &Apache::lonnet::internet_dom_servers($dom); my %altids = &id_for_thisdom(%servers); - if ($position eq 'middle') { + if (($position eq 'connto') || ($position eq 'connfrom')) { + my $legacy; + unless (ref($settings) eq 'HASH') { + my $name; + if ($position eq 'connto') { + $name = 'loncAllowInsecure'; + } else { + $name = 'londAllowInsecure'; + } + my $primarylibserv = &Apache::lonnet::domain($dom,'primary'); + my @ids=&Apache::lonnet::current_machine_ids(); + if (($primarylibserv ne '') && (!grep(/^\Q$primarylibserv\E$/,@ids))) { + my %what = ( + $name => 1, + ); + my ($result,$returnhash) = + &Apache::lonnet::get_remote_globals($primarylibserv,\%what); + if ($result eq 'ok') { + if (ref($returnhash) eq 'HASH') { + $legacy = $returnhash->{$name}; + } + } + } else { + $legacy = $Apache::lonnet::perlvar{$name}; + } + } foreach my $type ('dom','intdom','other') { my %checked; $css_class = $itemcount%2?' class="LC_odd_row"':''; @@ -4682,16 +4735,21 @@ sub print_ssl { unless ($skip) { $checked{'yes'} = ' checked="checked"'; if (ref($settings) eq 'HASH') { - if (ref($settings->{'connect'}) eq 'HASH') { - if ($settings->{'connect'}->{$type} =~ /^(no|req)$/) { + if (ref($settings->{$position}) eq 'HASH') { + if ($settings->{$position}->{$type} =~ /^(no|req)$/) { $checked{$1} = $checked{'yes'}; delete($checked{'yes'}); } } + } else { + if ($legacy == 0) { + $checked{'req'} = $checked{'yes'}; + delete($checked{'yes'}); + } } foreach my $option ('no','yes','req') { $datatable .= ''.(' 'x2); } @@ -4722,7 +4780,8 @@ sub ssl_titles { dom => 'LON-CAPA servers/VMs from same domain', intdom => 'LON-CAPA servers/VMs from same "internet" domain', other => 'External LON-CAPA servers/VMs', - connect => 'Connections to other servers', + connto => 'Connections to other servers', + connfrom => 'Connections from other servers', replication => 'Replicating content to other institutions', certreq => 'Client certificate required, but specific domains exempt', nocertreq => 'No client certificate required, except for specific domains', @@ -4932,7 +4991,7 @@ sub spares_row { '. &mt('[_1] when busy, offloads to:' ,''.$server.'').'
'. - ''."\n". + ''."\n". ''. "\n"; @@ -5426,7 +5485,7 @@ sub contact_titles { 'errormail' => 'Error reports to be e-mailed to', 'packagesmail' => 'Package update alerts to be e-mailed to', 'helpdeskmail' => "Helpdesk requests for this domain's users", - 'otherdomsmail' => 'Helpdesk requests for other (unconfigured) domains', + 'otherdomsmail' => 'Helpdesk requests for other (unconfigured) domains', 'lonstatusmail' => 'E-mail from nightly status check (warnings/errors)', 'requestsmail' => 'E-mail from course requests requiring approval', 'updatesmail' => 'E-mail from nightly check of LON-CAPA module integrity/updates', @@ -5447,14 +5506,14 @@ sub helpform_fields { 'cc' => 'Cc e-mail', 'course' => 'Course Details', 'section' => 'Sections', - 'screenshot' => 'File upload', + 'screenshot' => 'File upload', ); my @fields = ('username','phone','user','course','section','cc','screenshot'); my %possoptions = ( username => ['yes','no','req'], - phone => ['yes','no','req'], + phone => ['yes','no','req'], user => ['yes','no'], - cc => ['yes','no'], + cc => ['yes','no'], course => ['yes','no'], section => ['yes','no'], screenshot => ['yes','no'], @@ -6074,7 +6133,10 @@ sub print_usermodification { sub print_defaults { my ($position,$dom,$settings,$rowtotal) = @_; my $rownum = 0; - my ($datatable,$css_class); + my ($datatable,$css_class,$titles); + unless ($position eq 'bottom') { + $titles = &defaults_titles($dom); + } if ($position eq 'top') { my @items = ('auth_def','auth_arg_def','lang_def','timezone_def', 'datelocale_def','portal_def'); @@ -6087,7 +6149,6 @@ sub print_defaults { $defaults{$item} = $domdefaults{$item}; } } - my $titles = &defaults_titles($dom); foreach my $item (@items) { if ($rownum%2) { $css_class = ''; @@ -6135,8 +6196,87 @@ sub print_defaults { $datatable .= ''; $rownum ++; } + } elsif ($position eq 'middle') { + my @items = ('intauth_cost','intauth_check','intauth_switch'); + my %defaults; + if (ref($settings) eq 'HASH') { + %defaults = %{$settings}; + if ($defaults{'intauth_cost'} !~ /^\d+$/) { + $defaults{'intauth_cost'} = 10; + } + if ($defaults{'intauth_check'} !~ /^(0|1|2)$/) { + $defaults{'intauth_check'} = 0; + } + if ($defaults{'intauth_switch'} !~ /^(0|1|2)$/) { + $defaults{'intauth_switch'} = 0; + } + } else { + %defaults = ( + 'intauth_cost' => 10, + 'intauth_check' => 0, + 'intauth_switch' => 0, + ); + } + foreach my $item (@items) { + if ($rownum%2) { + $css_class = ''; + } else { + $css_class = ' class="LC_odd_row" '; + } + $datatable .= ''. + ''; + $rownum ++; + } } else { - my (%defaults); + my %defaults; if (ref($settings) eq 'HASH') { if ((ref($settings->{'inststatusorder'}) eq 'ARRAY') && (ref($settings->{'inststatustypes'}) eq 'HASH') && (ref($settings->{'inststatusguest'}) eq 'ARRAY')) { @@ -6231,6 +6371,9 @@ sub defaults_titles { 'timezone_def' => 'Default timezone', 'datelocale_def' => 'Default locale for dates', 'portal_def' => 'Portal/Default URL', + 'intauth_cost' => 'Encryption cost for bcrypt (positive integer)', + 'intauth_check' => 'Check bcrypt cost if authenticated', + 'intauth_switch' => 'Existing crypt-based switched to bcrypt on authentication', ); if ($dom) { my $uprimary_id = &Apache::lonnet::domain($dom,'primary'); @@ -6766,7 +6909,35 @@ sub serverstatus_pages { sub defaults_javascript { my ($settings) = @_; - return unless (ref($settings) eq 'HASH'); + my $intauthcheck = &mt('Warning: disallowing login for an authenticated user if the stored cost is less than the default will require a password reset by/for the user.'); + my $intauthcost = &mt('Warning: bcrypt encryption cost for internal authentication must be an integer.'); + &js_escape(\$intauthcheck); + &js_escape(\$intauthcost); + my $intauthjs = <<"ENDSCRIPT"; + +function warnIntAuth(field) { + if (field.name == 'intauth_check') { + if (field.value == '2') { + alert('$intauthcheck'); + } + } + if (field.name == 'intauth_cost') { + field.value.replace(/\s/g,''); + if (field.value != '') { + var regexdigit=/^\\d+\$/; + if (!regexdigit.test(field.value)) { + alert('$intauthcost'); + } + } + } + return; +} + +ENDSCRIPT + + if (ref($settings) ne 'HASH') { + return &Apache::lonhtmlcommon::scripttag($intauthjs); + } if ((ref($settings->{'inststatusorder'}) eq 'ARRAY') && (ref($settings->{'inststatustypes'}) eq 'HASH')) { my $maxnum = scalar(@{$settings->{'inststatusorder'}}); if ($maxnum eq '') { @@ -6820,10 +6991,14 @@ $jstext return; } +$intauthjs + // ]]> ENDSCRIPT + } else { + return &Apache::lonhtmlcommon::scripttag($intauthjs); } } @@ -7557,7 +7732,7 @@ sub modify_login { } elsif ($currheadtagurls{$lonhost}) { $loginhash{'login'}{'headtag'}{$lonhost}{'url'} = $currheadtagurls{$lonhost}; if ($currexempt{$lonhost}) { - if ((!exists($possexempt{$lonhost})) || ($possexempt{$lonhost} ne $currexempt{$lonhost})) { + if ((!exists($possexempt{$lonhost})) || ($possexempt{$lonhost} ne $currexempt{$lonhost})) { $changes{'headtag'}{$lonhost} = 1; } } elsif ($possexempt{$lonhost}) { @@ -7789,7 +7964,6 @@ sub modify_login { return $resulttext; } - sub check_exempt_addresses { my ($iplist) = @_; $iplist =~ s/^\s+//; @@ -8700,7 +8874,7 @@ sub modify_quotas { my $newpos = $env{'form.'.$itemid}; $newpos =~ s/\D+//g; foreach my $item ('subject','title','publisher','author') { - next if ((($item eq 'author') || ($item eq 'publisher')) && + next if ((($item eq 'author') || ($item eq 'publisher')) && ($type eq 'templates')); $confhash{$type}{$key}{$item} = $env{'form.'.$type.'_'.$item.'_'.$i}; if ($domconfig{$action}{$type}{$key}{$item} ne $confhash{$type}{$key}{$item}) { @@ -8869,7 +9043,7 @@ sub modify_quotas { } } elsif ($confhash{'validation'}{'dc'} ne '') { $changes{'validation'}{'dc'} = $confhash{'validation'}{'dc'}; - } + } } else { if (ref($domconfig{'requestcourses'}) eq 'HASH') { if (ref($domconfig{'requestcourses'}{'validation'}) eq 'HASH') { @@ -10159,7 +10333,7 @@ sub modify_autocreate { } sub modify_directorysrch { - my ($dom,%domconfig) = @_; + my ($dom,$lastactref,%domconfig) = @_; my ($resulttext,%changes); my %currdirsrch; if (ref($domconfig{'directorysrch'}) eq 'HASH') { @@ -10170,7 +10344,7 @@ sub modify_directorysrch { my %title = ( available => 'Institutional directory search available', localonly => 'Other domains can search institution', lcavailable => 'LON-CAPA directory search available', - lclocalonly => 'Other domains can search LON-CAPA domain', + lclocalonly => 'Other domains can search LON-CAPA domain', searchby => 'Search types', searchtypes => 'Search latitude'); my @offon = ('off','on'); @@ -10264,27 +10438,27 @@ sub modify_directorysrch { } } if (exists($currdirsrch{'lcavailable'})) { - if ($currdirsrch{'lcavailable'} ne $env{'form.dirsrch_domavailable'}) { - $changes{'lcavailable'} = 1; - } + if ($currdirsrch{'lcavailable'} ne $env{'form.dirsrch_domavailable'}) { + $changes{'lcavailable'} = 1; + } } else { if ($env{'form.dirsrch_lcavailable'} eq '1') { $changes{'lcavailable'} = 1; } } if (exists($currdirsrch{'localonly'})) { - if ($currdirsrch{'localonly'} ne $env{'form.dirsrch_instlocalonly'}) { - $changes{'localonly'} = 1; - } + if ($currdirsrch{'localonly'} ne $env{'form.dirsrch_instlocalonly'}) { + $changes{'localonly'} = 1; + } } else { if ($env{'form.dirsrch_instlocalonly'} eq '1') { $changes{'localonly'} = 1; } } if (exists($currdirsrch{'lclocalonly'})) { - if ($currdirsrch{'lclocalonly'} ne $env{'form.dirsrch_domlocalonly'}) { - $changes{'lclocalonly'} = 1; - } + if ($currdirsrch{'lclocalonly'} ne $env{'form.dirsrch_domlocalonly'}) { + $changes{'lclocalonly'} = 1; + } } else { if ($env{'form.dirsrch_domlocalonly'} eq '1') { $changes{'lclocalonly'} = 1; @@ -10303,7 +10477,7 @@ sub modify_directorysrch { } if ($changes{'lclocalonly'}) { $resulttext .= '
  • '.&mt("$title{'lclocalonly'} set to: $otherdoms[$env{'form.dirsrch_domlocalonly'}]").'
    • '; - } + } if (ref($changes{'cansearch'}) eq 'ARRAY') { my $chgtext; if (ref($usertypes) eq 'HASH') { @@ -10353,6 +10527,10 @@ sub modify_directorysrch { $resulttext .= '
  • '.&mt($title{'searchtypes'}.' set to: "[_1]"',$chgtext).'
