--- loncom/interface/lonuserutils.pm	2019/05/11 21:34:01	1.200
+++ loncom/interface/lonuserutils.pm	2022/11/17 19:07:21	1.211
@@ -1,7 +1,7 @@
 # The LearningOnline Network with CAPA
 # Utility functions for managing LON-CAPA user accounts
 #
-# $Id: lonuserutils.pm,v 1.200 2019/05/11 21:34:01 raeburn Exp $
+# $Id: lonuserutils.pm,v 1.211 2022/11/17 19:07:21 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -532,7 +532,7 @@ END
 END
     } else {
         my ($numrules,$intargjs) =
-            &passwd_validation_js('vf.elements[current.argfield].value',$domain);
+            &Apache::loncommon::passwd_validation_js('vf.elements[current.argfield].value',$domain);
         $auth_checks .= (<<END);
     foundatype=1;
     if (current.argfield == null || current.argfield == '') {
@@ -543,13 +543,15 @@ END
             case 'krb':
                 alertmsg = '$alert{'krb'}';
                 break;
-            case 'loc':
             case 'int':
                 alertmsg = '$alert{'ipass'}';
                 break;
             case 'fsys':
                 alertmsg = '$alert{'ipass'}';
                 break;
+            case 'loc':
+                alertmsg = '';
+                break;
             case 'lti':
             default:
                 alertmsg = '';
@@ -651,135 +653,6 @@ END
     return $result;
 }
 
-sub passwd_validation_js {
-    my ($currpasswdval,$domain) = @_;
-    my %passwdconf = &Apache::lonnet::get_passwdconf($domain);
-    my ($min,$max,@chars,$numrules,$intargjs,%alert);
-    $numrules = 0;
-    if (ref($passwdconf{'chars'}) eq 'ARRAY') {
-        if ($passwdconf{'min'} =~ /^\d+$/) {
-            $min = $passwdconf{'min'};
-            $numrules ++;
-        }
-        if ($passwdconf{'max'} =~ /^\d+$/) {
-            $max = $passwdconf{'max'};
-            $numrules ++;
-        }
-        @chars = @{$passwdconf{'chars'}};
-        if (@chars) {
-            $numrules ++;
-        }
-    } else {
-        $min = 7;
-        $numrules ++;
-    }
-    if (($min ne '') || ($max ne '') || (@chars > 0)) {
-        my $alertmsg = &mt('Initial password did not satisfy requirement(s):').'\n\n';
-        if ($min) {
-            $alert{'min'} = &mt('minimum [quant,_1,character]',$min).'\n';
-        }
-        if ($max) {
-            $alert{'max'} = &mt('maximum [quant,_1,character]',$max).'\n';
-        }
-        my (@charalerts,@charrules);
-        if (@chars) {
-            if (grep(/^uc$/,@chars)) {
-                push(@charalerts,&mt('contain at least one upper case letter'));
-                push(@charrules,'uc');
-            }
-            if (grep(/^lc$/,@chars)) {
-                push(@charalerts,&mt('contain at least one lower case letter'));
-                push(@charrules,'lc');
-            }
-            if (grep(/^num$/,@chars)) {
-                push(@charalerts,&mt('contain at least one number'));
-                push(@charrules,'num');
-            }
-            if (grep(/^spec$/,@chars)) {
-                push(@charalerts,&mt('contain at least one non-alphanumeric'));
-                push(@charrules,'spec');
-            }
-        }
-        $intargjs = qq|            var rulesmsg = '';\n|.
-                    qq|            var currpwval = $currpasswdval;\n|;
-            if ($min) {
-                $intargjs .= qq|
-            if (currpwval.length < $min) {
-                rulesmsg += ' - $alert{min}';
-            }
-|;
-            }
-            if ($max) {
-                $intargjs .= qq|
-            if (currpwval.length > $max) {
-                rulesmsg += ' - $alert{max}';
-            }
-|;
-            }
-            if (@chars > 0) {
-                my $charrulestr = '"'.join('","',@charrules).'"';
-                my $charalertstr = '"'.join('","',@charalerts).'"';
-                $intargjs .= qq|            var brokerules = new Array();\n|.
-                             qq|            var charrules = new Array($charrulestr);\n|.
