--- loncom/interface/loncommon.pm 2019/08/04 01:02:40 1.1075.2.136
+++ loncom/interface/loncommon.pm 2024/08/17 23:31:37 1.1075.2.161.2.25
@@ -1,7 +1,7 @@
# The LearningOnline Network with CAPA
# a pile of common routines
#
-# $Id: loncommon.pm,v 1.1075.2.136 2019/08/04 01:02:40 raeburn Exp $
+# $Id: loncommon.pm,v 1.1075.2.161.2.25 2024/08/17 23:31:37 raeburn Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -61,7 +61,7 @@ use POSIX qw(strftime mktime);
use Apache::lonmenu();
use Apache::lonenc();
use Apache::lonlocal;
-use Apache::lonnet();
+use Apache::lonnavmaps();
use HTML::Entities;
use Apache::lonhtmlcommon();
use Apache::loncoursedata();
@@ -71,6 +71,7 @@ use Apache::lonuserutils();
use Apache::lonuserstate();
use Apache::courseclassifier();
use LONCAPA qw(:DEFAULT :match);
+use LONCAPA::map();
use HTTP::Request;
use DateTime::TimeZone;
use DateTime::Locale;
@@ -83,6 +84,8 @@ use Crypt::DES;
use DynaLoader; # for Crypt::DES version
use File::Copy();
use File::Path();
+use String::CRC32();
+use Short::URL();
# ---------------------------------------------- Designs
use vars qw(%defaultdesign);
@@ -428,7 +431,7 @@ sub studentbrowser_javascript {
+
+ENDJS
+
+}
+
+=pod
+
+=item * &iframe_wrapper_resizejs()
+
+emits javascript used to handle resizing for a page containing
+an iframe, to ensure that the iframe does not obscure any
+standard LON-CAPA menu items.
+
+=back
+
+=cut
+
+#
+# jQuery to use when iframe is in use and a page resize occurs.
+# This script will ensure that the iframe does not obscure any
+# standard LON-CAPA inline menus (primary, secondary, and/or
+# breadcrumbs and Functions menus. Expects javascript from
+# &iframe_wrapper_headjs() to be in head portion of the web page,
+# e.g., by inclusion in second arg passed to &start_page().
+#
+
+sub iframe_wrapper_resizejs {
+ my $offset = 5;
+ &get_unprocessed_cgi($ENV{'QUERY_STRING'},['inhibitmenu']);
+ if (($env{'form.inhibitmenu'} eq 'yes') || ($env{'form.only_body'})) {
+ $offset = 0;
+ }
+ return &Apache::lonhtmlcommon::scripttag(<';
}
- $autharg = '';
$result = &mt
('[_1] Filesystem Authenticated (with initial password [_2])',
- '');
+ ''.$autharg);
+ return $result;
+}
+
+sub authform_lti {
+ my %in = (
+ formname => 'document.cu',
+ kerb_def_dom => 'MSU.EDU',
+ @_,
+ );
+ my ($lticheck,$result,$authtype,$autharg,$jscall,$disabled);
+ my ($authnum,%can_assign) = &get_assignable_auth($in{'domain'});
+ if ($in{'readonly'}) {
+ $disabled = ' disabled="disabled"';
+ }
+ if (defined($in{'curr_authtype'})) {
+ if ($in{'curr_authtype'} eq 'lti') {
+ if ($can_assign{'lti'}) {
+ $lticheck = 'checked="checked" ';
+ if (defined($in{'mode'})) {
+ if ($in{'mode'} eq 'modifyuser') {
+ $lticheck = '';
+ }
+ }
+ } else {
+ $result = &mt('Currently LTI Authenticated.');
+ return $result;
+ }
+ }
+ } else {
+ if ($authnum == 1) {
+ $authtype = '';
+ }
+ }
+ if (!$can_assign{'lti'}) {
+ return;
+ } elsif ($authtype eq '') {
+ if (defined($in{'mode'})) {
+ if ($in{'mode'} eq 'modifycourse') {
+ if ($authnum == 1) {
+ $authtype = '';
+ }
+ }
+ }
+ }
+ $jscall = "javascript:changed_radio('lti',$in{'formname'});";
+ if (($authtype eq '') && (($in{'mode'} eq 'modifycourse') || ($in{'curr_authtype'} ne 'lti'))) {
+ $authtype = '';
+ }
+ $autharg = '';
+ if ($authtype) {
+ $result = &mt('[_1] LTI Authenticated',
+ ''.$autharg);
+ } else {
+ $result = ''.&mt('LTI Authenticated').''.
+ $autharg;
+ }
return $result;
}
@@ -3171,6 +3361,228 @@ sub get_assignable_auth {
return ($authnum,%can_assign);
}
+sub check_passwd_rules {
+ my ($domain,$plainpass) = @_;
+ my %passwdconf = &Apache::lonnet::get_passwdconf($domain);
+ my ($min,$max,@chars,@brokerule,$warning);
+ $min = $Apache::lonnet::passwdmin;
+ if (ref($passwdconf{'chars'}) eq 'ARRAY') {
+ if ($passwdconf{'min'} =~ /^\d+$/) {
+ if ($passwdconf{'min'} > $min) {
+ $min = $passwdconf{'min'};
+ }
+ }
+ if ($passwdconf{'max'} =~ /^\d+$/) {
+ $max = $passwdconf{'max'};
+ }
+ @chars = @{$passwdconf{'chars'}};
+ }
+ if (($min) && (length($plainpass) < $min)) {
+ push(@brokerule,'min');
+ }
+ if (($max) && (length($plainpass) > $max)) {
+ push(@brokerule,'max');
+ }
+ if (@chars) {
+ my %rules;
+ map { $rules{$_} = 1; } @chars;
+ if ($rules{'uc'}) {
+ unless ($plainpass =~ /[A-Z]/) {
+ push(@brokerule,'uc');
+ }
+ }
+ if ($rules{'lc'}) {
+ unless ($plainpass =~ /[a-z]/) {
+ push(@brokerule,'lc');
+ }
+ }
+ if ($rules{'num'}) {
+ unless ($plainpass =~ /\d/) {
+ push(@brokerule,'num');
+ }
+ }
+ if ($rules{'spec'}) {
+ unless ($plainpass =~ /[!"#$%&'()*+,\-.\/:;<=>?@[\\\]^_`{|}~]/) {
+ push(@brokerule,'spec');
+ }
+ }
+ }
+ if (@brokerule) {
+ my %rulenames = &Apache::lonlocal::texthash(
+ uc => 'At least one upper case letter',
+ lc => 'At least one lower case letter',
+ num => 'At least one number',
+ spec => 'At least one non-alphanumeric',
+ );
+ $rulenames{'uc'} .= ': ABCDEFGHIJKLMNOPQRSTUVWXYZ';
+ $rulenames{'lc'} .= ': abcdefghijklmnopqrstuvwxyz';
+ $rulenames{'num'} .= ': 0123456789';
+ $rulenames{'spec'} .= ': !"\#$%&\'()*+,-./:;<=>?@[\]^_\`{|}~';
+ $rulenames{'min'} = &mt('Minimum password length: [_1]',$min);
+ $rulenames{'max'} = &mt('Maximum password length: [_1]',$max);
+ $warning = &mt('Password did not satisfy the following:').'
