Annotation of loncom/interface/lonsource.pm, revision 1.40

1.1       taceyjo1    1: # The LearningOnline Network with CAPA
1.23      bisitz      2: # Source Code handler
1.1       taceyjo1    3: #
1.40    ! raeburn     4: # $Id: lonsource.pm,v 1.39 2020/02/03 19:02:18 raeburn Exp $
1.1       taceyjo1    5: #
                      6: # Copyright Michigan State University Board of Trustees
                      7: #
                      8: # This file is part of the LearningOnline Network with CAPA (LON-CAPA).
                      9: #
                     10: # LON-CAPA is free software; you can redistribute it and/or modify
                     11: # it under the terms of the GNU General Public License as published by
                     12: # the Free Software Foundation; either version 2 of the License, or
                     13: # (at your option) any later version.
                     14: #
                     15: # LON-CAPA is distributed in the hope that it will be useful,
                     16: # but WITHOUT ANY WARRANTY; without even the implied warranty of
                     17: # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
                     18: # GNU General Public License for more details.
                     19: #
                     20: # You should have received a copy of the GNU General Public License
                     21: # along with LON-CAPA; if not, write to the Free Software
                     22: # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
                     23: #
                     24: # /home/httpd/html/adm/gpl.txt
                     25: #
                     26: # http://www.lon-capa.org/
                     27: #
                     28: ###
                     29: 
                     30: 
                     31: package Apache::lonsource;
                     32: 
                     33: use strict;
1.11      albertel   34: use Apache::lonnet;
1.1       taceyjo1   35: use Apache::loncommon();
                     36: use Apache::lonhtmlcommon();
                     37: use Apache::lonsequence();
                     38: use Apache::Constants qw(:common :http);
                     39: use Apache::lonmeta;
1.37      raeburn    40: use Apache::lonenc();
1.1       taceyjo1   41: use Apache::File;
                     42: use Apache::lonlocal;
                     43: use HTML::Entities;
1.28      raeburn    44: use LONCAPA qw(:DEFAULT :match);
1.1       taceyjo1   45: 
                     46: sub make_link {
1.4       taceyjo1   47:     my ($filename, $listname) = @_;
1.36      raeburn    48:     my $sourcelink = '/adm/source?inhibitmenu=yes&filename='.
                     49:                      &escape(&escape($filename)).'&listname='.
                     50:                      &escape(&escape($listname));
1.2       albertel   51:     return $sourcelink;
1.1       taceyjo1   52: }
                     53: 
                     54: sub stage_2 {
1.26      www        55:     my ($r, $filename, $listname) = @_;
                     56:     my ($author)=($filename=~/\/res\/[^\/]+\/([^\/]+)\//);
1.33      raeburn    57:     $r->print(&Apache::loncommon::start_page('Copy Problem Source Code to Authoring Space',undef,
                     58:                                              {'only_body' => 1,})
1.21      bisitz     59:              .&mt('Please enter the directory that you would like the source code to go into.')
                     60:              .'<p>'
1.31      bisitz     61:              .&mt('Note: the path is in reference to the root of your Authoring Space,'
1.21      bisitz     62:                  .' and new directories will be automatically created.')
                     63:              .'</p>');
1.13      www        64:     $r->print('<form name="copy" action="/adm/source" target="_parent" method="post">
1.5       taceyjo1   65:               <input type="hidden" name="filename" value="'.$filename.'" />
                     66:               <input type="hidden" name="listname" value="'.$listname.'" />
                     67:               <input type="hidden" name="action" value="copy_stage" />
1.21      bisitz     68:               <input type="text" size="50" name="newpath" value="/'.&mt('shared_source').'/'.$author.'" />&nbsp;
                     69:               <input type="submit" value="'.&mt('Copy').'" />
1.33      raeburn    70:               </form>'.