    • '; } $resulttext .= ''; + &Apache::lonnet::do_cache_new('directorysrch',$dom,$dirsrch_hash{'directorysrch'},3600); + if (ref($lastactref) eq 'HASH') { + $lastactref->{'directorysrch'} = 1; + } } else { $resulttext = &mt('No changes made to directory search settings'); } @@ -10386,7 +10564,7 @@ sub modify_contacts { } else { $contacts_hash{contacts}{$type}{$item} = 0; } - } + } $others{$type} = $env{'form.'.$type.'_others'}; $contacts_hash{contacts}{$type}{'others'} = $others{$type}; if (($type eq 'helpdeskmail') || ($type eq 'otherdomsmail')) { @@ -10444,7 +10622,7 @@ sub modify_contacts { if ($others{$type} ne $currsetting{$type}{'others'}) { push(@{$changes{$type}},'others'); } - if (($type eq 'helpdeskmail') || ($type eq 'otherdomsmail')) { + if (($type eq 'helpdeskmail') || ($type eq 'otherdomsmail')) { if ($bcc{$type} ne $currsetting{$type}{'bcc'}) { push(@{$changes{$type}},'bcc'); } @@ -10522,7 +10700,7 @@ sub modify_contacts { } } } - } + } } foreach my $item (@toggles) { if (($env{'form.'.$item} == 1) && ($currsetting{$item} == 0)) { @@ -10553,7 +10731,7 @@ sub modify_contacts { foreach my $type (@mailings) { if (ref($changes{$type}) eq 'ARRAY') { if (($type eq 'helpdeskmail') || ($type eq 'otherdomsmail')) { - $resulttext .= '
  • '.$titles->{$type}.' -- '.&mt('sent to').': '; + $resulttext .= '
  • '.$titles->{$type}.' -- '.&mt('sent to').': '; } else { $resulttext .= '
  • '.$titles->{$type}.': '; } @@ -10572,7 +10750,7 @@ sub modify_contacts { if ($bcc{$type} ne '') { my $bcctext; if (@text) { - $bcctext = ' '.&mt('with Bcc to'); + $bcctext = ' '.&mt('with Bcc to'); } else { $bcctext = '(Bcc)'; } @@ -10580,7 +10758,7 @@ sub modify_contacts { } elsif (!@text) { $resulttext .= &mt('No one'); } - if ($includestr{$type} ne '') { + if ($includestr{$type} ne '') { if ($includeloc{$type} eq 'b') { $resulttext .= '
    '.&mt('Text automatically added to e-mail body:').' '.$includestr{$type}; } elsif ($includeloc{$type} eq 's') { @@ -10618,11 +10796,11 @@ sub modify_contacts { next; } if ($contacts_hash{'contacts'}{'helpform'}{$field} eq 'yes') { - push(@optional,$field); + push(@optional,$field); } elsif ($contacts_hash{'contacts'}{'helpform'}{$field} eq 'no') { push(@unused,$field); } elsif ($contacts_hash{'contacts'}{'helpform'}{$field} eq 'req') { - push(@required,$field); + push(@required,$field); } } if (@optional) { @@ -11678,7 +11856,8 @@ sub modify_defaults { my ($dom,$lastactref,%domconfig) = @_; my ($resulttext,$mailmsgtxt,%newvalues,%changes,@errors); my %domdefaults = &Apache::lonnet::get_domain_defaults($dom,1); - my @items = ('auth_def','auth_arg_def','lang_def','timezone_def','datelocale_def','portal_def'); + my @items = ('auth_def','auth_arg_def','lang_def','timezone_def','datelocale_def', + 'portal_def','intauth_cost','intauth_check','intauth_switch'); my @authtypes = ('internal','krb4','krb5','localauth'); foreach my $item (@items) { $newvalues{$item} = $env{'form.'.$item}; @@ -11720,6 +11899,24 @@ sub modify_defaults { push(@errors,$item); } } + } elsif ($item eq 'intauth_cost') { + if ($newvalues{$item} ne '') { + if ($newvalues{$item} =~ /\D/) { + push(@errors,$item); + } + } + } elsif ($item eq 'intauth_check') { + if ($newvalues{$item} ne '') { + unless ($newvalues{$item} =~ /^(0|1|2)$/) { + push(@errors,$item); + } + } + } elsif ($item eq 'intauth_switch') { + if ($newvalues{$item} ne '') { + unless ($newvalues{$item} =~ /^(0|1|2)$/) { + push(@errors,$item); + } + } } if (grep(/^\Q$item\E$/,@errors)) { $newvalues{$item} = $domdefaults{$item}; @@ -11874,6 +12071,28 @@ sub modify_defaults { localauth => 'loc', ); $value = $authnames{$shortauth{$value}}; + } elsif ($item eq 'intauth_switch') { + my %optiondesc = &Apache::lonlocal::texthash ( + 0 => 'No', + 1 => 'Yes', + 2 => 'Yes, and copy existing passwd file to passwd.bak file', + ); + if ($value =~ /^(0|1|2)$/) { + $value = $optiondesc{$value}; + } else { + $value = &mt('none -- defaults to No'); + } + } elsif ($item eq 'intauth_check') { + my %optiondesc = &Apache::lonlocal::texthash ( + 0 => 'No', + 1 => 'Yes, allow login then update passwd file using default cost (if higher)', + 2 => 'Yes, disallow login if stored cost is less than domain default', + ); + if ($value =~ /^(0|1|2)$/) { + $value = $optiondesc{$value}; + } else { + $value = &mt('none -- defaults to No'); + } } $resulttext .= '
  • '.&mt('[_1] set to "[_2]"',$title->{$item},$value).'
