Annotation of loncom/homework/daxesave.pm, revision 1.7
1.1 damieng 1: # The LearningOnline Network
2: # Convert and save a problem from Daxe.
3: #
1.7 ! raeburn 4: # $Id: daxesave.pm,v 1.6 2023/08/23 20:43:34 raeburn Exp $
1.1 damieng 5: #
6: # Copyright Michigan State University Board of Trustees
7: #
8: # This file is part of the LearningOnline Network with CAPA (LON-CAPA).
9: #
10: # LON-CAPA is free software; you can redistribute it and/or modify
11: # it under the terms of the GNU General Public License as published by
12: # the Free Software Foundation; either version 2 of the License, or
13: # (at your option) any later version.
14: #
15: # LON-CAPA is distributed in the hope that it will be useful,
16: # but WITHOUT ANY WARRANTY; without even the implied warranty of
17: # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18: # GNU General Public License for more details.
19: #
20: # You should have received a copy of the GNU General Public License
21: # along with LON-CAPA; if not, write to the Free Software
22: # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
23: #
24: # /home/httpd/html/adm/gpl.txt
25: #
26: # http://www.lon-capa.org/
27: #
28: ###
29:
30: package Apache::daxesave;
1.6 raeburn 31: use strict;
1.1 damieng 32:
1.6 raeburn 33: use Apache::Constants qw(:common);
1.1 damieng 34: use Apache::lonnet;
35: use Try::Tiny;
36: use File::Copy;
37:
38: use Apache::lonacc;
39: use Apache::loncommon;
40: use Apache::xml_to_loncapa;
41:
42: sub handler {
43: my $request = shift;
44:
1.2 damieng 45: $request->content_type('text/plain');
46:
1.3 damieng 47: # path should be in the form "/daxeopen/priv/..."
1.7 ! raeburn 48: # or "/daxeopen/uploaded/$cdom/$cnum/(docs|supplemental)/(default|\d+)/\d+/"
1.3 damieng 49: my $path = $env{'form.path'};
1.1 damieng 50: $path =~ s/^\/daxeopen//;
51:
1.3 damieng 52: my $allowed = 0;
1.7 ! raeburn 53: my ($cdom,$cnum);
! 54: if ($path =~ m{^/priv/}) {
1.3 damieng 55: my ($ownername,$ownerdom,$ownerhome) =
1.7 ! raeburn 56: &Apache::lonnet::constructaccess($path);
1.3 damieng 57: if (($ownername ne '') && ($ownerdom ne '') && ($ownerhome ne '')) {
58: unless ($ownerhome eq 'no_host') {
59: my @hosts = &Apache::lonnet::current_machine_ids();
60: if (grep(/^\Q$ownerhome\E$/,@hosts)) {
61: $allowed = 1;
62: }
63: }
64: }
1.7 ! raeburn 65: } elsif ($path =~ m|^/uploaded/|) {
1.3 damieng 66: if ($env{'user.name'} ne '' && $env{'user.domain'} ne '' && $env{'request.course.id'}) {
67: $cdom = $env{'course.'.$env{'request.course.id'}.'.domain'};
68: $cnum = $env{'course.'.$env{'request.course.id'}.'.num'};
1.4 damieng 69: if ($path =~ m|^/uploaded/\Q$cdom\E/\Q$cnum\E/| && $path !~ /\.\./) {
1.3 damieng 70: if (&Apache::lonnet::allowed('mdc', $env{'request.course.id'})) {
71: $allowed = 1;
72: }
1.1 damieng 73: }
74: }
75: }
76: unless ($allowed) {
1.2 damieng 77: $request->log_reason("Unauthorized path: $path", $path);
78: $request->print("error\nUnauthorized path: $path");
79: $request->status(403);
80: return OK;
1.1 damieng 81: }
82:
1.7 ! raeburn 83: if ($path =~ m{^/priv/}) {
! 84: my $newpath = &Apache::lonnet::filelocation('', $path);
! 85: my $contents = $env{'form.file'};
1.1 damieng 86:
1.7 ! raeburn 87: my $mode;
! 88: if ($path =~ /\.(task|problem|exam|quiz|assess|survey|library|xml|html|htm|xhtml|xhtm)$/) {
! 89: try {
! 90: $contents = &Apache::xml_to_loncapa::convert_file($contents);
! 91: } catch {
! 92: $request->print("error\nconvert failed for $path: $_");
! 93: return OK;
! 94: };
! 95: $mode = '>:encoding(UTF-8)';
! 96: } else {
! 97: $mode = '>';
! 98: }
! 99:
! 100: my $filebak = $newpath.".bak";
! 101: if (-e $newpath) {
! 102: copy($newpath, $filebak); # errors ignored
! 103: }
! 104: if (open(my $out, $mode, $newpath)) {
! 105: print $out $contents;
! 106: close($out);
! 107: $request->print("ok\n");
! 108: } else {
! 109: $request->print("error\nFailed to open file to save $path");
! 110: }
! 111: } elsif ($path =~ m{^/uploaded/}) {
! 112: my ($unauthorized,$unsupported);
! 113: if ($path =~ m{^\Q/uploaded/$cdom/$cnum/\E(docs|supplemental)/(default|\d+)/(\d+)/(.+)$}) {
! 114: my ($type,$folder,$rid,$fname) = ($1,$2,$3,$4);
! 115: my $referrer = $request->headers_in->{'Referer'};
! 116: if ($referrer =~ m{\Qfile=/daxeopen/uploaded/$cdom/$cnum/$type/$folder/$rid/\E}) {
! 117: if ($fname =~ /\.(html|htm|xhtml|xhtm)$/) {
! 118: try {
! 119: $env{'form.file'} = &Apache::xml_to_loncapa::convert_file($env{'form.file'});
! 120: } catch {
! 121: $request->print("error\nconvert failed for $fname: $_");
! 122: return OK;
! 123: }
! 124: } elsif ($fname =~ /\.(task|problem|exam|quiz|assess|survey|library|xml)$/) {
! 125: $unsupported = $1;
! 126: }
! 127: unless ($unsupported) {
! 128: my $url = &Apache::lonnet::finishuserfileupload($cnum,$cdom,'file',
! 129: "$type/$folder/$rid/$fname");
! 130: if ($url =~ m{^/uploaded/$cdom/$cnum/$type/$folder/$rid/}) {
! 131: $request->print("ok\n");
! 132: } else {
! 133: $request->print("error\nFailed to save uploaded file: $fname");
! 134: }
! 135: }
! 136: } else {
! 137: $unauthorized = 1;
! 138: }
! 139: } else {
! 140: $unauthorized = 1;
! 141: }
! 142: if ($unauthorized) {
! 143: $request->log_reason("Unauthorized path: $path", $path);
! 144: $request->print("error\nUnauthorized path: $path");
! 145: $request->status(403);
! 146: } elsif ($unsupported) {
! 147: $request->log_reason("File extension: $unsupported -- not allowed for upload to course", $path);
! 148: $request->print("error\nFile extension: $unsupported -- not allowed for upload to course");
! 149: $request->status(403);
! 150: }
1.6 raeburn 151: }
1.1 damieng 152: return OK;
153: }
154:
155: 1;
156: __END__
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/back.gif){kind=icon}
Return to daxesave.pm CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [LON-CAPA] / loncom / homework