loncom/auth/lonroles.pm - diff

Return to lonroles.pm CVS log

Up to [LON-CAPA] / loncom / auth

Diff for /loncom/auth/lonroles.pm between versions 1.180 and 1.189

version 1.180, 2007/10/22 22:16:30	version 1.189, 2008/05/14 19:18:37
Line 106 sub handler {	Line 106 sub handler {

# ================================================================== Roles Init	# ================================================================== Roles Init
if ($env{'form.selectrole'}) {	if ($env{'form.selectrole'}) {

	my $locknum=&Apache::lonnet::get_locks();
	if ($locknum) { return 409; }

if ($env{'form.newrole'}) {	if ($env{'form.newrole'}) {
$env{'form.'.$env{'form.newrole'}}=1;	$env{'form.'.$env{'form.newrole'}}=1;
}	}
if ($env{'request.course.id'}) {	if ($env{'request.course.id'}) {
	# Check if user is CC trying to select a course role
	if ($env{'form.switchrole'}) {
	if (!defined($env{'user.role.'.$env{'form.switchrole'}})) {
	&adhoc_course_role($then);
	}
	}
my %temp=('logout_'.$env{'request.course.id'} => time);	my %temp=('logout_'.$env{'request.course.id'} => time);
&Apache::lonnet::put('email_status',\%temp);	&Apache::lonnet::put('email_status',\%temp);
&Apache::lonnet::delenv('user.state.'.$env{'request.course.id'});	&Apache::lonnet::delenv('user.state.'.$env{'request.course.id'});
}	}
&Apache::lonnet::appenv("request.course.id" => '',	&Apache::lonnet::appenv({"request.course.id" => '',
"request.course.fn" => '',	"request.course.fn" => '',
"request.course.uri" => '',	"request.course.uri" => '',
"request.course.sec" => '',	"request.course.sec" => '',
"request.role" => 'cm',	"request.role" => 'cm',
"request.role.adv" => $env{'user.adv'},	"request.role.adv" => $env{'user.adv'},
"request.role.domain" => $env{'user.domain'});	"request.role.domain" => $env{'user.domain'}});
	# Check if user is a DC trying to enter a course or author space and needs privs to be created
# Check if user is a DC trying to enter a course and needs privs to be created
if ($numdc > 0) {	if ($numdc > 0) {
foreach my $envkey (keys %env) {	foreach my $envkey (keys %env) {
	# Is this an ad-hoc CC-role?
if (my ($domain,$coursenum) =	if (my ($domain,$coursenum) =
($envkey =~ m-^form\.cc\./($match_domain)/($match_courseid)$-)) {	($envkey =~ m-^form\.cc\./($match_domain)/($match_courseid)$-)) {
	# See if that is even allowed

if ($dcroles{$domain}) {	if ($dcroles{$domain}) {
&check_privs($domain,$coursenum,$then,$now);	&check_privs($domain,$coursenum,$then,$now,'cc');
	}
	last;
	}
	# Is this a recent ad-hoc CA-role?
	if (my ($domain,$user) =
	($envkey =~ m-^form\.ca\./($match_domain)/($match_username)$-)) {
	if (($dcroles{$domain}) && (&is_author_homeserver($user,$domain))) {
	&check_privs($domain,$user,$then,$now,'ca');
	} else {
	delete($env{$envkey});
	}
	last;
	}
	# Is this a new ad-hoc CA-role?
	if (my ($domain) =
	($envkey =~ m-^form\.adhocca\./($match_domain)$-)) {
	my $user=$env{'form.adhoccauname.'.$domain};
	if (!$user) { $user=$env{'form.adhoccaunamerecent.'.$domain} };
	# See if that is even allowed
	my %blocked=&Apache::lonnet::get('environment',['domcoord.author'],$domain,$user);
	if ($blocked{'domcoord.author'} eq 'blocked') {
	$env{'user.error.msg'}=':::1:User '.$user.' in domain '.$domain.' blocked domain coordinator access';
	last;
	}
	if ($dcroles{$domain}) {
	if (($user) && ($user=~/$match_username/) && (&is_author_homeserver($user,$domain))) {
	&check_privs($domain,$user,$then,$now,'ca');
	$env{'form.ca./'.$domain.'/'.$user}=1;
	}
}	}
last;	last;
}	}
Line 245 ENDENTERKEY	Line 286 ENDENTERKEY
"Role ".$trolecode);	"Role ".$trolecode);

