loncom/lonnet/perl/lonnet.pm - diff

Return to lonnet.pm CVS log

Up to [LON-CAPA] / loncom / lonnet / perl

Diff for /loncom/lonnet/perl/lonnet.pm between versions 1.1172.2.152 and 1.1373

version 1.1172.2.152, 2024/12/29 14:47:27	version 1.1373, 2018/04/02 17:27:52
Line 71 delayed.	Line 71 delayed.
package Apache::lonnet;	package Apache::lonnet;

use strict;	use strict;
use LWP::UserAgent();
use HTTP::Date;	use HTTP::Date;
use Image::Magick;	use Image::Magick;
use CGI::Cookie;

use vars qw(%perlvar %spareid %pr %prp $memcache %packagetab $tmpdir $deftex
	use Encode;

	use vars qw(%perlvar %spareid %pr %prp $memcache %packagetab $tmpdir
$_64bit %env %protocol %loncaparevs %serverhomeIDs %needsrelease	$_64bit %env %protocol %loncaparevs %serverhomeIDs %needsrelease
%managerstab $passwdmin);	%managerstab);

my (%badServerCache, $memcache, %courselogs, %accesshash, %domainrolehash,	my (%badServerCache, $memcache, %courselogs, %accesshash, %domainrolehash,
%userrolehash, $processmarker, $dumpcount, %coursedombuf,	%userrolehash, $processmarker, $dumpcount, %coursedombuf,
Line 95 use Cache::Memcached;	Line 96 use Cache::Memcached;
use Digest::MD5;	use Digest::MD5;
use Math::Random;	use Math::Random;
use File::MMagic;	use File::MMagic;
use Net::CIDR;
use Sys::Hostname::FQDN();
use LONCAPA qw(:DEFAULT :match);	use LONCAPA qw(:DEFAULT :match);
use LONCAPA::Configuration;	use LONCAPA::Configuration;
use LONCAPA::lonmetadata;	use LONCAPA::lonmetadata;
use LONCAPA::Lond;	use LONCAPA::Lond;
use LONCAPA::transliterate;	use LONCAPA::LWPReq;

use File::Copy;	use File::Copy;

Line 113 require Exporter;	Line 112 require Exporter;
our @ISA = qw (Exporter);	our @ISA = qw (Exporter);
our @EXPORT = qw(%env);	our @EXPORT = qw(%env);


# ------------------------------------ Logging (parameters, docs, slots, roles)	# ------------------------------------ Logging (parameters, docs, slots, roles)
{	{
my $logid;	my $logid;
Line 127 our @EXPORT = qw(%env);	Line 127 our @EXPORT = qw(%env);
$logid ++;	$logid ++;
my $now = time();	my $now = time();
my $id=$now.'00000'.$$.'00000'.$logid;	my $id=$now.'00000'.$$.'00000'.$logid;
my $ip = &get_requestor_ip();	my $logentry = {
my $logentry = {	$id => {
$id => {	'exe_uname' => $env{'user.name'},
'exe_uname' => $env{'user.name'},	'exe_udom' => $env{'user.domain'},
'exe_udom' => $env{'user.domain'},	'exe_time' => $now,
'exe_time' => $now,	'exe_ip' => $ENV{'REMOTE_ADDR'},
'exe_ip' => $ip,	'delflag' => $delflag,
'delflag' => $delflag,	'logentry' => $storehash,
'logentry' => $storehash,	'uname' => $uname,
'uname' => $uname,	'udom' => $udom,
'udom' => $udom,	}
}
};	};
return &put('nohist_'.$hash_name,$logentry,$cdom,$cnum);	return &put('nohist_'.$hash_name,$logentry,$cdom,$cnum);
}	}
}	}

Line 221 sub get_server_distarch {	Line 220 sub get_server_distarch {
}	}
}	}
my $rep = &reply('serverdistarch',$lonhost);	my $rep = &reply('serverdistarch',$lonhost);
unless ($rep eq 'unknown_cmd' \|\| $rep eq 'no_such_host' \|\|	unless ($rep eq 'unknown_command' \|\| $rep eq 'no_such_host' \|\|
$rep eq 'con_lost' \|\| $rep eq 'rejected' \|\| $rep eq 'refused' \|\|	$rep eq 'con_lost' \|\| $rep eq 'rejected' \|\| $rep eq 'refused' \|\|
$rep eq '') {	$rep eq '') {
return &do_cache_new('serverdistarch',$lonhost,$rep,$cachetime);	return &do_cache_new('serverdistarch',$lonhost,$rep,$cachetime);
Line 230 sub get_server_distarch {	Line 229 sub get_server_distarch {
return;	return;
}	}

	sub get_servercerts_info {
	my ($lonhost,$context) = @_;
	my ($rep,$uselocal);
	if (grep { $_ eq $lonhost } &current_machine_ids()) {
	$uselocal = 1;
	}
	if (($context ne 'cgi') && ($uselocal)) {
	my $distro = (split(/\:/,&get_server_distarch($lonhost)))[0];
	if ($distro eq '') {
	$uselocal = 0;
	} elsif ($distro =~ /^(?:centos\|redhat\|scientific)(\d+)$/) {
	if ($1 < 6) {
	$uselocal = 0;
	}
	} elsif ($distro =~ /^(?:sles)(\d+)$/) {
	if ($1 < 12) {
	$uselocal = 0;
	}
	}
	}
	if ($uselocal) {
	$rep = LONCAPA::Lond::server_certs(\%perlvar);
	} else {
	$rep=&reply('servercerts',$lonhost);
	}
	my ($result,%returnhash);
	if (defined($lonhost)) {
	if (!defined(&hostname($lonhost))) {
	return;
	}
	}
	if (($rep=~/^(refused\|rejected\|error)/) \|\| ($rep eq 'con_lost') \|\|
	($rep eq 'unknown_cmd')) {
	$result = $rep;
	} else {
	$result = 'ok';
	my @pairs=split(/\&/,$rep);
	foreach my $item (@pairs) {
	my ($key,$value)=split(/=/,$item,2);
	my $what = &unescape($key);
	$returnhash{$what}=&thaw_unescape($value);
	}
	}
	return ($result,\%returnhash);
	}

sub get_server_loncaparev {	sub get_server_loncaparev {
my ($dom,$lonhost,$ignore_cache,$caller) = @_;	my ($dom,$lonhost,$ignore_cache,$caller) = @_;
if (defined($lonhost)) {	if (defined($lonhost)) {
Line 264 sub get_server_loncaparev {	Line 309 sub get_server_loncaparev {
$answer = &reply('serverloncaparev',$lonhost);	$answer = &reply('serverloncaparev',$lonhost);
if (($answer eq 'unknown_cmd') \|\| ($answer eq 'con_lost')) {	if (($answer eq 'unknown_cmd') \|\| ($answer eq 'con_lost')) {
if ($caller eq 'loncron') {	if ($caller eq 'loncron') {
my $ua=new LWP::UserAgent;
$ua->timeout(4);
my $hostname = &hostname($lonhost);
my $protocol = $protocol{$lonhost};	my $protocol = $protocol{$lonhost};
$protocol = 'http' if ($protocol ne 'https');	$protocol = 'http' if ($protocol ne 'https');
my $url = $protocol.'://'.$hostname.'/adm/about.html';	my $url = $protocol.'://'.&hostname($lonhost).'/adm/about.html';
my $request=new HTTP::Request('GET',$url);	my $request=new HTTP::Request('GET',$url);
my $response=$ua->request($request);	my $response=&LONCAPA::LWPReq::makerequest($lonhost,$request,'',\%perlvar,4,1);
unless ($response->is_error()) {	unless ($response->is_error()) {
my $content = $response->content;	my $content = $response->content;
if ($content =~ /<p>VERSION\:\s*([\w.\-]+)<\/p>/) {	if ($content =~ /<p>VERSION\:\s*([\w.\-]+)<\/p>/) {
Line 362 sub remote_devalidate_cache {	Line 404 sub remote_devalidate_cache {
my $items;	my $items;
return unless (ref($cachekeys) eq 'ARRAY');	return unless (ref($cachekeys) eq 'ARRAY');
my $cachestr = join('&',@{$cachekeys});	my $cachestr = join('&',@{$cachekeys});
return &reply('devalidatecache:'.&escape($cachestr),$lonhost);	my $response = &reply('devalidatecache:'.&escape($cachestr),$lonhost);
	return $response;
}	}

# -------------------------------------------------- Non-critical communication	# -------------------------------------------------- Non-critical communication
Line 394 sub subreply {	Line 437 sub subreply {
} else {	} else {
&create_connection(&hostname($server),$server);	&create_connection(&hostname($server),$server);
}	}
sleep(0.1); # Try again later if failed connection.	sleep(0.1); # Try again later if failed connection.
}	}
my $answer;	my $answer;
if ($client) {	if ($client) {
Line 413 sub reply {	Line 456 sub reply {
unless (defined(&hostname($server))) { return 'no_such_host'; }	unless (defined(&hostname($server))) { return 'no_such_host'; }
my $answer=subreply($cmd,$server);	my $answer=subreply($cmd,$server);
if (($answer=~/^refused/) \|\| ($answer=~/^rejected/)) {	if (($answer=~/^refused/) \|\| ($answer=~/^rejected/)) {
my $logged = $cmd;	&logthis("<font color=\"blue\">WARNING:".
if ($cmd =~ /^encrypt:([^:]+):/) {	" $cmd to $server returned $answer</font>");
my $subcmd = $1;
if (($subcmd eq 'auth') \|\| ($subcmd eq 'passwd') \|\|
($subcmd eq 'changeuserauth') \|\| ($subcmd eq 'makeuser') \|\|
($subcmd eq 'putdom') \|\| ($subcmd eq 'autoexportgrades')) {
(undef,undef,my @rest) = split(/:/,$cmd);
if (($subcmd eq 'auth') \|\| ($subcmd eq 'putdom')) {
splice(@rest,2,1,'Hidden');
} elsif ($subcmd eq 'passwd') {
splice(@rest,2,2,('Hidden','Hidden'));
} elsif (($subcmd eq 'changeuserauth') \|\| ($subcmd eq 'makeuser') \|\|
($subcmd eq 'autoexportgrades')) {
splice(@rest,3,1,'Hidden');
}
$logged = join(':',('encrypt:'.$subcmd,@rest));
}
}
&logthis("<font color=\"blue\">WARNING:".
" $logged to $server returned $answer</font>");
}	}
return $answer;	return $answer;
}	}
Line 467 sub reconlonc {	Line 492 sub reconlonc {
&logthis("lonc at pid $loncpid responding, sending USR1");	&logthis("lonc at pid $loncpid responding, sending USR1");
kill USR1 => $loncpid;	kill USR1 => $loncpid;
sleep 1;	sleep 1;
} else {	} else {
&logthis(	&logthis(
"<font color=\"blue\">WARNING:".	"<font color=\"blue\">WARNING:".
" lonc at pid $loncpid not responding, giving up</font>");	" lonc at pid $loncpid not responding, giving up</font>");
Line 627 sub transfer_profile_to_env {	Line 652 sub transfer_profile_to_env {
sub check_for_valid_session {	sub check_for_valid_session {
my ($r,$name,$userhashref,$domref) = @_;	my ($r,$name,$userhashref,$domref) = @_;
my %cookies=CGI::Cookie->parse($r->header_in('Cookie'));	my %cookies=CGI::Cookie->parse($r->header_in('Cookie'));
my ($lonidsdir,$linkname,$pubname,$secure,$lonid);	my ($linkname,$pubname);
if ($name eq 'lonDAV') {	if ($name eq '') {
$lonidsdir=$r->dir_config('lonDAVsessDir');	$name = 'lonID';
} else {
$lonidsdir=$r->dir_config('lonIDsDir');
if ($name eq '') {
$name = 'lonID';
}
}
if ($name eq 'lonID') {
$secure = 'lonSID';
$linkname = 'lonLinkID';	$linkname = 'lonLinkID';
$pubname = 'lonPubID';	$pubname = 'lonPubID';
if (exists($cookies{$secure})) {	}
$lonid=$cookies{$secure};	my $lonid=$cookies{$name};
} elsif (exists($cookies{$name})) {	if (!$lonid) {
$lonid=$cookies{$name};	if (($name eq 'lonID') && ($ENV{'SERVER_PORT'} != 443) && ($linkname)) {
} elsif ((exists($cookies{$linkname})) && ($ENV{'SERVER_PORT'} != 443)) {
$lonid=$cookies{$linkname};	$lonid=$cookies{$linkname};
} elsif (exists($cookies{$pubname})) {
$lonid=$cookies{$pubname};
}	}
} else {	if (!$lonid) {
$lonid=$cookies{$name};	if (($name eq 'lonID') && ($pubname)) {
	$lonid=$cookies{$pubname};
	}
	}
}	}
return undef if (!$lonid);	return undef if (!$lonid);

my $handle=&LONCAPA::clean_handle($lonid->value);	my $handle=&LONCAPA::clean_handle($lonid->value);
if (-l "$lonidsdir/$handle.id") {	my $lonidsdir;
my $link = readlink("$lonidsdir/$handle.id");	if ($name eq 'lonDAV') {
if ((-e $link) && ($link =~ m{^\Q$lonidsdir\E/(.+)\.id$})) {	$lonidsdir=$r->dir_config('lonDAVsessDir');
$handle = $1;	} else {
}	$lonidsdir=$r->dir_config('lonIDsDir');
}	}
if (!-e "$lonidsdir/$handle.id") {	if (!-e "$lonidsdir/$handle.id") {
if ((ref($domref)) && ($name eq 'lonID') &&	if ((ref($domref)) && ($name eq 'lonID') &&
($handle =~ /^($match_username)\_\d+\_($match_domain)\_(.+)$/)) {	($handle =~ /^($match_username)\_\d+\_($match_domain)\_(.+)$/)) {
my ($possuname,$possudom,$possuhome) = ($1,$2,$3);	my ($possuname,$possudom,$possuhome) = ($1,$2,$3);
if ((&domain($possudom) ne '') && (&homeserver($possuname,$possudom) eq $possuhome)) {	if ((&domain($possudom) ne '') && (&homeserver($possuname,$possudom) eq $possuhome)) {
Line 684 sub check_for_valid_session {	Line 701 sub check_for_valid_session {

if (!defined($disk_env{'user.name'})	if (!defined($disk_env{'user.name'})
\|\| !defined($disk_env{'user.domain'})) {	\|\| !defined($disk_env{'user.domain'})) {
untie(%disk_env);
return undef;	return undef;
}	}

if (ref($userhashref) eq 'HASH') {	if (ref($userhashref) eq 'HASH') {
$userhashref->{'name'} = $disk_env{'user.name'};	$userhashref->{'name'} = $disk_env{'user.name'};
$userhashref->{'domain'} = $disk_env{'user.domain'};	$userhashref->{'domain'} = $disk_env{'user.domain'};
if ($disk_env{'request.role'}) {	$userhashref->{'lti'} = $disk_env{'request.lti.login'};
$userhashref->{'role'} = $disk_env{'request.role'};
}
}	}
untie(%disk_env);

return $handle;	return $handle;
}	}
Line 720 sub timed_flock {	Line 733 sub timed_flock {
}	}
}	}

sub get_sessionfile_vars {
my ($handle,$lonidsdir,$storearr) = @_;
my %returnhash;
unless (ref($storearr) eq 'ARRAY') {
return %returnhash;
}
if (-l "$lonidsdir/$handle.id") {
my $link = readlink("$lonidsdir/$handle.id");
if ((-e $link) && ($link =~ m{^\Q$lonidsdir\E/(.+)\.id$})) {
$handle = $1;
}
}
if ((-e "$lonidsdir/$handle.id") &&
($handle =~ /^($match_username)\_\d+\_($match_domain)\_(.+)$/)) {
my ($possuname,$possudom,$possuhome) = ($1,$2,$3);
if ((&domain($possudom) ne '') && (&homeserver($possuname,$possudom) eq $possuhome)) {
if (open(my $idf,'+<',"$lonidsdir/$handle.id")) {
flock($idf,LOCK_SH);
if (tie(my %disk_env,'GDBM_File',"$lonidsdir/$handle.id",
&GDBM_READER(),0640)) {
foreach my $item (@{$storearr}) {
$returnhash{$item} = $disk_env{$item};
}
untie(%disk_env);
}
}
}
}
return %returnhash;
}

# ---------------------------------------------------------- Append Environment	# ---------------------------------------------------------- Append Environment

sub appenv {	sub appenv {
Line 776 sub appenv {	Line 758 sub appenv {
$env{$key}=$newenv->{$key};	$env{$key}=$newenv->{$key};
}	}
}	}
my $lonids = $perlvar{'lonIDsDir'};	my $opened = open(my $env_file,'+<',$env{'user.environment'});
if ($env{'user.environment'} =~ m{^\Q$lonids/\E$match_username\_\d+\_$match_domain\_[\w\-.]+\.id$}) {	if ($opened
my $opened = open(my $env_file,'+<',$env{'user.environment'});	&& &timed_flock($env_file,LOCK_EX)
if ($opened	&&
&& &timed_flock($env_file,LOCK_EX)	tie(my %disk_env,'GDBM_File',$env{'user.environment'},
&&	(&GDBM_WRITER()\|&GDBM_NOLOCK()),0640)) {
tie(my %disk_env,'GDBM_File',$env{'user.environment'},	while (my ($key,$value) = each(%{$newenv})) {
(&GDBM_WRITER()\|&GDBM_NOLOCK()),0640)) {	$disk_env{$key} = $value;
while (my ($key,$value) = each(%{$newenv})) {	}
$disk_env{$key} = $value;	untie(%disk_env);
}
untie(%disk_env);
}
}	}
}	}
return 'ok';	return 'ok';
Line 904 sub userload {	Line 883 sub userload {
while ($filename=readdir(LONIDS)) {	while ($filename=readdir(LONIDS)) {
next if ($filename eq '.' \|\| $filename eq '..');	next if ($filename eq '.' \|\| $filename eq '..');
next if ($filename =~ /publicuser_\d+\.id/);	next if ($filename =~ /publicuser_\d+\.id/);
next if ($filename =~ /^[a-f0-9]+_linked\.id$/);
my ($mtime)=(stat($perlvar{'lonIDsDir'}.'/'.$filename))[9];	my ($mtime)=(stat($perlvar{'lonIDsDir'}.'/'.$filename))[9];
if ($curtime-$mtime < 1800) { $numusers++; }	if ($curtime-$mtime < 1800) { $numusers++; }
}	}
Line 922 sub userload {	Line 900 sub userload {
# ------------------------------ Find server with least workload from spare.tab	# ------------------------------ Find server with least workload from spare.tab

sub spareserver {	sub spareserver {
my ($r,$loadpercent,$userloadpercent,$want_server_name,$udom) = @_;	my ($loadpercent,$userloadpercent,$want_server_name,$udom) = @_;
my $spare_server;	my $spare_server;
if ($userloadpercent !~ /\d/) { $userloadpercent=0; }	if ($userloadpercent !~ /\d/) { $userloadpercent=0; }
my $lowest_load=($loadpercent > $userloadpercent) ? $loadpercent	my $lowest_load=($loadpercent > $userloadpercent) ? $loadpercent
Line 960 sub spareserver {	Line 938 sub spareserver {
}	}

if (!$want_server_name) {	if (!$want_server_name) {
	my $protocol = 'http';
	if ($protocol{$spare_server} eq 'https') {
	$protocol = $protocol{$spare_server};
	}
if (defined($spare_server)) {	if (defined($spare_server)) {
my $hostname = &hostname($spare_server);	my $hostname = &hostname($spare_server);
if (defined($hostname)) {	if (defined($hostname)) {
my $protocol = 'http';
if ($protocol{$spare_server} eq 'https') {
$protocol = $protocol{$spare_server};
}
my $alias = &Apache::lonnet::use_proxy_alias($r,$spare_server);
$hostname = $alias if ($alias ne '');
$spare_server = $protocol.'://'.$hostname;	$spare_server = $protocol.'://'.$hostname;
}	}
}	}
Line 1035 sub find_existing_session {	Line 1011 sub find_existing_session {
return;	return;
}	}

# check if user's browser sent load balancer cookie and server still has session
# and is not overloaded.
sub check_for_balancer_cookie {
my ($r,$update_mtime) = @_;
my ($otherserver,$cookie);
my %cookies=CGI::Cookie->parse($r->header_in('Cookie'));
if (exists($cookies{'balanceID'})) {
my $balid = $cookies{'balanceID'};
$cookie=&LONCAPA::clean_handle($balid->value);
my $balancedir=$r->dir_config('lonBalanceDir');
if ((-d $balancedir) && (-e "$balancedir/$cookie.id")) {
if ($cookie =~ /^($match_domain)_($match_username)_[a-f0-9]+$/) {
my ($possudom,$possuname) = ($1,$2);
my $has_session = 0;
if ((&domain($possudom) ne '') &&
(&homeserver($possuname,$possudom) ne 'no_host')) {
my $try_server;
my $opened = open(my $idf,'+<',"$balancedir/$cookie.id");
if ($opened) {
flock($idf,LOCK_SH);
while (my $line = <$idf>) {
chomp($line);
if (&hostname($line) ne '') {
$try_server = $line;
last;
}
}
close($idf);
if (($try_server) &&
(&has_user_session($try_server,$possudom,$possuname))) {
my $lowest_load = 30000;
($otherserver,$lowest_load) =
&compare_server_load($try_server,undef,$lowest_load);
if ($otherserver ne '' && $lowest_load < 100) {
$has_session = 1;
} else {
undef($otherserver);
}
}
}
}
if ($has_session) {
if ($update_mtime) {
my $atime = my $mtime = time;
utime($atime,$mtime,"$balancedir/$cookie.id");
}
} else {
unlink("$balancedir/$cookie.id");
}
}
}
}
return ($otherserver,$cookie);
}

sub updatebalcookie {
my ($cookie,$balancer,$lastentry)=@_;
if ($cookie =~ /^($match_domain)\_($match_username)\_[a-f0-9]{32}$/) {
my ($udom,$uname) = ($1,$2);
my $uprimary_id = &domain($udom,'primary');
my $uintdom = &internet_dom($uprimary_id);
my $intdom = &internet_dom($balancer);
my $serverhomedom = &host_domain($balancer);
if (($uintdom ne '') && ($uintdom eq $intdom)) {
return &reply('updatebalcookie:'.&escape($cookie).':'.&escape($lastentry),$balancer);
}
}
return;
}

sub delbalcookie {
my ($cookie,$balancer) =@_;
if ($cookie =~ /^($match_domain)\_($match_username)\_[a-f0-9]{32}$/) {
my ($udom,$uname) = ($1,$2);
my $uprimary_id = &domain($udom,'primary');
my $uintdom = &internet_dom($uprimary_id);
my $intdom = &internet_dom($balancer);
my $serverhomedom = &host_domain($balancer);
if (($uintdom ne '') && ($uintdom eq $intdom)) {
return &reply('delbalcookie:'.&escape($cookie),$balancer);
}
}
}

# -------------------------------- ask if server already has a session for user	# -------------------------------- ask if server already has a session for user
sub has_user_session {	sub has_user_session {
my ($lonid,$udom,$uname) = @_;	my ($lonid,$udom,$uname) = @_;
Line 1150 sub choose_server {	Line 1042 sub choose_server {
}	}
}	}
foreach my $lonhost (keys(%servers)) {	foreach my $lonhost (keys(%servers)) {
my $loginvia;
if ($skiploadbal) {	if ($skiploadbal) {
if (ref($balancers) eq 'HASH') {	if (ref($balancers) eq 'HASH') {
next if (exists($balancers->{$lonhost}));	next if (exists($balancers->{$lonhost}));
}	}
}	}
	my $loginvia;
if ($checkloginvia) {	if ($checkloginvia) {
$loginvia = $domconfhash{$udom.'.login.loginvia_'.$lonhost};	$loginvia = $domconfhash{$udom.'.login.loginvia_'.$lonhost};
if ($loginvia) {	if ($loginvia) {
Line 1185 sub choose_server {	Line 1077 sub choose_server {
return ($login_host,$hostname,$portal_path,$isredirect,$lowest_load);	return ($login_host,$hostname,$portal_path,$isredirect,$lowest_load);
}	}

sub get_course_sessions {
my ($cnum,$cdom,$lastactivity) = @_;
my %servers = &internet_dom_servers($cdom);
my %returnhash;
foreach my $server (sort(keys(%servers))) {
my $rep = &reply("coursesessions:$cdom:$cnum:$lastactivity",$server);
my @pairs=split(/\&/,$rep);
unless (($rep eq 'unknown_cmd') \|\| ($rep =~ /^error/)) {
foreach my $item (@pairs) {
my ($key,$value)=split(/=/,$item,2);
$key = &unescape($key);
next if ($key =~ /^error: 2 /);
if (exists($returnhash{$key})) {
next if ($value < $returnhash{$key});
}
$returnhash{$key}=$value;
}
}
}
return %returnhash;
}

# --------------------------------------------- Try to change a user's password	# --------------------------------------------- Try to change a user's password

sub changepass {	sub changepass {
Line 1242 sub changepass {	Line 1112 sub changepass {
} elsif ($answer =~ "invalid_client") {	} elsif ($answer =~ "invalid_client") {
&logthis("$server refused to change $uname in $udom password because ".	&logthis("$server refused to change $uname in $udom password because ".
"it was a reset by e-mail originating from an invalid server.");	"it was a reset by e-mail originating from an invalid server.");
} elsif ($answer =~ "^prioruse") {
&logthis("$server refused to change $uname in $udom password because ".
"the password had been used before");
}	}
return $answer;	return $answer;
}	}
Line 1254 sub changepass {	Line 1121 sub changepass {
sub queryauthenticate {	sub queryauthenticate {
my ($uname,$udom)=@_;	my ($uname,$udom)=@_;
my $uhome=&homeserver($uname,$udom);	my $uhome=&homeserver($uname,$udom);
if ((!$uhome) \|\| ($uhome eq 'no_host')) {	if (!$uhome) {
&logthis("User $uname at $udom is unknown when looking for authentication mechanism");	&logthis("User $uname at $udom is unknown when looking for authentication mechanism");
return 'no_host';	return 'no_host';
}	}
Line 1303 sub authenticate {	Line 1170 sub authenticate {
}	}
if ($answer eq 'non_authorized') {	if ($answer eq 'non_authorized') {
&logthis("User $uname at $udom rejected by $uhome");	&logthis("User $uname at $udom rejected by $uhome");
return 'no_host';	return 'no_host';
}	}
&logthis("User $uname at $udom threw error $answer when checking authentication mechanism");	&logthis("User $uname at $udom threw error $answer when checking authentication mechanism");
return 'no_host';	return 'no_host';
}	}

sub can_switchserver {
my ($udom,$home) = @_;
my ($canswitch,@intdoms);
my $internet_names = &get_internet_names($home);
if (ref($internet_names) eq 'ARRAY') {
@intdoms = @{$internet_names};
}
my $uint_dom = &internet_dom(&domain($udom,'primary'));
if ($uint_dom ne '' && grep(/^\Q$uint_dom\E$/,@intdoms)) {
$canswitch = 1;
} else {
my $serverhomeID = &get_server_homeID(&hostname($home));
my $serverhomedom = &host_domain($serverhomeID);
my %defdomdefaults = &get_domain_defaults($serverhomedom);
my %udomdefaults = &get_domain_defaults($udom);
my $remoterev = &get_server_loncaparev('',$home);
$canswitch = &can_host_session($udom,$home,$remoterev,
$udomdefaults{'remotesessions'},
$defdomdefaults{'hostedsessions'});
}
return $canswitch;
}

sub can_host_session {	sub can_host_session {
my ($udom,$lonhost,$remoterev,$remotesessions,$hostedsessions) = @_;	my ($udom,$lonhost,$remoterev,$remotesessions,$hostedsessions) = @_;
my $canhost = 1;	my $canhost = 1;
Line 1406 sub spare_can_host {	Line 1250 sub spare_can_host {
$canhost = 0;	$canhost = 0;
}	}
}	}
if ($canhost) {
if (ref($defdomdefaults{'offloadoth'}) eq 'HASH') {
if ($defdomdefaults{'offloadoth'}{$try_server}) {
unless (&shared_institution($udom,$try_server)) {
$canhost = 0;
}
}
}
}
if (($canhost) && ($uint_dom)) {	if (($canhost) && ($uint_dom)) {
my @intdoms;	my @intdoms;
my $internet_names = &get_internet_names($try_server);	my $internet_names = &get_internet_names($try_server);
Line 1513 sub get_lonbalancer_config {	Line 1348 sub get_lonbalancer_config {
sub check_loadbalancing {	sub check_loadbalancing {
my ($uname,$udom,$caller) = @_;	my ($uname,$udom,$caller) = @_;
my ($is_balancer,$currtargets,$currrules,$dom_in_use,$homeintdom,	my ($is_balancer,$currtargets,$currrules,$dom_in_use,$homeintdom,
$rule_in_effect,$offloadto,$otherserver,$setcookie);	$rule_in_effect,$offloadto,$otherserver);
my $lonhost = $perlvar{'lonHostID'};	my $lonhost = $perlvar{'lonHostID'};
my @hosts = &current_machine_ids();	my @hosts = &current_machine_ids();
my $uprimary_id = &Apache::lonnet::domain($udom,'primary');	my $uprimary_id = &Apache::lonnet::domain($udom,'primary');
my $uintdom = &Apache::lonnet::internet_dom($uprimary_id);	my $uintdom = &Apache::lonnet::internet_dom($uprimary_id);
my $intdom = &Apache::lonnet::internet_dom($lonhost);	my $intdom = &Apache::lonnet::internet_dom($lonhost);
my $serverhomedom = &host_domain($lonhost);	my $serverhomedom = &host_domain($lonhost);
my $domneedscache;	my $domneedscache;
my $cachetime = 606024;	my $cachetime = 606024;

if (($uintdom ne '') && ($uintdom eq $intdom)) {	if (($uintdom ne '') && ($uintdom eq $intdom)) {
Line 1540 sub check_loadbalancing {	Line 1375 sub check_loadbalancing {
}	}
}	}
if (ref($result) eq 'HASH') {	if (ref($result) eq 'HASH') {
($is_balancer,$currtargets,$currrules,$setcookie) =	($is_balancer,$currtargets,$currrules) =
&check_balancer_result($result,@hosts);	&check_balancer_result($result,@hosts);
if ($is_balancer) {	if ($is_balancer) {
if (ref($currrules) eq 'HASH') {	if (ref($currrules) eq 'HASH') {
Line 1601 sub check_loadbalancing {	Line 1436 sub check_loadbalancing {
}	}
}	}
if (ref($result) eq 'HASH') {	if (ref($result) eq 'HASH') {
($is_balancer,$currtargets,$currrules,$setcookie) =	($is_balancer,$currtargets,$currrules) =
&check_balancer_result($result,@hosts);	&check_balancer_result($result,@hosts);
if ($is_balancer) {	if ($is_balancer) {
if (ref($currrules) eq 'HASH') {	if (ref($currrules) eq 'HASH') {
Line 1633 sub check_loadbalancing {	Line 1468 sub check_loadbalancing {
if ($domneedscache) {	if ($domneedscache) {
&do_cache_new('loadbalancing',$domneedscache,$is_balancer,$cachetime);	&do_cache_new('loadbalancing',$domneedscache,$is_balancer,$cachetime);
}	}
if (($is_balancer) && ($caller ne 'switchserver')) {	if ($is_balancer) {
my $lowest_load = 30000;	my $lowest_load = 30000;
if (ref($offloadto) eq 'HASH') {	if (ref($offloadto) eq 'HASH') {
if (ref($offloadto->{'primary'}) eq 'ARRAY') {	if (ref($offloadto->{'primary'}) eq 'ARRAY') {
Line 1667 sub check_loadbalancing {	Line 1502 sub check_loadbalancing {
$is_balancer = 0;	$is_balancer = 0;
if ($uname ne '' && $udom ne '') {	if ($uname ne '' && $udom ne '') {
if (($env{'user.name'} eq $uname) && ($env{'user.domain'} eq $udom)) {	if (($env{'user.name'} eq $uname) && ($env{'user.domain'} eq $udom)) {
&appenv({'user.loadbalexempt' => $lonhost,
	&appenv({'user.loadbalexempt' => $lonhost,
'user.loadbalcheck.time' => time});	'user.loadbalcheck.time' => time});
}	}
}	}
}	}
}	}
}	}
if (($is_balancer) && (!$homeintdom)) {	return ($is_balancer,$otherserver);
undef($setcookie);
}
return ($is_balancer,$otherserver,$setcookie);
}	}

sub check_balancer_result {	sub check_balancer_result {
my ($result,@hosts) = @_;	my ($result,@hosts) = @_;
my ($is_balancer,$currtargets,$currrules,$setcookie);	my ($is_balancer,$currtargets,$currrules);
if (ref($result) eq 'HASH') {	if (ref($result) eq 'HASH') {
if ($result->{'lonhost'} ne '') {	if ($result->{'lonhost'} ne '') {
my $currbalancer = $result->{'lonhost'};	my $currbalancer = $result->{'lonhost'};
Line 1698 sub check_balancer_result {	Line 1531 sub check_balancer_result {
$is_balancer = 1;	$is_balancer = 1;
$currrules = $result->{$key}{'rules'};	$currrules = $result->{$key}{'rules'};
$currtargets = $result->{$key}{'targets'};	$currtargets = $result->{$key}{'targets'};
$setcookie = $result->{$key}{'cookie'};
last;	last;
}	}
}	}
}	}
}	}
return ($is_balancer,$currtargets,$currrules,$setcookie);	return ($is_balancer,$currtargets,$currrules);
}	}

sub get_loadbalancer_targets {	sub get_loadbalancer_targets {
Line 1776 sub internet_dom_servers {	Line 1608 sub internet_dom_servers {
return %uniqservers;	return %uniqservers;
}	}

	sub trusted_domains {
	my ($cmdtype,$calldom) = @_;
	my ($trusted,$untrusted);
	if (&domain($calldom) eq '') {
	return ($trusted,$untrusted);
	}
	unless ($cmdtype =~ /^(content\|shared\|enroll\|coaurem\|domroles\|catalog\|reqcrs\|msg)$/) {
	return ($trusted,$untrusted);
	}
	my $callprimary = &domain($calldom,'primary');
	my $intcalldom = &Apache::lonnet::internet_dom($callprimary);
	if ($intcalldom eq '') {
	return ($trusted,$untrusted);
	}

	my ($trustconfig,$cached)=&Apache::lonnet::is_cached_new('trust',$calldom);
	unless (defined($cached)) {
	my %domconfig = &Apache::lonnet::get_dom('configuration',['trust'],$calldom);
	&Apache::lonnet::do_cache_new('trust',$calldom,$domconfig{'trust'},3600);
	$trustconfig = $domconfig{'trust'};
	}
	if (ref($trustconfig)) {
	my (%possexc,%possinc,@allexc,@allinc);
	if (ref($trustconfig->{$cmdtype}) eq 'HASH') {
	if (ref($trustconfig->{$cmdtype}->{'exc'}) eq 'ARRAY') {
	map { $possexc{$_} = 1; } @{$trustconfig->{$cmdtype}->{'exc'}};
	}
	if (ref($trustconfig->{$cmdtype}->{'inc'}) eq 'ARRAY') {
	map { $possinc{$_} = 1; } @{$trustconfig->{$cmdtype}->{'inc'}};
	}
	}
	if (keys(%possexc)) {
	if (keys(%possinc)) {
	foreach my $key (sort(keys(%possexc))) {
	next if ($key eq $intcalldom);
	unless ($possinc{$key}) {
	push(@allexc,$key);
	}
	}
	} else {
	@allexc = sort(keys(%possexc));
	}
	}
	if (keys(%possinc)) {
	$possinc{$intcalldom} = 1;
	@allinc = sort(keys(%possinc));
	}
	if ((@allexc > 0) \|\| (@allinc > 0)) {
	my %doms_by_intdom;
	my %allintdoms = &all_host_intdom();
	my %alldoms = &all_host_domain();
	foreach my $key (%allintdoms) {
	if (ref($doms_by_intdom{$allintdoms{$key}}) eq 'ARRAY') {
	unless (grep(/^\Q$alldoms{$key}\E$/,@{$doms_by_intdom{$allintdoms{$key}}})) {
	push(@{$doms_by_intdom{$allintdoms{$key}}},$alldoms{$key});
	}
	} else {
	$doms_by_intdom{$allintdoms{$key}} = [$alldoms{$key}];
	}
	}
	foreach my $exc (@allexc) {
	if (ref($doms_by_intdom{$exc}) eq 'ARRAY') {
	$untrusted = $doms_by_intdom{$exc};
	}
	}
	foreach my $inc (@allinc) {
	if (ref($doms_by_intdom{$inc}) eq 'ARRAY') {
	$trusted = $doms_by_intdom{$inc};
	}
	}
	}
	}
	return ($trusted,$untrusted);
	}

	sub will_trust {
	my ($cmdtype,$domain,$possdom) = @_;
	return 1 if ($domain eq $possdom);
	my ($trustedref,$untrustedref) = &trusted_domains($cmdtype,$possdom);
	my $willtrust;
	if ((ref($trustedref) eq 'ARRAY') && (@{$trustedref} > 0)) {
	if (grep(/^\Q$domain\E$/,@{$trustedref})) {
	$willtrust = 1;
	}
	} elsif ((ref($untrustedref) eq 'ARRAY') && (@{$untrustedref} > 0)) {
	unless (grep(/^\Q$domain\E$/,@{$untrustedref})) {
	$willtrust = 1;
	}
	} else {
	$willtrust = 1;
	}
	return $willtrust;
	}