-                             qq|            var charalerts = new Array($charalertstr);\n|;
-                my %rules;
-                map { $rules{$_} = 1; } @chars;
-                if ($rules{'uc'}) {
-                    $intargjs .= qq|
-            var ucRegExp = /[A-Z]/;
-            if (!ucRegExp.test(currpwval)) {
-                brokerules.push('uc');
-            }
-|;
-                }
-                if ($rules{'lc'}) {
-                    $intargjs .= qq|
-            var lcRegExp = /[a-z]/;
-            if (!lcRegExp.test(currpwval)) {
-                brokerules.push('lc');
-            }
-|;
-                }
-                if ($rules{'num'}) {
-                     $intargjs .= qq|
-            var numRegExp = /[0-9]/;
-            if (!numRegExp.test(currpwval)) {
-                brokerules.push('num');
-            }
-|;
-                }
-                if ($rules{'spec'}) {
-                     $intargjs .= q|
-            var specRegExp = /[!"#$%&'()*+,\-.\/:;<=>?@[\\^\]_`{\|}~]/;
-            if (!specRegExp.test(currpwval)) {
-                brokerules.push('spec');
-            }
-|;
-                }
-                $intargjs .= qq|
-            if (brokerules.length > 0) {
-                for (var i=0; i<brokerules.length; i++) {
-                    for (var j=0; j<charrules.length; j++) {
-                        if (brokerules[i] == charrules[j]) {
-                            rulesmsg += ' - '+charalerts[j]+'\\n';
-                            break;
-                        }
-                    }
-                }
-            }
-|;
-            }
-            $intargjs .= qq|
-            if (rulesmsg != '') {
-                rulesmsg = '$alertmsg'+rulesmsg;
-                alert(rulesmsg);
-                return false;
-            }
-|;
-    }
-    return ($numrules,$intargjs);
-}
-
 ###############################################################
 ###############################################################
 sub upload_manager_javascript_forward_associate {
@@ -1707,10 +1580,11 @@ sub my_custom_roles {
     my %rolehash=&Apache::lonnet::dump('roles',$udom,$uname);
     foreach my $key (keys(%rolehash)) {
         if ($key=~/^rolesdef\_(\w+)$/) {
+            my $role = $1;
             if ($crstype eq 'Community') {
                 next if ($rolehash{$key} =~ /bre\&S/); 
             }
-            $returnhash{$1}=$1;
+            $returnhash{$role}=$role;
         }
     }
     return %returnhash;
@@ -2433,7 +2307,6 @@ sub build_user_record {
 
 sub courses_selector {
     my ($cdom,$formname) = @_;
-    my %coursecodes = ();
     my %codes = ();
     my @codetitles = ();
     my %cat_titles = ();
@@ -2446,14 +2319,15 @@ sub courses_selector {
     my $jscript = '';
 
     my $totcodes = 0;
-    $totcodes =
-        &Apache::courseclassifier::retrieve_instcodes(\%coursecodes,
-                                                      $cdom,$totcodes);
-    if ($totcodes > 0) {
-        $format_reply =
-             &Apache::lonnet::auto_instcode_format($caller,$cdom,\%coursecodes,
-                                \%codes,\@codetitles,\%cat_titles,\%cat_order);
-        if ($format_reply eq 'ok') {
+    my $instcats = &Apache::lonnet::get_dom_instcats($cdom);
+    if (ref($instcats) eq 'HASH') {
+        if ((ref($instcats->{'codetitles'}) eq 'ARRAY') && (ref($instcats->{'codes'}) eq 'HASH') &&
+            (ref($instcats->{'cat_titles'}) eq 'HASH') && (ref($instcats->{'cat_order'}) eq 'HASH')) {
+            %codes = %{$instcats->{'codes'}};
+            @codetitles = @{$instcats->{'codetitles'}};
+            %cat_titles = %{$instcats->{'cat_titles'}};
+            %cat_order = %{$instcats->{'cat_order'}};
+            $totcodes = scalar(keys(%codes));
             my $numtypes = @codetitles;
             &Apache::courseclassifier::build_code_selections(\%codes,\@codetitles,\%cat_titles,\%cat_order,\%idlist,\%idnums,\%idlist_titles);
             my ($scripttext,$longtitles) = &Apache::courseclassifier::javascript_definitions(\@codetitles,\%idlist,\%idlist_titles,\%idnums,\%cat_titles);
@@ -3667,6 +3541,8 @@ END
         setSections(formname,'$crstype');
         if (seccheck == 'ok') {
             opener.document.$callingform.newsecs.value = formname.sections.value;
+        } else {
+            return;
         }
 END
     } else {
@@ -4387,7 +4263,7 @@ sub upfile_drop_add {
         if ((defined($env{'form.intarg'})) && ($env{'form.intarg'})) {
