--- loncom/auth/lonroles.pm 2007/09/10 16:07:32 1.179 +++ loncom/auth/lonroles.pm 2008/05/14 19:18:37 1.189 @@ -1,7 +1,7 @@ # The LearningOnline Network with CAPA # User Roles Screen # -# $Id: lonroles.pm,v 1.179 2007/09/10 16:07:32 raeburn Exp $ +# $Id: lonroles.pm,v 1.189 2008/05/14 19:18:37 www Exp $ # # Copyright Michigan State University Board of Trustees # @@ -106,29 +106,70 @@ sub handler { # ================================================================== Roles Init if ($env{'form.selectrole'}) { + + my $locknum=&Apache::lonnet::get_locks(); + if ($locknum) { return 409; } + if ($env{'form.newrole'}) { $env{'form.'.$env{'form.newrole'}}=1; } if ($env{'request.course.id'}) { + # Check if user is CC trying to select a course role + if ($env{'form.switchrole'}) { + if (!defined($env{'user.role.'.$env{'form.switchrole'}})) { + &adhoc_course_role($then); + } + } my %temp=('logout_'.$env{'request.course.id'} => time); &Apache::lonnet::put('email_status',\%temp); &Apache::lonnet::delenv('user.state.'.$env{'request.course.id'}); } - &Apache::lonnet::appenv("request.course.id" => '', - "request.course.fn" => '', - "request.course.uri" => '', - "request.course.sec" => '', - "request.role" => 'cm', - "request.role.adv" => $env{'user.adv'}, - "request.role.domain" => $env{'user.domain'}); - -# Check if user is a DC trying to enter a course and needs privs to be created + &Apache::lonnet::appenv({"request.course.id" => '', + "request.course.fn" => '', + "request.course.uri" => '', + "request.course.sec" => '', + "request.role" => 'cm', + "request.role.adv" => $env{'user.adv'}, + "request.role.domain" => $env{'user.domain'}}); +# Check if user is a DC trying to enter a course or author space and needs privs to be created if ($numdc > 0) { foreach my $envkey (keys %env) { +# Is this an ad-hoc CC-role? if (my ($domain,$coursenum) = ($envkey =~ m-^form\.cc\./($match_domain)/($match_courseid)$-)) { + # See if that is even allowed + + if ($dcroles{$domain}) { + &check_privs($domain,$coursenum,$then,$now,'cc'); + } + last; + } +# Is this a recent ad-hoc CA-role? + if (my ($domain,$user) = + ($envkey =~ m-^form\.ca\./($match_domain)/($match_username)$-)) { + if (($dcroles{$domain}) && (&is_author_homeserver($user,$domain))) { + &check_privs($domain,$user,$then,$now,'ca'); + } else { + delete($env{$envkey}); + } + last; + } +# Is this a new ad-hoc CA-role? + if (my ($domain) = + ($envkey =~ m-^form\.adhocca\./($match_domain)$-)) { + my $user=$env{'form.adhoccauname.'.$domain}; + if (!$user) { $user=$env{'form.adhoccaunamerecent.'.$domain} }; + # See if that is even allowed + my %blocked=&Apache::lonnet::get('environment',['domcoord.author'],$domain,$user); + if ($blocked{'domcoord.author'} eq 'blocked') { + $env{'user.error.msg'}=':::1:User '.$user.' in domain '.$domain.' blocked domain coordinator access'; + last; + } if ($dcroles{$domain}) { - &check_privs($domain,$coursenum,$then,$now); + if (($user) && ($user=~/$match_username/) && (&is_author_homeserver($user,$domain))) { + &check_privs($domain,$user,$then,$now,'ca'); + $env{'form.ca./'.$domain.'/'.$user}=1; + } } last; } @@ -245,10 +286,10 @@ ENDENTERKEY "Role ".$trolecode); &Apache::lonnet::appenv( - 'request.role' => $trolecode, - 'request.role.domain' => $cdom, - 'request.course.sec' => $csec, - 'request.course.groups' => $cgrps); + {'request.role' => $trolecode, + 'request.role.domain' => $cdom, + 'request.course.sec' => $csec, + 'request.course.groups' => $cgrps}); my $tadv=0; if (($cnum) && ($role ne 'ca') && ($role ne 'aa')) { @@ -259,7 +300,7 @@ ENDENTERKEY ($env{'form.orgurl'}!~/^\/adm\/flip/)) { my $dest=$env{'form.orgurl'}; if (&Apache::lonnet::allowed('adv') eq 'F') { $tadv=1; } - &Apache::lonnet::appenv('request.role.adv'=>$tadv); + &Apache::lonnet::appenv({'request.role.adv'=>$tadv}); if (($ferr) && ($tadv)) { &error_page($r,$ferr,$dest); } else { @@ -269,7 +310,7 @@ ENDENTERKEY } else { if (!$env{'request.course.id'}) { &Apache::lonnet::appenv( - "request.course.id" => $cdom.'_'.$cnum); + {"request.course.id" => $cdom.'_'.$cnum}); $furl='/adm/roles?tryagain=1'; $msg= '

'. @@ -278,7 +319,7 @@ ENDENTERKEY '

'.&mt('Please try again.').'

