loncom/auth/lonroles.pm - view

File: [LON-CAPA] / loncom / auth / lonroles.pm
Revision 1.90: download - view: text, annotated - select for diffs
Sat May 8 16:26:32 2004 UTC (20 years, 3 months ago) by www
Branches: MAIN
CVS tags: HEAD

Saving my work.

1: # The LearningOnline Network with CAPA 2: # User Roles Screen 3: # 4: # $Id: lonroles.pm,v 1.90 2004/05/08 16:26:32 www Exp $ 5: # 6: # Copyright Michigan State University Board of Trustees 7: # 8: # This file is part of the LearningOnline Network with CAPA (LON-CAPA). 9: # 10: # LON-CAPA is free software; you can redistribute it and/or modify 11: # it under the terms of the GNU General Public License as published by 12: # the Free Software Foundation; either version 2 of the License, or 13: # (at your option) any later version. 14: # 15: # LON-CAPA is distributed in the hope that it will be useful, 16: # but WITHOUT ANY WARRANTY; without even the implied warranty of 17: # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 18: # GNU General Public License for more details. 19: # 20: # You should have received a copy of the GNU General Public License 21: # along with LON-CAPA; if not, write to the Free Software 22: # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 23: # 24: # /home/httpd/html/adm/gpl.txt 25: # 26: # http://www.lon-capa.org/ 27: # 28: ### 29: 30: package Apache::lonroles; 31: 32: use strict; 33: use Apache::lonnet(); 34: use Apache::lonuserstate(); 35: use Apache::Constants qw(:common); 36: use Apache::File(); 37: use Apache::lonmenu; 38: use Apache::loncommon; 39: use Apache::lonannounce; 40: use Apache::lonlocal; 41: 42: sub redirect_user { 43: my ($r,$title,$url,$msg) = @_; 44: $msg = $title if (! defined($msg)); 45: &Apache::loncommon::content_type($r,'text/html'); 46: &Apache::loncommon::no_cache($r); 47: $r->send_http_header; 48: my $swinfo=&Apache::lonmenu::rawconfig(); 49: my $bodytag=&Apache::loncommon::bodytag('Switching Role'); 50: $r->print (<<ENDREDIR); 51: <head><title>$title</title> 52: <meta HTTP-EQUIV="Refresh" CONTENT="1; url=$url"> 53: </head> 54: <html> 55: $bodytag 56: <script> 57: $swinfo 58: </script> 59: <h1>$msg</h1> 60: </body> 61: </html> 62: ENDREDIR 63: return; 64: } 65: 66: sub handler { 67: 68: my $r = shift; 69: 70: my $now=time; 71: my $then=$ENV{'user.login.time'}; 72: my $envkey; 73: 74: 75: # ================================================================== Roles Init 76: 77: if ($ENV{'form.selectrole'}) { 78: if ($ENV{'request.course.id'}) { 79: my %temp=('logout_'.$ENV{'request.course.id'} => time); 80: &Apache::lonnet::put('email_status',\%temp); 81: } 82: &Apache::lonnet::appenv("request.course.id" => '', 83: "request.course.fn" => '', 84: "request.course.uri" => '', 85: "request.course.sec" => '', 86: "request.role" => 'cm', 87: "request.role.adv" => $ENV{'user.adv'}, 88: "request.role.domain" => $ENV{'user.domain'}); 89: foreach $envkey (keys %ENV) { 90: next if ($envkey!~/^user\.role\./); 91: my (undef,undef,$role,@pwhere)=split(/\./,$envkey); 92: my $where=join('.',@pwhere); 93: my $trolecode=$role.'.'.$where; 94: if ($ENV{'form.'.