                     71:               &Apache::loncommon::end_page());
1.5       taceyjo1   72:     return OK;
1.4       taceyjo1   73: }
                     74: 
1.26      www        75: sub copy_author {
1.4       taceyjo1   76:     my $role;
                     77:     my $domain;
                     78:     my $author_name;
1.19      albertel   79:     if ($env{'request.role'} =~ m{^ca\.}) {
1.11      albertel   80:         ($role, $domain, $author_name) = split(/\//,$env{'request.role'});
1.4       taceyjo1   81:     } else {
1.5       taceyjo1   82:         $role = "au.";
1.11      albertel   83:         $domain = $env{'user.domain'};
                     84:         $author_name = $env{'user.name'};
1.5       taceyjo1   85:     }
1.26      www        86:     return ($role,$author_name,$domain);
                     87: }
                     88: 
                     89: 
                     90: sub copy_stage {
                     91:     my ($r, $filename, $listname, $newpath) = @_;
                     92: 
1.35      raeburn    93:     my ($path_to_new_file,$uname,$udom) = &get_path_to_newfile($r,$newpath,$listname);
1.20      albertel   94: 
                     95:     #allowed
1.35      raeburn    96:     if ($path_to_new_file) {
                     97:         $r->print(&Apache::loncommon::start_page('Copying Source',undef,{'only_body' => 1}));
                     98:         my $result = &Apache::loncfile::exists($uname, $udom, $path_to_new_file);
                     99:         $r->print($result);
                    100:         if (($result) && ($result =~ /published/)) {
                    101: 	    &delete_copy_file($r, $newpath, $filename, $path_to_new_file, '1');
                    102:         } elsif (($result) && ($result =~ /exists\!/)) {
                    103: 	    &confirm($r, $newpath, $filename, $listname);
                    104:         } else {
                    105: 	    &copy_file($r, $newpath, $filename, $path_to_new_file);
                    106:         }
                    107:         $r->print(&Apache::loncommon::end_page());
1.5       taceyjo1  108:     }
1.34      raeburn   109:     return;
1.4       taceyjo1  110: }
                    111: 
                    112: sub confirm {
1.35      raeburn   113:     my ($r, $newpath, $filename, $listname) = @_;
1.32      bisitz    114:     $r->print('<b>'.&mt('Press delete to remove file and replace it with a copy of the source you are viewing.').'</b><br /><br />');
1.13      www       115:     $r->print('<form name="delete_confirm" action="/adm/source" target="_parent" method="post">
1.5       taceyjo1  116:               <input type="hidden" name="filename" value="'.$filename.'" />
1.35      raeburn   117:               <input type="hidden" name="listname" value="'.$listname.'" />
1.5       taceyjo1  118:               <input type="hidden" name="newpath" value="'.$newpath.'" />
                    119:               <input type="hidden" name="action" value="delete_confirm" />
                    120:               <input type="submit" value="Delete" />
                    121:               </form>');
1.34      raeburn   122:     return;
1.4       taceyjo1  123: }
                    124: 
1.6       taceyjo1  125: sub delete_copy_file {
1.26      www       126:     my ($r, $newpath, $filename, $path_to_new_file, $type) = @_;
1.35      raeburn   127:     if ($type eq '1') {
1.23      bisitz    128:         $r->print('<p><span class="LC_warning">'
                    129:                  .&mt('Cannot delete non-obsolete published file.')
                    130:                  .'</span><br />'
                    131:                  .&mt('Please use the code view in previous window to use shared code.')
