'.
- '| '.&mt('Domain: [_1]',$domain).' | '.
+ ''.&mt('Domain: [_1]',''.$domain.'').' | '.
'';
foreach my $item ('remoteip','ipheader','trusted','vpnint','vpnext','sslopt') {
my $showval = &mt('None');
@@ -7526,6 +7751,8 @@ sub print_wafproxy {
$showval = $values{$domain}{$item};
if ($item eq 'ssl') {
$showval = $lt{'alltossl'};
+ } elsif ($item eq 'remoteip') {
+ $showval = $ip_methods{$values{$domain}{$item}};
}
}
$datatable .= ''.
@@ -11177,12 +11404,14 @@ sub usertype_update_row {
sub modify_login {
my ($r,$dom,$confname,$lastactref,%domconfig) = @_;
my ($resulttext,$errors,$colchgtext,%changes,%colchanges,%newfile,%newurl,
- %curr_loginvia,%loginhash,@currlangs,@newlangs,$addedfile,%title,@offon);
+ %curr_loginvia,%loginhash,@currlangs,@newlangs,$addedfile,%title,@offon,
+ %currsaml,%saml,%samltext,%samlimg,%samlalt,%samlurl,%samltitle,%samlnotsso);
%title = ( coursecatalog => 'Display course catalog',
adminmail => 'Display administrator E-mail address',
helpdesk => 'Display "Contact Helpdesk" link',
newuser => 'Link for visitors to create a user account',
- loginheader => 'Log-in box header');
+ loginheader => 'Log-in box header',
+ saml => 'Dual SSO and non-SSO login');
@offon = ('off','on');
if (ref($domconfig{login}) eq 'HASH') {
if (ref($domconfig{login}{loginvia}) eq 'HASH') {
@@ -11190,6 +11419,20 @@ sub modify_login {
$curr_loginvia{$lonhost} = $domconfig{login}{loginvia}{$lonhost};
}
}
+ if (ref($domconfig{login}{'saml'}) eq 'HASH') {
+ foreach my $lonhost (keys(%{$domconfig{login}{'saml'}})) {
+ if (ref($domconfig{login}{'saml'}{$lonhost}) eq 'HASH') {
+ $currsaml{$lonhost} = $domconfig{login}{'saml'}{$lonhost};
+ $saml{$lonhost} = 1;
+ $samltext{$lonhost} = $domconfig{login}{'saml'}{$lonhost}{'text'};
+ $samlurl{$lonhost} = $domconfig{login}{'saml'}{$lonhost}{'url'};
+ $samlalt{$lonhost} = $domconfig{login}{'saml'}{$lonhost}{'alt'};
+ $samlimg{$lonhost} = $domconfig{login}{'saml'}{$lonhost}{'img'};
+ $samltitle{$lonhost} = $domconfig{login}{'saml'}{$lonhost}{'title'};
+ $samlnotsso{$lonhost} = $domconfig{login}{'saml'}{$lonhost}{'notsso'};
+ }
+ }
+ }
}
($errors,%colchanges) = &modify_colors($r,$dom,$confname,['login'],
\%domconfig,\%loginhash);
@@ -11436,6 +11679,86 @@ sub modify_login {
$errors .= ''.$error.'';
}
}
+ my @delsamlimg = &Apache::loncommon::get_env_multiple('form.saml_img_del');
+ my @newsamlimgs;
+ foreach my $lonhost (keys(%domservers)) {
+ if ($env{'form.saml_'.$lonhost}) {
+ if ($env{'form.saml_img_'.$lonhost.'.filename'}) {
+ push(@newsamlimgs,$lonhost);
+ }
+ foreach my $item ('text','alt','url','title','notsso') {
+ $env{'form.saml_'.$item.'_'.$lonhost} =~ s/^\s+|\s+$//g;
+ }
+ if ($saml{$lonhost}) {
+ if (grep(/^\Q$lonhost\E$/,@delsamlimg)) {
+#FIXME Need to obsolete published image
+ delete($currsaml{$lonhost}{'img'});
+ $changes{'saml'}{$lonhost} = 1;
+ }
+ if ($env{'form.saml_alt_'.$lonhost} ne $samlalt{$lonhost}) {
+ $changes{'saml'}{$lonhost} = 1;
+ }
+ if ($env{'form.saml_text_'.$lonhost} ne $samltext{$lonhost}) {
+ $changes{'saml'}{$lonhost} = 1;
+ }
+ if ($env{'form.saml_url_'.$lonhost} ne $samlurl{$lonhost}) {
+ $changes{'saml'}{$lonhost} = 1;
+ }
+ if ($env{'form.saml_title_'.$lonhost} ne $samltitle{$lonhost}) {
+ $changes{'saml'}{$lonhost} = 1;
+ }
+ if ($env{'form.saml_notsso_'.$lonhost} ne $samlnotsso{$lonhost}) {
+ $changes{'saml'}{$lonhost} = 1;