             $genpwd=$env{'form.intarg'};
             @genpwdfail =
-                &Apache::loncommon::check_passwd_rules($domain,$genpwd); 
+                &Apache::loncommon::check_passwd_rules($domain,$genpwd);
         }
     } elsif ($env{'form.login'} eq 'loc') {
         $amode='localauth';
@@ -5005,6 +4881,16 @@ sub upfile_drop_add {
                     my (%userres,%authres,%roleres,%idres);
                     my $singlesec = '';
                     if ($role eq 'st') {
+                        if (($context eq 'domain') && ($changeauth eq 'Yes') && (!$newuser)) {
+                            if ((&Apache::lonnet::allowed('mau',$userdomain)) &&
+                                (&Apache::lonnet::homeserver($username,$userdomain) ne 'no_host')) {
+                                if ((($amode =~ /^krb4|krb5|internal$/) && $password ne '') ||
+                                     ($amode eq 'localauth')) {
+                                    $authresult =
+                                        &Apache::lonnet::modifyuserauth($userdomain,$username,$amode,$password);
+                                }
+                            }
+                        }
                         my $sec;
                         if (ref($userinfo{$i}{'sections'}) eq 'ARRAY') {
                             if (@secs > 0) {
@@ -5046,16 +4932,16 @@ sub upfile_drop_add {
                                     }
                                 }
                             }
-                            if (!$multiple) {
-                                ($userresult,$authresult,$roleresult,$idresult) = 
-                                    &modifyuserrole($context,$setting,
-                                                    $changeauth,$cid,$userdomain,$username, 
-                                                    $id,$amode,$password,$fname,
-                                                    $mname,$lname,$gen,$singlesec,
-                                                    $env{'form.forceid'},$desiredhost,
-                                                    $email,$role,$enddate,$startdate,
-                                                    $checkid,$inststatus);
-                            }
+                        }
+                        if (!$multiple) {
+                            ($userresult,$authresult,$roleresult,$idresult) = 
+                                &modifyuserrole($context,$setting,
+                                                $changeauth,$cid,$userdomain,$username, 
+                                                $id,$amode,$password,$fname,
+                                                $mname,$lname,$gen,$singlesec,
+                                                $env{'form.forceid'},$desiredhost,
+                                                $email,$role,$enddate,$startdate,
+                                                $checkid,$inststatus);
                         }
                     }
                     if ($multiple) {
@@ -5175,7 +5061,11 @@ sub passwdrule_alerts {
             my %passwdconf = &Apache::lonnet::get_passwdconf($domain);
             $warning = '<b>'.&mt('Password requirement(s) unmet for one or more users:').'</b><ul>';
             if ($showrules{'min'}) {
-                $warning .= '<li>'.&mt('minimum [quant,_1,character]',$passwdconf{'min'}).'</li>';
+                my $min = $passwdconf{'min'};
+                if ($min eq '') {
+                    $min = $Apache::lonnet::passwdmin;
+                }
+                $warning .= '<li>'.&mt('minimum [quant,_1,character]',$min).'</li>';
             }
             if ($showrules{'max'}) {
                 $warning .= '<li>'.&mt('maximum [quant,_1,character]',$passwdconf{'max'}).'</li>';
@@ -6304,8 +6194,9 @@ sub get_permission {
         }
     }
     my $allowed = 0;
-    foreach my $perm (values(%permission)) {
-        if ($perm) { $allowed=1; last; }
+    foreach my $key (keys(%permission)) {
+        next if (($key eq 'owner') || ($key eq 'co-owner'));
+        if ($permission{$key}) { $allowed=1; last; }
     }
     return (\%permission,$allowed);
 }
@@ -6514,7 +6405,7 @@ sub verify_authen {
         $finish = "document.$formname.submit();";
     }
     my ($numrules,$intargjs) =
-        &passwd_validation_js('argpicked',$domain);
+        &Apache::loncommon::passwd_validation_js('argpicked',$domain);
     my $outcome = <<"ENDSCRIPT";
 
 function auth_check() {