File:
[LON-CAPA] /
loncom /
interface /
lontiny.pm
Revision
1.8:
download - view:
text,
annotated -
select for diffs
Wed Nov 3 01:04:03 2021 UTC (2 years, 8 months ago) by
raeburn
Branches:
MAIN
CVS tags:
version_2_11_4_msu,
HEAD
- Bug 6907
- Use of token to store linkprot or linkkey compatible with use of
btoken and iptoken (for load balancing and IP change respectively).
- Launching access from a deeplink, with its own ltoken and/or linkkey,
for a user session originally launched from a different deeplink will
update required session information.
1: # The LearningOnline Network with CAPA
2: # Extract domain, courseID, and symb from a shortened URL,
3: # and switch role to a role in designated course.
4: #
5: # $Id: lontiny.pm,v 1.8 2021/11/03 01:04:03 raeburn Exp $
6: #
7: # Copyright Michigan State University Board of Trustees
8: #
9: # This file is part of the LearningOnline Network with CAPA (LON-CAPA).
10: #
11: # LON-CAPA is free software; you can redistribute it and/or modify
12: # it under the terms of the GNU General Public License as published by
13: # the Free Software Foundation; either version 2 of the License, or
14: # (at your option) any later version.
15: #
16: # LON-CAPA is distributed in the hope that it will be useful,
17: # but WITHOUT ANY WARRANTY; without even the implied warranty of
18: # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19: # GNU General Public License for more details.
20: #
21: # You should have received a copy of the GNU General Public License
22: # along with LON-CAPA; if not, write to the Free Software
23: # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
24: #
25: # /home/httpd/html/adm/gpl.txt
26: #
27: # http://www.lon-capa.org/
28: #
29:
30: package Apache::lontiny;
31:
32: use strict;
33: use Apache::Constants qw(:common :http);
34: use Apache::lonnet;
35: use Apache::loncommon;
36: use Apache::lonhtmlcommon;
37: use Apache::lonroles;
38: use Apache::lonuserstate;
39: use Apache::lonnavmaps;
40: use Apache::lonlocal;
41: use LONCAPA qw(:DEFAULT :match);
42:
43: sub handler {
44: my $r = shift;
45: my %user;
46: my $handle = &Apache::lonnet::check_for_valid_session($r,undef,\%user);
47: if ($handle ne '') {
48: my $lonidsdir=$r->dir_config('lonIDsDir');
49: &Apache::lonnet::transfer_profile_to_env($lonidsdir,$handle);
50: if ($r->uri =~ m{^/tiny/($match_domain)/(\w+)$}) {
51: my ($cdom,$key) = ($1,$2);
52: if (&Apache::lonnet::domain($cdom) ne '') {
53: my $configuname = &Apache::lonnet::get_domainconfiguser($cdom);
54: my $tinyurl;
55: my ($result,$cached)=&Apache::lonnet::is_cached_new('tiny',$cdom."\0".$key);
56: if (defined($cached)) {
57: $tinyurl = $result;
58: } else {
59: my %currtiny = &Apache::lonnet::get('tiny',[$key],$cdom,$configuname);
60: if ($currtiny{$key} ne '') {
61: $tinyurl = $currtiny{$key};
62: &Apache::lonnet::do_cache_new('tiny',$cdom."\0".$key,$currtiny{$key},600);
63: }
64: }
65: if ($tinyurl) {
66: my ($cnum,$symb) = split(/\&/,$tinyurl);
67: if ($cnum =~ /^$match_courseid$/) {
68: my $chome = &Apache::lonnet::homeserver($cnum,$cdom);
69: if ($chome ne 'no_host') {
70: &Apache::loncommon::get_unprocessed_cgi($ENV{'QUERY_STRING'},['ttoken']);
71: if ($env{'request.course.id'} eq $cdom.'_'.$cnum) {
72: # Check for ttoken
73: my $newlauncher = &launch_check($r->uri,$symb);
74: my ($map,$resid,$url) = &Apache::lonnet::decode_symb($symb);
75: if (&Apache::lonnet::is_on_map($url)) {
76: my $realuri;
77: if ((&Apache::lonnet::EXT('resource.0.hiddenresource',$symb) =~ /^yes$/i) &&
78: (!$env{'request.role.adv'})) {
