[LON-CAPA-cvs] cvs: loncom /cgi enrollqueued.pl

raeburn raeburn at source.lon-capa.org
Sat Apr 5 18:42:33 EDT 2014


raeburn		Sat Apr  5 22:42:33 2014 EDT

  Modified files:              
    /loncom/cgi	enrollqueued.pl 
  Log:
  - Self-enrollment of validated requests
    - Temporarly set username and domain of self-enrolling user in 
      %Apache::lonnet::env so lonnet::asignrole() will not reject attempt to
      add student role.
    - Support case where validator script is on same server as LON-CAPA instance.
    - Fix IP checking for case where POST to enrollqueued.pl comes from 
      server specified in domain config for self-enrollment validation server.   
  
  
Index: loncom/cgi/enrollqueued.pl
diff -u loncom/cgi/enrollqueued.pl:1.1 loncom/cgi/enrollqueued.pl:1.2
--- loncom/cgi/enrollqueued.pl:1.1	Tue Apr  1 21:39:18 2014
+++ loncom/cgi/enrollqueued.pl	Sat Apr  5 22:42:33 2014
@@ -3,7 +3,7 @@
 # Script to complete processing of self-enrollment requests
 # queued pending validation, when validated.
 #  
-# $Id: enrollqueued.pl,v 1.1 2014/04/01 21:39:18 raeburn Exp $
+# $Id: enrollqueued.pl,v 1.2 2014/04/05 22:42:33 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -79,6 +79,7 @@
 use Apache::loncoursequeueadmin();
 use Apache::lonlocal;
 use LONCAPA;
+use IO::Socket;
 
 &main();
 exit 0;
@@ -164,21 +165,31 @@
     if (ref($domconfig{'selfenrollment'}) eq 'HASH') {
         if (ref($domconfig{'selfenrollment'}{'validation'}) eq 'HASH') {
             if ($domconfig{'selfenrollment'}{'validation'}{'url'} =~ m{^https?://([^/]+)/}) {
-                my $validator_ip = gethostbyname($1);
-                if (($validator_ip ne '') && ($remote_ip eq $validator_ip)) {
-                    $allowed = 1;
+                my $ip = gethostbyname($1);
+                if ($ip ne '') {
+                    my $validator_ip = inet_ntoa($ip);
+                    if (($validator_ip ne '') && ($remote_ip eq $validator_ip)) {
+                        $allowed = 1;
+                    }
+                }
+            } elsif ($domconfig{'selfenrollment'}{'validation'}{'url'} =~ m{^/}) {
+                if ($remote_ip ne '') {
+                    if (($remote_ip eq '127.0.0.1') || ($remote_ip eq $ENV{'SERVER_ADDR'})) {
+                        $allowed = 1;
+                    }
                 }
             }
         }
     }
+
     my (%params, at fields,$numrequired);
-    if ($allowed ne '') {
+    if ($allowed) {
         &Apache::lonlocal::get_language_handle();
         my ($validreq, at fields);
         if (ref($domconfig{'selfenrollment'}) eq 'HASH') {
             if (ref($domconfig{'selfenrollment'}{'validation'}) eq 'HASH') {
                 if (ref($domconfig{'selfenrollment'}{'validation'}{'fields'}) eq 'ARRAY') {
-                    $numrequired = @fields;
+                    $numrequired = scalar(@{$domconfig{'selfenrollment'}{'validation'}{'fields'}});
                     foreach my $field (@{$domconfig{'selfenrollment'}{'validation'}{'fields'}}) {
                         $params{$field} = $query->param($field);
                         if ($field eq 'username') {
@@ -206,6 +217,9 @@
                                 $params{$field} = $query->param($field);
                             }
                         }
+                        if ($field eq 'description') {
+                            $params{$field} = $query->param($field);
+                        }
                     }
                     if ($numrequired == scalar(keys(%params))) {
                         $validreq = 1;
@@ -285,7 +299,7 @@
                 if ($requesthash{$cid}{status} eq 'pending') {
                     my ($lonhost,$hostname,$handle);
                     $lonhost = $requesthash{$cid}{'lonhost'};
-                    if ($lonhost eq '') {
+                    if ($lonhost ne '') {
                         $hostname = &Apache::lonnet::hostname($lonhost);
                     }
                     my $savedtoken = $requesthash{$cid}{'token'};
@@ -309,10 +323,14 @@
                                 return;
                             }
                         }
+                        $Apache::lonnet::env{'user.name'} = $uname;
+                        $Apache::lonnet::env{'user.domain'} = $udom;
                         my $result =
                             &Apache::lonnet::modify_student_enrollment($udom,$uname,undef,undef,
                                 undef,undef,undef,$usec,$access_end,$access_start,'selfenroll',
                                 undef,$cid,1);
+                        delete($Apache::lonnet::env{'user.name'});
+                        delete($Apache::lonnet::env{'user.domain'});
                         if ($result eq 'ok') {
                             my %userrequest = (
                                 $cdom.'_'.$cnum => {
@@ -330,7 +348,7 @@
 #
                             my @hosts = &Apache::lonnet::current_machine_ids();
                             if (grep(/^\Q$lonhost\E$/, at hosts) && ($handle) && ($hostname)) {
-                                if ($lonidsdir ne '') {    
+                                if ($lonidsdir ne '') {
                                     if (-e "$lonidsdir/$handle.id") {
                                         my $protocol = $Apache::lonnet::protocol{$lonhost};
                                         $protocol = 'http' if ($protocol ne 'https');
@@ -338,6 +356,7 @@
                                     }
                                 }
                             }
+         
 #
 # otherwise point at default portal, or if non specified, at /adm/login?querystring where 
 # querystring contains role=st./$cdom/$cnum




More information about the LON-CAPA-cvs mailing list