+ }
+ } else {
+ $changes{'saml'}{$lonhost} = 1;
+ }
+ foreach my $item ('text','alt','url','title','notsso') {
+ $currsaml{$lonhost}{$item} = $env{'form.saml_'.$item.'_'.$lonhost};
+ }
+ } else {
+ delete($currsaml{$lonhost});
+ }
+ }
+ foreach my $posshost (keys(%currsaml)) {
+ unless (exists($domservers{$posshost})) {
+ delete($currsaml{$posshost});
+ }
+ }
+ %{$loginhash{'login'}{'saml'}} = %currsaml;
+ if (@newsamlimgs) {
+ my $error;
+ my ($configuserok,$author_ok,$switchserver) = &config_check($dom,$confname,$servadm);
+ if ($configuserok eq 'ok') {
+ if ($switchserver) {
+ $error = &mt("Upload of SSO Button Image is not permitted to this server: [_1].",$switchserver);
+ } elsif ($author_ok eq 'ok') {
+ foreach my $lonhost (@newsamlimgs) {
+ my $formelem = 'saml_img_'.$lonhost;
+ my ($result,$imgurl) = &publishlogo($r,'upload',$formelem,$dom,$confname,
+ "login/saml/$lonhost",'','',
+ $env{'form.saml_img_'.$lonhost.'.filename'});
+ if ($result eq 'ok') {
+ $currsaml{$lonhost}{'img'} = $imgurl;
+ $loginhash{'login'}{'saml'}{$lonhost}{'img'} = $imgurl;
+ $changes{'saml'}{$lonhost} = 1;
+ } else {
+ my $puberror = &mt("Upload of SSO button image failed for [_1] because an error occurred publishing the file in RES space. Error was: [_2].",
+ $lonhost,$result);
+ $errors .= ''.$puberror.'';
+ }
+ }
+ } else {
+ $error = &mt("Upload of SSO button image file(s) failed because an author role could not be assigned to a Domain Configuration user ([_1]) in domain: [_2]. Error was: [_3].",$confname,$dom,$author_ok);
+ }
+ } else {
+ $error = &mt("Upload of SSO button image file(s) failed because a Domain Configuration user ([_1]) could not be created in domain: [_2]. Error was: [_3].",$confname,$dom,$configuserok);
+ }
+ if ($error) {
+ &Apache::lonnet::logthis($error);
+ $errors .= ''.$error.'';
+ }
+ }
&process_captcha('login',\%changes,$loginhash{'login'},$domconfig{'login'});
my $defaulthelpfile = '/adm/loginproblems.html';
@@ -11476,6 +11799,31 @@ sub modify_login {
}
if (keys(%changes) > 0 || $colchgtext) {
&Apache::loncommon::devalidate_domconfig_cache($dom);
+ if (exists($changes{'saml'})) {
+ my $hostid_in_use;
+ my @hosts = &Apache::lonnet::current_machine_ids();
+ if (@hosts > 1) {
+ foreach my $hostid (@hosts) {
+ if (&Apache::lonnet::host_domain($hostid) eq $dom) {
+ $hostid_in_use = $hostid;
+ last;
+ }
+ }
+ } else {
+ $hostid_in_use = $r->dir_config('lonHostID');
+ }
+ if (($hostid_in_use) &&
+ (&Apache::lonnet::host_domain($hostid_in_use) eq $dom)) {
+ &Apache::lonnet::devalidate_cache_new('samllanding',$hostid_in_use);
+ }
+ if (ref($lastactref) eq 'HASH') {
+ if (ref($changes{'saml'}) eq 'HASH') {
+ my %updates;
+ map { $updates{$_} = 1; } keys(%{$changes{'saml'}});
+ $lastactref->{'samllanding'} = \%updates;
+ }
+ }
+ }
if (ref($lastactref) eq 'HASH') {
$lastactref->{'domainconfig'} = 1;
}
@@ -11555,6 +11903,38 @@ sub modify_login {
}
}
}
+ } elsif ($item eq 'saml') {
+ if (ref($changes{$item}) eq 'HASH') {
+ my %notlt = (
+ text => 'Text for log-in by SSO',
+ img => 'SSO button image',
+ alt => 'Alt text for button image',
+ url => 'SSO URL',
+ title => 'Tooltip for SSO link',
+ notsso => 'Text for non-SSO log-in',
+ );
+ foreach my $lonhost (sort(keys(%{$changes{$item}}))) {
+ if (ref($currsaml{$lonhost}) eq 'HASH') {
+ $resulttext .= ''.&mt("$title{$item} in use for [_1]","$lonhost").