# ---------------------- Find the homebase for a user from domain's lib servers	# ---------------------- Find the homebase for a user from domain's lib servers

my %homecache;	my %homecache;
Line 1801 sub homeserver {	Line 1727 sub homeserver {
return 'no_host';	return 'no_host';
}	}

# ------------------------------------- Find the usernames behind a list of IDs	# ----- Find the usernames behind a list of student/employee IDs or clicker IDs

sub idget {	sub idget {
my ($udom,@ids)=@_;	my ($udom,$idsref,$namespace)=@_;
my %returnhash=();	my %returnhash=();
	my @ids=();
	if (ref($idsref) eq 'ARRAY') {
	@ids = @{$idsref};
	} else {
	return %returnhash;
	}
	if ($namespace eq '') {
	$namespace = 'ids';
	}

my %servers = &get_servers($udom,'library');	my %servers = &get_servers($udom,'library');
foreach my $tryserver (keys(%servers)) {	foreach my $tryserver (keys(%servers)) {
my $idlist=join('&', map { &escape($_); } @ids);	my $idlist=join('&', map { &escape($_); } @ids);
$idlist=~tr/A-Z/a-z/;	if ($namespace eq 'ids') {
my $reply=&reply("idget:$udom:".$idlist,$tryserver);	$idlist=~tr/A-Z/a-z/;
	}
	my $reply;
	if ($namespace eq 'ids') {
	$reply=&reply("idget:$udom:".$idlist,$tryserver);
	} else {
	$reply=&reply("getdom:$udom:$namespace:$idlist",$tryserver);
	}
my @answer=();	my @answer=();
if (($reply ne 'con_lost') && ($reply!~/^error\:/)) {	if (($reply ne 'con_lost') && ($reply!~/^error\:/)) {
@answer=split(/\&/,$reply);	@answer=split(/\&/,$reply);
Line 1820 sub idget {	Line 1762 sub idget {
for ($i=0;$i<=$#ids;$i++) {	for ($i=0;$i<=$#ids;$i++) {
if ($answer[$i]) {	if ($answer[$i]) {
$returnhash{$ids[$i]}=&unescape($answer[$i]);	$returnhash{$ids[$i]}=&unescape($answer[$i]);
}	}
}	}
}	}
return %returnhash;	return %returnhash;
}	}

Line 1837 sub idrget {	Line 1779 sub idrget {
return %returnhash;	return %returnhash;
}	}

# ------------------------------- Store away a list of names and associated IDs	# Store away a list of names and associated student/employee IDs or clicker IDs

sub idput {	sub idput {
my ($udom,%ids)=@_;	my ($udom,$idsref,$uhom,$namespace)=@_;
my %servers=();	my %servers=();
	my %ids=();
	my %byid = ();
	if (ref($idsref) eq 'HASH') {
	%ids=%{$idsref};
	}
	if ($namespace eq '') {
	$namespace = 'ids';
	}
foreach my $uname (keys(%ids)) {	foreach my $uname (keys(%ids)) {
&cput('environment',{'id'=>$ids{$uname}},$udom,$uname);	&cput('environment',{'id'=>$ids{$uname}},$udom,$uname);
my $uhom=&homeserver($uname,$udom);	if ($uhom eq '') {
	$uhom=&homeserver($uname,$udom);
	}
if ($uhom ne 'no_host') {	if ($uhom ne 'no_host') {
my $id=&escape($ids{$uname});
$id=~tr/A-Z/a-z/;
my $esc_unam=&escape($uname);	my $esc_unam=&escape($uname);
if ($servers{$uhom}) {	if ($namespace eq 'ids') {
$servers{$uhom}.='&'.$id.'='.$esc_unam;	my $id=&escape($ids{$uname});
	$id=~tr/A-Z/a-z/;
	my $esc_unam=&escape($uname);
	$servers{$uhom}.=$id.'='.$esc_unam.'&';
} else {	} else {
$servers{$uhom}=$id.'='.$esc_unam;	my @currids = split(/,/,$ids{$uname});
	foreach my $id (@currids) {
	$byid{$uhom}{$id} .= $uname.',';
	}
	}
	}
	}
	if ($namespace eq 'clickers') {
	foreach my $server (keys(%byid)) {
	if (ref($byid{$server}) eq 'HASH') {
	foreach my $id (keys(%{$byid{$server}})) {
	$byid{$server} =~ s/,$//;
	$servers{$uhom}.=&escape($id).'='.&escape($byid{$server}).'&';
	}
}	}
}	}
}	}
foreach my $server (keys(%servers)) {	foreach my $server (keys(%servers)) {
&critical('idput:'.$udom.':'.$servers{$server},$server);	$servers{$server} =~ s/\&$//;
	if ($namespace eq 'ids') {
	&critical('idput:'.$udom.':'.$servers{$server},$server);
	} else {
	&critical('updateclickers:'.$udom.':add:'.$servers{$server},$server);
	}
}	}
}	}

# ---------------------------------------- Delete unwanted IDs from ids.db file	# ------------- Delete unwanted student/employee IDs or clicker IDs from domain

sub iddel {	sub iddel {
my ($udom,$idshashref,$uhome)=@_;	my ($udom,$idshashref,$uhome,$namespace)=@_;
my %result=();	my %result=();
unless (ref($idshashref) eq 'HASH') {	my %ids=();
	my %byid = ();
	if (ref($idshashref) eq 'HASH') {
	%ids=%{$idshashref};
	} else {
return %result;	return %result;
}	}
	if ($namespace eq '') {
	$namespace = 'ids';
	}
my %servers=();	my %servers=();
while (my ($id,$uname) = each(%{$idshashref})) {	while (my ($id,$unamestr) = each(%ids)) {
my $uhom;	if ($namespace eq 'ids') {
if ($uhome) {	my $uhom = $uhome;
$uhom = $uhome;	if ($uhom eq '') {
} else {	$uhom=&homeserver($unamestr,$udom);
$uhom=&homeserver($uname,$udom);	}
}	if ($uhom ne 'no_host') {
if ($uhom ne 'no_host') {
if ($servers{$uhom}) {
$servers{$uhom}.='&'.&escape($id);	$servers{$uhom}.='&'.&escape($id);
} else {	}
$servers{$uhom}=&escape($id);	} else {
	my @curritems = split(/,/,$ids{$id});
	foreach my $uname (@curritems) {
	my $uhom = $uhome;
	if ($uhom eq '') {
	$uhom=&homeserver($uname,$udom);
	}
	if ($uhom ne 'no_host') {
	$byid{$uhom}{$id} .= $uname.',';
	}
	}
	}
	}
	if ($namespace eq 'clickers') {
	foreach my $server (keys(%byid)) {
	if (ref($byid{$server}) eq 'HASH') {
	foreach my $id (keys(%{$byid{$server}})) {
	$byid{$server}{$id} =~ s/,$//;
	$servers{$server}.=&escape($id).'='.&escape($byid{$server}{$id}).'&';
	}
}	}
}	}
}	}
foreach my $server (keys(%servers)) {	foreach my $server (keys(%servers)) {
$result{$server} = &critical('iddel:'.$udom.':'.$servers{$server},$uhome);	$servers{$server} =~ s/\&$//;
	if ($namespace eq 'ids') {
	$result{$server} = &critical('iddel:'.$udom.':'.$servers{$server},$uhome);
	} elsif ($namespace eq 'clickers') {
	$result{$server} = &critical('updateclickers:'.$udom.':del:'.$servers{$server},$server);
	}
}	}
return %result;	return %result;
}	}

	# ----- Update clicker ID-to-username look-ups in clickers.db on library server

	sub updateclickers {
	my ($udom,$action,$idshashref,$uhome,$critical) = @_;
	my %clickers;
	if (ref($idshashref) eq 'HASH') {
	%clickers=%{$idshashref};
	} else {
	return;
	}
	my $items='';
	foreach my $item (keys(%clickers)) {
	$items.=&escape($item).'='.&escape($clickers{$item}).'&';
	}
	$items=~s/\&$//;
	my $request = "updateclickers:$udom:$action:$items";
	if ($critical) {
	return &critical($request,$uhome);
	} else {
	return &reply($request,$uhome);
	}
	}

# ------------------------------dump from db file owned by domainconfig user	# ------------------------------dump from db file owned by domainconfig user
sub dump_dom {	sub dump_dom {
my ($namespace, $udom, $regexp) = @_;	my ($namespace, $udom, $regexp) = @_;
Line 1929 sub get_dom {	Line 1952 sub get_dom {
}	}
if ($udom && $uhome && ($uhome ne 'no_host')) {	if ($udom && $uhome && ($uhome ne 'no_host')) {
my $rep;	my $rep;
if (grep { $_ eq $uhome } &current_machine_ids()) {	if ($namespace =~ /^enc/) {
# domain information is hosted on this machine	$rep=&reply("encrypt:egetdom:$udom:$namespace:$items",$uhome);
$rep = &LONCAPA::Lond::get_dom("getdom:$udom:$namespace:$items");	} else {
} else {
$rep=&reply("getdom:$udom:$namespace:$items",$uhome);	$rep=&reply("getdom:$udom:$namespace:$items",$uhome);
}	}
my %returnhash;	my %returnhash;
Line 1978 sub put_dom {	Line 2000 sub put_dom {
$items.=&escape($item).'='.&freeze_escape($$storehash{$item}).'&';	$items.=&escape($item).'='.&freeze_escape($$storehash{$item}).'&';
}	}
$items=~s/\&$//;	$items=~s/\&$//;
return &reply("putdom:$udom:$namespace:$items",$uhome);	if ($namespace =~ /^enc/) {
	return &reply("encrypt:putdom:$udom:$namespace:$items",$uhome);
	} else {
	return &reply("putdom:$udom:$namespace:$items",$uhome);
	}
} else {	} else {
&logthis("put_dom failed - no homeserver and/or domain");	&logthis("put_dom failed - no homeserver and/or domain");
}	}
Line 2054 sub retrieve_inst_usertypes {	Line 2080 sub retrieve_inst_usertypes {

sub is_domainimage {	sub is_domainimage {
my ($url) = @_;	my ($url) = @_;
if ($url=~m-^/+res/+($match_domain)/+\1\-domainconfig/+(img\|logo\|domlogo\|login)/+[^/]-) {	if ($url=~m-^/+res/+($match_domain)/+\1\-domainconfig/+(img\|logo\|domlogo)/+[^/]-) {
if (&domain($1) ne '') {	if (&domain($1) ne '') {
return '1';	return '1';
}	}
Line 2071 sub inst_directory_query {	Line 2097 sub inst_directory_query {
if ($homeserver ne '') {	if ($homeserver ne '') {
unless ($homeserver eq $perlvar{'lonHostID'}) {	unless ($homeserver eq $perlvar{'lonHostID'}) {
if ($srch->{'srchby'} eq 'email') {	if ($srch->{'srchby'} eq 'email') {
my $lcrev = &get_server_loncaparev($udom,$homeserver);	my $lcrev = &get_server_loncaparev(undef,$homeserver);
my ($major,$minor,$subver) = ($lcrev =~ /^\'?(\d+)\.(\d+)\.(\d+)[\w.\-]+\'?$/);	my ($major,$minor) = ($lcrev =~ /^\'?(\d+)\.(\d+)\.[\w.\-]+\'?$/);
if (($major eq '' && $minor eq '') \|\| ($major < 2) \|\|	if (($major eq '' && $minor eq '') \|\| ($major < 2) \|\|
(($major == 2) && ($minor < 11)) \|\|	(($major == 2) && ($minor < 12))) {
(($major == 2) && ($minor == 11) && ($subver < 3))) {
return;	return;
}	}
}	}
Line 2123 sub usersearch {	Line 2148 sub usersearch {
if (&host_domain($tryserver) eq $dom) {	if (&host_domain($tryserver) eq $dom) {
unless ($tryserver eq $perlvar{'lonHostID'}) {	unless ($tryserver eq $perlvar{'lonHostID'}) {
if ($srch->{'srchby'} eq 'email') {	if ($srch->{'srchby'} eq 'email') {
my $lcrev = &get_server_loncaparev($dom,$tryserver);	my $lcrev = &get_server_loncaparev(undef,$tryserver);
my ($major,$minor,$subver) = ($lcrev =~ /^\'?(\d+)\.(\d+)\.(\d+)[\w.\-]+\'?$/);	my ($major,$minor) = ($lcrev =~ /^\'?(\d+)\.(\d+)\.[\w.\-]+\'?$/);
next if (($major eq '' && $minor eq '') \|\| ($major < 2) \|\|	next if (($major eq '' && $minor eq '') \|\| ($major < 2) \|\|
(($major == 2) && ($minor < 11)) \|\|	(($major == 2) && ($minor < 12)));
(($major == 2) && ($minor == 11) && ($subver < 3)));
}	}
}	}
my $host=&hostname($tryserver);	my $host=&hostname($tryserver);
Line 2219 sub get_multiple_instusers {	Line 2243 sub get_multiple_instusers {
my ($udom,$users,$caller) = @_;	my ($udom,$users,$caller) = @_;
my ($outcome,$results);	my ($outcome,$results);
if (ref($users) eq 'HASH') {	if (ref($users) eq 'HASH') {
my $count = keys(%{$users});	my $count = keys(%{$users});
my $requested = &freeze_escape($users);	my $requested = &freeze_escape($users);
my $homeserver = &domain($udom,'primary');	my $homeserver = &domain($udom,'primary');
if ($homeserver ne '') {	if ($homeserver ne '') {
Line 2263 sub get_multiple_instusers {	Line 2287 sub get_multiple_instusers {
} else {	} else {
($outcome,my $userdata) = split(/=/,$response,2);	($outcome,my $userdata) = split(/=/,$response,2);
if ($outcome eq 'ok') {	if ($outcome eq 'ok') {
$results = &thaw_unescape($userdata);	$results = &thaw_unescape($userdata);
}	}
}	}
}	}
Line 2294 sub inst_rulecheck {	Line 2318 sub inst_rulecheck {
$response=&unescape(&reply('instselfcreatecheck:'.	$response=&unescape(&reply('instselfcreatecheck:'.
&escape($udom).':'.&escape($uname).	&escape($udom).':'.&escape($uname).
':'.$rulestr,$homeserver));	':'.$rulestr,$homeserver));
} elsif ($item eq 'unamemap') {
$response=&unescape(&reply('instunamemapcheck:'.
&escape($udom).':'.&escape($uname).
':'.$rulestr,$homeserver));
}	}
if ($response ne 'refused') {	if ($response ne 'refused') {
my @pairs=split(/\&/,$response);	my @pairs=split(/\&/,$response);
Line 2327 sub inst_userrules {	Line 2347 sub inst_userrules {
} elsif ($check eq 'email') {	} elsif ($check eq 'email') {
$response=&reply('instemailrules:'.&escape($udom),	$response=&reply('instemailrules:'.&escape($udom),
$homeserver);	$homeserver);
} elsif ($check eq 'unamemap') {
$response=&reply('unamemaprules:'.&escape($udom),
$homeserver);
} else {	} else {
$response=&reply('instuserrules:'.&escape($udom),	$response=&reply('instuserrules:'.&escape($udom),
$homeserver);	$homeserver);
Line 2375 sub get_domain_defaults {	Line 2392 sub get_domain_defaults {
'requestcourses','inststatus',	'requestcourses','inststatus',
'coursedefaults','usersessions',	'coursedefaults','usersessions',
'requestauthor','selfenrollment',	'requestauthor','selfenrollment',
'coursecategories','autoenroll',	'coursecategories','ssl','autoenroll',
'helpsettings','wafproxy'],$domain);	'trust','helpsettings'],$domain);
my @coursetypes = ('official','unofficial','community','textbook');	my @coursetypes = ('official','unofficial','community','textbook','placement');
if (ref($domconfig{'defaults'}) eq 'HASH') {	if (ref($domconfig{'defaults'}) eq 'HASH') {
$domdefaults{'lang_def'} = $domconfig{'defaults'}{'lang_def'};	$domdefaults{'lang_def'} = $domconfig{'defaults'}{'lang_def'};
$domdefaults{'auth_def'} = $domconfig{'defaults'}{'auth_def'};	$domdefaults{'auth_def'} = $domconfig{'defaults'}{'auth_def'};
Line 2388 sub get_domain_defaults {	Line 2405 sub get_domain_defaults {
$domdefaults{'intauth_cost'} = $domconfig{'defaults'}{'intauth_cost'};	$domdefaults{'intauth_cost'} = $domconfig{'defaults'}{'intauth_cost'};
$domdefaults{'intauth_switch'} = $domconfig{'defaults'}{'intauth_switch'};	$domdefaults{'intauth_switch'} = $domconfig{'defaults'}{'intauth_switch'};
$domdefaults{'intauth_check'} = $domconfig{'defaults'}{'intauth_check'};	$domdefaults{'intauth_check'} = $domconfig{'defaults'}{'intauth_check'};
$domdefaults{'unamemap_rule'} = $domconfig{'defaults'}{'unamemap_rule'};
} else {	} else {
$domdefaults{'lang_def'} = &domain($domain,'lang_def');	$domdefaults{'lang_def'} = &domain($domain,'lang_def');
$domdefaults{'auth_def'} = &domain($domain,'auth_def');	$domdefaults{'auth_def'} = &domain($domain,'auth_def');
Line 2411 sub get_domain_defaults {	Line 2427 sub get_domain_defaults {
}	}
}	}
if (ref($domconfig{'requestcourses'}) eq 'HASH') {	if (ref($domconfig{'requestcourses'}) eq 'HASH') {
foreach my $item ('official','unofficial','community','textbook') {	foreach my $item ('official','unofficial','community','textbook','placement') {
$domdefaults{$item} = $domconfig{'requestcourses'}{$item};	$domdefaults{$item} = $domconfig{'requestcourses'}{$item};
}	}
}	}
Line 2424 sub get_domain_defaults {	Line 2440 sub get_domain_defaults {
}	}
}	}
if (ref($domconfig{'coursedefaults'}) eq 'HASH') {	if (ref($domconfig{'coursedefaults'}) eq 'HASH') {
	$domdefaults{'canuse_pdfforms'} = $domconfig{'coursedefaults'}{'canuse_pdfforms'};
$domdefaults{'usejsme'} = $domconfig{'coursedefaults'}{'usejsme'};	$domdefaults{'usejsme'} = $domconfig{'coursedefaults'}{'usejsme'};
$domdefaults{'inline_chem'} = $domconfig{'coursedefaults'}{'inline_chem'};
$domdefaults{'uselcmath'} = $domconfig{'coursedefaults'}{'uselcmath'};	$domdefaults{'uselcmath'} = $domconfig{'coursedefaults'}{'uselcmath'};
if (ref($domconfig{'coursedefaults'}{'postsubmit'}) eq 'HASH') {	if (ref($domconfig{'coursedefaults'}{'postsubmit'}) eq 'HASH') {
$domdefaults{'postsubmit'} = $domconfig{'coursedefaults'}{'postsubmit'}{'client'};	$domdefaults{'postsubmit'} = $domconfig{'coursedefaults'}{'postsubmit'}{'client'};
Line 2441 sub get_domain_defaults {	Line 2457 sub get_domain_defaults {
}	}
if ($domdefaults{'postsubmit'} eq 'on') {	if ($domdefaults{'postsubmit'} eq 'on') {
if (ref($domconfig{'coursedefaults'}{'postsubmit'}{'timeout'}) eq 'HASH') {	if (ref($domconfig{'coursedefaults'}{'postsubmit'}{'timeout'}) eq 'HASH') {
$domdefaults{$type.'postsubtimeout'} =	$domdefaults{$type.'postsubtimeout'} =
$domconfig{'coursedefaults'}{'postsubmit'}{'timeout'}{$type};	$domconfig{'coursedefaults'}{'postsubmit'}{'timeout'}{$type};
}	}
}	}
}	}
Line 2458 sub get_domain_defaults {	Line 2474 sub get_domain_defaults {
}	}
if ($domconfig{'coursedefaults'}{'texengine'}) {	if ($domconfig{'coursedefaults'}{'texengine'}) {
$domdefaults{'texengine'} = $domconfig{'coursedefaults'}{'texengine'};	$domdefaults{'texengine'} = $domconfig{'coursedefaults'}{'texengine'};
}	}
}	}
if (ref($domconfig{'usersessions'}) eq 'HASH') {	if (ref($domconfig{'usersessions'}) eq 'HASH') {
if (ref($domconfig{'usersessions'}{'remote'}) eq 'HASH') {	if (ref($domconfig{'usersessions'}{'remote'}) eq 'HASH') {
Line 2470 sub get_domain_defaults {	Line 2486 sub get_domain_defaults {
if (ref($domconfig{'usersessions'}{'offloadnow'}) eq 'HASH') {	if (ref($domconfig{'usersessions'}{'offloadnow'}) eq 'HASH') {
$domdefaults{'offloadnow'} = $domconfig{'usersessions'}{'offloadnow'};	$domdefaults{'offloadnow'} = $domconfig{'usersessions'}{'offloadnow'};
}	}
if (ref($domconfig{'usersessions'}{'offloadoth'}) eq 'HASH') {
$domdefaults{'offloadoth'} = $domconfig{'usersessions'}{'offloadoth'};
}
}	}
if (ref($domconfig{'selfenrollment'}) eq 'HASH') {	if (ref($domconfig{'selfenrollment'}) eq 'HASH') {
if (ref($domconfig{'selfenrollment'}{'admin'}) eq 'HASH') {	if (ref($domconfig{'selfenrollment'}{'admin'}) eq 'HASH') {
Line 2505 sub get_domain_defaults {	Line 2518 sub get_domain_defaults {
if (ref($domconfig{'coursecategories'}) eq 'HASH') {	if (ref($domconfig{'coursecategories'}) eq 'HASH') {
$domdefaults{'catauth'} = 'std';	$domdefaults{'catauth'} = 'std';
$domdefaults{'catunauth'} = 'std';	$domdefaults{'catunauth'} = 'std';
if ($domconfig{'coursecategories'}{'auth'}) {	if ($domconfig{'coursecategories'}{'auth'}) {
$domdefaults{'catauth'} = $domconfig{'coursecategories'}{'auth'};	$domdefaults{'catauth'} = $domconfig{'coursecategories'}{'auth'};
}	}
if ($domconfig{'coursecategories'}{'unauth'}) {	if ($domconfig{'coursecategories'}{'unauth'}) {
$domdefaults{'catunauth'} = $domconfig{'coursecategories'}{'unauth'};	$domdefaults{'catunauth'} = $domconfig{'coursecategories'}{'unauth'};
}	}
}	}
	if (ref($domconfig{'ssl'}) eq 'HASH') {
	if (ref($domconfig{'ssl'}{'replication'}) eq 'HASH') {
	$domdefaults{'replication'} = $domconfig{'ssl'}{'replication'};
	}
	if (ref($domconfig{'ssl'}{'connto'}) eq 'HASH') {
	$domdefaults{'connect'} = $domconfig{'ssl'}{'connto'};
	}
	if (ref($domconfig{'ssl'}{'connfrom'}) eq 'HASH') {
	$domdefaults{'connect'} = $domconfig{'ssl'}{'connfrom'};
	}
	}
	if (ref($domconfig{'trust'}) eq 'HASH') {
	my @prefixes = qw(content shared enroll othcoau coaurem domroles catalog reqcrs msg);
	foreach my $prefix (@prefixes) {
	if (ref($domconfig{'trust'}{$prefix}) eq 'HASH') {
	$domdefaults{'trust'.$prefix} = $domconfig{'trust'}{$prefix};
	}
	}
	}
if (ref($domconfig{'autoenroll'}) eq 'HASH') {	if (ref($domconfig{'autoenroll'}) eq 'HASH') {
$domdefaults{'autofailsafe'} = $domconfig{'autoenroll'}{'autofailsafe'};	$domdefaults{'autofailsafe'} = $domconfig{'autoenroll'}{'autofailsafe'};
$domdefaults{'failsafe'} = $domconfig{'autoenroll'}{'failsafe'};
}	}
if (ref($domconfig{'helpsettings'}) eq 'HASH') {	if (ref($domconfig{'helpsettings'}) eq 'HASH') {
$domdefaults{'submitbugs'} = $domconfig{'helpsettings'}{'submitbugs'};	$domdefaults{'submitbugs'} = $domconfig{'helpsettings'}{'submitbugs'};
Line 2522 sub get_domain_defaults {	Line 2553 sub get_domain_defaults {
$domdefaults{'adhocroles'} = $domconfig{'helpsettings'}{'adhoc'};	$domdefaults{'adhocroles'} = $domconfig{'helpsettings'}{'adhoc'};
}	}
}	}
if (ref($domconfig{'wafproxy'}) eq 'HASH') {
foreach my $item ('ipheader','trusted','vpnint','vpnext','sslopt') {
if ($domconfig{'wafproxy'}{$item}) {
$domdefaults{'waf_'.$item} = $domconfig{'wafproxy'}{$item};
}
}
}
&do_cache_new('domdefaults',$domain,\%domdefaults,$cachetime);	&do_cache_new('domdefaults',$domain,\%domdefaults,$cachetime);
return %domdefaults;	return %domdefaults;
}	}

sub get_dom_cats {	sub course_portal_url {
my ($dom) = @_;	my ($cnum,$cdom) = @_;
return unless (&domain($dom));	my $chome = &homeserver($cnum,$cdom);
my ($cats,$cached)=&is_cached_new('cats',$dom);	my $hostname = &hostname($chome);
unless (defined($cached)) {	my $protocol = $protocol{$chome};
my %domconfig = &get_dom('configuration',['coursecategories'],$dom);	$protocol = 'http' if ($protocol ne 'https');
if (ref($domconfig{'coursecategories'}) eq 'HASH') {	my %domdefaults = &get_domain_defaults($cdom);
if (ref($domconfig{'coursecategories'}{'cats'}) eq 'HASH') {	my $firsturl;
%{$cats} = %{$domconfig{'coursecategories'}{'cats'}};	if ($domdefaults{'portal_def'}) {
} else {	$firsturl = $domdefaults{'portal_def'};
$cats = {};	} else {
}	$firsturl = $protocol.'://'.$hostname;
} else {
$cats = {};
}
&Apache::lonnet::do_cache_new('cats',$dom,$cats,3600);
}
return $cats;
}

sub get_dom_instcats {
my ($dom) = @_;
return unless (&domain($dom));
my ($instcats,$cached)=&is_cached_new('instcats',$dom);
unless (defined($cached)) {
my (%coursecodes,%codes,@codetitles,%cat_titles,%cat_order);
my $totcodes = &retrieve_instcodes(\%coursecodes,$dom);
if ($totcodes > 0) {
my $caller = 'global';
if (&auto_instcode_format($caller,$dom,\%coursecodes,\%codes,
\@codetitles,\%cat_titles,\%cat_order) eq 'ok') {
$instcats = {
totcodes => $totcodes,
codes => \%codes,
codetitles => \@codetitles,
cat_titles => \%cat_titles,
cat_order => \%cat_order,
};
&do_cache_new('instcats',$dom,$instcats,3600);
}
}
}
return $instcats;
}

sub retrieve_instcodes {
my ($coursecodes,$dom) = @_;
my $totcodes;
my %courses = &courseiddump($dom,'.',1,'.','.','.',undef,undef,'Course');
foreach my $course (keys(%courses)) {
if (ref($courses{$course}) eq 'HASH') {
if ($courses{$course}{'inst_code'} ne '') {
$$coursecodes{$course} = $courses{$course}{'inst_code'};
$totcodes ++;
}
}
}
return $totcodes;
}

# --------------------------------------------- Get domain config for passwords

sub get_passwdconf {
my ($dom) = @_;
my (%passwdconf,$gotconf,$lookup);
my ($result,$cached)=&is_cached_new('passwdconf',$dom);
if (defined($cached)) {
if (ref($result) eq 'HASH') {
%passwdconf = %{$result};
$gotconf = 1;
}
}
unless ($gotconf) {
my %domconfig = &get_dom('configuration',['passwords'],$dom);
if (ref($domconfig{'passwords'}) eq 'HASH') {
%passwdconf = %{$domconfig{'passwords'}};
}
my $cachetime = 246060;
&do_cache_new('passwdconf',$dom,\%passwdconf,$cachetime);
}	}
return %passwdconf;	return $firsturl;
}	}

# --------------------------------------------------- Assign a key to a student	# --------------------------------------------------- Assign a key to a student
Line 2861 sub devalidate_cache_new {	Line 2818 sub devalidate_cache_new {

sub is_cached_new {	sub is_cached_new {
my ($name,$id,$debug) = @_;	my ($name,$id,$debug) = @_;
my $remembered_id=$name.':'.$id; # this is to avoid make_key (which is slow) for	my $remembered_id=$name.':'.$id; # this is to avoid make_key (which is slow) whenever possible
# keys in %remembered hash, which persists for
# duration of request (no restriction on key length).
if (exists($remembered{$remembered_id})) {	if (exists($remembered{$remembered_id})) {
if ($debug) { &Apache::lonnet::logthis("Early return $remembered_id of $remembered{$remembered_id} "); }	if ($debug) { &Apache::lonnet::logthis("Early return $remembered_id of $remembered{$remembered_id} "); }
$accessed{$remembered_id}=[&gettimeofday()];	$accessed{$remembered_id}=[&gettimeofday()];
Line 3125 sub repcopy {	Line 3080 sub repcopy {
mkdir($path,0777);	mkdir($path,0777);
}	}
}	}
my $ua=new LWP::UserAgent;
my $request=new HTTP::Request('GET',"$remoteurl");	my $request=new HTTP::Request('GET',"$remoteurl");
my $response=$ua->request($request,$transname);	my $response;
	if ($remoteurl =~ m{/raw/}) {
	$response=&LONCAPA::LWPReq::makerequest($home,$request,$transname,\%perlvar,'',0,1);
	} else {
	$response=&LONCAPA::LWPReq::makerequest($home,$request,$transname,\%perlvar,'',1);
	}
if ($response->is_error()) {	if ($response->is_error()) {
unlink($transname);	unlink($transname);
my $message=$response->status_line;	my $message=$response->status_line;
Line 3137 sub repcopy {	Line 3096 sub repcopy {
} else {	} else {
if ($remoteurl!~/\.meta$/) {	if ($remoteurl!~/\.meta$/) {
my $mrequest=new HTTP::Request('GET',$remoteurl.'.meta');	my $mrequest=new HTTP::Request('GET',$remoteurl.'.meta');
my $mresponse=$ua->request($mrequest,$filename.'.meta');	my $mresponse;
	if ($remoteurl =~ m{/raw/}) {
	$mresponse = &LONCAPA::LWPReq::makerequest($home,$mrequest,$filename.'.meta',\%perlvar,'',0,1);
	} else {
	$mresponse = &LONCAPA::LWPReq::makerequest($home,$mrequest,$filename.'.meta',\%perlvar,'',1);
	}
if ($mresponse->is_error()) {	if ($mresponse->is_error()) {
unlink($filename.'.meta');	unlink($filename.'.meta');
&logthis(	&logthis(
Line 3151 sub repcopy {	Line 3115 sub repcopy {
}	}
}	}