    • '; $mailmsgtext .= "$title->{$item} set to $value\n"; @@ -12458,14 +12677,16 @@ sub modify_helpsettings { my %existing=&Apache::lonnet::dump('roles',$dom,$confname,'rolesdef_'); my (@allpos,%newsettings,%changedprivs,$newrole); my ($othertitle,$usertypes,$types) = &Apache::loncommon::sorted_inst_types($dom); - my @accesstypes = ('all','none','status','inc','exc'); - my %domhelpdesk = &Apache::lonnet::get_active_domroles($dom,['dh']); + my @accesstypes = ('all','dh','da','none','status','inc','exc'); + my %domhelpdesk = &Apache::lonnet::get_active_domroles($dom,['dh','da']); my %lt = &Apache::lonlocal::texthash( s => 'system', d => 'domain', order => 'Display order', access => 'Role usage', - all => 'All', + all => 'All with domain helpdesk or helpdesk assistant role', + dh => 'All with domain helpdesk role', + da => 'All with domain helpdesk assistant role', none => 'None', status => 'Determined based on institutional status', inc => 'Include all, but exclude specific personnel', @@ -12501,7 +12722,7 @@ sub modify_helpsettings { $identifier = 'custhelp'.$num; my %newprivs = &Apache::lonuserutils::custom_role_update($rolename,$identifier); my %currprivs; - ($currprivs{'s'},$currprivs{'d'},$currprivs{'c'}) = + ($currprivs{'s'},$currprivs{'d'},$currprivs{'c'}) = split(/\_/,$existing{'rolesdef_'.$rolename}); foreach my $level ('c','d','s') { if ($newprivs{$level} ne $currprivs{$level}) { @@ -12543,7 +12764,7 @@ sub modify_helpsettings { if ($access eq 'status') { my @statuses = &Apache::loncommon::get_env_multiple('form.'.$prefix.'_status'); if (scalar(@statuses) == 0) { - $helphash{'helpsettings'}{'adhoc'}{$rolename}{'access'} = 'none'; + $helphash{'helpsettings'}{'adhoc'}{$rolename}{'access'} = 'none'; } else { my (@shownstatus,$numtypes); $helphash{'helpsettings'}{'adhoc'}{$rolename}{$access} = []; @@ -12616,7 +12837,7 @@ sub modify_helpsettings { if (ref($current{'adhoc'}{$rolename}) eq 'HASH') { if ($current{'adhoc'}{$rolename}{'order'} ne $idx) { $changes{'customrole'}{$rolename}{'order'} = 1; - $newsettings{$rolename}{'order'} = $idx+1; + $newsettings{$rolename}{'order'} = $idx+1; } } } @@ -12814,7 +13035,7 @@ sub modify_coursedefaults { $changes{$item} = 1; } } elsif ($item =~ /^(uploadquota|mysqltables)_/) { - my $setting = $1; + my $setting = $1; unless (($currdef eq '') && ($newdef == $staticdefaults{$setting})) { $changes{$setting} = 1; } @@ -12829,7 +13050,7 @@ sub modify_coursedefaults { } } my $newclone; - if ($env{'form.canclone'} =~ /^(none|domain|instcode)$/) { + if ($env{'form.canclone'} =~ /^(none|domain|instcode)$/) { $newclone = $env{'form.canclone'}; } if ($newclone eq 'instcode') { @@ -12852,8 +13073,8 @@ sub modify_coursedefaults { $newclone eq ''; } } elsif ($newclone ne '') { - $defaultshash{'coursedefaults'}{'canclone'} = $newclone; - } + $defaultshash{'coursedefaults'}{'canclone'} = $newclone; + } if ($newclone ne $currclone) { $changes{'canclone'} = 1; } @@ -12871,10 +13092,10 @@ sub modify_coursedefaults { $defaultshash{'coursedefaults'}{'coursecredits'}{$type} = $credits{$type}; } } else { - if ($env{'form.coursecredits'} eq '1') { + if ($env{'form.coursecredits'} eq '1') { foreach my $type (@types) { unless ($type eq 'community') { - if ($domconfig{'coursedefaults'}{'coursecredits'}{$type} ne $credits{$type}) { + if ($domconfig{'coursedefaults'}{'coursecredits'}{$type} ne $credits{$type}) { $changes{'coursecredits'} = 1; } $defaultshash{'coursedefaults'}{'coursecredits'}{$type} = $credits{$type}; @@ -12917,7 +13138,7 @@ sub modify_coursedefaults { } if (exists($currtimeout{$type})) { if ($timeout ne $currtimeout{$type}) { - $changes{'postsubmit'} = 1; + $changes{'postsubmit'} = 1; } } elsif ($timeout ne '') { $changes{'postsubmit'} = 1; @@ -12946,7 +13167,7 @@ sub modify_coursedefaults { if ($changes{$item}) { $domdefaults{$item}=$defaultshash{'coursedefaults'}{$item}; } - } + } if ($changes{'coursecredits'}) { if (ref($defaultshash{'coursedefaults'}{'coursecredits'}) eq 'HASH') { foreach my $type (keys(%{$defaultshash{'coursedefaults'}{'coursecredits'}})) { @@ -13009,7 +13230,7 @@ sub modify_coursedefaults { if ($env{'form.'.$item} eq '1') { $resulttext .= '
  • '.&mt('Molecule editor uses JSME (HTML5), if supported by browser.').'
