loncom/lonnet/perl/lonnet.pm - diff

Return to lonnet.pm CVS log

Up to [LON-CAPA] / loncom / lonnet / perl

Diff for /loncom/lonnet/perl/lonnet.pm between versions 1.1172.2.30 and 1.1172.2.89

version 1.1172.2.30, 2013/08/04 03:00:12	version 1.1172.2.89, 2017/01/22 17:41:07
Line 75 use LWP::UserAgent();	Line 75 use LWP::UserAgent();
use HTTP::Date;	use HTTP::Date;
use Image::Magick;	use Image::Magick;

use vars qw(%perlvar %spareid %pr %prp $memcache %packagetab $tmpdir $apache	use vars qw(%perlvar %spareid %pr %prp $memcache %packagetab $tmpdir
$_64bit %env %protocol %loncaparevs %serverhomeIDs %needsrelease	$_64bit %env %protocol %loncaparevs %serverhomeIDs %needsrelease
%managerstab);	%managerstab);

Line 89 use GDBM_File;	Line 89 use GDBM_File;
use HTML::LCParser;	use HTML::LCParser;
use Fcntl qw(:flock);	use Fcntl qw(:flock);
use Storable qw(thaw nfreeze);	use Storable qw(thaw nfreeze);
use Time::HiRes qw( gettimeofday tv_interval );	use Time::HiRes qw( sleep gettimeofday tv_interval );
use Cache::Memcached;	use Cache::Memcached;
use Digest::MD5;	use Digest::MD5;
use Math::Random;	use Math::Random;
Line 102 use LONCAPA::Lond;	Line 102 use LONCAPA::Lond;
use File::Copy;	use File::Copy;

my $readit;	my $readit;
my $max_connection_retries = 10; # Or some such value.	my $max_connection_retries = 20; # Or some such value.

require Exporter;	require Exporter;

Line 352 sub get_remote_globals {	Line 352 sub get_remote_globals {
}	}

sub remote_devalidate_cache {	sub remote_devalidate_cache {
my ($lonhost,$name,$id) = @_;	my ($lonhost,$cachekeys) = @_;
my $response = &reply('devalidatecache:'.&escape($name).':'.&escape($id),$lonhost);	my $items;
return $response;	return unless (ref($cachekeys) eq 'ARRAY');
	my $cachestr = join('&',@{$cachekeys});
	return &reply('devalidatecache:'.&escape($cachestr),$lonhost);
}	}

# -------------------------------------------------- Non-critical communication	# -------------------------------------------------- Non-critical communication
Line 368 sub subreply {	Line 370 sub subreply {

my $lockfile=$peerfile.".lock";	my $lockfile=$peerfile.".lock";
while (-e $lockfile) { # Need to wait for the lockfile to disappear.	while (-e $lockfile) { # Need to wait for the lockfile to disappear.
sleep(1);	sleep(0.1);
}	}
# At this point, either a loncnew parent is listening or an old lonc	# At this point, either a loncnew parent is listening or an old lonc
# or loncnew child is listening so we can connect or everything's dead.	# or loncnew child is listening so we can connect or everything's dead.
Line 386 sub subreply {	Line 388 sub subreply {
} else {	} else {
&create_connection(&hostname($server),$server);	&create_connection(&hostname($server),$server);
}	}
sleep(1); # Try again later if failed connection.	sleep(0.1); # Try again later if failed connection.
}	}
my $answer;	my $answer;
if ($client) {	if ($client) {
Line 415 sub reply {	Line 417 sub reply {

sub reconlonc {	sub reconlonc {
my ($lonid) = @_;	my ($lonid) = @_;
my $hostname = &hostname($lonid);
if ($lonid) {	if ($lonid) {
	my $hostname = &hostname($lonid);
my $peerfile="$perlvar{'lonSockDir'}/$hostname";	my $peerfile="$perlvar{'lonSockDir'}/$hostname";
if ($hostname && -e $peerfile) {	if ($hostname && -e $peerfile) {
&logthis("Trying to reconnect lonc for $lonid ($hostname)");	&logthis("Trying to reconnect lonc for $lonid ($hostname)");
Line 462 sub critical {	Line 464 sub critical {
}	}
my $answer=reply($cmd,$server);	my $answer=reply($cmd,$server);
if ($answer eq 'con_lost') {	if ($answer eq 'con_lost') {
&reconlonc("$perlvar{'lonSockDir'}/$server");	&reconlonc($server);
my $answer=reply($cmd,$server);	my $answer=reply($cmd,$server);
if ($answer eq 'con_lost') {	if ($answer eq 'con_lost') {
my $now=time;	my $now=time;
Line 479 sub critical {	Line 481 sub critical {
close($dfh);	close($dfh);
}	}
}	}
sleep 2;	sleep 1;
my $wcmd='';	my $wcmd='';
{	{
my $dfh;	my $dfh;
Line 599 sub transfer_profile_to_env {	Line 601 sub transfer_profile_to_env {

# ---------------------------------------------------- Check for valid session	# ---------------------------------------------------- Check for valid session
sub check_for_valid_session {	sub check_for_valid_session {
my ($r,$name) = @_;	my ($r,$name,$userhashref) = @_;
my %cookies=CGI::Cookie->parse($r->header_in('Cookie'));	my %cookies=CGI::Cookie->parse($r->header_in('Cookie'));
if ($name eq '') {	if ($name eq '') {
$name = 'lonID';	$name = 'lonID';
Line 631 sub check_for_valid_session {	Line 633 sub check_for_valid_session {
return undef;	return undef;
}	}

if (($r->user() eq '') && ($apache >= 2.4)) {	if (ref($userhashref) eq 'HASH') {
if ($disk_env{'user.domain'} eq $r->dir_config('lonDefDomain')) {	$userhashref->{'name'} = $disk_env{'user.name'};
$r->user($disk_env{'user.name'});	$userhashref->{'domain'} = $disk_env{'user.domain'};
} else {
$r->user($disk_env{'user.name'}.':'.$disk_env{'user.domain'});
}
}	}

return $handle;	return $handle;
Line 672 sub appenv {	Line 671 sub appenv {
if (($key =~ /^user\.role/) \|\| ($key =~ /^user\.priv/)) {	if (($key =~ /^user\.role/) \|\| ($key =~ /^user\.priv/)) {
$refused = 1;	$refused = 1;
if (ref($roles) eq 'ARRAY') {	if (ref($roles) eq 'ARRAY') {
my ($type,$role) = ($key =~ /^user\.(role\|priv)\.([^.]+)\./);	my ($type,$role) = ($key =~ m{^user\.(role\|priv)\.(.+?)\./});
if (grep(/^\Q$role\E$/,@{$roles})) {	if (grep(/^\Q$role\E$/,@{$roles})) {
$refused = 0;	$refused = 0;
}	}
Line 845 sub spareserver {	Line 844 sub spareserver {
if (ref($spareshash) eq 'HASH') {	if (ref($spareshash) eq 'HASH') {
if (ref($spareshash->{'primary'}) eq 'ARRAY') {	if (ref($spareshash->{'primary'}) eq 'ARRAY') {
foreach my $try_server (@{ $spareshash->{'primary'} }) {	foreach my $try_server (@{ $spareshash->{'primary'} }) {
if ($uint_dom) {	next unless (&spare_can_host($udom,$uint_dom,$remotesessions,
next unless (&spare_can_host($udom,$uint_dom,$remotesessions,	$try_server));
$try_server));
}
($spare_server, $lowest_load) =	($spare_server, $lowest_load) =
&compare_server_load($try_server, $spare_server, $lowest_load);	&compare_server_load($try_server, $spare_server, $lowest_load);
}	}
Line 859 sub spareserver {	Line 856 sub spareserver {
if (!$found_server) {	if (!$found_server) {
if (ref($spareshash->{'default'}) eq 'ARRAY') {	if (ref($spareshash->{'default'}) eq 'ARRAY') {
foreach my $try_server (@{ $spareshash->{'default'} }) {	foreach my $try_server (@{ $spareshash->{'default'} }) {
if ($uint_dom) {	next unless (&spare_can_host($udom,$uint_dom,
next unless (&spare_can_host($udom,$uint_dom,	$remotesessions,$try_server));
$remotesessions,$try_server));
}
($spare_server, $lowest_load) =	($spare_server, $lowest_load) =
&compare_server_load($try_server, $spare_server, $lowest_load);	&compare_server_load($try_server, $spare_server, $lowest_load);
}	}
Line 886 sub spareserver {	Line 881 sub spareserver {
}	}