';
+ foreach my $rule ('min','max','uc','lc','num','spec') {
+ if (grep(/^$rule$/,@brokerule)) {
+ $warning .= '
'.$rulenames{$rule}.'
';
+ }
+ }
+ $warning .= '
';
+ }
+ if (wantarray) {
+ return @brokerule;
+ }
+ return $warning;
+}
+
+sub passwd_validation_js {
+ my ($currpasswdval,$domain,$context,$id) = @_;
+ my (%passwdconf,$alertmsg);
+ if ($context eq 'linkprot') {
+ my %domconfig = &Apache::lonnet::get_dom('configuration',['ltisec'],$domain);
+ if (ref($domconfig{'ltisec'}) eq 'HASH') {
+ if (ref($domconfig{'ltisec'}{'rules'}) eq 'HASH') {
+ %passwdconf = %{$domconfig{'ltisec'}{'rules'}};
+ }
+ }
+ if ($id eq 'add') {
+ $alertmsg = &mt('Secret for added launcher did not satisfy requirement(s):').'\n\n';
+ } elsif ($id =~ /^\d+$/) {
+ my $pos = $id+1;
+ $alertmsg = &mt('Secret for launcher [_1] did not satisfy requirement(s):','#'.$pos).'\n\n';
+ } else {
+ $alertmsg = &mt('A secret did not satisfy requirement(s):').'\n\n';
+ }
+ } else {
+ %passwdconf = &Apache::lonnet::get_passwdconf($domain);
+ $alertmsg = &mt('Initial password did not satisfy requirement(s):').'\n\n';
+ }
+ my ($min,$max,@chars,$numrules,$intargjs,%alert);
+ $numrules = 0;
+ $min = $Apache::lonnet::passwdmin;
+ if (ref($passwdconf{'chars'}) eq 'ARRAY') {
+ if ($passwdconf{'min'} =~ /^\d+$/) {
+ if ($passwdconf{'min'} > $min) {
+ $min = $passwdconf{'min'};
+ }
+ }
+ if ($passwdconf{'max'} =~ /^\d+$/) {
+ $max = $passwdconf{'max'};
+ $numrules ++;
+ }
+ @chars = @{$passwdconf{'chars'}};
+ if (@chars) {
+ $numrules ++;
+ }
+ }
+ if ($min > 0) {
+ $numrules ++;
+ }
+ if (($min > 0) || ($max ne '') || (@chars > 0)) {
+ if ($min) {
+ $alert{'min'} = &mt('minimum [quant,_1,character]',$min).'\n';
+ }
+ if ($max) {
+ $alert{'max'} = &mt('maximum [quant,_1,character]',$max).'\n';
+ }
+ my (@charalerts,@charrules);
+ if (@chars) {
+ if (grep(/^uc$/,@chars)) {
+ push(@charalerts,&mt('contain at least one upper case letter'));
+ push(@charrules,'uc');
+ }
+ if (grep(/^lc$/,@chars)) {
+ push(@charalerts,&mt('contain at least one lower case letter'));
+ push(@charrules,'lc');
+ }
+ if (grep(/^num$/,@chars)) {
+ push(@charalerts,&mt('contain at least one number'));
+ push(@charrules,'num');
+ }
+ if (grep(/^spec$/,@chars)) {
+ push(@charalerts,&mt('contain at least one non-alphanumeric'));
+ push(@charrules,'spec');
+ }
+ }
+ $intargjs = qq| var rulesmsg = '';\n|.
+ qq| var currpwval = $currpasswdval;\n|;
+ if ($min) {
+ $intargjs .= qq|
+ if (currpwval.length < $min) {
+ rulesmsg += ' - $alert{min}';
+ }
+|;
+ }
+ if ($max) {
+ $intargjs .= qq|
+ if (currpwval.length > $max) {
+ rulesmsg += ' - $alert{max}';
+ }
+|;
+ }
+ if (@chars > 0) {
+ my $charrulestr = '"'.join('","',@charrules).'"';
+ my $charalertstr = '"'.join('","',@charalerts).'"';
+ $intargjs .= qq| var brokerules = new Array();\n|.
+ qq| var charrules = new Array($charrulestr);\n|.