    • '; } else { - $resulttext .= '
  • '.&mt('Molecule editor uses JME (Java), if supported by client OS.').'
    • '; + $resulttext .= '
  • '.&mt('Molecule editor uses JME (Java), if supported by client OS.').'
    • '; } } elsif ($item eq 'anonsurvey_threshold') { $resulttext .= '
  • '.&mt('Responder count required for display of anonymous survey submissions set to [_1].',$defaultshash{'coursedefaults'}{'anonsurvey_threshold'}).'
    • '; @@ -13044,7 +13265,7 @@ sub modify_coursedefaults { $resulttext .= '
  • '.&mt('Submit button(s) remain enabled on page after student makes submission.'); } else { $resulttext .= '
  • '.&mt('Submit button(s) disabled on page after student makes submission').'; '; - if (ref($defaultshash{'coursedefaults'}{'postsubmit'}) eq 'HASH') { + if (ref($defaultshash{'coursedefaults'}{'postsubmit'}) eq 'HASH') { $resulttext .= &mt('durations:').''; } - $resulttext .= '
    • '; + $resulttext .= ''; } } elsif ($item eq 'coursecredits') { if (ref($defaultshash{'coursedefaults'}{'coursecredits'}) eq 'HASH') { @@ -13103,7 +13324,7 @@ sub modify_coursedefaults { } elsif ($defaultshash{'coursedefaults'}{'canclone'} eq 'domain') { $resulttext .= '
  • '.&mt('By default, a course requester can clone any course from his/her domain.').'
    • '; } else { - $resulttext .= '
  • '.&mt('By default, only course owner and coordinators may clone a course.').'
    • '; + $resulttext .= '
  • '.&mt('By default, only course owner and coordinators may clone a course.').'
    • '; } } } @@ -13558,7 +13779,7 @@ sub modify_usersessions { } } unless ($changes{'offloadnow'}) { - foreach my $lonhost (keys(%{$defaultshash{'usersessions'}{'offloadnow'}})) { + foreach my $lonhost (keys(%{$defaultshash{'usersessions'}{'offloadnow'}})) { unless ($domconfig{'usersessions'}{'offloadnow'}{$lonhost}) { $changes{'offloadnow'} = 1; last; @@ -13589,8 +13810,10 @@ sub modify_usersessions { } my $cachetime = 24*60*60; &Apache::lonnet::do_cache_new('domdefaults',$dom,\%domdefaults,$cachetime); + &Apache::lonnet::do_cache_new('usersessions',$dom,$defaultshash{'usersessions'},3600); if (ref($lastactref) eq 'HASH') { $lastactref->{'domdefaults'} = 1; + $lastactref->{'usersessions'} = 1; } if (keys(%changes) > 0) { my %lt = &usersession_titles(); @@ -13691,7 +13914,7 @@ sub modify_ssl { my %servers = &Apache::lonnet::internet_dom_servers($dom); my (%defaultshash,%changes); my $action = 'ssl'; - my @prefixes = ('connect','replication'); + my @prefixes = ('connto','connfrom','replication'); foreach my $prefix (@prefixes) { $defaultshash{$action}{$prefix} = {}; } @@ -13701,12 +13924,13 @@ sub modify_ssl { my @reptypes = ('certreq','nocertreq'); my @connecttypes = ('dom','intdom','other'); my %types = ( - connect => \@connecttypes, - replication => \@reptypes, + connto => \@connecttypes, + connfrom => \@connecttypes, + replication => \@reptypes, ); foreach my $prefix (sort(keys(%types))) { foreach my $type (@{$types{$prefix}}) { - if ($prefix eq 'connect') { + if (($prefix eq 'connto') || ($prefix eq 'connfrom')) { my $value = 'yes'; if ($env{'form.'