$trolecode}) { 95: my ($tstart,$tend)=split(/\./,$ENV{$envkey}); 96: my $tstatus='is'; 97: if ($tstart) { 98: if ($tstart>$then) { 99: $tstatus='future'; 100: } 101: } 102: if ($tend) { 103: if ($tend<$then) { $tstatus='expired'; } 104: if ($tend<$now) { $tstatus='will_not'; } 105: } 106: if ($tstatus eq 'is') { 107: $where=~s/^\///; 108: my ($cdom,$cnum,$csec)=split(/\//,$where); 109: # check for keyed access 110: if (($role eq 'st') && 111: ($ENV{'course.'.$cdom.'_'.$cnum.'.keyaccess'} eq 'yes')) { 112: # who is key authority? 113: my $authdom=$cdom; 114: my $authnum=$cnum; 115: if ($ENV{'course.'.$cdom.'_'.$cnum.'.keyauth'}) { 116: ($authnum,$authdom)= 117: split(/\W/,$ENV{'course.'.$cdom.'_'.$cnum.'.keyauth'}); 118: } 119: # check with key authority 120: unless (&Apache::lonnet::validate_access_key( 121: $ENV{'environment.key.'.$cdom.'_'.$cnum}, 122: $authdom,$authnum)) { 123: # there is no valid key 124: if ($ENV{'form.newkey'}) { 125: # student attempts to register a new key 126: &Apache::loncommon::content_type($r,'text/html'); 127: &Apache::loncommon::no_cache($r); 128: $r->send_http_header; 129: my $swinfo=&Apache::lonmenu::rawconfig(); 130: my $bodytag=&Apache::loncommon::bodytag 131: ('Verifying Access Key to Unlock this Course'); 132: my $buttontext=&mt('Enter Course'); 133: my $message=&mt('Successfully registered key'); 134: my $assignresult= 135: &Apache::lonnet::assign_access_key( 136: $ENV{'form.newkey'}, 137: $authdom,$authnum, 138: $ENV{'user.domain'}, 139: $ENV{'user.name'}, 140: 'Assigned from '.$ENV{'REMOTE_ADDR'}.' at '.localtime().' for '. 141: $trolecode); 142: unless ($assignresult eq 'ok') { 143: $assignresult=~s/^error\:\s*//; 144: $message=&mt($assignresult). 145: '<br /><a href="/adm/logout">'. 146: &mt('Logout').'</a>'; 147: $buttontext=&mt('Re-Enter Key'); 148: } 149: $r->print(<<ENDENTEREDKEY); 150: <head><title>Verifying Course Access Key</title> 151: </head> 152: <html> 153: $bodytag 154: <script> 155: $swinfo 156: </script> 157: <form method="post"> 158: <input type="hidden" name="selectrole" value="1" /> 159: <input type="hidden" name="$trolecode" value="1" /> 160: <font size="+2">$message</font><br /> 161: <input type="submit" value="$buttontext" /> 162: </form> 163: </body></html> 164: ENDENTEREDKEY 165: return OK; 166: } else { 167: # print form to enter a new key 168: &Apache::loncommon::content_type($r,'text/html'); 169: &Apache::loncommon::no_cache($r); 170: $r->send_http_header; 171: my $swinfo=&Apache::lonmenu::rawconfig(); 172: my $bodytag=&Apache::loncommon::bodytag 173: ('Enter Access Key to Unlock this Course'); 174: $r->print(<<ENDENTERKEY); 175: <head><title>Entering Course Access Key</title> 176: </head> 177: <html> 178: $bodytag 179: <script> 180: $swinfo 181: </script> 182: <form method="post"> 183: <input type="hidden" name="selectrole" value="1" /> 184: <input type="hidden" name="$trolecode" value="1" /> 185: <input type="text" size="20" name="newkey" value="$ENV{'form.newkey'}" /> 186: <input type="submit" value="Enter key" /> 187: </form> 188: </body></html> 189: ENDENTERKEY 190: return OK; 191: } 192: } 193: } 194: &Apache::lonnet::log($ENV{'user.domain'}, 195: $ENV{'user.name'}, 196: $ENV{'user.home'}, 197: "Role ".$trolecode); 198: my $tadv=0; 199: if (($trolecode!~/^st/) && 200: ($trolecode!~/^ta/) && 201: ($trolecode!