+ qq| var charalerts = new Array($charalertstr);\n|;
+ my %rules;
+ map { $rules{$_} = 1; } @chars;
+ if ($rules{'uc'}) {
+ $intargjs .= qq|
+ var ucRegExp = /[A-Z]/;
+ if (!ucRegExp.test(currpwval)) {
+ brokerules.push('uc');
+ }
+|;
+ }
+ if ($rules{'lc'}) {
+ $intargjs .= qq|
+ var lcRegExp = /[a-z]/;
+ if (!lcRegExp.test(currpwval)) {
+ brokerules.push('lc');
+ }
+|;
+ }
+ if ($rules{'num'}) {
+ $intargjs .= qq|
+ var numRegExp = /[0-9]/;
+ if (!numRegExp.test(currpwval)) {
+ brokerules.push('num');
+ }
+|;
+ }
+ if ($rules{'spec'}) {
+ $intargjs .= q|
+ var specRegExp = /[!"#$%&'()*+,\-.\/:;<=>?@[\\^\]_`{\|}~]/;
+ if (!specRegExp.test(currpwval)) {
+ brokerules.push('spec');
+ }
+|;
+ }
+ $intargjs .= qq|
+ if (brokerules.length > 0) {
+ for (var i=0; i$linktext};
}
+sub aboutme_on {
+ my ($uname,$udom)=@_;
+ unless ($uname) { $uname=$env{'user.name'}; }
+ unless ($udom) { $udom=$env{'user.domain'}; }
+ return if ($udom eq 'public' && $uname eq 'public');
+ my $hashkey=$uname.':'.$udom;
+ my ($aboutme,$cached)=&Apache::lonnet::is_cached_new('aboutme',$hashkey);
+ if ($cached) {
+ return $aboutme;
+ }
+ $aboutme = &Apache::lonnet::usertools_access($uname,$udom,'aboutme');
+ &Apache::lonnet::do_cache_new('aboutme',$hashkey,$aboutme,3600);
+ return $aboutme;
+}
+
+sub devalidate_aboutme_cache {
+ my ($uname,$udom)=@_;
+ if (!$udom) { $udom =$env{'user.domain'}; }
+ if (!$uname) { $uname=$env{'user.name'}; }
+ return if ($udom eq 'public' && $uname eq 'public');
+ my $id=$uname.':'.$udom;
+ &Apache::lonnet::devalidate_cache_new('aboutme',$id);
+}
+
# -----------------------------------------------------------------------------
sub track_student_link {
@@ -4192,9 +4628,15 @@ sub get_previous_attempt {
}
$prevattempts.= &end_data_table_row().&end_data_table();
} else {
+ my $msg;
+ if ($symb =~ /ext\.tool$/) {
+ $msg = &mt('No grade passed back.');
+ } else {
+ $msg = &mt('Nothing submitted - no attempts.');
+ }
$prevattempts=
&start_data_table().&start_data_table_row().
- '
'.&mt('Nothing submitted - no attempts.').'
'.
+ '
'.$msg.'
'.
&end_data_table_row().&end_data_table();
}
} else {
@@ -4341,6 +4783,59 @@ sub get_student_view_with_retries {
}
}
+sub css_links {
+ my ($currsymb,$level) = @_;
+ my ($links,@symbs,%cssrefs,%httpref);
+ if ($level eq 'map') {
+ my $navmap = Apache::lonnavmaps::navmap->new();
+ if (ref($navmap)) {
+ my ($map,undef,$url)=&Apache::lonnet::decode_symb($currsymb);
+ my @resources = $navmap->retrieveResources($map,sub { $_[0]->is_problem() },0,0);
+ foreach my $res (@resources) {
+ if (ref($res) && $res->symb()) {
+ push(@symbs,$res->symb());
+ }
+ }
+ }
+ } else {
+ @symbs = ($currsymb);
+ }
+ foreach my $symb (@symbs) {
+ my $css_href = &Apache::lonnet::EXT('resource.0.cssfile',$symb);
+ if ($css_href =~ /\S/) {
+ unless ($css_href =~ m{https?://}) {
+ my $url = (&Apache::lonnet::decode_symb($symb))[-1];
+ my $proburl = &Apache::lonnet::clutter($url);
+ my ($probdir) = ($proburl =~ m{(.+)/[^/]+$});
+ unless ($css_href =~ m{^/}) {
+ $css_href = &Apache::lonnet::hreflocation($probdir,$css_href);
+ }
+ if ($css_href =~ m{^/(res|uploaded)/}) {
+ unless (($httpref{'httpref.'.$css_href}) ||
+ (&Apache::lonnet::is_on_map($css_href))) {
+ my $thisurl = $proburl;
+ if ($env{'httpref.'.$proburl}) {
+ $thisurl = $env{'httpref.'.$proburl};
+ }
+ $httpref{'httpref.'.$css_href} = $thisurl;
+ }
+ }
+ }
+ $cssrefs{$css_href} = 1;
+ }
+ }
+ if (keys(%httpref)) {
+ &Apache::lonnet::appenv(\%httpref);
+ }
+ if (keys(%cssrefs)) {
+ foreach my $css_href (keys(%cssrefs)) {
+ next unless ($css_href =~ m{^(/res/|/uploaded/|https?://)});
+ $links .= ''."\n";
+ }
+ }
+ return $links;
+}
+
=pod
=item * &get_student_answers()
@@ -4596,13 +5091,96 @@ sub findallcourses {
###############################################
sub blockcheck {
- my ($setters,$activity,$uname,$udom,$url,$is_course) = @_;
+ my ($setters,$activity,$clientip,$uname,$udom,$url,$is_course,$symb,$caller) = @_;
