--- loncom/interface/lonconfigsettings.pm	2015/06/09 21:22:56	1.31
+++ loncom/interface/lonconfigsettings.pm	2022/03/12 21:24:17	1.62
@@ -1,7 +1,7 @@
 # The LearningOnline Network with CAPA
 # Handler to set domain-wide configuration settings
 #
-# $Id: lonconfigsettings.pm,v 1.31 2015/06/09 21:22:56 damieng Exp $
+# $Id: lonconfigsettings.pm,v 1.62 2022/03/12 21:24:17 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -40,9 +40,9 @@ use Apache::courseclassifier();
 use LONCAPA qw(:DEFAULT :match); 
 
 sub print_header {
-    my ($r,$phase,$context,$jscript,$container) = @_;
+    my ($r,$phase,$context,$jscript,$container,$instcode,$dom,$confname,$values) = @_;
     my ($pagetitle,$brcrumtitle,$action,$call_category_check,$instcode_check,
-        $crstype,@actions,@code_order);
+        $linkprot_check,$crstype,@actions,@code_order);
     if ($phase eq 'display') {
         @actions = &Apache::loncommon::get_env_multiple('form.actions');
     }
@@ -116,6 +116,110 @@ sub print_header {
 ENDSCRIPT
                 }
             }
+            if (($context eq 'course') && ($phase eq 'display') &&
+                (grep(/^linkprot$/,@actions))) {
+                my $allowed;
+                my $home = &Apache::lonnet::homeserver($confname,$dom);
+                unless ($home eq 'no_host') {
+                    my @ids=&Apache::lonnet::current_machine_ids();
+                    foreach my $id (@ids) { if ($id eq $home) { $allowed=1; } }
+                }
+                if ($allowed) {
+                    my (@changeable,@settable);
+                    if (ref($values->{'linkprot'}) eq 'HASH') {
+                        if (keys(%{$values->{'linkprot'}})) {
+                            my @current = sort { $a <=> $b } keys(%{$values->{'linkprot'}});
+                            if (@current) {
+                                for (my $i=0; $i<@current; $i++) {
+                                    my $num = $current[$i];
+                                    if (ref($values->{'linkprot'}->{$num}) eq 'HASH') {
+                                        if ($values->{'linkprot'}->{$num}->{'usable'}) {
+                                            push(@changeable,$i);
+                                        } else {
+                                            push(@settable,$i);
+                                        }
+                                    }
+                                }
+                            }
+                        }
+                    }
+                    my ($numrules,$intargjs);
+$linkprot_check .= <<ENDJS;
+
+var linkprotradio = '';
+var secretinput = ''; 
+var posscheck = '';
+
+ENDJS
+                    if (@changeable) {
+                        foreach my $num (@changeable) {
+                            ($numrules,$intargjs) =
+                                &Apache::loncommon::passwd_validation_js('secretinput',$dom,'linkprot',$num);
+                            $linkprot_check .= <<ENDJS;
+posscheck = '';
+linkprotradio = document.display.elements['linkprot_changesecret_$num'];
+if (linkprotradio.length) {
+    for (var i=0; i<linkprotradio.length; i++) {
+        if (linkprotradio[i].checked) {
+            if (linkprotradio[i].value == 1) {
+                posscheck = 1;
+            }
+        }
+    }
+}
+
+ENDJS
+                            if ($numrules) {
+                                $linkprot_check .= <<ENDJS;
+if (posscheck) {
+    secretinput = document.display.elements['linkprot_secret_$num'].value;
+    $intargjs
+}
+
+ENDJS
+                            }
+                            $linkprot_check .= <<ENDJS;
+if (posscheck) {
+    document.display.elements['linkprot_secret_$num'].type = 'password';
+}
+
+ENDJS
+                        }
+                    }
+                    if (@settable) {
+                        foreach my $num (@settable) {
+                            ($numrules,$intargjs) =
+                                &Apache::loncommon::passwd_validation_js('secretinput',$dom,'linkprot',$num);
+                            if ($numrules) {
+                                $linkprot_check .= <<ENDJS;
+secretinput = document.display.elements['linkprot_secret_$num'].value;
+$intargjs
+
+ENDJS
+                            }
+                            $linkprot_check .= <<ENDJS;
+document.display.elements['linkprot_secret_$num'].type = 'password';
+
+ENDJS
+                        }
+                    }
+                    ($numrules,$intargjs) =
+                        &Apache::loncommon::passwd_validation_js('secretinput',$dom,'linkprot','add');
+                    if ($numrules) {
+                        $linkprot_check .= <<ENDJS
+secretinput = document.display.elements['linkprot_secret_add'].value;
+if (document.display.elements['linkprot_add'].checked) {
+    $intargjs      
+}
+
+ENDJS
+                    }
+                    $linkprot_check .= <<ENDJS;
+document.display.elements['linkprot_secret_add'].type = 'password';
+
+ENDJS
+                }
+            }
         }
     }
     my $alert = &mt('You must select at least one functionality type to display.');
@@ -146,7 +250,7 @@ function changePage(formname,newphase) {
             return;
         }
     }
-    '.$instcode_check.$call_category_check.'