+ '';
+ foreach my $key ('text','img','alt','url','title','notsso') {
+ if ($currsaml{$lonhost}{$key} eq '') {
+ $resulttext .= '- '.&mt("$notlt{$key} not in use").'
';
+ } else {
+ my $value = "'$currsaml{$lonhost}{$key}'";
+ if ($key eq 'img') {
+ $value = ' ';
+ }
+ $resulttext .= '- '.&mt("$notlt{$key} set to: [_1]",
+ $value).'
';
+ }
+ }
+ $resulttext .= ' ';
+ } else {
+ $resulttext .= ''.&mt("$title{$item} not in use for [_1]",$lonhost).'';
+ }
+ }
+ }
} elsif ($item eq 'captcha') {
if (ref($loginhash{'login'}) eq 'HASH') {
my $chgtxt;
@@ -13523,7 +13903,7 @@ sub modify_ltitools {
my %ltienchash = (
$action => { %encconfig }
);
- &Apache::lonnet::put_dom('encconfig',\%ltienchash,$dom);
+ &Apache::lonnet::put_dom('encconfig',\%ltienchash,$dom,undef,1);
if (keys(%changes) > 0) {
my $cachetime = 24*60*60;
my %ltiall = %confhash;
@@ -14097,7 +14477,7 @@ sub modify_proctoring {
my %proc_enchash = (
$action => { %encconfhash }
);
- &Apache::lonnet::put_dom('encconfig',\%proc_enchash,$dom);
+ &Apache::lonnet::put_dom('encconfig',\%proc_enchash,$dom,undef,1);
if (keys(%changes) > 0) {
my $cachetime = 24*60*60;
my %procall = %confhash;
@@ -14589,7 +14969,7 @@ sub modify_lti {
my %ltienchash = (
$action => { %encconfig }
);
- &Apache::lonnet::put_dom('encconfig',\%ltienchash,$dom);
+ &Apache::lonnet::put_dom('encconfig',\%ltienchash,$dom,undef,1);
if (keys(%changes) > 0) {
my $cachetime = 24*60*60;
my %ltiall = %confhash;
@@ -14931,8 +15311,10 @@ sub modify_autoupdate {
}
my @offon = ('off','on');
my %title = &Apache::lonlocal::texthash (
- run => 'Auto-update:',
- classlists => 'Updates to user information in classlists?'