+ unless (($activity eq 'docs') || ($activity eq 'reinit') || ($activity eq 'alert')) {
+ my ($has_evb,$check_ipaccess);
+ my $dom = $env{'user.domain'};
+ if ($env{'request.course.id'}) {
+ my $cdom = $env{'course.'.$env{'request.course.id'}.'.domain'};
+ my $cnum = $env{'course.'.$env{'request.course.id'}.'.num'};
+ my $checkrole = "cm./$cdom/$cnum";
+ my $sec = $env{'request.course.sec'};
+ if ($sec ne '') {
+ $checkrole .= "/$sec";
+ }
+ if ((&Apache::lonnet::allowed('evb',undef,undef,$checkrole)) &&
+ ($env{'request.role'} !~ /^st/)) {
+ $has_evb = 1;
+ }
+ unless ($has_evb) {
+ if (($activity eq 'printout') || ($activity eq 'grades') || ($activity eq 'search') ||
+ ($activity eq 'boards') || ($activity eq 'groups') || ($activity eq 'chat')) {
+ if ($udom eq $cdom) {
+ $check_ipaccess = 1;
+ }
+ }
+ }
+ } elsif (($activity eq 'com') || ($activity eq 'port') || ($activity eq 'blogs') ||
+ ($activity eq 'about') || ($activity eq 'wishlist') || ($activity eq 'passwd')) {
+ my $checkrole;
+ if ($env{'request.role.domain'} eq '') {
+ $checkrole = "cm./$env{'user.domain'}/";
+ } else {
+ $checkrole = "cm./$env{'request.role.domain'}/";
+ }
+ if (($checkrole) && (&Apache::lonnet::allowed('evb',undef,undef,$checkrole))) {
+ $has_evb = 1;
+ }
+ }
+ unless ($has_evb || $check_ipaccess) {
+ my @machinedoms = &Apache::lonnet::current_machine_domains();
+ if (($dom eq 'public') && ($activity eq 'port')) {
+ $dom = $udom;
+ }
+ if (($dom ne '') && (grep(/^\Q$dom\E$/,@machinedoms))) {
+ $check_ipaccess = 1;
+ } else {
+ my $lonhost = $Apache::lonnet::perlvar{'lonHostID'};
+ my $internet_names = &Apache::lonnet::get_internet_names($lonhost);
+ my $prim = &Apache::lonnet::domain($dom,'primary');
+ my $intdom = &Apache::lonnet::internet_dom($prim);
+ if (($intdom ne '') && (ref($internet_names) eq 'ARRAY')) {
+ if (grep(/^\Q$intdom\E$/,@{$internet_names})) {
+ $check_ipaccess = 1;
+ }
+ }
+ }
+ }
+ if ($check_ipaccess) {
+ my ($ipaccessref,$cached)=&Apache::lonnet::is_cached_new('ipaccess',$dom);
+ unless (defined($cached)) {
+ my %domconfig =
+ &Apache::lonnet::get_dom('configuration',['ipaccess'],$dom);
+ $ipaccessref = &Apache::lonnet::do_cache_new('ipaccess',$dom,$domconfig{'ipaccess'},1800);
+ }
+ if ((ref($ipaccessref) eq 'HASH') && ($clientip)) {
+ foreach my $id (keys(%{$ipaccessref})) {
+ if (ref($ipaccessref->{$id}) eq 'HASH') {
+ my $range = $ipaccessref->{$id}->{'ip'};
+ if ($range) {
+ if (&Apache::lonnet::ip_match($clientip,$range)) {
+ if (ref($ipaccessref->{$id}->{'commblocks'}) eq 'HASH') {
+ if ($ipaccessref->{$id}->{'commblocks'}->{$activity} eq 'on') {
+ return ('','','',$id,$dom);
+ last;
+ }
+ }
+ }
+ }
+ }
+ }
+ }
+ }
+ if (($activity eq 'wishlist') || ($activity eq 'annotate')) {
+ return ();
+ }
+ }
if (defined($udom) && defined($uname)) {
# If uname and udom are for a course, check for blocks in the course.
if (($is_course) || (&Apache::lonnet::is_course($udom,$uname))) {
my ($startblock,$endblock,$triggerblock) =
- &get_blocks($setters,$activity,$udom,$uname,$url);
+ &get_blocks($setters,$activity,$udom,$uname,$url,$symb,$caller);
return ($startblock,$endblock,$triggerblock);
}
} else {
@@ -4613,14 +5191,18 @@ sub blockcheck {
my $startblock = 0;
my $endblock = 0;
my $triggerblock = '';
- my %live_courses = &findallcourses(undef,$uname,$udom);
+ my %live_courses;
+ unless (($activity eq 'wishlist') || ($activity eq 'annotate')) {
+ %live_courses = &findallcourses(undef,$uname,$udom);
+ }
# If uname is for a user, and activity is course-specific, i.e.,
# boards, chat or groups, check for blocking in current course only.
if (($activity eq 'boards' || $activity eq 'chat' ||
- $activity eq 'groups' || $activity eq 'printout') &&
- ($env{'request.course.id'})) {
+ $activity eq 'groups' || $activity eq 'printout' ||
+ $activity eq 'search' || $activity eq 'reinit' ||
+ $activity eq 'alert') && ($env{'request.course.id'})) {
foreach my $key (keys(%live_courses)) {
if ($key ne $env{'request.course.id'}) {
delete($live_courses{$key});