79: $env{'user.error.msg'}=$r->uri.':bre:1:1:Access to resource denied';
80: return HTTP_NOT_ACCEPTABLE;
81: }
82: if ((&Apache::lonnet::EXT('resource.0.encrypturl',$symb) =~ /^yes$/i) &&
83: (!$env{'request.role.adv'})) {
84: $realuri = &Apache::lonenc::encrypted(&Apache::lonnet::clutter($url));
85: if (($url =~ /\.sequence$/) &&
86: ($env{'course.'.$env{'request.course.id'}.'.type'} ne 'Placement')) {
87: $realuri .= '?navmap=1';
88: } else {
89: $realuri .= '?symb='.&Apache::lonenc::encrypted($symb);
90: }
91: } else {
92: $realuri = &Apache::lonnet::clutter($url);
93: if (($url =~ /\.sequence$/) &&
94: ($env{'course.'.$env{'request.course.id'}.'.type'} ne 'Placement')) {
95: $realuri .= '?navmap=1';
96: } else {
97: $realuri .= '?symb='.$symb;
98: }
99: }
100: my $update;
101: # Check if course needs to be re-initialized
102: if ($newlauncher) {
103: $update = 1;
104: } else {
105: my $loncaparev = $r->dir_config('lonVersion');
106: my ($result,@reinit) = &Apache::loncommon::needs_coursereinit($loncaparev);
107: if ($result eq 'update') {
108: $update = 1;
109: } elsif (!-e $env{'request.course.fn'}.'.db') {
110: $update = 1;
111: } elsif (!$env{'request.role.adv'}) {
112: my $navmap = Apache::lonnavmaps::navmap->new();
113: if (ref($navmap)) {
114: my $res = $navmap->getBySymb($symb);
115: if (ref($res)) {
116: my ($enc_in_bighash,$enc_in_parm);
117: $enc_in_bighash = $res->encrypted();
118: if (&Apache::lonnet::EXT('resource.0.encrypturl',$symb) =~ /^yes$/i) {
119: $enc_in_parm = 1;
120: }
121: if ($enc_in_bighash ne $enc_in_parm) {
122: $update = 1;
123: }
124: }
125: }
126: }
127: }
128: if ($update) {
129: my ($furl,$ferr)=
130: &Apache::lonuserstate::readmap($cdom.'/'.$cnum);
131: if ($ferr) {
132: $env{'user.error.msg'}=$r->uri.':bre:0:0:Course not initialized';
133: $env{'user.reinit'} = 1;
134: return HTTP_NOT_ACCEPTABLE;
135: }
136: }
137: my $host = $r->headers_in->get('Host');
138: if (!$host) {
139: $r->internal_redirect($realuri);
140: return OK;
141: } else {
142: my $protocol = 'http';
143: if ($r->get_server_port == 443) {
144: $protocol = 'https';
145: }
146: my $location = $protocol.'://'.$host.$realuri;
147: $r->headers_out->set(Location => $location);
148: return REDIRECT;
149: }
150: }
151: } else {
152: my %crsenv = &Apache::lonnet::coursedescription("$cdom/$cnum");
153: my @possroles = ('in','ta','ep','st','cr','ad');
154: if ($crsenv{'type'} eq 'Community') {
155: unshift(@possroles,'co');
156: } else {
157: unshift(@possroles,'cc');
158: }
159: my %roleshash = &Apache::lonnet::get_my_roles($env{'user.uname'},
160: $env{'user.domain'},
161: 'userroles',undef,
162: \@possroles,[$cdom],1);
163: my (%possroles,$hassection);
164: if (keys(%roleshash)) {
165: foreach my $entry (keys(%roleshash)) {
166: if ($entry =~ /^\Q$cnum:$cdom:\E([^:]+):([^:]*)$/) {
167: $possroles{$1} = $2;
168: if ($2 ne '') {
169: $hassection = 1;
170: }
171: }
172: }
173: }
174: my @allposs = keys(%possroles);
175: if ($env{'request.lti.login'}) {
176: &Apache::loncommon::get_unprocessed_cgi($ENV{'QUERY_STRING'});
177: if ($env{'request.lti.target'} eq '') {
178: if ($env{'form.ltitarget'} eq 'iframe') {
179: &Apache::lonnet::appenv({'request.lti.target' => 'iframe'});
180: delete($env{'form.ltitarget'});
181: }
182: }
183: if ($env{'form.selectrole'}) {
184: foreach my $role (@allposs) {
185: my $newrole = "$role./$cdom/$cnum";
186: if ($possroles{$allposs[0]} ne '') {
187: $newrole .= "/$possroles{$role}";
188: }
189: if ($env{"form.$newrole"}) {
190: my $destination .= '/adm/roles?selectrole=1&'.$newrole.'=1'.