+    '.$instcode_check.$call_category_check.$linkprot_check.'
     formname.submit();
 }'."\n";
     if ($phase eq 'pickactions') {
@@ -177,22 +281,166 @@ $jscript
         $additem = {'add_entries' => \%loaditems,};
     } elsif ($phase eq 'display') {
         if ($context eq 'domain') {
+            my $onload;
             if (grep(/^coursedefaults$/,@actions)) {
+                $onload = "toggleDisplay(document.display,'cloneinstcode');".
+                          "toggleDisplay(document.display,'credits');".
+                          "toggleDisplay(document.display,'studentsubmission');";
+            }
+            if (grep(/^selfcreation$/,@actions)) {
+                my $prefix = 'cancreate_emailverified';
+                my $customclass = 'LC_selfcreate_email';
+                my $classprefix = 'LC_canmodify_emailusername_';
+                my $optionsprefix = 'LC_options_emailusername_';
+                $onload .= "toggleRows(document.display,'cancreate_email','selfassign','$customclass','$classprefix','$optionsprefix');";
+                my ($othertitle,$usertypes,$types) = &Apache::loncommon::sorted_inst_types($dom);
+                my $hascustom;
+                my ($emailrules,$emailruleorder) = &Apache::lonnet::inst_userrules($dom,'email');
+                if (ref($emailrules) eq 'HASH') {
+                    if (keys(%{$emailrules}) > 0) {
+                        $hascustom = 'cancreate_emailrule';
+                    }
+                }
+                my @posstypes;
+                if (ref($types) eq 'ARRAY') {
+                    @posstypes = @{$types};
+                    push(@posstypes,'default');
+                    foreach my $type (@posstypes) {
+                        $onload .= "toggleEmailOptions(document.display,'cancreate_emailoptions','$hascustom',".
+                                                               "'cancreate_emaildomain','$type');";
+                    }
+                } else {
+                    $onload .= "toggleEmailOptions(document.display,'cancreate_emailoptions','$hascustom',".
+                                                       "'cancreate_emaildomain','default');";
+                }
+            } 
+            if (grep(/^contacts$/,@actions)) {
+                my $customclass = 'LC_helpdesk_override';
+                my $optionsprefix = 'LC_options_helpdesk_';
+                $onload .= "toggleHelpdeskRow(document.display,'overrides','$customclass','$optionsprefix');";
+            }
+            if (grep(/^lti$/,@actions)) {
+                $onload .= "toggleLTI(document.display,'user','add');".
+                           "toggleLTI(document.display,'crs','add');".
+                           "toggleLTI(document.display,'sec','add');".
+                           "toggleLTI(document.display,'lcauth','add');".
+                           "toggleLTI(document.display,'lcmenu','add');".
+                           "toggleLTI(document.display,'passback','add');".
+                           "toggleLTI(document.display,'callback','add');";
+                if (ref($values) eq 'HASH') {
+                    if (ref($values->{'lti'}) eq 'HASH') {
+                        my $numlti = scalar(keys(%{$values->{'lti'}}));
+                        for (my $i=0; $i<$numlti; $i++) {
+                            $onload .= "toggleLTI(document.display,'user','$i');".
+                                       "toggleLTI(document.display,'crs','$i');".
+                                       "toggleLTI(document.display,'sec','$i');".
+                                       "toggleLTI(document.display,'lcauth','$i');".
+                                       "toggleLTI(document.display,'lcmenu','$i');".
+                                       "toggleLTI(document.display,'passback','$i');".
+                                       "toggleLTI(document.display,'callback','$i');";
+                        }
+                    }
+                }
+                my %servers = &Apache::lonnet::get_servers($dom,'library');
+                foreach my $server (keys(%servers)) {
+                    $onload .= "togglePrivKey(document.display,'$server');";
+                }
+                $onload .= "toggleLTIEncKey(document.display);";
+            }
+            if (grep(/^ltitools$/,@actions)) {
+                $onload .= "toggleLTITools(document.display,'passback','add');".