~/^cm/)) { $tadv=1; } 202: &Apache::lonnet::appenv( 203: 'request.role' => $trolecode, 204: 'request.role.adv' => $tadv, 205: 'request.role.domain' => $cdom, 206: 'request.course.sec' => $csec); 207: my $msg=&mt('Entering course ...'); 208: 209: if (($cnum) && ($role ne 'ca')) { 210: my ($furl,$ferr)= 211: &Apache::lonuserstate::readmap($cdom.'/'.$cnum); 212: if (($ENV{'form.orgurl'}) && 213: ($ENV{'form.orgurl'}!~/^\/adm\/flip/)) { 214: my $dest=$ENV{'form.orgurl'}; 215: if ( &Apache::lonnet::mod_perl_version() == 2 ) { 216: &Apache::lonnet::cleanenv(); 217: } 218: $r->internal_redirect($dest); 219: return OK; 220: } else { 221: unless ($ENV{'request.course.id'}) { 222: &Apache::lonnet::appenv( 223: "request.course.id" => $cdom.'_'.$cnum); 224: $furl='/adm/roles?tryagain=1'; 225: $msg= 226: '<h1><font color=red>'. 227: &mt('Could not initialize course at this time.'). 228: '</font></h1><h3>'.&mt('Please try again.').'</h3>'.$ferr; 229: } 230: 231: # Check to see if the user is a CC entering a course 232: # for the first time 233: my (undef, undef, $role, $courseid) = split(/\./, $envkey); 234: if (substr($courseid, 0, 1) eq '/') { 235: $courseid = substr($courseid, 1); 236: } 237: $courseid =~ s/\//_/; 238: if ($role eq 'cc' && $ENV{'course.' . $courseid . 239: '.course.helper.not.run'}) { 240: $furl = "/adm/helper/course.initialization.helper"; 241: } 242: # 243: # Send the user to the course they selected 244: &redirect_user($r,&mt('Entering Course'), 245: $furl,$msg); 246: return OK; 247: } 248: } 249: # 250: # Send the user to the construction space they selected 251: if ($role =~ /^(au|ca)$/) { 252: my $redirect_url = '/priv/'; 253: if ($role eq 'au') { 254: $redirect_url.=$ENV{'user.name'}; 255: } else { 256: $where =~ /\/(.*)$/; 257: $redirect_url .= $1; 258: } 259: $redirect_url .= '/'; 260: &redirect_user($r,&mt('Entering Construction Space'), 261: $redirect_url); 262: return OK; 263: } 264: } 265: } 266: } 267: } 268: 269: 270: # =============================================================== No Roles Init 271: 272: &Apache::loncommon::content_type($r,'text/html'); 273: &Apache::loncommon::no_cache($r); 274: $r->send_http_header; 275: return OK if $r->header_only; 276: 277: my $swinfo=&Apache::lonmenu::rawconfig(); 278: my $bodytag=&Apache::loncommon::bodytag('User Roles'); 279: my $helptag='<table><tr><td>'.&Apache::loncommon::help_open_topic 280: ("General_Intro",&mt("Click here for help")).'</td><td>'. 281: &Apache::loncommon::help_open_faq(1,&mt('Click here for FAQ')).'</td><td>'. 282: &Apache::loncommon::help_open_bug('',&mt('Click here to report bugs')).'</td></tr></table>'; 283: $r->print(<<ENDHEADER); 284: <html> 285: <head> 286: <title>LON-CAPA User Roles</title> 287: </head> 288: $bodytag 289: $helptag<br /> 290: <script> 291: $swinfo 292: window.focus(); 293: </script> 294: ENDHEADER 295: 296: # ------------------------------------------ Get Error Message from Environment 297: 298: my ($fn,$priv,$nochoose,$error,$msg)=split(/:/,$ENV{'user.error.msg'}); 299: if ($ENV{'user.error.msg'}) { 300: $r->log_reason( 301: "$msg for $ENV{'user.name'} domain $ENV{'user.domain'} access $priv",$fn); 302: } 303: 304: # ------------------------------------------------- Can this user re-init, etc? 305: 306: my $advanced=$ENV{'user.adv'}; 307: &Apache::loncommon::get_unprocessed_cgi($ENV{'QUERY_STRING'},['tryagain']); 308: my $tryagain=$ENV{'form.tryagain'}; 309: 310: # -------------------------------------------------------- Generate Page Output 311: # --------------------------------------------------------------- Error Header? 