--- loncom/auth/lonroles.pm 2016/10/14 23:11:04 1.316 +++ loncom/auth/lonroles.pm 2025/02/23 05:16:01 1.376 @@ -1,7 +1,7 @@ # The LearningOnline Network with CAPA # User Roles Screen # -# $Id: lonroles.pm,v 1.316 2016/10/14 23:11:04 raeburn Exp $ +# $Id: lonroles.pm,v 1.376 2025/02/23 05:16:01 raeburn Exp $ # # Copyright Michigan State University Board of Trustees # @@ -145,6 +145,77 @@ use GDBM_File; use LONCAPA qw(:DEFAULT :match); use HTML::Entities; +my $registered_cleanup; +my $rosterupdates; + +sub start_loading_course { + my ($r,$title,$only_body) = @_; + &Apache::loncommon::content_type($r,'text/html'); + &Apache::loncommon::no_cache($r); + $r->send_http_header; + if ($only_body) { + $r->print(&Apache::loncommon::start_page($title,undef,{'only_body' => 1, + 'add_progressbar' => 1})); + } else { + my $swinfo=&Apache::lonmenu::rawconfig(); + # Breadcrumbs + my $brcrum = [{'href' => '', + 'text' => $title},]; + my $start_page = &Apache::loncommon::start_page($title,undef, + {'bread_crumbs' => $brcrum, + 'bread_crumbs_nomenu' => 1, + 'links_disabled' => 1}); + $r->print(< +// + +ENDREDIR + } + $r->print('
'."\n"); + return; +} + +sub finish_loading_course { + my ($r,$msg,$url,$only_body) = @_; + my $link = ''; + my $end_page = &Apache::loncommon::end_page(); + my $js_url = &js_escape($url); + my $reenable; + unless ($only_body) { + $reenable = < a').removeAttr("aria-disabled"); + \$('.isDisabled').removeClass("isDisabled"); +REENABLE + } + $r->print(< +// + +$link +
+$end_page +END + return; +} sub redirect_user { my ($r,$title,$url,$msg) = @_; @@ -153,20 +224,26 @@ sub redirect_user { &Apache::loncommon::no_cache($r); $r->send_http_header; - # Breadcrumbs - my $brcrum = [{'href' => $url, - 'text' => 'Switching Role'},]; - my $start_page = &Apache::loncommon::start_page('Switching Role',undef, - {'redirect' => [1,$url], - 'bread_crumbs' => $brcrum,}); - my $end_page = &Apache::loncommon::end_page(); + my $start_page; + if ($env{'request.lti.login'}) { + $start_page = &Apache::loncommon::start_page(undef,undef, + {'redirect' => [0,$url],}).$msg; + } else { + # Breadcrumbs + my $brcrum = [{'href' => $url, + 'text' => 'Switching Role'},]; + $start_page = &Apache::loncommon::start_page('Switching Role',undef, + {'redirect' => [1,$url], + 'bread_crumbs' => $brcrum,}). + "\n

$msg

"; + } + my $end_page = &Apache::loncommon::end_page(); # Note to style police: # This must only replace the spaces, nothing else, or it bombs elsewhere. $url=~s/ /\%20/g; $r->print(<$msg

$end_page ENDREDIR return; @@ -174,29 +251,22 @@ ENDREDIR sub error_page { my ($r,$error,$dest)=@_; - &Apache::loncommon::content_type($r,'text/html'); - &Apache::loncommon::no_cache($r); - $r->send_http_header; - return OK if $r->header_only; - # Breadcrumbs - my $brcrum = [{'href' => $dest, - 'text' => 'Problems during Course Initialization'},]; - $r->print(&Apache::loncommon::start_page('Problems during Course Initialization', - undef, - {'bread_crumbs' => $brcrum,}) - ); - $r->print( - ''. - '

'.&mt('The following problems occurred:'). - '
'. - $error. - '


'.&mt('Continue').'' + my %lt = &Apache::lonlocal::texthash( + pdc => 'Problems during Course Initialization', + tfp => 'The following problems occurred:', + con => 'Continue', ); - $r->print(&Apache::loncommon::end_page()); + my $end_page = &Apache::loncommon::end_page(); + $dest = &HTML::Entities::encode($dest,'"<>&'); + $r->print(<$lt{'pdc'} +