+                           "toggleLTITools(document.display,'roster','add');".
+                           "toggleLTITools(document.display,'user','add');";
+                if (ref($values) eq 'HASH') {
+                    if (ref($values->{'ltitools'}) eq 'HASH') {
+                        my $numltitools = scalar(keys(%{$values->{'ltitools'}}));
+                        for (my $i=0; $i<$numltitools; $i++) {
+                            $onload .= "toggleLTITools(document.display,'passback','$i');".
+                                       "toggleLTITools(document.display,'roster','$i');".
+                                       "toggleLTITools(document.display,'user','$i');";
+                        }
+                    }
+                }
+            }
+            if (grep(/^wafproxy$/,@actions)) {
+                $onload .= "toggleWAF();checkWAF();updateWAF();";
+            }
+            if (grep(/^proctoring$/,@actions)) {
+                $onload .= "toggleProctoring(document.display,'proctorio');".
+                           "toggleProctoring(document.display,'examity');";
+            }
+            if (grep(/^scantron$/,@actions)) {
+                $onload .= "toggleScantron(document.display);";
+            }
+            if (grep(/^autoupdate$/,@actions)) {
+                $onload .= "toggleLastActiveDays(document.display);";
+            }
+            if (grep(/^autoenroll$/,@actions)) {
+                $onload .= "toggleFailsafe(document.display);";
+            }
+            if (grep(/^login$/,@actions)) {
+                my %domservers = &Apache::lonnet::get_servers($dom);
+                foreach my $server (sort(keys(%domservers))) {
+                    $onload .= "toggleSamlOptions(document.display,'$server');";
+                }
+            }
+            if ($onload) {
                 my %loaditems = (
-                    '             onload' => "toggleDisplay(document.display,'cloneinstcode');".
-                                             "toggleDisplay(document.display,'credits');".
-                                             "toggleDisplay(document.display,'studentsubmission');",
+                                  'onload' => $onload,
                                 );
                 $additem = {'add_entries' => \%loaditems,};
             }
         } elsif ($context eq 'course') {
+            my $onload;
             if (grep(/^courseinfo$/,@actions)) {
-                if (@code_order) { 
-                    $additem = {
-                                   add_entries => {'onload' => "courseSet('','load');toggleCloners(document.display.cloners_instcode);"},
-                               };
+                if (@code_order) {
+                    $onload = "courseSet('','load');toggleCloners(document.display.cloners_instcode);";
+                }
+            }
+            if (grep(/^linkprot$/,@actions)) {
+                if (ref($values) eq 'HASH') {
+                    if (ref($values->{'linkprot'}) eq 'HASH') {
+                        my $ltiauth;
+                        if (exists($env{'course.'.$env{'request.course.id'}.'.internal.ltiauth'})) {
+                            $ltiauth = $env{'course.'.$env{'request.course.id'}.'.internal.ltiauth'};
+                        } else {
+                            my %domdefs = &Apache::lonnet::get_domain_defaults($dom);
+                            $ltiauth = $domdefs{'crsltiauth'};
+                        }
+                        my $ishome;
+                        my $chome = $env{'course.'.$env{'request.course.id'}.'.home'};
+                        unless (($chome eq 'no_host') || ($chome eq '')) {
+                            my @ids=&Apache::lonnet::current_machine_ids();
+                            foreach my $id (@ids) { if ($id eq $chome) { $ishome=1; } }
+                        }
+                        my $posslti = scalar(keys(%{$values->{'linkprot'}}));
+                        for (my $i=0; $i<=$posslti; $i++) {
+                            my $num = $i;
+                            if ($i == $posslti) {
+                                $num = 'add';
+                            }
+                            if (ref($values->{'linkprot'}->{$i}) eq 'HASH') {
+                                if ($values->{'linkprot'}->{$i}->{'usable'}) {
+                                    $onload .= "toggleLinkProt(document.display,'$num','secret');";
+                                }
+                            }
+                            if ($ltiauth) {
+                                $onload .= "toggleLinkProtReqUser(document.display,'requser','optional','1','block','$num');".