+ run => 'Auto-update:',
+ classlists => 'Updates to user information in classlists?',
+ unexpired => 'Skip updates for users without active or future roles?',
+ lastactive => 'Skip updates for inactive users?',
);
my ($othertitle,$usertypes,$types) = &Apache::loncommon::sorted_inst_types($dom);
my %fieldtitles = &Apache::lonlocal::texthash (
@@ -14976,12 +15358,23 @@ sub modify_autoupdate {
my %updatehash = (
autoupdate => { run => $env{'form.autoupdate_run'},
classlists => $env{'form.classlists'},
+ unexpired => $env{'form.unexpired'},
fields => {%fields},
lockablenames => \@lockablenames,
}
);
+ my $lastactivedays;
+ if ($env{'form.lastactive'}) {
+ $lastactivedays = $env{'form.lastactivedays'};
+ $lastactivedays =~ s/^\s+|\s+$//g;
+ unless ($lastactivedays =~ /^\d+$/) {
+ undef($lastactivedays);
+ $env{'form.lastactive'} = 0;
+ }
+ }
+ $updatehash{'autoupdate'}{'lastactive'} = $lastactivedays;
foreach my $key (keys(%currautoupdate)) {
- if (($key eq 'run') || ($key eq 'classlists')) {
+ if (($key eq 'run') || ($key eq 'classlists') || ($key eq 'unexpired') || ($key eq 'lastactive')) {
if (exists($updatehash{autoupdate}{$key})) {
if ($currautoupdate{$key} ne $updatehash{autoupdate}{$key}) {
$changes{$key} = 1;
@@ -15027,6 +15420,16 @@ sub modify_autoupdate {
$changes{'lockablenames'} = 1;
}
}
+ unless (grep(/^unexpired$/,keys(%currautoupdate))) {
+ if ($updatehash{'autoupdate'}{'unexpired'}) {
+ $changes{'unexpired'} = 1;
+ }
+ }
+ unless (grep(/^lastactive$/,keys(%currautoupdate))) {
+ if ($updatehash{'autoupdate'}{'lastactive'} ne '') {
+ $changes{'lastactive'} = 1;
+ }
+ }
foreach my $item (@{$types},'default') {
if (defined($fields{$item})) {
if (ref($currautoupdate{'fields'}) eq 'HASH') {
@@ -15089,6 +15492,11 @@ sub modify_autoupdate {
my $newvalue;
if ($key eq 'run') {
$newvalue = $offon[$env{'form.autoupdate_run'}];
+ } elsif ($key eq 'lastactive') {
+ $newvalue = $offon[$env{'form.lastactive'}];
+ unless ($lastactivedays eq '') {
+ $newvalue .= '; '.&mt('inactive = no activity in last [quant,_1,day]',$lastactivedays);
+ }
} else {
$newvalue = $offon[$env{'form.'.$key}];
}
@@ -21811,6 +22219,25 @@ sub devalidate_remote_domconfs {
map { $thismachine{$_} = 1; } &Apache::lonnet::current_machine_ids();
my @posscached = ('domainconfig','domdefaults','ltitools','usersessions',
'directorysrch','passwdconf','cats','proxyalias');
+ my %cache_by_lonhost;
+ if (exists($cachekeys->{'samllanding'})) {
+ if (ref($cachekeys->{'samllanding'}) eq 'HASH') {
+ my %landing = %{$cachekeys->{'samllanding'}};
+ my %domservers = &Apache::lonnet::get_servers($dom);
+ if (keys(%domservers)) {
+ foreach my $server (keys(%domservers)) {
+ my @cached;
+ next if ($thismachine{$server});
+ if ($landing{$server}) {
+ push(@cached,&escape('samllanding').':'.&escape($server));
+ }
+ if (@cached) {
+ $cache_by_lonhost{$server} = \@cached;
+ }
+ }
+ }
+ }
+ }
if (keys(%servers)) {
foreach my $server (keys(%servers)) {
next if ($thismachine{$server});
@@ -21818,7 +22245,7 @@ sub devalidate_remote_domconfs {
foreach my $name (@posscached) {
if ($cachekeys->{$name}) {
if ($name eq 'proxyalias') {
- if (ref($cachekeys->{$name}) eq 'HASH') {
+ if (ref($cachekeys->{$name}) eq 'HASH') {
foreach my $key (keys(%{$cachekeys->{$name}})) {
push(@cached,&escape($name).':'.&escape($key));
}
@@ -21828,6 +22255,10 @@ sub devalidate_remote_domconfs {
}
}
}
+ if ((exists($cache_by_lonhost{$server})) &&
+ (ref($cache_by_lonhost{$server}) eq 'ARRAY')) {
+ push(@cached,@{$cache_by_lonhost{$server}});
+ }
if (@cached) {
&Apache::lonnet::remote_devalidate_cache($server,\@cached);
}
|