Annotation of loncom/homework/daxesave.pm, revision 1.9

1.1       damieng     1: # The LearningOnline Network
                      2: # Convert and save a problem from Daxe.
                      3: #
1.9     ! raeburn     4: # $Id: daxesave.pm,v 1.8 2023/08/29 01:43:35 raeburn Exp $
1.1       damieng     5: #
                      6: # Copyright Michigan State University Board of Trustees
                      7: #
                      8: # This file is part of the LearningOnline Network with CAPA (LON-CAPA).
                      9: #
                     10: # LON-CAPA is free software; you can redistribute it and/or modify
                     11: # it under the terms of the GNU General Public License as published by
                     12: # the Free Software Foundation; either version 2 of the License, or
                     13: # (at your option) any later version.
                     14: #
                     15: # LON-CAPA is distributed in the hope that it will be useful,
                     16: # but WITHOUT ANY WARRANTY; without even the implied warranty of
                     17: # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
                     18: # GNU General Public License for more details.
                     19: #
                     20: # You should have received a copy of the GNU General Public License
                     21: # along with LON-CAPA; if not, write to the Free Software
                     22: # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
                     23: #
                     24: # /home/httpd/html/adm/gpl.txt
                     25: #
                     26: # http://www.lon-capa.org/
                     27: #
                     28: ###
                     29: 
                     30: package Apache::daxesave;
1.6       raeburn    31: use strict;
1.1       damieng    32: 
1.6       raeburn    33: use Apache::Constants qw(:common);
1.1       damieng    34: use Apache::lonnet;
                     35: use Try::Tiny;
                     36: use File::Copy;
                     37: 
                     38: use Apache::lonacc;
                     39: use Apache::loncommon;
                     40: use Apache::xml_to_loncapa;
                     41: 
                     42: sub handler {
                     43:     my $request = shift;
                     44:     
1.2       damieng    45:     $request->content_type('text/plain');
1.9     ! raeburn    46: 
        !            47:     my %editors = &Apache::loncommon::permitted_editors();
        !            48:     unless ($editors{'daxe'}) {
        !            49:         $request->content_type('text/plain');
        !            50:         $request->print(&mt('Daxe editor not enabled for this Authoring Space'));
        !            51:         return OK;
        !            52:     }
        !            53: 
1.3       damieng    54:     # path should be in the form "/daxeopen/priv/..."
1.7       raeburn    55:     # or "/daxeopen/uploaded/$cdom/$cnum/(docs|supplemental)/(default|\d+)/\d+/"
1.3       damieng    56:     my $path = $env{'form.path'};
1.1       damieng    57:     $path =~ s/^\/daxeopen//;
                     58:     
1.3       damieng    59:     my $allowed = 0;
1.7       raeburn    60:     my ($cdom,$cnum);
                     61:     if ($path =~ m{^/priv/}) {
1.3       damieng    62:         my ($ownername,$ownerdom,$ownerhome) = 
1.7       raeburn    63:             &Apache::lonnet::constructaccess($path);
1.3       damieng    64:         if (($ownername ne '') && ($ownerdom ne '') && ($ownerhome ne '')) {
                     65:             unless ($ownerhome eq 'no_host') {
                     66:                 my @hosts = &Apache::lonnet::current_machine_ids();
                     67:                 if (grep(/^\Q$ownerhome\E$/,@hosts)) {
                     68:                     $allowed = 1;
                     69:                 }
                     70:             }
                     71:         }
1.7       raeburn    72:     } elsif ($path =~ m|^/uploaded/|) {
1.3       damieng    73:         if ($env{'user.name'} ne '' && $env{'user.domain'} ne '' && $env{'request.course.id'}) {
                     74:             $cdom = $env{'course.'.$env{'request.course.id'}.'.domain'};
                     75:             $cnum = $env{'course.'.$env{'request.course.id'}.'.num'};
1.4       damieng    76:             if ($path =~ m|^/uploaded/\Q$cdom\E/\Q$cnum\E/| && $path !~ /\.\./) {
1.3       damieng    77:                 if (&Apache::lonnet::allowed('mdc', $env{'request.course.id'})) {
                     78:                     $allowed = 1;
                     79:                 }
1.1       damieng    80:             }
                     81:         }
                     82:     }
                     83:     unless ($allowed) {
1.2       damieng    84:         $request->log_reason("Unauthorized path: $path", $path);
                     85:         $request->print("error\nUnauthorized path: $path");