sub compare_server_load {	sub compare_server_load {
my ($try_server, $spare_server, $lowest_load) = @_;	my ($try_server, $spare_server, $lowest_load, $required) = @_;

	if ($required) {
	my ($reqdmajor,$reqdminor) = ($required =~ /^(\d+)\.(\d+)$/);
	my $remoterev = &get_server_loncaparev(undef,$try_server);
	my ($major,$minor) = ($remoterev =~ /^\'?(\d+)\.(\d+)\.[\w.\-]+\'?$/);
	if (($major eq '' && $minor eq '') \|\|
	(($reqdmajor > $major) \|\| (($reqdmajor == $major) && ($reqdminor > $minor)))) {
	return ($spare_server,$lowest_load);
	}
	}

my $loadans = &reply('load', $try_server);	my $loadans = &reply('load', $try_server);
my $userloadans = &reply('userload',$try_server);	my $userloadans = &reply('userload',$try_server);
Line 947 sub has_user_session {	Line 952 sub has_user_session {
# --------- determine least loaded server in a user's domain which allows login	# --------- determine least loaded server in a user's domain which allows login

sub choose_server {	sub choose_server {
my ($udom,$checkloginvia) = @_;	my ($udom,$checkloginvia,$required,$skiploadbal) = @_;
my %domconfhash = &Apache::loncommon::get_domainconf($udom);	my %domconfhash = &Apache::loncommon::get_domainconf($udom);
my %servers = &get_servers($udom);	my %servers = &get_servers($udom);
my $lowest_load = 30000;	my $lowest_load = 30000;
my ($login_host,$hostname,$portal_path,$isredirect);	my ($login_host,$hostname,$portal_path,$isredirect,$balancers);
	if ($skiploadbal) {
	($balancers,my $cached)=&is_cached_new('loadbalancing',$udom);
	unless (defined($cached)) {
	my $cachetime = 606024;
	my %domconfig =
	&Apache::lonnet::get_dom('configuration',['loadbalancing'],$udom);
	if (ref($domconfig{'loadbalancing'}) eq 'HASH') {
	$balancers = &do_cache_new('loadbalancing',$udom,$domconfig{'loadbalancing'},
	$cachetime);
	}
	}
	}
foreach my $lonhost (keys(%servers)) {	foreach my $lonhost (keys(%servers)) {
my $loginvia;	my $loginvia;
	if ($skiploadbal) {
	if (ref($balancers) eq 'HASH') {
	next if (exists($balancers->{$lonhost}));
	}
	}
if ($checkloginvia) {	if ($checkloginvia) {
$loginvia = $domconfhash{$udom.'.login.loginvia_'.$lonhost};	$loginvia = $domconfhash{$udom.'.login.loginvia_'.$lonhost};
if ($loginvia) {	if ($loginvia) {
my ($server,$path) = split(/:/,$loginvia);	my ($server,$path) = split(/:/,$loginvia);
($login_host, $lowest_load) =	($login_host, $lowest_load) =
&compare_server_load($server, $login_host, $lowest_load);	&compare_server_load($server, $login_host, $lowest_load, $required);
if ($login_host eq $server) {	if ($login_host eq $server) {
$portal_path = $path;	$portal_path = $path;
$isredirect = 1;	$isredirect = 1;
}	}
} else {	} else {
($login_host, $lowest_load) =	($login_host, $lowest_load) =
&compare_server_load($lonhost, $login_host, $lowest_load);	&compare_server_load($lonhost, $login_host, $lowest_load, $required);
if ($login_host eq $lonhost) {	if ($login_host eq $lonhost) {
$portal_path = '';	$portal_path = '';
$isredirect = '';	$isredirect = '';
Line 974 sub choose_server {	Line 996 sub choose_server {
}	}
} else {	} else {
($login_host, $lowest_load) =	($login_host, $lowest_load) =
&compare_server_load($lonhost, $login_host, $lowest_load);	&compare_server_load($lonhost, $login_host, $lowest_load, $required);
}	}
}	}
if ($login_host ne '') {	if ($login_host ne '') {
$hostname = &hostname($login_host);	$hostname = &hostname($login_host);
}	}
return ($login_host,$hostname,$portal_path,$isredirect);	return ($login_host,$hostname,$portal_path,$isredirect,$lowest_load);
}	}

# --------------------------------------------- Try to change a user's password	# --------------------------------------------- Try to change a user's password
Line 1147 sub can_host_session {	Line 1169 sub can_host_session {
sub spare_can_host {	sub spare_can_host {
my ($udom,$uint_dom,$remotesessions,$try_server)=@_;	my ($udom,$uint_dom,$remotesessions,$try_server)=@_;
my $canhost=1;	my $canhost=1;
my @intdoms;	my $try_server_hostname = &hostname($try_server);
my $internet_names = &Apache::lonnet::get_internet_names($try_server);	my $serverhomeID = &get_server_homeID($try_server_hostname);
if (ref($internet_names) eq 'ARRAY') {	my $serverhomedom = &host_domain($serverhomeID);
@intdoms = @{$internet_names};	my %defdomdefaults = &get_domain_defaults($serverhomedom);
}	if (ref($defdomdefaults{'offloadnow'}) eq 'HASH') {
unless (grep(/^\Q$uint_dom\E$/,@intdoms)) {	if ($defdomdefaults{'offloadnow'}{$try_server}) {
my $serverhomeID = &Apache::lonnet::get_server_homeID($try_server);	$canhost = 0;
my $serverhomedom = &Apache::lonnet::host_domain($serverhomeID);	}
my %defdomdefaults = &Apache::lonnet::get_domain_defaults($serverhomedom);	}
my $remoterev = &Apache::lonnet::get_server_loncaparev(undef,$try_server);	if (($canhost) && ($uint_dom)) {
$canhost = &can_host_session($udom,$try_server,$remoterev,	my @intdoms;
$remotesessions,	my $internet_names = &get_internet_names($try_server);
$defdomdefaults{'hostedsessions'});	if (ref($internet_names) eq 'ARRAY') {
	@intdoms = @{$internet_names};
	}
	unless (grep(/^\Q$uint_dom\E$/,@intdoms)) {
	my $remoterev = &get_server_loncaparev(undef,$try_server);
	$canhost = &can_host_session($udom,$try_server,$remoterev,
	$remotesessions,
	$defdomdefaults{'hostedsessions'});
	}
}	}
return $canhost;	return $canhost;
}	}
Line 1244 sub get_lonbalancer_config {	Line 1274 sub get_lonbalancer_config {
}	}