312: if ($error) { 313: $r->print("<h1>LON-CAPA Access Control</h1>"); 314: $r->print("<hr><pre>Access : ". 315: Apache::lonnet::plaintext($priv)."\n"); 316: $r->print("Resource: $fn\n"); 317: $r->print("Action : $msg\n</pre><hr>"); 318: } else { 319: if ($ENV{'user.error.msg'}) { 320: $r->print( 321: '<h3><font color=red>'. 322: &mt('You need to choose another user role or enter a specific course for this function').'</font></h3>'); 323: } 324: } 325: # -------------------------------------------------------- Choice or no choice? 326: if ($nochoose) { 327: if ($advanced) { 328: $r->print("<h2>".&mt('Assigned User Roles')."</h2>\n"); 329: } else { 330: $r->print("<h2>".&mt('Sorry ...')."</h2>\n". 331: &mt('This resource might be part of')); 332: if ($ENV{'request.course.id'}) { 333: $r->print(&mt(' another')); 334: } else { 335: $r->print(&mt(' a certain')); 336: } 337: $r->print(&mt(' course.').'</body></html>'); 338: return OK; 339: } 340: } else { 341: if ($advanced) { 342: $r->print(&mt("Your home server is "). 343: $Apache::lonnet::hostname{&Apache::lonnet::homeserver 344: ($ENV{'user.name'},$ENV{'user.domain'})}. 345: "<br />\n"); 346: $r->print(&mt( 347: "Author and Co-Author roles may not be available on servers other than your home server.")); 348: } 349: if (($ENV{'REDIRECT_QUERY_STRING'}) && ($fn)) { 350: $fn.='?'.$ENV{'REDIRECT_QUERY_STRING'}; 351: } 352: $r->print('<form method="post" name="rolechoice" action="'.(($fn)?$fn:$r->uri).'">'); 353: $r->print('<input type=hidden name=orgurl value="'.$fn.'">'); 354: $r->print('<input type=hidden name=selectrole value=1>'); 355: } 356: if ($ENV{'user.adv'}) { 357: $r->print( 358: '<br />'.&mt('Show all roles').': <input type="checkbox" name="showall"'); 359: if ($ENV{'form.showall'}) { $r->print(' checked'); } 360: $r->print('><input type=submit value="'.&mt('Display').'">'); 361: } 362: 363: my (%roletext,%sortrole,%roleclass); 364: my $countactive=0; 365: my $inrole=0; 366: my $possiblerole=''; 367: foreach $envkey (sort keys %ENV) { 368: my $button = 1; 369: my $switchserver=''; 370: my $roletext; 371: my $sortkey; 372: if ($envkey=~/^user\.role\./) { 373: my (undef,undef,$role,@pwhere)=split(/\./,$envkey); 374: next if (!defined($role) || $role eq ''); 375: my $where=join('.',@pwhere); 376: my $trolecode=$role.'.'.$where; 377: my ($tstart,$tend)=split(/\./,$ENV{$envkey}); 378: my $tremark=''; 379: my $tstatus='is'; 380: my $tpstart=' '; 381: my $tpend=' '; 382: my $tfont='#000000'; 383: if ($tstart) { 384: if ($tstart>$then) { 385: $tstatus='future'; 386: if ($tstart<$now) { $tstatus='will'; } 387: } 388: $tpstart=&Apache::lonlocal::locallocaltime($tstart); 389: } 390: if ($tend) { 391: if ($tend<$then) { 392: $tstatus='expired'; 393: } elsif ($tend<$now) { 394: $tstatus='will_not'; 395: } 396: $tpend=&Apache::lonlocal::locallocaltime($tend); 397: } 398: if ($ENV{'request.role'} eq $trolecode) { 399: $tstatus='selected'; 400: } 401: my $tbg; 402: if (($tstatus eq 'is') || ($tstatus eq 'selected') || 403: ($ENV{'form.showall'})) { 404: if ($tstatus eq 'is') { 405: $tbg='#77FF77'; 406: $tfont='#003300'; 407: $possiblerole=$trolecode; 408: $countactive++; 409: } elsif ($tstatus eq 'future') { 410: $tbg='#FFFF77'; 411: $button=0; 412: } elsif ($tstatus eq 'will') { 413: $tbg='#FFAA77'; 414: $tremark.