--- loncom/auth/lonroles.pm 2008/03/04 22:44:21 1.184
+++ loncom/auth/lonroles.pm 2008/05/14 19:18:37 1.189
@@ -1,7 +1,7 @@
# The LearningOnline Network with CAPA
# User Roles Screen
#
-# $Id: lonroles.pm,v 1.184 2008/03/04 22:44:21 raeburn Exp $
+# $Id: lonroles.pm,v 1.189 2008/05/14 19:18:37 www Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -106,28 +106,39 @@ sub handler {
# ================================================================== Roles Init
if ($env{'form.selectrole'}) {
+
+ my $locknum=&Apache::lonnet::get_locks();
+ if ($locknum) { return 409; }
+
if ($env{'form.newrole'}) {
$env{'form.'.$env{'form.newrole'}}=1;
}
if ($env{'request.course.id'}) {
+ # Check if user is CC trying to select a course role
+ if ($env{'form.switchrole'}) {
+ if (!defined($env{'user.role.'.$env{'form.switchrole'}})) {
+ &adhoc_course_role($then);
+ }
+ }
my %temp=('logout_'.$env{'request.course.id'} => time);
&Apache::lonnet::put('email_status',\%temp);
&Apache::lonnet::delenv('user.state.'.$env{'request.course.id'});
}
- &Apache::lonnet::appenv("request.course.id" => '',
- "request.course.fn" => '',
- "request.course.uri" => '',
- "request.course.sec" => '',
- "request.role" => 'cm',
- "request.role.adv" => $env{'user.adv'},
- "request.role.domain" => $env{'user.domain'});
-
+ &Apache::lonnet::appenv({"request.course.id" => '',
+ "request.course.fn" => '',
+ "request.course.uri" => '',
+ "request.course.sec" => '',
+ "request.role" => 'cm',
+ "request.role.adv" => $env{'user.adv'},
+ "request.role.domain" => $env{'user.domain'}});
# Check if user is a DC trying to enter a course or author space and needs privs to be created
if ($numdc > 0) {
foreach my $envkey (keys %env) {
# Is this an ad-hoc CC-role?
if (my ($domain,$coursenum) =
($envkey =~ m-^form\.cc\./($match_domain)/($match_courseid)$-)) {
+ # See if that is even allowed
+
if ($dcroles{$domain}) {
&check_privs($domain,$coursenum,$then,$now,'cc');
}
@@ -146,9 +157,15 @@ sub handler {
# Is this a new ad-hoc CA-role?
if (my ($domain) =
($envkey =~ m-^form\.adhocca\./($match_domain)$-)) {
+ my $user=$env{'form.adhoccauname.'.$domain};
+ if (!$user) { $user=$env{'form.adhoccaunamerecent.'.$domain} };
+ # See if that is even allowed
+ my %blocked=&Apache::lonnet::get('environment',['domcoord.author'],$domain,$user);
+ if ($blocked{'domcoord.author'} eq 'blocked') {
+ $env{'user.error.msg'}=':::1:User '.$user.' in domain '.$domain.' blocked domain coordinator access';
+ last;
+ }
if ($dcroles{$domain}) {
- my $user=$env{'form.adhoccauname.'.$domain};
- if (!$user) { $user=$env{'form.adhoccaunamerecent.'.$domain} };
if (($user) && ($user=~/$match_username/) && (&is_author_homeserver($user,$domain))) {
&check_privs($domain,$user,$then,$now,'ca');
$env{'form.ca./'.$domain.'/'.$user}=1;
@@ -269,10 +286,10 @@ ENDENTERKEY
"Role ".$trolecode);
&Apache::lonnet::appenv(
- 'request.role' => $trolecode,
- 'request.role.domain' => $cdom,
- 'request.course.sec' => $csec,
- 'request.course.groups' => $cgrps);
+ {'request.role' => $trolecode,
+ 'request.role.domain' => $cdom,
+ 'request.course.sec' => $csec,
+ 'request.course.groups' => $cgrps});
my $tadv=0;
if (($cnum) && ($role ne 'ca') && ($role ne 'aa')) {
@@ -283,7 +300,7 @@ ENDENTERKEY
($env{'form.orgurl'}!~/^\/adm\/flip/)) {
my $dest=$env{'form.orgurl'};
if (&Apache::lonnet::allowed('adv') eq 'F') { $tadv=1; }
- &Apache::lonnet::appenv('request.role.adv'=>$tadv);
+ &Apache::lonnet::appenv({'request.role.adv'=>$tadv});
if (($ferr) && ($tadv)) {
&error_page($r,$ferr,$dest);
} else {
@@ -293,7 +310,7 @@ ENDENTERKEY
} else {
if (!$env{'request.course.id'}) {
&Apache::lonnet::appenv(
- "request.course.id" => $cdom.'_'.$cnum);
+ {"request.course.id" => $cdom.'_'.$cnum});
$furl='/adm/roles?tryagain=1';
$msg=
''.
@@ -302,7 +319,7 @@ ENDENTERKEY
'
'.&mt('Please try again.').'