+                                           "toggleLinkProtReqUser(document.display,'mapuser','userfield','other','inline-block','$num');";
+                            }
+                            if ($ishome) {
+                                $onload .= "uncheckLinkProtMakeVis('visible','$num');";
+                            }
+                        }
+                    }
                 }
             }
+            if ($onload) {
+                my %loaditems = (
+                                  'onload' => $onload,
+                                );
+                $additem = {'add_entries' => \%loaditems,};
+            }
         }
     }
     $r->print(&Apache::loncommon::start_page($pagetitle,$js,$additem));
@@ -213,7 +461,7 @@ $jscript
 }
 
 sub print_footer {
-    my ($r,$phase,$newphase,$button_text,$actions,$container) = @_;
+    my ($r,$phase,$newphase,$button_text,$actions,$container,$parm_permission) = @_;
     $button_text = &mt($button_text);
     $r->print('<input type="hidden" name="phase" value="" />');
     if (defined($env{'form.origin'})) {
@@ -238,8 +486,16 @@ sub print_footer {
         } else {
             $onclick = '"javascript:changePage(document.'.$phase.','."'$newphase'".')"';
         }
-        $r->print('<p><input type="button" name="store" value="'.
-                  $button_text.'" onclick='.$onclick.' /></p>');
+        my $showbutton = 1;
+        if (ref($parm_permission) eq 'HASH') {
+            unless (($parm_permission->{'process'}) || ($newphase eq 'display')) {
+                $showbutton = 0;
+            }
+        }
+        if ($showbutton) {
+            $r->print('<p><input type="button" name="store" value="'.
+                      $button_text.'" onclick='.$onclick.' /></p>');
+        } 
     }
     if ($phase eq 'process') {
         $r->print('</form>');
@@ -252,7 +508,8 @@ sub print_footer {
 }
 
 sub make_changes {
-    my ($r,$dom,$phase,$context,$prefs_order,$prefs,$values,$confname,$roles,$allitems,$container) = @_;
+    my ($r,$dom,$phase,$context,$prefs_order,$prefs,$values,$confname,$roles,
+        $allitems,$container,$parm_permission) = @_;
     my %brcrumtext = &get_crumb_text();
     my @actions = &Apache::loncommon::get_env_multiple('form.actions');
     my ($numchanged,%changes,%disallowed);
@@ -262,7 +519,7 @@ sub make_changes {
        {href=>"javascript:changePage(document.$phase,'$phase')",
         text=>"Updated"});
     &print_header($r,$phase,$context,undef,$container);
-    my ($crstype,%lastact);
+    my ($crstype,%lastact,$errors);
     if ($context eq 'course') {
         $crstype = &Apache::loncommon::course_type();
     }
@@ -276,9 +533,10 @@ sub make_changes {
                                           $confname,$item,$roles,$values,\%lastact));
                 } else {
                     $changes{$item} = {};
-                    &Apache::courseprefs::process_changes($dom,$item,$values,
-                                                          $prefs->{$item},$changes{$item},
-                                                          $allitems,\%disallowed,$crstype);
+                    $errors =
+                        &Apache::courseprefs::process_changes($dom,$confname,$item,$values,
+                                                              $prefs->{$item},$changes{$item},
+                                                              $allitems,\%disallowed,$crstype);
                     if (keys(%{$changes{$item}}) > 0) {
                         $numchanged ++;
                     }
@@ -310,20 +568,23 @@ sub make_changes {
             }
             $r->print('</p>');
         }
+        if ($errors) {
+            $r->print('<p>'.$errors.'</p>');
+        }
     }
     $r->print('<p>');
     my $footer_text = 'Back to configuration display';
     if ($context eq 'course') {
         $footer_text = 'Back to display/edit settings'; 
     }
-    &print_footer($r,$phase,'display',$footer_text,\@actions,$container);
+    &print_footer($r,$phase,'display',$footer_text,\@actions,$container,$parm_permission);
     $r->print('</p>');
     return \%lastact;
 }
 
 sub display_settings {
     my ($r,$dom,$phase,$context,$prefs_order,$prefs,$values,$confname,$jscript,
-        $allitems,$crstype,$container) = @_;
+        $allitems,$crstype,$container,$parm_permission) = @_;
     my %brcrumtext = &get_crumb_text();
     my @actions = &Apache::loncommon::get_env_multiple('form.actions');
     &Apache::lonhtmlcommon::add_breadcrumb
@@ -333,12 +594,12 @@ sub display_settings {
     if (ref($values) eq 'HASH') {
         $instcode = $values->{'internal.coursecode'};
     }
-    &print_header($r,$phase,$context,$jscript,$container,$instcode);
+    &print_header($r,$phase,$context,$jscript,$container,$instcode,$dom,$confname,$values);
     my $divwidth = 900;
     if ((ref($prefs_order) eq 'ARRAY') && (ref($prefs) eq 'HASH') && (ref($values) eq 'HASH')) { 
         if (@actions > 0) {
             my $rowsum = 0;
-            my (%output,%rowtotal,@items);
+            my (%output,%rowtotal,@items,$got_check_uncheck);
             foreach my $item (@{$prefs_order}) {
                 if (grep(/^\Q$item\E$/,@actions)) {
                     push(@items,$item);
@@ -347,12 +608,15 @@ sub display_settings {
                         if (ref($values) eq 'HASH') { 
                             $settings = $values->{$item};
                         }
-                        if ($item eq 'usersessions') {
-                            $r->print('<script type="text/javascript">'."\n".