=&mt('Active at next login. '); 415: } elsif ($tstatus eq 'expired') { 416: $tbg='#FF7777'; 417: $tfont='#330000'; 418: $button=0; 419: } elsif ($tstatus eq 'will_not') { 420: $tbg='#AAFF77'; 421: $tremark.=&mt('Expired after logout. '); 422: } elsif ($tstatus eq 'selected') { 423: $tbg='#11CC55'; 424: $tfont='#002200'; 425: $inrole=1; 426: $countactive++; 427: $tremark.=&mt('Currently selected. '); 428: } 429: my $trole; 430: if ($role =~ /^cr\//) { 431: my ($rdummy,$rdomain,$rauthor,$rrole)=split(/\//,$role); 432: $tremark.='<br>'.&mt('Defined by ').$rauthor. 433: &mt(' at ').$rdomain.'.'; 434: $trole=$rrole; 435: } else { 436: $trole=Apache::lonnet::plaintext($role); 437: } 438: my $ttype; 439: my $twhere; 440: my ($tdom,$trest,$tsection)= 441: split(/\//,Apache::lonnet::declutter($where)); 442: # First, Co-Authorship roles 443: if ($role eq 'ca') { 444: my $home = &Apache::lonnet::homeserver($trest,$tdom); 445: my $allowed=0; 446: my @ids=&Apache::lonnet::current_machine_ids(); 447: foreach my $id (@ids) { if ($id eq $home) { $allowed=1; } } 448: if (!$allowed) { 449: $button=0; 450: $switchserver=&Apache::lonnet::escape('http://'. 451: $Apache::lonnet::hostname{$home}. 452: '/adm/login?domain='.$ENV{'user.domain'}. 453: '&username='.$ENV{'user.name'}. 454: '&firsturl=/priv/'.$trest); 455: } 456: #next if ($home eq 'no_host'); 457: $home = $Apache::lonnet::hostname{$home}; 458: $ttype='Construction Space'; 459: $twhere=&mt('User').': '.$trest.'<br />'.&mt('Domain'). 460: ': '.$tdom.'<br />'. 461: ' '.&mt('Server').': '.$home; 462: $ENV{'course.'.$tdom.'_'.$trest.'.description'}='ca'; 463: $tremark.=&Apache::lonhtmlcommon::authorbombs('/res/'.$tdom.'/'.$trest.'/'); 464: $sortkey=$role."$trest:$tdom"; 465: } elsif ($role eq 'au') { 466: # Authors 467: my $home = &Apache::lonnet::homeserver 468: ($ENV{'user.name'},$ENV{'user.domain'}); 469: my $allowed=0; 470: my @ids=&Apache::lonnet::current_machine_ids(); 471: foreach my $id (@ids) { if ($id eq $home) { $allowed=1; } } 472: if (!$allowed) { 473: $button=0; 474: $switchserver=&Apache::lonnet::escape('http://'. 475: $Apache::lonnet::hostname{$home}. 476: '/adm/login?domain='.$ENV{'user.domain'}. 477: '&username='.$ENV{'user.name'}. 478: '&firsturl=/priv/'.$ENV{'user.name'}); 479: } 480: #next if ($home eq 'no_host'); 481: $home = $Apache::lonnet::hostname{$home}; 482: $ttype='Construction Space'; 483: $twhere=&mt('Domain').': '.$tdom.'<br />'.&mt('Server'). 484: ': '.$home; 485: $ENV{'course.'.$tdom.'_'.$trest.'.description'}='ca'; 486: $tremark.=&Apache::lonhtmlcommon::authorbombs('/res/'.$tdom.'/'.$ENV{'user.name'}.'/'); 487: $sortkey=$role; 488: } elsif ($trest) { 489: $ttype='Course'; 490: if ($tsection) { 491: $ttype.='<br>'.&mt('Section/Group').': '.$tsection; 492: } 493: my $tcourseid=$tdom.'_'.$trest; 494: if ($ENV{'course.'.$tcourseid.'.description'}) { 495: $twhere=$ENV{'course.'.$tcourseid.'.description'}; 496: $sortkey=$role."\0".$tdom."\0".$twhere."\0".$envkey; 497: unless ($twhere eq &mt('Currently not available')) { 498: $twhere.