&Apache::lonnet::appenv(	&Apache::lonnet::appenv(
'request.role' => $trolecode,	{'request.role' => $trolecode,
'request.role.domain' => $cdom,	'request.role.domain' => $cdom,
'request.course.sec' => $csec,	'request.course.sec' => $csec,
'request.course.groups' => $cgrps);	'request.course.groups' => $cgrps});
my $tadv=0;	my $tadv=0;

if (($cnum) && ($role ne 'ca') && ($role ne 'aa')) {	if (($cnum) && ($role ne 'ca') && ($role ne 'aa')) {
Line 259 ENDENTERKEY	Line 300 ENDENTERKEY
($env{'form.orgurl'}!~/^\/adm\/flip/)) {	($env{'form.orgurl'}!~/^\/adm\/flip/)) {
my $dest=$env{'form.orgurl'};	my $dest=$env{'form.orgurl'};
if (&Apache::lonnet::allowed('adv') eq 'F') { $tadv=1; }	if (&Apache::lonnet::allowed('adv') eq 'F') { $tadv=1; }
&Apache::lonnet::appenv('request.role.adv'=>$tadv);	&Apache::lonnet::appenv({'request.role.adv'=>$tadv});
if (($ferr) && ($tadv)) {	if (($ferr) && ($tadv)) {
&error_page($r,$ferr,$dest);	&error_page($r,$ferr,$dest);
} else {	} else {
Line 269 ENDENTERKEY	Line 310 ENDENTERKEY
} else {	} else {
if (!$env{'request.course.id'}) {	if (!$env{'request.course.id'}) {
&Apache::lonnet::appenv(	&Apache::lonnet::appenv(
"request.course.id" => $cdom.'_'.$cnum);	{"request.course.id" => $cdom.'_'.$cnum});
$furl='/adm/roles?tryagain=1';	$furl='/adm/roles?tryagain=1';
$msg=	$msg=
'<h1><span class="LC_error">'.	'<h1><span class="LC_error">'.
Line 278 ENDENTERKEY	Line 319 ENDENTERKEY
'</span></h1><h3>'.&mt('Please try again.').'</h3>'.$ferr;	'</span></h1><h3>'.&mt('Please try again.').'</h3>'.$ferr;
}	}
if (&Apache::lonnet::allowed('adv') eq 'F') { $tadv=1; }	if (&Apache::lonnet::allowed('adv') eq 'F') { $tadv=1; }
&Apache::lonnet::appenv('request.role.adv'=>$tadv);	&Apache::lonnet::appenv({'request.role.adv'=>$tadv});

if (($ferr) && ($tadv)) {	if (($ferr) && ($tadv)) {
&error_page($r,$ferr,$furl);	&error_page($r,$ferr,$furl);
Line 295 ENDENTERKEY	Line 336 ENDENTERKEY
$furl = "/adm/helper/course.initialization.helper";	$furl = "/adm/helper/course.initialization.helper";
# Send the user to the course they selected	# Send the user to the course they selected
} elsif ($env{'request.course.id'}) {	} elsif ($env{'request.course.id'}) {
	if ($env{'form.destinationurl'}) {
	my $dest = $env{'form.destinationurl'};
	&redirect_user($r,&mt('Entering [_1]',
	$env{'course.'.$courseid.'.description'}),
	$dest,$msg,
	$env{'environment.remotenavmap'});
	return OK;
	}
if (&Apache::lonnet::allowed('whn',	if (&Apache::lonnet::allowed('whn',
$env{'request.course.id'})	$env{'request.course.id'})
\|\| &Apache::lonnet::allowed('whn',	\|\| &Apache::lonnet::allowed('whn',
Line 365 ENDENTERKEY	Line 414 ENDENTERKEY
my $start_page=&Apache::loncommon::start_page('User Roles');	my $start_page=&Apache::loncommon::start_page('User Roles');
my $standby=&mt('Role selected. Please stand by.');	my $standby=&mt('Role selected. Please stand by.');
$standby=~s/\n/\\n/g;	$standby=~s/\n/\\n/g;
my $noscript='<span class="LC_error">'.&mt('Use of LON-CAPA requires Javascript to be enabled in your web browser.').'<br />'.&mt('As this is not the case, most functionality in the system will ba unavailable.').'</span><br />';	my $noscript='<span class="LC_error">'.&mt('Use of LON-CAPA requires Javascript to be enabled in your web browser.').'<br />'.&mt('As this is not the case, most functionality in the system will be unavailable.').'</span><br />';