$lt{'tfp'} +
+$error +


$lt{'con'} +$end_page +END + return; } sub handler { @@ -204,7 +274,7 @@ sub handler { my $r = shift; # Check for critical messages and redirect if present. - my ($redirect,$url) = &Apache::loncommon::critical_redirect(300); + my ($redirect,$url) = &Apache::loncommon::critical_redirect(300,'roles'); if ($redirect) { &Apache::loncommon::content_type($r,'text/html'); $r->header_out(Location => $url); @@ -222,9 +292,132 @@ sub handler { $update = $then; } + my ($norolelist,$blocked_by_ip,$blocked_type,$clientip); + $clientip = &Apache::lonnet::get_requestor_ip($r); + if (($env{'request.course.id'}) && ($env{'request.deeplink.login'})) { + my $cnum = $env{'course.'.$env{'request.course.id'}.'.num'}; + my $cdom = $env{'course.'.$env{'request.course.id'}.'.domain'}; + my $crstype = $env{'course.'.$env{'request.course.id'}.'.type'}; + my $deeplink_symb = &Apache::loncommon::deeplink_login_symb($cnum,$cdom); + if ($deeplink_symb) { + my ($menucoll,$deeplinkmenu,$menuref) = &Apache::loncommon::menucoll_in_effect(); + if (ref($menuref) eq 'HASH') { + unless (($menuref->{'role'}) || ($env{'request.role.adv'})) { + foreach my $envkey (keys(%env)) { + next unless ($envkey =~ /^form\./); + if ($envkey =~ m{\./($match_domain)/($match_courseid)(?:/(\w+)|$)}) { + unless (($1 eq $cdom) && ($2 eq $cnum)) { + delete($env{$envkey}); + } + } + } + if ($env{'form.selectrole'}) { + if ($env{'form.switchrole'} =~ m{\./($match_domain)/($match_courseid)(?:/(\w+)|$)}) { + unless (($1 eq $cdom) && ($2 eq $cnum)) { + delete($env{'form.selectrole'}); + delete($env{'form.switchrole'}); + } + } elsif ($env{'form.newrole'} =~ m{\./($match_domain)/($match_courseid)(?:/(\w+)|$)}) { + unless (($1 eq $cdom) && ($2 eq $cnum)) { + delete($env{'form.selectrole'}); + delete($env{'form.newrole'}); + } + } + } + $norolelist = 1; + } + } + } + } + + if ($env{'form.selectrole'}) { + my ($role,$cdom,$cnum,$rest); + if ($env{'form.switchrole'} =~ m{^(co|cc|in|ta|ep|ad|st|cr).*?\./($match_domain)/($match_courseid)(/(\w+)|$)}) { + ($role,$cdom,$cnum,$rest) = ($1,$2,$3,$4); + } elsif ($env{'form.newrole'} =~ m{^(co|cc|in|ta|ep|ad|st|cr).*?\./($match_domain)/($match_courseid)(/(\w+)|$)}) { + ($role,$cdom,$cnum,$rest) = ($1,$2,$3,$4); + } + if ($cdom ne '') { + my ($has_evb,$check_ipaccess,$showrole); + $showrole = 1; + my $checkrole = "cm./$cdom/$cnum"; + if ($rest ne '') { + $checkrole .= "/$rest"; + } + if ((&Apache::lonnet::allowed('evb',undef,undef,$checkrole)) && + ($role ne 'st')) { + $has_evb = 1; + } + unless ($has_evb) { + my @machinedoms = &Apache::lonnet::current_machine_domains(); + my $udom = $env{'user.domain'}; + if ($udom eq $cdom) { + $check_ipaccess = 1; + } elsif (($udom ne '') && (grep(/^\Q$udom\E$/,@machinedoms))) { + $check_ipaccess = 1; + } else { + my $lonhost = $Apache::lonnet::perlvar{'lonHostID'}; + my $internet_names = &Apache::lonnet::get_internet_names($lonhost); + my $cprim = &Apache::lonnet::domain($cdom,'primary'); + my $cintdom = &Apache::lonnet::internet_dom($cprim); + if (($cintdom ne '') && (ref($internet_names) eq 'ARRAY')) { + if (grep(/^\Q$cintdom\E$/,@{$internet_names})) { + $check_ipaccess = 1; + } + } + } + if ($check_ipaccess) { + my ($ipaccessref,$cached)=&Apache::lonnet::is_cached_new('ipaccess',$cdom); + unless (defined($cached)) { + my %domconfig = + &Apache::lonnet::get_dom('configuration',['ipaccess'],$cdom); + $ipaccessref = &Apache::lonnet::do_cache_new('ipaccess',$cdom,$domconfig{'ipaccess'},1800); + } + if (ref($ipaccessref) eq 'HASH') { + foreach my $id (keys(%{$ipaccessref})) { + if (ref($ipaccessref->{$id}) eq 'HASH') { + my $range = $ipaccessref->{$id}->{'ip'}; + if ($range) { + my $type = 'exclude'; + if (&Apache::lonnet::ip_match($clientip,$range)) { + $type = 'include'; + } + if (ref($ipaccessref->{$id}->{'courses'}) eq 'HASH') { + if ($ipaccessref->{$id}->{'courses'}{$cdom.'_'.$cnum}) { + if ($type eq 'include') { + $showrole = 1; + last; + } else { + $showrole = 0; + } + } else { + if ($type eq 'include') { + $showrole = 0; + } else { + $showrole = 1; + } + } + } + } + } + } + } + } + } + unless ($showrole) { + $blocked_by_ip = 1; + $blocked_type = &Apache::loncommon::course_type($cdom.'_'.$cnum); + delete($env{'form.selectrole'}); + delete($env{'form.newrole'}); + } + } + } + + $registered_cleanup=0; + @{$rosterupdates}=(); &Apache::loncommon::get_unprocessed_cgi($ENV{'QUERY_STRING'}); -# -------------------------------------------------- Check if setting hot list +# -------------------------------------------------- Check if setting hot list my $hotlist; if ($env{'form.action'} eq 'verify_and_change_rolespref') { $hotlist = &Apache::lonpreferences::verify_and_change_rolespref($r); @@ -253,13 +446,27 @@ sub handler { $reqauthor = &Apache::loncoursequeueadmin::process_reqauthor(\$update); } +# ------------------------------------------------- Check for approval results + my $approvalresult; + if (($env{'form.approvals'} eq 'show') && ($env{'form.state'} eq 'done')) { + $approvalresult = &Apache::loncoursequeueadmin::update_request_queue('othdombyuser', + $env{'user.domain'}); + } my $envkey; my %dcroles = (); - my $numdc = &check_fordc(\%dcroles,$update,$then); + my %helpdeskroles = (); + my ($numdc,$numhelpdesk,$numadhoc) = + &check_for_adhoc(\%dcroles,\%helpdeskroles,$update,$then); my $loncaparev = $r->dir_config('lonVersion'); # ================================================================== Roles Init if ($env{'form.selectrole'}) { + if (($env{'request.lti.login'}) && ($env{'request.lti.target'} eq '')) { + if ($env{'form.ltitarget'} eq 'iframe') { + &Apache::lonnet::appenv({'request.lti.target' => 'iframe'}); + delete($env{'form.ltitarget'}); + } + } my $locknum=&Apache::lonnet::get_locks(); if ($locknum) { return 409; } @@ -267,9 +474,9 @@ sub handler { my $custom_adhoc; if ($env{'form.newrole'}) { $env{'form.'.$env{'form.newrole'}}=1; -# Check if this is a Domain Helpdesk role trying to enter a course +# Check if this is a Domain Helpdesk or Domain Helpdesk Assistant role trying to enter a course if ($env{'form.newrole'} =~ m{^cr/($match_domain)/\1\-domainconfig/\w+\./\1/$match_courseid$}) { - if (&Apache::lonnet::allowed('rar',$1)) { + if ($helpdeskroles{$1}) { $custom_adhoc = 1; } } @@ -300,99 +507,126 @@ sub handler { "request.course.sec" => '', "request.course.tied" => '', "request.course.timechecked" => '', + "request.course.suppupdated" => '', "request.role" => 'cm', "request.role.adv" => $env{'user.adv'}, "request.role.domain" => $env{'user.domain'}}); # Check if Domain Helpdesk role trying to enter a course needs privs to be created - if ($env{'form.newrole'} =~ m{^cr/($match_domain)/\1\-domainconfig/(\w+)\./\1/($match_courseid)$}) { + if ($env{'form.newrole'} =~ m{^cr/($match_domain)/\1\-domainconfig/(\w+)\./\1/($match_courseid)(?:/(\w+)|$)}) { my $cdom = $1; my $rolename = $2; my $cnum = $3; + my $sec = $4; if ($custom_adhoc) { - my %adhocroles = &Apache::lonnet::userenvironment($env{'user.domain'},$env{'user.name'}, - 'adhocroles.'.$cdom); - if (keys(%adhocroles)) { - my @adhoc = split(',',$adhocroles{'adhocroles.'.$cdom}); - if (grep(/^\Q$rolename\E$/,@adhoc)) { + my ($possroles,$description) = &Apache::lonnet::get_my_adhocroles($cdom.'_'.$cnum,1); + if (ref($possroles) eq 'ARRAY') { + if (grep(/^\Q$rolename\E$/,@{$possroles})) { if (&Apache::lonnet::check_adhoc_privs($cdom,$cnum,$update,$refresh,$now, - "cr/$cdom/$cdom".'-domainconfig/'.$rolename)) { + "cr/$cdom/$cdom".'-domainconfig/'.$rolename,undef,$sec)) { &Apache::lonnet::appenv({"environment.internal.$cdom.$cnum.cr/$cdom/$cdom".'-domainconfig/'."$rolename.adhoc" => time}); } } } } - } elsif ($numdc > 0) { + } elsif (($numdc > 0) || ($numhelpdesk > 0)) { # Check if user is a DC trying to enter a course or author space and needs privs to be created +# Check if user is a DH or DA trying to enter a course and needs privs to be created foreach my $envkey (keys(%env)) { # Is this an ad-hoc Coordinator role? - if (my ($ccrole,$domain,$coursenum) = - ($envkey =~ m-^form\.(cc|co)\./($match_domain)/($match_courseid)$-)) { - if ($dcroles{$domain}) { - if (&Apache::lonnet::check_adhoc_privs($domain,$coursenum, - $update,$refresh,$now,$ccrole)) { - &Apache::lonnet::appenv({"environment.internal.$domain.$coursenum.$ccrole.adhoc" => time}); - } - } - last; - } -# Is this an ad-hoc CA-role? - if (my ($domain,$user) = - ($envkey =~ m-^form\.ca\./($match_domain)/($match_username)$-)) { - if (($domain eq $env{'user.domain'}) && ($user eq $env{'user.name'})) { - delete($env{$envkey}); - $env{'form.au./'.$domain.'/'} = 1; - my ($server_status,$home) = &check_author_homeserver($user,$domain); - if ($server_status eq 'switchserver') { - my $trolecode = 'au./'.$domain.'/'; - my $switchserver = '/adm/switchserver?otherserver='.$home.'&role='.$trolecode; - $r->internal_redirect($switchserver); - return OK; + if ($numdc) { + if (my ($ccrole,$domain,$coursenum) = + ($envkey =~ m-^form\.(cc|co)\./($match_domain)/($match_courseid)$-)) { + if ($dcroles{$domain}) { + if (&Apache::lonnet::check_adhoc_privs($domain,$coursenum, + $update,$refresh,$now,$ccrole)) { + &Apache::lonnet::appenv({"environment.internal.$domain.$coursenum.$ccrole.adhoc" => time}); + } } last; } - if (my ($castart,$caend) = ($env{'user.role.ca./'.$domain.'/'.$user} =~ /^(\d*)\.(\d*)$/)) { - if (((($castart) && ($castart < $now)) || !$castart) && - ((!$caend) || (($caend) && ($caend > $now)))) { +# Is this an ad-hoc CA-role? + if (my ($domain,$user) = + ($envkey =~ m-^form\.ca\./($match_domain)/($match_username)$-)) { + if (($domain eq $env{'user.domain'}) && ($user eq $env{'user.name'})) { + delete($env{$envkey}); + $env{'form.au./'.$domain.'/'} = 1; my ($server_status,$home) = &check_author_homeserver($user,$domain); if ($server_status eq 'switchserver') { - my $trolecode = 'ca./'.$domain.'/'.$user; + my $trolecode = 'au./'.$domain.'/'; my $switchserver = '/adm/switchserver?otherserver='.$home.'&role='.$trolecode; $r->internal_redirect($switchserver); return OK; } last; } - } - # Check if author blocked ca-access - my %blocked=&Apache::lonnet::get('environment',['domcoord.author'],$domain,$user); - if ($blocked{'domcoord.author'} eq 'blocked') { - delete($env{$envkey}); - $env{'user.error.msg'}=':::1:User '.$user.' in domain '.$domain.' blocked domain coordinator access'; + if (my ($castart,$caend) = ($env{'user.role.ca./'.$domain.'/'.$user} =~ /^(\d*)\.(\d*)$/)) { + if (((($castart) && ($castart < $now)) || !$castart) && + ((!$caend) || (($caend) && ($caend > $now)))) { + my ($server_status,$home) = &check_author_homeserver($user,$domain); + if ($server_status eq 'switchserver') { + my $trolecode = 'ca./'.$domain.'/'.$user; + my $switchserver = '/adm/switchserver?otherserver='.$home.'&role='.$trolecode; + $r->internal_redirect($switchserver); + return OK; + } + last; + } + } + # Check if author blocked ca-access + my %blocked=&Apache::lonnet::get('environment',['domcoord.author'],$domain,$user); + if ($blocked{'domcoord.author'} eq 'blocked') { + delete($env{$envkey}); + $env{'user.error.msg'}=':::1:User '.$user.' in domain '.$domain.' blocked domain coordinator access'; + last; + } + if ($dcroles{$domain}) { + my ($server_status,$home) = &check_author_homeserver($user,$domain); + if (($server_status eq 'ok') || ($server_status eq 'switchserver')) { + &Apache::lonnet::check_adhoc_privs($domain,$user,$update, + $refresh,$now,'ca'); + if ($server_status eq 'switchserver') { + my $trolecode = 'ca./'.$domain.'/'.$user; + my $switchserver = '/adm/switchserver?' + .'otherserver='.$home.'&role='.$trolecode; + $r->internal_redirect($switchserver); + return OK; + } + } else { + delete($env{$envkey}); + } + } else { + delete($env{$envkey}); + } last; } - if ($dcroles{$domain}) { - my ($server_status,$home) = &check_author_homeserver($user,$domain); - if (($server_status eq 'ok') || ($server_status eq 'switchserver')) { - &Apache::lonnet::check_adhoc_privs($domain,$user,$update, - $refresh,$now,'ca'); - if ($server_status eq 'switchserver') { - my $trolecode = 'ca./'.$domain.'/'.$user; - my $switchserver = '/adm/switchserver?' - .'otherserver='.$home.'&role='.$trolecode; - $r->internal_redirect($switchserver); - return OK; + } + if ($numhelpdesk) { +# Is this an ad hoc custom role in a course/community? + if (my ($domain,$rolename,$coursenum,$sec) = ($envkey =~ m{^form\.cr/($match_domain)/\1\-domainconfig/(\w+)\./\1/($match_courseid)(?:/(\w+)|$)})) { + if ($helpdeskroles{$domain}) { + my ($possroles,$description) = &Apache::lonnet::get_my_adhocroles($domain.'_'.$coursenum,1); + if (ref($possroles) eq 'ARRAY') { + if (grep(/^\Q$rolename\E$/,@{$possroles})) { + if (&Apache::lonnet::check_adhoc_privs($domain,$coursenum,$update,$refresh,$now, + "cr/$domain/$domain".'-domainconfig/'.$rolename, + undef,$sec)) { + &Apache::lonnet::appenv({"environment.internal.$domain.$coursenum.cr/$domain/$domain". + '-domainconfig/'."$rolename.adhoc" => time}); + } + } else { + delete($env{$envkey}); + } + } else { + delete($env{$envkey}); } } else { delete($env{$envkey}); } - } else { - delete($env{$envkey}); + last; } - last; } } } - foreach $envkey (keys(%env)) { next if ($envkey!~/^user\.role\./); my ($where,$trolecode,$role,$tstatus,$tend,$tstart); @@ -450,17 +684,25 @@ sub handler { $env{'environment.key.'.$cdom.'_'.$cnum}, $authdom,$authnum)) { # there is no valid key + my $swinfo=&Apache::lonmenu::rawconfig(); + my $crumbtext = 'User Roles'; + my $show_course=&Apache::loncommon::show_course(); + if ($show_course) { + $crumbtext = 'Courses'; + } if ($env{'form.newkey'}) { # student attempts to register a new key &Apache::loncommon::content_type($r,'text/html'); &Apache::loncommon::no_cache($r); $r->send_http_header; - my $swinfo=&Apache::lonmenu::rawconfig(); + my $pagetitle = 'Verifying Access Key to Unlock this Course'; + my $brcrum =[{href=>"/adm/roles",text=>$crumbtext}, + {href=>"/adm/roles",text=>'Verify Access Key'}]; my $start_page=&Apache::loncommon::start_page - ('Verifying Access Key to Unlock this Course'); + ($pagetitle, undef,{bread_crumbs=>$brcrum,}); my $end_page=&Apache::loncommon::end_page(); - my $buttontext=&mt('Enter Course'); - my $message=&mt('Successfully registered key'); + my ($buttontext,$message,$inputitem,$accessheader); + my $ip = &Apache::lonnet::get_requestor_ip(); my $assignresult= &Apache::lonnet::assign_access_key( $env{'form.newkey'}, @@ -469,42 +711,64 @@ sub handler { $env{'user.domain'}, $env{'user.name'}, &mt('Assigned from [_1] at [_2] for [_3]' - ,$ENV{'REMOTE_ADDR'} - ,&Apache::lonlocal::locallocaltime() + ,$ip + ,&Apache::lonlocal::locallocaltime($now) ,$trolecode) ); - unless ($assignresult eq 'ok') { - $assignresult=~s/^error\:\s*//; - $message=&mt($assignresult). - '
'. - &mt('Logout').''; - $buttontext=&mt('Re-Enter Key'); - } - $r->print(<&"')).'
'. + &mt('Result').': '.&mt($assignresult); + my $labeltext = &mt('Enter access key'); + $inputitem = ''; + } + $r->print(<<"ENDREGKEY"); $start_page -
+ +
+ -$message
+$inputitem +
$end_page -ENDENTEREDKEY +ENDREGKEY return OK; } else { # print form to enter a new key &Apache::loncommon::content_type($r,'text/html'); &Apache::loncommon::no_cache($r); $r->send_http_header; - my $swinfo=&Apache::lonmenu::rawconfig(); + my $pagetitle = 'Enter Access Key to Unlock this Course'; + my $brcrum =[{href=>"/adm/roles",text=>$crumbtext}, + {href=>"/adm/roles",text=>'Enter Access Key'}]; my $start_page=&Apache::loncommon::start_page - ('Enter Access Key to Unlock this Course'); + ($pagetitle,undef,{bread_crumbs=>$brcrum,}); my $end_page=&Apache::loncommon::end_page(); + my $accessheader = &mt('Access to this course requires an access key'); + my $preamble = &mt('Once you have successfully entered a valid key, you will no longer be prompted for one when entering the course.'); + my $labeltext = &mt('Enter access key'); + my $submittext = &mt('Submit'); $r->print(< @@ -512,12 +776,17 @@ $start_page $swinfo // ]]> +
+