# ------------------------------------------------- Unsubscribe from a resource

sub unsubscribe {
my ($fname) = @_;
my $answer;
if ($fname=~/\/(aboutme\|syllabus\|bulletinboard\|smppg)$/) { return $answer; }
$fname=~s/[\n\r]//g;
my $author=$fname;
$author=~s/\/home\/httpd\/html\/res\/([^\/])\/([^\/]).*/$1\/$2/;
my ($udom,$uname)=split(/\//,$author);
my $home=homeserver($uname,$udom);
if ($home eq 'no_host') {
$answer = 'no_host';
} elsif (grep { $_ eq $home } &current_machine_ids()) {
$answer = 'home';
} else {
$answer = reply("unsub:$fname",$home);
}
return $answer;
}

# ------------------------------------------------ Get server side include body	# ------------------------------------------------ Get server side include body
sub ssi_body {	sub ssi_body {
my ($filelink,%form)=@_;	my ($filelink,%form)=@_;
Line 3200 sub ssi_body {	Line 3143 sub ssi_body {
# --------------------------------------------------------- Server Side Include	# --------------------------------------------------------- Server Side Include

sub absolute_url {	sub absolute_url {
my ($host_name,$unalias,$keep_proto) = @_;	my ($host_name) = @_;
my $protocol = ($ENV{'SERVER_PORT'} == 443?'https://':'http://');	my $protocol = ($ENV{'SERVER_PORT'} == 443?'https://':'http://');
if ($host_name eq '') {	if ($host_name eq '') {
$host_name = $ENV{'SERVER_NAME'};	$host_name = $ENV{'SERVER_NAME'};
}	}
if ($unalias) {
my $alias = &get_proxy_alias();
if ($alias eq $host_name) {
my $lonhost = $perlvar{'lonHostID'};
my $hostname = &hostname($lonhost);
my $lcproto;
if (($keep_proto) \|\| ($hostname eq '')) {
$lcproto = $protocol;
} else {
$lcproto = $protocol{$lonhost};
$lcproto = 'http' if ($lcproto ne 'https');
$lcproto .= '://';
}
unless ($hostname eq '') {
return $lcproto.$hostname;
}
}
}
return $protocol.$host_name;	return $protocol.$host_name;
}	}

Line 3239 sub absolute_url {	Line 3164 sub absolute_url {
sub ssi {	sub ssi {

my ($fn,%form)=@_;	my ($fn,%form)=@_;
my ($host,$request,$response);	my $request;
$host = &absolute_url('',1);

$form{'no_update_last_known'}=1;	$form{'no_update_last_known'}=1;
&Apache::lonenc::check_encrypt(\$fn);	&Apache::lonenc::check_encrypt(\$fn);
if (%form) {	if (%form) {
$request=new HTTP::Request('POST',$host.$fn);	$request=new HTTP::Request('POST',&absolute_url().$fn);
$request->content(join('&',map {	$request->content(join('&',map {
my $name = escape($_);	my $name = escape($_);
"$name=" . ( ref($form{$_}) eq 'ARRAY'	"$name=" . ( ref($form{$_}) eq 'ARRAY'
? join("&$name=", map {escape($_) } @{$form{$_}})	? join("&$name=", map {escape($_) } @{$form{$_}})
: &escape($form{$_}) );	: &escape($form{$_}) );
} keys(%form)));	} keys(%form)));
} else {	} else {
$request=new HTTP::Request('GET',$host.$fn);	$request=new HTTP::Request('GET',&absolute_url().$fn);
}	}

$request->header(Cookie => $ENV{'HTTP_COOKIE'});	$request->header(Cookie => $ENV{'HTTP_COOKIE'});
	my $lonhost = $perlvar{'lonHostID'};
	my $response= &LONCAPA::LWPReq::makerequest($lonhost,$request,'',\%perlvar);

if (($env{'request.course.id'}) &&
($form{'grade_courseid'} eq $env{'request.course.id'}) &&
($form{'grade_username'} ne '') && ($form{'grade_domain'} ne '') &&
($form{'grade_symb'} ne '') &&
(&Apache::lonnet::allowed('mgr',$env{'request.course.id'}.
($env{'request.course.sec'}?'/'.$env{'request.course.sec'}:'')))) {
if (LWP::UserAgent->VERSION >= 5.834) {
my $ua=new LWP::UserAgent;
$ua->local_address('127.0.0.1');
$response = $ua->request($request);
} else {
{
require LWP::Protocol::http;
local @LWP::Protocol::http::EXTRA_SOCK_OPTS = (LocalAddr => '127.0.0.1');
my $ua=new LWP::UserAgent;
$response = $ua->request($request);
@LWP::Protocol::http::EXTRA_SOCK_OPTS = ();
}
}
} else {
my $ua=new LWP::UserAgent;
$response = $ua->request($request);
}
if (wantarray) {	if (wantarray) {
return ($response->content, $response);	return ($response->content, $response);
} else {	} else {
Line 3290 sub ssi {	Line 3193 sub ssi {

sub externalssi {	sub externalssi {
my ($url)=@_;	my ($url)=@_;
my $ua=new LWP::UserAgent;
my $request=new HTTP::Request('GET',$url);	my $request=new HTTP::Request('GET',$url);
my $response=$ua->request($request);	my $response = &LONCAPA::LWPReq::makerequest('',$request,'',\%perlvar);
if (wantarray) {	if (wantarray) {
return ($response->content, $response);	return ($response->content, $response);
} else {	} else {
Line 3300 sub externalssi {	Line 3202 sub externalssi {
}	}
}	}

# If the local copy of a replicated resource is outdated, trigger a
# connection from the homeserver to flush the delayed queue. If no update	# If the local copy of a replicated resource is outdated, trigger a
	# connection from the homeserver to flush the delayed queue. If no update
# happens, remove local copies of outdated resource (and corresponding	# happens, remove local copies of outdated resource (and corresponding
# metadata file).	# metadata file).

Line 3317 sub remove_stale_resfile {	Line 3220 sub remove_stale_resfile {
(grep { $_ eq $homeserver } &current_machine_ids())) {	(grep { $_ eq $homeserver } &current_machine_ids())) {
my $fname = &filelocation('',$url);	my $fname = &filelocation('',$url);
if (-e $fname) {	if (-e $fname) {
	my $protocol = $protocol{$homeserver};
	$protocol = 'http' if ($protocol ne 'https');
my $hostname = &hostname($homeserver);	my $hostname = &hostname($homeserver);
if ($hostname) {	if ($hostname) {
my $protocol = $protocol{$homeserver};	my $uri = &declutter($url);
$protocol = 'http' if ($protocol ne 'https');	my $request=new HTTP::Request('HEAD',$protocol.'://'.$hostname.'/raw/'.$uri);
my $uri = $protocol.'://'.$hostname.'/raw/'.&declutter($url);	my $response = &LONCAPA::LWPReq::makerequest($homeserver,$request,'',\%perlvar,5,0,1);
my $ua=new LWP::UserAgent;
$ua->timeout(5);
my $request=new HTTP::Request('HEAD',$uri);
my $response=$ua->request($request);
if ($response->is_success()) {	if ($response->is_success()) {
my $remmodtime = &HTTP::Date::str2time( $response->header('Last-modified') );	my $remmodtime = &HTTP::Date::str2time( $response->header('Last-modified') );
my $locmodtime = (stat($fname))[9];	my $locmodtime = (stat($fname))[9];
Line 3349 sub remove_stale_resfile {	Line 3250 sub remove_stale_resfile {
$stale = 1;	$stale = 1;
}	}
if ($stale) {	if ($stale) {
if (unlink($fname)) {	unlink($fname);
if ($uri!~/\.meta$/) {	if ($uri!~/\.meta$/) {
if (-e $fname.'.meta') {	unlink($fname.'.meta');
unlink($fname.'.meta');
}
}
my $unsubresult = &unsubscribe($fname);
unless ($unsubresult eq 'ok') {
&logthis("no unsub of $fname from $homeserver, reason: $unsubresult");
}
$removed = 1;
}	}
	&reply("unsub:$fname",$homeserver);
	$removed = 1;
}	}
}	}
}	}
Line 3388 sub allowuploaded {	Line 3283 sub allowuploaded {
#	#
# Determine if the current user should be able to edit a particular resource,	# Determine if the current user should be able to edit a particular resource,
# when viewing in course context.	# when viewing in course context.
# (a) When viewing resource used to determine if "Edit" item is included in	# (a) When viewing resource used to determine if "Edit" item is included in
# Functions.	# Functions.
# (b) When displaying folder contents in course editor, used to determine if	# (b) When displaying folder contents in course editor, used to determine if
# "Edit" link will be displayed alongside resource.	# "Edit" link will be displayed alongside resource.
Line 3396 sub allowuploaded {	Line 3291 sub allowuploaded {
# input: six args -- filename (decluttered), course number, course domain,	# input: six args -- filename (decluttered), course number, course domain,
# url, symb (if registered) and group (if this is a group	# url, symb (if registered) and group (if this is a group
# item -- e.g., bulletin board, group page etc.).	# item -- e.g., bulletin board, group page etc.).
# output: array of five scalars --	# output: array of five scalars --
# $cfile -- url for file editing if editable on current server	# $cfile -- url for file editing if editable on current server
# $home -- homeserver of resource (i.e., for author if published,	# $home -- homeserver of resource (i.e., for author if published,
# or course if uploaded.).	# or course if uploaded.).
# $switchserver -- 1 if server switch will be needed.	# $switchserver -- 1 if server switch will be needed.
# $forceedit -- 1 if icon/link should be to go to edit mode	# $forceedit -- 1 if icon/link should be to go to edit mode
# $forceview -- 1 if icon/link should be to go to view mode	# $forceview -- 1 if icon/link should be to go to view mode
#	#

Line 3461 sub can_edit_resource {	Line 3356 sub can_edit_resource {
return;	return;
}	}
} elsif (!$crsedit) {	} elsif (!$crsedit) {
if ($env{'request.role'} =~ m{^st\./$cdom/$cnum}) {
#	#
# No edit allowed where CC has switched to student role.	# No edit allowed where CC has switched to student role.
#	#
return;	return;
} elsif (($resurl !~ m{^/res/$match_domain/$match_username/}) \|\|
($resurl =~ m{^/res/lib/templates/})) {
return;
}
}	}
}	}
}	}
Line 3495 sub can_edit_resource {	Line 3385 sub can_edit_resource {
$forceedit = 1;	$forceedit = 1;
}	}
$cfile = $resurl;	$cfile = $resurl;
} elsif (($resurl ne '') && (&is_on_map($resurl))) {	} elsif (($resurl ne '') && (&is_on_map($resurl))) {
if ($resurl =~ m{^/adm/$match_domain/$match_username/\d+/smppg\|bulletinboard$}) {	if ($resurl =~ m{^/adm/$match_domain/$match_username/\d+/smppg\|bulletinboard$}) {
$incourse = 1;	$incourse = 1;
if ($env{'form.forceedit'}) {	if ($env{'form.forceedit'}) {
Line 3515 sub can_edit_resource {	Line 3405 sub can_edit_resource {
$forceedit = 1;	$forceedit = 1;
}	}
$cfile = $resurl;	$cfile = $resurl;
} elsif (($resurl =~ m{^/ext/}) && ($symb ne '')) {	} elsif ($resurl =~ m{^/adm/wrapper/adm/$cdom/$cnum/\d+/ext\.tool$}) {
my ($map,$id,$res) = &decode_symb($symb);	$incourse = 1;
if ($map =~ /\.page$/) {	if ($env{'form.forceedit'}) {
$incourse = 1;	$forceview = 1;
if ($env{'form.forceedit'}) {	} else {
$forceview = 1;	$forceedit = 1;
$cfile = $map;
} else {
$forceedit = 1;
$cfile = '/adm/wrapper'.$resurl;
}
}	}
	$cfile = $resurl;
} elsif ($resurl =~ m{^/?adm/viewclasslist$}) {	} elsif ($resurl =~ m{^/?adm/viewclasslist$}) {
$incourse = 1;	$incourse = 1;
if ($env{'form.forceedit'}) {	if ($env{'form.forceedit'}) {
Line 3538 sub can_edit_resource {	Line 3424 sub can_edit_resource {
}	}
} elsif ($resurl eq '/res/lib/templates/simpleproblem.problem/smpedit') {	} elsif ($resurl eq '/res/lib/templates/simpleproblem.problem/smpedit') {
my $template = '/res/lib/templates/simpleproblem.problem';	my $template = '/res/lib/templates/simpleproblem.problem';
if (&is_on_map($template)) {	if (&is_on_map($template)) {
$incourse = 1;	$incourse = 1;
$forceview = 1;	$forceview = 1;
$cfile = $template;	$cfile = $template;
}	}
} elsif (($resurl =~ m{^/adm/wrapper/ext/}) && ($env{'form.folderpath'} =~ /^supplemental/)) {	} elsif (($resurl =~ m{^/adm/wrapper/ext/}) && ($env{'form.folderpath'} =~ /^supplemental/)) {
	$incourse = 1;
	if ($env{'form.forceedit'}) {
	$forceview = 1;
	} else {
	$forceedit = 1;
	}
	$cfile = $resurl;
	} elsif (($resurl =~ m{^/adm/wrapper/adm/$cdom/$cnum/\d+/ext\.tool$}) && ($env{'form.folderpath'} =~ /^supplemental/)) {
$incourse = 1;	$incourse = 1;
if ($env{'form.forceedit'}) {	if ($env{'form.forceedit'}) {
$forceview = 1;	$forceview = 1;
Line 3560 sub can_edit_resource {	Line 3454 sub can_edit_resource {
$cfile = &clutter($res);	$cfile = &clutter($res);
} else {	} else {
$cfile = $env{'form.suppurl'};	$cfile = $env{'form.suppurl'};
$cfile =~ s{^http://}{};	my $escfile = &unescape($cfile);
$cfile = '/adm/wrapper/ext/'.$cfile;	if ($escfile =~ m{^/adm/$cdom/$cnum/\d+/ext\.tool$}) {
	$cfile = '/adm/wrapper'.$escfile;
	} else {
	$escfile =~ s{^http://}{};
	$cfile = &escape("/adm/wrapper/ext/$escfile");
	}
}	}
} elsif ($resurl =~ m{^/?adm/viewclasslist$}) {	} elsif ($resurl =~ m{^/?adm/viewclasslist$}) {
if ($env{'form.forceedit'}) {	if ($env{'form.forceedit'}) {
Line 3585 sub can_edit_resource {	Line 3484 sub can_edit_resource {
$cfile=$file;	$cfile=$file;
}	}
}	}
if (($cfile ne '') && (!$incourse \|\| $uploaded) &&	if (($cfile ne '') && (!$incourse \|\| $uploaded) &&
(($home ne '') && ($home ne 'no_host'))) {	(($home ne '') && ($home ne 'no_host'))) {
my @ids=&current_machine_ids();	my @ids=&current_machine_ids();
unless (grep(/^\Q$home\E$/,@ids)) {	unless (grep(/^\Q$home\E$/,@ids)) {
Line 3612 sub in_course {	Line 3511 sub in_course {
if ($hideprivileged) {	if ($hideprivileged) {
my $skipuser;	my $skipuser;
my %coursehash = &coursedescription($cdom.'_'.$cnum);	my %coursehash = &coursedescription($cdom.'_'.$cnum);
my @possdoms = ($cdom);	my @possdoms = ($cdom);
if ($coursehash{'checkforpriv'}) {	if ($coursehash{'checkforpriv'}) {
push(@possdoms,split(/,/,$coursehash{'checkforpriv'}));	push(@possdoms,split(/,/,$coursehash{'checkforpriv'}));
}	}
if (&privileged($uname,$udom,\@possdoms)) {	if (&privileged($uname,$udom,\@possdoms)) {
$skipuser = 1;	$skipuser = 1;
Line 3800 sub clean_filename {	Line 3699 sub clean_filename {
}	}
# Replace spaces by underscores	# Replace spaces by underscores
$fname=~s/\s+/\_/g;	$fname=~s/\s+/\_/g;
# Transliterate non-ascii text to ascii
my $lang = &Apache::lonlocal::current_language();
$fname = &LONCAPA::transliterate::fname_to_ascii($fname,$lang);
# Replace all other weird characters by nothing	# Replace all other weird characters by nothing
$fname=~s{[^/\w\.\-]}{}g;	$fname=~s{[^/\w\.\-]}{}g;
# Replace all .\d. sequences with _\d. so they no longer look like version	# Replace all .\d. sequences with _\d. so they no longer look like version
# numbers	# numbers
$fname=~s/\.(\d+)(?=\.)/_$1/g;	$fname=~s/\.(\d+)(?=\.)/_$1/g;
# Replace three or more adjacent underscores with one for consistency
# with loncfile::filename_check() so complete url can be extracted by
# lonnet::decode_symb()
$fname=~s/_{3,}/_/g;
return $fname;	return $fname;
}	}

# This Function checks if an Image's dimensions exceed either $resizewidth (width)	# This Function checks if an Image's dimensions exceed either $resizewidth (width)
# or $resizeheight (height) - both pixels. If so, the image is scaled to produce an	# or $resizeheight (height) - both pixels. If so, the image is scaled to produce an
# image with the same aspect ratio as the original, but with dimensions which do	# image with the same aspect ratio as the original, but with dimensions which do
Line 3857 sub resizeImage {	Line 3748 sub resizeImage {
# input: $formname - the contents of the file are in $env{"form.$formname"}	# input: $formname - the contents of the file are in $env{"form.$formname"}
# the desired filename is in $env{"form.$formname.filename"}	# the desired filename is in $env{"form.$formname.filename"}
# $context - possible values: coursedoc, existingfile, overwrite,	# $context - possible values: coursedoc, existingfile, overwrite,
# canceloverwrite, scantron or ''.	# canceloverwrite, or ''.
# if 'coursedoc': upload to the current course	# if 'coursedoc': upload to the current course
# if 'existingfile': write file to tmp/overwrites directory	# if 'existingfile': write file to tmp/overwrites directory
# if 'canceloverwrite': delete file written to tmp/overwrites directory	# if 'canceloverwrite': delete file written to tmp/overwrites directory
# $context is passed as argument to &finishuserfileupload	# $context is passed as argument to &finishuserfileupload
# $subdir - directory in userfile to store the file into	# $subdir - directory in userfile to store the file into
# $parser - instruction to parse file for objects ($parser = parse) or	# $parser - instruction to parse file for objects ($parser = parse)
# if context is 'scantron', $parser is hashref of csv column mapping
# (e.g.,{ PaperID => 0, LastName => 1, FirstName => 2, ID => 3,
# Section => 4, CODE => 5, FirstQuestion => 9 }).
# $allfiles - reference to hash for embedded objects	# $allfiles - reference to hash for embedded objects
# $codebase - reference to hash for codebase of java objects	# $codebase - reference to hash for codebase of java objects
# $desuname - username for permanent storage of uploaded file	# $desuname - username for permanent storage of uploaded file
Line 3889 sub userfileupload {	Line 3777 sub userfileupload {
$fname=&clean_filename($fname);	$fname=&clean_filename($fname);
# See if there is anything left	# See if there is anything left
unless ($fname) { return 'error: no uploaded file'; }	unless ($fname) { return 'error: no uploaded file'; }
# If filename now begins with a . prepend unix timestamp _ milliseconds
if ($fname =~ /^\./) {
my ($s,$usec) = &gettimeofday();
while (length($usec) < 6) {
$usec = '0'.$usec;
}
$fname = $s.'_'.substr($usec,0,3).$fname;
}
# Files uploaded to help request form, or uploaded to "create course" page are handled differently	# Files uploaded to help request form, or uploaded to "create course" page are handled differently
if ((($formname eq 'screenshot') && ($subdir eq 'helprequests')) \|\|	if ((($formname eq 'screenshot') && ($subdir eq 'helprequests')) \|\|
(($formname eq 'coursecreatorxml') && ($subdir eq 'batchupload')) \|\|	(($formname eq 'coursecreatorxml') && ($subdir eq 'batchupload')) \|\|
Line 3915 sub userfileupload {	Line 3795 sub userfileupload {
} else {	} else {
$docudom = $env{'user.domain'};	$docudom = $env{'user.domain'};
}	}
if ($destuname =~ /^$match_username$/) {	if ($destuname =~ /^$match_username$/) {
$docuname = $destuname;	$docuname = $destuname;
} else {	} else {
$docuname = $env{'user.name'};	$docuname = $env{'user.name'};
Line 4064 sub finishuserfileupload {	Line 3944 sub finishuserfileupload {
}	}
}	}
}	}
if (($context ne 'scantron') && ($parser eq 'parse')) {	if ($parser eq 'parse') {
if ((ref($mimetype)) && ($$mimetype eq 'text/html')) {	if ((ref($mimetype)) && ($$mimetype eq 'text/html')) {
my $parse_result = &extract_embedded_items($filepath.'/'.$file,	my $parse_result = &extract_embedded_items($filepath.'/'.$file,
$allfiles,$codebase);	$allfiles,$codebase);
Line 4073 sub finishuserfileupload {	Line 3953 sub finishuserfileupload {
' for embedded media: '.$parse_result);	' for embedded media: '.$parse_result);
}	}
}	}
} elsif (($context eq 'scantron') && (ref($parser) eq 'HASH')) {
my $format = $env{'form.scantron_format'};
&bubblesheet_converter($docudom,$filepath.'/'.$file,$parser,$format);
}	}
if (($thumbwidth =~ /^\d+$/) && ($thumbheight =~ /^\d+$/)) {	if (($thumbwidth =~ /^\d+$/) && ($thumbheight =~ /^\d+$/)) {
my $input = $filepath.'/'.$file;	my $input = $filepath.'/'.$file;
Line 4141 sub extract_embedded_items {	Line 4018 sub extract_embedded_items {
}	}
if (lc($tagname) eq 'a') {	if (lc($tagname) eq 'a') {
unless (($attr->{'href'} =~ /^#/) \|\| ($attr->{'href'} eq '')) {	unless (($attr->{'href'} =~ /^#/) \|\| ($attr->{'href'} eq '')) {
&add_filetype($allfiles,$attr->{'href'},'href');	&add_filetype($allfiles,$attr->{'href'},'href');
}	}
}	}
if (lc($tagname) eq 'script') {	if (lc($tagname) eq 'script') {
Line 4316 sub embedded_dependency {	Line 4193 sub embedded_dependency {
return;	return;
}	}

sub bubblesheet_converter {
my ($cdom,$fullpath,$config,$format) = @_;
if ((&domain($cdom) ne '') &&
($fullpath =~ m{^\Q$perlvar{'lonDocRoot'}/userfiles/$cdom/\E$match_courseid/scantron_orig}) &&
(-e $fullpath) && (ref($config) eq 'HASH') && ($format ne '')) {
my (%csvcols,%csvoptions);
if (ref($config->{'fields'}) eq 'HASH') {
%csvcols = %{$config->{'fields'}};
}
if (ref($config->{'options'}) eq 'HASH') {
%csvoptions = %{$config->{'options'}};
}
my %csvbynum = reverse(%csvcols);
my %scantronconf = &get_scantron_config($format,$cdom);
if (keys(%scantronconf)) {
my %bynum = (
$scantronconf{CODEstart} => 'CODEstart',
$scantronconf{IDstart} => 'IDstart',
$scantronconf{PaperID} => 'PaperID',
$scantronconf{FirstName} => 'FirstName',
$scantronconf{LastName} => 'LastName',
$scantronconf{Qstart} => 'Qstart',
);
my @ordered;
foreach my $item (sort { $a <=> $b } keys(%bynum)) {
push(@ordered,$bynum{$item});
}
my %mapstart = (
CODEstart => 'CODE',
IDstart => 'ID',
PaperID => 'PaperID',
FirstName => 'FirstName',
LastName => 'LastName',
Qstart => 'FirstQuestion',
);
my %maplength = (
CODEstart => 'CODElength',
IDstart => 'IDlength',
PaperID => 'PaperIDlength',
FirstName => 'FirstNamelength',
LastName => 'LastNamelength',
);
if (open(my $fh,'<',$fullpath)) {
my $output;
my %lettdig = &letter_to_digits();
my %diglett = reverse(%lettdig);
my $numletts = scalar(keys(%lettdig));
my $num = 0;
while (my $line=<$fh>) {
$num ++;
next if (($num == 1) && ($csvoptions{'hdr'} == 1));
$line =~ s{[\r\n]+$}{};
my %found;
my @values = split(/,/,$line,-1);
my ($qstart,$record);
for (my $i=0; $i<@values; $i++) {
if ((($qstart ne '') && ($i > $qstart)) \|\|
($csvbynum{$i} eq 'FirstQuestion')) {
if ($values[$i] eq '') {
$values[$i] = $scantronconf{'Qoff'};
} elsif ($scantronconf{'Qon'} eq 'number') {
if ($values[$i] =~ /^[A-Ja-j]$/) {
$values[$i] = $lettdig{uc($values[$i])};
}
} elsif ($scantronconf{'Qon'} eq 'letter') {
if ($values[$i] =~ /^[0-9]$/) {
$values[$i] = $diglett{$values[$i]};
}
} else {
if ($values[$i] =~ /^[0-9A-Ja-j]$/) {
my $digit;
if ($values[$i] =~ /^[A-Ja-j]$/) {
$digit = $lettdig{uc($values[$i])}-1;
if ($values[$i] eq 'J') {
$digit += $numletts;
}
} elsif ($values[$i] =~ /^[0-9]$/) {
$digit = $values[$i]-1;
if ($values[$i] eq '0') {
$digit += $numletts;
}
}
my $qval='';
for (my $j=0; $j<$scantronconf{'Qlength'}; $j++) {
if ($j == $digit) {
$qval .= $scantronconf{'Qon'};
} else {
$qval .= $scantronconf{'Qoff'};
}
}
$values[$i] = $qval;
}
}
if (length($values[$i]) > $scantronconf{'Qlength'}) {
$values[$i] = substr($values[$i],0,$scantronconf{'Qlength'});
}
my $numblank = $scantronconf{'Qlength'} - length($values[$i]);
if ($numblank > 0) {
$values[$i] .= ($scantronconf{'Qoff'} x $numblank);
}
if ($csvbynum{$i} eq 'FirstQuestion') {
$qstart = $i;
$found{$csvbynum{$i}} = $values[$i];
} else {
$found{'FirstQuestion'} .= $values[$i];
}
} elsif (exists($csvbynum{$i})) {
if ($csvoptions{'rem'}) {
$values[$i] =~ s/^\s+//;
}
if (($csvbynum{$i} eq 'PaperID') && ($csvoptions{'pad'})) {
while (length($values[$i]) < $scantronconf{$maplength{$csvbynum{$i}}}) {
$values[$i] = '0'.$values[$i];
}
}
$found{$csvbynum{$i}} = $values[$i];
}
}
foreach my $item (@ordered) {
my $currlength = 1+length($record);
my $numspaces = $scantronconf{$item} - $currlength;
if ($numspaces > 0) {
$record .= (' ' x $numspaces);
}
if (($mapstart{$item} ne '') && (exists($found{$mapstart{$item}}))) {
unless ($item eq 'Qstart') {
if (length($found{$mapstart{$item}}) > $scantronconf{$maplength{$item}}) {
$found{$mapstart{$item}} = substr($found{$mapstart{$item}},0,$scantronconf{$maplength{$item}});
}
}
$record .= $found{$mapstart{$item}};
}
}
$output .= "$record\n";
}
close($fh);
if ($output) {
if (open(my $fh,'>',$fullpath)) {
print $fh $output;
close($fh);
}
}
}
}
return;
}
}

sub letter_to_digits {
my %lettdig = (
A => 1,
B => 2,
C => 3,
D => 4,
E => 5,
F => 6,
G => 7,
H => 8,
I => 9,
J => 0,
);
return %lettdig;
}

sub get_scantron_config {
my ($which,$cdom) = @_;
my @lines = &get_scantronformat_file($cdom);
my %config;
#FIXME probably should move to XML it has already gotten a bit much now
foreach my $line (@lines) {
my ($name,$descrip)=split(/:/,$line);
if ($name ne $which ) { next; }
chomp($line);
my @config=split(/:/,$line);
$config{'name'}=$config[0];
$config{'description'}=$config[1];
$config{'CODElocation'}=$config[2];
$config{'CODEstart'}=$config[3];
$config{'CODElength'}=$config[4];
$config{'IDstart'}=$config[5];
$config{'IDlength'}=$config[6];
$config{'Qstart'}=$config[7];
$config{'Qlength'}=$config[8];
$config{'Qoff'}=$config[9];
$config{'Qon'}=$config[10];
$config{'PaperID'}=$config[11];
$config{'PaperIDlength'}=$config[12];
$config{'FirstName'}=$config[13];
$config{'FirstNamelength'}=$config[14];
$config{'LastName'}=$config[15];
$config{'LastNamelength'}=$config[16];
$config{'BubblesPerRow'}=$config[17];
last;
}
return %config;
}

sub get_scantronformat_file {
my ($cdom) = @_;
if ($cdom eq '') {
$cdom= $env{'course.'.$env{'request.course.id'}.'.domain'};
}
my %domconfig = &get_dom('configuration',['scantron'],$cdom);
my $gottab = 0;
my @lines;
if (ref($domconfig{'scantron'}) eq 'HASH') {
if ($domconfig{'scantron'}{'scantronformat'} ne '') {
my $formatfile = &getfile($perlvar{'lonDocRoot'}.$domconfig{'scantron'}{'scantronformat'});
if ($formatfile ne '-1') {
@lines = split("\n",$formatfile,-1);
$gottab = 1;
}
}
}
if (!$gottab) {
my $confname = $cdom.'-domainconfig';
my $default = $perlvar{'lonDocRoot'}.'/res/'.$cdom.'/'.$confname.'/default.tab';
my $formatfile = &getfile($default);
if ($formatfile ne '-1') {
@lines = split("\n",$formatfile,-1);
$gottab = 1;
}
}
if (!$gottab) {
my @domains = &current_machine_domains();
if (grep(/^\Q$cdom\E$/,@domains)) {
if (open(my $fh,'<',$perlvar{'lonTabDir'}.'/scantronformat.tab')) {
@lines = <$fh>;
close($fh);
}
} else {
if (open(my $fh,'<',$perlvar{'lonTabDir'}.'/default_scantronformat.tab')) {
@lines = <$fh>;
close($fh);
}
}
chomp(@lines);
}
return @lines;
}

sub removeuploadedurl {	sub removeuploadedurl {
my ($url)=@_;	my ($url)=@_;
my (undef,undef,$udom,$uname,$fname)=split('/',$url,5);	my (undef,undef,$udom,$uname,$fname)=split('/',$url,5);
Line 4674 sub flushcourselogs {	Line 4310 sub flushcourselogs {
if (! defined($dom) \|\| $dom eq '' \|\|	if (! defined($dom) \|\| $dom eq '' \|\|
! defined($name) \|\| $name eq '') {	! defined($name) \|\| $name eq '') {
my $cid = $env{'request.course.id'};	my $cid = $env{'request.course.id'};
#
# FIXME 11/29/2021
# Typo in rev. 1.458 (2003/12/09)??
# These should likely by $env{'course.'.$cid.'.domain'} and $env{'course.'.$cid.'.num'}
#
# While these ramain as $env{'request.'.$cid.'.domain'} and $env{'request.'.$cid.'.num'}
# $dom and $name will always be null, so the &inc() call will default to storing this data
# in a nohist_accesscount.db file for the user rather than the course.
#
# That said there is a lot of noise in the data being stored.
# So counts for prtspool/ and adm/ etc. are recorded.
#
# A review of which items ending '___count' are written to %accesshash should likely be
# made before deciding whether to set these to 'course.' instead of 'request.'
#
# Under the current scheme each user receives a nohist_accesscount.db file listing
# accesses for things which are not published resources, regardless of course, and
# there is not a nohist_accesscount.db file in a course, which might log accesses from
# anyone in the course for things which are not published resources.
#
# For an author, nohist_accesscount.db ends up having records for other items
# mixed up with the legitimate access counts for the author's published resources.
#
$dom = $env{'request.'.$cid.'.domain'};	$dom = $env{'request.'.$cid.'.domain'};
$name = $env{'request.'.$cid.'.num'};	$name = $env{'request.'.$cid.'.num'};
}	}
Line 4745 sub flushcourselogs {	Line 4358 sub flushcourselogs {
delete $domainrolehash{$entry};	delete $domainrolehash{$entry};
}	}
foreach my $dom (keys(%domrolebuffer)) {	foreach my $dom (keys(%domrolebuffer)) {
my %servers;	my %servers;
if (defined(&domain($dom,'primary'))) {	if (defined(&domain($dom,'primary'))) {
my $primary=&domain($dom,'primary');	my $primary=&domain($dom,'primary');
my $hostname=&hostname($primary);	my $hostname=&hostname($primary);
$servers{$primary} = $hostname;	$servers{$primary} = $hostname;
} else {	} else {
%servers = &get_servers($dom,'library');	%servers = &get_servers($dom,'library');
}	}
foreach my $tryserver (keys(%servers)) {	foreach my $tryserver (keys(%servers)) {
if (&reply('domroleput:'.$dom.':'.	if (&reply('domroleput:'.$dom.':'.
$domrolebuffer{$dom},$tryserver) eq 'ok') {	$domrolebuffer{$dom},$tryserver) eq 'ok') {
last;	last;
} else {	} else {
&logthis('Put of domain roles failed for '.$dom.' and '.$tryserver);	&logthis('Put of domain roles failed for '.$dom.' and '.$tryserver);
}	}
}	}
Line 4806 sub courseacclog {	Line 4419 sub courseacclog {
if ($formitem =~ /^HWFILE(?:SIZE\|TOOBIG)/) {	if ($formitem =~ /^HWFILE(?:SIZE\|TOOBIG)/) {
$what.=':'.$formitem.'='.$env{$key};	$what.=':'.$formitem.'='.$env{$key};
} elsif ($formitem !~ /^HWFILE(?:[^.]+)$/) {	} elsif ($formitem !~ /^HWFILE(?:[^.]+)$/) {
if ($formitem eq 'proctorpassword') {	$what.=':'.$formitem.'='.$env{$key};
$what.=':'.$formitem.'=' . '*' x length($env{$key});
} else {
$what.=':'.$formitem.'='.$env{$key};
}
}	}
}	}
}	}
Line 5089 sub get_my_roles {	Line 4698 sub get_my_roles {
} else {	} else {
my $possdoms = [$domain];	my $possdoms = [$domain];
if (ref($roledoms) eq 'ARRAY') {	if (ref($roledoms) eq 'ARRAY') {
push(@{$possdoms},@{$roledoms});	push(@{$possdoms},@{$roledoms});
}	}
if (&privileged($username,$domain,$possdoms,\@privroles)) {	if (&privileged($username,$domain,$possdoms,\@privroles)) {
if (!$nothide{$username.':'.$domain}) {	if (!$nothide{$username.':'.$domain}) {
Line 5386 sub courseiddump {	Line 4995 sub courseiddump {
if (($domfilter eq '') \|\|	if (($domfilter eq '') \|\|
(&host_domain($tryserver) eq $domfilter)) {	(&host_domain($tryserver) eq $domfilter)) {
my $rep;	my $rep;
if (grep { $_ eq $tryserver } &current_machine_ids()) {	if (grep { $_ eq $tryserver } current_machine_ids()) {
$rep = &LONCAPA::Lond::dump_course_id_handler(	$rep = LONCAPA::Lond::dump_course_id_handler(
join(":", (&host_domain($tryserver), $sincefilter,	join(":", (&host_domain($tryserver), $sincefilter,
&escape($descfilter), &escape($instcodefilter),	&escape($descfilter), &escape($instcodefilter),
&escape($ownerfilter), &escape($coursefilter),	&escape($ownerfilter), &escape($coursefilter),
&escape($typefilter), &escape($regexp_ok),	&escape($typefilter), &escape($regexp_ok),
$as_hash, &escape($selfenrollonly),	$as_hash, &escape($selfenrollonly),
&escape($catfilter), $showhidden, $caller,	&escape($catfilter), $showhidden, $caller,
&escape($cloner), &escape($cc_clone), $cloneonly,	&escape($cloner), &escape($cc_clone), $cloneonly,
&escape($createdbefore), &escape($createdafter),	&escape($createdbefore), &escape($createdafter),
&escape($creationcontext),$domcloner,$hasuniquecode,	&escape($creationcontext),$domcloner,$hasuniquecode,
$reqcrsdom,&escape($reqinstcode))));	$reqcrsdom,&escape($reqinstcode))));
} else {	} else {
Line 5411 sub courseiddump {	Line 5020 sub courseiddump {
&escape($creationcontext).':'.$domcloner.':'.$hasuniquecode.	&escape($creationcontext).':'.$domcloner.':'.$hasuniquecode.
':'.$reqcrsdom.':'.&escape($reqinstcode),$tryserver);	':'.$reqcrsdom.':'.&escape($reqinstcode),$tryserver);
}	}