$r->print(<<ENDHEADER);	$r->print(<<ENDHEADER);
$start_page	$start_page
Line 410 ENDHEADER	Line 459 ENDHEADER
# -------------------------------------------------------- Generate Page Output	# -------------------------------------------------------- Generate Page Output
# --------------------------------------------------------------- Error Header?	# --------------------------------------------------------------- Error Header?
if ($error) {	if ($error) {
$r->print("<h1>LON-CAPA Access Control</h1>");	$r->print("<h1>".&mt('LON-CAPA Access Control')."</h1>");
$r->print("<!-- LONCAPAACCESSCONTROLERRORSCREEN --><hr /><pre>");	$r->print("<!-- LONCAPAACCESSCONTROLERRORSCREEN --><hr /><pre>");
if ($priv ne '') {	if ($priv ne '') {
$r->print("Access : ".&Apache::lonnet::plaintext($priv)."\n");	$r->print(&mt('Access : ').&Apache::lonnet::plaintext($priv)."\n");
}	}
if ($fn ne '') {	if ($fn ne '') {
$r->print("Resource: ".&Apache::lonenc::check_encrypt($fn)."\n");	$r->print(&mt('Resource: ').&Apache::lonenc::check_encrypt($fn)."\n");
}	}
if ($msg ne '') {	if ($msg ne '') {
$r->print("Action : $msg\n");	$r->print(&mt('Action : ').$msg."\n");
}	}
$r->print("</pre><hr />");	$r->print("</pre><hr />");
my $url=$fn;	my $url=$fn;
Line 642 ENDHEADER	Line 691 ENDHEADER
}	}
# More than one possible role	# More than one possible role
# ----------------------------------------------------------------------- Table	# ----------------------------------------------------------------------- Table
unless (($advanced) \|\| ($nochoose)) {	unless ((!&Apache::lonmenu::show_course()) \|\| ($nochoose)) {
$r->print("<h2>".&mt('Select a Course to Enter')."</h2>\n");	$r->print("<h2>".&mt('Select a Course to Enter')."</h2>\n");
}	}
$r->print('<br /><table id="LC_rolesmenu"><tr>');	$r->print('<br /><table id="LC_rolesmenu"><tr>');
Line 669 ENDHEADER	Line 718 ENDHEADER
$output.=$roletext{'user.role.'.$_};	$output.=$roletext{'user.role.'.$_};
if ($_ =~ m-dc\./($match_domain)/-	if ($_ =~ m-dc\./($match_domain)/-
&& $dcroles{$1}) {	&& $dcroles{$1}) {
$output .= &allcourses_row($1,'recent');	$output .= &allcourses_row($1,'recent').
	&allcoauthors_row($1,'recent');
}	}
} elsif ($numdc > 0) {	} elsif ($numdc > 0) {
unless ($_ =~/^error\:/) {	unless ($_ =~/^error\:/) {
Line 697 ENDHEADER	Line 747 ENDHEADER
$output.=$roletext{$sortrole{$which}};	$output.=$roletext{$sortrole{$which}};
if ($sortrole{$which} =~ m-dc\./($match_domain)/-) {	if ($sortrole{$which} =~ m-dc\./($match_domain)/-) {
if ($dcroles{$1}) {	if ($dcroles{$1}) {
$output .= &allcourses_row($1,'');	$output .= &allcourses_row($1,'').
	&allcoauthors_row($1,'');
}	}
}	}
}	}
Line 881 sub build_roletext {	Line 932 sub build_roletext {
return $roletext;	return $roletext;
}	}

	sub is_author_homeserver {
	my ($uname,$udom)=@_;
	my $home = &Apache::lonnet::homeserver($uname,$udom);
	my @ids=&Apache::lonnet::current_machine_ids();
	foreach my $id (@ids) {
	if ($id eq $home) {
	if (-e "/home/".$uname."/public_html") {
	return 1;
	}
	}
	}
	return 0;
	}