.$prefix.'_'.$type} =~ /^(no|req)$/) { $value = $env{'form.'.$prefix.'_'.$type}; @@ -13795,8 +14019,11 @@ sub modify_ssl { if (ref($defaultshash{$action}{'replication'}) eq 'HASH') { $domdefaults{'replication'} = $defaultshash{$action}{'replication'}; } - if (ref($defaultshash{$action}{'connect'}) eq 'HASH') { - $domdefaults{'connect'} = $domconfig{$action}{'connect'}; + if (ref($defaultshash{$action}{'connto'}) eq 'HASH') { + $domdefaults{'connto'} = $domconfig{$action}{'connto'}; + } + if (ref($defaultshash{$action}{'connfrom'}) eq 'HASH') { + $domdefaults{'connfrom'} = $domconfig{$action}{'connfrom'}; } } my $cachetime = 24*60*60; @@ -13815,7 +14042,7 @@ sub modify_ssl { my $newvalue; if (ref($defaultshash{$action}) eq 'HASH') { if (ref($defaultshash{$action}{$prefix})) { - if ($prefix eq 'connect') { + if (($prefix eq 'connto') || ($prefix eq 'connfrom')) { $newvalue = $titles{$defaultshash{$action}{$prefix}{$type}}; } elsif (ref($defaultshash{$action}{$prefix}{$type}) eq 'ARRAY') { if (@{$defaultshash{$action}{$prefix}{$type}} > 0) { @@ -14076,7 +14303,7 @@ sub modify_loadbalancing { } if ($rule eq 'specific') { my $specifiedhost = $env{'form.loadbalancing_singleserver_'.$i.'_'.$type}; - if (exists($servers{$specifiedhost})) { + if (exists($servers{$specifiedhost})) { $rule = $specifiedhost; } } @@ -14152,7 +14379,7 @@ sub modify_loadbalancing { if ($rule eq '') { $balancetext = $ruletitles{'default'}; } elsif (($rule eq 'homeserver') || ($rule eq 'externalbalancer') || - ($type eq '_LC_ipchange') || ($type eq '_LC_ipchangesso')) { + ($type eq '_LC_ipchange') || ($type eq '_LC_ipchangesso')) { if (($type eq '_LC_ipchange') || ($type eq '_LC_ipchangesso')) { foreach my $sparetype (@sparestypes) { if (ref($defaultshash{'loadbalancing'}{$balancer}{'targets'}{$sparetype}) eq 'ARRAY') { @@ -14879,7 +15106,7 @@ function updateCaptcha(caller,context) { privtext.innerHTML = "$lt{'priv'}"; versionitem.type = 'text'; versionitem.size = '3'; - versiontext.innerHTML = "$lt{'ver'}"; + versiontext.innerHTML = "$lt{'ver'}"; } else { pubitem.type = 'hidden'; privitem.type = 'hidden'; @@ -14952,7 +15179,7 @@ sub captcha_phrases { original => 'original (CAPTCHA)', recaptcha => 'successor (ReCAPTCHA)', notused => 'unused', - ver => 'ReCAPTCHA version (1 or 2)', + ver => 'ReCAPTCHA version (1 or 2)', ); } @@ -14962,7 +15189,7 @@ sub devalidate_remote_domconfs { my %servers = &Apache::lonnet::internet_dom_servers($dom); my %thismachine; map { $thismachine{$_} = 1; } &Apache::lonnet::current_machine_ids(); - my @posscached = ('domainconfig','domdefaults','ltitools'); + my @posscached = ('domainconfig','domdefaults','ltitools','usersessions','directorysrch'); if (keys(%servers)) { foreach my $server (keys(%servers)) { next if ($thismachine{$server});
    '.&mt($item->{'header'}->[3]->{'col1'}).''.&mt($item->{'header'}->[3]->{'col2'}).'
    '.&mt('Extra helpdesk form fields:').'