@@ -4729,7 +5311,7 @@ sub blockcheck {
# of specified user, unless user has 'evb' privilege.
my ($start,$end,$trigger) =
- &get_blocks($setters,$activity,$cdom,$cnum,$url);
+ &get_blocks($setters,$activity,$cdom,$cnum,$url,$symb,$caller);
if (($start != 0) &&
(($startblock == 0) || ($startblock > $start))) {
$startblock = $start;
@@ -4749,7 +5331,7 @@ sub blockcheck {
}
sub get_blocks {
- my ($setters,$activity,$cdom,$cnum,$url) = @_;
+ my ($setters,$activity,$cdom,$cnum,$url,$symb,$caller) = @_;
my $startblock = 0;
my $endblock = 0;
my $triggerblock = '';
@@ -4762,7 +5344,13 @@ sub get_blocks {
my $now = time;
my %commblocks = &Apache::lonnet::get_comm_blocks($cdom,$cnum);
if ($activity eq 'docs') {
- @blockers = &Apache::lonnet::has_comm_blocking('bre',undef,$url,\%commblocks);
+ my ($blocked,$nosymbcache,$noenccheck);
+ if (($caller eq 'blockedaccess') || ($caller eq 'blockingstatus')) {
+ $blocked = 1;
+ $nosymbcache = 1;
+ $noenccheck = 1;
+ }
+ @blockers = &Apache::lonnet::has_comm_blocking('bre',$symb,$url,$nosymbcache,$noenccheck,$blocked,\%commblocks);
foreach my $block (@blockers) {
if ($block =~ /^firstaccess____(.+)$/) {
my $item = $1;
@@ -4814,13 +5402,19 @@ sub get_blocks {
my $end = $start + $env{'course.'.$cdom.'_'.$cnum.'.timerinterval.'.$timersymb};
if ($start && $end) {
if (($start <= time) && ($end >= time)) {
- unless (grep(/^\Q$block\E$/,@blockers)) {
- push(@blockers,$block);
- $triggered{$block} = {
- start => $start,
- end => $end,
- type => $type,
- };
+ if (ref($commblocks{$block}) eq 'HASH') {
+ if (ref($commblocks{$block}{'blocks'}) eq 'HASH') {
+ if ($commblocks{$block}{'blocks'}{$activity} eq 'on') {
+ unless(grep(/^\Q$block\E$/,@blockers)) {
+ push(@blockers,$block);
+ $triggered{$block} = {
+ start => $start,
+ end => $end,
+ type => $type,
+ };
+ }
+ }
+ }
}
}
}
@@ -4884,14 +5478,17 @@ sub parse_block_record {
}
sub blocking_status {
- my ($activity,$uname,$udom,$url,$is_course) = @_;
+ my ($activity,$clientip,$uname,$udom,$url,$is_course,$symb,$caller) = @_;
my %setters;
# check for active blocking
- my ($startblock,$endblock,$triggerblock) =
- &blockcheck(\%setters,$activity,$uname,$udom,$url,$is_course);
+ if ($clientip eq '') {
+ $clientip = &Apache::lonnet::get_requestor_ip();
+ }
+ my ($startblock,$endblock,$triggerblock,$by_ip,$blockdom) =
+ &blockcheck(\%setters,$activity,$clientip,$uname,$udom,$url,$is_course,$symb,$caller);
my $blocked = 0;
- if ($startblock && $endblock) {
+ if (($startblock && $endblock) || ($by_ip)) {
$blocked = 1;
}
@@ -4900,12 +5497,17 @@ sub blocking_status {
# build a link to a popup window containing the details
my $querystring = "?activity=$activity";
-# $uname and $udom decide whose portfolio the user is trying to look at
- if (($activity eq 'port') || ($activity eq 'passwd')) {
+# $uname and $udom decide whose portfolio (or information page) the user is trying to look at
+ if (($activity eq 'port') || ($activity eq 'about') || ($activity eq 'passwd')) {
$querystring .= "&udom=$udom" if ($udom =~ /^$match_domain$/);
$querystring .= "&uname=$uname" if ($uname =~ /^$match_username$/);
} elsif ($activity eq 'docs') {
- $querystring .= '&url='.&HTML::Entities::encode($url,'&"');
+ my $showurl = &Apache::lonenc::check_encrypt($url);
+ $querystring .= '&url='.&HTML::Entities::encode($showurl,'\'&"<>');
+ if ($symb) {
+ my $showsymb = &Apache::lonenc::check_encrypt($symb);
+ $querystring .= '&symb='.&HTML::Entities::encode($showsymb,'\'&"<>');
+ }
}
my $output .= <<'END_MYBLOCK';
@@ -4930,6 +5532,20 @@ END_MYBLOCK
$text = &mt('Printing Blocked');
} elsif ($activity eq 'passwd') {
$text = &mt('Password Changing Blocked');
+ } elsif ($activity eq 'grades') {
+ $text = &mt('Gradebook Blocked');
+ } elsif ($activity eq 'search') {
+ $text = &mt('Search Blocked');
+ } elsif ($activity eq 'alert') {
+ $text = &mt('Checking Critical Messages Blocked');
+ } elsif ($activity eq 'reinit') {
+ $text = &mt('Checking Course Update Blocked');
+ } elsif ($activity eq 'about') {
+ $text = &mt('Access to User Information Pages Blocked');
+ } elsif ($activity eq 'wishlist') {
+ $text = &mt('Access to Stored Links Blocked');
+ } elsif ($activity eq 'annotate') {
+ $text = &mt('Access to Annotations Blocked');
}
$output .= <<"END_BLOCK";
@@ -4954,16 +5570,44 @@ sub check_ip_acc {
return 1;
}
my $allowed=0;
- my $ip=$ENV{'REMOTE_ADDR'} || $clientip || $env{'request.host'};
+ my $ip;
+ if (($ENV{'REMOTE_ADDR'} eq '127.0.0.1') ||
+ ($ENV{'REMOTE_ADDR'} eq &Apache::lonnet::get_host_ip($Apache::lonnet::perlvar{'lonHostID'}))) {
+ $ip = $env{'request.host'} || $ENV{'REMOTE_ADDR'} || $clientip;
+ } else {
+ my $remote_ip = &Apache::lonnet::get_requestor_ip();
+ $ip = $remote_ip || $env{'request.host'} || $clientip;