191: '&destinationurl='.&HTML::Entities::encode($r->uri);
192: if ($env{'form.ltitarget'} eq 'iframe') {
193: $destination .= '<itarget=iframe';
194: }
195: &do_redirect($r,$destination);
196: return OK;
197: }
198: }
199: }
200: }
201: if (@allposs == 0) {
202: &show_roles($r,\%crsenv,\%possroles);
203: } elsif (@allposs == 1) {
204: my $newrole = "$allposs[0]./$cdom/$cnum";
205: $newrole = "$allposs[0]./$cdom/$cnum";
206: if ($possroles{$allposs[0]} ne '') {
207: $newrole .= "/$possroles{$allposs[0]}";
208: }
209: my $destination .= '/adm/roles?selectrole=1&'.$newrole.'=1'.
210: '&destinationurl='.&HTML::Entities::encode($r->uri);
211: if ($env{'form.ttoken'}) {
212: $destination .= '&ttoken='.$env{'form.ttoken'};
213: }
214: &do_redirect($r,$destination);
215: } elsif (keys(%possroles) > 1) {
216: if (grep(/^(cc|co)$/,@allposs)) {
217: my $newrole;
218: if (exists($possroles{'cc'})) {
219: $newrole = 'cc';
220: } else {
221: $newrole = 'co';
222: }
223: $newrole .= "./$cdom/$cnum";
224: my $destination .= '/adm/roles?selectrole=1&'.$newrole.'=1'.
225: '&destinationurl='.&HTML::Entities::encode($r->uri);
226: if ($env{'form.ttoken'}) {
227: $destination .= '&ttoken='.$env{'form.ttoken'};
228: }
229: &do_redirect($r,$destination);
230: } else {
231: my $hascustom;
232: if (grep(/^cr\//,@allposs)) {
233: $hascustom = 1;
234: }
235: &show_roles($r,\%crsenv,\%possroles,$hassection,$hascustom);
236: }
237: }
238: return OK;
239: }
240: }
241: }
242: }
243: }
244: }
245: &generic_error($r);
246: return OK;
247: } else {
248: return FORBIDDEN;
249: }
250: }
251:
252: sub launch_check {
253: my ($linkuri,$symb) = @_;
254: my ($linkprotector,$linkproturi,$linkkey,$newlauncher);
255: if ($env{'form.ttoken'}) {
256: my %link_info = &Apache::lonnet::tmpget($env{'form.ttoken'});
257: &Apache::lonnet::tmpdel($env{'form.ttoken'});
258: delete($env{'form.ttoken'});
259: if ($link_info{'linkprot'}) {
260: ($linkprotector,$linkproturi) = split(/:/,$link_info{'linkprot'},2);
261: if ($env{'user.linkprotector'}) {
262: my @protectors = split(/,/,$env{'user.linkprotector'});
263: unless (grep(/^\Q$linkprotector\E$/,@protectors)) {
264: push(@protectors,$linkprotector);
265: @protectors = sort { $a <=> $b } @protectors;
266: &Apache::lonnet::appenv({'user.linkprotector' => join(',',@protectors)});
267: }
268: } else {
269: &Apache::lonnet::appenv({'user.linkprotector' => $linkprotector });
270: }
271: if ($env{'user.linkproturi'}) {
272: my @proturis = split(/,/,$env{'user.linkproturi'});
273: unless(grep(/^\Q$linkproturi\E$/,@proturis)) {
274: push(@proturis,$linkproturi);
275: @proturis = sort(@proturis);
276: &Apache::lonnet::appenv({'user.linkproturi' => join(',',@proturis)});
277: }
278: } else {
279: &Apache::lonnet::appenv({'user.linkproturi' => $linkproturi});
280: }
281: } elsif ($link_info{'linkkey'} ne '') {
282: $linkkey = $link_info{'linkkey'};
283: my $keyedlinkuri = $linkuri;
284: if ($env{'user.deeplinkkey'} ne '') {
285: my @linkkeys = split(/,/,$env{'user.deeplinkkey'});
286: unless (grep(/^\Q$linkkey\E$/,@linkkeys)) {
287: push(@linkkeys,$linkkey);
288: &Apache::lonnet::appenv({'user.deeplinkkey' => join(',',sort(@linkkeys))});
289: }
290: } else {
291: &Apache::lonnet::appenv({'user.deeplinkkey' => $linkkey});
292: }
