version 1.1442, 2021/02/08 14:50:53
|
version 1.1454, 2021/05/10 20:09:25
|
Line 740 sub check_for_valid_session {
|
Line 740 sub check_for_valid_session {
|
if (ref($userhashref) eq 'HASH') { |
if (ref($userhashref) eq 'HASH') { |
$userhashref->{'name'} = $disk_env{'user.name'}; |
$userhashref->{'name'} = $disk_env{'user.name'}; |
$userhashref->{'domain'} = $disk_env{'user.domain'}; |
$userhashref->{'domain'} = $disk_env{'user.domain'}; |
|
if ($disk_env{'request.role'}) { |
|
$userhashref->{'role'} = $disk_env{'request.role'}; |
|
} |
$userhashref->{'lti'} = $disk_env{'request.lti.login'}; |
$userhashref->{'lti'} = $disk_env{'request.lti.login'}; |
if ($userhashref->{'lti'}) { |
if ($userhashref->{'lti'}) { |
$userhashref->{'ltitarget'} = $disk_env{'request.lti.target'}; |
$userhashref->{'ltitarget'} = $disk_env{'request.lti.target'}; |
Line 973 sub userload {
|
Line 976 sub userload {
|
# ------------------------------ Find server with least workload from spare.tab |
# ------------------------------ Find server with least workload from spare.tab |
|
|
sub spareserver { |
sub spareserver { |
my ($loadpercent,$userloadpercent,$want_server_name,$udom) = @_; |
my ($r,$loadpercent,$userloadpercent,$want_server_name,$udom) = @_; |
my $spare_server; |
my $spare_server; |
if ($userloadpercent !~ /\d/) { $userloadpercent=0; } |
if ($userloadpercent !~ /\d/) { $userloadpercent=0; } |
my $lowest_load=($loadpercent > $userloadpercent) ? $loadpercent |
my $lowest_load=($loadpercent > $userloadpercent) ? $loadpercent |
Line 1018 sub spareserver {
|
Line 1021 sub spareserver {
|
if ($protocol{$spare_server} eq 'https') { |
if ($protocol{$spare_server} eq 'https') { |
$protocol = $protocol{$spare_server}; |
$protocol = $protocol{$spare_server}; |
} |
} |
|
my $alias = &Apache::lonnet::use_proxy_alias($r,$spare_server); |
|
$hostname = $alias if ($alias ne ''); |
$spare_server = $protocol.'://'.$hostname; |
$spare_server = $protocol.'://'.$hostname; |
} |
} |
} |
} |
Line 2778 sub get_domain_defaults {
|
Line 2783 sub get_domain_defaults {
|
} |
} |
} |
} |
if (ref($domconfig{'wafproxy'}) eq 'HASH') { |
if (ref($domconfig{'wafproxy'}) eq 'HASH') { |
foreach my $item ('ipheader','trusted','vpnint','vpnext') { |
foreach my $item ('ipheader','trusted','vpnint','vpnext','sslopt') { |
if ($domconfig{'wafproxy'}{$item}) { |
if ($domconfig{'wafproxy'}{$item}) { |
$domdefaults{'waf_'.$item} = $domconfig{'wafproxy'}{$item}; |
$domdefaults{'waf_'.$item} = $domconfig{'wafproxy'}{$item}; |
} |
} |
Line 2848 sub retrieve_instcodes {
|
Line 2853 sub retrieve_instcodes {
|
} |
} |
|
|
sub course_portal_url { |
sub course_portal_url { |
my ($cnum,$cdom) = @_; |
my ($cnum,$cdom,$r) = @_; |
my $chome = &homeserver($cnum,$cdom); |
my $chome = &homeserver($cnum,$cdom); |
my $hostname = &hostname($chome); |