sub check_privs {	sub check_privs {
my ($cdom,$cnum,$then,$now) = @_;	my ($cdom,$cnum,$then,$now,$checkrole) = @_;
my $cckey = 'user.role.cc./'.$cdom.'/'.$cnum;	my $cckey = 'user.role.'.$checkrole.'./'.$cdom.'/'.$cnum;
if ($env{$cckey}) {	if ($env{$cckey}) {
my ($role,$where,$trolecode,$tstart,$tend,$tremark,$tstatus,$tpstart,$tpend,$tfont);	my ($role,$where,$trolecode,$tstart,$tend,$tremark,$tstatus,$tpstart,$tpend,$tfont);
&role_status($cckey,$then,$now,\$role,\$where,\$trolecode,\$tstatus,\$tstart,\$tend);	&role_status($cckey,$then,$now,\$role,\$where,\$trolecode,\$tstatus,\$tstart,\$tend);
unless (($tstatus eq 'is') \|\| ($tstatus eq 'will_not')) {	unless (($tstatus eq 'is') \|\| ($tstatus eq 'will_not')) {
&set_privileges($cdom,$cnum);	&set_privileges($cdom,$cnum,$checkrole);
}	}
} else {	} else {
&set_privileges($cdom,$cnum);	&set_privileges($cdom,$cnum,$checkrole);
}	}
}	}

Line 916 sub check_fordc {	Line 981 sub check_fordc {
return $numdc;	return $numdc;
}	}

	sub adhoc_course_role {
	my ($then) = @_;
	my ($cdom,$cnum);
	my $cdom = $env{'course.'.$env{'request.course.id'}.'.domain'};
	my $cnum = $env{'course.'.$env{'request.course.id'}.'.num'};
	if (&check_forcc($cdom,$cnum,$then)) {
	my $setprivs;
	if (!defined($env{'user.role.'.$env{'form.selectrole'}})) {
	$setprivs = 1;
	} else {
	my ($start,$end) = split(/\./,$env{'user.role.'.$env{'form.selectrole'}});
	if (($start && ($start>$then \|\| $start == -1)) \|\|
	($end && $end<$then)) {
	$setprivs = 1;
	}
	}
	if ($setprivs) {
	if ($env{'form.switchrole'} =~ m-^(in\|ta\|ep\|ad\|st\|cr)([\w/])\./\Q$cdom\E/\Q$cnum\E(/?\w)$-) {
	my $role = $1;
	my $custom_role = $2;
	my $usec = $3;
	if ($role eq 'cr') {
	if ($custom_role =~ m-^$match_domain/$match_courseid/\w+$-) {
	$role .= $custom_role;
	} else {
	return;
	}
	}
	my (%userroles,%newrole,%newgroups);
	my $area = '/'.$cdom.'/'.$cnum;
	my $spec = $role.'.'.$area;
	if ($usec ne '') {
	$spec .= '/'.$usec;
	$area .= '/'.$usec;
	}
	&Apache::lonnet::standard_roleprivs(\%newrole,$role,$cdom,$spec,$cnum,$area);
	&Apache::lonnet::set_userprivs(\%userroles,\%newrole,%newgroups);
	my $adhocstart = $then-1;
	$userroles{'user.role.'.$spec} = $adhocstart.'.';
	&Apache::lonnet::appenv(\%userroles,[$role,'cm']);
	}
	}
	}
	return;
	}

	sub check_forcc {
	my ($cdom,$cnum,$then) = @_;
	my $is_cc;
	if ($cdom ne '' && $cnum ne '') {
	if (&Apache::lonnet::is_course($cdom,$cnum)) {
	my $envkey = 'user.role.cc./'.$cdom.'/'.$cnum;
	if (defined($env{$envkey})) {
	$is_cc = 1;
	my ($tstart,$tend)=split(/\./,$env{$envkey});
	if ($tstart && $tstart>$then) { $is_cc = 0; }
	if ($tend && $tend <$then) { $is_cc = 0; }
	}
	}
	}
	return $is_cc;
	}

sub courselink {	sub courselink {
my ($dcdom,$rowtype,$selecttype) = @_;	my ($dcdom,$rowtype,$selecttype) = @_;
my $courseform=&Apache::loncommon::selectcourse_link	my $courseform=&Apache::loncommon::selectcourse_link
Line 930 sub courselink {	Line 1058 sub courselink {
}	}