293: if ($env{'user.keyedlinkuri'}) {
294: my @keyeduris = split(/,/,$env{'user.keyedlinkuri'});
295: unless (grep(/^\Q$keyedlinkuri\E$/,@keyeduris)) {
296: push(@keyeduris,$keyedlinkuri);
297: &Apache::lonnet::appenv({'user.keyedlinkuri' => join(',',sort(@keyeduris))});
298: }
299: } else {
300: &Apache::lonnet::appenv({'user.keyedlinkuri' => $keyedlinkuri});
301: }
302: }
303: if ($link_info{'checklaunch'}) {
304: $newlauncher = 1;
305: }
306: }
307: my $currdeeplinklogin = $env{'request.deeplink.login'};
308: my $deeplink;
309: if ($symb =~ /\.(page|sequence)$/) {
310: my $mapname = &Apache::lonnet::deversion((&Apache::lonnet::decode_symb($symb))[2]);
311: my $navmap = Apache::lonnavmaps::navmap->new();
312: if (ref($navmap)) {
313: $deeplink = $navmap->get_mapparam(undef,$mapname,'0.deeplink');
314: }
315: } else {
316: $deeplink = &Apache::lonnet::EXT('resource.0.deeplink',$symb);
317: }
318: if ($deeplink ne '') {
319: my $disallow;
320: my ($state,$others,$listed,$scope,$protect) = split(/,/,$deeplink);
321: if (($protect ne 'none') && ($protect ne '')) {
322: my ($acctype,$item) = split(/:/,$protect);
323: if ($acctype =~ /lti(c|d)$/) {
324: my $ltitype = $1;
325: if ($linkprotector) {
326: unless ($linkprotector.':'.$linkproturi eq $item.$ltitype.':'.$linkuri) {
327: $disallow = 1;
328: }
329: } else {
330: $disallow = 1;
331: }
332: } elsif ($acctype eq 'key') {
333: if ($linkkey ne '') {
334: unless ($linkkey eq $item) {
335: $disallow = 1;
336: }
337: } else {
338: $disallow = 1;
339: }
340: }
341: }
342: if ($disallow) {
343: if ($currdeeplinklogin eq $linkuri) {
344: &Apache::lonnet::delenv('request.deeplink.login');
345: }
346: } else {
347: unless ($currdeeplinklogin eq $linkuri) {
348: if (($linkprotector) || ($linkkey ne '')) {
349: if ($linkprotector) {
350: &Apache::lonnet::appenv({'request.linkprot' => $linkprotector.':'.$linkproturi});
351: } elsif ($env{'request.linkprot'}) {
352: &Apache::lonnet::delenv({'request.linkprot'});
353: }
354: if ($linkkey ne '') {
355: &Apache::lonnet::appenv({'request.linkkey' => $linkkey});
356: } elsif ($env{'request.linkkey'} ne '') {
357: &Apache::lonnet::delenv({'request.linkkey'});
358: }
359: $newlauncher = 1;
360: }
361: }
362: &Apache::lonnet::appenv({'request.deeplink.login' => $linkuri});
363: }
364: } else {
365: if ($linkprotector) {
366: &Apache::lonnet::appenv({'request.linkprot' => $linkprotector.':'.$linkproturi});
367: } elsif ($env{'request.linkprot'}) {
368: &Apache::lonnet::delenv({'request.linkprot'});
369: }
370: if ($linkkey ne '') {
371: &Apache::lonnet::appenv({'request.linkkey' => $linkkey});
372: } else {
373: &Apache::lonnet::delenv({'request.linkkey'});
374: }
375: &Apache::lonnet::appenv({'request.deeplink.login' => $linkuri});
376: }
377: return $newlauncher;
378: }
379:
380: sub do_redirect {
381: my ($r,$destination) = @_;
382: my $windowname = 'loncapaclient';
383: if ($env{'request.lti.login'}) {
384: $windowname .= 'lti';
385: }
386: my $header = '<meta HTTP-EQUIV="Refresh" CONTENT="0; url='.$destination.'" />';
387: my $args = {'bread_crumbs' => [{'href' => '','text' => 'Role initialization'},],};
388: &Apache::loncommon::content_type($r,'text/html');
389: $r->send_http_header;
390: $r->print(&Apache::loncommon::start_page('Valid link',$header,$args).