+ }
my $name;
- foreach my $pattern (split(',',$acc)) {
- $pattern =~ s/^\s*//;
- $pattern =~ s/\s*$//;
+ my %access = (
+ allowfrom => 1,
+ denyfrom => 0,
+ );
+ my @allows;
+ my @denies;
+ foreach my $item (split(',',$acc)) {
+ $item =~ s/^\s*//;
+ $item =~ s/\s*$//;
+ if ($item =~ /^\!(.+)$/) {
+ push(@denies,$1);
+ } else {
+ push(@allows,$item);
+ }
+ }
+ my $numdenies = scalar(@denies);
+ my $numallows = scalar(@allows);
+ my $count = 0;
+ foreach my $pattern (@denies,@allows) {
+ $count ++;
+ my $acctype = 'allowfrom';
+ if ($count <= $numdenies) {
+ $acctype = 'denyfrom';
+ }
if ($pattern =~ /\*$/) {
#35.8.*
$pattern=~s/\*//;
- if ($ip =~ /^\Q$pattern\E/) { $allowed=1; }
+ if ($ip =~ /^\Q$pattern\E/) { $allowed=$access{$acctype}; }
} elsif ($pattern =~ /(\d+\.\d+\.\d+)\.\[(\d+)-(\d+)\]$/) {
#35.8.3.[34-56]
my $low=$2;
@@ -4971,7 +5615,7 @@ sub check_ip_acc {
$pattern=$1;
if ($ip =~ /^\Q$pattern\E/) {
my $last=(split(/\./,$ip))[3];
- if ($last <=$high && $last >=$low) { $allowed=1; }
+ if ($last <=$high && $last >=$low) { $allowed=$access{$acctype}; }
}
} elsif ($pattern =~ /^\*/) {
#*.msu.edu
@@ -4981,10 +5625,10 @@ sub check_ip_acc {
my $netaddr=inet_aton($ip);
($name)=gethostbyaddr($netaddr,AF_INET);
}
- if ($name =~ /\Q$pattern\E$/i) { $allowed=1; }
+ if ($name =~ /\Q$pattern\E$/i) { $allowed=$access{$acctype}; }
} elsif ($pattern =~ /\d+\.\d+\.\d+\.\d+/) {
#127.0.0.1
- if ($ip =~ /^\Q$pattern\E/) { $allowed=1; }
+ if ($ip =~ /^\Q$pattern\E/) { $allowed=$access{$acctype}; }
} else {
#some.name.com
if (!defined($name)) {
@@ -4992,9 +5636,16 @@ sub check_ip_acc {
my $netaddr=inet_aton($ip);
($name)=gethostbyaddr($netaddr,AF_INET);
}
- if ($name =~ /\Q$pattern\E$/i) { $allowed=1; }
+ if ($name =~ /\Q$pattern\E$/i) { $allowed=$access{$acctype}; }
+ }
+ if ($allowed =~ /^(0|1)$/) { last; }
+ }
+ if ($allowed eq '') {
+ if ($numdenies && !$numallows) {
+ $allowed = 1;
+ } else {
+ $allowed = 0;
}
- if ($allowed) { last; }
}
return $allowed;
}
@@ -5075,6 +5726,17 @@ sub get_domainconf {
}
}
}
+ } elsif ($key eq 'saml') {
+ if (ref($domconfig{'login'}{$key}) eq 'HASH') {
+ foreach my $host (keys(%{$domconfig{'login'}{$key}})) {
+ if (ref($domconfig{'login'}{$key}{$host}) eq 'HASH') {
+ $designhash{$udom.'.login.'.$key.'_'.$host} = 1;
+ foreach my $item ('text','img','alt','url','title','window','notsso') {
+ $designhash{$udom.'.login.'.$key.'_'.$item.'_'.$host} = $domconfig{'login'}{$key}{$host}{$item};
+ }
+ }
+ }
+ }
} else {
foreach my $img (keys(%{$domconfig{'login'}{$key}})) {
$designhash{$udom.'.login.'.$key.'_'.$img} =
@@ -5179,8 +5841,12 @@ sub domainlogo {
&Apache::lonnet::repcopy($local_name);
}
$imgsrc = &lonhttpdurl($imgsrc);
- }
- return '';
+ }
+ my $alttext = $domain;
+ if ($designhash{$domain.'.login.alttext_domlogo'} ne '') {
+ $alttext = $designhash{$domain.'.login.alttext_domlogo'};
+ }
+ return '';
} elsif (defined(&Apache::lonnet::domain($domain,'description'))) {
return &Apache::lonnet::domain($domain,'description');
} else {
@@ -5298,6 +5964,10 @@ sub head_subbox {
Input: (optional) filename from which breadcrumb trail is built.
In most cases no input as needed, as $env{'request.filename'}
is appropriate for use in building the breadcrumb trail.
+ frameset flag
+ If page header is being requested for use in a frameset, then
+ the second (option) argument -- frameset will be true, and
+ the target attribute set for links should be target="_parent".
Returns: HTML div with CSTR path and recent box
To be included on Authoring Space pages
@@ -5305,7 +5975,7 @@ Returns: HTML div with CSTR path and rec
=cut
sub CSTR_pageheader {
- my ($trailfile) = @_;
+ my ($trailfile,$frameset) = @_;
if ($trailfile eq '') {
$trailfile = $env{'request.filename'};
}
@@ -5328,13 +5998,24 @@ sub CSTR_pageheader {
$lastitem = $thisdisfn;
}
+ my ($target,$crumbtarget) = (' target="_top"','_top');
+ if ($frameset) {
+ $target = ' target="_parent"';
+ $crumbtarget = '_parent';
+ } elsif (($env{'request.lti.login'}) && ($env{'request.lti.target'} eq 'iframe')) {
+ $target = '';
+ $crumbtarget = '';
+ } elsif (($env{'request.deeplink.login'}) && ($env{'request.deeplink.target'})) {
+ $target = ' target="'.$env{'request.deeplink.target'}.'"';
+ $crumbtarget = $env{'request.deeplink.target'};
+ }
+
my $output =
'
'
.&Apache::loncommon::help_open_menu('','',3,'Authoring') #FIXME: Broken? Where is it?
.''.&mt('Authoring Space:').' '
- .''
- .&Apache::lonmenu::constspaceform()
+ .&Apache::lonmenu::constspaceform($frameset)
.'
';
return $output;
}
+##############################################
+=pod
+
+=item * &nocodemirror()
+
+Input: None
+
+Returns: 1 if CodeMirror is deactivated based on
+ user's preference, or domain default,
+ if user indicated use of default.