sub check_loadbalancing {	sub check_loadbalancing {
my ($uname,$udom) = @_;	my ($uname,$udom,$caller) = @_;
my ($is_balancer,$currtargets,$currrules,$dom_in_use,$homeintdom,	my ($is_balancer,$currtargets,$currrules,$dom_in_use,$homeintdom,
$rule_in_effect,$offloadto,$otherserver);	$rule_in_effect,$offloadto,$otherserver);
my $lonhost = $perlvar{'lonHostID'};	my $lonhost = $perlvar{'lonHostID'};
Line 1253 sub check_loadbalancing {	Line 1283 sub check_loadbalancing {
my $uintdom = &Apache::lonnet::internet_dom($uprimary_id);	my $uintdom = &Apache::lonnet::internet_dom($uprimary_id);
my $intdom = &Apache::lonnet::internet_dom($lonhost);	my $intdom = &Apache::lonnet::internet_dom($lonhost);
my $serverhomedom = &host_domain($lonhost);	my $serverhomedom = &host_domain($lonhost);
	my $domneedscache;
my $cachetime = 606024;	my $cachetime = 606024;

if (($uintdom ne '') && ($uintdom eq $intdom)) {	if (($uintdom ne '') && ($uintdom eq $intdom)) {
Line 1268 sub check_loadbalancing {	Line 1298 sub check_loadbalancing {
&Apache::lonnet::get_dom('configuration',['loadbalancing'],$dom_in_use);	&Apache::lonnet::get_dom('configuration',['loadbalancing'],$dom_in_use);
if (ref($domconfig{'loadbalancing'}) eq 'HASH') {	if (ref($domconfig{'loadbalancing'}) eq 'HASH') {
$result = &do_cache_new('loadbalancing',$dom_in_use,$domconfig{'loadbalancing'},$cachetime);	$result = &do_cache_new('loadbalancing',$dom_in_use,$domconfig{'loadbalancing'},$cachetime);
	} else {
	$domneedscache = $dom_in_use;
}	}
}	}
if (ref($result) eq 'HASH') {	if (ref($result) eq 'HASH') {
Line 1321 sub check_loadbalancing {	Line 1353 sub check_loadbalancing {
}	}
}	}
} elsif (($homeintdom) && ($udom ne $serverhomedom)) {	} elsif (($homeintdom) && ($udom ne $serverhomedom)) {
my ($result,$cached)=&is_cached_new('loadbalancing',$serverhomedom);	($result,$cached)=&is_cached_new('loadbalancing',$serverhomedom);
unless (defined($cached)) {	unless (defined($cached)) {
my %domconfig =	my %domconfig =
&Apache::lonnet::get_dom('configuration',['loadbalancing'],$serverhomedom);	&Apache::lonnet::get_dom('configuration',['loadbalancing'],$serverhomedom);
if (ref($domconfig{'loadbalancing'}) eq 'HASH') {	if (ref($domconfig{'loadbalancing'}) eq 'HASH') {
$result = &do_cache_new('loadbalancing',$dom_in_use,$domconfig{'loadbalancing'},$cachetime);	$result = &do_cache_new('loadbalancing',$serverhomedom,$domconfig{'loadbalancing'},$cachetime);
	} else {
	$domneedscache = $serverhomedom;
}	}
}	}
if (ref($result) eq 'HASH') {	if (ref($result) eq 'HASH') {
Line 1346 sub check_loadbalancing {	Line 1380 sub check_loadbalancing {
$is_balancer = 1;	$is_balancer = 1;
$offloadto = &this_host_spares($dom_in_use);	$offloadto = &this_host_spares($dom_in_use);
}	}
	unless (defined($cached)) {
	$domneedscache = $serverhomedom;
	}
}	}
} else {	} else {
if ($perlvar{'lonBalancer'} eq 'yes') {	if ($perlvar{'lonBalancer'} eq 'yes') {
$is_balancer = 1;	$is_balancer = 1;
$offloadto = &this_host_spares($dom_in_use);	$offloadto = &this_host_spares($dom_in_use);
}	}
	unless (defined($cached)) {
	$domneedscache = $serverhomedom;
	}
	}
	if ($domneedscache) {
	&do_cache_new('loadbalancing',$domneedscache,$is_balancer,$cachetime);
}	}
if ($is_balancer) {	if ($is_balancer) {
my $lowest_load = 30000;	my $lowest_load = 30000;
Line 1382 sub check_loadbalancing {	Line 1425 sub check_loadbalancing {
}	}
}	}
}	}
if (($otherserver ne '') && (grep(/^\Q$otherserver\E$/,@hosts))) {	unless ($caller eq 'login') {
$is_balancer = 0;	if (($otherserver ne '') && (grep(/^\Q$otherserver\E$/,@hosts))) {
if ($uname ne '' && $udom ne '') {	$is_balancer = 0;
if (($env{'user.name'} eq $uname) && ($env{'user.domain'} eq $udom)) {	if ($uname ne '' && $udom ne '') {
	if (($env{'user.name'} eq $uname) && ($env{'user.domain'} eq $udom)) {

&appenv({'user.loadbalexempt' => $lonhost,	&appenv({'user.loadbalexempt' => $lonhost,
'user.loadbalcheck.time' => time});	'user.loadbalcheck.time' => time});
	}
}	}
}	}
}	}
Line 1524 sub idget {	Line 1569 sub idget {

my %servers = &get_servers($udom,'library');	my %servers = &get_servers($udom,'library');
foreach my $tryserver (keys(%servers)) {	foreach my $tryserver (keys(%servers)) {
my $idlist=join('&',@ids);	my $idlist=join('&', map { &escape($_); } @ids);
$idlist=~tr/A-Z/a-z/;	$idlist=~tr/A-Z/a-z/;
my $reply=&reply("idget:$udom:".$idlist,$tryserver);	my $reply=&reply("idget:$udom:".$idlist,$tryserver);
my @answer=();	my @answer=();
Line 1534 sub idget {	Line 1579 sub idget {
my $i;	my $i;
for ($i=0;$i<=$#ids;$i++) {	for ($i=0;$i<=$#ids;$i++) {
if ($answer[$i]) {	if ($answer[$i]) {
$returnhash{$ids[$i]}=$answer[$i];	$returnhash{$ids[$i]}=&unescape($answer[$i]);
}	}
}	}
}	}
Line 1621 sub dump_dom {	Line 1666 sub dump_dom {