my @pairs=split(/\&/,$rep);	my @pairs=split(/\&/,$rep);
foreach my $item (@pairs) {	foreach my $item (@pairs) {
my ($key,$value)=split(/\=/,$item,2);	my ($key,$value)=split(/\=/,$item,2);
Line 5462 sub courselastaccess {	Line 5071 sub courselastaccess {
sub extract_lastaccess {	sub extract_lastaccess {
my ($returnhash,$rep) = @_;	my ($returnhash,$rep) = @_;
if (ref($returnhash) eq 'HASH') {	if (ref($returnhash) eq 'HASH') {
unless ($rep eq 'unknown_cmd' \|\| $rep eq 'no_such_host' \|\|	unless ($rep eq 'unknown_command' \|\| $rep eq 'no_such_host' \|\|
$rep eq 'con_lost' \|\| $rep eq 'rejected' \|\| $rep eq 'refused' \|\|	$rep eq 'con_lost' \|\| $rep eq 'rejected' \|\| $rep eq 'refused' \|\|
$rep eq '') {	$rep eq '') {
my @pairs=split(/\&/,$rep);	my @pairs=split(/\&/,$rep);
Line 5566 my %cachedtimes=();	Line 5175 my %cachedtimes=();
my $cachedtime='';	my $cachedtime='';

sub load_all_first_access {	sub load_all_first_access {
my ($uname,$udom)=@_;	my ($uname,$udom,$ignorecache)=@_;
if (($cachedkey eq $uname.':'.$udom) &&	if (($cachedkey eq $uname.':'.$udom) &&
(abs($cachedtime-time)<5) && (!$env{'form.markaccess'})) {	(abs($cachedtime-time)<5) && (!$env{'form.markaccess'}) &&
	(!$ignorecache)) {
return;	return;
}	}
$cachedtime=time;	$cachedtime=time;
Line 5577 sub load_all_first_access {	Line 5187 sub load_all_first_access {
}	}

sub get_first_access {	sub get_first_access {
my ($type,$argsymb,$argmap)=@_;	my ($type,$argsymb,$argmap,$ignorecache)=@_;
my ($symb,$courseid,$udom,$uname)=&whichuser();	my ($symb,$courseid,$udom,$uname)=&whichuser();
if ($argsymb) { $symb=$argsymb; }	if ($argsymb) { $symb=$argsymb; }
my ($map,$id,$res)=&decode_symb($symb);	my ($map,$id,$res)=&decode_symb($symb);
Line 5589 sub get_first_access {	Line 5199 sub get_first_access {
} else {	} else {
$res=$symb;	$res=$symb;
}	}
&load_all_first_access($uname,$udom);	&load_all_first_access($uname,$udom,$ignorecache);
return $cachedtimes{"$courseid\0$res"};	return $cachedtimes{"$courseid\0$res"};
}	}

Line 5606 sub set_first_access {	Line 5216 sub set_first_access {
}	}
$cachedkey='';	$cachedkey='';
my $firstaccess=&get_first_access($type,$symb,$map);	my $firstaccess=&get_first_access($type,$symb,$map);
if ($firstaccess) {	if (!$firstaccess) {
&logthis("First access time already set ($firstaccess) when attempting ".
"to set new value (type: $type, extent: $res) for $uname:$udom ".
"in $courseid");
return 'already_set';
} else {
my $start = time;	my $start = time;
my $putres = &put('firstaccesstimes',{"$courseid\0$res"=>$start},	my $putres = &put('firstaccesstimes',{"$courseid\0$res"=>$start},
$udom,$uname);	$udom,$uname);
Line 5627 sub set_first_access {	Line 5232 sub set_first_access {
if (($cachedtime) && (abs($start-$cachedtime) < 5)) {	if (($cachedtime) && (abs($start-$cachedtime) < 5)) {
$cachedtimes{"$courseid\0$res"} = $start;	$cachedtimes{"$courseid\0$res"} = $start;
}	}
} elsif ($putres ne 'refused') {
&logthis("Result: $putres when attempting to set first access time ".
"(type: $type, extent: $res) for $uname:$udom in $courseid");
}	}
return $putres;	return $putres;
}	}
Line 5637 sub set_first_access {	Line 5239 sub set_first_access {
}	}
}	}

sub checkout {
my ($symb,$tuname,$tudom,$tcrsid)=@_;
my $now=time;
my $lonhost=$perlvar{'lonHostID'};
my $ip = &get_requestor_ip();
my $infostr=&escape(
'CHECKOUTTOKEN&'.
$tuname.'&'.
$tudom.'&'.
$tcrsid.'&'.
$symb.'&'.
$now.'&'.$ip);
my $token=&reply('tmpput:'.$infostr,$lonhost);
if ($token=~/^error\:/) {
&logthis("<font color=\"blue\">WARNING: ".
"Checkout tmpput failed ".$tudom.' - '.$tuname.' - '.$symb.
"</font>");
return '';
}

$token=~s/^(\d+)\_.\_(\d+)$/$1\$2\*$lonhost/;
$token=~tr/a-z/A-Z/;

my %infohash=('resource.0.outtoken' => $token,
'resource.0.checkouttime' => $now,
'resource.0.outremote' => $ip);

unless (&cstore(\%infohash,$symb,$tcrsid,$tudom,$tuname) eq 'ok') {
return '';
} else {
&logthis("<font color=\"blue\">WARNING: ".
"Checkout cstore failed ".$tudom.' - '.$tuname.' - '.$symb.
"</font>");
}

if (&log($tudom,$tuname,&homeserver($tuname,$tudom),
&escape('Checkout '.$infostr.' - '.
$token)) ne 'ok') {
return '';
} else {
&logthis("<font color=\"blue\">WARNING: ".
"Checkout log failed ".$tudom.' - '.$tuname.' - '.$symb.
"</font>");
}
return $token;
}

# ------------------------------------------------------------ Check in an item

sub checkin {
my $token=shift;
my $now=time;
my ($ta,$tb,$lonhost)=split(/\*/,$token);
$lonhost=~tr/A-Z/a-z/;
my $dtoken=$ta.'_'.&hostname($lonhost).'_'.$tb;
$dtoken=~s/\W/\_/g;
my $ip = &get_requestor_ip();
my ($dummy,$tuname,$tudom,$tcrsid,$symb,$chtim,$rmaddr)=
split(/\&/,&unescape(&reply('tmpget:'.$dtoken,$lonhost)));

unless (($tuname) && ($tudom)) {
&logthis('Check in '.$token.' ('.$dtoken.') failed');
return '';
}

unless (&allowed('mgr',$tcrsid)) {
&logthis('Check in '.$token.' ('.$dtoken.') unauthorized: '.
$env{'user.name'}.' - '.$env{'user.domain'});
return '';
}

my %infohash=('resource.0.intoken' => $token,
'resource.0.checkintime' => $now,
'resource.0.inremote' => $ip);

unless (&cstore(\%infohash,$symb,$tcrsid,$tudom,$tuname) eq 'ok') {
return '';
}

if (&log($tudom,$tuname,&homeserver($tuname,$tudom),
&escape('Checkin - '.$token)) ne 'ok') {
return '';
}

return ($symb,$tuname,$tudom,$tcrsid);
}

# --------------------------------------------- Set Expire Date for Spreadsheet	# --------------------------------------------- Set Expire Date for Spreadsheet

sub expirespread {	sub expirespread {
Line 5978 sub tmpreset {	Line 5493 sub tmpreset {
if (!$domain) { $domain=$env{'user.domain'}; }	if (!$domain) { $domain=$env{'user.domain'}; }
if (!$stuname) { $stuname=$env{'user.name'}; }	if (!$stuname) { $stuname=$env{'user.name'}; }
if ($domain eq 'public' && $stuname eq 'public') {	if ($domain eq 'public' && $stuname eq 'public') {
$stuname=&get_requestor_ip();	$stuname=$ENV{'REMOTE_ADDR'};
}	}
my $path=LONCAPA::tempdir();	my $path=LONCAPA::tempdir();
my %hash;	my %hash;
Line 6015 sub tmpstore {	Line 5530 sub tmpstore {
if (!$domain) { $domain=$env{'user.domain'}; }	if (!$domain) { $domain=$env{'user.domain'}; }
if (!$stuname) { $stuname=$env{'user.name'}; }	if (!$stuname) { $stuname=$env{'user.name'}; }
if ($domain eq 'public' && $stuname eq 'public') {	if ($domain eq 'public' && $stuname eq 'public') {
$stuname=&get_requestor_ip();	$stuname=$ENV{'REMOTE_ADDR'};
}	}
my $now=time;	my $now=time;
my %hash;	my %hash;
Line 6059 sub tmprestore {	Line 5574 sub tmprestore {
if (!$domain) { $domain=$env{'user.domain'}; }	if (!$domain) { $domain=$env{'user.domain'}; }
if (!$stuname) { $stuname=$env{'user.name'}; }	if (!$stuname) { $stuname=$env{'user.name'}; }
if ($domain eq 'public' && $stuname eq 'public') {	if ($domain eq 'public' && $stuname eq 'public') {
$stuname=&get_requestor_ip();	$stuname=$ENV{'REMOTE_ADDR'};
}	}
my %returnhash;	my %returnhash;
$namespace=~s/\//\_/g;	$namespace=~s/\//\_/g;
Line 6115 sub store {	Line 5630 sub store {
}	}
if (!$home) { $home=$env{'user.home'}; }	if (!$home) { $home=$env{'user.home'}; }

$$storehash{'ip'}=&get_requestor_ip();	$$storehash{'ip'}=$ENV{'REMOTE_ADDR'};
$$storehash{'host'}=$perlvar{'lonHostID'};	$$storehash{'host'}=$perlvar{'lonHostID'};

my $namevalue='';	my $namevalue='';
Line 6151 sub cstore {	Line 5666 sub cstore {
}	}
if (!$home) { $home=$env{'user.home'}; }	if (!$home) { $home=$env{'user.home'}; }

$$storehash{'ip'}=&get_requestor_ip();	$$storehash{'ip'}=$ENV{'REMOTE_ADDR'};
$$storehash{'host'}=$perlvar{'lonHostID'};	$$storehash{'host'}=$perlvar{'lonHostID'};

my $namevalue='';	my $namevalue='';
Line 6317 sub privileged {	Line 5832 sub privileged {
my $now = time;	my $now = time;
my $roles;	my $roles;
if (ref($possroles) eq 'ARRAY') {	if (ref($possroles) eq 'ARRAY') {
$roles = $possroles;	$roles = $possroles;
} else {	} else {
$roles = ['dc','su'];	$roles = ['dc','su'];
}	}
Line 6344 sub privileged {	Line 5859 sub privileged {
for my $role (@rolesdump{grep { ! /^rolesdef_/ } keys(%rolesdump)}) {	for my $role (@rolesdump{grep { ! /^rolesdef_/ } keys(%rolesdump)}) {
my ($trole, $tend, $tstart) = split(/_/, $role);	my ($trole, $tend, $tstart) = split(/_/, $role);
if (grep(/^\Q$trole\E$/,@{$roles})) {	if (grep(/^\Q$trole\E$/,@{$roles})) {
return 1 unless ($tend && $tend < $now)	return 1 unless ($tend && $tend < $now)
or ($tstart && $tstart > $now);	or ($tstart && $tstart > $now);
}	}
}	}
Line 6382 sub privileged_by_domain {	Line 5897 sub privileged_by_domain {
my ($trole,$uname,$udom,$rest) = split(/:/,$item,4);	my ($trole,$uname,$udom,$rest) = split(/:/,$item,4);
my ($end,$start) = split(/:/,$dompersonnel{$server}{$item});	my ($end,$start) = split(/:/,$dompersonnel{$server}{$item});
next if ($end && $end < $now);	next if ($end && $end < $now);
$privileged{$dom}{$trole}{$uname.':'.$udom} =	$privileged{$dom}{$trole}{$uname.':'.$udom} =
$dompersonnel{$server}{$item};	$dompersonnel{$server}{$item};
}	}
}	}
Line 6815 sub check_adhoc_privs {	Line 6330 sub check_adhoc_privs {
my $cckey = 'user.role.'.$checkrole.'./'.$cdom.'/'.$cnum;	my $cckey = 'user.role.'.$checkrole.'./'.$cdom.'/'.$cnum;
if ($sec) {	if ($sec) {
$cckey .= '/'.$sec;	$cckey .= '/'.$sec;
}	}
my $setprivs;	my $setprivs;
if ($env{$cckey}) {	if ($env{$cckey}) {
my ($role,$where,$trolecode,$tstart,$tend,$tremark,$tstatus,$tpstart,$tpend);	my ($role,$where,$trolecode,$tstart,$tend,$tremark,$tstatus,$tpstart,$tpend);
Line 6860 sub set_adhoc_privileges {	Line 6375 sub set_adhoc_privileges {
unless ($caller eq 'constructaccess' && $env{'request.course.id'}) {	unless ($caller eq 'constructaccess' && $env{'request.course.id'}) {
&appenv( {'request.role' => $spec,	&appenv( {'request.role' => $spec,
'request.role.domain' => $dcdom,	'request.role.domain' => $dcdom,
'request.course.sec' => $sec,	'request.course.sec' => $sec,
}	}
);	);
my $tadv=0;	my $tadv=0;
Line 6920 sub unserialize {	Line 6435 sub unserialize {
return {} if $rep =~ /^error/;	return {} if $rep =~ /^error/;

my %returnhash=();	my %returnhash=();
foreach my $item (split(/\&/,$rep)) {	foreach my $item (split(/\&/,$rep)) {
my ($key, $value) = split(/=/, $item, 2);	my ($key, $value) = split(/=/, $item, 2);
$key = unescape($key) unless $escapedkeys;	$key = unescape($key) unless $escapedkeys;
next if $key =~ /^error: 2 /;	next if $key =~ /^error: 2 /;
$returnhash{$key} = &thaw_unescape($value);	$returnhash{$key} = &thaw_unescape($value);
}	}
	#return %returnhash;
return \%returnhash;	return \%returnhash;
}	}

# see Lond::dump_with_regexp	# see Lond::dump_with_regexp
# if $escapedkeys hash keys won't get unescaped.	# if $escapedkeys hash keys won't get unescaped.
Line 6942 sub dump {	Line 6458 sub dump {
} else {	} else {
$regexp='.';	$regexp='.';
}	}
if (grep { $_ eq $uhome } &current_machine_ids()) {	if (grep { $_ eq $uhome } current_machine_ids()) {
# user is hosted on this machine	# user is hosted on this machine
my $reply = LONCAPA::Lond::dump_with_regexp(join(':', ($udomain,	my $reply = LONCAPA::Lond::dump_with_regexp(join(":", ($udomain,
$uname, $namespace, $regexp, $range)), $perlvar{'lonVersion'});	$uname, $namespace, $regexp, $range)), $perlvar{'lonVersion'});
return %{&unserialize($reply, $escapedkeys)};	return %{unserialize($reply, $escapedkeys)};
}	}
my $rep=&reply("dump:$udomain:$uname:$namespace:$regexp:$range",$uhome);	my $rep=&reply("dump:$udomain:$uname:$namespace:$regexp:$range",$uhome);
my @pairs=split(/\&/,$rep);	my @pairs=split(/\&/,$rep);
Line 6954 sub dump {	Line 6470 sub dump {
if (!($rep =~ /^error/ )) {	if (!($rep =~ /^error/ )) {
foreach my $item (@pairs) {	foreach my $item (@pairs) {
my ($key,$value)=split(/=/,$item,2);	my ($key,$value)=split(/=/,$item,2);
$key = &unescape($key) unless ($escapedkeys);	$key = unescape($key) unless $escapedkeys;
	#$key = &unescape($key);
next if ($key =~ /^error: 2 /);	next if ($key =~ /^error: 2 /);
$returnhash{$key}=&thaw_unescape($value);	$returnhash{$key}=&thaw_unescape($value);
}	}
Line 6998 sub currentdump {	Line 6515 sub currentdump {
my $rep;	my $rep;

if (grep { $_ eq $uhome } current_machine_ids()) {	if (grep { $_ eq $uhome } current_machine_ids()) {
$rep = LONCAPA::Lond::dump_profile_database(join(":", ($sdom, $sname,	$rep = LONCAPA::Lond::dump_profile_database(join(":", ($sdom, $sname,
$courseid)));	$courseid)));
} else {	} else {
$rep = reply('currentdump:'.$sdom.':'.$sname.':'.$courseid,$uhome);	$rep = reply('currentdump:'.$sdom.':'.$sname.':'.$courseid,$uhome);
Line 7008 sub currentdump {	Line 6525 sub currentdump {
#	#
my %returnhash=();	my %returnhash=();
#	#
if ($rep eq "unknown_cmd") {	if ($rep eq 'unknown_cmd') {
# an old lond will not know currentdump	# an old lond will not know currentdump
# Do a dump and make it look like a currentdump	# Do a dump and make it look like a currentdump
my @tmp = &dumpstore($courseid,$sdom,$sname,'.');	my @tmp = &dumpstore($courseid,$sdom,$sname,'.');
Line 7143 sub putstore {	Line 6660 sub putstore {
foreach my $key (keys(%{$storehash})) {	foreach my $key (keys(%{$storehash})) {
$namevalue.=&escape($key).'='.&freeze_escape($storehash->{$key}).'&';	$namevalue.=&escape($key).'='.&freeze_escape($storehash->{$key}).'&';
}	}
my $ip = &get_requestor_ip();	$namevalue .= 'ip='.&escape($ENV{'REMOTE_ADDR'}).
$namevalue .= 'ip='.&escape($ip).
'&host='.&escape($perlvar{'lonHostID'}).	'&host='.&escape($perlvar{'lonHostID'}).
'&version='.$esc_v.	'&version='.$esc_v.
'&by='.&escape($env{'user.name'}.':'.$env{'user.domain'});	'&by='.&escape($env{'user.name'}.':'.$env{'user.domain'});
Line 7260 sub tmpdel {	Line 6776 sub tmpdel {
return &reply("tmpdel:$token",$server);	return &reply("tmpdel:$token",$server);
}	}

# ------------------------------------------------------------ get_timebased_id	# ------------------------------------------------------------ get_timebased_id

sub get_timebased_id {	sub get_timebased_id {
my ($prefix,$keyid,$namespace,$cdom,$cnum,$idtype,$who,$locktries,	my ($prefix,$keyid,$namespace,$cdom,$cnum,$idtype,$who,$locktries,
$maxtries) = @_;	$maxtries) = @_;
my ($newid,$error,$dellock);	my ($newid,$error,$dellock);
unless (($prefix =~ /^\w+$/) && ($keyid =~ /^\w+$/) && ($namespace ne '')) {	unless (($prefix =~ /^\w+$/) && ($keyid =~ /^\w+$/) && ($namespace ne '')) {
return ('','ok','invalid call to get suffix');	return ('','ok','invalid call to get suffix');
}	}

Line 7280 sub get_timebased_id {	Line 6796 sub get_timebased_id {
if (!$maxtries) {	if (!$maxtries) {
$maxtries = 10;	$maxtries = 10;
}	}

if (($cdom eq '') \|\| ($cnum eq '')) {	if (($cdom eq '') \|\| ($cnum eq '')) {
if ($env{'request.course.id'}) {	if ($env{'request.course.id'}) {
$cdom = $env{'course.'.$env{'request.course.id'}.'.domain'};	$cdom = $env{'course.'.$env{'request.course.id'}.'.domain'};
Line 7368 sub portfolio_access {	Line 6884 sub portfolio_access {
if ($result) {	if ($result) {
my %setters;	my %setters;
if ($env{'user.name'} eq 'public' && $env{'user.domain'} eq 'public') {	if ($env{'user.name'} eq 'public' && $env{'user.domain'} eq 'public') {
my ($startblock,$endblock,$triggerblock,$by_ip,$blockdom) =	my ($startblock,$endblock) =
&Apache::loncommon::blockcheck(\%setters,'port',$clientip,$unum,$udom);	&Apache::loncommon::blockcheck(\%setters,'port',$unum,$udom);
if (($startblock && $endblock) \|\| ($by_ip)) {	if ($startblock && $endblock) {
return 'B';	return 'B';
}	}
} else {	} else {
my ($startblock,$endblock,$triggerblock,$by_ip,$blockdo) =	my ($startblock,$endblock) =
&Apache::loncommon::blockcheck(\%setters,'port',$clientip);	&Apache::loncommon::blockcheck(\%setters,'port');
if (($startblock && $endblock) \|\| ($by_ip)) {	if ($startblock && $endblock) {
return 'B';	return 'B';
}	}
}	}
Line 7435 sub get_portfolio_access {	Line 6951 sub get_portfolio_access {
if (ref($access_hash->{$ipkey}{'ip'}) eq 'ARRAY') {	if (ref($access_hash->{$ipkey}{'ip'}) eq 'ARRAY') {
if (&Apache::loncommon::check_ip_acc(join(',',@{$access_hash->{$ipkey}{'ip'}}),$clientip)) {	if (&Apache::loncommon::check_ip_acc(join(',',@{$access_hash->{$ipkey}{'ip'}}),$clientip)) {
$allowed = 1;	$allowed = 1;
last;	last;
}	}
}	}
}	}
Line 7629 sub usertools_access {	Line 7145 sub usertools_access {
unofficial => 1,	unofficial => 1,
community => 1,	community => 1,
textbook => 1,	textbook => 1,
	placement => 1,
	lti => 1,
);	);
} elsif ($context eq 'requestauthor') {	} elsif ($context eq 'requestauthor') {
%tools = (	%tools = (
Line 7663 sub usertools_access {	Line 7181 sub usertools_access {

my ($toolstatus,$inststatus,$envkey);	my ($toolstatus,$inststatus,$envkey);
if ($context eq 'requestauthor') {	if ($context eq 'requestauthor') {
$envkey = $context;	$envkey = $context;
} else {	} else {
$envkey = $context.'.'.$tool;	$envkey = $context.'.'.$tool;
}	}
Line 7825 sub is_advanced_user {	Line 7343 sub is_advanced_user {
}	}

sub check_can_request {	sub check_can_request {
my ($dom,$can_request,$request_domains) = @_;	my ($dom,$can_request,$request_domains,$uname,$udom) = @_;
my $canreq = 0;	my $canreq = 0;
	if (($env{'user.name'} ne '') && ($env{'user.domain'} ne '')) {
	$uname = $env{'user.name'};
	$udom = $env{'user.domain'};
	}
my ($types,$typename) = &Apache::loncommon::course_types();	my ($types,$typename) = &Apache::loncommon::course_types();
my @options = ('approval','validate','autolimit');	my @options = ('approval','validate','autolimit');
my $optregex = join('\|',@options);	my $optregex = join('\|',@options);
if ((ref($can_request) eq 'HASH') && (ref($types) eq 'ARRAY')) {	if ((ref($can_request) eq 'HASH') && (ref($types) eq 'ARRAY')) {
foreach my $type (@{$types}) {	foreach my $type (@{$types}) {
if (&usertools_access($env{'user.name'},	if (&usertools_access($uname,$udom,$type,undef,
$env{'user.domain'},	'requestcourses')) {
$type,undef,'requestcourses')) {
$canreq ++;	$canreq ++;
if (ref($request_domains) eq 'HASH') {	if (ref($request_domains) eq 'HASH') {
push(@{$request_domains->{$type}},$env{'user.domain'});	push(@{$request_domains->{$type}},$udom);
}	}
if ($dom eq $env{'user.domain'}) {	if ($dom eq $udom) {
$can_request->{$type} = 1;	$can_request->{$type} = 1;
}	}
}	}
if ($env{'environment.reqcrsotherdom.'.$type} ne '') {	if (($env{'user.name'} ne '') && ($env{'user.domain'} ne '') &&
	($env{'environment.reqcrsotherdom.'.$type} ne '')) {
my @curr = split(',',$env{'environment.reqcrsotherdom.'.$type});	my @curr = split(',',$env{'environment.reqcrsotherdom.'.$type});
if (@curr > 0) {	if (@curr > 0) {
foreach my $item (@curr) {	foreach my $item (@curr) {
Line 7860 sub check_can_request {	Line 7382 sub check_can_request {
}	}
}	}
}	}
unless($dom eq $env{'user.domain'}) {	unless ($dom eq $env{'user.domain'}) {
$canreq ++;	$canreq ++;
if (grep(/^\Q$dom\E:($optregex)(=?\d*)$/,@curr)) {	if (grep(/^\Q$dom\E:($optregex)(=?\d*)$/,@curr)) {
$can_request->{$type} = 1;	$can_request->{$type} = 1;
Line 7925 sub customaccess {	Line 7447 sub customaccess {
# ------------------------------------------------- Check for a user privilege	# ------------------------------------------------- Check for a user privilege

sub allowed {	sub allowed {
my ($priv,$uri,$symb,$role,$clientip,$noblockcheck,$ignorecache)=@_;	my ($priv,$uri,$symb,$role,$clientip,$noblockcheck)=@_;
my $ver_orguri=$uri;	my $ver_orguri=$uri;
$uri=&deversion($uri);	$uri=&deversion($uri);
my $orguri=$uri;	my $orguri=$uri;
Line 7942 sub allowed {	Line 7464 sub allowed {

if (defined($env{'allowed.'.$priv})) { return $env{'allowed.'.$priv}; }	if (defined($env{'allowed.'.$priv})) { return $env{'allowed.'.$priv}; }
# Free bre access to adm and meta resources	# Free bre access to adm and meta resources
if (((($uri=~/^adm\//) && ($uri !~ m{/(?:smppg\|bulletinboard\|viewclasslist\|aboutme)$}))	if (((($uri=~/^adm\//) && ($uri !~ m{/(?:smppg\|bulletinboard\|ext\.tool)$}))
\|\| (($uri=~/\.meta$/) && ($uri!~m\|^uploaded/\|) ))	\|\| (($uri=~/\.meta$/) && ($uri!~m\|^uploaded/\|) ))
&& ($priv eq 'bre')) {	&& ($priv eq 'bre')) {
return 'F';	return 'F';
Line 7953 sub allowed {	Line 7475 sub allowed {
if (($space=~/^(uploaded\|editupload)$/) && ($env{'user.name'} eq $name) &&	if (($space=~/^(uploaded\|editupload)$/) && ($env{'user.name'} eq $name) &&
($env{'user.domain'} eq $domain) && ('portfolio' eq $dir[0])) {	($env{'user.domain'} eq $domain) && ('portfolio' eq $dir[0])) {
my %setters;	my %setters;
my ($startblock,$endblock,$triggerblock,$by_ip,$blockdom) =	my ($startblock,$endblock) =
&Apache::loncommon::blockcheck(\%setters,'port',$clientip);	&Apache::loncommon::blockcheck(\%setters,'port');
if (($startblock && $endblock) \|\| ($by_ip)) {	if ($startblock && $endblock) {
return 'B';	return 'B';
} else {	} else {
return 'F';	return 'F';
Line 7990 sub allowed {	Line 7512 sub allowed {
# Free bre to public access	# Free bre to public access

if ($priv eq 'bre') {	if ($priv eq 'bre') {
my $copyright=&metadata($uri,'copyright');	my $copyright;
	unless ($uri =~ /ext\.tool/) {
	$copyright=&metadata($uri,'copyright');
	}
if (($copyright eq 'public') && (!$env{'request.course.id'})) {	if (($copyright eq 'public') && (!$env{'request.course.id'})) {
return 'F';	return 'F';
}	}
Line 8048 sub allowed {	Line 7573 sub allowed {
my $adom = $1;	my $adom = $1;
foreach my $key (keys(%env)) {	foreach my $key (keys(%env)) {
if ($key =~ m{^user\.role\.(ca\|aa)/\Q$adom\E}) {	if ($key =~ m{^user\.role\.(ca\|aa)/\Q$adom\E}) {
my ($start,$end) = split(/\./,$env{$key});	my ($start,$end) = split('.',$env{$key});
if (($now >= $start) && (!$end \|\| $end > $now)) {	if (($now >= $start) && (!$end \|\| $end < $now)) {
$ownaccess = 1;	$ownaccess = 1;
last;	last;
}	}
Line 8061 sub allowed {	Line 7586 sub allowed {
foreach my $role ('ca','aa') {	foreach my $role ('ca','aa') {
if ($env{"user.role.$role./$adom/$aname"}) {	if ($env{"user.role.$role./$adom/$aname"}) {
my ($start,$end) =	my ($start,$end) =
split(/\./,$env{"user.role.$role./$adom/$aname"});	split('.',$env{"user.role.$role./$adom/$aname"});
if (($now >= $start) && (!$end \|\| $end > $now)) {	if (($now >= $start) && (!$end \|\| $end < $now)) {
$ownaccess = 1;	$ownaccess = 1;
last;	last;
}	}
Line 8107 sub allowed {	Line 7632 sub allowed {

if ($env{'user.priv.'.$env{'request.role'}.'.'.$courseuri}	if ($env{'user.priv.'.$env{'request.role'}.'.'.$courseuri}
=~/\Q$priv\E\&([^\:]*)/) {	=~/\Q$priv\E\&([^\:]*)/) {
if ($priv eq 'mip') {	unless (($priv eq 'bro') && (!$ownaccess)) {
my $rem = $1;	$thisallowed.=$1;
if (($uri ne '') && ($env{'request.course.id'} eq $uri) &&
($env{'course.'.$env{'request.course.id'}.'.internal.courseowner'} eq $env{'user.name'}.':'.$env{'user.domain'})) {
my $cdom = $env{'course.'.$env{'request.course.id'}.'.domain'};
if ($cdom ne '') {
my %passwdconf = &get_passwdconf($cdom);
if (ref($passwdconf{'crsownerchg'}) eq 'HASH') {
if (ref($passwdconf{'crsownerchg'}{'by'}) eq 'ARRAY') {
if (@{$passwdconf{'crsownerchg'}{'by'}}) {
my @inststatuses = split(':',$env{'environment.inststatus'});
unless (@inststatuses) {
@inststatuses = ('default');
}
foreach my $status (@inststatuses) {
if (grep(/^\Q$status\E$/,@{$passwdconf{'crsownerchg'}{'by'}})) {
$thisallowed.=$rem;
}
}
}
}
}
}
}
} else {
unless (($priv eq 'bro') && (!$ownaccess)) {
$thisallowed.=$1;
}
}	}
}	}

Line 8150 sub allowed {	Line 7649 sub allowed {
if ($noblockcheck) {	if ($noblockcheck) {
$thisallowed.=$value;	$thisallowed.=$value;
} else {	} else {
my @blockers = &has_comm_blocking($priv,$symb,$uri,$ignorecache);	my @blockers = &has_comm_blocking($priv,$symb,$uri);
if (@blockers > 0) {	if (@blockers > 0) {
$thisallowed = 'B';	$thisallowed = 'B';
} else {	} else {
Line 8170 sub allowed {	Line 7669 sub allowed {
if ($noblockcheck) {	if ($noblockcheck) {
$thisallowed='F';	$thisallowed='F';
} else {	} else {
my @blockers = &has_comm_blocking($priv,'',$refuri,'',1);	my @blockers = &has_comm_blocking($priv,$symb,$refuri);
if (@blockers > 0) {	if (@blockers > 0) {
$thisallowed = 'B';	$thisallowed = 'B';
} else {	} else {
Line 8189 sub allowed {	Line 7688 sub allowed {
&& &is_portfolio_url($uri)) {	&& &is_portfolio_url($uri)) {
$thisallowed = &portfolio_access($uri,$clientip);	$thisallowed = &portfolio_access($uri,$clientip);
}	}