'.$ferr;
}
if (&Apache::lonnet::allowed('adv') eq 'F') { $tadv=1; }
- &Apache::lonnet::appenv('request.role.adv'=>$tadv);
+ &Apache::lonnet::appenv({'request.role.adv'=>$tadv});
if (($ferr) && ($tadv)) {
&error_page($r,$ferr,$furl);
@@ -319,6 +336,14 @@ ENDENTERKEY
$furl = "/adm/helper/course.initialization.helper";
# Send the user to the course they selected
} elsif ($env{'request.course.id'}) {
+ if ($env{'form.destinationurl'}) {
+ my $dest = $env{'form.destinationurl'};
+ &redirect_user($r,&mt('Entering [_1]',
+ $env{'course.'.$courseid.'.description'}),
+ $dest,$msg,
+ $env{'environment.remotenavmap'});
+ return OK;
+ }
if (&Apache::lonnet::allowed('whn',
$env{'request.course.id'})
|| &Apache::lonnet::allowed('whn',
@@ -434,16 +459,16 @@ ENDHEADER
# -------------------------------------------------------- Generate Page Output
# --------------------------------------------------------------- Error Header?
if ($error) {
- $r->print("LON-CAPA Access Control
");
+ $r->print("".&mt('LON-CAPA Access Control')."
");
$r->print("
");
if ($priv ne '') {
- $r->print("Access : ".&Apache::lonnet::plaintext($priv)."\n");
+ $r->print(&mt('Access : ').&Apache::lonnet::plaintext($priv)."\n");
}
if ($fn ne '') {
- $r->print("Resource: ".&Apache::lonenc::check_encrypt($fn)."\n");
+ $r->print(&mt('Resource: ').&Apache::lonenc::check_encrypt($fn)."\n");
}
if ($msg ne '') {
- $r->print("Action : $msg\n");
+ $r->print(&mt('Action : ').$msg."\n");
}
$r->print("
");
my $url=$fn;
@@ -956,6 +981,69 @@ sub check_fordc {
return $numdc;
}
+sub adhoc_course_role {
+ my ($then) = @_;
+ my ($cdom,$cnum);
+ my $cdom = $env{'course.'.$env{'request.course.id'}.'.domain'};
+ my $cnum = $env{'course.'.$env{'request.course.id'}.'.num'};
+ if (&check_forcc($cdom,$cnum,$then)) {
+ my $setprivs;
+ if (!defined($env{'user.role.'.$env{'form.selectrole'}})) {
+ $setprivs = 1;
+ } else {
+ my ($start,$end) = split(/\./,$env{'user.role.'.$env{'form.selectrole'}});
+ if (($start && ($start>$then || $start == -1)) ||
+ ($end && $end<$then)) {
+ $setprivs = 1;
+ }
+ }
+ if ($setprivs) {
+ if ($env{'form.switchrole'} =~ m-^(in|ta|ep|ad|st|cr)([\w/]*)\./\Q$cdom\E/\Q$cnum\E(/?\w*)$-) {
+ my $role = $1;
+ my $custom_role = $2;
+ my $usec = $3;
+ if ($role eq 'cr') {
+ if ($custom_role =~ m-^$match_domain/$match_courseid/\w+$-) {
+ $role .= $custom_role;
+ } else {
+ return;
+ }
+ }
+ my (%userroles,%newrole,%newgroups);
+ my $area = '/'.$cdom.'/'.$cnum;
+ my $spec = $role.'.'.$area;
+ if ($usec ne '') {
+ $spec .= '/'.$usec;
+ $area .= '/'.$usec;
+ }
+ &Apache::lonnet::standard_roleprivs(\%newrole,$role,$cdom,$spec,$cnum,$area);
+ &Apache::lonnet::set_userprivs(\%userroles,\%newrole,%newgroups);
+ my $adhocstart = $then-1;
+ $userroles{'user.role.'.$spec} = $adhocstart.'.';
+ &Apache::lonnet::appenv(\%userroles,[$role,'cm']);
+ }
+ }
+ }
+ return;
+}
+
+sub check_forcc {
+ my ($cdom,$cnum,$then) = @_;
+ my $is_cc;
+ if ($cdom ne '' && $cnum ne '') {
+ if (&Apache::lonnet::is_course($cdom,$cnum)) {
+ my $envkey = 'user.role.cc./'.$cdom.'/'.$cnum;
+ if (defined($env{$envkey})) {
+ $is_cc = 1;
+ my ($tstart,$tend)=split(/\./,$env{$envkey});
+ if ($tstart && $tstart>$then) { $is_cc = 0; }
+ if ($tend && $tend <$then) { $is_cc = 0; }
+ }
+ }
+ }
+ return $is_cc;
+}
+
sub courselink {
my ($dcdom,$rowtype,$selecttype) = @_;
my $courseform=&Apache::loncommon::selectcourse_link
@@ -1082,19 +1170,19 @@ sub set_privileges {
my %ccrole = ();
&Apache::lonnet::standard_roleprivs(\%ccrole,$role,$dcdom,$spec,$pickedcourse,$area);
my ($author,$adv)= &Apache::lonnet::set_userprivs(\%userroles,\%ccrole);
- &Apache::lonnet::appenv(%userroles);
+ &Apache::lonnet::appenv(\%userroles,[$role,'cm']);
&Apache::lonnet::log($env{'user.domain'},
$env{'user.name'},
$env{'user.home'},
"Role ".$role);
&Apache::lonnet::appenv(
- 'request.role' => $spec,
+ {'request.role' => $spec,
'request.role.domain' => $dcdom,
- 'request.course.sec' => '');
+ 'request.course.sec' => ''});
my $tadv=0;
if (&Apache::lonnet::allowed('adv') eq 'F') { $tadv=1; }
- &Apache::lonnet::appenv('request.role.adv' => $tadv);
+ &Apache::lonnet::appenv({'request.role.adv' => $tadv});
}
sub courseloadpage {