my $hostname = &hostname($chome); |
my $protocol = $protocol{$chome}; |
my $protocol = $protocol{$chome}; |
Line 2858 sub course_portal_url {
|
Line 2863 sub course_portal_url {
|
if ($domdefaults{'portal_def'}) { |
if ($domdefaults{'portal_def'}) { |
$firsturl = $domdefaults{'portal_def'}; |
$firsturl = $domdefaults{'portal_def'}; |
} else { |
} else { |
|
my $alias = &Apache::lonnet::use_proxy_alias($r,$chome); |
|
$hostname = $alias if ($alias ne ''); |
$firsturl = $protocol.'://'.$hostname; |
$firsturl = $protocol.'://'.$hostname; |
} |
} |
return $firsturl; |
return $firsturl; |
Line 3482 sub ssi_body {
|
Line 3489 sub ssi_body {
|
# --------------------------------------------------------- Server Side Include |
# --------------------------------------------------------- Server Side Include |
|
|
sub absolute_url { |
sub absolute_url { |
my ($host_name) = @_; |
my ($host_name,$unalias,$keep_proto) = @_; |
my $protocol = ($ENV{'SERVER_PORT'} == 443?'https://':'http://'); |
my $protocol = ($ENV{'SERVER_PORT'} == 443?'https://':'http://'); |
if ($host_name eq '') { |
if ($host_name eq '') { |
$host_name = $ENV{'SERVER_NAME'}; |
$host_name = $ENV{'SERVER_NAME'}; |
} |
} |
|
if ($unalias) { |
|
my $alias = &get_proxy_alias(); |
|
if ($alias eq $host_name) { |
|
my $lonhost = $perlvar{'lonHostID'}; |
|
my $hostname = &hostname($lonhost); |
|
my $lcproto; |
|
if (($keep_proto) || ($hostname eq '')) { |
|
$lcproto = $protocol; |
|
} else { |
|
$lcproto = $protocol{$lonhost}; |
|
$lcproto = 'http' if ($lcproto ne 'https'); |
|
$lcproto .= '://'; |
|
} |
|
unless ($hostname eq '') { |
|
return $lcproto.$hostname; |
|
} |
|
} |
|
} |
return $protocol.$host_name; |
return $protocol.$host_name; |
} |
} |
|
|
Line 3503 sub absolute_url {
|
Line 3528 sub absolute_url {
|
sub ssi { |
sub ssi { |
|
|
my ($fn,%form)=@_; |
my ($fn,%form)=@_; |
my $request; |
my ($host,$request,$response); |
|
$host = &absolute_url('',1); |
|
|
$form{'no_update_last_known'}=1; |
$form{'no_update_last_known'}=1; |
&Apache::lonenc::check_encrypt(\$fn); |
&Apache::lonenc::check_encrypt(\$fn); |
if (%form) { |
if (%form) { |
$request=new HTTP::Request('POST',&absolute_url().$fn); |
$request=new HTTP::Request('POST',$host.$fn); |
$request->content(join('&',map { |
$request->content(join('&',map { |
my $name = escape($_); |
my $name = escape($_); |
"$name=" . ( ref($form{$_}) eq 'ARRAY' |
"$name=" . ( ref($form{$_}) eq 'ARRAY' |
Line 3516 sub ssi {
|
Line 3542 sub ssi {
|
: &escape($form{$_}) ); |
: &escape($form{$_}) ); |
} keys(%form))); |
} keys(%form))); |
} else { |
} else { |
$request=new HTTP::Request('GET',&absolute_url().$fn); |
$request=new HTTP::Request('GET',$host.$fn); |
} |
} |
|
|
$request->header(Cookie => $ENV{'HTTP_COOKIE'}); |
$request->header(Cookie => $ENV{'HTTP_COOKIE'}); |
Line 3530 sub ssi {
|
Line 3556 sub ssi {