sub get_dom {	sub get_dom {
my ($namespace,$storearr,$udom,$uhome)=@_;	my ($namespace,$storearr,$udom,$uhome)=@_;
	return if ($udom eq 'public');
my $items='';	my $items='';
foreach my $item (@$storearr) {	foreach my $item (@$storearr) {
$items.=&escape($item).'&';	$items.=&escape($item).'&';
Line 1628 sub get_dom {	Line 1674 sub get_dom {
$items=~s/\&$//;	$items=~s/\&$//;
if (!$udom) {	if (!$udom) {
$udom=$env{'user.domain'};	$udom=$env{'user.domain'};
	return if ($udom eq 'public');
if (defined(&domain($udom,'primary'))) {	if (defined(&domain($udom,'primary'))) {
$uhome=&domain($udom,'primary');	$uhome=&domain($udom,'primary');
} else {	} else {
Line 1731 sub retrieve_inst_usertypes {	Line 1778 sub retrieve_inst_usertypes {
my %domdefs = &Apache::lonnet::get_domain_defaults($udom);	my %domdefs = &Apache::lonnet::get_domain_defaults($udom);
if ((ref($domdefs{'inststatustypes'}) eq 'HASH') &&	if ((ref($domdefs{'inststatustypes'}) eq 'HASH') &&
(ref($domdefs{'inststatusorder'}) eq 'ARRAY')) {	(ref($domdefs{'inststatusorder'}) eq 'ARRAY')) {
%returnhash = %{$domdefs{'inststatustypes'}};	return ($domdefs{'inststatustypes'},$domdefs{'inststatusorder'});
@order = @{$domdefs{'inststatusorder'}};
} else {	} else {
if (defined(&domain($udom,'primary'))) {	if (defined(&domain($udom,'primary'))) {
my $uhome=&domain($udom,'primary');	my $uhome=&domain($udom,'primary');
my $rep=&reply("inst_usertypes:$udom",$uhome);	my $rep=&reply("inst_usertypes:$udom",$uhome);
if ($rep =~ /^(con_lost\|error\|no_such_host\|refused)/) {	if ($rep =~ /^(con_lost\|error\|no_such_host\|refused)/) {
&logthis("get_dom failed - $rep returned from $uhome in domain: $udom");	&logthis("retrieve_inst_usertypes failed - $rep returned from $uhome in domain: $udom");
return (\%returnhash,\@order);	return (\%returnhash,\@order);
}	}
my ($hashitems,$orderitems) = split(/:/,$rep);	my ($hashitems,$orderitems) = split(/:/,$rep);
Line 1754 sub retrieve_inst_usertypes {	Line 1800 sub retrieve_inst_usertypes {
push(@order,&unescape($item));	push(@order,&unescape($item));
}	}
} else {	} else {
&logthis("get_dom failed - no primary domain server for $udom");	&logthis("retrieve_inst_usertypes failed - no primary domain server for $udom");
}	}
	return (\%returnhash,\@order);
}	}
return (\%returnhash,\@order);
}	}

sub is_domainimage {	sub is_domainimage {
my ($url) = @_;	my ($url) = @_;
if ($url=~m-^/+res/+($match_domain)/+\1\-domainconfig/+(img\|logo\|domlogo)/+-) {	if ($url=~m-^/+res/+($match_domain)/+\1\-domainconfig/+(img\|logo\|domlogo)/+[^/]-) {
if (&domain($1) ne '') {	if (&domain($1) ne '') {
return '1';	return '1';
}	}
Line 1903 sub get_instuser {	Line 1949 sub get_instuser {
return ($outcome,%userinfo);	return ($outcome,%userinfo);
}	}

	sub get_multiple_instusers {
	my ($udom,$users,$caller) = @_;
	my ($outcome,$results);
	if (ref($users) eq 'HASH') {
	my $count = keys(%{$users});
	my $requested = &freeze_escape($users);
	my $homeserver = &domain($udom,'primary');
	if ($homeserver ne '') {
	my $queryid=&reply('querysend:getmultinstusers:::'.$caller.'='.$requested,$homeserver);
	my $host=&hostname($homeserver);
	if ($queryid !~/^\Q$host\E\_/) {
	&logthis('get_multiple_instusers invalid queryid: '.$queryid.
	' for host: '.$homeserver.'in domain '.$udom);
	return ($outcome,$results);
	}
	my $response = &get_query_reply($queryid);
	my $maxtries = 5;
	if ($count > 100) {
	$maxtries = 1+int($count/20);
	}
	my $tries = 1;
	while (($response=~/^timeout/) && ($tries <= $maxtries)) {
	$response = &get_query_reply($queryid);
	$tries ++;
	}
	if ($response eq '') {
	$results = {};
	foreach my $key (keys(%{$users})) {
	my ($uname,$id);
	if ($caller eq 'id') {
	$id = $key;
	} else {
	$uname = $key;
	}
	my ($resp,%info) = &get_instuser($udom,$uname,$id);
	$outcome = $resp;
	if ($resp eq 'ok') {
	%{$results} = (%{$results}, %info);
	} else {
	last;
	}
	}
	} elsif(!&error($response) && ($response ne 'refused')) {
	if (($response eq 'unavailable') \|\| ($response eq 'invalid') \|\| ($response eq 'timeout')) {
	$outcome = $response;
	} else {
	($outcome,my $userdata) = split(/=/,$response,2);
	if ($outcome eq 'ok') {
	$results = &thaw_unescape($userdata);
	}
	}
	}
	}
	}
	return ($outcome,$results);
	}

sub inst_rulecheck {	sub inst_rulecheck {
my ($udom,$uname,$id,$item,$rules) = @_;	my ($udom,$uname,$id,$item,$rules) = @_;
my %returnhash;	my %returnhash;
Line 1982 sub inst_userrules {	Line 2085 sub inst_userrules {
# ------------- Get Authentication, Language and User Tools Defaults for Domain	# ------------- Get Authentication, Language and User Tools Defaults for Domain