'.$ferr; } if (&Apache::lonnet::allowed('adv') eq 'F') { $tadv=1; } - &Apache::lonnet::appenv('request.role.adv'=>$tadv); + &Apache::lonnet::appenv({'request.role.adv'=>$tadv}); if (($ferr) && ($tadv)) { &error_page($r,$ferr,$furl); @@ -295,6 +336,14 @@ ENDENTERKEY $furl = "/adm/helper/course.initialization.helper"; # Send the user to the course they selected } elsif ($env{'request.course.id'}) { + if ($env{'form.destinationurl'}) { + my $dest = $env{'form.destinationurl'}; + &redirect_user($r,&mt('Entering [_1]', + $env{'course.'.$courseid.'.description'}), + $dest,$msg, + $env{'environment.remotenavmap'}); + return OK; + } if (&Apache::lonnet::allowed('whn', $env{'request.course.id'}) || &Apache::lonnet::allowed('whn', @@ -365,7 +414,7 @@ ENDENTERKEY my $start_page=&Apache::loncommon::start_page('User Roles'); my $standby=&mt('Role selected. Please stand by.'); $standby=~s/\n/\\n/g; - my $noscript=''.&mt('Use of LON-CAPA requires Javascript to be enabled in your web browser.').'
'.&mt('As this is not the case, most functionality in the system will ba unavailable.').'
'; + my $noscript=''.&mt('Use of LON-CAPA requires Javascript to be enabled in your web browser.').'
'.&mt('As this is not the case, most functionality in the system will be unavailable.').'
'; $r->print(<print("

LON-CAPA Access Control

"); + $r->print("

".&mt('LON-CAPA Access Control')."

"); $r->print("
");
 	if ($priv ne '') {
-	    $r->print("Access  : ".&Apache::lonnet::plaintext($priv)."\n");
+            $r->print(&mt('Access  : ').&Apache::lonnet::plaintext($priv)."\n");
 	}
 	if ($fn ne '') {
-	    $r->print("Resource: ".&Apache::lonenc::check_encrypt($fn)."\n");
+            $r->print(&mt('Resource: ').&Apache::lonenc::check_encrypt($fn)."\n");
 	}
 	if ($msg ne '') {
-	    $r->print("Action  : $msg\n");
+            $r->print(&mt('Action  : ').$msg."\n");
 	}
 	$r->print("
"); my $url=$fn; @@ -642,7 +691,7 @@ ENDHEADER } # More than one possible role # ----------------------------------------------------------------------- Table - unless (($advanced) || ($nochoose)) { + unless ((!&Apache::lonmenu::show_course()) || ($nochoose)) { $r->print("

".&mt('Select a Course to Enter')."