$accessheader

+

$preamble

- - + +
+
$end_page ENDENTERKEY return OK; @@ -528,7 +797,7 @@ ENDENTERKEY $env{'user.name'}, $env{'user.home'}, "Role ".$trolecode); - + &Apache::lonnet::appenv( {'request.role' => $trolecode, 'request.role.domain' => $cdom, @@ -537,20 +806,99 @@ ENDENTERKEY my $tadv=0; if (($cnum) && ($role ne 'ca') && ($role ne 'aa')) { - my $msg; - my ($furl,$ferr)= - &Apache::lonuserstate::readmap($cdom.'/'.$cnum); - unless ($ferr) { + if ($role =~ m{^\Qcr/$cdom/$cdom\E\-domainconfig/(\w+)$}) { + my $rolename = $1; + my %domdef = &Apache::lonnet::get_domain_defaults($cdom); + if (ref($domdef{'adhocroles'}) eq 'HASH') { + if (ref($domdef{'adhocroles'}{$rolename}) eq 'HASH') { + &Apache::lonnet::appenv({'request.role.desc' => $domdef{'adhocroles'}{$rolename}{'desc'}}); + } + } + } + my $crstype = &Apache::loncommon::course_type($cdom.'_'.$cnum); + $crstype = lc($crstype); + my ($msg,$critmsg_check,$title,$loadmsg,$only_body); + $critmsg_check = 1; + $title = &mt("Loading $crstype"); + $loadmsg = &mt("Please be patient while your $crstype loads"); + if (($env{'request.deeplink.login'}) && ($env{'request.linkprot'})) { + if ($env{'request.linkprot'} =~ /^\d+(c|d):\Q$env{'form.destinationurl'}\E$/) { + $title = &mt('Loading LON-CAPA session'); + $loadmsg = &mt('Please be patient while LON-CAPA loads'); + $only_body = 1; + $critmsg_check = 0; + } + } + my $preamble = '
'. + '
'. + $loadmsg. + '
'. + '
'; + my $closure = < +// + +ENDCLOSE + &start_loading_course($r,$title,$only_body); + if ($only_body) { + $r->print('

'.$title.'