sub get_domain_defaults {	sub get_domain_defaults {
my ($domain) = @_;	my ($domain,$ignore_cache) = @_;
	return if (($domain eq '') \|\| ($domain eq 'public'));
my $cachetime = 606024;	my $cachetime = 606024;
my ($result,$cached)=&is_cached_new('domdefaults',$domain);	unless ($ignore_cache) {
if (defined($cached)) {	my ($result,$cached)=&is_cached_new('domdefaults',$domain);
if (ref($result) eq 'HASH') {	if (defined($cached)) {
return %{$result};	if (ref($result) eq 'HASH') {
	return %{$result};
	}
}	}
}	}
my %domdefaults;	my %domdefaults;
Line 1995 sub get_domain_defaults {	Line 2101 sub get_domain_defaults {
&Apache::lonnet::get_dom('configuration',['defaults','quotas',	&Apache::lonnet::get_dom('configuration',['defaults','quotas',
'requestcourses','inststatus',	'requestcourses','inststatus',
'coursedefaults','usersessions',	'coursedefaults','usersessions',
'requestauthor'],$domain);	'requestauthor','selfenrollment',
	'coursecategories','autoenroll',
	'helpsettings'],$domain);
	my @coursetypes = ('official','unofficial','community','textbook');
if (ref($domconfig{'defaults'}) eq 'HASH') {	if (ref($domconfig{'defaults'}) eq 'HASH') {
$domdefaults{'lang_def'} = $domconfig{'defaults'}{'lang_def'};	$domdefaults{'lang_def'} = $domconfig{'defaults'}{'lang_def'};
$domdefaults{'auth_def'} = $domconfig{'defaults'}{'auth_def'};	$domdefaults{'auth_def'} = $domconfig{'defaults'}{'auth_def'};
Line 2025 sub get_domain_defaults {	Line 2134 sub get_domain_defaults {
}	}
}	}
if (ref($domconfig{'requestcourses'}) eq 'HASH') {	if (ref($domconfig{'requestcourses'}) eq 'HASH') {
foreach my $item ('official','unofficial','community') {	foreach my $item ('official','unofficial','community','textbook') {
$domdefaults{$item} = $domconfig{'requestcourses'}{$item};	$domdefaults{$item} = $domconfig{'requestcourses'}{$item};
}	}
}	}
Line 2033 sub get_domain_defaults {	Line 2142 sub get_domain_defaults {
$domdefaults{'requestauthor'} = $domconfig{'requestauthor'};	$domdefaults{'requestauthor'} = $domconfig{'requestauthor'};
}	}
if (ref($domconfig{'inststatus'}) eq 'HASH') {	if (ref($domconfig{'inststatus'}) eq 'HASH') {
foreach my $item ('inststatustypes','inststatusorder') {	foreach my $item ('inststatustypes','inststatusorder','inststatusguest') {
$domdefaults{$item} = $domconfig{'inststatus'}{$item};	$domdefaults{$item} = $domconfig{'inststatus'}{$item};
}	}
}	}
if (ref($domconfig{'coursedefaults'}) eq 'HASH') {	if (ref($domconfig{'coursedefaults'}) eq 'HASH') {
if (ref($domconfig{'coursedefaults'}{'coursecredits'}) eq 'HASH') {	$domdefaults{'usejsme'} = $domconfig{'coursedefaults'}{'usejsme'};
$domdefaults{'officialcredits'} = $domconfig{'coursedefaults'}{'coursecredits'}{'official'};	$domdefaults{'uselcmath'} = $domconfig{'coursedefaults'}{'uselcmath'};
$domdefaults{'unofficialcredits'} = $domconfig{'coursedefaults'}{'coursecredits'}{'unofficial'};	if (ref($domconfig{'coursedefaults'}{'postsubmit'}) eq 'HASH') {
}	$domdefaults{'postsubmit'} = $domconfig{'coursedefaults'}{'postsubmit'}{'client'};
if (ref($domconfig{'coursedefaults'}{'uploadquota'}) eq 'HASH') {	}
$domdefaults{'officialquota'} = $domconfig{'coursedefaults'}{'uploadquota'}{'official'};	foreach my $type (@coursetypes) {
$domdefaults{'unofficialquota'} = $domconfig{'coursedefaults'}{'uploadquota'}{'unofficial'};	if (ref($domconfig{'coursedefaults'}{'coursecredits'}) eq 'HASH') {
$domdefaults{'communityquota'} = $domconfig{'coursedefaults'}{'uploadquota'}{'community'};	unless ($type eq 'community') {
	$domdefaults{$type.'credits'} = $domconfig{'coursedefaults'}{'coursecredits'}{$type};
	}
	}
	if (ref($domconfig{'coursedefaults'}{'uploadquota'}) eq 'HASH') {
	$domdefaults{$type.'quota'} = $domconfig{'coursedefaults'}{'uploadquota'}{$type};
	}
	if ($domdefaults{'postsubmit'} eq 'on') {
	if (ref($domconfig{'coursedefaults'}{'postsubmit'}{'timeout'}) eq 'HASH') {
	$domdefaults{$type.'postsubtimeout'} =
	$domconfig{'coursedefaults'}{'postsubmit'}{'timeout'}{$type};
	}
	}
	}
	if (ref($domconfig{'coursedefaults'}{'canclone'}) eq 'HASH') {
	if (ref($domconfig{'coursedefaults'}{'canclone'}{'instcode'}) eq 'ARRAY') {
	my @clonecodes = @{$domconfig{'coursedefaults'}{'canclone'}{'instcode'}};
	if (@clonecodes) {
	$domdefaults{'canclone'} = join('+',@clonecodes);
	}
	}
	} elsif ($domconfig{'coursedefaults'}{'canclone'}) {
	$domdefaults{'canclone'}=$domconfig{'coursedefaults'}{'canclone'};
}	}
}	}
if (ref($domconfig{'usersessions'}) eq 'HASH') {	if (ref($domconfig{'usersessions'}) eq 'HASH') {
Line 2055 sub get_domain_defaults {	Line 2186 sub get_domain_defaults {
if (ref($domconfig{'usersessions'}{'hosted'}) eq 'HASH') {	if (ref($domconfig{'usersessions'}{'hosted'}) eq 'HASH') {
$domdefaults{'hostedsessions'} = $domconfig{'usersessions'}{'hosted'};	$domdefaults{'hostedsessions'} = $domconfig{'usersessions'}{'hosted'};
}	}
	if (ref($domconfig{'usersessions'}{'offloadnow'}) eq 'HASH') {
	$domdefaults{'offloadnow'} = $domconfig{'usersessions'}{'offloadnow'};
	}
	}
	if (ref($domconfig{'selfenrollment'}) eq 'HASH') {
	if (ref($domconfig{'selfenrollment'}{'admin'}) eq 'HASH') {
	my @settings = ('types','registered','enroll_dates','access_dates','section',
	'approval','limit');
	foreach my $type (@coursetypes) {
	if (ref($domconfig{'selfenrollment'}{'admin'}{$type}) eq 'HASH') {
	my @mgrdc = ();
	foreach my $item (@settings) {
	if ($domconfig{'selfenrollment'}{'admin'}{$type}{$item} eq '0') {
	push(@mgrdc,$item);
	}
	}
	if (@mgrdc) {
	$domdefaults{$type.'selfenrolladmdc'} = join(',',@mgrdc);
	}
	}
	}
	}
	if (ref($domconfig{'selfenrollment'}{'default'}) eq 'HASH') {
	foreach my $type (@coursetypes) {
	if (ref($domconfig{'selfenrollment'}{'default'}{$type}) eq 'HASH') {
	foreach my $item (keys(%{$domconfig{'selfenrollment'}{'default'}{$type}})) {
	$domdefaults{$type.'selfenroll'.$item} = $domconfig{'selfenrollment'}{'default'}{$type}{$item};
	}
	}
	}
	}
	}
	if (ref($domconfig{'coursecategories'}) eq 'HASH') {
	$domdefaults{'catauth'} = 'std';
	$domdefaults{'catunauth'} = 'std';
	if ($domconfig{'coursecategories'}{'auth'}) {
	$domdefaults{'catauth'} = $domconfig{'coursecategories'}{'auth'};
	}
	if ($domconfig{'coursecategories'}{'unauth'}) {
	$domdefaults{'catunauth'} = $domconfig{'coursecategories'}{'unauth'};
	}
	}
	if (ref($domconfig{'autoenroll'}) eq 'HASH') {
	$domdefaults{'autofailsafe'} = $domconfig{'autoenroll'}{'autofailsafe'};
	}
	if (ref($domconfig{'helpsettings'}) eq 'HASH') {
	$domdefaults{'submitbugs'} = $domconfig{'helpsettings'}{'submitbugs'};
	if (ref($domconfig{'helpsettings'}{'adhoc'}) eq 'HASH') {
	$domdefaults{'adhocroles'} = $domconfig{'helpsettings'}{'adhoc'};
	}
}	}
&do_cache_new('domdefaults',$domain,\%domdefaults,$cachetime);	&do_cache_new('domdefaults',$domain,\%domdefaults,$cachetime);
return %domdefaults;	return %domdefaults;
Line 2296 sub make_key {	Line 2477 sub make_key {
sub devalidate_cache_new {	sub devalidate_cache_new {
my ($name,$id,$debug) = @_;	my ($name,$id,$debug) = @_;
if ($debug) { &Apache::lonnet::logthis("deleting $name:$id"); }	if ($debug) { &Apache::lonnet::logthis("deleting $name:$id"); }
	my $remembered_id=$name.':'.$id;
$id=&make_key($name,$id);	$id=&make_key($name,$id);
$memcache->delete($id);	$memcache->delete($id);
delete($remembered{$id});	delete($remembered{$remembered_id});
delete($accessed{$id});	delete($accessed{$remembered_id});
}	}