    '. &mt('(e-mail, subject, and description always shown)'). '    		'; - if ((ref($fields) eq 'ARRAY') && (ref($fieldtitles) eq 'HASH') && + if ((ref($fields) eq 'ARRAY') && (ref($fieldtitles) eq 'HASH') && (ref($fieldoptions) eq 'HASH') && (ref($possoptions) eq 'HASH')) { $datatable .= ''; foreach my $field (@{$fields}) { @@ -3188,7 +3214,7 @@ sub contacts_javascript { function screenshotSize(field) { if (document.getElementById('help_screenshotsize')) { if (field.value == 'no') { - document.getElementById('help_screenshotsize').style.display="none"; + document.getElementById('help_screenshotsize').style.display="none"; } else { document.getElementById('help_screenshotsize').style.display=""; } @@ -3250,7 +3276,7 @@ sub print_helpsettings { my $context = 'domprefs'; my $crstype = 'Course'; my ($othertitle,$usertypes,$types) = &Apache::loncommon::sorted_inst_types($dom); - my @accesstypes = ('all','none'); + my @accesstypes = ('all','dh','da','none'); my ($numstatustypes,@jsarray); if (ref($types) eq 'ARRAY') { if (@{$types} > 0) { @@ -3259,7 +3285,7 @@ sub print_helpsettings { @jsarray = ('bystatus'); } } - my %domhelpdesk = &Apache::lonnet::get_active_domroles($dom,['dh']); + my %domhelpdesk = &Apache::lonnet::get_active_domroles($dom,['dh','da']); if (keys(%domhelpdesk)) { push(@accesstypes,('inc','exc')); push(@jsarray,('notinc','notexc')); @@ -3468,7 +3494,7 @@ function helpdeskAccess(num) { shown = Array('notinc'); hidden = Array('notexc','bystatus'); } - if (curraccess == 'all') { + if ((curraccess == 'all') || (curraccess == 'dh') || (curraccess == 'da')) { hidden = Array('notinc','notexc','bystatus'); } } @@ -3497,7 +3523,7 @@ function helpdeskAccess(num) { function toggleHelpdeskItem(num,field) { if (document.getElementById('helproles_'+num+'_'+field)) { if (document.getElementById('helproles_'+num+'_'+field).className.match(/(?:^|\\s)LC_hidden(?!\\S)/)) { - document.getElementById('helproles_'+num+'_'+field).className = + document.getElementById('helproles_'+num+'_'+field).className = document.getElementById('helproles_'+num+'_'+field).className.replace(/(?:^|\\s)LC_hidden(?!\\S)/g ,''); if (document.getElementById('helproles_'+num+'_'+field+'_vis')) { document.getElementById('helproles_'+num+'_'+field+'_vis').value = '$html_js_lt{hide}'; @@ -3525,7 +3551,9 @@ sub helpdeskroles_access { my %lt = &Apache::lonlocal::texthash( 'rou' => 'Role usage', 'whi' => 'Which helpdesk personnel may use this role?', - 'all' => 'All', + 'all' => 'All with domain helpdesk or helpdesk assistant role', + 'dh' => 'All with domain helpdesk role', + 'da' => 'All with domain helpdesk assistant role', 'none' => 'None', 'status' => 'Determined based on institutional status', 'inc' => 'Include all, but exclude specific personnel', @@ -3623,7 +3651,7 @@ sub radiobutton_prefs { } else { $datatable .= ''; + ' value="'.$currmysql{$type}.'" size="8" />'; } $datatable .= '
    '.&mt('Field').''.&mt('Status').'
    '; } - $datatable .= + $datatable .= ''. ''.&mt($type).'
    '. '
    '.$titles->{$item}. + ''; + if ($item eq 'intauth_switch') { + my @options = (0,1,2); + my %optiondesc = &Apache::lonlocal::texthash ( + 0 => 'No', + 1 => 'Yes', + 2 => 'Yes, and copy existing passwd file to passwd.bak file', + ); + $datatable .= ''; + foreach my $option (@options) { + my $checked = ' '; + if ($defaults{$item} eq $option) { + $checked = ' checked="checked"'; + } + $datatable .= ''; + } + $datatable .= '
    '. + '
    '; + } elsif ($item eq 'intauth_check') { + my @options = (0,1,2); + my %optiondesc = &Apache::lonlocal::texthash ( + 0 => 'No', + 1 => 'Yes, allow login then update passwd file using default cost (if higher)', + 2 => 'Yes, disallow login if stored cost is less than domain default', + ); + $datatable .= ''; + foreach my $option (@options) { + my $checked = ' '; + my $onclick; + if ($defaults{$item} eq $option) { + $checked = ' checked="checked"'; + } + if ($option == 2) { + $onclick = ' onclick="javascript:warnIntAuth(this);"'; + } + $datatable .= ''; + } + $datatable .= '
    '. + '
    '; + } else { + $datatable .= ''; + } + $datatable .= '