'); + } + my %prog_state = &Apache::lonhtmlcommon::Create_PrgWin($r,undef,$preamble); + &Apache::lonhtmlcommon::Update_PrgWin($r,\%prog_state,&mt('Loading ...')); + $r->rflush(); + if ($critmsg_check) { + my $blockcrit = &Apache::loncommon::blocking_status('alert',$clientip,$cnum,$cdom,undef,1); + if ($blockcrit) { + my $checkrole = "cm./$cdom/$cnum"; + if ($csec ne '') { + $checkrole .= "/$csec"; + } + unless ((&Apache::lonnet::allowed('evb',undef,undef,$checkrole)) && + ($trolecode !~ m{^st\./$cdom/$cnum})) { + $critmsg_check = 0; + } + } + } + my ($furl,$ferr)= + &Apache::lonuserstate::readmap($cdom.'/'.$cnum,$critmsg_check); + &Apache::lonhtmlcommon::Update_PrgWin($r,\%prog_state,&mt('Finished!')); + &Apache::lonhtmlcommon::Close_PrgWin($r,\%prog_state); + $r->print($closure); + $r->rflush(); + if ($ferr) { + $furl = '/adm/roles?tryagain=1'; + } else { + &Apache::lonnet::appenv({'request.course.timechecked'=>$now}); unless (($env{'form.switchrole'}) || ($env{"environment.internal.$cdom.$cnum.$role.adhoc"})) { &Apache::lonnet::put('nohist_crslastlogin', {$env{'user.name'}.':'.$env{'user.domain'}. ':'.$csec.':'.$role => $now},$cdom,$cnum); } + if (($env{"environment.internal.$cdom.$cnum.$role.adhoc"}) && + (&Apache::lonnet::allowed('vxc',$cdom.'_'.$cnum))) { + my $owner = $env{'course.'.$cdom.'_'.$cnum.'.internal.courseowner'}; + my @coowners = split(/,/,$env{'course.'.$env{'request.course.id'}.'.internal.co-owners'}); + my %auaccess; + foreach my $user ($owner,@coowners) { + my ($cpname,$cpdom) = split(/:/,$user); + my %auroles = &Apache::lonnet::get_my_roles($cpname,$cpdom,'userroles',undef,['au','ca','aa'],[$cdom]); + foreach my $key (keys(%auroles)) { + my ($auname,$audom,$aurole) = split(/:/,$key); + if ($aurole eq 'au') { + $auaccess{$cpname} = 1; + } else { + $auaccess{$auname} = 1; + } + } + } + &Apache::lonnet::appenv({'request.course.adhocsrcaccess' => join(',',sort(keys(%auaccess))) }); + } my ($feeds,$syllabus_time); &Apache::lonrss::advertisefeeds($cnum,$cdom,undef,\$feeds); &Apache::lonnet::appenv({'request.course.feeds' => $feeds}); - &Apache::lonnet::get_numsuppfiles($cnum,$cdom,1); unless ($env{'course.'.$cdom.'_'.$cnum.'.updatedsyllabus'}) { unless (($env{'course.'.$cdom.'_'.$cnum.'.externalsyllabus'}) || ($env{'course.'.$cdom.'_'.$cnum.'.uploadedsyllabus'})) { @@ -576,9 +924,26 @@ ENDENTERKEY } if (&Apache::lonnet::allowed('adv') eq 'F') { $tadv=1; } &Apache::lonnet::appenv({'request.role.adv'=>$tadv}); + if ($ferr) { + if ($env{'form.orgurl'}) { + $furl .= '&orgurl='.&HTML::Entities::encode($env{'form.orgurl'},'<>&"'); + } + if ($env{'form.symb'}) { + $furl .= '&symb='.&HTML::Entities::encode($env{'form.symb'},'<>&"'); + } + } else { + &set_supplemental_access($cnum,$cdom); + } if (($ferr) && ($tadv)) { - &error_page($r,$ferr,$dest); + &error_page($r,$ferr,$furl); } else { + if ($env{'request.course.id'} eq $cdom.'_'.$cnum) { + if (($env{'form.orgurl'} ne '') && ($env{'form.symb'} ne '')) { + unless (&Apache::lonnet::symbverify($env{'form.symb'},$env{'form.orgurl'})) { + $dest=$env{'form.orgurl'}; + } + } + } if ($dest =~ m{^/adm/coursedocs\?folderpath}) { if ($env{'request.course.id'} eq $cdom.'_'.$cnum) { my $chome = &Apache::lonnet::homeserver($cnum,$cdom); @@ -586,27 +951,62 @@ ENDENTERKEY $cdom.'_'.$cnum); } } - $r->internal_redirect($dest); + if ($ferr) { + if (!$env{'request.course.id'}) { + &Apache::lonnet::appenv( + {"request.course.id" => $cdom.'_'.$cnum}); + $r->print('

'. + &mt('Could not initialize [_1] at this time.', + $env{'course.'.$cdom.'_'.$cnum.'.description'}). + '

'. + '

'. + &mt('Please try again.').'

'. + &Apache::loncommon::end_page()); + } + } else { + if (($env{'request.lti.login'}) && + ($env{'request.lti.rosterid'} || $env{'request.lti.passbackid'})) { + &process_lti($r,$cdom,$cnum); + } + if ($env{'request.deeplink.login'}) { + &set_deeplink_target($cnum,$cdom); + } + $msg = '

'.&mt('Entering [_1] ...', + $env{'course.'.$cdom.'_'.$cnum.'.description'}). + '

'; + &finish_loading_course($r,$msg,$dest,$only_body); + } } + $r->rflush(); return OK; } else { if (!$env{'request.course.id'}) { &Apache::lonnet::appenv( {"request.course.id" => $cdom.'_'.$cnum}); - $furl='/adm/roles?tryagain=1'; - $msg='

' - .&mt('Could not initialize [_1] at this time.', - $env{'course.'.$cdom.'_'.$cnum.'.description'}) - .'

' - .'

'.&mt('Please try again.').'

' - .'

'.$ferr.'

'; } if (&Apache::lonnet::allowed('adv') eq 'F') { $tadv=1; } &Apache::lonnet::appenv({'request.role.adv'=>$tadv}); - - if (($ferr) && ($tadv)) { - &error_page($r,$ferr,$furl); + if ($ferr) { + if ($tadv) { + &error_page($r,$ferr,$furl); + } else { + $r->print('

'. + &mt('Could not initialize [_1] at this time.', + $env{'course.'.$cdom.'_'.$cnum.'.description'}). + '

'. + '

'.&mt('Please try again.').'

'. + ''. + &Apache::loncommon::end_page()); + } } else { + &set_supplemental_access($cnum,$cdom); + if (($env{'request.lti.login'}) && + ($env{'request.lti.rosterid'} || $env{'request.lti.passbackid'})) { + &process_lti($r,$cdom,$cnum); + } + if ($env{'request.deeplink.login'}) { + &set_deeplink_target($cnum,$cdom); + } # Check to see if the user is a CC entering a course # for the first time if ((($role eq 'cc') || ($role eq 'co')) @@ -619,9 +1019,11 @@ ENDENTERKEY my ($score,$incomplete) = &Apache::lonplacementtest::check_completion(undef,undef,1); if (($incomplete) && ($incomplete < 100)) { - &redirect_user($r, &mt('Entering [_1]', - $env{'course.'.$cdom.'_'.$cnum.'.description'}), - '/adm/placement', $msg); + $msg = '

'.&mt('Entering [_1] ...', + $env{'course.'.$cdom.'_'.$cnum.'.description'}). + '

'; + &finish_loading_course($r,$msg,'/adm/placement',$only_body); + $r->rflush(); return OK; } } @@ -637,6 +1039,18 @@ ENDENTERKEY } } } + if (($dest =~ m{^\Q/public/$cdom/$cnum/syllabus\E.*(\?|\&)usehttp=1}) || + ($dest =~ m{^\Q/adm/wrapper/ext/\E(?!https:)})) { + if ($ENV{'SERVER_PORT'} == 443) { + my $hostname = $r->hostname(); + unless ((&Apache::lonnet::uses_sts()) || + (&Apache::lonnet::waf_allssl($hostname))) { + if ($hostname ne '') { + $dest = 'http://'.$hostname.$dest; + } + } + } + } if ($dest =~ m{^/enc/}) { if ($env{'request.role.adv'}) { $dest = &Apache::lonenc::unencrypted($dest); @@ -669,12 +1083,19 @@ ENDENTERKEY unless (($dest =~ m{^/enc/}) || ($dest =~ /(\?|\&)symb=.+___\d+___.+/)) { if (($destsymb ne '') && ($destsymb !~ m{^/enc/})) { my $esc_symb = &escape($destsymb); - $dest .= '?symb='.$esc_symb; + $dest .= (($dest =~/\?/)? '&':'?').'symb='.$esc_symb; } } - &redirect_user($r, &mt('Entering [_1]', - $env{'course.'.$cdom.'_'.$cnum.'.description'}), - $dest, $msg); + if ($env{'form.ttoken'}) { + $dest .= (($dest =~/\?/)? '&':'?').'ttoken='.$env{'form.ttoken'}; + } + unless (($env{'request.lti.login'}) || ($env{'request.deeplink.login'})) { + $msg = '

'.&mt('Entering [_1] ...', + $env{'course.'.$cdom.'_'.$cnum.'.description'}). + '

'; + } + &finish_loading_course($r,$msg,$dest,$only_body); + $r->rflush(); return OK; } if (&Apache::lonnet::allowed('whn', @@ -685,39 +1106,66 @@ ENDENTERKEY ) { my $startpage = &courseloadpage($env{'request.course.id'}); unless ($startpage eq 'firstres') { - $msg = &mt('Entering [_1] ...', - $env{'course.'.$env{'request.course.id'}.'.description'}); - &redirect_user($r, &mt('New in course'), - '/adm/whatsnew?refpage=start', $msg); + $msg = '

'.&mt('Entering [_1] ...', + $env{'course.'.$cdom.'_'.$cnum.'.description'}). + '