                    132:                  .'<br /><br />');
1.33      raeburn   133:         $r->print('<form name="delete_done" action="/adm/source" target="_parent" method="post">'
                    134:                  .'<input type="button" value="'.&mt('Close Window').'" name="close"'
1.24      raeburn   135:                  .' onclick="window.close()" />'
1.34      raeburn   136:                  .'</form></p>');
1.35      raeburn   137:         return;
1.5       taceyjo1  138:     } else {
1.33      raeburn   139:         $r->print(&Apache::loncommon::start_page('Copying Source',undef,{'only_body' => 1}));
1.35      raeburn   140:         if (-e $path_to_new_file) {
                    141:             unless (unlink($path_to_new_file)) {
1.23      bisitz    142:                 $r->print('<p class="LC_error"">'.&mt('Error:').' '.$!.'</p>');
1.5       taceyjo1  143:                 return 0;
                    144:             }
                    145:         } else {
1.33      raeburn   146:             $r->print('<p class="LC_error">'.&mt('No such file').'</p>');
1.5       taceyjo1  147:             return 0;
                    148:         }
1.26      www       149:         &copy_file($r, $newpath, $filename, $path_to_new_file);
1.33      raeburn   150:         $r->print(&Apache::loncommon::end_page());
1.35      raeburn   151:         return;
1.5       taceyjo1  152:     }
1.1       taceyjo1  153: }
                    154: 
1.4       taceyjo1  155: sub copy_file {
1.26      www       156:     my ($r, $newpath, $filename, $path_to_new_file) = @_;
1.32      bisitz    157:     $r->print('<b>'.&mt('Creating directories').'</b>');
1.26      www       158: 
                    159: #Figure out if we are author or co-author
                    160:     my ($role,$author_name,$domain)=&copy_author();
                    161: 
1.27      raeburn   162:     my $path = $r->dir_config('lonDocRoot')."/priv/$domain/$author_name/";
1.5       taceyjo1  163:     my @directories = split(/\//,$newpath);
1.26      www       164: 
1.5       taceyjo1  165:     foreach my $now_checking (@directories) {
                    166:         if($now_checking ne '') {
                    167:             $path = $path.'/'.$now_checking;
                    168:             if(-e $path) {} #More moving along, isn't recursion fun'
                    169: 
                    170:             else {
                    171:                 unless(mkdir($path, 02770)) {
1.23      bisitz    172:                     $r->print('<p class="LC_error">'.&mt('Error:').' '.$!.'</p>');
1.5       taceyjo1  173:                     return 0;
                    174:                 }
                    175:                 unless(chmod(02770, ($path))) {
1.23      bisitz    176:                     $r->print('<p class="LC_error"> '.&mt('Error:').' '.$!.'</p>');
1.5       taceyjo1  177:                     return 0;
                    178:                 }
                    179:             }
                    180:         } else { } #Just move along
                    181: 
                    182:     }
1.32      bisitz    183:     $r->print('<br /><b>'.&mt('Copying File').'</b>');
1.6       taceyjo1  184:     my $problem_filename = $Apache::lonnet::perlvar{'lonDocRoot'}.$filename;
1.17      www       185:     my $file_output = &includemeta(&Apache::lonnet::getfile($problem_filename),$filename);
1.5       taceyjo1  186:     my $fs=Apache::File->new(">$path_to_new_file");
                    187:     if (defined($fs)) {
                    188:         print $fs $file_output;
                    189:     }
                    190:     $r->print("<br /><br />");
1.33      raeburn   191:     $r->print('<form name="copied_file" action="/adm/source" target="_parent" method="post">'
                    192:               .'<input type="button" value="'
                    193:               .&mt('Close Window').'" name="close" onclick="window.close()" />'
                    194:               .'</form>');
1.5       taceyjo1  195:     #Some 1.3'ish feature is to include the derivative feature, will go here..'
1.34      raeburn   196:     return;
1.5       taceyjo1  197: }
1.4       taceyjo1  198: 
1.1       taceyjo1  199: sub print_item {
1.37      raeburn   200:     my ($r,$filename,$listname,$context) = @_;
                    201:     my $file_output;
                    202:     if ($context eq 'view') {
                    203:         $file_output =
                    204:             &Apache::lonnet::getfile($Apache::lonnet::perlvar{'lonDocRoot'}.$filename);
                    205:     } else {
                    206:         $file_output =
                    207:             &includemeta(&Apache::lonnet::getfile($Apache::lonnet::perlvar{'lonDocRoot'}.$filename),
                    208:                                                   $filename);
                    209:     }
1.28      raeburn   210:     $r->print(&Apache::loncommon::start_page('View Source Code',undef,
                    211:                                              {'only_body' => 1}));
                    212:     if ($file_output ne '') {
                    213:         my $access_to_cstr;
                    214:         my $lonhost = $r->dir_config('lonHostID');
1.37      raeburn   215:         if ($context eq 'view') {
                    216:             $r->print('<form name="view" action="" target="_parent" method="post"><span class="LC_info">'.