-                                      '// <![CDATA['."\n".
-                                      &Apache::loncommon::check_uncheck_jscript()."\n".
-                                      '// ]]>'."\n".
-                                      '</script>'."\n");
+                        if (($item eq 'usersessions') || ($item eq 'ssl')) {
+                            unless ($got_check_uncheck) {
+                                $r->print('<script type="text/javascript">'."\n".
+                                          '// <![CDATA['."\n".
+                                          &Apache::loncommon::check_uncheck_jscript()."\n".
+                                          '// ]]>'."\n".
+                                          '</script>'."\n");
+                                $got_check_uncheck = 1;
+                            }
                         } elsif ($item eq 'selfcreation') {
                             if (ref($values) eq 'HASH') {
                                 $settings = $values->{'usercreation'};
@@ -377,14 +641,24 @@ sub display_settings {
                                     $settings = $inststatus;
                                 }
                             }
+                        } elsif ($item eq 'lti') {
+                            if (ref($values->{'ltisec'}) eq 'HASH') {
+                                if (ref($values->{'lti'}) eq 'HASH') {
+                                    $settings = {%{$values->{'lti'}},%{$values->{'ltisec'}}};
+                                } else {
+                                    $settings = $values->{'ltisec'};
+                                }
+                            } elsif (ref($values->{'lti'}) eq 'HASH') {
+                                $settings = $values->{'lti'};
+                            }
                         }
                         ($output{$item},$rowtotal{$item}) =
                             &Apache::domainprefs::print_config_box($r,$dom,$confname,
                                 $phase,$item,$prefs->{$item},$settings);
                     } else {
                         ($output{$item},$rowtotal{$item}) =
-                            &Apache::courseprefs::print_config_box($r,$dom,$phase,
-                                $item,$prefs->{$item},$values,$allitems,$crstype);
+                            &Apache::courseprefs::print_config_box($r,$dom,$confname,$phase,
+                                $item,$prefs->{$item},$values,$allitems,$crstype,$parm_permission);
                     }
                     $rowsum += $rowtotal{$item};
                 }
@@ -394,7 +668,7 @@ sub display_settings {
                 $r->print($output{$items[$i]});
             }
             $r->print('</div>');
-            $r->print(&print_footer($r,$phase,'process','Save Changes',\@actions,$container));
+            $r->print(&print_footer($r,$phase,'process','Save Changes',\@actions,$container,$parm_permission));
         } else {
             $r->print('<input type="hidden" name="phase" value="" />'.
                       '<span class="LC_error">'.&mt('No settings chosen').
@@ -410,7 +684,7 @@ sub display_settings {
 }
 
 sub display_choices {
-    my ($r,$phase,$context,$prefs_order,$prefs,$container) = @_;
+    my ($r,$phase,$context,$prefs_order,$prefs,$container,$parm_permission) = @_;
     if ($phase eq '') {
         $phase = 'pickactions';
     }
@@ -421,7 +695,13 @@ sub display_choices {
               &Apache::loncommon::check_uncheck_jscript()."\n".
               '// ]]>'."\n".
               '</script>'."\n");
-    $r->print('<h3>'.&mt('Settings to display/modify').'</h3>'.
+    my $heading = &mt('Settings to display/modify');
+    if (ref($parm_permission) eq 'HASH') {
+        unless ($parm_permission->{'process'}) {
+            $heading = &mt('Settings to display');
+        }
+    }
+    $r->print('<h3>'.$heading.'</h3>'.
               '<div><input type="button" value="'.&mt('check all').'" '.
               'onclick="javascript:checkAll(document.pickactions.actions)"'.
               ' />'.('&nbsp;'x2).
@@ -457,9 +737,9 @@ sub display_choices {
                 $thirddiv = 1;
             }
         }
-        $r->print('</div><br clear="all" />');
     }
-    $r->print(&print_footer($r,$phase,'display','Display',undef,$container));
+    $r->print('</div><div style="padding:0;clear:both;margin:0;border:0"></div>');
+    $r->print(&print_footer($r,$phase,'display','Display',undef,$container,$parm_permission));
     $r->print('</form>');
     if ($container) {
         &Apache::lonparmset::endSettingsScreen($r);