\n"); } $r->print('
'); @@ -669,7 +718,8 @@ ENDHEADER $output.=$roletext{'user.role.'.$_}; if ($_ =~ m-dc\./($match_domain)/- && $dcroles{$1}) { - $output .= &allcourses_row($1,'recent'); + $output .= &allcourses_row($1,'recent'). + &allcoauthors_row($1,'recent'); } } elsif ($numdc > 0) { unless ($_ =~/^error\:/) { @@ -697,7 +747,8 @@ ENDHEADER $output.=$roletext{$sortrole{$which}}; if ($sortrole{$which} =~ m-dc\./($match_domain)/-) { if ($dcroles{$1}) { - $output .= &allcourses_row($1,''); + $output .= &allcourses_row($1,''). + &allcoauthors_row($1,''); } } } @@ -881,17 +932,31 @@ sub build_roletext { return $roletext; } +sub is_author_homeserver { + my ($uname,$udom)=@_; + my $home = &Apache::lonnet::homeserver($uname,$udom); + my @ids=&Apache::lonnet::current_machine_ids(); + foreach my $id (@ids) { + if ($id eq $home) { + if (-e "/home/".$uname."/public_html") { + return 1; + } + } + } + return 0; +} + sub check_privs { - my ($cdom,$cnum,$then,$now) = @_; - my $cckey = 'user.role.cc./'.$cdom.'/'.$cnum; + my ($cdom,$cnum,$then,$now,$checkrole) = @_; + my $cckey = 'user.role.'.$checkrole.'./'.$cdom.'/'.$cnum; if ($env{$cckey}) { my ($role,$where,$trolecode,$tstart,$tend,$tremark,$tstatus,$tpstart,$tpend,$tfont); &role_status($cckey,$then,$now,\$role,\$where,\$trolecode,\$tstatus,\$tstart,\$tend); unless (($tstatus eq 'is') || ($tstatus eq 'will_not')) { - &set_privileges($cdom,$cnum); + &set_privileges($cdom,$cnum,$checkrole); } } else { - &set_privileges($cdom,$cnum); + &set_privileges($cdom,$cnum,$checkrole); } } @@ -916,6 +981,69 @@ sub check_fordc { return $numdc; } +sub adhoc_course_role { + my ($then) = @_; + my ($cdom,$cnum); + my $cdom = $env{'course.'.$env{'request.course.id'}.'.domain'}; + my $cnum = $env{'course.'.$env{'request.course.id'}.'.num'}; + if (&check_forcc($cdom,$cnum,$then)) { + my $setprivs; + if (!defined($env{'user.role.'.$env{'form.selectrole'}})) { + $setprivs = 1; + } else { + my ($start,$end) = split(/\./,$env{'user.role.'.$env{'form.selectrole'}}); + if (($start && ($start>$then || $start == -1)) || + ($end && $end<$then)) { + $setprivs = 1; + } + } + if ($setprivs) { + if ($env{'form.switchrole'} =~ m-^(in|ta|ep|ad|st|cr)([\w/]*)\./\Q$cdom\E/\Q$cnum\E(/?\w*)$-) { + my $role = $1; + my $custom_role = $2; + my $usec = $3; + if ($role eq 'cr') { + if ($custom_role =~ m-^$match_domain/$match_courseid/\w+$-) { + $role .= $custom_role; + } else { + return; + } + } + my (%userroles,%newrole,%newgroups); + my $area = '/'.$cdom.'/'.$cnum; + my $spec = $role.'.'.$area; + if ($usec ne '') { + $spec .= '/'.$usec; + $area .= '/'.$usec; + } + &Apache::lonnet::standard_roleprivs(\%newrole,$role,$cdom,$spec,$cnum,$area); + &Apache::lonnet::set_userprivs(\%userroles,\%newrole,%newgroups); + my $adhocstart = $then-1; + $userroles{'user.role.'.$spec} = $adhocstart.'.'; + &Apache::lonnet::appenv(\%userroles,[$role,'cm']); + } + } + } + return; +} + +sub check_forcc { + my ($cdom,$cnum,$then) = @_; + my $is_cc; + if ($cdom ne '' && $cnum ne '') { + if (&Apache::lonnet::is_course($cdom,$cnum)) { + my $envkey = 'user.role.cc./'.$cdom.'/'.$cnum; + if (defined($env{$envkey})) { + $is_cc = 1; + my ($tstart,$tend)=split(/\./,$env{$envkey}); + if ($tstart && $tstart>$then) { $is_cc = 0; } + if ($tend && $tend <$then) { $is_cc = 0; } + } + } + } + return $is_cc; +} + sub courselink { my ($dcdom,$rowtype,$selecttype) = @_; my $courseform=&Apache::loncommon::selectcourse_link @@ -930,6 +1058,10 @@ sub courselink { } sub coursepick_jscript { + my %lt = &Apache::lonlocal::texthash( + plsu => "Please use the 'Select Course' link to open a separate pick course window where you may select the course you wish to enter.", + youc => 'You can only use this screen to select courses in the current domain.', + ); my $verify_script = <<"END"; -END - return $process_pick; -} - sub display_cc_role { my $rolekey = shift; my $roletext; @@ -1031,6 +1137,19 @@ sub allcourses_row { my $ccrole = &Apache::lonnet::plaintext('cc'); $output.= ''. &mt('[_1]: [_2] from domain [_3]',$ccrole,$selectlink,$dcdom). + '
'."\n"; + return $output; +} + +sub allcoauthors_row { + my ($dcdom,$rowtype) = @_; + my $output = ''. + ' '."\n"; return $output; } @@ -1041,9 +1160,9 @@ sub recent_filename { } sub set_privileges { - my ($dcdom,$pickedcourse) = @_; +# role can be cc or ca + my ($dcdom,$pickedcourse,$role) = @_; my $area = '/'.$dcdom.'/'.$pickedcourse; - my $role = 'cc'; my $spec = $role.'.'.$area; my %userroles = &Apache::lonnet::set_arearole($role,$area,'','', $env{'user.domain'}, @@ -1051,18 +1170,19 @@ sub set_privileges { my %ccrole = (); &Apache::lonnet::standard_roleprivs(\%ccrole,$role,$dcdom,$spec,$pickedcourse,$area); my ($author,$adv)= &Apache::lonnet::set_userprivs(\%userroles,\%ccrole); - &Apache::lonnet::appenv(%userroles); + &Apache::lonnet::appenv(\%userroles,[$role,'cm']); + &Apache::lonnet::log($env{'user.domain'}, $env{'user.name'}, $env{'user.home'}, "Role ".$role); &Apache::lonnet::appenv( - 'request.role' => $spec, + {'request.role' => $spec, 'request.role.domain' => $dcdom, - 'request.course.sec' => ''); + 'request.course.sec' => ''}); my $tadv=0; if (&Apache::lonnet::allowed('adv') eq 'F') { $tadv=1; } - &Apache::lonnet::appenv('request.role.adv' => $tadv); + &Apache::lonnet::appenv({'request.role.adv' => $tadv}); } sub courseloadpage {
'; + my $carole = &Apache::lonnet::plaintext('ca'); + my $inputlink=''; + my $gobutton=''; + $output.= ''. + &mt('[_1]: [_2] in domain [_3] [_4]',$carole,$inputlink,$dcdom,$gobutton). '