# Full access at system, domain or course-wide level? Exit.	# Full access at system, domain or course-wide level? Exit.
if ($thisallowed=~/F/) {	if ($thisallowed=~/F/) {
return 'F';	return 'F';
Line 8217 sub allowed {	Line 7716 sub allowed {

if ($env{'request.course.id'}) {	if ($env{'request.course.id'}) {

# If this is modifying password (internal auth) domains must match for user and user's role.

if ($priv eq 'mip') {
if ($env{'user.domain'} eq $env{'request.role.domain'}) {
return $thisallowed;
} else {
return '';
}
}

$courseprivid=$env{'request.course.id'};	$courseprivid=$env{'request.course.id'};
if ($env{'request.course.sec'}) {	if ($env{'request.course.sec'}) {
$courseprivid.='/'.$env{'request.course.sec'};	$courseprivid.='/'.$env{'request.course.sec'};
Line 8243 sub allowed {	Line 7732 sub allowed {
if ($noblockcheck) {	if ($noblockcheck) {
$thisallowed.=$value;	$thisallowed.=$value;
} else {	} else {
my @blockers = &has_comm_blocking($priv,$symb,$uri,$ignorecache);	my @blockers = &has_comm_blocking($priv,$symb,$uri);
if (@blockers > 0) {	if (@blockers > 0) {
$thisallowed = 'B';	$thisallowed = 'B';
} else {	} else {
Line 8256 sub allowed {	Line 7745 sub allowed {
$checkreferer=0;	$checkreferer=0;
}	}
}	}

if ($checkreferer) {	if ($checkreferer) {
my $refuri=$env{'httpref.'.$orguri};	my $refuri=$env{'httpref.'.$orguri};
unless ($refuri) {	unless ($refuri) {
Line 8285 sub allowed {	Line 7774 sub allowed {
if ($noblockcheck) {	if ($noblockcheck) {
$thisallowed.=$value;	$thisallowed.=$value;
} else {	} else {
my @blockers = &has_comm_blocking($priv,'',$refuri,'',1);	my @blockers = &has_comm_blocking($priv,$symb,$refuri);
if (@blockers > 0) {	if (@blockers > 0) {
$thisallowed = 'B';	$thisallowed = 'B';
} else {	} else {
Line 8327 sub allowed {	Line 7816 sub allowed {
#	#

# Possibly locked functionality, check all courses	# Possibly locked functionality, check all courses
# In roles.tab, L (unless locked) available for bre, pch, plc, pac and sma.
# Locks might take effect only after 10 minutes cache expiration for other	# Locks might take effect only after 10 minutes cache expiration for other
# courses, and 2 minutes for current course, in which user has st or ta role	# courses, and 2 minutes for current course
# which is neither expired nor a future role (unless current course).

my ($needlockcheck,$now,$crsonly);	my $envkey;
if ($thisallowed=~/L/) {	if ($thisallowed=~/L/) {
$now = time;	foreach $envkey (keys(%env)) {
if ($priv eq 'bre') {
if ($uri ne '') {
if ($orguri =~ m{^/+res/}) {
if ($uri =~ m{^lib/templates/}) {
if ($env{'request.course.id'}) {
$crsonly = 1;
$needlockcheck = 1;
}
} else {
$needlockcheck = 1;
}
} elsif ($env{'request.course.id'}) {
my ($crsdom,$crsnum) = split('_',$env{'request.course.id'});
if (($uri =~ m{^(adm\|uploaded\|public)/$crsdom/$crsnum/}) \|\|
($uri =~ m{^adm/$match_domain/$match_username/\d+/(smppg\|bulletinboard)$})) {
$crsonly = 1;
}
$needlockcheck = 1;
}
}
} elsif (($priv eq 'pch') \|\| ($priv eq 'plc') \|\| ($priv eq 'pac') \|\| ($priv eq 'sma')) {
$needlockcheck = 1;
}
}
if ($needlockcheck) {
foreach my $envkey (keys(%env)) {
if ($envkey=~/^user\.role\.(st\|ta)\.([^\.]*)/) {	if ($envkey=~/^user\.role\.(st\|ta)\.([^\.]*)/) {
my $courseid=$2;	my $courseid=$2;
my $roleid=$1.'.'.$2;	my $roleid=$1.'.'.$2;
$courseid=~s/^\///;	$courseid=~s/^\///;
unless ($env{'request.role'} eq $roleid) {
my ($start,$end) = split(/\./,$env{$envkey});
next unless (($now >= $start) && (!$end \|\| $end > $now));
}
my $expiretime=600;	my $expiretime=600;
if ($env{'request.role'} eq $roleid) {	if ($env{'request.role'} eq $roleid) {
$expiretime=120;	$expiretime=120;
Line 8391 sub allowed {	Line 7848 sub allowed {
}	}
if (($env{$prefix.'priv.'.$priv.'.lock.sections'}=~/\,\Q$csec\E\,/)	if (($env{$prefix.'priv.'.$priv.'.lock.sections'}=~/\,\Q$csec\E\,/)
\|\| ($env{$prefix.'priv.'.$priv.'.lock.sections'} eq 'all')) {	\|\| ($env{$prefix.'priv.'.$priv.'.lock.sections'} eq 'all')) {
if ($env{$prefix.'priv.'.$priv.'.lock.expire'}>time) {	if ($env{'priv.'.$priv.'.lock.expire'}>time) {
&log($env{'user.domain'},$env{'user.name'},	&log($env{'user.domain'},$env{'user.name'},
$env{'user.home'},	$env{'user.home'},
'Locked by priv: '.$priv.' for '.$uri.' due to '.	'Locked by priv: '.$priv.' for '.$uri.' due to '.
Line 8403 sub allowed {	Line 7860 sub allowed {
}	}
}	}
}	}

#	#
# Rest of the restrictions depend on selected course	# Rest of the restrictions depend on selected course
#	#
Line 8430 sub allowed {	Line 7887 sub allowed {
my $unamedom=$env{'user.name'}.':'.$env{'user.domain'};	my $unamedom=$env{'user.name'}.':'.$env{'user.domain'};
if ($env{'course.'.$env{'request.course.id'}.'.'.$priv.'.roles.denied'}	if ($env{'course.'.$env{'request.course.id'}.'.'.$priv.'.roles.denied'}
=~/\Q$rolecode\E/) {	=~/\Q$rolecode\E/) {
if (($priv ne 'pch') && ($priv ne 'plc')) {	if (($priv ne 'pch') && ($priv ne 'plc') && ($priv ne 'pac')) {
&logthis($env{'user.domain'}.':'.$env{'user.name'}.':'.$env{'user.home'}.':'.	&logthis($env{'user.domain'}.':'.$env{'user.name'}.':'.$env{'user.home'}.':'.
'Denied by role: '.$priv.' for '.$uri.' as '.$rolecode.' in '.	'Denied by role: '.$priv.' for '.$uri.' as '.$rolecode.' in '.
$env{'request.course.id'});	$env{'request.course.id'});
Line 8440 sub allowed {	Line 7897 sub allowed {

if ($env{'course.'.$env{'request.course.id'}.'.'.$priv.'.users.denied'}	if ($env{'course.'.$env{'request.course.id'}.'.'.$priv.'.users.denied'}
=~/\Q$unamedom\E/) {	=~/\Q$unamedom\E/) {
if (($priv ne 'pch') && ($priv ne 'plc')) {	if (($priv ne 'pch') && ($priv ne 'plc') && ($priv ne 'pac')) {
&logthis($env{'user.domain'}.':'.$env{'user.name'}.':'.$env{'user.home'}.	&logthis($env{'user.domain'}.':'.$env{'user.name'}.':'.$env{'user.home'}.
'Denied by user: '.$priv.' for '.$uri.' as '.$unamedom.' in '.	'Denied by user: '.$priv.' for '.$uri.' as '.$unamedom.' in '.
$env{'request.course.id'});	$env{'request.course.id'});
Line 8498 sub constructaccess {	Line 7955 sub constructaccess {
my ($ownername,$ownerdomain,$ownerhome);	my ($ownername,$ownerdomain,$ownerhome);

($ownerdomain,$ownername) =	($ownerdomain,$ownername) =
($url=~ m{^(?:\Q$perlvar{'lonDocRoot'}\E\|)/priv/($match_domain)/($match_username)(?:/\|$)});	($url=~ m{^(?:\Q$perlvar{'lonDocRoot'}\E\|)(?:/daxepage\|/daxeopen)?/priv/($match_domain)/($match_username)(?:/\|$)});

# The URL does not really point to any authorspace, forget it	# The URL does not really point to any authorspace, forget it
unless (($ownername) && ($ownerdomain)) { return ''; }	unless (($ownername) && ($ownerdomain)) { return ''; }
Line 8519 sub constructaccess {	Line 7976 sub constructaccess {
$ownerhome = &homeserver($ownername,$ownerdomain);	$ownerhome = &homeserver($ownername,$ownerdomain);
return ($ownername,$ownerdomain,$ownerhome);	return ($ownername,$ownerdomain,$ownerhome);
}	}
	if ($env{'request.course.id'}) {
	if (($ownername eq $env{'course.'.$env{'request.course.id'}.'.num'}) &&
	($ownerdomain eq $env{'course.'.$env{'request.course.id'}.'.domain'})) {
	if (&allowed('mdc',$env{'request.course.id'})) {
	$ownerhome = $env{'course.'.$env{'request.course.id'}.'.home'};
	return ($ownername,$ownerdomain,$ownerhome);
	}
	}
	}
}	}

# We don't have any access right now. If we are not possibly going to do anything about this,	# We don't have any access right now. If we are not possibly going to do anything about this,
Line 8561 sub constructaccess {	Line 8027 sub constructaccess {
#	#
# User for whom data are being temporarily cached.	# User for whom data are being temporarily cached.
my $cacheduser='';	my $cacheduser='';
# Course for which data are being temporarily cached.	# Cached blockers for this user (a hash of blocking items).
my $cachedcid='';
# Cached blockers for this user (a hash of blocking items).
my %cachedblockers=();	my %cachedblockers=();
# When the data were last cached.	# When the data were last cached.
my $cachedlast='';	my $cachedlast='';

sub load_all_blockers {	sub load_all_blockers {
my ($uname,$udom)=@_;	my ($uname,$udom,$blocks)=@_;
if (($uname ne '') && ($udom ne '')) {	if (($uname ne '') && ($udom ne '')) {
if (($cacheduser eq $uname.':'.$udom) &&	if (($cacheduser eq $uname.':'.$udom) &&
($cachedcid eq $env{'request.course.id'}) &&
(abs($cachedlast-time)<5)) {	(abs($cachedlast-time)<5)) {
return;	return;
}	}
}	}
$cachedlast=time;	$cachedlast=time;
$cacheduser=$uname.':'.$udom;	$cacheduser=$uname.':'.$udom;
$cachedcid=$env{'request.course.id'};	%cachedblockers = &get_commblock_resources($blocks);
%cachedblockers = &get_commblock_resources();
return;
}	}

sub get_comm_blocks {	sub get_comm_blocks {
Line 8608 sub get_commblock_resources {	Line 8069 sub get_commblock_resources {
my ($blocks) = @_;	my ($blocks) = @_;
my %blockers = ();	my %blockers = ();
return %blockers unless ($env{'request.course.id'});	return %blockers unless ($env{'request.course.id'});
my $courseurl = &courseid_to_courseurl($env{'request.course.id'});	return %blockers if ($env{'user.priv.'.$env{'request.role'}} =~/evb\&([^\:]*)/);
if ($env{'request.course.sec'}) {
$courseurl .= '/'.$env{'request.course.sec'};
}
return %blockers if ($env{'user.priv.'.$env{'request.role'}.'.'.$courseurl} =~/evb\&([^\:]*)/);
my %commblocks;	my %commblocks;
if (ref($blocks) eq 'HASH') {	if (ref($blocks) eq 'HASH') {
%commblocks = %{$blocks};	%commblocks = %{$blocks};
} else {	} else {
%commblocks = &get_comm_blocks();	%commblocks = &get_comm_blocks();
}	}
return %blockers unless (keys(%commblocks) > 0);	return %blockers unless (keys(%commblocks) > 0);
my $navmap = Apache::lonnavmaps::navmap->new();	my $navmap = Apache::lonnavmaps::navmap->new();
return %blockers unless (ref($navmap));	return %blockers unless (ref($navmap));
my $now = time;	my $now = time;
Line 8631 sub get_commblock_resources {	Line 8088 sub get_commblock_resources {
if (ref($commblocks{$block}{'blocks'}{'docs'}) eq 'HASH') {	if (ref($commblocks{$block}{'blocks'}{'docs'}) eq 'HASH') {
if (ref($commblocks{$block}{'blocks'}{'docs'}{'maps'}) eq 'HASH') {	if (ref($commblocks{$block}{'blocks'}{'docs'}{'maps'}) eq 'HASH') {
if (keys(%{$commblocks{$block}{'blocks'}{'docs'}{'maps'}})) {	if (keys(%{$commblocks{$block}{'blocks'}{'docs'}{'maps'}})) {
$blockers{$block}{maps} = $commblocks{$block}{'blocks'}{'docs'}{'maps'};	$blockers{$block}{maps} = $commblocks{$block}{'blocks'}{'docs'}{'maps'};
}	}
}	}
if (ref($commblocks{$block}{'blocks'}{'docs'}{'resources'}) eq 'HASH') {	if (ref($commblocks{$block}{'blocks'}{'docs'}{'resources'}) eq 'HASH') {
Line 8644 sub get_commblock_resources {	Line 8101 sub get_commblock_resources {
}	}
} elsif ($block =~ /^firstaccess____(.+)$/) {	} elsif ($block =~ /^firstaccess____(.+)$/) {
my $item = $1;	my $item = $1;
	my @to_test;
if (ref($commblocks{$block}{'blocks'}) eq 'HASH') {	if (ref($commblocks{$block}{'blocks'}) eq 'HASH') {
if (ref($commblocks{$block}{'blocks'}{'docs'}) eq 'HASH') {	if (ref($commblocks{$block}{'blocks'}{'docs'}) eq 'HASH') {
my (@interval,$mapname);	my @interval;
my $type = 'map';	my $type = 'map';
if ($item eq 'course') {	if ($item eq 'course') {
$type = 'course';	$type = 'course';
Line 8655 sub get_commblock_resources {	Line 8113 sub get_commblock_resources {
if ($item =~ /___\d+___/) {	if ($item =~ /___\d+___/) {
$type = 'resource';	$type = 'resource';
@interval=&EXT("resource.0.interval",$item);	@interval=&EXT("resource.0.interval",$item);
	if (ref($navmap)) {
	my $res = $navmap->getBySymb($item);
	push(@to_test,$res);
	}
} else {	} else {
$mapname = &deversion($item);	my $mapsymb = &symbread($item,1);
if (ref($navmap)) {	if ($mapsymb) {
my $timelimit = $navmap->get_mapparam(undef,$mapname,'0.interval');	if (ref($navmap)) {
@interval = ($timelimit,'map');	my $mapres = $navmap->getBySymb($mapsymb);
	@to_test = $mapres->retrieveResources($mapres,undef,0,0,0,1);
	foreach my $res (@to_test) {
	my $symb = $res->symb();
	next if ($symb eq $mapsymb);
	if ($symb ne '') {
	@interval=&EXT("resource.0.interval",$symb);
	if ($interval[1] eq 'map') {
	last;
	}
	}
	}
	}
}	}
}	}
}	}
if ($interval[0] =~ /^\d+$/) {	if ($interval[0] =~ /^(\d+)/) {
	my $timelimit = $1;
my $first_access;	my $first_access;
if ($type eq 'resource') {	if ($type eq 'resource') {
$first_access=&get_first_access($interval[1],$item);	$first_access=&get_first_access($interval[1],$item);
Line 8673 sub get_commblock_resources {	Line 8148 sub get_commblock_resources {
$first_access=&get_first_access($interval[1]);	$first_access=&get_first_access($interval[1]);
}	}
if ($first_access) {	if ($first_access) {
my $timesup = $first_access+$interval[0];	my $timesup = $first_access+$timelimit;
if ($timesup > $now) {	if ($timesup > $now) {
my $activeblock;	my $activeblock;
if ($type eq 'resource') {	foreach my $res (@to_test) {
if (ref($navmap)) {	if ($res->answerable()) {
my $res = $navmap->getBySymb($item);	$activeblock = 1;
if ($res->answerable()) {	last;
$activeblock = 1;
}
}
} elsif ($type eq 'map') {
my $mapsymb = &symbread($mapname,1);
if (($mapsymb) && (ref($navmap))) {
my $mapres = $navmap->getBySymb($mapsymb);
if (ref($mapres)) {
my $first = $mapres->map_start();
my $finish = $mapres->map_finish();
my $it = $navmap->getIterator($first,$finish,undef,0,0);
if (ref($it)) {
my $res;
while ($res = $it->next(undef,1)) {
next unless (ref($res));
my $symb = $res->symb();
next if (($symb eq $mapsymb) \|\| ($symb eq ''));
@interval=&EXT("resource.0.interval",$symb);
if ($interval[1] eq 'map') {
if ($res->answerable()) {
$activeblock = 1;
last;
}
}
}
}
}
}	}
}	}
if ($activeblock) {	if ($activeblock) {
Line 8732 sub get_commblock_resources {	Line 8180 sub get_commblock_resources {
}	}

sub has_comm_blocking {	sub has_comm_blocking {
my ($priv,$symb,$uri,$ignoresymbdb,$noenccheck,$blocked,$blocks) = @_;	my ($priv,$symb,$uri,$blocks) = @_;
my @blockers;	my @blockers;
return unless ($env{'request.course.id'});	return unless ($env{'request.course.id'});
return unless ($priv eq 'bre');	return unless ($priv eq 'bre');
	return if ($env{'user.priv.'.$env{'request.role'}} =~/evb\&([^\:]*)/);
return if ($env{'request.state'} eq 'construct');	return if ($env{'request.state'} eq 'construct');
my $courseurl = &courseid_to_courseurl($env{'request.course.id'});	&load_all_blockers($env{'user.name'},$env{'user.domain'},$blocks);
if ($env{'request.course.sec'}) {	return unless (keys(%cachedblockers) > 0);
$courseurl .= '/'.$env{'request.course.sec'};
}
return if ($env{'user.priv.'.$env{'request.role'}.'.'.$courseurl} =~/evb\&([^\:]*)/);
my %blockinfo;
if (ref($blocks) eq 'HASH') {
%blockinfo = &get_commblock_resources($blocks);
} else {
&load_all_blockers($env{'user.name'},$env{'user.domain'});
%blockinfo = %cachedblockers;
}
return unless (keys(%blockinfo) > 0);
my (%possibles,@symbs);	my (%possibles,@symbs);
if (!$symb) {	if (!$symb) {
$symb = &symbread($uri,1,1,1,\%possibles,$ignoresymbdb,$noenccheck);	$symb = &symbread($uri,1,1,1,\%possibles);
}	}
if ($symb) {	if ($symb) {
@symbs = ($symb);	@symbs = ($symb);
} elsif (keys(%possibles)) {	} elsif (keys(%possibles)) {
@symbs = keys(%possibles);	@symbs = keys(%possibles);
}	}
my $noblock;	my $noblock;
foreach my $symb (@symbs) {	foreach my $symb (@symbs) {
last if ($noblock);	last if ($noblock);
my ($map,$resid,$resurl)=&decode_symb($symb);	my ($map,$resid,$resurl)=&decode_symb($symb);
foreach my $block (keys(%blockinfo)) {	foreach my $block (keys(%cachedblockers)) {
if ($block =~ /^firstaccess____(.+)$/) {	if ($block =~ /^firstaccess____(.+)$/) {
my $item = $1;	my $item = $1;
unless ($blocked) {	if (($item eq $map) \|\| ($item eq $symb)) {
if (($item eq $map) \|\| ($item eq $symb)) {	$noblock = 1;
$noblock = 1;	last;
last;
}
}	}
}	}
if (ref($blockinfo{$block}) eq 'HASH') {	if (ref($cachedblockers{$block}) eq 'HASH') {
if (ref($blockinfo{$block}{'resources'}) eq 'HASH') {	if (ref($cachedblockers{$block}{'resources'}) eq 'HASH') {
if ($blockinfo{$block}{'resources'}{$symb}) {	if ($cachedblockers{$block}{'resources'}{$symb}) {
unless (grep(/^\Q$block\E$/,@blockers)) {	unless (grep(/^\Q$block\E$/,@blockers)) {
push(@blockers,$block);	push(@blockers,$block);
}	}
}	}
}	}
if (ref($blockinfo{$block}{'maps'}) eq 'HASH') {	}
if ($blockinfo{$block}{'maps'}{$map}) {	if (ref($cachedblockers{$block}{'maps'}) eq 'HASH') {
unless (grep(/^\Q$block\E$/,@blockers)) {	if ($cachedblockers{$block}{'maps'}{$map}) {
push(@blockers,$block);	unless (grep(/^\Q$block\E$/,@blockers)) {
}	push(@blockers,$block);
}	}
}	}
}	}
}	}
}	}
unless ($noblock) {	return if ($noblock);
return @blockers;	return @blockers;
}
return;
}	}
}	}

# -------------------------------- Deversion and split uri into path an filename	# -------------------------------- Deversion and split uri into path an filename

#	#
# Removes the version from a URI and	# Removes the version from a URI and
Line 8924 sub metadata_query {	Line 8358 sub metadata_query {
my @server_list = (defined($server_array) ? @$server_array	my @server_list = (defined($server_array) ? @$server_array
: keys(%libserv) );	: keys(%libserv) );
for my $server (@server_list) {	for my $server (@server_list) {
my $domains = '';	my $domains = '';
if (ref($domains_hash) eq 'HASH') {	if (ref($domains_hash) eq 'HASH') {
$domains = $domains_hash->{$server};	$domains = $domains_hash->{$server};
}	}
unless ($custom or $customshow) {	unless ($custom or $customshow) {
my $reply=&reply("querysend:".&escape($query).':::'.&escape($domains),$server);	my $reply=&reply("querysend:".&escape($query).':::'.&escape($domains),$server);
Line 9059 sub fetch_enrollment_query {	Line 8493 sub fetch_enrollment_query {
}	}

sub get_query_reply {	sub get_query_reply {
my ($queryid,$sleep,$loopmax) = @_;	my ($queryid,$sleep,$loopmax) = @_;;
if (($sleep eq '') \|\| ($sleep !~ /^\d+\.?\d*$/)) {	if (($sleep eq '') \|\| ($sleep !~ /^\d+\.?\d*$/)) {
$sleep = 0.2;	$sleep = 0.2;
}	}
Line 9192 sub auto_validate_instcode {	Line 8626 sub auto_validate_instcode {
return ($outcome,$description,$defaultcredits);	return ($outcome,$description,$defaultcredits);
}	}

sub auto_validate_inst_crosslist {
my ($cnum,$cdom,$instcode,$inst_xlist,$coowner) = @_;
my ($homeserver,$response);
if (($cdom =~ /^$match_domain$/) && ($cnum =~ /^$match_courseid$/)) {
$homeserver = &homeserver($cnum,$cdom);
}
if (!defined($homeserver)) {
if ($cdom =~ /^$match_domain$/) {
$homeserver = &domain($cdom,'primary');
}
}
unless (($homeserver eq '') \|\| ($homeserver eq 'no_host')) {
$response=&reply('autovalidateinstcrosslist:'.$cdom.':'.
&escape($instcode).':'.&escape($inst_xlist).':'.
&escape($coowner),$homeserver);
}
return $response;
}

sub auto_create_password {	sub auto_create_password {
my ($cnum,$cdom,$authparam,$udom) = @_;	my ($cnum,$cdom,$authparam,$udom) = @_;
my ($homeserver,$response);	my ($homeserver,$response);
Line 9482 sub auto_validate_class_sec {	Line 8897 sub auto_validate_class_sec {
return $response;	return $response;
}	}

sub auto_instsec_reformat {
my ($cdom,$action,$instsecref) = @_;
return unless(($action eq 'clutter') \|\| ($action eq 'declutter'));
my @homeservers;
if (defined(&domain($cdom,'primary'))) {
push(@homeservers,&domain($cdom,'primary'));
} else {
my %servers = &get_servers($cdom,'library');
foreach my $tryserver (keys(%servers)) {
if (!grep(/^\Q$tryserver\E$/,@homeservers)) {
push(@homeservers,$tryserver);
}
}
}
my $response;
my %reformatted = %{$instsecref};
foreach my $server (@homeservers) {
if (ref($instsecref) eq 'HASH') {
my $info = &freeze_escape($instsecref);
my $response=&reply('autoinstsecreformat:'.$cdom.':'.
$action.':'.$info,$server);
next if ($response =~ /(con_lost\|error\|no_such_host\|refused\|unknown_cmd)/);
my @items = split(/&/,$response);
foreach my $item (@items) {
my ($key,$value) = split(/=/,$item);
$reformatted{&unescape($key)} = &thaw_unescape($value);
}
}
}
return %reformatted;
}

sub auto_validate_instclasses {	sub auto_validate_instclasses {
my ($cdom,$cnum,$owners,$classesref) = @_;	my ($cdom,$cnum,$owners,$classesref) = @_;
my ($homeserver,%validations);	my ($homeserver,%validations);
Line 9557 sub auto_crsreq_update {	Line 8940 sub auto_crsreq_update {
':'.&escape($action).':'.&escape($ownername).':'.	':'.&escape($action).':'.&escape($ownername).':'.
&escape($ownerdomain).':'.&escape($fullname).':'.	&escape($ownerdomain).':'.&escape($fullname).':'.
&escape($title).':'.&escape($code).':'.	&escape($title).':'.&escape($code).':'.
&escape($accessstart).':'.&escape($accessend).':'.$info,$homeserver);	&escape($accessstart).':'.&escape($accessend).':'.$info,
	$homeserver);
unless ($response =~ /(con_lost\|error\|no_such_host\|refused)/) {	unless ($response =~ /(con_lost\|error\|no_such_host\|refused)/) {
my @items = split(/&/,$response);	my @items = split(/&/,$response);
foreach my $item (@items) {	foreach my $item (@items) {
Line 9584 sub auto_export_grades {	Line 8968 sub auto_export_grades {
my $grades = &freeze_escape($gradesref);	my $grades = &freeze_escape($gradesref);
my $response=&reply('encrypt:autoexportgrades:'.$cdom.':'.$cnum.':'.	my $response=&reply('encrypt:autoexportgrades:'.$cdom.':'.$cnum.':'.
$info.':'.$grades,$homeserver);	$info.':'.$grades,$homeserver);
unless ($response =~ /(con_lost\|error\|no_such_host\|refused\|unknown_cmd)/) {	unless ($response =~ /(con_lost\|error\|no_such_host\|refused\|unknown_command)/) {
my @items = split(/&/,$response);	my @items = split(/&/,$response);
foreach my $item (@items) {	foreach my $item (@items) {
my ($key,$value) = split('=',$item);	my ($key,$value) = split('=',$item);
Line 9817 sub plaintext {	Line 9201 sub plaintext {
my %rolenames = (	my %rolenames = (
Course => 'std',	Course => 'std',
Community => 'alt1',	Community => 'alt1',
	Placement => 'std',
);	);
if ($cid ne '') {	if ($cid ne '') {
if ($env{'course.'.$cid.'.'.$short.'.plaintext'} ne '') {	if ($env{'course.'.$cid.'.'.$short.'.plaintext'} ne '') {
Line 9918 sub assignrole {	Line 9303 sub assignrole {
}	}
}	}
}	}
} elsif (($selfenroll == 1) && ($role eq 'st') && ($udom eq $env{'user.domain'}) && ($uname eq $env{'user.name'})) {	} elsif (($selfenroll == 1) && ($udom eq $env{'user.domain'}) && ($uname eq $env{'user.name'})) {
$refused = '';	if ($role eq 'st') {
	$refused = '';
	} elsif (($context eq 'ltienroll') && ($env{'request.lti'})) {
	$refused = '';
	}
} elsif ($context eq 'requestcourses') {	} elsif ($context eq 'requestcourses') {
my @possroles = ('st','ta','ep','in','cc','co');	my @possroles = ('st','ta','ep','in','cc','co');
if ((grep(/^\Q$role\E$/,@possroles)) && ($env{'user.name'} ne '' && $env{'user.domain'} ne '')) {	if ((grep(/^\Q$role\E$/,@possroles)) && ($env{'user.name'} ne '' && $env{'user.domain'} ne '')) {
Line 9938 sub assignrole {	Line 9327 sub assignrole {
}	}
}	}
} elsif ($context eq 'requestauthor') {	} elsif ($context eq 'requestauthor') {
if (($udom eq $env{'user.domain'}) && ($uname eq $env{'user.name'}) &&	if (($udom eq $env{'user.domain'}) && ($uname eq $env{'user.name'}) &&
($url eq '/'.$udom.'/') && ($role eq 'au')) {	($url eq '/'.$udom.'/') && ($role eq 'au')) {
if ($env{'environment.requestauthor'} eq 'automatic') {	if ($env{'environment.requestauthor'} eq 'automatic') {
$refused = '';	$refused = '';
Line 9946 sub assignrole {	Line 9335 sub assignrole {
my %domdefaults = &get_domain_defaults($udom);	my %domdefaults = &get_domain_defaults($udom);
if (ref($domdefaults{'requestauthor'}) eq 'HASH') {	if (ref($domdefaults{'requestauthor'}) eq 'HASH') {
my $checkbystatus;	my $checkbystatus;
if ($env{'user.adv'}) {	if ($env{'user.adv'}) {
my $disposition = $domdefaults{'requestauthor'}{'_LC_adv'};	my $disposition = $domdefaults{'requestauthor'}{'_LC_adv'};
if ($disposition eq 'automatic') {	if ($disposition eq 'automatic') {
$refused = '';	$refused = '';
} elsif ($disposition eq '') {	} elsif ($disposition eq '') {
$checkbystatus = 1;	$checkbystatus = 1;
}	}
} else {	} else {
$checkbystatus = 1;	$checkbystatus = 1;
}	}
Line 10040 sub assignrole {	Line 9429 sub assignrole {
$context);	$context);
} elsif (($role eq 'ca') \|\| ($role eq 'aa')) {	} elsif (($role eq 'ca') \|\| ($role eq 'aa')) {
&coauthorrolelog($role,$uname,$udom,$url,$origstart,$origend,$delflag,	&coauthorrolelog($role,$uname,$udom,$url,$origstart,$origend,$delflag,
$context);	$context);
}	}
if ($role eq 'cc') {	if ($role eq 'cc') {
&autoupdate_coowners($url,$end,$start,$uname,$udom);	&autoupdate_coowners($url,$end,$start,$uname,$udom);
Line 10058 sub autoupdate_coowners {	Line 9447 sub autoupdate_coowners {
if ($domdesign{$cdom.'.autoassign.co-owners'}) {	if ($domdesign{$cdom.'.autoassign.co-owners'}) {
my %coursehash = &coursedescription($cdom.'_'.$cnum);	my %coursehash = &coursedescription($cdom.'_'.$cnum);
my $instcode = $coursehash{'internal.coursecode'};	my $instcode = $coursehash{'internal.coursecode'};
my $xlists = $coursehash{'internal.crosslistings'};
if ($instcode ne '') {	if ($instcode ne '') {
if (($start && $start <= $now) && ($end == 0) \|\| ($end > $now)) {	if (($start && $start <= $now) && ($end == 0) \|\| ($end > $now)) {
unless ($coursehash{'internal.courseowner'} eq $uname.':'.$udom) {	unless ($coursehash{'internal.courseowner'} eq $uname.':'.$udom) {
my ($delcoowners,@newcoowners,$putresult,$delresult,$coowners);	my ($delcoowners,@newcoowners,$putresult,$delresult,$coowners);
my ($result,$desc) = &auto_validate_instcode($cnum,$cdom,$instcode,$uname.':'.$udom);	my ($result,$desc) = &auto_validate_instcode($cnum,$cdom,$instcode,$uname.':'.$udom);
unless ($result eq 'valid') {
if ($xlists ne '') {
foreach my $xlist (split(',',$xlists)) {
my ($inst_crosslist,$lcsec) = split(':',$xlist);
$result =
&auto_validate_inst_crosslist($cnum,$cdom,$instcode,
$inst_crosslist,$uname.':'.$udom);
last if ($result eq 'valid');
}
}
}
if ($result eq 'valid') {	if ($result eq 'valid') {
if ($coursehash{'internal.co-owners'}) {	if ($coursehash{'internal.co-owners'}) {
foreach my $coowner (split(',',$coursehash{'internal.co-owners'})) {	foreach my $coowner (split(',',$coursehash{'internal.co-owners'})) {
Line 10087 sub autoupdate_coowners {	Line 9464 sub autoupdate_coowners {
} else {	} else {
push(@newcoowners,$uname.':'.$udom);	push(@newcoowners,$uname.':'.$udom);
}	}
} elsif ($coursehash{'internal.co-owners'}) {	} else {
foreach my $coowner (split(',',$coursehash{'internal.co-owners'})) {	if ($coursehash{'internal.co-owners'}) {
unless ($coowner eq $uname.':'.$udom) {	foreach my $coowner (split(',',$coursehash{'internal.co-owners'})) {
push(@newcoowners,$coowner);	unless ($coowner eq $uname.':'.$udom) {
	push(@newcoowners,$coowner);
	}
	}
	unless (@newcoowners > 0) {
	$delcoowners = 1;
	$coowners = '';
}	}
}
unless (@newcoowners > 0) {
$delcoowners = 1;
$coowners = '';
}	}
}	}
if (@newcoowners \|\| $delcoowners) {	if (@newcoowners \|\| $delcoowners) {
Line 10149 sub store_coowners {	Line 9528 sub store_coowners {
sub modifyuserauth {	sub modifyuserauth {
my ($udom,$uname,$umode,$upass)=@_;	my ($udom,$uname,$umode,$upass)=@_;
my $uhome=&homeserver($uname,$udom);	my $uhome=&homeserver($uname,$udom);
my $allowed;	unless (&allowed('mau',$udom)) { return 'refused'; }
if (&allowed('mau',$udom)) {
$allowed = 1;
} elsif (($umode eq 'internal') && ($udom eq $env{'user.domain'}) &&
($env{'request.course.id'}) && (&allowed('mip',$env{'request.course.id'})) &&
(!$env{'course.'.$env{'request.course.id'}.'.internal.nopasswdchg'})) {
my $cdom = $env{'course.'.$env{'request.course.id'}.'.domain'};
my $cnum = $env{'course.'.$env{'request.course.id'}.'.num'};
if (($cdom ne '') && ($cnum ne '')) {
my $is_owner = &is_course_owner($cdom,$cnum);
if ($is_owner) {
$allowed = 1;
}
}
}
unless ($allowed) { return 'refused'; }
&logthis('Call to modify user authentication '.$udom.', '.$uname.', '.	&logthis('Call to modify user authentication '.$udom.', '.$uname.', '.
$umode.' by '.$env{'user.name'}.' at '.$env{'user.domain'}.	$umode.' by '.$env{'user.name'}.' at '.$env{'user.domain'}.
' in domain '.$env{'request.role.domain'});	' in domain '.$env{'request.role.domain'});
my $reply=&reply('encrypt:changeuserauth:'.$udom.':'.$uname.':'.$umode.':'.	my $reply=&reply('encrypt:changeuserauth:'.$udom.':'.$uname.':'.$umode.':'.
&escape($upass),$uhome);	&escape($upass),$uhome);
my $ip = &get_requestor_ip();
&log($env{'user.domain'},$env{'user.name'},$env{'user.home'},	&log($env{'user.domain'},$env{'user.name'},$env{'user.home'},
'Authentication changed for '.$udom.', '.$uname.', '.$umode.	'Authentication changed for '.$udom.', '.$uname.', '.$umode.
'(Remote '.$ip.'): '.$reply);	'(Remote '.$ENV{'REMOTE_ADDR'}.'): '.$reply);
&log($udom,,$uname,$uhome,	&log($udom,,$uname,$uhome,
'Authentication changed by '.$env{'user.domain'}.', '.	'Authentication changed by '.$env{'user.domain'}.', '.
$env{'user.name'}.', '.$umode.	$env{'user.name'}.', '.$umode.
'(Remote '.$ip.'): '.$reply);	'(Remote '.$ENV{'REMOTE_ADDR'}.'): '.$reply);
unless ($reply eq 'ok') {	unless ($reply eq 'ok') {
&logthis('Authentication mode error: '.$reply);	&logthis('Authentication mode error: '.$reply);
return 'error: '.$reply;	return 'error: '.$reply;
Line 10211 sub modifyuser {	Line 9574 sub modifyuser {
my $newuser;	my $newuser;
if ($uhome eq 'no_host') {	if ($uhome eq 'no_host') {
$newuser = 1;	$newuser = 1;
	unless (($umode && ($upass ne '')) \|\| ($umode eq 'localauth') \|\|
	($umode eq 'lti')) {
	return 'error: more information needed to create new user';
	}
}	}
# ----------------------------------------------------------------- Create User	# ----------------------------------------------------------------- Create User
if (($uhome eq 'no_host') &&	if (($uhome eq 'no_host') &&
(($umode && $upass) \|\| ($umode eq 'localauth'))) {	(($umode && $upass) \|\| ($umode eq 'localauth') \|\| ($umode eq 'lti'))) {
my $unhome='';	my $unhome='';
if (defined($desiredhome) && &host_domain($desiredhome) eq $udom) {	if (defined($desiredhome) && &host_domain($desiredhome) eq $udom) {
$unhome = $desiredhome;	$unhome = $desiredhome;
Line 10256 sub modifyuser {	Line 9623 sub modifyuser {
'current user id "'.$uidhash{$uname}.'".';	'current user id "'.$uidhash{$uname}.'".';
}	}
} else {	} else {
&idput($udom,($uname => $uid));	&idput($udom,{$uname => $uid},$uhome,'ids');
}	}
}	}
# -------------------------------------------------------------- Add names, etc	# -------------------------------------------------------------- Add names, etc
Line 10381 sub modifystudent {	Line 9748 sub modifystudent {
# student's environment	# student's environment
$uid = undef if (!$forceid);	$uid = undef if (!$forceid);
$reply = &modify_student_enrollment($udom,$uname,$uid,$first,$middle,$last,	$reply = &modify_student_enrollment($udom,$uname,$uid,$first,$middle,$last,
$gene,$usec,$end,$start,$type,$locktype,	$gene,$usec,$end,$start,$type,$locktype,
$cid,$selfenroll,$context,$credits,$instsec);	$cid,$selfenroll,$context,$credits,$instsec);
return $reply;	return $reply;
}	}
Line 10658 sub generate_coursenum {	Line 10025 sub generate_coursenum {
sub is_course {	sub is_course {
my ($cdom, $cnum) = scalar(@_) == 1 ?	my ($cdom, $cnum) = scalar(@_) == 1 ?
($_[0] =~ /^($match_domain)_($match_courseid)$/) : @_;	($_[0] =~ /^($match_domain)_($match_courseid)$/) : @_;
return unless (($cdom =~ /^$match_domain$/) && ($cnum =~ /^$match_courseid$/));
my $uhome=&homeserver($cnum,$cdom);	return unless $cdom and $cnum;
my $iscourse;
if (grep { $_ eq $uhome } current_machine_ids()) {	my %courses = &courseiddump($cdom, '.', 1, '.', '.', $cnum, undef, undef,
$iscourse = &LONCAPA::Lond::is_course($cdom,$cnum);	'.');
} else {
my $hashid = $cdom.':'.$cnum;	return unless(exists($courses{$cdom.'_'.$cnum}));
($iscourse,my $cached) = &is_cached_new('iscourse',$hashid);
unless (defined($cached)) {
my %courses = &courseiddump($cdom, '.', 1, '.', '.',
$cnum,undef,undef,'.');
$iscourse = 0;
if (exists($courses{$cdom.'_'.$cnum})) {
$iscourse = 1;
}
&do_cache_new('iscourse',$hashid,$iscourse,3600);
}
}
return unless($iscourse);
return wantarray ? ($cdom, $cnum) : $cdom.'_'.$cnum;	return wantarray ? ($cdom, $cnum) : $cdom.'_'.$cnum;
}	}