'; + &finish_loading_course($r,$msg,'/adm/whatsnew?refpage=start',$only_body); + $r->rflush(); return OK; } } } # Are we allowed to look at the first resource? - my $access; - if ($furl =~ m{^(/adm/wrapper|)/ext/}) { - # If it's an external resource, - # strip off the symb argument and possible query - my ($exturl,$symb) = ($furl =~ m{^(.+)(?:\?|\&)symb=(.+)$}); - # Unencode $symb - $symb = &unescape($symb); - # Then check for permission - $access = &Apache::lonnet::allowed('bre',$exturl,$symb); - # For other resources just check for permission + # + # $furl returned by lonuserstate::readmap() has format: + # $url?symb=escaped($symb). If the resource has the + # encrypturl parameter in effect, the entire string + # $url?symb=escaped($symb) is encrypted as a string + # beginning /enc/. + # + my ($access,$unencfurl,$unencsymb); + if ($furl =~ m{^(.+)(?:\?|\&)symb=([^&]+)(?:$|&)}) { + my ($poss_url,$poss_symb) = ($1,$2); + $unencsymb = &unescape($poss_symb); + $unencfurl = $poss_url; + } elsif ($furl =~ m{^/enc/}) { + my $unenc = &Apache::lonenc::unencrypted($furl); + if ($unenc =~ m{^(.+)(?:\?|\&)symb=([^&]+)(?:$|&)}) { + ($unencfurl,$unencsymb) = ($1,$2); + $unencsymb = &unescape($unencsymb); + } else { + $unencfurl = $unenc; + } + } else { + $unencfurl = $furl; + } + if ($unencsymb) { + my $symb = &Apache::lonnet::symbclean($unencsymb); + if (($symb ne '') && (&Apache::lonnet::symbverify($symb,$unencfurl))) { + $access = &Apache::lonnet::allowed('bre',$unencfurl,$symb); + } else { + $access = &Apache::lonnet::allowed('bre',$unencfurl); + } } else { - $access = &Apache::lonnet::allowed('bre',$furl); + $access = &Apache::lonnet::allowed('bre',$unencfurl); } - if (!$access) { + if ((!$access) || ($access eq 'B') || ($access eq 'D')) { $furl = &Apache::lonpageflip::first_accessible_resource(); - } elsif ($access eq 'B') { - $furl = '/adm/navmaps?showOnlyHomework=1'; + if ($furl eq '') { + $furl = '/adm/navmaps?showOnlyHomework=1'; + } + } + if ($env{'request.lti.login'}) { + undef($msg); + &finish_loading_course($r,$msg,$furl,$only_body); + } else { + $msg = '

'.&mt('Entering [_1] ...', + $env{'course.'.$cdom.'_'.$cnum.'.description'}). + '

'; + &finish_loading_course($r,$msg,$furl,$only_body); } - $msg = &mt('Entering [_1] ...', - $env{'course.'.$cdom.'_'.$cnum.'.description'}); - &redirect_user($r, &mt('Entering [_1]', - $env{'course.'.$cdom.'_'.$cnum.'.description'}), - $furl, $msg); } + $r->rflush(); return OK; } } @@ -731,6 +1179,12 @@ ENDENTERKEY $redirect_url .= $where; } $redirect_url .= '/'; + if ($env{'form.orgurl'} =~ /^\Q$redirect_url\E/) { + my ($path) = ($env{'form.orgurl'} =~ m{^(.+)/[^/]+$}); + if (($path ne '') && (-e $Apache::lonnet::perlvar{'lonDocRoot'}.$path)) { + $redirect_url = $env{'form.orgurl'}; + } + } &redirect_user($r,&mt('Entering Authoring Space'), $redirect_url); return OK; @@ -747,6 +1201,12 @@ ENDENTERKEY $redirect_url); return OK; } + if ($role eq 'da') { + my $redirect_url = '/adm/menu/'; + &redirect_user($r,&mt('Loading Domain Helpdesk Assistant Menu'), + $redirect_url); + return OK; + } if ($role eq 'sc') { my $redirect_url = '/adm/grades?command=scantronupload'; &redirect_user($r,&mt('Loading Data Upload Page'), @@ -775,7 +1235,11 @@ ENDENTERKEY $crumbtext = 'Courses'; $pagetitle = 'My Courses'; $recent = &mt('Recent Courses'); - $standby = &mt('Course selected. Please stand by.'); + $standby = &mt('Course selected. Please stand by.'); + } + if (($norolelist) && ((split(/:/,$env{'user.error.msg'}))[2])) { + $crumbtext = 'Access Denied'; + $pagetitle = 'Unauthorized'; } my $brcrum =[{href=>"/adm/roles",text=>$crumbtext}]; @@ -813,14 +1277,18 @@ ENDENTERKEY $start_page=&Apache::loncommon::start_page($pagetitle,undef, {bread_crumbs=>$brcrum,crstype=>'Placement'}); } else { - $funcs = &get_roles_functions($showcount,$cattype); - my $crumbsright; - if ($env{'browser.mobile'}) { - $crumbsright = $funcs; - undef($funcs); + my ($crumbsright,$crumbs_style); + unless (($norolelist) && ((split(/:/,$env{'user.error.msg'}))[2])) { + $funcs = &get_roles_functions($showcount,$cattype,$domdefs{'userapprovals'}); + if ($env{'browser.mobile'}) { + $crumbsright = $funcs; + undef($funcs); + $crumbs_style = 'overflow: visible;'; + } } $start_page=&Apache::loncommon::start_page($pagetitle,undef,{bread_crumbs=>$brcrum, - bread_crumbs_component=>$crumbsright}); + bread_crumbs_component=>$crumbsright, + bread_crumbs_style=>$crumbs_style,}); } &js_escape(\$standby); my $noscript='
'.&mt('Use of LON-CAPA requires Javascript to be enabled in your web browser.').'
'.&mt('As this is not the case, most functionality in the system will be unavailable.').'
'; @@ -851,7 +1319,11 @@ function enterrole (thisform,rolecode,bu } function rolesView (caller) { - if ((caller == 'showall') || (caller == 'noshowall')) { + if (caller == 'approvals') { + document.rolechoice.approvals.value = 'show'; + } else if (caller == 'noapprovals') { + document.rolechoice.approvals.value = 'hide'; + } else if ((caller == 'showall') || (caller == 'noshowall')) { document.rolechoice.display.value = caller; } else { if ((caller == 'doupdate') || (caller == 'requestauthor') || @@ -924,9 +1396,18 @@ ENDHEADER } } if ($nochoose) { - $r->print("

".&mt('Sorry ...')."

\n". - &mt('This action is currently not authorized.').''. - &Apache::loncommon::end_page()); + $r->print("
+

".&mt('Sorry ...')."

\n". + &mt('This action is currently not authorized.').''); + if ($error && $norolelist) { + $r->print('

'. + &mt('As your session was launched from a web page external to LON-CAPA some course content may be unavailable, including the resource you were trying to access.'). + '

'. + '

'. + &mt('You may need to login to LON-CAPA directly, or re-launch from a different external system.'). + '

'); + } + $r->print('
'.&Apache::loncommon::end_page()); return OK; } else { if ($updateresult || $reqauthor || $hotlist) { @@ -939,22 +1420,41 @@ ENDHEADER } if ($hotlist) { $showresult .= $hotlist; - } + } $showresult .= ''; $r->print($showresult); } elsif ($env{'form.state'} eq 'queued') { $r->print(&get_queued()); + } elsif ($env{'form.approvals'} eq 'show') { + if ($env{'form.state'} eq 'done') { + $r->print($approvalresult).'
'; + } + $r->print('
'.&mt('Role assignments queued pending your acceptance').''. + &get_approvals(). + '

'); } if (($ENV{'REDIRECT_QUERY_STRING'}) && ($fn)) { $fn.='?'.$ENV{'REDIRECT_QUERY_STRING'}; } my $display = ($env{'form.display'} =~ /^(showall)$/); + my $approvals = ($env{'form.approvals'} =~ /^(show)$/); $r->print('
'); $r->print(''); $r->print(''); $r->print(''); $r->print(''); $r->print(''); + $r->print(''); + if ($blocked_by_ip) { + my $blocked_role = 'student'; + if ($blocked_type eq 'Community') { + $blocked_role = 'member'; + } + $r->print('

'. + &mt('The [_1] you selected is not available for access with a [_2] role from your current IP address: [_3].', + lc($blocked_type),$blocked_role,$clientip). + '