+
+=cut
+
+sub nocodemirror {
+ my $nocodem = $env{'environment.nocodemirror'};
+ unless ($nocodem) {
+ my %domdefs = &Apache::lonnet::get_domain_defaults($env{'user.domain'});
+ if ($domdefs{'nocodemirror'}) {
+ $nocodem = 'yes';
+ }
+ }
+ if ($nocodem eq 'yes') {
+ return 1;
+ }
+ return;
+}
+
+##############################################
+=pod
+
+=item * &permitted_editors()
+
+Input: $uri (optional)
+
+Returns: %editors hash in which keys are editors
+ permitted in current Authoring Space,
+ or in current course for web pages
+ created in a course.
+
+ Value for each key is 1. Possible keys
+ are: edit, xml, and daxe.
+
+ For a regular Authoring Space, if no specific
+ set of editors has been set for the Author
+ who owns the Authoring Space, then the
+ domain default will be used. If no domain
+ default has been set, then the keys will be
+ edit and xml.
+
+ For a course author, or for web pages created
+ in a course, if no specific set of editors has
+ been set for the course, then the domain
+ course default will be used. If no domain
+ course default has been set, then the keys
+ will be edit and xml.
+
+=cut
+
+sub permitted_editors {
+ my ($uri) = @_;
+ my ($is_author,$is_coauthor,$is_course,$auname,$audom,%editors);
+ if ($env{'request.role'} =~ m{^au\./}) {
+ $is_author = 1;
+ } elsif ($env{'request.role'} =~ m{^(?:ca|aa)\./($match_domain)/($match_username)}) {
+ ($audom,$auname) = ($1,$2);
+ if (($audom ne '') && ($auname ne '')) {
+ if (($env{'user.domain'} eq $audom) &&
+ ($env{'user.name'} eq $auname)) {
+ $is_author = 1;
+ } else {
+ $is_coauthor = 1;
+ }
+ }
+ } elsif ($env{'request.course.id'}) {
+ my ($cdom,$cnum);
+ $cdom = $env{'course.'.$env{'request.course.id'}.'.domain'};
+ $cnum = $env{'course.'.$env{'request.course.id'}.'.num'};
+ if (($env{'request.editurl'} =~ m{^/priv/\Q$cdom/$cnum\E/}) ||
+ ($env{'request.editurl'} =~ m{^/uploaded/\Q$cdom/$cnum\E/(docs|supplemental)/}) ||
+ ($uri =~ m{^/uploaded/\Q$cdom/$cnum\E/(docs|supplemental)/})) {
+ $is_course = 1;
+ } elsif ($env{'request.editurl'} =~ m{^/priv/($match_domain)/($match_username)/}) {
+ ($audom,$auname) = ($1,$2);
+ } elsif ($env{'request.uri'} =~ m{^/priv/($match_domain)/($match_username)/}) {
+ ($audom,$auname) = ($1,$2);
+ } elsif (($uri eq '/daxesave') &&
+ (($env{'form.path'} =~ m{^/daxeopen/priv/\Q$cdom/$cnum\E/}) ||
+ ($env{'form.path'} =~ m{^/daxeopen/uploaded/\Q$cdom/$cnum\E/(docs|supplemental)/}))) {
+ $is_course = 1;
+ } elsif (($uri eq '/daxesave') &&
+ ($env{'form.path'} =~ m{^/daxeopen/priv/($match_domain)/($match_username)/})) {
+ ($audom,$auname) = ($1,$2);
+ }
+ unless ($is_course) {
+ if (($audom ne '') && ($auname ne '')) {
+ if (($env{'user.domain'} eq $audom) &&
+ ($env{'user.name'} eq $auname)) {
+ $is_author = 1;
+ } else {
+ $is_coauthor = 1;
+ }
+ }
+ }
+ }
+ if ($is_author) {
+ if (exists($env{'environment.editors'})) {
+ map { $editors{$_} = 1; } split(/,/,$env{'environment.editors'});
+ } else {
+ %editors = ( edit => 1,
+ xml => 1,
+ );
+ }
+ } elsif ($is_coauthor) {
+ if (exists($env{"environment.internal.editors./$audom/$auname"})) {
+ map { $editors{$_} = 1; } split(/,/,$env{"environment.internal.editors./$audom/$auname"});
+ } else {
+ %editors = ( edit => 1,
+ xml => 1,
+ );
+ }
+ } elsif ($is_course) {
+ if (exists($env{'course.'.$env{'request.course.id'}.'.internal.crseditors'})) {
+ map { $editors{$_} = 1; } split(/,/,$env{'course.'.$env{'request.course.id'}.'.internal.crseditors'});
+ } else {
+ my %domdefaults = &Apache::lonnet::get_domain_defaults($env{'course.'.$env{'request.course.id'}.'.domain'});
+ if (exists($domdefaults{'crseditors'})) {
+ map { $editors{$_} = 1; } split(/,/,$domdefaults{'crseditors'});
+ } else {
+ %editors = ( edit => 1,
+ xml => 1,
+ );
+ }
+ }
+ } else {
+ %editors = ( edit => 1,
+ xml => 1,
+ );
+ }
+ return %editors;
+}
+
###############################################
###############################################
@@ -5404,6 +6226,34 @@ Inputs:
inlineremote items to be added in "Functions" menu below
breadcrumbs.
+=item * $ltiscope, optional argument, will be one of: resource, map or
+ course, if LON-CAPA is in LTI Provider context. Value is
+ the scope of use, i.e., launch was for access to a single, a map
+ or the entire course.
+
+=item * $ltiuri, optional argument, if LON-CAPA is in LTI Provider
+ context, this will contain the URL for the landing item in
+ the course, after launch from an LTI Consumer
+
+=item * $ltimenu, optional argument, if LON-CAPA is in LTI Provider
+ context, this will contain a reference to hash of items
+ to be included in the page header and/or inline menu.
+
+=item * $menucoll, optional argument, if specific menu collection is in
+ effect, either set as the default for the course, or set for
+ the deeplink paramater for $env{'request.deeplink.login'}
+ then $menucoll will be the number of that collection.