Line 10693 sub store_userdata {	Line 10048 sub store_userdata {
if (($uhome eq '') \|\| ($uhome eq 'no_host')) {	if (($uhome eq '') \|\| ($uhome eq 'no_host')) {
$result = 'error: no_host';	$result = 'error: no_host';
} else {	} else {
$storehash->{'ip'} = &get_requestor_ip();	$storehash->{'ip'} = $ENV{'REMOTE_ADDR'};
$storehash->{'host'} = $perlvar{'lonHostID'};	$storehash->{'host'} = $perlvar{'lonHostID'};

my $namevalue='';	my $namevalue='';
Line 10875 sub files_not_in_path {	Line 10230 sub files_not_in_path {
return (@return_files);	return (@return_files);
}	}

	#------------------------------Submitted/Handedback Portfolio Files Versioning

	sub portfiles_versioning {
	my ($symb,$domain,$stu_name,$portfiles,$versioned_portfiles) = @_;
	my $portfolio_root = '/userfiles/portfolio';
	return unless ((ref($portfiles) eq 'ARRAY') && (ref($versioned_portfiles) eq 'ARRAY'));
	foreach my $file (@{$portfiles}) {
	&unmark_as_readonly($domain,$stu_name,[$symb,$env{'request.course.id'}],$file);
	my ($directory,$answer_file) =($file =~ /^(.?)([^\/])$/);
	my ($answer_name,$answer_ver,$answer_ext) = &file_name_version_ext($answer_file);
	my $getpropath = 1;
	my ($dir_list,$listerror) = &dirlist($portfolio_root.$directory,$domain,
	$stu_name,$getpropath);
	my $version = &get_next_version($answer_name,$answer_ext,$dir_list);
	my $new_answer =
	&version_selected_portfile($domain,$stu_name,$directory,$answer_file,$version);
	if ($new_answer ne 'problem getting file') {
	push(@{$versioned_portfiles}, $directory.$new_answer);
	&mark_as_readonly($domain,$stu_name,[$directory.$new_answer],
	[$symb,$env{'request.course.id'},'graded']);
	}
	}
	}

	sub get_next_version {
	my ($answer_name, $answer_ext, $dir_list) = @_;
	my $version;
	if (ref($dir_list) eq 'ARRAY') {
	foreach my $row (@{$dir_list}) {
	my ($file) = split(/\&/,$row,2);
	my ($file_name,$file_version,$file_ext) =
	&file_name_version_ext($file);
	if (($file_name eq $answer_name) &&
	($file_ext eq $answer_ext)) {
	# gets here if filename and extension match,
	# regardless of version
	if ($file_version ne '') {
	# a versioned file is found so save it for later
	if ($file_version > $version) {
	$version = $file_version;
	}
	}
	}
	}
	}
	$version ++;
	return($version);
	}

	sub version_selected_portfile {
	my ($domain,$stu_name,$directory,$file_name,$version) = @_;
	my ($answer_name,$answer_ver,$answer_ext) =
	&file_name_version_ext($file_name);
	my $new_answer;
	$env{'form.copy'} =
	&getfile("/uploaded/$domain/$stu_name/portfolio$directory$file_name");
	if($env{'form.copy'} eq '-1') {
	$new_answer = 'problem getting file';
	} else {
	$new_answer = $answer_name.'.'.$version.'.'.$answer_ext;
	my $copy_result =
	&finishuserfileupload($stu_name,$domain,'copy',
	'/portfolio'.$directory.$new_answer);
	}
	undef($env{'form.copy'});
	return ($new_answer);
	}

	sub file_name_version_ext {
	my ($file)=@_;
	my @file_parts = split(/\./, $file);
	my ($name,$version,$ext);
	if (@file_parts > 1) {
	$ext=pop(@file_parts);
	if (@file_parts > 1 && $file_parts[-1] =~ /^\d+$/) {
	$version=pop(@file_parts);
	}
	$name=join('.',@file_parts);
	} else {
	$name=join('.',@file_parts);
	}
	return($name,$version,$ext);
	}

#----------------------------------------------Get portfolio file permissions	#----------------------------------------------Get portfolio file permissions

sub get_portfile_permissions {	sub get_portfile_permissions {
Line 11019 sub modify_access_controls {	Line 10458 sub modify_access_controls {
}	}

sub make_public_indefinitely {	sub make_public_indefinitely {
my ($requrl) = @_;	my (@requrl) = @_;
	return &automated_portfile_access('public',\@requrl);
	}

	sub automated_portfile_access {
	my ($accesstype,$addsref,$delsref,$info) = @_;
	unless (($accesstype eq 'public') \|\| ($accesstype eq 'ip')) {
	return 'invalid';
	}
	my %urls;
	if (ref($addsref) eq 'ARRAY') {
	foreach my $requrl (@{$addsref}) {
	if (&is_portfolio_url($requrl)) {
	unless (exists($urls{$requrl})) {
	$urls{$requrl} = 'add';
	}
	}
	}
	}
	if (ref($delsref) eq 'ARRAY') {
	foreach my $requrl (@{$delsref}) {
	if (&is_portfolio_url($requrl)) {
	unless (exists($urls{$requrl})) {
	$urls{$requrl} = 'delete';
	}
	}
	}
	}
	unless (keys(%urls)) {
	return 'invalid';
	}
	my $ip;
	if ($accesstype eq 'ip') {
	if (ref($info) eq 'HASH') {
	if ($info->{'ip'} ne '') {
	$ip = $info->{'ip'};
	}
	}
	if ($ip eq '') {
	return 'invalid';
	}
	}
	my $errors;
my $now = time;	my $now = time;
my $action = 'activate';	my %current_perms;
my $aclnum = 0;	foreach my $requrl (sort(keys(%urls))) {
if (&is_portfolio_url($requrl)) {	my $action;
	if ($urls{$requrl} eq 'add') {
	$action = 'activate';
	} else {
	$action = 'none';
	}
	my $aclnum = 0;
my (undef,$udom,$unum,$file_name,$group) =	my (undef,$udom,$unum,$file_name,$group) =
&parse_portfolio_url($requrl);	&parse_portfolio_url($requrl);
my $current_perms = &get_portfile_permissions($udom,$unum);	unless (exists($current_perms{$unum.':'.$udom})) {
my %access_controls = &get_access_controls($current_perms,	$current_perms{$unum.':'.$udom} = &get_portfile_permissions($udom,$unum);
	}
	my %access_controls = &get_access_controls($current_perms{$unum.':'.$udom},
$group,$file_name);	$group,$file_name);
foreach my $key (keys(%{$access_controls{$file_name}})) {	foreach my $key (keys(%{$access_controls{$file_name}})) {
my ($num,$scope,$end,$start) =	my ($num,$scope,$end,$start) =
($key =~ /^([^:]+):([a-z]+)_(\d)_?(\d)$/);	($key =~ /^([^:]+):([a-z]+)_(\d)_?(\d)$/);
if ($scope eq 'public') {	if ($scope eq $accesstype) {
if ($start <= $now && $end == 0) {	if (($start <= $now) && ($end == 0)) {
$action = 'none';	if ($accesstype eq 'ip') {
} else {	if (ref($access_controls{$file_name}{$key}) eq 'HASH') {
	if (ref($access_controls{$file_name}{$key}{'ip'}) eq 'ARRAY') {
	if (grep(/^\Q$ip\E$/,@{$access_controls{$file_name}{$key}{'ip'}})) {
	if ($urls{$requrl} eq 'add') {
	$action = 'none';
	last;
	} else {
	$action = 'delete';
	$aclnum = $num;
	last;
	}
	}
	}
	}
	} elsif ($accesstype eq 'public') {
	if ($urls{$requrl} eq 'add') {
	$action = 'none';
	last;
	} else {
	$action = 'delete';
	$aclnum = $num;
	last;
	}
	}
	} elsif ($accesstype eq 'public') {
$action = 'update';	$action = 'update';
$aclnum = $num;	$aclnum = $num;
	last;
}	}
last;
}	}
}	}
if ($action eq 'none') {	if ($action eq 'none') {
return 'ok';	next;
} else {	} else {
my %changes;	my %changes;
my $newend = 0;	my $newend = 0;
my $newstart = $now;	my $newstart = $now;
my $newkey = $aclnum.':public_'.$newend.'_'.$newstart;	my $newkey = $aclnum.':'.$accesstype.'_'.$newend.'_'.$newstart;
$changes{$action}{$newkey} = {	$changes{$action}{$newkey} = {
type => 'public',	type => $accesstype,
time => {	time => {
start => $newstart,	start => $newstart,
end => $newend,	end => $newend,
},	},
};	};
	if ($accesstype eq 'ip') {
	$changes{$action}{$newkey}{'ip'} = [$ip];
	}
my ($outcome,$deloutcome,$new_values,$translation) =	my ($outcome,$deloutcome,$new_values,$translation) =
&modify_access_controls($file_name,\%changes,$udom,$unum);	&modify_access_controls($file_name,\%changes,$udom,$unum);
return $outcome;	unless ($outcome eq 'ok') {
	$errors .= $outcome.' ';
	}
}	}
	}
	if ($errors) {
	$errors =~ s/\s$//;
	return $errors;
} else {	} else {
return 'invalid';	return 'ok';
}	}
}	}

Line 11266 sub dirlist {	Line 10788 sub dirlist {
foreach my $user (sort(keys(%allusers))) {	foreach my $user (sort(keys(%allusers))) {
push(@alluserslist,$user.'&user');	push(@alluserslist,$user.'&user');
}	}

if (!%listerror) {	if (!%listerror) {
# no errors	# no errors
return (\@alluserslist);	return (\@alluserslist);
} elsif (scalar(keys(%servers)) == 1) {	} elsif (scalar(keys(%servers)) == 1) {
# one library server, one error	# one library server, one error
my ($key) = keys(%listerror);	my ($key) = keys(%listerror);
return (\@alluserslist, $listerror{$key});	return (\@alluserslist, $listerror{$key});
} elsif ( grep { $_ eq 'con_lost' } values(%listerror) ) {	} elsif ( grep { $_ eq 'con_lost' } values(%listerror) ) {
Line 11279 sub dirlist {	Line 10802 sub dirlist {
return (\@alluserslist, 'con_lost');	return (\@alluserslist, 'con_lost');
} else {	} else {
# multiple library servers and no con_lost -> data should be	# multiple library servers and no con_lost -> data should be
# complete.	# complete.
return (\@alluserslist);	return (\@alluserslist);
}	}

Line 11355 sub stat_file {	Line 10878 sub stat_file {
return ();	return ();
}	}

	# --------------------------------------------------------- recursedirs
	# Recursive function to traverse either a specific user's Authoring Space
	# or corresponding Published Resource Space, and populate the hash ref:
	# $dirhashref with URLs of all directories, and if $filehashref hash
	# ref arg is provided, the URLs of any files, excluding versioned, .meta,
	# or .rights files in resource space, and .meta, .save, .log, and .bak
	# files in Authoring Space.
	#
	# Inputs:
	#
	# $is_home - true if current server is home server for user's space
	# $context - either: priv, or res respectively for Authoring or Resource Space.
	# $docroot - Document root (i.e., /home/httpd/html
	# $toppath - Top level directory (i.e., /res/$dom/$uname or /priv/$dom/$uname
	# $relpath - Current path (relative to top level).
	# $dirhashref - reference to hash to populate with URLs of directories (Required)
	# $filehashref - reference to hash to populate with URLs of files (Optional)
	#
	# Returns: nothing
	#
	# Side Effects: populates $dirhashref, and $filehashref (if provided).
	#
	# Currently used by interface/londocs.pm to create linked select boxes for
	# directory and filename to import a Course "Author" resource into a course, and
	# also to create linked select boxes for Authoring Space and Directory to choose
	# save location for creation of a new "standard" problem from the Course Editor.
	#

	sub recursedirs {
	my ($is_home,$context,$docroot,$toppath,$relpath,$dirhashref,$filehashref) = @_;
	return unless (ref($dirhashref) eq 'HASH');
	my $currpath = $docroot.$toppath;
	if ($relpath) {
	$currpath .= "/$relpath";
	}
	my $savefile;
	if (ref($filehashref)) {
	$savefile = 1;
	}
	if ($is_home) {
	if (opendir(my $dirh,$currpath)) {
	foreach my $item (sort { lc($a) cmp lc($b) } grep(!/^\.+$/,readdir($dirh))) {
	next if ($item eq '');
	if (-d "$currpath/$item") {
	my $newpath;
	if ($relpath) {
	$newpath = "$relpath/$item";
	} else {
	$newpath = $item;
	}
	$dirhashref->{&Apache::lonlocal::js_escape($newpath)} = 1;
	&recursedirs($is_home,$context,$docroot,$toppath,$newpath,$dirhashref,$filehashref);
	} elsif ($savefile) {
	if ($context eq 'priv') {
	unless ($item =~ /\.(meta\|save\|log\|bak\|DS_Store)$/) {
	$filehashref->{&Apache::lonlocal::js_escape($relpath)}{$item} = 1;
	}
	} else {
	unless (($item =~ /\.meta$/) \|\| ($item =~ /\.\d+\.\w+$/) \|\| ($item =~ /\.rights$/)) {
	$filehashref->{&Apache::lonlocal::js_escape($relpath)}{$item} = 1;
	}
	}
	}
	}
	closedir($dirh);
	}
	} else {
	my ($dirlistref,$listerror) =
	&dirlist($toppath.$relpath);
	my @dir_lines;
	my $dirptr=16384;
	if (ref($dirlistref) eq 'ARRAY') {
	foreach my $dir_line (sort
	{
	my ($afile)=split('&',$a,2);
	my ($bfile)=split('&',$b,2);
	return (lc($afile) cmp lc($bfile));
	} (@{$dirlistref})) {
	my ($item,$dom,undef,$testdir,undef,undef,undef,undef,$size,undef,$mtime,undef,undef,undef,$obs,undef) =
	split(/\&/,$dir_line,16);
	$item =~ s/\s+$//;
	next if (($item =~ /^\.\.?$/) \|\| ($obs));
	if ($dirptr&$testdir) {
	my $newpath;
	if ($relpath) {
	$newpath = "$relpath/$item";
	} else {
	$relpath = '/';
	$newpath = $item;
	}
	$dirhashref->{&Apache::lonlocal::js_escape($newpath)} = 1;
	&recursedirs($is_home,$context,$docroot,$toppath,$newpath,$dirhashref,$filehashref);
	} elsif ($savefile) {
	if ($context eq 'priv') {
	unless ($item =~ /\.(meta\|save\|log\|bak\|DS_Store)$/) {
	$filehashref->{$relpath}{$item} = 1;
	}
	} else {
	unless (($item =~ /\.meta$/) \|\| ($item =~ /\.\d+\.\w+$/)) {
	$filehashref->{$relpath}{$item} = 1;
	}
	}
	}
	}
	}
	}
	return;
	}

# -------------------------------------------------------- Value of a Condition	# -------------------------------------------------------- Value of a Condition

# gets the value of a specific preevaluated condition	# gets the value of a specific preevaluated condition
Line 11518 sub get_userresdata {	Line 11150 sub get_userresdata {
# Parameters:	# Parameters:
# $name - Course/user name.	# $name - Course/user name.
# $domain - Name of the domain the user/course is registered on.	# $domain - Name of the domain the user/course is registered on.
# $type - Type of thing $name is (must be 'course' or 'user'	# $type - Type of thing $name is (must be 'course' or 'user')
	# $mapp - decluttered URL of enclosing map
	# $recursed - Ref to scalar -- set to 1, if nested maps have been recursed.
	# $recurseup - Ref to array of map URLs, starting with map containing
	# $mapp up through hierarchy of nested maps to top level map.
	# $courseid - CourseID (first part of param identifier).
	# $modifier - Middle part of param identifier.
	# $what - Last part of param identifier.
# @which - Array of names of resources desired.	# @which - Array of names of resources desired.
# Returns:	# Returns:
# The value of the first reasource in @which that is found in the	# The value of the first reasource in @which that is found in the
Line 11528 sub get_userresdata {	Line 11167 sub get_userresdata {
# 'user', an undefined reference is returned.	# 'user', an undefined reference is returned.
# If none of the resources are found, an undef is returned	# If none of the resources are found, an undef is returned
sub resdata {	sub resdata {
my ($name,$domain,$type,@which)=@_;	my ($name,$domain,$type,$mapp,$recursed,$recurseup,$courseid,
	$modifier,$what,@which)=@_;
my $result;	my $result;
if ($type eq 'course') {	if ($type eq 'course') {
$result=&get_courseresdata($name,$domain);	$result=&get_courseresdata($name,$domain);
Line 11537 sub resdata {	Line 11177 sub resdata {
}	}
if (!ref($result)) { return $result; }	if (!ref($result)) { return $result; }
foreach my $item (@which) {	foreach my $item (@which) {
if (defined($result->{$item->[0]})) {	if ($item->[1] eq 'course') {
	if ((ref($recurseup) eq 'ARRAY') && (ref($recursed) eq 'SCALAR')) {
	unless ($$recursed) {
	@{$recurseup} = &get_map_hierarchy($mapp,$courseid);
	$$recursed = 1;
	}
	foreach my $item (@${recurseup}) {
	my $norecursechk=$courseid.$modifier.$item.'___(all).'.$what;
	last if (defined($result->{$norecursechk}));
	my $recursechk=$courseid.$modifier.$item.'___(rec).'.$what;
	if (defined($result->{$recursechk})) { return [$result->{$recursechk},'map']; }
	}
	}
	}
	if (defined($result->{$item->[0]})) {
return [$result->{$item->[0]},$item->[1]];	return [$result->{$item->[0]},$item->[1]];
}	}
}	}
return undef;	return undef;
}	}

	sub get_domain_lti {
	my ($cdom,$context) = @_;
	my ($name,%lti);
	if ($context eq 'consumer') {
	$name = 'ltitools';
	} elsif ($context eq 'provider') {
	$name = 'lti';
	} else {
	return %lti;
	}
	my ($result,$cached)=&is_cached_new($name,$cdom);
	if (defined($cached)) {
	if (ref($result) eq 'HASH') {
	%lti = %{$result};
	}
	} else {
	my %domconfig = &get_dom('configuration',[$name],$cdom);
	if (ref($domconfig{$name}) eq 'HASH') {
	%lti = %{$domconfig{$name}};
	my %encdomconfig = &get_dom('encconfig',[$name],$cdom);
	if (ref($encdomconfig{$name}) eq 'HASH') {
	foreach my $id (keys(%lti)) {
	if (ref($encdomconfig{$name}{$id}) eq 'HASH') {
	foreach my $item ('key','secret') {
	$lti{$id}{$item} = $encdomconfig{$name}{$id}{$item};
	}
	}
	}
	}
	}
	my $cachetime = 246060;
	&do_cache_new($name,$cdom,\%lti,$cachetime);
	}
	return %lti;
	}

sub get_numsuppfiles {	sub get_numsuppfiles {
my ($cnum,$cdom,$ignorecache)=@_;	my ($cnum,$cdom,$ignorecache)=@_;
my $hashid=$cnum.':'.$cdom;	my $hashid=$cnum.':'.$cdom;
Line 11554 sub get_numsuppfiles {	Line 11244 sub get_numsuppfiles {
unless (defined($cached)) {	unless (defined($cached)) {
my $chome=&homeserver($cnum,$cdom);	my $chome=&homeserver($cnum,$cdom);
unless ($chome eq 'no_host') {	unless ($chome eq 'no_host') {
($suppcount,my $errors) = (0,0);	($suppcount,my $supptools,my $errors) = (0,0,0);
my $suppmap = 'supplemental.sequence';	my $suppmap = 'supplemental.sequence';
($suppcount,$errors) =	($suppcount,$supptools,$errors) =
&Apache::loncommon::recurse_supplemental($cnum,$cdom,$suppmap,$suppcount,$errors);	&Apache::loncommon::recurse_supplemental($cnum,$cdom,$suppmap,$suppcount,
	$supptools,$errors);
}	}
&do_cache_new('suppcount',$hashid,$suppcount,600);	&do_cache_new('suppcount',$hashid,$suppcount,600);
}	}
Line 11568 sub get_numsuppfiles {	Line 11259 sub get_numsuppfiles {
# EXT resource caching routines	# EXT resource caching routines
#	#

	{
	# Cache (5 seconds) of map hierarchy for speedup of navmaps display
	#
	# The course for which we cache
	my $cachedmapkey='';
	# The cached recursive maps for this course
	my %cachedmaps=();
	# When this was last done
	my $cachedmaptime='';

sub clear_EXT_cache_status {	sub clear_EXT_cache_status {
&delenv('cache.EXT.');	&delenv('cache.EXT.');
}	}
Line 11624 sub EXT {	Line 11325 sub EXT {
if ( (defined($Apache::lonhomework::parsing_a_problem)	if ( (defined($Apache::lonhomework::parsing_a_problem)
\|\| defined($Apache::lonhomework::parsing_a_task))	\|\| defined($Apache::lonhomework::parsing_a_task))
&&	&&
($symbparm eq &symbread()) ) {	($symbparm eq &symbread()) ) {
# if we are in the middle of processing the resource the	# if we are in the middle of processing the resource the
# get the value we are planning on committing	# get the value we are planning on committing
if (defined($Apache::lonhomework::results{$qualifierrest})) {	if (defined($Apache::lonhomework::results{$qualifierrest})) {
Line 11745 sub EXT {	Line 11446 sub EXT {
}	}
}	}

my ($section, $group, @groups);	my ($section, $group, @groups, @recurseup, $recursed);
my ($courselevelm,$courselevel);	my ($courselevelm,$courseleveli,$courselevel,$mapp);
if (($courseid eq '') && ($cid)) {	if (($courseid eq '') && ($cid)) {
$courseid = $cid;	$courseid = $cid;
}	}
if (($symbparm && $courseid) &&	if (($symbparm && $courseid) &&
(($courseid eq $env{'request.course.id'}) \|\| ($courseid eq $cid))) {	(($courseid eq $env{'request.course.id'}) \|\| ($courseid eq $cid))) {

#print '<br>'.$space.' - '.$qualifier.' - '.$spacequalifierrest;	#print '<br>'.$space.' - '.$qualifier.' - '.$spacequalifierrest;

# ----------------------------------------------------- Cascading lookup scheme	# ----------------------------------------------------- Cascading lookup scheme
my $symbp=$symbparm;	my $symbp=$symbparm;
my $mapp=&deversion((&decode_symb($symbp))[0]);	$mapp=&deversion((&decode_symb($symbp))[0]);

my $symbparm=$symbp.'.'.$spacequalifierrest;	my $symbparm=$symbp.'.'.$spacequalifierrest;
	my $recurseparm=$mapp.'___(rec).'.$spacequalifierrest;
my $mapparm=$mapp.'___(all).'.$spacequalifierrest;	my $mapparm=$mapp.'___(all).'.$spacequalifierrest;

if (($env{'user.name'} eq $uname) &&	if (($env{'user.name'} eq $uname) &&
($env{'user.domain'} eq $udom)) {	($env{'user.domain'} eq $udom)) {
$section=$env{'request.course.sec'};	$section=$env{'request.course.sec'};
Line 11778 sub EXT {	Line 11478 sub EXT {

my $seclevel=$courseid.'.['.$section.'].'.$spacequalifierrest;	my $seclevel=$courseid.'.['.$section.'].'.$spacequalifierrest;
my $seclevelr=$courseid.'.['.$section.'].'.$symbparm;	my $seclevelr=$courseid.'.['.$section.'].'.$symbparm;
	my $secleveli=$courseid.'.['.$section.'].'.$recurseparm;
my $seclevelm=$courseid.'.['.$section.'].'.$mapparm;	my $seclevelm=$courseid.'.['.$section.'].'.$mapparm;

$courselevel=$courseid.'.'.$spacequalifierrest;	$courselevel=$courseid.'.'.$spacequalifierrest;
my $courselevelr=$courseid.'.'.$symbparm;	my $courselevelr=$courseid.'.'.$symbparm;
	$courseleveli=$courseid.'.'.$recurseparm;
$courselevelm=$courseid.'.'.$mapparm;	$courselevelm=$courseid.'.'.$mapparm;

# ----------------------------------------------------------- first, check user	# ----------------------------------------------------------- first, check user

my $userreply=&resdata($uname,$udom,'user',	my $userreply=&resdata($uname,$udom,'user',$mapp,\$recursed,
	\@recurseup,$courseid,'.',$spacequalifierrest,
([$courselevelr,'resource'],	([$courselevelr,'resource'],
[$courselevelm,'map' ],	[$courselevelm,'map' ],
	[$courseleveli,'map' ],
[$courselevel, 'course' ]));	[$courselevel, 'course' ]));
if (defined($userreply)) { return &get_reply($userreply); }	if (defined($userreply)) { return &get_reply($userreply); }

Line 11796 sub EXT {	Line 11500 sub EXT {
my $coursereply;	my $coursereply;
if (@groups > 0) {	if (@groups > 0) {
$coursereply = &check_group_parms($courseid,\@groups,$symbparm,	$coursereply = &check_group_parms($courseid,\@groups,$symbparm,
$mapparm,$spacequalifierrest);	$recurseparm,$mapparm,$spacequalifierrest,
if (defined($coursereply)) { return &get_reply($coursereply); }	$mapp,\$recursed,\@recurseup);
	if (defined($coursereply)) { return &get_reply($coursereply); }
}	}

$coursereply=&resdata($env{'course.'.$courseid.'.num'},	$coursereply=&resdata($env{'course.'.$courseid.'.num'},
$env{'course.'.$courseid.'.domain'},	$env{'course.'.$courseid.'.domain'},
'course',	'course',$mapp,\$recursed,\@recurseup,
	$courseid,'.['.$section.'].',$spacequalifierrest,
([$seclevelr, 'resource'],	([$seclevelr, 'resource'],
[$seclevelm, 'map' ],	[$seclevelm, 'map' ],
	[$secleveli, 'map' ],
[$seclevel, 'course' ],	[$seclevel, 'course' ],
[$courselevelr,'resource']));	[$courselevelr,'resource']));
if (defined($coursereply)) { return &get_reply($coursereply); }	if (defined($coursereply)) { return &get_reply($coursereply); }
Line 11821 sub EXT {	Line 11528 sub EXT {
if ($thisparm) { return &get_reply([$thisparm,'resource']); }	if ($thisparm) { return &get_reply([$thisparm,'resource']); }
}	}
# ------------------------------------------ fourth, look in resource metadata	# ------------------------------------------ fourth, look in resource metadata

$spacequalifierrest=~s/\./\_/;	my $what = $spacequalifierrest;
	$what=~s/\./\_/;
my $filename;	my $filename;
if (!$symbparm) { $symbparm=&symbread(); }	if (!$symbparm) { $symbparm=&symbread(); }
if ($symbparm) {	if ($symbparm) {
Line 11830 sub EXT {	Line 11538 sub EXT {
} else {	} else {
$filename=$env{'request.filename'};	$filename=$env{'request.filename'};
}	}
my $metadata=&metadata($filename,$spacequalifierrest);	my $toolsymb;
	if (($filename =~ /ext\.tool$/) && ($what ne '0_gradable')) {
	$toolsymb = $symbparm;
	}
	my $metadata=&metadata($filename,$what,$toolsymb);
if (defined($metadata)) { return &get_reply([$metadata,'resource']); }	if (defined($metadata)) { return &get_reply([$metadata,'resource']); }
$metadata=&metadata($filename,'parameter_'.$spacequalifierrest);	$metadata=&metadata($filename,'parameter_'.$what,$toolsymb);
if (defined($metadata)) { return &get_reply([$metadata,'resource']); }	if (defined($metadata)) { return &get_reply([$metadata,'resource']); }