391: &Apache::lonhtmlcommon::scripttag('self.name="'.$windowname.'";').
392: '<h1>'.&mt('Welcome').'</h1>'.
393: '<p>'.&mt('Welcome to the Learning[_1]Online[_2] Network with CAPA. Please wait while your session is being set up.','<i>','</i>').'</p><p>'.
394: '<a href="'.$destination.'">'.&mt('Continue').'</a></p>'.
395: &Apache::loncommon::end_page());
396: return;
397: }
398:
399: sub show_roles {
400: my ($r,$crsenv,$possroles,$hassection,$hascustom) = @_;
401: &Apache::loncommon::content_type($r,'text/html');
402: $r->send_http_header;
403: my ($crsdesc,$crstype,$cdom,$cnum,$header,$title,$preamble,$datatable,$js,$args);
404: if (ref($crsenv) eq 'HASH') {
405: $crsdesc = $crsenv->{'description'};
406: $crstype = $crsenv->{'type'};
407: $cdom = $crsenv->{'domain'};
408: $cnum = $crsenv->{'num'};
409: }
410: if ($crstype eq '') {
411: $crstype = 'Course';
412: }
413: my $lc_crstype = lc($crstype);
414: if ($crsdesc ne '') {
415: $header = &mt("The page you requested belongs to the following $lc_crstype: [_1]",
416: '<i>'.$crsdesc.'</i>');
417: }
418: if (ref($possroles) eq 'HASH') {
419: if (keys(%{$possroles}) > 0) {
420: $args = {'bread_crumbs' => [{'href' => '','text' => "Choose role in $lc_crstype"},],};
421: $title = 'Choose a role'; #Do not localize.
422: if ($crstype eq 'Community') {
423: $preamble = &mt('You have the following active roles in this community:');
424: } else {
425: $preamble = &mt('You have the following active roles in this course:');
426: }
427: $datatable = '<form name="" action="/adm/roles">'.
428: '<input type="hidden" name="newrole" value="" />'."\n".
429: '<input type="hidden" name="selectrole" value="1" />'."\n".
430: '<input type="hidden" name="destinationurl" value="'.$r->uri.'" />'."\n";
431: if ($env{'form.ttoken'}) {
432: $datatable .= '<input type="hidden" name="ttoken" value="'.$env{'form.ttoken'}.'" />'."\n";
433: }
434: $datatable .= &Apache::loncommon::start_data_table().
435: &Apache::loncommon::start_data_table_header_row().