|
($env{'request.course.sec'}?'/'.$env{'request.course.sec'}:'')))) { |
($env{'request.course.sec'}?'/'.$env{'request.course.sec'}:'')))) { |
$islocal = 1; |
$islocal = 1; |
} |
} |
my $response= &LONCAPA::LWPReq::makerequest($lonhost,$request,'',\%perlvar, |
$response= &LONCAPA::LWPReq::makerequest($lonhost,$request,'',\%perlvar, |
'','','',$islocal); |
'','','',$islocal); |
|
|
if (wantarray) { |
if (wantarray) { |
return ($response->content, $response); |
return ($response->content, $response); |
Line 4074 sub clean_filename {
|
Line 4100 sub clean_filename {
|
# Replace all .\d. sequences with _\d. so they no longer look like version |
# Replace all .\d. sequences with _\d. so they no longer look like version |
# numbers |
# numbers |
$fname=~s/\.(\d+)(?=\.)/_$1/g; |
$fname=~s/\.(\d+)(?=\.)/_$1/g; |
|
# Replace three or more adjacent underscores with one for consistency |
|
# with loncfile::filename_check() so complete url can be extracted by |
|
# lonnet::decode_symb() |
|
$fname=~s/_{3,}/_/g; |
return $fname; |
return $fname; |
} |
} |
|
|
Line 8212 sub allowed {
|
Line 8242 sub allowed {
|
my $adom = $1; |
my $adom = $1; |
foreach my $key (keys(%env)) { |
foreach my $key (keys(%env)) { |
if ($key =~ m{^user\.role\.(ca|aa)/\Q$adom\E}) { |
if ($key =~ m{^user\.role\.(ca|aa)/\Q$adom\E}) { |
my ($start,$end) = split('.',$env{$key}); |
my ($start,$end) = split(/\./,$env{$key}); |
if (($now >= $start) && (!$end || $end < $now)) { |
if (($now >= $start) && (!$end || $end > $now)) { |
$ownaccess = 1; |
$ownaccess = 1; |
last; |
last; |
} |
} |
Line 8225 sub allowed {
|
Line 8255 sub allowed {
|
foreach my $role ('ca','aa') { |
foreach my $role ('ca','aa') { |
if ($env{"user.role.$role./$adom/$aname"}) { |
if ($env{"user.role.$role./$adom/$aname"}) { |
my ($start,$end) = |
my ($start,$end) = |
split('.',$env{"user.role.$role./$adom/$aname"}); |
split(/\./,$env{"user.role.$role./$adom/$aname"}); |
if (($now >= $start) && (!$end || $end < $now)) { |
if (($now >= $start) && (!$end || $end > $now)) { |
$ownaccess = 1; |
$ownaccess = 1; |
last; |
last; |
} |
} |
Line 8500 sub allowed {
|
Line 8530 sub allowed {
|
# |
# |
|
|
# Possibly locked functionality, check all courses |
# Possibly locked functionality, check all courses |
|
# In roles.tab, L (unless locked) available for bre, pch, plc, pac and sma. |
# Locks might take effect only after 10 minutes cache expiration for other |
# Locks might take effect only after 10 minutes cache expiration for other |
# courses, and 2 minutes for current course |
# courses, and 2 minutes for current course, in which user has st or ta role |
|
# which is neither expired nor a future role (unless current course). |
|
|
my $envkey; |
my ($needlockcheck,$now,$crsonly); |
if ($thisallowed=~/L/) { |
if ($thisallowed=~/L/) { |
foreach $envkey (keys(%env)) { |