# ---------------------------------------------- fourth, look in rest of course	# ----------------------------------------------- fifth, look in rest of course
if ($symbparm && defined($courseid) &&	if ($symbparm && defined($courseid) &&
$courseid eq $env{'request.course.id'}) {	$courseid eq $env{'request.course.id'}) {
my $coursereply=&resdata($env{'course.'.$courseid.'.num'},	my $coursereply=&resdata($env{'course.'.$courseid.'.num'},
$env{'course.'.$courseid.'.domain'},	$env{'course.'.$courseid.'.domain'},
'course',	'course',$mapp,\$recursed,\@recurseup,
	$courseid,'.',$spacequalifierrest,
([$courselevelm,'map' ],	([$courselevelm,'map' ],
	[$courseleveli,'map' ],
[$courselevel, 'course']));	[$courselevel, 'course']));
if (defined($coursereply)) { return &get_reply($coursereply); }	if (defined($coursereply)) { return &get_reply($coursereply); }
}	}
Line 11856 sub EXT {	Line 11570 sub EXT {
if (defined($partgeneral[0])) { return &get_reply(\@partgeneral); }	if (defined($partgeneral[0])) { return &get_reply(\@partgeneral); }
}	}
if ($recurse) { return undef; }	if ($recurse) { return undef; }
my $pack_def=&packages_tab_default($filename,$varname);	my $pack_def=&packages_tab_default($filename,$varname,$toolsymb);
if (defined($pack_def)) { return &get_reply([$pack_def,'resource']); }	if (defined($pack_def)) { return &get_reply([$pack_def,'resource']); }
# ---------------------------------------------------- Any other user namespace	# ---------------------------------------------------- Any other user namespace
} elsif ($realm eq 'environment') {	} elsif ($realm eq 'environment') {
Line 11898 sub get_reply {	Line 11612 sub get_reply {
}	}

sub check_group_parms {	sub check_group_parms {
my ($courseid,$groups,$symbparm,$mapparm,$what) = @_;	my ($courseid,$groups,$symbparm,$recurseparm,$mapparm,$what,$mapp,
my @groupitems = ();	$recursed,$recurseupref) = @_;
my $resultitem;	my @levels = ([$symbparm,'resource'],[$mapparm,'map'],[$recurseparm,'map'],
my @levels = ([$symbparm,'resource'],[$mapparm,'map'],[$what,'course']);	[$what,'course']);
	my $coursereply;
foreach my $group (@{$groups}) {	foreach my $group (@{$groups}) {
	my @groupitems = ();
foreach my $level (@levels) {	foreach my $level (@levels) {
my $item = $courseid.'.['.$group.'].'.$level->[0];	my $item = $courseid.'.['.$group.'].'.$level->[0];
push(@groupitems,[$item,$level->[1]]);	push(@groupitems,[$item,$level->[1]]);
}	}
	my $coursereply = &resdata($env{'course.'.$courseid.'.num'},
	$env{'course.'.$courseid.'.domain'},
	'course',$mapp,$recursed,$recurseupref,
	$courseid,'.['.$group.'].',$what,
	@groupitems);
	last if (defined($coursereply));
}	}
my $coursereply = &resdata($env{'course.'.$courseid.'.num'},
$env{'course.'.$courseid.'.domain'},
'course',@groupitems);
return $coursereply;	return $coursereply;
}	}

	sub get_map_hierarchy {
	my ($mapname,$courseid) = @_;
	my @recurseup = ();
	if ($mapname) {
	if (($cachedmapkey eq $courseid) &&
	(abs($cachedmaptime-time)<5)) {
	if (ref($cachedmaps{$mapname}) eq 'ARRAY') {
	return @{$cachedmaps{$mapname}};
	}
	}
	my $navmap = Apache::lonnavmaps::navmap->new();
	if (ref($navmap)) {
	@recurseup = $navmap->recurseup_maps($mapname);
	undef($navmap);
	$cachedmaps{$mapname} = \@recurseup;
	$cachedmaptime=time;
	$cachedmapkey=$courseid;
	}
	}
	return @recurseup;
	}

	}

sub sort_course_groups { # Sort groups based on defined rankings. Default is sort().	sub sort_course_groups { # Sort groups based on defined rankings. Default is sort().
my ($courseid,@groups) = @_;	my ($courseid,@groups) = @_;
@groups = sort(@groups);	@groups = sort(@groups);
Line 11921 sub sort_course_groups { # Sort groups b	Line 11664 sub sort_course_groups { # Sort groups b
}	}

sub packages_tab_default {	sub packages_tab_default {
my ($uri,$varname)=@_;	my ($uri,$varname,$toolsymb)=@_;
my (undef,$part,$name)=split(/\./,$varname);	my (undef,$part,$name)=split(/\./,$varname);

my (@extension,@specifics,$do_default);	my (@extension,@specifics,$do_default);
foreach my $package (split(/,/,&metadata($uri,'packages'))) {	foreach my $package (split(/,/,&metadata($uri,'packages',$toolsymb))) {
my ($pack_type,$pack_part)=split(/_/,$package,2);	my ($pack_type,$pack_part)=split(/_/,$package,2);
if ($pack_type eq 'default') {	if ($pack_type eq 'default') {
$do_default=1;	$do_default=1;
Line 11994 my %metaentry;	Line 11737 my %metaentry;
my %importedpartids;	my %importedpartids;
my %importedrespids;	my %importedrespids;
sub metadata {	sub metadata {
my ($uri,$what,$liburi,$prefix,$depthcount)=@_;	my ($uri,$what,$toolsymb,$liburi,$prefix,$depthcount)=@_;
$uri=&declutter($uri);	$uri=&declutter($uri);
# if it is a non metadata possible uri return quickly	# if it is a non metadata possible uri return quickly
if (($uri eq '') \|\|	if (($uri eq '') \|\|
(($uri =~ m\|^/*adm/\|) &&	(($uri =~ m\|^/*adm/\|) &&
($uri !~ m\|^adm/includes\|) && ($uri !~ m{/(smppg\|bulletinboard)$})) \|\|	($uri !~ m\|^adm/includes\|) && ($uri !~ m{/(smppg\|bulletinboard\|ext\.tool)$})) \|\|
($uri =~ m\|/$\|) \|\| ($uri =~ m\|/.meta$\|) \|\| ($uri =~ m{^/*uploaded/.+\.sequence$})) {	($uri =~ m\|/$\|) \|\| ($uri =~ m\|/.meta$\|) \|\| ($uri =~ m{^/*uploaded/.+\.sequence$})) {
return undef;	return undef;
}	}
Line 12018 sub metadata {	Line 11761 sub metadata {
my ($result,$cached)=&is_cached_new('meta',$uri);	my ($result,$cached)=&is_cached_new('meta',$uri);
if (defined($cached)) { return $result->{':'.$what}; }	if (defined($cached)) { return $result->{':'.$what}; }
}	}

	#
	# If the uri is for an external tool the file from
	# which metadata should be retrieved depends on whether
	# the tool had been configured to be gradable (set in the Course
	# Editor or Resource Editor).
	#
	# If a valid symb has been included as the third arg in the call
	# to &metadata() that can be used to retrieve the value of
	# parameter_0_gradable set for the resource, and included in the
	# uploaded map containing the tool. The value is retrieved via
	# &EXT(), if a valid symb is available. Otherwise the value of
	# gradable in the exttool_$marker.db file for the tool instance
	# is retrieved via &get().
	#
	# When lonuserstate::traceroute() calls lonnet::EXT() for
	# hiddenresource and encrypturl (during course initialization)
	# the map-level parameter for resource.0.gradable included in the
	# uploaded map containing the tool will not yet have been stored
	# in the user_course_parms.db file for the user's session, so in
	# this case fall back to retrieving gradable status from the
	# exttool_$marker.db file.
	#
	# In order to avoid an infinite loop, &metadata() will return
	# before a call to &EXT(), if the uri is for an external tool
	# and the $what for which metadata is being requested is
	# parameter_0_gradable or 0_gradable.
	#

	if ($uri =~ /ext\.tool$/) {
	if (($what eq 'parameter_0_gradable') \|\| ($what eq '0_gradable')) {
	return;
	} else {
	my ($checked,$use_passback);
	if ($toolsymb ne '') {
	(undef,undef,my $tooluri) = &decode_symb($toolsymb);
	if (($tooluri eq $uri) && (&EXT('resource.0.gradable',$toolsymb))) {
	$checked = 1;
	if (&EXT('resource.0.gradable',$toolsymb) =~ /^yes$/i) {
	$use_passback = 1;
	}
	}
	}
	unless ($checked) {
	my ($ignore,$cdom,$cnum,$marker) = split(m{/},$uri);
	$marker=~s/\D//g;
	if ($marker) {
	my %toolsettings=&get('exttool_'.$marker,['gradable'],$cdom,$cnum);
	$use_passback = $toolsettings{'gradable'};
	}
	}
	if ($use_passback) {
	$filename = '/home/httpd/html/res/lib/templates/LTIpassback.tool';
	} else {
	$filename = '/home/httpd/html/res/lib/templates/LTIstandard.tool';
	}
	}
	}

{	{
# Imported parts would go here	# Imported parts would go here
my @origfiletagids=();	my @origfiletagids=();
Line 12126 sub metadata {	Line 11928 sub metadata {
# Check metadata for imported file to	# Check metadata for imported file to
# see if it contained response items	# see if it contained response items
#	#
	my ($origfile,@libfilekeys);
my %currmetaentry = %metaentry;	my %currmetaentry = %metaentry;
my $libresponseorder = &metadata($location,'responseorder');	@libfilekeys = split(/,/,&metadata($location,'keys',undef,undef,undef,
my $origfile;	$depthcount+1));
if ($libresponseorder ne '') {	if (grep(/^responseorder$/,@libfilekeys)) {
if ($#origfiletagids<0) {	my $libresponseorder = &metadata($location,'responseorder',undef,undef,
undef(%importedrespids);	undef,$depthcount+1);
undef(%importedpartids);	if ($libresponseorder ne '') {
}	if ($#origfiletagids<0) {
@{$importedrespids{$importid}} = split(/\s,\s/,$libresponseorder);	undef(%importedrespids);
if (@{$importedrespids{$importid}} > 0) {	undef(%importedpartids);
$importedresponses = 1;	}
	my @respids = split(/\s,\s/,$libresponseorder);
	if (@respids) {
	$importedrespids{$importid} = join(',',map { $importid.'_'.$_ } @respids);
	}
	if ($importedrespids{$importid} ne '') {
	$importedresponses = 1;
# We need to get the original file and the imported file to get the response order correct	# We need to get the original file and the imported file to get the response order correct
# Load and inspect original file	# Load and inspect original file
if ($#origfiletagids<0) {	if ($#origfiletagids<0) {
my $origfilelocation=$perlvar{'lonDocRoot'}.&clutter($uri);	my $origfilelocation=$perlvar{'lonDocRoot'}.&clutter($uri);
$origfile=&getfile($origfilelocation);	$origfile=&getfile($origfilelocation);
@origfiletagids=($origfile=~/<((?:\w+)response\|import\|part)[^>]id\s=\s[\"\']([^\"\']+)[\"\'][^>]>/gs);	@origfiletagids=($origfile=~/<((?:\w+)response\|import\|part)[^>]id\s=\s[\"\']([^\"\']+)[\"\'][^>]>/gs);
	}
}	}
}	}
}	}
Line 12168 sub metadata {	Line 11978 sub metadata {
@origfiletagids=($origfile=~/<(part\|import)[^>]id\s=\s[\"\']([^\"\']+)[\"\'][^>]>/gs);	@origfiletagids=($origfile=~/<(part\|import)[^>]id\s=\s[\"\']([^\"\']+)[\"\'][^>]>/gs);
}	}
}	}
	my @impfilepartids;
# Load and inspect imported file	# If <partorder> tag is included in metadata for the imported file
my $impfile=&getfile($location);	# get the parts in the imported file from that.
my @impfilepartids=($impfile=~/<part[^>]id\s=\s[\"\']([^\"\']+)[\"\'][^>]>/gs);	if (grep(/^partorder$/,@libfilekeys)) {
	%currmetaentry = %metaentry;
	my $libpartorder = &metadata($location,'partorder',undef,undef,undef,
	$depthcount+1);
	%metaentry = %currmetaentry;
	undef(%currmetaentry);
	if ($libpartorder ne '') {
	@impfilepartids=split(/\s,\s/,$libpartorder);
	}
	} else {
	# If no <partorder> tag available, load and inspect imported file
	my $impfile=&getfile($location);
	@impfilepartids=($impfile=~/<part[^>]id\s=\s[\"\']([^\"\']+)[\"\'][^>]>/gs);
	}
if ($#impfilepartids>=0) {	if ($#impfilepartids>=0) {
# This problem had parts	# This problem had parts
$importedpartids{$token->[2]->{'id'}}=join(',',@impfilepartids);	$importedpartids{$token->[2]->{'id'}}=join(',',@impfilepartids);
Line 12191 sub metadata {	Line 12014 sub metadata {

if ($depthcount<20) {	if ($depthcount<20) {
my $metadata =	my $metadata =
&metadata($uri,'keys', $location,$unikey,	&metadata($uri,'keys',$toolsymb,$location,$unikey,
$depthcount+1);	$depthcount+1);
foreach my $meta (split(',',$metadata)) {	foreach my $meta (split(',',$metadata)) {
$metaentry{':'.$meta}=$metaentry{':'.$meta};	$metaentry{':'.$meta}=$metaentry{':'.$meta};
$metathesekeys{$meta}=1;	$metathesekeys{$meta}=1;
}	}

}	}
} else {	} else {
#	#
Line 12266 sub metadata {	Line 12088 sub metadata {
$dir=~s\|[^/]*$\|\|;	$dir=~s\|[^/]*$\|\|;
$location=&filelocation($dir,$location);	$location=&filelocation($dir,$location);
my $rights_metadata =	my $rights_metadata =
&metadata($uri,'keys',$location,'_rights',	&metadata($uri,'keys',$toolsymb,$location,'_rights',
$depthcount+1);	$depthcount+1);
foreach my $rights (split(',',$rights_metadata)) {	foreach my $rights (split(',',$rights_metadata)) {
#$metaentry{':'.$rights}=$metacache{$uri}->{':'.$rights};	#$metaentry{':'.$rights}=$metacache{$uri}->{':'.$rights};
Line 12287 sub metadata {	Line 12109 sub metadata {
$metathesekeys{'partorder'}=1;	$metathesekeys{'partorder'}=1;
}	}
if ($importedresponses) {	if ($importedresponses) {
# We had imported responses and need to rebuild responseorder	# We had imported responses and need to rebuil responseorder
$metaentry{':responseorder'}='';	$metaentry{':responseorder'}='';
$metathesekeys{'responseorder'}=1;	$metathesekeys{'responseorder'}=1;
}	}
Line 12301 sub metadata {	Line 12123 sub metadata {
} elsif ($origfiletagids[$index] eq 'import') {	} elsif ($origfiletagids[$index] eq 'import') {
if ($importedparts) {	if ($importedparts) {
# We have imported parts at this position	# We have imported parts at this position
$metaentry{':partorder'}.=','.$importedpartids{$origid};	if ($importedpartids{$origid} ne '') {
	$metaentry{':partorder'}.=','.$importedpartids{$origid};
	}
}	}
if ($importedresponses) {	if ($importedresponses) {
# We have imported responses at this position	# We have imported responses at this position
if (ref($importedrespids{$origid}) eq 'ARRAY') {	if ($importedrespids{$origid} ne '') {
$metaentry{':responseorder'}.=','.join(',',map { $origid.'_'.$_ } @{$importedrespids{$origid}});	$metaentry{':responseorder'}.=','.$importedrespids{$origid};
}	}
}	}
} else {	} else {
Line 12323 sub metadata {	Line 12147 sub metadata {
$metaentry{':responseorder'}=~s/^\,//;	$metaentry{':responseorder'}=~s/^\,//;
}	}
}	}

$metaentry{':keys'} = join(',',keys(%metathesekeys));	$metaentry{':keys'} = join(',',keys(%metathesekeys));
&metadata_generate_part0(\%metathesekeys,\%metaentry,$uri);	&metadata_generate_part0(\%metathesekeys,\%metaentry,$uri);
$metaentry{':allpossiblekeys'}=join(',',keys(%metathesekeys));	$metaentry{':allpossiblekeys'}=join(',',keys(%metathesekeys));
&do_cache_new('meta',$uri,\%metaentry,$cachetime);	unless ($liburi) {
	&do_cache_new('meta',$uri,\%metaentry,$cachetime);
	}
# this is the end of "was not already recently cached	# this is the end of "was not already recently cached
}	}
return $metaentry{':'.$what};	return $metaentry{':'.$what};
Line 12586 sub symbverify {	Line 12411 sub symbverify {

if (tie(%bighash,'GDBM_File',$env{'request.course.fn'}.'.db',	if (tie(%bighash,'GDBM_File',$env{'request.course.fn'}.'.db',
&GDBM_READER(),0640)) {	&GDBM_READER(),0640)) {
	my $noclutter;
if (($thisurl =~ m{^/adm/wrapper/ext/}) \|\| ($thisurl =~ m{^ext/})) {	if (($thisurl =~ m{^/adm/wrapper/ext/}) \|\| ($thisurl =~ m{^ext/})) {
$thisurl =~ s/\?.+$//;	$thisurl =~ s/\?.+$//;
if ($map =~ m{^uploaded/.+\.page$}) {	if ($map =~ m{^uploaded/.+\.page$}) {
$thisurl =~ s{^(/adm/wrapper\|)/ext/}{http://};	$thisurl =~ s{^(/adm/wrapper\|)/ext/}{http://};
$thisurl =~ s{^\Qhttp://https://\E}{https://};	$thisurl =~ s{^\Qhttp://https://\E}{https://};
	$noclutter = 1;
}	}
}	}
my $ids;	my $ids;
if ($map =~ m{^uploaded/.+\.page$}) {	if ($noclutter) {
$ids=$bighash{'ids_'.&clutter_with_no_wrapper($thisurl)};	$ids=$bighash{'ids_'.$thisurl};
} else {	} else {
$ids=$bighash{'ids_'.&clutter($thisurl)};	$ids=$bighash{'ids_'.&clutter($thisurl)};
}	}
unless ($ids) {	unless ($ids) {
my $idkey = 'ids_'.($thisurl =~ m{^/}? '' : '/').$thisurl;	my $idkey = 'ids_'.($thisurl =~ m{^/}? '' : '/').$thisurl;
$ids=$bighash{$idkey};	$ids=$bighash{$idkey};
}	}
if ($ids) {	if ($ids) {
Line 12616 sub symbverify {	Line 12443 sub symbverify {
if (ref($encstate)) {	if (ref($encstate)) {
$$encstate = $bighash{'encrypted_'.$id};	$$encstate = $bighash{'encrypted_'.$id};
}	}
if (($env{'request.role.adv'}) \|\|	if (($env{'request.role.adv'}) \|\|
($bighash{'encrypted_'.$id} eq $env{'request.enc'}) \|\|	($bighash{'encrypted_'.$id} eq $env{'request.enc'}) \|\|
($thisurl eq '/adm/navmaps')) {	($thisurl eq '/adm/navmaps')) {
$okay=1;	$okay=1;
last;	last;
}	}
}	}
}	}
}	}
untie(%bighash);	untie(%bighash);
}	}
Line 12695 sub deversion {	Line 12522 sub deversion {
# ------------------------------------------------------ Return symb list entry	# ------------------------------------------------------ Return symb list entry

sub symbread {	sub symbread {
my ($thisfn,$donotrecurse,$ignorecachednull,$checkforblock,$possibles,	my ($thisfn,$donotrecurse,$ignorecachednull,$checkforblock,$possibles)=@_;
$ignoresymbdb,$noenccheck)=@_;
my $cache_str='request.symbread.cached.'.$thisfn;	my $cache_str='request.symbread.cached.'.$thisfn;
if (defined($env{$cache_str})) {	if (defined($env{$cache_str})) {
unless (ref($possibles) eq 'HASH') {	if ($ignorecachednull) {
if ($ignorecachednull) {	return $env{$cache_str} unless ($env{$cache_str} eq '');
return $env{$cache_str} unless ($env{$cache_str} eq '');	} else {
} else {	return $env{$cache_str};
return $env{$cache_str};
}
}	}
}	}
# no filename provided? try from environment	# no filename provided? try from environment
unless ($thisfn) {	unless ($thisfn) {
if ($env{'request.symb'}) {	if ($env{'request.symb'}) {
return $env{$cache_str}=&symbclean($env{'request.symb'});	return $env{$cache_str}=&symbclean($env{'request.symb'});
}	}
$thisfn=$env{'request.filename'};	$thisfn=$env{'request.filename'};
}	}
if ($thisfn=~m\|^/enc/\|) { $thisfn=&Apache::lonenc::unencrypted($thisfn); }	if ($thisfn=~m\|^/enc/\|) { $thisfn=&Apache::lonenc::unencrypted($thisfn); }
# is that filename actually a symb? Verify, clean, and return	# is that filename actually a symb? Verify, clean, and return
Line 12726 sub symbread {	Line 12550 sub symbread {
my %bighash;	my %bighash;
my $syval='';	my $syval='';
if (($env{'request.course.fn'}) && ($thisfn)) {	if (($env{'request.course.fn'}) && ($thisfn)) {
unless ($ignoresymbdb) {	my $targetfn = $thisfn;
if (tie(%hash,'GDBM_File',$env{'request.course.fn'}.'_symb.db',	if ( ($thisfn =~ m/^(uploaded\|editupload)\//) && ($thisfn !~ m/\.(page\|sequence)$/) ) {
&GDBM_READER(),0640)) {	$targetfn = 'adm/wrapper/'.$thisfn;
$syval=$hash{$thisfn};	}
untie(%hash);	if ($targetfn =~ m\|^adm/wrapper/(ext/.*)\|) {
}	$targetfn=$1;
if ($syval && $checkforblock) {	}
my @blockers = &has_comm_blocking('bre',$syval,$thisfn,$ignoresymbdb,$noenccheck);	if (tie(%hash,'GDBM_File',$env{'request.course.fn'}.'_symb.db',
if (@blockers) {	&GDBM_READER(),0640)) {
$syval='';	$syval=$hash{$targetfn};
}	untie(%hash);
}
}	}
# ---------------------------------------------------------- There was an entry	# ---------------------------------------------------------- There was an entry
if ($syval) {	if ($syval) {
Line 12770 sub symbread {	Line 12593 sub symbread {
$syval=&encode_symb($bighash{'map_id_'.$mapid},	$syval=&encode_symb($bighash{'map_id_'.$mapid},
$resid,$thisfn);	$resid,$thisfn);
if (ref($possibles) eq 'HASH') {	if (ref($possibles) eq 'HASH') {
unless ($bighash{'randomout_'.$ids} \|\| $env{'request.role.adv'}) {	$possibles->{$syval} = 1;
$possibles->{$syval} = 1;
}
}	}
if ($checkforblock) {	if ($checkforblock) {
unless ($bighash{'randomout_'.$ids} \|\| $env{'request.role.adv'}) {	my @blockers = &has_comm_blocking('bre',$syval,$bighash{'src_'.$ids});
my @blockers = &has_comm_blocking('bre',$syval,$bighash{'src_'.$ids},'',$noenccheck);	if (@blockers) {
if (@blockers) {	$syval = '';
$syval = '';	return;
untie(%bighash);
return $env{$cache_str}='';
}
}	}
}	}
} elsif ((!$donotrecurse) \|\| ($checkforblock) \|\| (ref($possibles) eq 'HASH')) {	} elsif ((!$donotrecurse) \|\| ($checkforblock) \|\| (ref($possibles) eq 'HASH')) {
# ------------------------------------------ There is more than one possibility	# ------------------------------------------ There is more than one possibility
my $realpossible=0;	my $realpossible=0;
foreach my $id (@possibilities) {	foreach my $id (@possibilities) {
Line 12792 sub symbread {	Line 12610 sub symbread {
my $canaccess;	my $canaccess;
if (($donotrecurse) \|\| ($checkforblock) \|\| (ref($possibles) eq 'HASH')) {	if (($donotrecurse) \|\| ($checkforblock) \|\| (ref($possibles) eq 'HASH')) {
$canaccess = 1;	$canaccess = 1;
} else {	} else {
$canaccess = &allowed('bre',$file);	$canaccess = &allowed('bre',$file);
}	}
if ($canaccess) {	if ($canaccess) {
my ($mapid,$resid)=split(/\./,$id);	my ($mapid,$resid)=split(/\./,$id);
if ($bighash{'map_type_'.$mapid} ne 'page') {	if ($bighash{'map_type_'.$mapid} ne 'page') {
my $poss_syval=&encode_symb($bighash{'map_id_'.$mapid},	my $poss_syval=&encode_symb($bighash{'map_id_'.$mapid},
$resid,$thisfn);	$resid,$thisfn);
next if ($bighash{'randomout_'.$id} && !$env{'request.role.adv'});	if (ref($possibles) eq 'HASH') {
next unless (($noenccheck) \|\| ($bighash{'encrypted_'.$id} eq $env{'request.enc'}));	$possibles->{$syval} = 1;
	}
if ($checkforblock) {	if ($checkforblock) {
my @blockers = &has_comm_blocking('bre',$poss_syval,$file,'',$noenccheck);	my @blockers = &has_comm_blocking('bre',$poss_syval,$file);
if (@blockers > 0) {	unless (@blockers > 0) {
$syval = '';
} else {
$syval = $poss_syval;	$syval = $poss_syval;
$realpossible++;	$realpossible++;
}	}
Line 12814 sub symbread {	Line 12631 sub symbread {
$syval = $poss_syval;	$syval = $poss_syval;
$realpossible++;	$realpossible++;
}	}
if ($syval) {
if (ref($possibles) eq 'HASH') {
$possibles->{$syval} = 1;
}
}
}	}
}	}
}	}
Line 12980 sub rndseed {	Line 12792 sub rndseed {
$which =&get_rand_alg($courseid);	$which =&get_rand_alg($courseid);
}	}
if (defined(&getCODE())) {	if (defined(&getCODE())) {

if ($which eq '64bit5') {	if ($which eq '64bit5') {
return &rndseed_CODE_64bit5($symb,$courseid,$domain,$username);	return &rndseed_CODE_64bit5($symb,$courseid,$domain,$username);
} elsif ($which eq '64bit4') {	} elsif ($which eq '64bit4') {
Line 13165 sub rndseed_CODE_64bit5 {	Line 12978 sub rndseed_CODE_64bit5 {
sub setup_random_from_rndseed {	sub setup_random_from_rndseed {
my ($rndseed)=@_;	my ($rndseed)=@_;
if ($rndseed =~/([,:])/) {	if ($rndseed =~/([,:])/) {
my ($num1,$num2) = map { abs($_); } (split(/[,:]/,$rndseed));	my ($num1,$num2) = map { abs($_); } (split(/[,:]/,$rndseed));
if ((!$num1) \|\| (!$num2) \|\| ($num1 > 2147483562) \|\| ($num2 > 2147483398)) {	if ((!$num1) \|\| (!$num2) \|\| ($num1 > 2147483562) \|\| ($num2 > 2147483398)) {
&Math::Random::random_set_seed_from_phrase($rndseed);	&Math::Random::random_set_seed_from_phrase($rndseed);
} else {	} else {
Line 13349 sub repcopy_userfile {	Line 13162 sub repcopy_userfile {
}	}
# now the path exists for sure	# now the path exists for sure
# get a user agent	# get a user agent
my $ua=new LWP::UserAgent;
my $transferfile=$file.'.in.transfer';	my $transferfile=$file.'.in.transfer';
# FIXME: this should flock	# FIXME: this should flock
if (-e $transferfile) { return 'ok'; }	if (-e $transferfile) { return 'ok'; }
my $request;	my $request;
$uri=~s/^\///;	$uri=~s/^\///;
my $homeserver = &homeserver($cnum,$cdom);	my $homeserver = &homeserver($cnum,$cdom);
my $hostname = &hostname($homeserver);
my $protocol = $protocol{$homeserver};	my $protocol = $protocol{$homeserver};
$protocol = 'http' if ($protocol ne 'https');	$protocol = 'http' if ($protocol ne 'https');
$request=new HTTP::Request('GET',$protocol.'://'.$hostname.'/raw/'.$uri);	$request=new HTTP::Request('GET',$protocol.'://'.&hostname($homeserver).'/raw/'.$uri);
my $response=$ua->request($request,$transferfile);	my $response = &LONCAPA::LWPReq::makerequest($homeserver,$request,$transferfile,\%perlvar,'',0,1);
# did it work?	# did it work?
if ($response->is_error()) {	if ($response->is_error()) {
unlink($transferfile);	unlink($transferfile);
Line 13383 sub tokenwrapper {	Line 13194 sub tokenwrapper {
$file=~s\|(\?\.)$\|\|;	$file=~s\|(\?\.)$\|\|;
&appenv({"userfile.$udom/$uname/$file" => $env{'request.course.id'}});	&appenv({"userfile.$udom/$uname/$file" => $env{'request.course.id'}});
my $homeserver = &homeserver($uname,$udom);	my $homeserver = &homeserver($uname,$udom);
my $hostname = &hostname($homeserver);
my $protocol = $protocol{$homeserver};	my $protocol = $protocol{$homeserver};
$protocol = 'http' if ($protocol ne 'https');	$protocol = 'http' if ($protocol ne 'https');
return $protocol.'://'.$hostname.'/'.$uri.	return $protocol.'://'.&hostname($homeserver).'/'.$uri.
(($uri=~/\?/)?'&':'?').'token='.$token.	(($uri=~/\?/)?'&':'?').'token='.$token.
'&tokenissued='.$perlvar{'lonHostID'};	'&tokenissued='.$perlvar{'lonHostID'};
} else {	} else {
Line 13402 sub getuploaded {	Line 13212 sub getuploaded {
my ($reqtype,$uri,$cdom,$cnum,$info,$rtncode) = @_;	my ($reqtype,$uri,$cdom,$cnum,$info,$rtncode) = @_;
$uri=~s/^\///;	$uri=~s/^\///;
my $homeserver = &homeserver($cnum,$cdom);	my $homeserver = &homeserver($cnum,$cdom);
my $hostname = &hostname($homeserver);
my $protocol = $protocol{$homeserver};	my $protocol = $protocol{$homeserver};
$protocol = 'http' if ($protocol ne 'https');	$protocol = 'http' if ($protocol ne 'https');
$uri = $protocol.'://'.$hostname.'/raw/'.$uri;	$uri = $protocol.'://'.&hostname($homeserver).'/raw/'.$uri;
my $ua=new LWP::UserAgent;
my $request=new HTTP::Request($reqtype,$uri);	my $request=new HTTP::Request($reqtype,$uri);
my $response=$ua->request($request);	my $response=&LONCAPA::LWPReq::makerequest($homeserver,$request,'',\%perlvar,'',0,1);
$$rtncode = $response->code;	$$rtncode = $response->code;
if (! $response->is_success()) {	if (! $response->is_success()) {
return 'failed';	return 'failed';
Line 13538 sub machine_ids {	Line 13346 sub machine_ids {

sub additional_machine_domains {	sub additional_machine_domains {
my @domains;	my @domains;
if (-e "$perlvar{'lonTabDir'}/expected_domains.tab") {	open(my $fh,"<","$perlvar{'lonTabDir'}/expected_domains.tab");
if (open(my $fh,"<","$perlvar{'lonTabDir'}/expected_domains.tab")) {	while( my $line = <$fh>) {
while( my $line = <$fh>) {	$line =~ s/\s//g;
chomp($line);	push(@domains,$line);
$line =~ s/\s//g;
push(@domains,$line);
}
close($fh);
}
}	}
return @domains;	return @domains;
}	}
Line 13564 sub default_login_domain {	Line 13367 sub default_login_domain {
return $domain;	return $domain;
}	}

sub shared_institution {
my ($dom,$lonhost) = @_;
if ($lonhost eq '') {
$lonhost = $perlvar{'lonHostID'};
}
my $same_intdom;
my $hostintdom = &internet_dom($lonhost);
if ($hostintdom ne '') {
my %iphost = &get_iphost();
my $primary_id = &domain($dom,'primary');
my $primary_ip = &get_host_ip($primary_id);
if (ref($iphost{$primary_ip}) eq 'ARRAY') {
foreach my $id (@{$iphost{$primary_ip}}) {
my $intdom = &internet_dom($id);
if ($intdom eq $hostintdom) {
$same_intdom = 1;
last;
}
}
}
}
return $same_intdom;
}

sub uses_sts {
my ($ignore_cache) = @_;
my $lonhost = $perlvar{'lonHostID'};
my $hostname = &hostname($lonhost);
my $sts_on;
if ($protocol{$lonhost} eq 'https') {
my $cachetime = 12*3600;
if (!$ignore_cache) {
($sts_on,my $cached)=&is_cached_new('stspolicy',$lonhost);
if (defined($cached)) {
return $sts_on;
}
}
my $ua=new LWP::UserAgent;
my $url = $protocol{$lonhost}.'://'.$hostname.'/index.html';
my $request=new HTTP::Request('HEAD',$url);
my $response=$ua->request($request);
if ($response->is_success) {
my $has_sts = $response->header('Strict-Transport-Security');
if ($has_sts eq '') {
$sts_on = 0;
} else {
if ($has_sts =~ /\Qmax-age=\E(\d+)/) {
my $maxage = $1;
if ($maxage) {
$sts_on = 1;
} else {
$sts_on = 0;
}
} else {
$sts_on = 0;
}
}
return &do_cache_new('stspolicy',$lonhost,$sts_on,$cachetime);
}
}
return;
}

sub waf_allssl {
my ($host_name) = @_;
my $alias = &get_proxy_alias();
if ($host_name eq '') {
$host_name = $ENV{'SERVER_NAME'};
}
if (($host_name ne '') && ($alias eq $host_name)) {
my $serverhomedom = &host_domain($perlvar{'lonHostID'});
my %defdomdefaults = &get_domain_defaults($serverhomedom);
if ($defdomdefaults{'waf_sslopt'}) {
return $defdomdefaults{'waf_sslopt'};
}
}
return;
}