                    217:                       &mt('Source code is displayed below.').
                    218:                       '</span>'.('&nbsp;' x4).'<input type="button" name="close" onclick="window.close();"'.
                    219:                       ' value="'.&mt('Close Window').'" /></form><hr />');
                    220:         } elsif (&Apache::lonnet::is_library($lonhost)) {
1.28      raeburn   221:             my @possdoms = &Apache::lonnet::current_machine_domains();
                    222:             foreach my $dom (@possdoms) {
                    223:                 if ($env{"user.role.au./$dom/"}) {
                    224:                     $access_to_cstr = 1;
                    225:                     last;  
                    226:                 }
                    227:             }
                    228:             unless ($access_to_cstr) {
                    229:                 foreach my $key (keys(%env)) {
                    230:                     if ($key =~ m{^\Quser.role.ca./\E($match_domain)/}) {
                    231:                         my $adom = $1;
                    232:                         if (grep(/^\Q$adom\E$/,@possdoms)) {
                    233:                             $access_to_cstr = 1;
                    234:                             last;
                    235:                         }
                    236:                     }
                    237:                 }
                    238:             }
                    239:             if ($access_to_cstr) {
                    240:                 $r->print('
                    241:              <form name="copy" action="/adm/source" target="_parent" method="post">
                    242:               <input type="button" value="'.&mt('Close Window').'" name="close" onclick="window.close();" />
                    243:               <input type="hidden" name="filename" value="'.$filename.'" />
                    244:               <input type="hidden" name="listname" value="'.$listname.'" />
                    245:               <input type="hidden" name="action" value="stage2" />
1.30      raeburn   246:               <input type="submit" value="'.&mt('Copy to Authoring Space').'" />
1.28      raeburn   247:              </form><hr />
                    248:                 ');
                    249:             } else {
                    250:                 $r->print('<p><span class="LC_info">'.
                    251:                           &mt('Source code is displayed, but you can not copy to Authoring Space, as you do not have an author or co-author role on this server.').
                    252:                           '</span></p><a href="javascript:window.close();">'.&mt('Close Window').
                    253:                           '</a><br /><hr />'
                    254:                          );
                    255:             }
                    256:         } else {
                    257:             $r->print('<p><span class="LC_info">'.
                    258:                       &mt('Source code is displayed, but you can not copy to Authoring Space on this server.').
                    259:                           '</span></p><a href="javascript:window.close();">'.&mt('Close Window').
                    260:                           '</a><br /><hr />'
                    261:                      );
                    262: 
                    263:         }
                    264:         my $count=0;
                    265:         my $maxlength=-1;
                    266:         foreach (split ("\n", $file_output)) {
                    267:             $count+=int(length($_)/79);
                    268:             $count++;
                    269:             if (length($_) > $maxlength) {
                    270:                 $maxlength = length($_);
                    271:             }
1.5       taceyjo1  272:         }
1.28      raeburn   273:         my $rows = $count;
                    274:         my $cols = $maxlength;
                    275:         $r->print('<form name="showsrc" action="" method="post" onsubmit="return false">'."\n".
                    276:                   '<textarea rows="'.$rows.'" cols="'.$cols.'" name="editxmltext">'.
                    277:                   &HTML::Entities::encode($file_output,'<>&"').'</textarea></form>');
                    278:     } else {
                    279:         $r->print('<p class="LC_warning">'.
                    280:                   &mt('Unable to retrieve file contents.').