sub coursepick_jscript {	sub coursepick_jscript {
	my %lt = &Apache::lonlocal::texthash(
	plsu => "Please use the 'Select Course' link to open a separate pick course window where you may select the course you wish to enter.",
	youc => 'You can only use this screen to select courses in the current domain.',
	);
my $verify_script = <<"END";	my $verify_script = <<"END";
<script type="text/javascript">	<script type="text/javascript">
function verifyCoursePick(caller) {	function verifyCoursePick(caller) {
Line 945 function verifyCoursePick(caller) {	Line 1077 function verifyCoursePick(caller) {
}	}
}	}
else {	else {
alert("Please use the 'Select Course' link to open a separate pick course window where you may select the course you wish to enter.");	alert("$lt{'plsu'}");
}	}
}	}
else {	else {
alert("You can only use this screen to select courses in the current domain")	alert("$lt{'youc'}")
}	}
}	}
function getIndex(caller) {	function getIndex(caller) {
Line 1005 sub allcourses_row {	Line 1137 sub allcourses_row {
my $ccrole = &Apache::lonnet::plaintext('cc');	my $ccrole = &Apache::lonnet::plaintext('cc');
$output.= '<span class="LC_rolesinfo">'.	$output.= '<span class="LC_rolesinfo">'.
&mt('[_1]: [_2] from domain [_3]',$ccrole,$selectlink,$dcdom).	&mt('[_1]: [_2] from domain [_3]',$ccrole,$selectlink,$dcdom).
	'</span><br /></tr>'."\n";
	return $output;
	}

	sub allcoauthors_row {
	my ($dcdom,$rowtype) = @_;
	my $output = '<tr bgcolor="#77FF77">'.
	' <td colspan="5">';
	my $carole = &Apache::lonnet::plaintext('ca');
	my $inputlink='<input type="text" size="10" name="adhoccauname'.$rowtype.'.'.$dcdom.'" />';
	my $gobutton='<input type="submit" name="adhocca./'.$dcdom.'" value="'.&mt('Go').'" />';
	$output.= '<span class="LC_rolesinfo">'.
	&mt('[_1]: [_2] in domain [_3] [_4]',$carole,$inputlink,$dcdom,$gobutton).
'</span><br /></tr><tr><td colspan="5" height="3"></td></tr>'."\n";	'</span><br /></tr><tr><td colspan="5" height="3"></td></tr>'."\n";
return $output;	return $output;
}	}
Line 1015 sub recent_filename {	Line 1160 sub recent_filename {
}	}

sub set_privileges {	sub set_privileges {
my ($dcdom,$pickedcourse) = @_;	# role can be cc or ca
	my ($dcdom,$pickedcourse,$role) = @_;
my $area = '/'.$dcdom.'/'.$pickedcourse;	my $area = '/'.$dcdom.'/'.$pickedcourse;
my $role = 'cc';
my $spec = $role.'.'.$area;	my $spec = $role.'.'.$area;
my %userroles = &Apache::lonnet::set_arearole($role,$area,'','',	my %userroles = &Apache::lonnet::set_arearole($role,$area,'','',
$env{'user.domain'},	$env{'user.domain'},
Line 1025 sub set_privileges {	Line 1170 sub set_privileges {
my %ccrole = ();	my %ccrole = ();
&Apache::lonnet::standard_roleprivs(\%ccrole,$role,$dcdom,$spec,$pickedcourse,$area);	&Apache::lonnet::standard_roleprivs(\%ccrole,$role,$dcdom,$spec,$pickedcourse,$area);
my ($author,$adv)= &Apache::lonnet::set_userprivs(\%userroles,\%ccrole);	my ($author,$adv)= &Apache::lonnet::set_userprivs(\%userroles,\%ccrole);
&Apache::lonnet::appenv(%userroles);	&Apache::lonnet::appenv(\%userroles,[$role,'cm']);

&Apache::lonnet::log($env{'user.domain'},	&Apache::lonnet::log($env{'user.domain'},
$env{'user.name'},	$env{'user.name'},
$env{'user.home'},	$env{'user.home'},
"Role ".$role);	"Role ".$role);
&Apache::lonnet::appenv(	&Apache::lonnet::appenv(
'request.role' => $spec,	{'request.role' => $spec,
'request.role.domain' => $dcdom,	'request.role.domain' => $dcdom,
'request.course.sec' => '');	'request.course.sec' => ''});
my $tadv=0;	my $tadv=0;
if (&Apache::lonnet::allowed('adv') eq 'F') { $tadv=1; }	if (&Apache::lonnet::allowed('adv') eq 'F') { $tadv=1; }
&Apache::lonnet::appenv('request.role.adv' => $tadv);	&Apache::lonnet::appenv({'request.role.adv' => $tadv});
}	}

sub courseloadpage {	sub courseloadpage {

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>

Removed from v.1.180
changed lines
	Added in v.1.189