=' <font size="-2">'. 499: &Apache::loncommon::syllabuswrapper(&mt('Syllabus'),$trest,$tdom,$tfont). 500: '</font>'; 501: } 502: } else { 503: my %newhash=Apache::lonnet::coursedescription 504: ($tcourseid); 505: if (%newhash) { 506: $sortkey=$role."\0".$tdom."\0".$newhash{'description'}. 507: "\0".$envkey; 508: $twhere=$newhash{'description'}. 509: ' <font size="-2">'. 510: &Apache::loncommon::syllabuswrapper(&mt('Syllabus'),$trest,$tdom,$tfont). 511: '</font>'; 512: } else { 513: $twhere=&mt('Currently not available'); 514: $ENV{'course.'.$tcourseid.'.description'}=$twhere; 515: $sortkey=$role."\0".$tdom."\0".$twhere."\0".$envkey; 516: } 517: } 518: if ($role ne 'st') { $twhere.="<br />".&mt('Domain').":".$tdom; } 519: } elsif ($tdom) { 520: $ttype='Domain'; 521: $twhere=$tdom; 522: $sortkey=$role.$twhere; 523: } else { 524: $ttype='System'; 525: $twhere=&mt('system wide'); 526: $sortkey=$role.$twhere; 527: } 528: 529: $roletext.='<tr bgcolor='.$tbg.'>'; 530: unless ($nochoose) { 531: if (!$button) { 532: if ($switchserver) { 533: $roletext.='<td><a href="/adm/logout?handover='. 534: $switchserver.'">'.&mt('Switch Server').'</a></td>'; 535: } else { 536: $roletext.=('<td> </td>'); 537: } 538: } elsif ($tstatus eq 'is') { 539: $roletext.=('<td><input type=submit value="'. 540: &mt('Select').'" name="'. 541: $trolecode.'"></td>'); 542: } elsif ($tryagain) { 543: $roletext.= 544: '<td><input type=submit value="'. 545: &mt('Try Selecting Again').'" name="'.$trolecode.'"></td>'; 546: } elsif ($advanced) { 547: $roletext.= 548: '<td><input type=submit value="'. 549: &mt('Re-Initialize').'" name="'.$trolecode.'"></td>'; 550: } else { 551: $roletext.='<td> </td>'; 552: } 553: } 554: $tremark.=&Apache::lonannounce::showday(time,1, 555: &Apache::lonannounce::readcalendar($tdom.'_'.$trest)); 556: 557: $roletext.='<td><font color="'.$tfont.'">'.$trole. 558: '</font></td><td><font color="'.$tfont.'">'.$ttype. 559: '</font></td><td><font color="'.$tfont.'">'.$twhere. 560: '</font></td><td><font color="'.$tfont.'">'.$tpstart. 561: '</font></td><td><font color="'.$tfont.'">'.$tpend. 562: '</font></td><td><font color="'.$tfont.'">'.$tremark. 563: ' </font></td></tr>'."\n"; 564: $roletext{$envkey}=$roletext; 565: if (!$sortkey) {$sortkey=$twhere."\0".$envkey;} 566: $sortrole{$sortkey}=$envkey; 567: $roleclass{$envkey}=$ttype; 568: } 569: } 570: } 571: # No active roles 572: if ($countactive==0) { 573: if ($inrole) { 574: $r->print('<h2>'.&mt('Currently no additional roles or courses').'</h2>'); 575: } else { 576: $r->print('<h2>'.&mt('Currently no active roles or courses').'</h2>'); 577: } 578: $r->print('</form></body></html>'); 579: return OK; 580: # Is there only one choice? 581: } elsif (($countactive==1) && ($ENV{'request.role'} eq 'cm')) { 582: $r->print('<h3>'.&mt('Please stand by.').'</h3>'. 583: '<input type="hidden" name="'.$possiblerole.'" value="1" />'); 584: $r->print("</form>\n"); 585: $r->rflush(); 586: $r->print('<script>document.forms.rolechoice.submit();</script>'); 587: $r->print('</body></html>'); 588: return OK; 589: } 590: # More than one possible role 591: # ----------------------------------------------------------------------- Table 592: unless (($advanced) || ($nochoose)) { 593: $r->print("<h2>".