                    281:                   '</p><a href="javascript:window.close();">'.&mt('Close Window').'</a>'
                    282:                  );
1.5       taceyjo1  283:     }
1.28      raeburn   284:     $r->print(&Apache::loncommon::end_page());
                    285:     return;
1.1       taceyjo1  286: }
                    287: 
1.17      www       288: sub includemeta {
                    289:     my ($file_output,$orgfilename)=@_;
                    290:     my $escfilename=&escape($orgfilename);
                    291:     my $copytime=time;
                    292:     if ($file_output=~/\<meta\s*name\=\"isbasedonres\"/i) {
                    293: 	$file_output=~s/(\<meta\s*name\=\"isbasedonres\"\s*content\=\"[^\"]*)\"/$1\,\Q$escfilename\E\"/i;
                    294:     } else {
                    295: 	$file_output=~s/(\<(?:html|problem)[^\>]*\>)/$1\n\<meta name=\"isbasedonres\" content=\"\Q$escfilename\E\" \/\>/i;
                    296:     }
                    297:     if ($file_output=~/\<meta\s*name\=\"isbasedontime\"/i) {
                    298: 	$file_output=~s/(\<meta\s*name\=\"isbasedontime\"\s*content\=\"[^\"]*)\"/$1\,\Q$copytime\E\"/i;
                    299:     } else {
                    300: 	$file_output=~s/(\<(?:html|problem)[^\>]*\>)/$1\n\<meta name=\"isbasedontime\" content=\"\Q$copytime\E\" \/\>/i;
                    301:     }
1.28      raeburn   302:     if ($file_output eq '-1') {
                    303:         return;
                    304:     } else {
                    305:         return $file_output;
                    306:     }
1.17      www       307: }
1.1       taceyjo1  308: 
1.35      raeburn   309: sub get_path_to_newfile {
                    310:     my ($r,$newpath,$listname) = @_;
                    311: 
                    312:     #Figure out if we are author or co-author
                    313:     my ($role,$author_name,$domain) = &copy_author();
                    314: 
                    315:     # Construct path to copy and filter out any possibly nasty stuff
                    316:     my $path = $r->dir_config('lonDocRoot')."/priv/$domain/$author_name/";
                    317:     my $path_to_new_file = $path."$newpath/$listname";
                    318:     $path_to_new_file=~s/\.\.//g;
                    319:     $path_to_new_file=~s/\~//g;
                    320:     $path_to_new_file=~s/\/+/\//g;
                    321: 
                    322:     #Just checking again for access as we want to make sure that it is really ok
                    323:     #now that we have the real path
                    324: 
                    325:     my ($uname,$udom)= &Apache::lonnet::constructaccess($path_to_new_file);
                    326: 
                    327:     if (!$uname || !$udom) {
                    328:         $r->print(&Apache::loncommon::start_page('Not Allowed',undef,{'only_body' => 1}));
                    329:         $r->print(&mt('Not allowed to create file [_1]', $path_to_new_file));
                    330:         $r->print(&Apache::loncommon::end_page());
                    331:         if (wantarray) {
                    332:             return();
                    333:         } else {
                    334:             return;
                    335:         }
                    336:     }
                    337:     if (wantarray) {
                    338:         return ($path_to_new_file,$uname,$udom);
                    339:     } else {
                    340:         return $path_to_new_file;
                    341:     }
                    342: }
                    343: 
1.5       taceyjo1  344: sub handler {
1.2       albertel  345:     my $r=shift;
1.3       www       346:     &Apache::loncommon::get_unprocessed_cgi($ENV{'QUERY_STRING'},
1.37      raeburn   347:                                             ['filename','listname','viewonly']);
1.11      albertel  348:     my $filename = $env{'form.filename'};
1.37      raeburn   349:     my $shownfilename = $filename;
                    350:     $shownfilename =~ s/(`)/'/g;
                    351:     $shownfilename =~ s/\$/\(\$\)/g;
1.11      albertel  352:     my $listname = $env{'form.listname'};
1.37      raeburn   353:     my $viewonly = $env{'form.viewonly'};
1.35      raeburn   354: 
1.37      raeburn   355:     if ($viewonly) {
                    356:         my $canview;