'); + } } $r->rflush(); @@ -1000,16 +1500,40 @@ ENDHEADER } } + if ($norolelist) { + if ($env{'request.role'}) { + my ($roletext,$role_text_end) = &display_curr_role($env{'request.role'}); + if ($roletext) { + $r->print(&Apache::loncommon::start_data_table('LC_textsize_mobile'). + &Apache::loncommon::start_data_table_row(). + $roletext. + &Apache::loncommon::end_data_table_row()); + if ($role_text_end) { + $r->print(&Apache::loncommon::continue_data_table_row(). + $role_text_end. + &Apache::loncommon::end_data_table_row()); + } + $r->print(&Apache::loncommon::end_data_table()); + } + } + $r->print(&Apache::loncommon::end_page()); + return OK; + } + # No active roles if ($countactive==0) { - &requestcourse_advice($r,$cattype,$inrole); + my $elapsed = 0; + if ($now && $update) { + $elapsed = $now - $update; + } + &requestcourse_advice($r,$cattype,$inrole,$elapsed); $r->print('
'); if ($countfuture) { $r->print(&mt('The following [quant,_1,role,roles] will become active in the future:',$countfuture)); my $doheaders = &roletable_headers($r,\%roleclass,\%sortrole, $nochoose); &print_rolerows($r,$doheaders,\%roleclass,\%sortrole,\%dcroles, - \%roletext); + \%roletext,$update,$then); my $tremark=''; my $tbg; if ($env{'request.role'} eq 'cm') { @@ -1044,10 +1568,12 @@ ENDHEADER } # ----------------------------------------------------------------------- Table + if (($numdc > 0) || (($numhelpdesk > 0) && ($numadhoc > 0))) { + $r->print(&coursepick_jscript(). + &Apache::loncommon::coursebrowser_javascript()); + } if ($numdc > 0) { - $r->print(&coursepick_jscript()); - $r->print(&Apache::loncommon::coursebrowser_javascript(). - &Apache::loncommon::authorbrowser_javascript()); + $r->print(&Apache::loncommon::authorbrowser_javascript()); } unless ((!&Apache::loncommon::show_course()) || ($nochoose) || ($countactive==1)) { @@ -1077,9 +1603,11 @@ ENDHEADER $roletext{'user.role.'.$role}->[1]. &Apache::loncommon::end_data_table_row(); } - if ($role =~ m{dc\./($match_domain)/} + if ($role =~ m{^dc\./($match_domain)/$} && $dcroles{$1}) { $output .= &adhoc_roles_row($1,'recent'); + } elsif ($role =~ m{^(dh|da)\./($match_domain)/$}) { + $output .= &adhoc_customroles_row($1,$2,'recent',$update,$then); } } elsif ($numdc > 0) { unless ($role =~/^error\:/) { @@ -1108,7 +1636,7 @@ ENDHEADER $doheaders ++; } } - &print_rolerows($r,$doheaders,\%roleclass,\%sortrole,\%dcroles,\%roletext); + &print_rolerows($r,$doheaders,\%roleclass,\%sortrole,\%dcroles,\%roletext,$update,$then); if ($countactive > 1) { my $tremark=''; my $tbg; @@ -1184,7 +1712,9 @@ sub gather_roles { my $advanced = $env{'user.adv'}; my $tryagain = $env{'form.tryagain'}; my @ids = &Apache::lonnet::current_machine_ids(); + my (%willtrust,%trustchecked); if (ref($roles_in_env) eq 'HASH') { + my %adhocdesc; foreach my $envkey (sort(keys(%{$roles_in_env}))) { my $button = 1; my $switchserver=''; @@ -1236,8 +1766,10 @@ sub gather_roles { my $trole; if ($role =~ /^cr\//) { my ($rdummy,$rdomain,$rauthor,$rrole)=split(/\//,$role); - if ($tremark) { $tremark.='
'; } - $tremark.=&mt('Custom role defined by [_1].',$rauthor.':'.$rdomain); + unless ($rauthor eq $rdomain.'-domainconfig') { + if ($tremark) { $tremark.='
'; } + $tremark.=&mt('Custom role defined by [_1].',$rauthor.':'.$rdomain); + } } $trole=Apache::lonnet::plaintext($role); my $ttype; @@ -1249,10 +1781,23 @@ sub gather_roles { if (($role eq 'ca') || ($role eq 'aa')) { my $home = &Apache::lonnet::homeserver($trest,$tdom); my $allowed=0; + my $prohibited; foreach my $id (@ids) { if ($id eq $home) { $allowed=1; } } if (!$allowed) { $button=0; - $switchserver='otherserver='.$home.'&role='.$trolecode; + unless ($trustchecked{$tdom}) { + if ((&Apache::lonnet::will_trust('othcoau',$env{'user.domain'},$tdom)) && + (&Apache::lonnet::will_trust('coaurem',$tdom,$env{'user.domain'}))) { + $willtrust{$tdom} = 1; + $trustchecked{$tdom} = 1; + } + } + if ($willtrust{$tdom}) { + $switchserver='otherserver='.$home.'&role='.$trolecode; + } else { + $prohibited = 1; + $tremark .= &mt('Session switch required but prohibited.'); + } } #next if ($home eq 'no_host'); $home = &Apache::lonnet::hostname($home); @@ -1261,7 +1806,9 @@ sub gather_roles { ': '.$tdom.'
'. ' '.&mt('Server').': '.$home; $env{'course.'.$tdom.'_'.$trest.'.description'}='ca'; - $tremark.=&Apache::lonhtmlcommon::authorbombs('/res/'.$tdom.'/'.$trest.'/'); + unless ($prohibited) { + $tremark.=&Apache::lonhtmlcommon::authorbombs('/res/'.$tdom.'/'.$trest.'/'); + } $sortkey=$role."$trest:$tdom"; } elsif ($role eq 'au') { # Authors @@ -1284,7 +1831,32 @@ sub gather_roles { } elsif ($trest) { my $tcourseid=$tdom.'_'.$trest; $ttype = &Apache::loncommon::course_type($tcourseid); - $trole = &Apache::lonnet::plaintext($role,$ttype,$tcourseid); + if ($role !~ /^cr/) { + $trole = &Apache::lonnet::plaintext($role,$ttype,$tcourseid); + } elsif ($role =~ m{^\Qcr/$tdom/$tdom\E\-domainconfig/(\w+)$}) { + my $rolename = $1; + my $desc; + if (ref($adhocdesc{$tdom}) eq 'HASH') { + $desc = $adhocdesc{$tdom}{$rolename}; + } else { + my %domdef = &Apache::lonnet::get_domain_defaults($tdom); + if (ref($domdef{'adhocroles'}) eq 'HASH') { + foreach my $rolename (sort(keys(%{$domdef{'adhocroles'}}))) { + if (ref($domdef{'adhocroles'}{$rolename}) eq 'HASH') { + $adhocdesc{$tdom}{$rolename} = $domdef{'adhocroles'}{$rolename}{'desc'}; + } + } + $desc = $adhocdesc{$tdom}{$rolename}; + } + } + if ($desc ne '') { + $trole = $desc; + } else { + $trole = &mt('Helpdesk[_1]',' '.$rolename); + } + } else { + $trole = (split(/\//,$role,4))[-1]; + } if ($env{'course.'.$tcourseid.'.description'}) { my $home=$env{'course.'.$tcourseid.'.home'}; $twhere=$env{'course.'.$tcourseid.'.description'}; @@ -1430,7 +2002,7 @@ sub roletable_headers { .&Apache::loncommon::start_data_table('LC_textsize_mobile') .&Apache::loncommon::start_data_table_header_row() ); - if (!$nochoose) { $r->print(' '); } + if (!$nochoose) { $r->print(''.&mt('Action').''); } $r->print(''.&mt('User Role').'' .''.&mt('Extent').'' .''.&mt('Start').'' @@ -1458,7 +2030,7 @@ sub roletypes { } sub print_rolerows { - my ($r,$doheaders,$roleclass,$sortrole,$dcroles,$roletext) = @_; + my ($r,$doheaders,$roleclass,$sortrole,$dcroles,$roletext,$update,$then) = @_; if ((ref($roleclass) eq 'HASH') && (ref($sortrole) eq 'HASH')) { my @types = &roletypes(); foreach my $type (@types) { @@ -1476,12 +2048,14 @@ sub print_rolerows { &Apache::loncommon::end_data_table_row(); } } - if ($sortrole->{$which} =~ m-dc\./($match_domain)/-) { + if ($sortrole->{$which} =~ m{^user\.role\.dc\./($match_domain)/}) { if (ref($dcroles) eq 'HASH') { if ($dcroles->{$1}) { $output .= &adhoc_roles_row($1,''); } } + } elsif ($sortrole->{$which} =~ m{^user\.role\.(dh|da)\./($match_domain)/}) { + $output .= &adhoc_customroles_row($1,$2,'',$update,$then); } } } @@ -1502,20 +2076,26 @@ sub print_rolerows { } sub findcourse_advice { - my ($r,$cattype) = @_; + my ($r,$cattype,$elapsed) = @_; my $domdesc = &Apache::lonnet::domain($env{'user.domain'},'description'); my $esc_dom = &HTML::Entities::encode($env{'user.domain'},'"<>&'); if (&Apache::lonnet::auto_run(undef,$env{'user.domain'})) { - $r->print(&mt('If you were expecting to see an active role listed for a particular course in the [_1] domain, it may be missing for one of the following reasons:',$domdesc).' + $r->print('

'.&mt('If you were expecting to see an active role listed for a particular course in the [_1] domain, it may be missing for one of the following reasons:',$domdesc).'