&mt('Select a Course to Enter')."</h2>\n"); 594: } 595: $r->print('<br /><table><tr>'); 596: unless ($nochoose) { $r->print('<th> </th>'); } 597: $r->print('<th>'.&mt('User Role').'</th><th colspan=2>'.&mt('Extent'). 598: '</th><th>'.&mt('Start').'</th><th>'.&mt('End').'</th><th>'. 599: &mt('Remark').'</th></tr>'."\n"); 600: my $doheaders=-1; 601: foreach my $type ('Construction Space','Course','Domain','System') { 602: my $haverole=0; 603: foreach my $which (sort {uc($a) cmp uc($b)} (keys(%sortrole))) { 604: if ($roleclass{$sortrole{$which}} =~ /^\Q$type\E/) { 605: $haverole=1; 606: } 607: } 608: if ($haverole) { $doheaders++; } 609: } 610: foreach my $type ('Construction Space','Course','Domain','System') { 611: my $output; 612: foreach my $which (sort {uc($a) cmp uc($b)} (keys(%sortrole))) { 613: if ($roleclass{$sortrole{$which}} =~ /^\Q$type\E/) { 614: $output.=&mt($roletext{$sortrole{$which}}); 615: } 616: } 617: if ($output) { 618: if ($doheaders > 0) { 619: $r->print("<tr bgcolor='#BBffBB'>". 620: "<td align='center' colspan='7'>".&mt($type)."</td>"); 621: } 622: $r->print($output); 623: } 624: } 625: my $tremark=''; 626: my $tfont='#003300'; 627: if ($ENV{'request.role'} eq 'cm') { 628: $r->print('<tr bgcolor="#11CC55">'); 629: $tremark=&mt('Currently selected. '); 630: $tfont='#002200'; 631: } else { 632: $r->print('<tr bgcolor="#77FF77">'); 633: } 634: unless ($nochoose) { 635: if ($ENV{'request.role'} ne 'cm') { 636: $r->print('<td><input type=submit value="'. 637: &mt('Select').'" name="cm"></td>'); 638: } else { 639: $r->print('<td> </td>'); 640: } 641: } 642: $r->print('<td colspan=5><font color="'.$tfont.'">'.&mt('No role specified'). 643: '</font></td><td><font color="'.$tfont.'">'.$tremark. 644: ' </font></td></tr>'."\n"); 645: 646: $r->print('</table>'); 647: unless ($nochoose) { 648: $r->print("</form>\n"); 649: } 650: # ------------------------------------------------------------ Privileges Info 651: if (($advanced) && (($ENV{'user.error.msg'}) || ($error))) { 652: $r->print('<hr><h2>Current Privileges</h2>'); 653: 654: foreach $envkey (sort keys %ENV) { 655: if ($envkey=~/^user\.priv\.$ENV{'request.role'}\./) { 656: my $where=$envkey; 657: $where=~s/^user\.priv\.$ENV{'request.role'}\.//; 658: my $ttype; 659: my $twhere; 660: my ($tdom,$trest,$tsec)= 661: split(/\//,Apache::lonnet::declutter($where)); 662: if ($trest) { 663: if ($ENV{'course.'.$tdom.'_'.$trest.'.description'} eq 'ca') { 664: $ttype='Construction Space'; 665: $twhere='User: '.$trest.', Domain: '.$tdom; 666: } else { 667: $ttype='Course'; 668: $twhere=$ENV{'course.'.$tdom.'_'.$trest.'.description'}; 669: if ($tsec) { 670: $twhere.=' (Section/Group: '.$tsec.')'; 671: } 672: } 673: } elsif ($tdom) { 674: $ttype='Domain'; 675: $twhere=$tdom; 676: } else { 677: $ttype='System'; 678: $twhere='/'; 679: } 680: $r->print("\n<h3>".$ttype.': '.$twhere.'</h3><ul>'); 681: foreach (sort split(/:/,$ENV{$envkey})) { 682: if ($_) { 683: my ($prv,$restr)=split(/\&/,$_); 684: my $trestr=''; 685: if ($restr ne 'F') { 686: my $i; 687: $trestr.=' ('; 688: for ($i=0;$i<length($restr);$i++) { 689: $trestr.= 690: Apache::lonnet::plaintext(substr($restr,$i,1)); 691: if ($i<length($restr)-1) { $trestr.=', '; } 692: } 693: $trestr.=')'; 694: } 695: $r->print('<li>'. 