sub get_requestor_ip {
my ($r,$nolookup,$noproxy) = @_;
my $from_ip;
if (ref($r)) {
if ($r->can('useragent_ip')) {
if ($noproxy && $r->can('client_ip')) {
$from_ip = $r->client_ip();
} else {
$from_ip = $r->useragent_ip();
}
} elsif ($r->connection->can('remote_ip')) {
$from_ip = $r->connection->remote_ip();
} else {
$from_ip = $r->get_remote_host($nolookup);
}
} else {
$from_ip = $ENV{'REMOTE_ADDR'};
}
return $from_ip if ($noproxy);
# Who controls proxy settings for server
my $dom_in_use = $Apache::lonnet::perlvar{'lonDefDomain'};
my $proxyinfo = &get_proxy_settings($dom_in_use);
if ((ref($proxyinfo) eq 'HASH') && ($from_ip)) {
if ($proxyinfo->{'vpnint'}) {
if (&ip_match($from_ip,$proxyinfo->{'vpnint'})) {
return $from_ip;
}
}
if ($proxyinfo->{'trusted'}) {
if (&ip_match($from_ip,$proxyinfo->{'trusted'})) {
my $ipheader = $proxyinfo->{'ipheader'};
my ($ip,$xfor);
if (ref($r)) {
if ($ipheader) {
$ip = $r->headers_in->{$ipheader};
}
$xfor = $r->headers_in->{'X-Forwarded-For'};
} else {
if ($ipheader) {
$ip = $ENV{'HTTP_'.uc($ipheader)};
}
$xfor = $ENV{'HTTP_X_FORWARDED_FOR'};
}
if (($ip eq '') && ($xfor ne '')) {
foreach my $poss_ip (reverse(split(/\s,\s/,$xfor))) {
unless (&ip_match($poss_ip,$proxyinfo->{'trusted'})) {
$ip = $poss_ip;
last;
}
}
}
if ($ip ne '') {
return $ip;
}
}
}
}
return $from_ip;
}

sub get_proxy_settings {
my ($dom_in_use) = @_;
my %domdefaults = &Apache::lonnet::get_domain_defaults($dom_in_use);
my $proxyinfo = {
ipheader => $domdefaults{'waf_ipheader'},
trusted => $domdefaults{'waf_trusted'},
vpnint => $domdefaults{'waf_vpnint'},
vpnext => $domdefaults{'waf_vpnext'},
sslopt => $domdefaults{'waf_sslopt'},
};
return $proxyinfo;
}

sub ip_match {
my ($ip,$pattern_str) = @_;
$ip=Net::CIDR::cidrvalidate($ip);
if ($ip) {
return Net::CIDR::cidrlookup($ip,split(/\s,\s/,$pattern_str));
}
return;
}

sub get_proxy_alias {
my ($lonid) = @_;
if ($lonid eq '') {
$lonid = $perlvar{'lonHostID'};
}
if (!defined(&hostname($lonid))) {
return;
}
if ($lonid ne '') {
my ($alias,$cached) = &is_cached_new('proxyalias',$lonid);
if ($cached) {
return $alias;
}
my $dom = &Apache::lonnet::host_domain($lonid);
if ($dom ne '') {
my $cachetime = 606024;
my %domconfig =
&Apache::lonnet::get_dom('configuration',['wafproxy'],$dom);
if (ref($domconfig{'wafproxy'}) eq 'HASH') {
if (ref($domconfig{'wafproxy'}{'alias'}) eq 'HASH') {
$alias = $domconfig{'wafproxy'}{'alias'}{$lonid};
}
}
return &do_cache_new('proxyalias',$lonid,$alias,$cachetime);
}
}
return;
}

sub use_proxy_alias {
my ($r,$lonid) = @_;
my $alias = &get_proxy_alias($lonid);
if ($alias) {
my $dom = &host_domain($lonid);
if ($dom ne '') {
my $proxyinfo = &get_proxy_settings($dom);
my ($vpnint,$remote_ip);
if (ref($proxyinfo) eq 'HASH') {
$vpnint = $proxyinfo->{'vpnint'};
if ($vpnint) {
$remote_ip = &get_requestor_ip($r,1,1);
}
}
unless ($vpnint && &ip_match($remote_ip,$vpnint)) {
return $alias;
}
}
}
return;
}

sub alias_sso {
my ($lonid) = @_;
if ($lonid eq '') {
$lonid = $perlvar{'lonHostID'};
}
if (!defined(&hostname($lonid))) {
return;
}
if ($lonid ne '') {
my ($use_alias,$cached) = &is_cached_new('proxysaml',$lonid);
if ($cached) {
return $use_alias;
}
my $dom = &Apache::lonnet::host_domain($lonid);
if ($dom ne '') {
my $cachetime = 606024;
my %domconfig =
&Apache::lonnet::get_dom('configuration',['wafproxy'],$dom);
if (ref($domconfig{'wafproxy'}) eq 'HASH') {
if (ref($domconfig{'wafproxy'}{'saml'}) eq 'HASH') {
$use_alias = $domconfig{'wafproxy'}{'saml'}{$lonid};
}
}
return &do_cache_new('proxysaml',$lonid,$use_alias,$cachetime);
}
}
return;
}

sub get_saml_landing {
my ($lonid) = @_;
if ($lonid eq '') {
my $defdom = &default_login_domain();
my @hosts = &current_machine_ids();
if (@hosts > 1) {
foreach my $hostid (@hosts) {
if (&host_domain($hostid) eq $defdom) {
$lonid = $hostid;
last;
}
}
} else {
$lonid = $perlvar{'lonHostID'};
}
if ($lonid) {
unless (&Apache::lonnet::host_domain($lonid) eq $defdom) {
return;
}
} else {
return;
}
} elsif (!defined(&hostname($lonid))) {
return;
}
my ($landing,$cached) = &is_cached_new('samllanding',$lonid);
if ($cached) {
return $landing;
}
my $dom = &Apache::lonnet::host_domain($lonid);
if ($dom ne '') {
my $cachetime = 606024;
my %domconfig =
&Apache::lonnet::get_dom('configuration',['login'],$dom);
if (ref($domconfig{'login'}) eq 'HASH') {
if (ref($domconfig{'login'}{'saml'}) eq 'HASH') {
if (ref($domconfig{'login'}{'saml'}{$lonid}) eq 'HASH') {
$landing = 1;
}
}
}
return &do_cache_new('samllanding',$lonid,$landing,$cachetime);
}
return;
}

# ------------------------------------------------------------- Declutters URLs	# ------------------------------------------------------------- Declutters URLs

sub declutter {	sub declutter {
Line 13901 sub clutter {	Line 13417 sub clutter {
# &logthis("Got a blank emb style");	# &logthis("Got a blank emb style");
}	}
}	}
	} elsif ($thisfn =~ m{^/adm/$match_domain/$match_courseid/\d+/ext\.tool$}) {
	$thisfn='/adm/wrapper'.$thisfn;
}	}
return $thisfn;	return $thisfn;
}	}
Line 13974 sub get_dns {	Line 13492 sub get_dns {
}	}

my %alldns;	my %alldns;
if (open(my $config,"<","$perlvar{'lonTabDir'}/hosts.tab")) {	open(my $config,"<","$perlvar{'lonTabDir'}/hosts.tab");
foreach my $dns (<$config>) {	foreach my $dns (<$config>) {
next if ($dns !~ /^\^(\S*)/x);	next if ($dns !~ /^\^(\S*)/x);
my $line = $1;	my $line = $1;
my ($host,$protocol) = split(/:/,$line);	my ($host,$protocol) = split(/:/,$line);
if ($protocol ne 'https') {	if ($protocol ne 'https') {
$protocol = 'http';	$protocol = 'http';
}
$alldns{$host} = $protocol;
}	}
close($config);	$alldns{$host} = $protocol;
}	}
while (%alldns) {	while (%alldns) {
my ($dns) = sort { $b cmp $a } keys(%alldns);	my ($dns) = sort { $b cmp $a } keys(%alldns);
my @content;	my $request=new HTTP::Request('GET',"$alldns{$dns}://$dns$url");
if ($dns eq Sys::Hostname::FQDN::fqdn()) {	my $response = &LONCAPA::LWPReq::makerequest('',$request,'',\%perlvar,30,0);
my $command = (split('/',$url))[3];	delete($alldns{$dns});
my ($dir,$file) = &parse_getdns_url($command,$url);	next if ($response->is_error());
delete($alldns{$dns});	my @content = split("\n",$response->content);
next if (($dir eq '') \|\| ($file eq ''));	unless ($nocache) {
if (open(my $config,'<',"$dir/$file")) {
@content = <$config>;
close($config);
}
} else {
my $ua=new LWP::UserAgent;
$ua->timeout(30);
my $request=new HTTP::Request('GET',"$alldns{$dns}://$dns$url");
my $response=$ua->request($request);
delete($alldns{$dns});
next if ($response->is_error());
@content = split("\n",$response->content);
}
unless ($nocache) {
&do_cache_new('dns',$url,\@content,302460*60);	&do_cache_new('dns',$url,\@content,302460*60);
}	}
&$func(\@content,$hashref);	&$func(\@content,$hashref);
return;	return;
}	}
	close($config);
my $which = (split('/',$url))[3];	my $which = (split('/',$url))[3];
&logthis("unable to contact DNS defaulting to on disk file dns_$which.tab\n");	&logthis("unable to contact DNS defaulting to on disk file dns_$which.tab\n");
if (open(my $config,"<","$perlvar{'lonTabDir'}/dns_$which.tab")) {	open($config,"<","$perlvar{'lonTabDir'}/dns_$which.tab");
my @content = <$config>;	my @content = <$config>;
&$func(\@content,$hashref);	&$func(\@content,$hashref);
}
return;	return;
}	}

Line 14046 sub parse_dns_checksums_tab {	Line 13548 sub parse_dns_checksums_tab {
if (ref($lines) eq 'ARRAY') {	if (ref($lines) eq 'ARRAY') {
chomp(@{$lines});	chomp(@{$lines});
my $version = shift(@{$lines});	my $version = shift(@{$lines});
if ($version eq $release) {	if ($version eq $release) {
foreach my $line (@{$lines}) {	foreach my $line (@{$lines}) {
my ($file,$version,$shasum) = split(/,/,$line);	my ($file,$version,$shasum) = split(/,/,$line);
if ($file =~ m{^/etc/httpd/conf}) {	if ($file =~ m{^/etc/httpd/conf}) {
Line 14078 sub fetch_dns_checksums {	Line 13580 sub fetch_dns_checksums {
return \%checksums;	return \%checksums;
}	}

sub parse_getdns_url {
my ($command,$url) = @_;
my $dir = $perlvar{'lonTabDir'};
my $file;
if ($command eq 'hosts') {
$file = 'dns_hosts.tab';
} elsif ($command eq 'domain') {
$file = 'dns_domain.tab';
} elsif ($command eq 'checksums') {
my $version = (split('/',$url))[4];
$file = "dns_checksums/$version.tab",
}
return ($dir,$file);
}

# ------------------------------------------------------------ Read domain file	# ------------------------------------------------------------ Read domain file
{	{
my $loaded;	my $loaded;
Line 14215 sub parse_getdns_url {	Line 13702 sub parse_getdns_url {
&purge_remembered();	&purge_remembered();
&reset_domain_info();	&reset_domain_info();
&reset_hosts_ip_info();	&reset_hosts_ip_info();
	undef(%internetdom);
undef(%name_to_host);	undef(%name_to_host);
undef(%hostname);	undef(%hostname);
undef(%hostdom);	undef(%hostdom);
Line 14257 sub parse_getdns_url {	Line 13745 sub parse_getdns_url {
return %hostdom;	return %hostdom;
}	}

	sub all_host_intdom {
	&load_hosts_tab() if (!$loaded);
	return %internetdom;
	}

sub is_library {	sub is_library {
&load_hosts_tab() if (!$loaded);	&load_hosts_tab() if (!$loaded);

Line 14487 sub all_loncaparevs {	Line 13980 sub all_loncaparevs {
return qw(1.1 1.2 1.3 2.0 2.1 2.2 2.3 2.4 2.5 2.6 2.7 2.8 2.9 2.10 2.11);	return qw(1.1 1.2 1.3 2.0 2.1 2.2 2.3 2.4 2.5 2.6 2.7 2.8 2.9 2.10 2.11);
}	}

# ------------------------------------------------------- Read loncaparev table	# ---------------------------------------------------------- Read loncaparev table
{	{
sub load_loncaparevs {	sub load_loncaparevs {
if (-e "$perlvar{'lonTabDir'}/loncaparevs.tab") {	if (-e "$perlvar{'lonTabDir'}/loncaparevs.tab") {
if (open(my $config,"<","$perlvar{'lonTabDir'}/loncaparevs.tab")) {	if (open(my $config,"<","$perlvar{'lonTabDir'}/loncaparevs.tab")) {
while (my $configline=<$config>) {	while (my $configline=<$config>) {
Line 14503 sub all_loncaparevs {	Line 13996 sub all_loncaparevs {
}	}
}	}

# ----------------------------------------------------- Read serverhostID table	# ---------------------------------------------------------- Read serverhostID table
{	{
sub load_serverhomeIDs {	sub load_serverhomeIDs {
if (-e "$perlvar{'lonTabDir'}/serverhomeIDs.tab") {	if (-e "$perlvar{'lonTabDir'}/serverhomeIDs.tab") {
Line 14595 BEGIN {	Line 14088 BEGIN {
close($config);	close($config);
}	}

# --------------------------------------------------------- Read loncaparev table	# ---------------------------------------------------------- Read loncaparev table

&load_loncaparevs();	&load_loncaparevs();

# ------------------------------------------------------- Read serverhostID table	# ---------------------------------------------------------- Read serverhostID table

&load_serverhomeIDs();	&load_serverhomeIDs();

Line 14613 BEGIN {	Line 14106 BEGIN {
my $item = $token->[1];	my $item = $token->[1];
my $name = $token->[2]{'name'};	my $name = $token->[2]{'name'};
my $value = $token->[2]{'value'};	my $value = $token->[2]{'value'};
if ($item ne '' && $name ne '' && $value ne '') {	my $valuematch = $token->[2]{'valuematch'};
	my $namematch = $token->[2]{'namematch'};
	if ($item eq 'parameter') {
	if (($namematch ne '') \|\| (($name ne '') && ($value ne '' \|\| $valuematch ne ''))) {
	my $release = $parser->get_text();
	$release =~ s/(^\s\|\s$ )//gx;
	$needsrelease{$item.':'.$name.':'.$value.':'.$valuematch.':'.$namematch} = $release;
	}
	} elsif ($item ne '' && $name ne '') {
my $release = $parser->get_text();	my $release = $parser->get_text();
$release =~ s/(^\s\|\s$ )//gx;	$release =~ s/(^\s\|\s$ )//gx;
$needsrelease{$item.':'.$name.':'.$value} = $release;	$needsrelease{$item.':'.$name.':'.$value} = $release;
Line 14645 BEGIN {	Line 14146 BEGIN {

}	}

# ------------- set default texengine (domain default overrides this)
{
$deftex = LONCAPA::texengine();
}

# ------------- set default minimum length for passwords for internal auth users
{
$passwdmin = LONCAPA::passwd_min();
}

$memcache=new Cache::Memcached({'servers' => ['127.0.0.1:11211'],	$memcache=new Cache::Memcached({'servers' => ['127.0.0.1:11211'],
'compress_threshold'=> 20_000,	'compress_threshold'=> 20_000,
});	});
Line 14896 the answer, and also caches if there is	Line 14387 the answer, and also caches if there is

=item *	=item *
X<idget()>	X<idget()>
B<idget($udom,@ids)>: find the usernames behind a list of IDs	B<idget($udom,$idsref,$namespace)>: find the usernames behind either
(IDs are a unique resource in a domain, there must be only 1 ID per	a list of student/employee IDs or clicker IDs
username, and only 1 username per ID in a specific domain) (returns	(student/employee IDs are a unique resource in a domain, there must be
hash: id=>name,id=>name)	only 1 ID per username, and only 1 username per ID in a specific domain).
	clickerIDs are not necessarily unique, as students might share clickers.
	(returns hash: id=>name,id=>name)

=item *	=item *
X<idrget()>	X<idrget()>
Line 14908 usernames (returns hash: name=>id,name=>	Line 14401 usernames (returns hash: name=>id,name=>

=item *	=item *
X<idput()>	X<idput()>
B<idput($udom,%ids)>: store away a list of names and associated IDs	B<idput($udom,$idsref,$uhome,$namespace)>: store away a list of
	names and associated student/employee IDs or clicker IDs.

	=item *
	X<iddel()>
	B<iddel($udom,$idshashref,$uhome,$namespace)>: delete unwanted
	student/employee ID or clicker ID username look-ups from domain.
	The homeserver ($uhome) and namespace ($namespace) are optional.
	If no $uhome is provided, it will be determined usig &homeserver()
	for each user. If no $namespace is provided, the default is ids.

	=item *
	X<updateclickers()>
	B<updateclickers($udom,$action,$idshashref,$uhome,$critical)>: update
	clicker ID-to-username look-ups in clickers.db on library server.
	Permitted actions are add or del (i.e., add or delete). The
	clickers.db contains clickerID as keys (escaped), and each corresponding
	value is an escaped comma-separated list of usernames (for whom the
	library server is the homeserver), who registered that particular ID.
	If $critical is true, the update will be sent via &critical, otherwise
	&reply() will be used.

=item *	=item *
X<rolesinit()>	X<rolesinit()>
Line 14956 The first argument is required, all othe	Line 14469 The first argument is required, all othe

$priv is the privilege being checked.	$priv is the privilege being checked.
$uri contains additional information about what is being checked for access (e.g.,	$uri contains additional information about what is being checked for access (e.g.,
URL, course ID etc.).	URL, course ID etc.).
$symb is the unique resource instance identifier in a course; if needed,	$symb is the unique resource instance identifier in a course; if needed,
but not provided, it will be retrieved via a call to &symbread().	but not provided, it will be retrieved via a call to &symbread().
$role is the role for which a priv is being checked (only used if priv is evb).	$role is the role for which a priv is being checked (only used if priv is evb).
$clientip is the user's IP address (only used when checking for access to portfolio	$clientip is the user's IP address (only used when checking for access to portfolio
files).	files).
$noblockcheck, if true, skips calls to &has_comm_blocking() for the bre priv. This	$noblockcheck, if true, skips calls to &has_comm_blocking() for the bre priv. This
prevents recursive calls to &allowed.	prevents recursive calls to &allowed.

F: full access	F: full access
Line 15024 provided for types, will default to retu	Line 14537 provided for types, will default to retu
=item *	=item *

in_course($udom,$uname,$cdom,$cnum,$type,$hideprivileged) : determine if	in_course($udom,$uname,$cdom,$cnum,$type,$hideprivileged) : determine if
user: $uname:$udom has a role in the course: $cdom_$cnum.	user: $uname:$udom has a role in the course: $cdom_$cnum.

Additional optional arguments are: $type (if role checking is to be restricted	Additional optional arguments are: $type (if role checking is to be restricted
to certain user status types -- previous (expired roles), active (currently	to certain user status types -- previous (expired roles), active (currently
available roles) or future (roles available in the future), and	available roles) or future (roles available in the future), and
$hideprivileged -- if true will not report course roles for users who	$hideprivileged -- if true will not report course roles for users who
Line 15265 values that are the resource value. I b	Line 14778 values that are the resource value. I b
versions are also returned.	versions are also returned.

get_numsuppfiles($cnum,$cdom) : retrieve number of files in a course's	get_numsuppfiles($cnum,$cdom) : retrieve number of files in a course's
supplemental content area. This routine caches the number of files for	supplemental content area. This routine caches the number of files for
10 minutes.	10 minutes.

=back	=back
Line 15302 Returns:	Line 14815 Returns:

=back	=back

=head2 Bubblesheet Configuration

=over 4

=item *

get_scantron_config($which)

$which - the name of the configuration to parse from the file.

Parses and returns the bubblesheet configuration line selected as a
hash of configuration file fields.


Returns:
If the named configuration is not in the file, an empty
hash is returned.

a hash with the fields
name - internal name for the this configuration setup
description - text to display to operator that describes this config
CODElocation - if 0 or the string 'none'
- no CODE exists for this config
if -1 \|\| the string 'letter'
- a CODE exists for this config and is
a string of letters
Unsupported value (but planned for future support)
if a positive integer
- The CODE exists as the first n items from
the question section of the form
if the string 'number'
- The CODE exists for this config and is
a string of numbers
CODEstart - (only matter if a CODE exists) column in the line where
the CODE starts
CODElength - length of the CODE
IDstart - column where the student/employee ID starts
IDlength - length of the student/employee ID info
Qstart - column where the information from the bubbled
'questions' start
Qlength - number of columns comprising a single bubble line from
the sheet. (usually either 1 or 10)
Qon - either a single character representing the character used
to signal a bubble was chosen in the positional setup, or
the string 'letter' if the letter of the chosen bubble is
in the final, or 'number' if a number representing the
chosen bubble is in the file (1->A 0->J)
Qoff - the character used to represent that a bubble was
left blank
PaperID - if the scanning process generates a unique number for each
sheet scanned the column that this ID number starts in
PaperIDlength - number of columns that comprise the unique ID number
for the sheet of paper
FirstName - column that the first name starts in
FirstNameLength - number of columns that the first name spans
LastName - column that the last name starts in
LastNameLength - number of columns that the last name spans
BubblesPerRow - number of bubbles available in each row used to
bubble an answer. (If not specified, 10 assumed).


=item *

get_scantronformat_file($cdom)

$cdom - the course's domain (optional); if not supplied, uses
domain for current $env{'request.course.id'}.

Returns an array containing lines from the scantron format file for
the domain of the course.

If a url for a custom.tab file is listed in domain's configuration.db,
lines are from this file.

Otherwise, if a default.tab has been published in RES space by the
domainconfig user, lines are from this file.

Otherwise, fall back to getting lines from the legacy file on the
local server: /home/httpd/lonTabs/default_scantronformat.tab

=back

=head2 Resource Subroutines	=head2 Resource Subroutines

=over 4	=over 4
Line 15435 condval($condidx) : value of condition i	Line 14866 condval($condidx) : value of condition i

=item *	=item *

metadata($uri,$what,$liburi,$prefix,$depthcount) : request a	metadata($uri,$what,$toolsymb,$liburi,$prefix,$depthcount) : request a
resource's metadata, $what should be either a specific key, or either	resource's metadata, $what should be either a specific key, or either
'keys' (to get a list of possible keys) or 'packages' to get a list of	'keys' (to get a list of possible keys) or 'packages' to get a list of
packages that this resource currently uses, the last 3 arguments are only used internally for recursive metadata.	packages that this resource currently uses, the last 3 arguments are
	only used internally for recursive metadata.

	the toolsymb is only used where the uri is for an external tool (for which
	the uri as well as the symb are guaranteed to be unique).

this function automatically caches all requests	this function automatically caches all requests except any made recursively
	to retrieve a list of metadata keys for an imported library file ($liburi is
	defined).

=item *	=item *

Line 15450 will be stored for query	Line 14887 will be stored for query

=item *	=item *

symbread($filename,$donotrecurse,$ignorecachednull,$checkforblock,$possibles) :	symbread($filename,$donotrecurse,$ignorecachednull,$checkforblock,$possibles) :
return symbolic list entry (all arguments optional).	return symbolic list entry (all arguments optional).

Args: filename is the filename (including path) for the file for which a symb	Args: filename is the filename (including path) for the file for which a symb
is required; donotrecurse, if true will prevent calls to allowed() being made	is required; donotrecurse, if true will prevent calls to allowed() being made
to check access status if more than one resource was found in the bighash	to check access status if more than one resource was found in the bighash
(see rev. 1.249) to avoid an infinite loop if an ambiguous resource is part of	(see rev. 1.249) to avoid an infinite loop if an ambiguous resource is part of
a randompick); ignorecachednull, if true will prevent a symb of '' being	a randompick); ignorecachednull, if true will prevent a symb of '' being
returned if $env{$cache_str} is defined as ''; checkforblock if true will	returned if $env{$cache_str} is defined as ''; checkforblock if true will
cause possible symbs to be checked to determine if they are subject to content	cause possible symbs to be checked to determine if they are subject to content
blocking, if so they will not be included as possible symbs; possibles is a	blocking, if so they will not be included as possible symbs; possibles is a
ref to a hash, which, as a side effect, will be populated with all possible	ref to a hash, which, as a side effect, will be populated with all possible
symbs (content blocking not tested).	symbs (content blocking not tested).

returns the data handle	returns the data handle

=item *	=item *
Line 15473 and is a possible symb for the URL in $t	Line 14910 and is a possible symb for the URL in $t
resource that the user accessed using /enc/ returns a 1 on success, 0	resource that the user accessed using /enc/ returns a 1 on success, 0
on failure, user must be in a course, as it assumes the existence of	on failure, user must be in a course, as it assumes the existence of
the course initial hash, and uses $env('request.course.id'}. The third	the course initial hash, and uses $env('request.course.id'}. The third
arg is an optional reference to a scalar. If this arg is passed in the	arg is an optional reference to a scalar. If this arg is passed in the
call to symbverify, it will be set to 1 if the symb has been set to be	call to symbverify, it will be set to 1 if the symb has been set to be
encrypted; otherwise it will be null.	encrypted; otherwise it will be null.

=item *	=item *

Line 15528 expirespread($uname,$udom,$stype,$usymb)	Line 14965 expirespread($uname,$udom,$stype,$usymb)
devalidate($symb) : devalidate temporary spreadsheet calculations,	devalidate($symb) : devalidate temporary spreadsheet calculations,
forcing spreadsheet to reevaluate the resource scores next time.	forcing spreadsheet to reevaluate the resource scores next time.

=item *	=item *

can_edit_resource($file,$cnum,$cdom,$resurl,$symb,$group) : determine if current user can edit a particular resource,	can_edit_resource($file,$cnum,$cdom,$resurl,$symb,$group) : determine if current user can edit a particular resource,
when viewing in course context.	when viewing in course context.

input: six args -- filename (decluttered), course number, course domain,	input: six args -- filename (decluttered), course number, course domain,
url, symb (if registered) and group (if this is a	url, symb (if registered) and group (if this is a
group item -- e.g., bulletin board, group page etc.).	group item -- e.g., bulletin board, group page etc.).

output: array of five scalars --	output: array of five scalars --
Line 15542 when viewing in course context.	Line 14979 when viewing in course context.
$home -- homeserver of resource (i.e., for author if published,	$home -- homeserver of resource (i.e., for author if published,
or course if uploaded.).	or course if uploaded.).
$switchserver -- 1 if server switch will be needed.	$switchserver -- 1 if server switch will be needed.
$forceedit -- 1 if icon/link should be to go to edit mode	$forceedit -- 1 if icon/link should be to go to edit mode
$forceview -- 1 if icon/link should be to go to view mode	$forceview -- 1 if icon/link should be to go to view mode

=item *	=item *

is_course_upload($file,$cnum,$cdom)	is_course_upload($file,$cnum,$cdom)

Used in course context to determine if current file was uploaded to	Used in course context to determine if current file was uploaded to
the course (i.e., would be found in /userfiles/docs on the course's	the course (i.e., would be found in /userfiles/docs on the course's
homeserver.	homeserver.

input: 3 args -- filename (decluttered), course number and course domain.	input: 3 args -- filename (decluttered), course number and course domain.
Line 15564 homeserver.	Line 15001 homeserver.

=item *	=item *

store($storehash,$symb,$namespace,$udom,$uname,$laststore) : stores hash	store($storehash,$symb,$namespace,$udom,$uname,$laststore) : stores hash
permanently for this url; hashref needs to be given and should be a \%hashname;	permanently for this url; hashref needs to be given and should be a \%hashname;
the remaining args aren't required and if they aren't passed or are '' they will	the remaining args aren't required and if they aren't passed or are '' they will
be derived from the env (with the exception of $laststore, which is an	be derived from the env (with the exception of $laststore, which is an
optional arg used when a user's submission is stored in grading).	optional arg used when a user's submission is stored in grading).
$laststore is $version=$timestamp, where $version is the most recent version	$laststore is $version=$timestamp, where $version is the most recent version
number retrieved for the corresponding $symb in the $namespace db file, and	number retrieved for the corresponding $symb in the $namespace db file, and
$timestamp is the timestamp for that transaction (UNIX time).	$timestamp is the timestamp for that transaction (UNIX time).
$laststore is currently only passed when cstore() is called by	$laststore is currently only passed when cstore() is called by
structuretags::finalize_storage().	structuretags::finalize_storage().

=item *	=item *

cstore($storehash,$symb,$namespace,$udom,$uname,$laststore) : same as store	cstore($storehash,$symb,$namespace,$udom,$uname,$laststore) : same as store
but uses critical subroutine	but uses critical subroutine

=item *	=item *
Line 15715 server ($udom and $uhome are optional)	Line 15152 server ($udom and $uhome are optional)

=item *	=item *

get_domain_defaults($target_domain,$ignore_cache) : returns hash with defaults	get_domain_defaults($target_domain,$ignore_cache) : returns hash with defaults
for: authentication, language, quotas, timezone, date locale, and portal URL in	for: authentication, language, quotas, timezone, date locale, and portal URL in
the target domain.	the target domain.

Line 15749 requestcourses: ability to request cours	Line 15186 requestcourses: ability to request cours
=over	=over

=item	=item
official, unofficial, community, textbook	official, unofficial, community, textbook, placement

=back	=back

Line 15770 for course's uploaded content.	Line 15207 for course's uploaded content.
=over	=over

=item	=item
canuse_pdfforms, officialcredits, unofficialcredits, textbookcredits, officialquota, unofficialquota,	canuse_pdfforms, officialcredits, unofficialcredits, textbookcredits, officialquota, unofficialquota,
communityquota, textbookquota	communityquota, textbookquota, placementquota

=back	=back

Line 15781 on your servers.	Line 15218 on your servers.

=over	=over

=item	=item
remotesessions, hostedsessions	remotesessions, hostedsessions

=back	=back
Line 15789 remotesessions, hostedsessions	Line 15226 remotesessions, hostedsessions
=back	=back

In cases where a domain coordinator has never used the "Set Domain Configuration"	In cases where a domain coordinator has never used the "Set Domain Configuration"
utility to create a configuration.db file on a domain's primary library server	utility to create a configuration.db file on a domain's primary library server
only the following domain defaults: auth_def, auth_arg_def, lang_def	only the following domain defaults: auth_def, auth_arg_def, lang_def
-- corresponding values are authentication type (internal, krb4, krb5,	-- corresponding values are authentication type (internal, krb4, krb5,
or localauth), initial password or a kerberos realm, language (e.g., en-us) --	or localauth), initial password or a kerberos realm, language (e.g., en-us) --
will be available. Values are retrieved from cache (if current), unless the	will be available. Values are retrieved from cache (if current), unless the
optional $ignore_cache arg is true, or from domain's configuration.db (if available),	optional $ignore_cache arg is true, or from domain's configuration.db (if available),
or lastly from values in lonTabs/dns_domain,tab, or lonTabs/domain.tab.	or lastly from values in lonTabs/dns_domain,tab, or lonTabs/domain.tab.
Line 16075 userspace, probably shouldn't be called	Line 15512 userspace, probably shouldn't be called
formname: same as for userfileupload()	formname: same as for userfileupload()
fname: filename (including subdirectories) for the file	fname: filename (including subdirectories) for the file
parser: if 'parse', will parse (html) file to extract references to objects, links etc.	parser: if 'parse', will parse (html) file to extract references to objects, links etc.
if hashref, and context is scantron, will convert csv format to standard format
allfiles: reference to hash used to store objects found by parser	allfiles: reference to hash used to store objects found by parser
codebase: reference to hash used for codebases of java objects found by parser	codebase: reference to hash used for codebases of java objects found by parser
thumbwidth: width (pixels) of thumbnail to be created for uploaded image	thumbwidth: width (pixels) of thumbnail to be created for uploaded image
Line 16221 Returns:	Line 15657 Returns:

get_timebased_id():	get_timebased_id():

Attempts to get a unique timestamp-based suffix for use with items added to a	Attempts to get a unique timestamp-based suffix for use with items added to a
course via the Course Editor (e.g., folders, composite pages,	course via the Course Editor (e.g., folders, composite pages,
group bulletin boards).	group bulletin boards).

Args: (first three required; six others optional)	Args: (first three required; six others optional)
Line 16233 Args: (first three required; six others	Line 15669 Args: (first three required; six others
2. keyid (alphanumeric): name of temporary locking key in hash,	2. keyid (alphanumeric): name of temporary locking key in hash,
e.g., num, boardids	e.g., num, boardids

3. namespace: name of gdbm file used to store suffixes already assigned;	3. namespace: name of gdbm file used to store suffixes already assigned;
file will be named nohist_namespace.db	file will be named nohist_namespace.db

4. cdom: domain of course; default is current course domain from %env	4. cdom: domain of course; default is current course domain from %env

5. cnum: course number; default is current course number from %env	5. cnum: course number; default is current course number from %env

6. idtype: set to concat if an additional digit is to be appended to the	6. idtype: set to concat if an additional digit is to be appended to the
unix timestamp to form the suffix, if the plain timestamp is already	unix timestamp to form the suffix, if the plain timestamp is already
in use. Default is to not do this, but simply increment the unix	in use. Default is to not do this, but simply increment the unix
timestamp by 1 until a unique key is obtained.	timestamp by 1 until a unique key is obtained.

7. who: holder of locking key; defaults to user:domain for user.	7. who: holder of locking key; defaults to user:domain for user.

8. locktries: number of attempts to obtain a lock (sleep of 1s before	8. locktries: number of attempts to obtain a lock (sleep of 1s before
retrying); default is 3.	retrying); default is 3.

9. maxtries: number of attempts to obtain a unique suffix; default is 20.	9. maxtries: number of attempts to obtain a unique suffix; default is 20.

Returns:	Returns:

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>

Removed from v.1.1172.2.152
changed lines
	Added in v.1.1373