sub is_cached_new {	sub is_cached_new {
my ($name,$id,$debug) = @_;	my ($name,$id,$debug) = @_;
$id=&make_key($name,$id);	my $remembered_id=$name.':'.$id; # this is to avoid make_key (which is slow) for
if (exists($remembered{$id})) {	# keys in %remembered hash, which persists for
if ($debug) { &Apache::lonnet::logthis("Early return $id of $remembered{$id} "); }	# duration of request (no restriction on key length).
$accessed{$id}=[&gettimeofday()];	if (exists($remembered{$remembered_id})) {
	if ($debug) { &Apache::lonnet::logthis("Early return $remembered_id of $remembered{$remembered_id} "); }
	$accessed{$remembered_id}=[&gettimeofday()];
$hits++;	$hits++;
return ($remembered{$id},1);	return ($remembered{$remembered_id},1);
}	}
	$id=&make_key($name,$id);
my $value = $memcache->get($id);	my $value = $memcache->get($id);
if (!(defined($value))) {	if (!(defined($value))) {
if ($debug) { &Apache::lonnet::logthis("getting $id is not defined"); }	if ($debug) { &Apache::lonnet::logthis("getting $id is not defined"); }
Line 2320 sub is_cached_new {	Line 2505 sub is_cached_new {
if ($debug) { &Apache::lonnet::logthis("getting $id is __undef__"); }	if ($debug) { &Apache::lonnet::logthis("getting $id is __undef__"); }
$value=undef;	$value=undef;
}	}
&make_room($id,$value,$debug);	&make_room($remembered_id,$value,$debug);
if ($debug) { &Apache::lonnet::logthis("getting $id is $value"); }	if ($debug) { &Apache::lonnet::logthis("getting $id is $value"); }
return ($value,1);	return ($value,1);
}	}

sub do_cache_new {	sub do_cache_new {
my ($name,$id,$value,$time,$debug) = @_;	my ($name,$id,$value,$time,$debug) = @_;
	my $remembered_id=$name.':'.$id;
$id=&make_key($name,$id);	$id=&make_key($name,$id);
my $setvalue=$value;	my $setvalue=$value;
if (!defined($setvalue)) {	if (!defined($setvalue)) {
Line 2342 sub do_cache_new {	Line 2528 sub do_cache_new {
$memcache->disconnect_all();	$memcache->disconnect_all();
}	}
# need to make a copy of $value	# need to make a copy of $value
&make_room($id,$value,$debug);	&make_room($remembered_id,$value,$debug);
return $value;	return $value;
}	}

sub make_room {	sub make_room {
my ($id,$value,$debug)=@_;	my ($remembered_id,$value,$debug)=@_;

$remembered{$id}= (ref($value)) ? &Storable::dclone($value)	$remembered{$remembered_id}= (ref($value)) ? &Storable::dclone($value)
: $value;	: $value;
if ($to_remember<0) { return; }	if ($to_remember<0) { return; }
$accessed{$id}=[&gettimeofday()];	$accessed{$remembered_id}=[&gettimeofday()];
if (scalar(keys(%remembered)) <= $to_remember) { return; }	if (scalar(keys(%remembered)) <= $to_remember) { return; }
my $to_kick;	my $to_kick;
my $max_time=0;	my $max_time=0;
Line 2646 sub ssi {	Line 2832 sub ssi {
&Apache::lonenc::check_encrypt(\$fn);	&Apache::lonenc::check_encrypt(\$fn);
if (%form) {	if (%form) {
$request=new HTTP::Request('POST',&absolute_url().$fn);	$request=new HTTP::Request('POST',&absolute_url().$fn);
$request->content(join('&',map { &escape($_).'='.&escape($form{$_}) } keys(%form)));	$request->content(join('&',map {
	my $name = escape($_);
	"$name=" . ( ref($form{$_}) eq 'ARRAY'
	? join("&$name=", map {escape($_) } @{$form{$_}})
	: &escape($form{$_}) );
	} keys(%form)));
} else {	} else {
$request=new HTTP::Request('GET',&absolute_url().$fn);	$request=new HTTP::Request('GET',&absolute_url().$fn);
}	}
Line 2846 sub can_edit_resource {	Line 3037 sub can_edit_resource {
$cfile =~ s{^http://}{};	$cfile =~ s{^http://}{};
$cfile = '/adm/wrapper/ext/'.$cfile;	$cfile = '/adm/wrapper/ext/'.$cfile;
}	}
	} elsif ($resurl =~ m{^/?adm/viewclasslist$}) {
	if ($env{'form.forceedit'}) {
	$forceview = 1;
	} else {
	$forceedit = 1;
	}
	$cfile = ($resurl =~ m{^/} ? $resurl : "/$resurl");
}	}
}	}
if ($uploaded \|\| $incourse) {	if ($uploaded \|\| $incourse) {
Line 3483 sub extract_embedded_items {	Line 3681 sub extract_embedded_items {
}	}
}	}
}	}
	if (lc($tagname) eq 'iframe') {
	my $src = $attr->{'src'} ;
	if (($src ne '') && ($src !~ m{^(/\|https?://)})) {
	&add_filetype($allfiles,$src,'src');
	} elsif ($src =~ m{^/}) {
	if ($env{'request.course.id'}) {
	my $cdom = $env{'course.'.$env{'request.course.id'}.'.domain'};
	my $cnum = $env{'course.'.$env{'request.course.id'}.'.num'};
	my $url = &hreflocation('',$fullpath);
	if ($url =~ m{^/uploaded/$cdom/$cnum/docs/(\w+/\d+)/}) {
	my $relpath = $1;
	if ($src =~ m{^/uploaded/$cdom/$cnum/docs/\Q$relpath\E/(.+)$}) {
	&add_filetype($allfiles,$1,'src');
	}
	}
	}
	}
	}
if ($t->[4] =~ m{/>$}) {	if ($t->[4] =~ m{/>$}) {
pop(@state);	pop(@state);
}	}
} elsif ($t->[0] eq 'E') {	} elsif ($t->[0] eq 'E') {
my ($tagname) = ($t->[1]);	my ($tagname) = ($t->[1]);
Line 3701 sub flushcourselogs {	Line 3917 sub flushcourselogs {
}	}
}	}
#	#
# Reverse lookup of domain roles (dc, ad, li, sc, au)	# Reverse lookup of domain roles (dc, ad, li, sc, dh, au)
#	#
my %domrolebuffer = ();	my %domrolebuffer = ();
foreach my $entry (keys(%domainrolehash)) {	foreach my $entry (keys(%domainrolehash)) {
Line 3716 sub flushcourselogs {	Line 3932 sub flushcourselogs {
delete $domainrolehash{$entry};	delete $domainrolehash{$entry};
}	}
foreach my $dom (keys(%domrolebuffer)) {	foreach my $dom (keys(%domrolebuffer)) {
my %servers = &get_servers($dom,'library');	my %servers;
	if (defined(&domain($dom,'primary'))) {
	my $primary=&domain($dom,'primary');
	my $hostname=&hostname($primary);
	$servers{$primary} = $hostname;
	} else {
	%servers = &get_servers($dom,'library');
	}
foreach my $tryserver (keys(%servers)) {	foreach my $tryserver (keys(%servers)) {
unless (&reply('domroleput:'.$dom.':'.	if (&reply('domroleput:'.$dom.':'.
$domrolebuffer{$dom},$tryserver) eq 'ok') {	$domrolebuffer{$dom},$tryserver) eq 'ok') {
	last;
	} else {
&logthis('Put of domain roles failed for '.$dom.' and '.$tryserver);	&logthis('Put of domain roles failed for '.$dom.' and '.$tryserver);
}	}
}	}
Line 3839 sub userrolelog {	Line 4064 sub userrolelog {
{$trole.':'.$username.':'.$domain.':'.$env{'user.name'}.':'.$env{'user.domain'}.':'}	{$trole.':'.$username.':'.$domain.':'.$env{'user.name'}.':'.$env{'user.domain'}.':'}
=$tend.':'.$tstart;	=$tend.':'.$tstart;
}	}
if ($trole =~ /^(dc\|ad\|li\|au\|dg\|sc)/ ) {	if ($trole =~ /^(dc\|ad\|li\|au\|dg\|sc\|dh)/ ) {
my (undef,$rudom,$runame,$rsec)=split(/\//,$area);	my (undef,$rudom,$runame,$rsec)=split(/\//,$area);
$domainrolehash	$domainrolehash
{$trole.':'.$username.':'.$domain.':'.$runame.':'.$rudom.':'.$rsec}	{$trole.':'.$username.':'.$domain.':'.$runame.':'.$rudom.':'.$rsec}
Line 4066 sub get_my_roles {	Line 4291 sub get_my_roles {
return %returnhash;	return %returnhash;
}	}