$now = time; |
|
if ($priv eq 'bre') { |
|
if ($uri ne '') { |
|
if ($orguri =~ m{^/+res/}) { |
|
if ($uri =~ m{^lib/templates/}) { |
|
if ($env{'request.course.id'}) { |
|
$crsonly = 1; |
|
$needlockcheck = 1; |
|
} |
|
} else { |
|
$needlockcheck = 1; |
|
} |
|
} elsif ($env{'request.course.id'}) { |
|
my ($crsdom,$crsnum) = split('_',$env{'request.course.id'}); |
|
if (($uri =~ m{^(adm|uploaded|public)/$crsdom/$crsnum/}) || |
|
($uri =~ m{^adm/$match_domain/$match_username/\d+/(smppg|bulletinboard)$})) { |
|
$crsonly = 1; |
|
} |
|
$needlockcheck = 1; |
|
} |
|
} |
|
} elsif (($priv eq 'pch') || ($priv eq 'plc') || ($priv eq 'pac') || ($priv eq 'sma')) { |
|
$needlockcheck = 1; |
|
} |
|
} |
|
if ($needlockcheck) { |
|
foreach my $envkey (keys(%env)) { |
if ($envkey=~/^user\.role\.(st|ta)\.([^\.]*)/) { |
if ($envkey=~/^user\.role\.(st|ta)\.([^\.]*)/) { |
my $courseid=$2; |
my $courseid=$2; |
my $roleid=$1.'.'.$2; |
my $roleid=$1.'.'.$2; |
$courseid=~s/^\///; |
$courseid=~s/^\///; |
|
unless ($env{'request.role'} eq $roleid) { |
|
my ($start,$end) = split(/\./,$env{$envkey}); |
|
next unless (($now >= $start) && (!$end || $end > $now)); |
|
} |
|
|
my $expiretime=600; |
my $expiretime=600; |
if ($env{'request.role'} eq $roleid) { |
if ($env{'request.role'} eq $roleid) { |
$expiretime=120; |
$expiretime=120; |
Line 9423 sub auto_validate_instcode {
|
Line 9486 sub auto_validate_instcode {
|
return ($outcome,$description,$defaultcredits); |
return ($outcome,$description,$defaultcredits); |
} |
} |
|
|
|
sub auto_validate_inst_crosslist { |
|
my ($cnum,$cdom,$instcode,$inst_xlist,$coowner) = @_; |
|
my ($homeserver,$response); |
|
if (($cdom =~ /^$match_domain$/) && ($cnum =~ /^$match_courseid$/)) { |
|
$homeserver = &homeserver($cnum,$cdom); |
|
} |
|
if (!defined($homeserver)) { |
|
if ($cdom =~ /^$match_domain$/) { |
|
$homeserver = &domain($cdom,'primary'); |
|
} |
|
} |
|
unless (($homeserver eq '') || ($homeserver eq 'no_host')) { |
|
$response=&reply('autovalidateinstcrosslist:'.$cdom.':'. |
|
&escape($instcode).':'.&escape($inst_xlist).':'. |
|
&escape($coowner),$homeserver); |
|
} |
|
return $response; |
|
} |
|
|
sub auto_create_password { |
sub auto_create_password { |
my ($cnum,$cdom,$authparam,$udom) = @_; |
my ($cnum,$cdom,$authparam,$udom) = @_; |
my ($homeserver,$response); |
my ($homeserver,$response); |
Line 10244 sub autoupdate_coowners {
|
Line 10326 sub autoupdate_coowners {
|
if ($domdesign{$cdom.'.autoassign.co-owners'}) { |
if ($domdesign{$cdom.'.autoassign.co-owners'}) { |
my %coursehash = &coursedescription($cdom.'_'.$cnum); |
my %coursehash = &coursedescription($cdom.'_'.$cnum); |
my $instcode = $coursehash{'internal.coursecode'}; |
my $instcode = $coursehash{'internal.coursecode'}; |
|
my $xlists = $coursehash{'internal.crosslistings'}; |