  • '.&mt('The course has yet to be created.').'
  • '.&mt('Automatic enrollment of registered students has not been enabled for the course.').'
  • '.&mt('You are in a section of course for which automatic enrollment in the corresponding LON-CAPA course is not active.').'
  • '.&mt('The start date for automated enrollment has yet to be reached.').'
  • '.&mt('You registered for the course recently and there is a time lag between the time you register, and the time this information becomes available for the update of LON-CAPA course rosters.').'
    • -
'); +
  • '.&mt('Automated enrollment added you to the course in the time since you last logged-in.').' '.&mt('If that is the case you can use the "Check for changes" link in the gray Functions bar to update the list of your available course roles.').'
    • +

    '); } else { - $r->print(&mt('If you were expecting to see an active role listed for a particular course, that course may not have been created yet.').'
    '); + $r->print('

    '.&mt('If you were expecting to see an active role listed for a particular course, that course may not have been created yet.').'

    '); + if ($elapsed > 600) { + $r->print('

    '.&mt('You may also have been assigned to a course in the time since you last logged-in, or checked for changes.'). + '
    '. + &mt('If that is the case you can use the "Check for changes" link in the gray Functions bar to update the list of your available course roles.').'

    '); + } } if (($cattype eq 'std') || ($cattype eq 'domonly')) { $r->print('

    '.&mt('Self-Enrollment').'

    '. @@ -1527,7 +2107,7 @@ sub findcourse_advice { } sub requestcourse_advice { - my ($r,$cattype,$inrole) = @_; + my ($r,$cattype,$inrole,$elapsed) = @_; my $domdesc = &Apache::lonnet::domain($env{'user.domain'},'description'); my $esc_dom = &HTML::Entities::encode($env{'user.domain'},'"<>&'); my (%can_request,%request_doms,$output); @@ -1588,7 +2168,7 @@ sub requestcourse_advice { } else { $r->print('

    '.&mt('Currently no active roles, courses or communities').'

    '); } - &findcourse_advice($r,$cattype); + &findcourse_advice($r,$cattype,$elapsed); } return; } @@ -1651,9 +2231,11 @@ sub privileges_info { sub build_roletext { my ($trolecode,$tdom,$trest,$tstatus,$tryagain,$advanced,$tremark,$tbg,$trole,$twhere, $tpstart,$tpend,$nochoose,$button,$switchserver,$reinit,$switchwarning,$skipcal) = @_; - my ($roletext,$roletext_end); - my $is_dc=($trolecode =~ m/^dc\./); - my $rowspan=($is_dc) ? '' + my ($roletext,$roletext_end,$poss_adhoc); + if ($trolecode =~ m/^d(c|h|a)\./) { + $poss_adhoc = 1; + } + my $rowspan=($poss_adhoc) ? '' : ' rowspan="2" '; unless ($nochoose) { @@ -1706,7 +2288,7 @@ sub build_roletext { $trolecode."','".$buttonname.'\');" />'; } } - if (($trolecode !~ m/^(dc|ca|au|aa)\./) && (!$skipcal)) { + if (($trolecode !~ m/^(ca|aa)\./) && ($trest ne '') && (!$skipcal)) { $tremark.=&Apache::lonannounce::showday(time,1, &Apache::lonannounce::readcalendar($tdom.'_'.$trest)); } @@ -1714,7 +2296,7 @@ sub build_roletext { .''.$twhere.'' .''.$tpstart.'' .''.$tpend.''; - if (!$is_dc) { + unless ($poss_adhoc) { $roletext_end = ''. $tremark.' '. ''; @@ -1739,29 +2321,44 @@ sub check_author_homeserver { } } -sub check_fordc { - my ($dcroles,$update,$then) = @_; +sub check_for_adhoc { + my ($dcroles,$helpdeskroles,$update,$then) = @_; my $numdc = 0; - if ($env{'user.adv'}) { + my $numhelpdesk = 0; + my $numadhoc = 0; + my $num_custom_adhoc = 0; + if (($env{'user.adv'}) || ($env{'user.rar'})) { foreach my $envkey (sort(keys(%env))) { - if ($envkey=~/^user\.role\.dc\.\/($match_domain)\/$/) { - my $dcdom = $1; - my $livedc = 1; + if ($envkey=~/^user\.role\.(dc|dh|da)\.\/($match_domain)\/$/) { + my $role = $1; + my $roledom = $2; + my $liverole = 1; my ($tstart,$tend)=split(/\./,$env{$envkey}); my $limit = $update; - if ($env{'request.role'} eq 'dc./'.$dcdom.'/') { + if ($env{'request.role'} eq "$role./$roledom/") { $limit = $then; } - if ($tstart && $tstart>$limit) { $livedc = 0; } - if ($tend && $tend <$limit) { $livedc = 0; } - if ($livedc) { - $$dcroles{$dcdom} = $envkey; - $numdc++; + if ($tstart && $tstart>$limit) { $liverole = 0; } + if ($tend && $tend <$limit) { $liverole = 0; } + if ($liverole) { + if ($role eq 'dc') { + $dcroles->{$roledom} = $envkey; + $numdc++; + } else { + $helpdeskroles->{$roledom} = $envkey; + my %domdefaults = &Apache::lonnet::get_domain_defaults($roledom); + if (ref($domdefaults{'adhocroles'}) eq 'HASH') { + if (keys(%{$domdefaults{'adhocroles'}})) { + $numadhoc ++; + } + } + $numhelpdesk++; + } } } } } - return $numdc; + return ($numdc,$numhelpdesk,$numadhoc); } sub adhoc_course_role { @@ -1802,9 +2399,15 @@ sub adhoc_course_role { my %cgroups = &Apache::lonnet::get_active_groups($env{'user.domain'}, $env{'user.name'},$cdom,$cnum); + my $ccrole; + if ($crstype eq 'Community') { + $ccrole = 'co'; + } else { + $ccrole = 'cc'; + } foreach my $group (keys(%cgroups)) { $group_privs{$group} = - $env{'user.priv.cc./'.$cdom.'/'.$cnum.'./'.$cdom.'/'.$cnum.'/'.$group}; + $env{'user.priv.'.$ccrole.'./'.$cdom.'/'.$cnum.'./'.$cdom.'/'.$cnum.'/'.$group}; } $newgroups{'/'.$cdom.'/'.$cnum} = \%group_privs; my $area = '/'.$cdom.'/'.$cnum; @@ -1853,15 +2456,16 @@ sub check_forcc { } sub courselink { - my ($dcdom,$rowtype) = @_; + my ($roledom,$rowtype,$role) = @_; my $courseform=&Apache::loncommon::selectcourse_link - ('rolechoice','dccourse'.$rowtype.'_'.$dcdom, - 'dcdomain'.$rowtype.'_'.$dcdom,'coursedesc'.$rowtype.'_'. - $dcdom,$dcdom,undef,'Course/Community'); - my $hiddenitems = ''. - ''. - ''. - ''; + ('rolechoice','course'.$rowtype.'_'.$roledom.'_'.$role, + 'domain'.$rowtype.'_'.$roledom.'_'.$role, + 'coursedesc'.$rowtype.'_'.$roledom.'_'.$role, + $roledom.':'.$role,undef,'Course/Community'); + my $hiddenitems = ''. + ''. + ''. + ''; return $courseform.$hiddenitems; } @@ -1951,14 +2555,47 @@ sub display_cc_role { return ($roletext,$roletext_end); } +sub display_curr_role { + my ($currentrole) = @_; + my ($roletext,$roletext_end); + my $advanced = $env{'user.adv'}; + my $tryagain = $env{'form.tryagain'}; + my ($role,$rest) = split(m{\./},$currentrole,2); + unless (!defined($role) || $role eq '') { + if ($rest =~ m{^($match_domain)/($match_courseid)(?:/(\w+)|$)}) { + my $cdom = $1; + my $cnum = $2; + my $csec = $3; + my $cid = $cdom.'_'.$cnum; + my $ttype = $env{'course.'.$cid.'.type'}; + my $skipcal = 1; + my $tbg='LC_roles_is'; + my $twhere = $env{'course.'.$cid.'.description'}. + ' '. + &Apache::loncommon::syllabuswrapper(&mt('Syllabus'),$cnum,$cdom). + ''; + my $trole = &Apache::lonnet::plaintext($role,$ttype,$cid); + if ($csec) { + $twhere.= '  '.&mt('Section').': '.$csec; + } + if ($role ne 'st') { + $twhere.= '  '.&mt('Domain').': '.$cdom; + } + ($roletext,$roletext_end) = &build_roletext($currentrole,$cdom,$cnum,'is',$tryagain,$advanced,'',$tbg,$trole,$twhere,'','','',1,'','','',$skipcal); + } + } + return ($roletext,$roletext_end); +} + sub adhoc_roles_row { my ($dcdom,$rowtype) = @_; my $output = &Apache::loncommon::continue_data_table_row() .' ' - .&mt('[_1]Ad hoc[_2] roles in domain [_3] --' + .&mt('[_1]Ad hoc[_2] roles in domain [_3]' ,'','',$dcdom) - .' '; - my $selectcclink = &courselink($dcdom,$rowtype); + .' -- '; + my $role = 'cc'; + my $selectcclink = &courselink($dcdom,$rowtype,$role); my $ccrole = &Apache::lonnet::plaintext('co',undef,undef,1); my $carole = &Apache::lonnet::plaintext('ca'); my $selectcalink = &coauthorlink($dcdom,$rowtype); @@ -1968,6 +2605,30 @@ sub adhoc_roles_row { return $output; } +sub adhoc_customroles_row { + my ($role,$dhdom,$rowtype,$update,$then) = @_; + my $liverole = 1; + my ($tstart,$tend)=split(/\./,$env{"user.role.$role./$dhdom/"}); + my $limit = $update; + if (($role eq 'dh') && ($env{'request.role'} eq 'dh./'.$dhdom.'/')) { + $limit = $then; + } + if ($tstart && $tstart>$limit) { $liverole = 0; } + if ($tend && $tend <$limit) { $liverole = 0; } + return unless ($liverole); + my %domdefaults = &Apache::lonnet::get_domain_defaults($dhdom); + if (ref($domdefaults{'adhocroles'}) eq 'HASH') { + if (scalar(keys(%{$domdefaults{'adhocroles'}})) > 0) { + return &Apache::loncommon::continue_data_table_row() + .' ' + .&mt('[_1]Ad hoc[_2] course/community roles in domain [_3]', + '','',$dhdom) + .' -- '.&courselink($dhdom,$rowtype,$role); + } + } + return; +} + sub recent_filename { my $area=shift; return 'nohist_recent_'.&escape($area); @@ -2086,6 +2747,22 @@ sub update_session_roles { } } else { $newrole{$rolekey} = $status_in_db; + if ($role eq 'au') { + my %userenv = + &Apache::lonnet::userenvironment($env{'user.domain'}, + $env{'user.name'},'authoreditors'); + if ($userenv{'authoreditors'}) { + $userenv{'editors'} = $userenv{'authoreditors'}; + } else { + my %domdef = &Apache::lonnet::get_domain_defaults($env{'user.domain'}); + if ($domdef{'editors'} ne '') { + $userenv{'editors'} = $domdef{'editors'}; + } else { + $userenv{'editors'} = 'edit,xml'; + } + } + &Apache::lonnet::appenv(\%userenv); + } } } } @@ -2767,7 +3444,7 @@ sub is_active_course { } sub get_roles_functions { - my ($rolescount,$cattype) = @_; + my ($rolescount,$cattype,$userapprovals) = @_; my @links; push(@links,["javascript:rolesView('doupdate');",'start-here-22x22',&mt('Check for changes')]); if ($env{'environment.canrequest.author'}) { @@ -2796,6 +3473,13 @@ sub get_roles_functions { unless ($cattype eq 'none') { push(@links,['/adm/coursecatalog','ccat-22x22',&mt('Course catalog')]); } + if ($userapprovals) { + if ($env{'form.approvals'} eq 'show') { + push(@links,["javascript:rolesView('noapprovals');",'list-add-22x22',&mt('Hide pending')]); + } else { + push(@links,["javascript:rolesView('approvals');",'list-add-22x22',&mt('Show pending')]); + } + } my $funcs; if ($env{'browser.mobile'}) { my @functions; @@ -2813,7 +3497,7 @@ sub get_roles_functions { foreach my $link (@links) { $funcs .= &Apache::lonhtmlcommon::add_item_funclist( ''. - ''.$link->[2].''. + ''. $link->[2].''); } $funcs .= &Apache::lonhtmlcommon::end_funclist(); @@ -2899,15 +3583,139 @@ sub get_queued { unless ($output) { if ($env{'environment.canrequest.author'} || $env{'environment.canrequest.official'} || $env{'environment.canrequest.unofficial'} || $env{'environment.canrequest.community'}) { - $output = &mt('No requests for courses, communities or authoring currently queued'); + $output = ''. + &mt('No requests for courses, communities or authoring currently queued'). + ''; } else { - $output = &mt('No enrollment requests currently queued awaiting approval'); + $output = ''. + &mt('No enrollment requests currently queued awaiting approval'). + ''; } } return '
    '.&mt('Queued requests').''. $output.'