	sub get_all_adhocroles {
	my ($dom) = @_;
	my @roles_by_num = ();
	my %domdefaults = &get_domain_defaults($dom);
	my (%description,%access_in_dom,%access_info);
	if (ref($domdefaults{'adhocroles'}) eq 'HASH') {
	my $count = 0;
	my %domcurrent = %{$domdefaults{'adhocroles'}};
	my %ordered;
	foreach my $role (sort(keys(%domcurrent))) {
	my ($order,$desc,$access_in_dom);
	if (ref($domcurrent{$role}) eq 'HASH') {
	$order = $domcurrent{$role}{'order'};
	$desc = $domcurrent{$role}{'desc'};
	$access_in_dom{$role} = $domcurrent{$role}{'access'};
	$access_info{$role} = $domcurrent{$role}{$access_in_dom{$role}};
	}
	if ($order eq '') {
	$order = $count;
	}
	$ordered{$order} = $role;
	if ($desc ne '') {
	$description{$role} = $desc;
	} else {
	$description{$role}= $role;
	}
	$count++;
	}
	foreach my $item (sort {$a <=> $b } (keys(%ordered))) {
	push(@roles_by_num,$ordered{$item});
	}
	}
	return (\@roles_by_num,\%description,\%access_in_dom,\%access_info);
	}

	sub get_my_adhocroles {
	my ($cid,$checkreg) = @_;
	my ($cdom,$cnum,%info,@possroles,$description,$roles_by_num);
	if ($env{'request.course.id'} eq $cid) {
	$cdom = $env{'course.'.$cid.'.domain'};
	$cnum = $env{'course.'.$cid.'.num'};
	$info{'internal.coursecode'} = $env{'course.'.$cid.'.internal.coursecode'};
	} elsif ($cid =~ /^($match_domain)_($match_courseid)$/) {
	$cdom = $1;
	$cnum = $2;
	%info = &Apache::lonnet::get('environment',['internal.coursecode'],
	$cdom,$cnum);
	}
	if (($info{'internal.coursecode'} ne '') && ($checkreg)) {
	my $user = $env{'user.name'}.':'.$env{'user.domain'};
	my %rosterhash = &get('classlist',[$user],$cdom,$cnum);
	if ($rosterhash{$user} ne '') {
	my $type = (split(/:/,$rosterhash{$user}))[5];
	return ([],{}) if ($type eq 'auto');
	}
	}
	if (($cdom ne '') && ($cnum ne '')) {
	if ($env{"user.role.dh./$cdom/"}) {
	my $then=$env{'user.login.time'};
	my $update=$env{'user.update.time'};
	my $liverole = 1;
	my ($tstart,$tend)=split(/\./,$env{'user.role.dh./'.$cdom});
	my $limit = $update;
	if ($env{'request.role'} eq 'dh./'.$cdom.'/') {
	$limit = $then;
	}
	if ($tstart && $tstart>$limit) { $liverole = 0; }
	if ($tend && $tend <$limit) { $liverole = 0; }
	if ($liverole) {
	if (&homeserver($cnum,$cdom) ne 'no_host') {
	my ($accessref,$accessinfo,%access_in_dom);
	($roles_by_num,$description,$accessref,$accessinfo) = &get_all_adhocroles($cdom);
	if (ref($roles_by_num) eq 'ARRAY') {
	if (@{$roles_by_num}) {
	my %settings;
	if ($env{'request.course.id'} eq $cid) {
	foreach my $envkey (keys(%env)) {
	if ($envkey =~ /^\Qcourse.$cid.\E(internal\.adhoc.+)$/) {
	$settings{$1} = $env{$envkey};
	}
	}
	} else {
	%settings = &dump('environment',$cdom,$cnum,'internal\.adhoc');
	}
	my %setincrs;
	if ($settings{'internal.adhocaccess'}) {
	map { $setincrs{$_} = 1; } split(/,/,$settings{'internal.adhocaccess'});
	}
	my @statuses;
	if ($env{'environment.inststatus'}) {
	@statuses = split(/,/,$env{'environment.inststatus'});
	}
	my $user = $env{'user.name'}.':'.$env{'user.domain'};
	if (ref($accessref) eq 'HASH') {
	%access_in_dom = %{$accessref};
	}
	foreach my $role (@{$roles_by_num}) {
	my ($curraccess,@okstatus,@personnel);
	if ($setincrs{$role}) {
	($curraccess,my $rest) = split(/=/,$settings{'internal.adhoc.'.$role});
	if ($curraccess eq 'status') {
	@okstatus = split(/\&/,$rest);
	} elsif (($curraccess eq 'exc') \|\| ($curraccess eq 'inc')) {
	@personnel = split(/\&/,$rest);
	}
	} else {
	$curraccess = $access_in_dom{$role};
	if (ref($accessinfo) eq 'HASH') {
	if ($curraccess eq 'status') {
	if (ref($accessinfo->{$role}) eq 'ARRAY') {
	@okstatus = @{$accessinfo->{$role}};
	}
	} elsif (($curraccess eq 'exc') \|\| ($curraccess eq 'inc')) {
	if (ref($accessinfo->{$role}) eq 'ARRAY') {
	@personnel = @{$accessinfo->{$role}};
	}
	}
	}
	}
	if ($curraccess eq 'none') {
	next;
	} elsif ($curraccess eq 'all') {
	push(@possroles,$role);
	} elsif ($curraccess eq 'status') {
	if (@okstatus) {
	if (!@statuses) {
	if (grep(/^default$/,@okstatus)) {
	push(@possroles,$role);
	}
	} else {
	foreach my $status (@okstatus) {
	if (grep(/^\Q$status\E$/,@statuses)) {
	push(@possroles,$role);
	last;
	}
	}
	}
	}
	} elsif (($curraccess eq 'exc') \|\| ($curraccess eq 'inc')) {
	if (grep(/^\Q$user\E$/,@personnel)) {
	if ($curraccess eq 'exc') {
	push(@possroles,$role);
	}
	} elsif ($curraccess eq 'inc') {
	push(@possroles,$role);
	}
	}
	}
	}
	}
	}
	}
	}
	}
	unless (ref($description) eq 'HASH') {
	if (ref($roles_by_num) eq 'ARRAY') {
	my %desc;
	map { $desc{$_} = $_; } (@{$roles_by_num});
	$description = \%desc;
	} else {
	$description = {};
	}
	}
	return (\@possroles,$description);
	}

