loncom/homework/daxesave.pm - view

File: [LON-CAPA] / loncom / homework / daxesave.pm
Revision 1.10: download - view: text, annotated - select for diffs
Sun Nov 26 20:47:15 2023 UTC (11 months, 2 weeks ago) by raeburn
Branches: MAIN
CVS tags: version_2_12_X, version_2_11_5_msu, version_2_11_4_msu, HEAD

- Support checking of available editors when saving in Daxe, when current
  role is a course role.
- Support localization.

# The LearningOnline Network # Convert and save a problem from Daxe. # # $Id: daxesave.pm,v 1.10 2023/11/26 20:47:15 raeburn Exp $ # # Copyright Michigan State University Board of Trustees # # This file is part of the LearningOnline Network with CAPA (LON-CAPA). # # LON-CAPA is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2 of the License, or # (at your option) any later version. # # LON-CAPA is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with LON-CAPA; if not, write to the Free Software # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA # # /home/httpd/html/adm/gpl.txt # # http://www.lon-capa.org/ # ### package Apache::daxesave; use strict; use Apache::Constants qw(:common); use Apache::lonnet; use Try::Tiny; use File::Copy; use Apache::lonacc; use Apache::loncommon; use Apache::xml_to_loncapa; use Apache::lonlocal; sub handler { my $request = shift; $request->content_type('text/plain'); my %editors = &Apache::loncommon::permitted_editors($request->uri); unless ($editors{'daxe'}) { $request->content_type('text/plain'); $request->print(&mt('Daxe editor not enabled for this Authoring Space')); return OK; } # path should be in the form "/daxeopen/priv/..." # or "/daxeopen/uploaded/$cdom/$cnum/(docs|supplemental)/(default|\d+)/\d+/" my $path = $env{'form.path'}; $path =~ s/^\/daxeopen//; my $allowed = 0; my ($cdom,$cnum); if ($path =~ m{^/priv/}) { my ($ownername,$ownerdom,$ownerhome) = &Apache::lonnet::constructaccess($path); if (($ownername ne '') && ($ownerdom ne '') && ($ownerhome ne '')) { unless ($ownerhome eq 'no_host') { my @hosts = &Apache::lonnet::current_machine_ids(); if (grep(/^\Q$ownerhome\E$/,@hosts)) { $allowed = 1; } } } } elsif ($path =~ m|^/uploaded/|) { if ($env{'user.name'} ne '' && $env{'user.domain'} ne '' && $env{'request.course.id'}) { $cdom = $env{'course.'.$env{'request.course.id'}.'.domain'}; $cnum = $env{'course.'.$env{'request.course.id'}.'.num'}; if ($path =~ m|^/uploaded/\Q$cdom\E/\Q$cnum\E/| && $path !~ /\.\./) { if (&Apache::lonnet::allowed('mdc', $env{'request.course.id'})) { $allowed = 1; } } } } unless ($allowed) { $request->log_reason("Unauthorized path: $path", $path); $request->print("error\nUnauthorized path: $path"); $request->status(403); return OK; } if ($path =~ m{^/priv/}) { my $newpath = &Apache::lonnet::filelocation('', $path); my $contents = $env{'form.file'}; my $mode; if ($path =~ /\.(task|problem|exam|quiz|assess|survey|library|xml|html|htm|xhtml|xhtm)$/) { try { $contents = &Apache::xml_to_loncapa::convert_file($contents); } catch { $request->print("error\nconvert failed for $path: $_"); return OK; }; $mode = '>:encoding(UTF-8)'; } else { $mode = '>'; } my $filebak = $newpath.".bak"; if (-e $newpath) { copy($newpath, $filebak); # errors ignored } if (open(my $out, $mode, $newpath)) { print $out $contents; close($out); $request->print("ok\n"); } else { $request->print("error\nFailed to open file to save $path"); } } elsif ($path =~ m{^/uploaded/}) { my ($unauthorized,$unsupported); if ($path =~ m{^\Q/uploaded/$cdom/$cnum/\E(docs|supplemental)/(default|\d+)/(\d+)/(.+)$}) { my ($type,$folder,$rid,$fname) = ($1,$2,$3,$4); my $referrer = $request->headers_in->{'Referer'}; if ($referrer =~ m{\Qfile=/daxeopen/uploaded/$cdom/$cnum/$type/$folder/$rid/\E}) { if ($fname =~ /\.(html|htm|xhtml|xhtm)$/) { try { $env{'form.file'} = &Apache::xml_to_loncapa::convert_file($env{'form.file'}); } catch { $request->print("error\nconvert failed for $fname: $_"); return OK; } } elsif ($fname =~ /\.(task|problem|exam|quiz|assess|survey|library|xml)$/) { $unsupported = $1; } unless ($unsupported) { my $url = &Apache::lonnet::userfileupload('file','daxesave',"$type/$folder/$rid", undef,undef,undef,$cnum,$cdom); if ($url =~ m{^/uploaded/$cdom/$cnum/$type/$folder/$rid/}) { $request->print("ok\n"); } else { $request->print("error\nFailed to save uploaded file: $fname"); } } } else { $unauthorized = 1; } } else { $unauthorized = 1; } if ($unauthorized) { $request->log_reason("Unauthorized path: $path", $path); $request->print("error\nUnauthorized path: $path"); $request->status(403); } elsif ($unsupported) { $request->log_reason("File extension: $unsupported -- not allowed for upload to course", $path); $request->print("error\nFile extension: $unsupported -- not allowed for upload to course"); $request->status(403); } } return OK; } 1; __END__