                     86:         $request->status(403);
                     87:         return OK;
1.1       damieng    88:     }
                     89: 
1.7       raeburn    90:     if ($path =~ m{^/priv/}) {
                     91:         my $newpath = &Apache::lonnet::filelocation('', $path);
                     92:         my $contents = $env{'form.file'};
1.1       damieng    93:     
1.7       raeburn    94:         my $mode;
                     95:         if ($path =~ /\.(task|problem|exam|quiz|assess|survey|library|xml|html|htm|xhtml|xhtm)$/) {
                     96:             try {
                     97:                 $contents = &Apache::xml_to_loncapa::convert_file($contents);
                     98:             } catch {
                     99:                 $request->print("error\nconvert failed for $path: $_");
                    100:                 return OK;
                    101:             };
                    102:             $mode = '>:encoding(UTF-8)';
                    103:         } else {
                    104:             $mode = '>';
                    105:         }
                    106:   
                    107:         my $filebak = $newpath.".bak";
                    108:         if (-e $newpath) {
                    109:             copy($newpath, $filebak); # errors ignored
                    110:         }
                    111:         if (open(my $out, $mode, $newpath)) {
                    112:             print $out $contents;
                    113:             close($out);
                    114:             $request->print("ok\n");
                    115:         } else {
                    116:             $request->print("error\nFailed to open file to save $path");
                    117:         }
                    118:     } elsif ($path =~ m{^/uploaded/}) {
                    119:         my ($unauthorized,$unsupported);
                    120:         if ($path =~ m{^\Q/uploaded/$cdom/$cnum/\E(docs|supplemental)/(default|\d+)/(\d+)/(.+)$}) {
                    121:             my ($type,$folder,$rid,$fname) = ($1,$2,$3,$4);
                    122:             my $referrer = $request->headers_in->{'Referer'};
                    123:             if ($referrer =~ m{\Qfile=/daxeopen/uploaded/$cdom/$cnum/$type/$folder/$rid/\E}) {
                    124:                 if ($fname =~ /\.(html|htm|xhtml|xhtm)$/) {
                    125:                     try {
                    126:                         $env{'form.file'} = &Apache::xml_to_loncapa::convert_file($env{'form.file'});
                    127:                     } catch {
                    128:                         $request->print("error\nconvert failed for $fname: $_");
                    129:                         return OK;
                    130:                     }
                    131:                 } elsif ($fname =~ /\.(task|problem|exam|quiz|assess|survey|library|xml)$/) {
                    132:                     $unsupported = $1;
                    133:                 }
                    134:                 unless ($unsupported) {
1.8       raeburn   135:                     my $url = &Apache::lonnet::userfileupload('file','daxesave',"$type/$folder/$rid",
                    136:                                                                undef,undef,undef,$cnum,$cdom);
1.7       raeburn   137:                     if ($url =~ m{^/uploaded/$cdom/$cnum/$type/$folder/$rid/}) {
                    138:                         $request->print("ok\n");
                    139:                     } else {
                    140:                         $request->print("error\nFailed to save uploaded file: $fname");
                    141:                     }
                    142:                 }
                    143:             } else {
                    144:                 $unauthorized = 1;
                    145:             }
                    146:         } else {
                    147:             $unauthorized = 1;
                    148:         }
                    149:         if ($unauthorized) {
                    150:             $request->log_reason("Unauthorized path: $path", $path);
                    151:             $request->print("error\nUnauthorized path: $path");
                    152:             $request->status(403);
                    153:         } elsif ($unsupported) {
                    154:             $request->log_reason("File extension: $unsupported -- not allowed for upload to course", $path);
                    155:             $request->print("error\nFile extension: $unsupported -- not allowed for upload to course");
                    156:             $request->status(403);
                    157:         }
1.6       raeburn   158:     }
1.1       damieng   159:     return OK;
                    160: }
                    161: 
                    162: 1;
                    163: __END__

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>