696: Apache::lonnet::plaintext($prv).$trestr. 697: '</li>'); 698: } 699: } 700: $r->print('</ul>'); 701: } 702: } 703: } 704: $r->print(&Apache::lonnet::getannounce()); 705: if ($advanced) { 706: $r->print('<p><small><i>This is LON-CAPA '. 707: $r->dir_config('lonVersion').'</i><br />'. 708: '<a href="/adm/logout">'.&mt('Logout').'</a></small></p>'); 709: } 710: $r->print("</body></html>\n"); 711: return OK; 712: } 713: 714: 1; 715: __END__ 716: 717: =head1 NAME 718: 719: Apache::lonroles - User Roles Screen 720: 721: =head1 SYNOPSIS 722: 723: Invoked by /etc/httpd/conf/srm.conf: 724: 725: <Location /adm/roles> 726: PerlAccessHandler Apache::lonacc 727: SetHandler perl-script 728: PerlHandler Apache::lonroles 729: ErrorDocument 403 /adm/login 730: ErrorDocument 500 /adm/errorhandler 731: </Location> 732: 733: =head1 OVERVIEW 734: 735: =head2 Choosing Roles 736: 737: C<lonroles> is a handler that allows a user to switch roles in 738: mid-session. LON-CAPA attempts to work with "No Role Specified", the 739: default role that a user has before selecting a role, as widely as 740: possible, but certain handlers for example need specification which 741: course they should act on, etc. Both in this scenario, and when the 742: handler determines via C<lonnet>'s C<&allowed> function that a certain 743: action is not allowed, C<lonroles> is used as error handler. This 744: allows the user to select another role which may have permission to do 745: what they were trying to do. C<lonroles> can also be accessed via the 746: B<CRS> button in the Remote Control. 747: 748: =begin latex 749: 750: \begin{figure} 751: \begin{center} 752: \includegraphics[width=0.45\paperwidth,keepaspectratio]{Sample_Roles_Screen} 753: \caption{\label{Sample_Roles_Screen}Sample Roles Screen} 754: \end{center} 755: \end{figure} 756: 757: =end latex 758: 759: =head2 Role Initialization 760: 761: The privileges for a user are established at login time and stored in the session environment. As a consequence, a new role does not become active till the next login. Handlers are able to query for privileges using C<lonnet>'s C<&allowed> function. When a user first logs in, their role is the "common" role, which means that they have the sum of all of their privileges. During a session it might become necessary to choose a particular role, which as a consequence also limits the user to only the privileges in that particular role. 762: 763: =head1 INTRODUCTION 764: 765: This module enables a user to select what role he wishes to 766: operate under (instructor, student, teaching assistant, course 767: coordinator, etc). These roles are pre-established by the actions 768: of upper-level users. 769: 770: This is part of the LearningOnline Network with CAPA project 771: described at http://www.lon-capa.org. 772: 773: =head1 HANDLER SUBROUTINE 774: 775: This routine is called by Apache and mod_perl. 776: 777: =over 4 778: 779: =item * 780: 781: Roles Initialization (yes/no) 782: 783: =item * 784: 785: Get Error Message from Environment 786: 787: =item * 788: 789: Who is this? 790: 791: =item * 792: 793: Generate Page Output 794: 795: =item * 796: 797: Choice or no choice 798: 799: =item * 800: 801: Table 802: 803: =item * 804: 805: Privileges 806: 807: =back 808: 809: =cut