    '; } +sub get_approvals { + return &Apache::loncoursequeueadmin::display_queued_requests('othdomaction',$env{'user.domain'},'','user'); +} + +sub process_lti { + my ($r,$cdom,$cnum) = @_; + my %lti = &Apache::lonnet::get_domain_lti($cdom,'provider'); + my $uriscope = &LONCAPA::ltiutils::lti_provider_scope($env{'request.lti.uri'}, + $cdom,$cnum); + my $lonhost = $r->dir_config('lonHostID'); + my $internet_names = &Apache::lonnet::get_internet_names($lonhost); + if ($env{'request.lti.rosterid'} && + $env{'request.lti.rosterurl'}) { + if (ref($lti{$env{'request.lti.login'}}) eq 'HASH') { + if ($lti{$env{'request.lti.login'}}{'roster'}) { + my @lcroles = ('in','ta','ep','st'); + my @possibleroles; + foreach my $role (@lcroles) { + if (&Apache::lonnet::allowed('c'.$role,"$cdom/$cnum")) { + push(@possibleroles,$role); + } + } + my $owner = $env{'course.'.$cdom.'_'.$cnum.'.internal.courseowner'}; + if ($owner eq $env{'user.name'}.':'.$env{'user.domain'}) { + my $crstype = &Apache::loncommon::course_type($cdom.'_'.$cnum); + if ($crstype eq 'Community') { + unshift(@possibleroles,'co'); + } else { + unshift(@possibleroles,'cc'); + } + } + if (@possibleroles) { + push(@{$rosterupdates},{cid => $cdom.'_'.$cnum, + lti => $env{'request.lti.login'}, + ltiref => $lti{$env{'request.lti.login'}}, + id => $env{'request.lti.rosterid'}, + url => $env{'request.lti.rosterurl'}, + sourcecrs => $env{'request.lti.sourcecrs'}, + uriscope => $uriscope, + possroles => \@possibleroles, + intdoms => $internet_names, + }); + unless ($registered_cleanup) { + my $handlers = $r->get_handlers('PerlCleanupHandler'); + $r->set_handlers('PerlCleanupHandler' => + [\<ienroll,@{$handlers}]); + $registered_cleanup=1; + } + } + } + } + } + if ($env{'request.lti.passbackid'} && + $env{'request.lti.passbackurl'}) { + if (ref($lti{$env{'request.lti.login'}}) eq 'HASH') { + if ($lti{$env{'request.lti.login'}}{'passback'}) { + my ($pbnum,$error) = + &LONCAPA::ltiutils::store_passbackurl($env{'request.lti.login'}, + $env{'request.lti.passbackurl'}, + $cdom,$cnum); + if ($pbnum eq '') { + $pbnum = $env{'request.lti.passbackurl'}; + } + &Apache::lonnet::put('nohist_'.$cdom.'_'.$cnum.'_passback', + {"$uriscope\0$env{'request.lti.sourcecrs'}\0$env{'request.lti.login'}" => + "$pbnum\0$env{'request.lti.passbackid'}"}); + } + } + } + return; +} + +sub ltienroll { + if (ref($rosterupdates) eq 'ARRAY') { + foreach my $item (@{$rosterupdates}) { + if (ref($item) eq 'HASH') { + &LONCAPA::ltiutils::batchaddroster($item); + } + } + $rosterupdates = []; + } + return OK; +} + +sub set_deeplink_target { + my ($cnum,$cdom) = @_; + if (($cnum ne '') && ($cdom ne '')) { + my $deeplink_symb = &Apache::loncommon::deeplink_login_symb($cnum,$cdom); + if ($deeplink_symb ne '') { + my $deeplink; + if ($deeplink_symb =~ /\.(page|sequence)$/) { + my $mapname = &Apache::lonnet::deversion((&Apache::lonnet::decode_symb($deeplink_symb))[2]); + my $navmap = Apache::lonnavmaps::navmap->new(); + if (ref($navmap)) { + $deeplink = $navmap->get_mapparam(undef,$mapname,'0.deeplink'); + } + } elsif ($deeplink_symb ne '') { + $deeplink = &Apache::lonnet::EXT('resource.0.deeplink',$deeplink_symb); + } + if ($deeplink ne '') { + my ($state,$others,$listed,$scope,$protect,$display,$target) = split(/,/,$deeplink); + if ($target ne '') { + &Apache::lonnet::appenv({'request.deeplink.target' => $target}); + } elsif (exists($env{'request.deeplink.target'})) { + &Apache::lonnet::delenv('request.deeplink.target'); + } + } + } + } + return; +} + +sub set_supplemental_access { + my ($cnum,$cdom) = @_; + my ($supplemental,$refs_updated) = &Apache::loncommon::get_supplemental($cnum,$cdom); + unless ($refs_updated) { + &Apache::loncommon::set_supp_httprefs($cnum,$cdom,$supplemental); + } +} + 1; __END__