if ($instcode ne '') { |
if ($instcode ne '') { |
if (($start && $start <= $now) && ($end == 0) || ($end > $now)) { |
if (($start && $start <= $now) && ($end == 0) || ($end > $now)) { |
unless ($coursehash{'internal.courseowner'} eq $uname.':'.$udom) { |
unless ($coursehash{'internal.courseowner'} eq $uname.':'.$udom) { |
my ($delcoowners,@newcoowners,$putresult,$delresult,$coowners); |
my ($delcoowners,@newcoowners,$putresult,$delresult,$coowners); |
my ($result,$desc) = &auto_validate_instcode($cnum,$cdom,$instcode,$uname.':'.$udom); |
my ($result,$desc) = &auto_validate_instcode($cnum,$cdom,$instcode,$uname.':'.$udom); |
|
unless ($result eq 'valid') { |
|
if ($xlists ne '') { |
|
foreach my $xlist (split(',',$xlists)) { |
|
my ($inst_crosslist,$lcsec) = split(':',$xlist); |
|
$result = |
|
&auto_validate_inst_crosslist($cnum,$cdom,$instcode, |
|
$inst_crosslist,$uname.':'.$udom); |
|
last if ($result eq 'valid'); |
|
} |
|
} |
|
} |
if ($result eq 'valid') { |
if ($result eq 'valid') { |
if ($coursehash{'internal.co-owners'}) { |
if ($coursehash{'internal.co-owners'}) { |
foreach my $coowner (split(',',$coursehash{'internal.co-owners'})) { |
foreach my $coowner (split(',',$coursehash{'internal.co-owners'})) { |
Line 10261 sub autoupdate_coowners {
|
Line 10355 sub autoupdate_coowners {
|
} else { |
} else { |
push(@newcoowners,$uname.':'.$udom); |
push(@newcoowners,$uname.':'.$udom); |
} |
} |
} else { |
} elsif ($coursehash{'internal.co-owners'}) { |
if ($coursehash{'internal.co-owners'}) { |
foreach my $coowner (split(',',$coursehash{'internal.co-owners'})) { |
foreach my $coowner (split(',',$coursehash{'internal.co-owners'})) { |
unless ($coowner eq $uname.':'.$udom) { |
unless ($coowner eq $uname.':'.$udom) { |
push(@newcoowners,$coowner); |
push(@newcoowners,$coowner); |
|
} |
|
} |
|
unless (@newcoowners > 0) { |
|
$delcoowners = 1; |
|
$coowners = ''; |
|
} |
} |
} |
} |
|
unless (@newcoowners > 0) { |
|
$delcoowners = 1; |
|
$coowners = ''; |
|
} |
} |
} |
if (@newcoowners || $delcoowners) { |
if (@newcoowners || $delcoowners) { |
&store_coowners($cdom,$cnum,$coursehash{'home'}, |
&store_coowners($cdom,$cnum,$coursehash{'home'}, |
Line 14299 sub uses_sts {
|
Line 14391 sub uses_sts {
|
return; |
return; |
} |
} |
|
|
|
sub waf_allssl { |
|
my ($host_name) = @_; |
|
my $alias = &get_proxy_alias(); |
|
if ($host_name eq '') { |
|
$host_name = $ENV{'SERVER_NAME'}; |
|
} |
|
if (($host_name ne '') && ($alias eq $host_name)) { |
|
my $serverhomedom = &host_domain($perlvar{'lonHostID'}); |
|
my %defdomdefaults = &get_domain_defaults($serverhomedom); |
|
if ($defdomdefaults{'waf_sslopt'}) { |
|
return $defdomdefaults{'waf_sslopt'}; |
|
} |
|
} |
|
return; |
|
} |
|
|
sub get_requestor_ip { |
sub get_requestor_ip { |
my ($r,$nolookup,$noproxy) = @_; |
my ($r,$nolookup,$noproxy) = @_; |
