--- loncom/interface/lonuserutils.pm 2019/05/06 18:25:58 1.198
+++ loncom/interface/lonuserutils.pm 2019/07/23 13:58:53 1.201
@@ -1,7 +1,7 @@
# The LearningOnline Network with CAPA
# Utility functions for managing LON-CAPA user accounts
#
-# $Id: lonuserutils.pm,v 1.198 2019/05/06 18:25:58 raeburn Exp $
+# $Id: lonuserutils.pm,v 1.201 2019/07/23 13:58:53 raeburn Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -750,7 +750,7 @@ sub passwd_validation_js {
}
if ($rules{'spec'}) {
$intargjs .= q|
- var specRegExp = /[!"#$%&'()*+,\-.\/:;<=>?@[\\\]^_`{\|}~]/;
+ var specRegExp = /[!"#$%&'()*+,\-.\/:;<=>?@[\\^\]_`{\|}~]/;
if (!specRegExp.test(currpwval)) {
brokerules.push('spec');
}
@@ -2433,7 +2433,6 @@ sub build_user_record {
sub courses_selector {
my ($cdom,$formname) = @_;
- my %coursecodes = ();
my %codes = ();
my @codetitles = ();
my %cat_titles = ();
@@ -2446,14 +2445,15 @@ sub courses_selector {
my $jscript = '';
my $totcodes = 0;
- $totcodes =
- &Apache::courseclassifier::retrieve_instcodes(\%coursecodes,
- $cdom,$totcodes);
- if ($totcodes > 0) {
- $format_reply =
- &Apache::lonnet::auto_instcode_format($caller,$cdom,\%coursecodes,
- \%codes,\@codetitles,\%cat_titles,\%cat_order);
- if ($format_reply eq 'ok') {
+ my $instcats = &Apache::lonnet::get_dom_instcats($cdom);
+ if (ref($instcats) eq 'HASH') {
+ if ((ref($instcats->{'codetitles'}) eq 'ARRAY') && (ref($instcats->{'codes'}) eq 'HASH') &&
+ (ref($instcats->{'cat_titles'}) eq 'HASH') && (ref($instcats->{'cat_order'}) eq 'HASH')) {
+ %codes = %{$instcats->{'codes'}};
+ @codetitles = @{$instcats->{'codetitles'}};
+ %cat_titles = %{$instcats->{'cat_titles'}};
+ %cat_order = %{$instcats->{'cat_order'}};
+ $totcodes = scalar(keys(%codes));
my $numtypes = @codetitles;
&Apache::courseclassifier::build_code_selections(\%codes,\@codetitles,\%cat_titles,\%cat_order,\%idlist,\%idnums,\%idlist_titles);
my ($scripttext,$longtitles) = &Apache::courseclassifier::javascript_definitions(\@codetitles,\%idlist,\%idlist_titles,\%idnums,\%cat_titles);
@@ -4377,6 +4377,7 @@ sub upfile_drop_add {
}
my $amode = '';
my $genpwd = '';
+ my @genpwdfail;
if ($env{'form.login'} eq 'krb') {
$amode='krb';
$amode.=$env{'form.krbver'};
@@ -4385,6 +4386,8 @@ sub upfile_drop_add {
$amode='internal';
if ((defined($env{'form.intarg'})) && ($env{'form.intarg'})) {
$genpwd=$env{'form.intarg'};
+ @genpwdfail =
+ &Apache::loncommon::check_passwd_rules($domain,$genpwd);
}
} elsif ($env{'form.login'} eq 'loc') {
$amode='localauth';
@@ -4465,7 +4468,6 @@ sub upfile_drop_add {
\@statuses,\@poss_roles);
&gather_userinfo($context,'view',\%userlist,$indexhash,\%info,
\%cstr_roles,$permission);
-
}
}
}
@@ -4543,7 +4545,8 @@ sub upfile_drop_add {
my $newuserdom = $env{'request.role.domain'};
map { $cancreate{$_} = &can_create_user($newuserdom,$context,$_); } keys(%longtypes);
# Get new users list
- my (%existinguser,%userinfo,%disallow,%rulematch,%inst_results,%alerts,%checkuname);
+ my (%existinguser,%userinfo,%disallow,%rulematch,%inst_results,%alerts,%checkuname,
+ %showpasswdrules,$haspasswdmap);
my $counter = -1;
my (%willtrust,%trustchecked);
foreach my $line (@userdata) {
@@ -4694,11 +4697,43 @@ sub upfile_drop_add {
}
}
# determine user password
- my $password = $genpwd;
+ my $password;
+ my $passwdfromfile;
if (defined($fields{'ipwd'})) {
if ($entries{$fields{'ipwd'}}) {
$password=$entries{$fields{'ipwd'}};
+ $passwdfromfile = 1;