1.40    ! raeburn   357:         if ((&Apache::lonnet::metadata($filename,'sourceavail') eq 'open') &&
        !           358:             (&Apache::lonnet::allowed('cre','/'))) {
        !           359:             $canview = 1;
        !           360:         } elsif (($env{'request.course.id'}) && (&Apache::lonnet::is_on_map($filename))) {
        !           361:             my $crs_sec = $env{'request.course.id'} . (($env{'request.course.sec'} ne '')
        !           362:                                                       ? "/$env{'request.course.sec'}"
        !           363:                                                       : '');
        !           364:             if (&Apache::lonnet::allowed('vxc',$crs_sec)) {
1.37      raeburn   365:                 my $cdom = $env{'course.'.$env{'request.course.id'}.'.domain'};
                    366:                 &Apache::lonenc::check_decrypt(\$filename);
                    367:                 if (($env{'request.role.domain'} eq $cdom) && ($filename =~ /$LONCAPA::assess_re/)) {
                    368:                     my ($auname) = ($filename =~ m{^\Q/res/$cdom/\E($match_username)/});
1.38      raeburn   369:                     if (($auname ne '') && ($env{'request.course.adhocsrcaccess'} ne '') &&
1.37      raeburn   370:                         (grep(/^\Q$auname\E$/,split(/,/,$env{'request.course.adhocsrcaccess'})))) {
                    371:                         $canview = 1;
1.39      raeburn   372:                     } elsif ((&Apache::lonnet::metadata($filename,'sourceavail') eq 'open') &&
1.38      raeburn   373:                              ($filename =~ m{^\Q/res/$cdom/}) &&
1.40    ! raeburn   374:                              (&Apache::lonnet::allowed('bre',$crs_sec))) {
1.38      raeburn   375:                         $canview = 1;
1.37      raeburn   376:                     }
                    377:                 }
                    378:             }
                    379:         }
                    380:         unless ($canview) {
                    381:             $env{'user.error.msg'}="$shownfilename:cre:1:1:Source code not available";
                    382:             return HTTP_NOT_ACCEPTABLE;
                    383:         }
                    384:     } elsif (&Apache::lonnet::metadata($filename,'sourceavail') ne 'open') {
                    385:         $env{'user.error.msg'}="$shownfilename:cre:1:1:Source code not available";
1.5       taceyjo1  386:         return HTTP_NOT_ACCEPTABLE;
1.28      raeburn   387:     }
                    388:     unless (&Apache::lonnet::allowed('bre',$filename)) {
1.37      raeburn   389:         $env{'user.error.msg'}="$shownfilename:bre:1:1:Access to resource denied";
1.5       taceyjo1  390:         return HTTP_NOT_ACCEPTABLE;
1.28      raeburn   391:     }
1.40    ! raeburn   392:     unless (($viewonly) || (&Apache::lonnet::allowed('cre','/'))) {
        !           393:         $env{'user.error.msg'}="$shownfilename:cre:1:1:Access to source code denied";
        !           394:         return HTTP_NOT_ACCEPTABLE;
1.28      raeburn   395:     }
1.35      raeburn   396:     my $newpath = $env{'form.newpath'};
1.20      albertel  397: 
                    398:     &Apache::loncommon::content_type($r,'text/html');
                    399:     $r->send_http_header;
                    400: 
1.37      raeburn   401:     if ($viewonly) {
                    402:         &print_item($r,$filename,$listname,'view');
                    403:     } elsif ($env{'form.action'} eq 'stage2') {
1.28      raeburn   404:         &stage_2($r,$filename,$listname);
1.11      albertel  405:     } elsif($env{'form.action'} eq 'copy_stage') {
1.35      raeburn   406:         &copy_stage($r,$filename,$listname,$newpath);
1.11      albertel  407:     } elsif($env{'form.action'} eq 'delete_confirm') {
1.35      raeburn   408:         my $path_to_new_file = &get_path_to_newfile($r,$newpath,$listname);
                    409:         if ($path_to_new_file) {
                    410:             &delete_copy_file($r, $newpath, $filename, $path_to_new_file, '0');
                    411:         }
1.6       taceyjo1  412:     } else {
1.28      raeburn   413:         &print_item($r,$filename,$listname);
1.5       taceyjo1  414:     }
1.2       albertel  415:     return OK;
1.1       taceyjo1  416: }
                    417: 
                    418: 1;
1.5       taceyjo1  419: 
                    420: 

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>