+
+=item * $menuref, optional argument, reference to a hash, containing the
+ menu options included for the menu in effect, based on the
+ configuration for the numbered menu collection in use.
+
+=item * $showncrumbsref, reference to a scalar. Calls to lonmenu::innerregister
+ within &bodytag() can result in calls to lonhtmlcommon::breadcrumbs(),
+ if so, $showncrumbsref is set there to 1, and will propagate back
+ via &bodytag() to &start_page(), to prevent lonhtmlcommon::breadcrumbs()
+ being called a second time.
+
=back
Returns: A uniform header for LON-CAPA web pages.
@@ -5415,7 +6265,8 @@ other decorations will be returned.
sub bodytag {
my ($title,$function,$addentries,$bodyonly,$domain,$forcereg,
- $no_nav_bar,$bgcolor,$no_inline_link,$args,$advtoolsref)=@_;
+ $no_nav_bar,$bgcolor,$no_inline_link,$args,$advtoolsref,
+ $ltiscope,$ltiuri,$ltimenu,$menucoll,$menuref,$showncrumbsref)=@_;
my $public;
if ((($env{'user.name'} eq 'public') && ($env{'user.domain'} eq 'public'))
@@ -5444,12 +6295,24 @@ sub bodytag {
if ($realm) {
$realm = '/'.$realm;
}
- if ($role eq 'ca') {
+ if ($role eq 'ca') {
my ($rdom,$rname) = ($realm =~ m{^/($match_domain)/($match_username)$});
$realm = &plainname($rname,$rdom);
}
# realm
+ my ($cid,$sec);
if ($env{'request.course.id'}) {
+ $cid = $env{'request.course.id'};
+ if ($env{'request.course.sec'}) {
+ $sec = $env{'request.course.sec'};
+ }
+ } elsif ($realm =~ m{^/($match_domain)/($match_courseid)(?:|/(\w+))$}) {
+ if (&Apache::lonnet::is_course($1,$2)) {
+ $cid = $1.'_'.$2;
+ $sec = $3;
+ }
+ }
+ if ($cid) {
if ($env{'request.role'} !~ /^cr/) {
$role = &Apache::lonnet::plaintext($role,&course_type());
} elsif ($role =~ m{^cr/($match_domain)/\1-domainconfig/(\w+)$}) {
@@ -5461,10 +6324,10 @@ sub bodytag {
} else {
$role = (split(/\//,$role,4))[-1];
}
- if ($env{'request.course.sec'}) {
- $role .= (' 'x2).'- '.&mt('section:').' '.$env{'request.course.sec'};
+ if ($sec) {
+ $role .= (' 'x2).'- '.&mt('section:').' '.$sec;
}
- $realm = $env{'course.'.$env{'request.course.id'}.'.description'};
+ $realm = $env{'course.'.$cid.'.description'};
} else {
$role = &Apache::lonnet::plaintext($role);
}
@@ -5486,19 +6349,47 @@ sub bodytag {
if ($public) {
undef($role);
}
-
+
+ my $showcrstitle = 1;
+ if (($cid) && ($env{'request.lti.login'})) {
+ if (ref($ltimenu) eq 'HASH') {
+ unless ($ltimenu->{'role'}) {
+ undef($role);
+ }
+ unless ($ltimenu->{'coursetitle'}) {
+ $realm=' ';
+ $showcrstitle = 0;
+ }
+ }
+ } elsif (($cid) && ($menucoll)) {
+ if (ref($menuref) eq 'HASH') {
+ unless ($menuref->{'role'}) {
+ undef($role);
+ }
+ unless ($menuref->{'crs'}) {
+ $realm=' ';
+ $showcrstitle = 0;
+ }
+ }
+ }
+
my $titleinfo = '
'.$title.'
';
#
# Extra info if you are the DC
my $dc_info = '';
- if ($env{'user.adv'} && exists($env{'user.role.dc./'.
- $env{'course.'.$env{'request.course.id'}.
- '.domain'}.'/'})) {
- my $cid = $env{'request.course.id'};
+ if (($env{'user.adv'}) && ($env{'request.course.id'}) && $showcrstitle &&
+ (exists($env{'user.role.dc./'.$env{'course.'.$cid.'.domain'}.'/'}))) {
$dc_info = $cid.' '.$env{'course.'.$cid.'.internal.coursecode'};
$dc_info =~ s/\s+$//;
}
+ my $crstype;
+ if ($cid) {
+ $crstype = $env{'course.'.$cid.'.type'};
+ } elsif ($args->{'crstype'}) {
+ $crstype = $args->{'crstype'};
+ }
+
$role = '('.$role.')' if ($role && !$env{'browser.mobile'});
if ($env{'request.state'} eq 'construct') { $forcereg=1; }
@@ -5526,27 +6417,53 @@ sub bodytag {
$bodytag .= Apache::lonhtmlcommon::scripttag(
Apache::lonmenu::utilityfunctions($httphost), 'start');
- my ($left,$right) = Apache::lonmenu::primary_menu();
-
- if ($env{'request.noversionuri'} =~ m{^/res/adm/pages/}) {
- if ($dc_info) {
- $dc_info = qq|$dc_info|;
- }
- $bodytag .= qq|
$left $role
- $realm $dc_info
|;
- return $bodytag;
+ my $collapsible;
+ if ($args->{'collapsible_header'} ne '') {
+ $collapsible = 1;
+ my ($menustate,$tiptext,$divclass);
+ if ($args->{'start_collapsed'}) {
+ $menustate = 'collapsed';
+ $tiptext = 'display';
+ $divclass = 'hidden';
+ } else {
+ $menustate = 'expanded';
+ $tiptext = 'hide';
+ $divclass = 'shown';
+ }
+ my $alttext = &mt('menu state: '.$menustate);
+ my $tooltip = &mt($tiptext.' standard menus');
+ $bodytag .= <<"END";
+