+ if ($env{'form.login'} eq 'int') {
+ my $uhome=&Apache::lonnet::homeserver($username,$userdomain);
+ if (($uhome eq 'no_host') || ($changeauth)) {
+ my @brokepwdrules =
+ &Apache::loncommon::check_passwd_rules($domain,$password);
+ if (@brokepwdrules) {
+ $disallow{$counter} = &mt('[_1]: Password included in file for this user did not meet requirements.',
+ ''.$username.'');
+ map { $showpasswdrules{$_} = 1; } @brokepwdrules;
+ next;
+ }
+ }
+ }
+ }
+ }
+ unless ($passwdfromfile) {
+ if ($env{'form.login'} eq 'int') {
+ if (@genpwdfail) {
+ my $uhome=&Apache::lonnet::homeserver($username,$userdomain);
+ if (($uhome eq 'no_host') || ($changeauth)) {
+ $disallow{$counter} = &mt('[_1]: No specific password in file for this user; default password did not meet requirements',
+ ''.$username.'');
+ unless ($haspasswdmap) {
+ map { $showpasswdrules{$_} = 1; } @genpwdfail;
+ $haspasswdmap = 1;
+ }
+ }
+ next;
+ }
}
+ $password = $genpwd;
}
# determine user role
my $role = '';
@@ -5061,6 +5096,7 @@ sub upfile_drop_add {
$counts{'auth'})."\n");
}
$r->print(&print_namespacing_alerts($domain,\%alerts,\%curr_rules));
+ $r->print(&passwdrule_alerts($domain,\%showpasswdrules));
#####################################
# Display list of students to drop #
#####################################
@@ -5130,6 +5166,38 @@ sub print_namespacing_alerts {
}
}
+sub passwdrule_alerts {
+ my ($domain,$passwdrules) = @_;
+ my $warning;
+ if (ref($passwdrules) eq 'HASH') {
+ my %showrules = %{$passwdrules};
+ if (keys(%showrules)) {
+ my %passwdconf = &Apache::lonnet::get_passwdconf($domain);
+ $warning = ''.&mt('Password requirement(s) unmet for one or more users:').'';
+ if ($showrules{'min'}) {
+ $warning .= '- '.&mt('minimum [quant,_1,character]',$passwdconf{'min'}).'
';
+ }
+ if ($showrules{'max'}) {
+ $warning .= '- '.&mt('maximum [quant,_1,character]',$passwdconf{'max'}).'
';
+ }
+ if ($showrules{'uc'}) {
+ $warning .= '- '.&mt('contain at least one upper case letter').'
';
+ }
+ if ($showrules{'lc'}) {
+ $warning .= '- '.&mt('contain at least one lower case letter').'
';
+ }
+ if ($showrules{'num'}) {
+ $warning .= '- '.&mt('contain at least one number').'
';
+ }
+ if ($showrules{'spec'}) {
+ $warning .= '- '.&mt('contain at least one non-alphanumeric').'
';
+ }
+ $warning .= '
';
+ }
+ }
+ return $warning;
+}
+
sub user_change_result {
my ($r,$userresult,$authresult,$roleresult,$idresult,$counts,$flushc,
$username,$userdomain,$userchg) = @_;
@@ -6014,7 +6082,26 @@ sub can_change_internalpass {
unless ($env{'course.'.$env{'request.course.id'}.'.internal.nopasswdchg'}) {
my ($cnum,$cdom) = &get_course_identity();
if ((&Apache::lonnet::is_course_owner($cdom,$cnum)) && ($udom eq $env{'user.domain'})) {
- my $noupdate;
+ my @userstatuses = ('default');
+ my %userenv = &Apache::lonnet::userenvironment($udom,$uname,'inststatus');
+ if ($userenv{'inststatus'} ne '') {
+ @userstatuses = split(/:/,$userenv{'inststatus'});
+ }
+ my $noupdate = 1;
+ my %passwdconf = &Apache::lonnet::get_passwdconf($cdom);
+ if (ref($passwdconf{'crsownerchg'}) eq 'HASH') {
+ if (ref($passwdconf{'crsownerchg'}{'for'}) eq 'ARRAY') {
+ foreach my $status (@userstatuses) {
+ if (grep(/^\Q$status\E$/,@{$passwdconf{'crsownerchg'}{'for'}})) {
+ undef($noupdate);
+ last;
+ }
+ }
+ }
+ }
+ if ($noupdate) {
+ return;
+ }
my %owned = &Apache::lonnet::courseiddump($cdom,'.',1,'.',
$env{'user.name'}.':'.$env{'user.domain'},
undef,undef,undef,'.');