my $from_ip; |
my $from_ip; |
if (ref($r)) { |
if (ref($r)) { |
$from_ip = $r->get_remote_host($nolookup); |
if ($r->can('useragent_ip')) { |
|
if ($noproxy && $r->can('client_ip')) { |
|
$from_ip = $r->client_ip(); |
|
} else { |
|
$from_ip = $r->useragent_ip(); |
|
} |
|
} elsif ($r->connection->can('remote_ip')) { |
|
$from_ip = $r->connection->remote_ip(); |
|
} else { |
|
$from_ip = $r->get_remote_host($nolookup); |
|
} |
} else { |
} else { |
$from_ip = $ENV{'REMOTE_ADDR'}; |
$from_ip = $ENV{'REMOTE_ADDR'}; |
} |
} |
Line 14357 sub get_proxy_settings {
|
Line 14475 sub get_proxy_settings {
|
trusted => $domdefaults{'waf_trusted'}, |
trusted => $domdefaults{'waf_trusted'}, |
vpnint => $domdefaults{'waf_vpnint'}, |
vpnint => $domdefaults{'waf_vpnint'}, |
vpnext => $domdefaults{'waf_vpnext'}, |
vpnext => $domdefaults{'waf_vpnext'}, |
|
sslopt => $domdefaults{'waf_sslopt'}, |
}; |
}; |
return $proxyinfo; |
return $proxyinfo; |
} |
} |
Line 14371 sub ip_match {
|
Line 14490 sub ip_match {
|
} |
} |
|
|
sub get_proxy_alias { |
sub get_proxy_alias { |
my $lonhost = $perlvar{'lonHostID'}; |
my ($lonid) = @_; |
if ($lonhost ne '') { |
if ($lonid eq '') { |
my ($alias,$cached) = &is_cached_new('proxyalias',$lonhost); |
$lonid = $perlvar{'lonHostID'}; |
|
} |
|
if (!defined(&hostname($lonid))) { |
|
return; |
|
} |
|
if ($lonid ne '') { |
|
my ($alias,$cached) = &is_cached_new('proxyalias',$lonid); |
if ($cached) { |
if ($cached) { |
return $alias; |
return $alias; |
} |
} |
my $dom = &Apache::lonnet::host_domain($lonhost); |
my $dom = &Apache::lonnet::host_domain($lonid); |
if ($dom ne '') { |
if ($dom ne '') { |
my $cachetime = 60*60*24; |
my $cachetime = 60*60*24; |
my %domconfig = |
my %domconfig = |
Line 14385 sub get_proxy_alias {
|
Line 14510 sub get_proxy_alias {
|
my $alias; |
my $alias; |
if (ref($domconfig{'wafproxy'}) eq 'HASH') { |
if (ref($domconfig{'wafproxy'}) eq 'HASH') { |
if (ref($domconfig{'wafproxy'}{'alias'}) eq 'HASH') { |
if (ref($domconfig{'wafproxy'}{'alias'}) eq 'HASH') { |
$alias = $domconfig{'wafproxy'}{'alias'}{$lonhost}; |
$alias = $domconfig{'wafproxy'}{'alias'}{$lonid}; |
|
} |
|
} |
|
return &do_cache_new('proxyalias',$lonid,$alias,$cachetime); |
|
} |
|
} |
|
return; |
|
} |
|
|
|
sub use_proxy_alias { |
|
my ($r,$lonid) = @_; |
|
my $alias = &get_proxy_alias($lonid); |
|
if ($alias) { |
|
my $dom = &host_domain($lonid); |
|
if ($dom ne '') { |
|
my $proxyinfo = &get_proxy_settings($dom ); |
|
my ($vpnint,$remote_ip); |
|
if (ref($proxyinfo) eq 'HASH') { |
|
$vpnint = $proxyinfo->{'vpnint'}; |
|
if ($vpnint) { |
|
$remote_ip = &get_requestor_ip($r,1,1); |
} |
} |
} |
} |
return &do_cache_new('proxyalias',$lonhost,$alias,$cachetime); |
unless ($vpnint && &ip_match($remote_ip,$vpnint)) { |
|
return $alias; |
|
} |
} |
} |
} |
} |
return; |
return; |