436: '<th></th><th>'.&mt('User role').'</th>';
437: if ($hassection) {
438: $datatable .= '<th>'.&mt('Section').'</th>';
439: }
440: if ($hascustom) {
441: $datatable .= '<th>'.&mt('Information').'</th>';
442: }
443: $datatable .= &Apache::loncommon::end_data_table_header_row();
444: my @available = sort(keys(%{$possroles}));
445: foreach my $role ('ad','in','ta','ep','st','cr') {
446: foreach my $key (@available) {
447: if ($key =~ m{^$role($|/)}) {
448: my $trolecode = "$key./$cdom/$cnum";
449: my $rolename = &Apache::lonnet::plaintext($key,$crstype,$cdom.'_'.$cnum);
450: my $sec = $possroles->{$key};
451: if ($sec ne '') {
452: $trolecode .= '/'.$sec;
453: }
454: my $buttonname=$trolecode;
455: $buttonname=~s/\W//g;
456: $datatable .= &Apache::loncommon::start_data_table_row().
457: '<td><input name="'.$buttonname.'" type="button" value="'.
458: &mt('Select').'" onclick="javascript:enterrole(this.form,'.
459: "'$trolecode','$buttonname'".');" /></td>';
460: if ($key =~ /^cr\//) {
461: my ($rdummy,$rdomain,$rauthor,$rrole)=split(/\//,$key);
462: $datatable .= '<td><span class="LC_nobreak">'.$rolename.'</span></td>';
463: if ($hassection) {
464: $datatable .= '<td>'.$sec.'</td>';
465: }
466: $datatable.= '<td><span class="LC_fontsize_small LC_cusr_emph">'.
467: &mt('Custom role defined by [_1]',$rauthor.':'.$rdomain).
468: '</td>';
469: } else {
470: if ($hassection) {
471: $datatable .= '<td>'.$rolename.'</td>';
472: if ($hascustom) {
473: $datatable .= '<td colspan="2">'.$sec.'</td>';
474: } else {
475: $datatable .= '<td>'.$sec.'</td>';
476: }
477: } elsif ($hascustom) {
478: $datatable .= '<td colspan="2">'.$rolename.'</td>';
479: } else {
480: $datatable .= '<td>'.$rolename.'</td>';
481: }
482: }
483: $datatable .= &Apache::loncommon::end_data_table_row();
484: }
485: }
486: }
487: $datatable .= &Apache::loncommon::end_data_table().
488: '</form>';
489: my $standby = &mt('Role selected. Please stand by.');
490: $js = <<"ENDJS";
491: <script type="text/javascript">
492: // <![CDATA[
493:
494: active=true;
495:
496: function enterrole (thisform,rolecode,buttonname) {
497: if (active) {
498: active=false;
499: document.title='$standby';
500: window.status='$standby';
501: thisform.newrole.value=rolecode;
502: thisform.submit();
503: } else {
504: alert('$standby');
505: }
506: }
507:
508: // ]]>
509: </script>
510: ENDJS
511: } else {
512: $title = 'No active role';
513: $preamble = &mt("You have no active roles in this $lc_crstype so the page is currently unavailable to you.");
514: $args = {'bread_crumbs' => [{'href' => '','text' => 'Role status'},],};
515: }
516: }
517: &Apache::loncommon::content_type($r,'text/html');
518: $r->send_http_header;
519: $r->print(&Apache::loncommon::start_page($title,$js,$args).
520: '<h3>'.$header.'</h3>'.
521: '<div>'.$preamble.'</div>'.
522: $datatable.
523: &Apache::loncommon::end_page());
524: return;
525: }
526:
527: sub generic_error {
528: my ($r) = @_;
529: my $continuelink;
530: unless ($env{'request.lti.login'}) {
531: my $linktext;
532: if ($env{'user.adv'}) {
533: $linktext = &mt('Continue to your roles page');
534: } else {
535: $linktext = &mt('Continue to your courses page');
536: }
537: $continuelink='<a href="/adm/roles">'.$linktext.'</a>';
538: }
539: my $msg = &mt('The page you requested does not exist.');
540: &Apache::loncommon::content_type($r,'text/html');
541: $r->send_http_header;
542: my $args = {'bread_crumbs' => [{'href' => '','text' => 'Link status'},],};
543: $r->print(&Apache::loncommon::start_page('Invalid URL',undef,$args).
544: '<div class="LC_error">'.$msg.'</div>'.
545: '<p>'.$continuelink.'</p>'.
546: &Apache::loncommon::end_page());
547: return;
548: }
549:
550: 1;
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>