# ----------------------------------------------------- Frontpage Announcements	# ----------------------------------------------------- Frontpage Announcements
#	#
#	#
Line 4141 sub courseiddump {	Line 4532 sub courseiddump {
my ($domfilter,$descfilter,$sincefilter,$instcodefilter,$ownerfilter,	my ($domfilter,$descfilter,$sincefilter,$instcodefilter,$ownerfilter,
$coursefilter,$hostidflag,$hostidref,$typefilter,$regexp_ok,	$coursefilter,$hostidflag,$hostidref,$typefilter,$regexp_ok,
$selfenrollonly,$catfilter,$showhidden,$caller,$cloner,$cc_clone,	$selfenrollonly,$catfilter,$showhidden,$caller,$cloner,$cc_clone,
$cloneonly,$createdbefore,$createdafter,$creationcontext,$domcloner)=@_;	$cloneonly,$createdbefore,$createdafter,$creationcontext,$domcloner,
	$hasuniquecode,$reqcrsdom,$reqinstcode)=@_;
my $as_hash = 1;	my $as_hash = 1;
my %returnhash;	my %returnhash;
if (!$domfilter) { $domfilter=''; }	if (!$domfilter) { $domfilter=''; }
Line 4164 sub courseiddump {	Line 4556 sub courseiddump {
&escape($catfilter), $showhidden, $caller,	&escape($catfilter), $showhidden, $caller,
&escape($cloner), &escape($cc_clone), $cloneonly,	&escape($cloner), &escape($cc_clone), $cloneonly,
&escape($createdbefore), &escape($createdafter),	&escape($createdbefore), &escape($createdafter),
&escape($creationcontext), $domcloner)));	&escape($creationcontext),$domcloner,$hasuniquecode,
	$reqcrsdom,&escape($reqinstcode))));
} else {	} else {
$rep = &reply('courseiddump:'.&host_domain($tryserver).':'.	$rep = &reply('courseiddump:'.&host_domain($tryserver).':'.
$sincefilter.':'.&escape($descfilter).':'.	$sincefilter.':'.&escape($descfilter).':'.
Line 4175 sub courseiddump {	Line 4568 sub courseiddump {
$showhidden.':'.$caller.':'.&escape($cloner).':'.	$showhidden.':'.$caller.':'.&escape($cloner).':'.
&escape($cc_clone).':'.$cloneonly.':'.	&escape($cc_clone).':'.$cloneonly.':'.
&escape($createdbefore).':'.&escape($createdafter).':'.	&escape($createdbefore).':'.&escape($createdafter).':'.
&escape($creationcontext).':'.$domcloner,	&escape($creationcontext).':'.$domcloner.':'.$hasuniquecode.
$tryserver);	':'.$reqcrsdom.':'.&escape($reqinstcode),$tryserver);
}	}

my @pairs=split(/\&/,$rep);	my @pairs=split(/\&/,$rep);
Line 4304 sub get_domain_roles {	Line 4697 sub get_domain_roles {
return %personnel;	return %personnel;
}	}

	sub get_active_domroles {
	my ($dom,$roles) = @_;
	return () unless (ref($roles) eq 'ARRAY');
	my $now = time;
	my %dompersonnel = &get_domain_roles($dom,$roles,$now,$now);
	my %domroles;
	foreach my $server (keys(%dompersonnel)) {
	foreach my $user (sort(keys(%{$dompersonnel{$server}}))) {
	my ($trole,$uname,$udom,$runame,$rudom,$rsec) = split(/:/,$user);
	$domroles{$uname.':'.$udom} = $dompersonnel{$server}{$user};
	}
	}
	return %domroles;
	}

# ----------------------------------------------------------- Interval timing	# ----------------------------------------------------------- Interval timing

{	{
Line 4315 my $cachedkey='';	Line 4723 my $cachedkey='';
# The cached times for this user	# The cached times for this user
my %cachedtimes=();	my %cachedtimes=();
# When this was last done	# When this was last done
my $cachedtime=();	my $cachedtime='';

sub load_all_first_access {	sub load_all_first_access {
my ($uname,$udom)=@_;	my ($uname,$udom)=@_;
Line 4377 sub set_first_access {	Line 4785 sub set_first_access {
return 'already_set';	return 'already_set';
}	}
}	}

	sub checkout {
	my ($symb,$tuname,$tudom,$tcrsid)=@_;
	my $now=time;
	my $lonhost=$perlvar{'lonHostID'};
	my $infostr=&escape(
	'CHECKOUTTOKEN&'.
	$tuname.'&'.
	$tudom.'&'.
	$tcrsid.'&'.
	$symb.'&'.
	$now.'&'.$ENV{'REMOTE_ADDR'});
	my $token=&reply('tmpput:'.$infostr,$lonhost);
	if ($token=~/^error\:/) {
	&logthis("<font color=\"blue\">WARNING: ".
	"Checkout tmpput failed ".$tudom.' - '.$tuname.' - '.$symb.
	"</font>");
	return '';
	}

	$token=~s/^(\d+)\_.\_(\d+)$/$1\$2\*$lonhost/;
	$token=~tr/a-z/A-Z/;

	my %infohash=('resource.0.outtoken' => $token,
	'resource.0.checkouttime' => $now,
	'resource.0.outremote' => $ENV{'REMOTE_ADDR'});

	unless (&cstore(\%infohash,$symb,$tcrsid,$tudom,$tuname) eq 'ok') {
	return '';
	} else {
	&logthis("<font color=\"blue\">WARNING: ".
	"Checkout cstore failed ".$tudom.' - '.$tuname.' - '.$symb.
	"</font>");
	}

	if (&log($tudom,$tuname,&homeserver($tuname,$tudom),
	&escape('Checkout '.$infostr.' - '.
	$token)) ne 'ok') {
	return '';
	} else {
	&logthis("<font color=\"blue\">WARNING: ".
	"Checkout log failed ".$tudom.' - '.$tuname.' - '.$symb.
	"</font>");
	}
	return $token;
	}

	# ------------------------------------------------------------ Check in an item

	sub checkin {
	my $token=shift;
	my $now=time;
	my ($ta,$tb,$lonhost)=split(/\*/,$token);
	$lonhost=~tr/A-Z/a-z/;
	my $dtoken=$ta.'_'.&hostname($lonhost).'_'.$tb;
	$dtoken=~s/\W/\_/g;
	my ($dummy,$tuname,$tudom,$tcrsid,$symb,$chtim,$rmaddr)=
	split(/\&/,&unescape(&reply('tmpget:'.$dtoken,$lonhost)));

	unless (($tuname) && ($tudom)) {
	&logthis('Check in '.$token.' ('.$dtoken.') failed');
	return '';
	}

	unless (&allowed('mgr',$tcrsid)) {
	&logthis('Check in '.$token.' ('.$dtoken.') unauthorized: '.
	$env{'user.name'}.' - '.$env{'user.domain'});
	return '';
	}

	my %infohash=('resource.0.intoken' => $token,
	'resource.0.checkintime' => $now,
	'resource.0.inremote' => $ENV{'REMOTE_ADDR'});

	unless (&cstore(\%infohash,$symb,$tcrsid,$tudom,$tuname) eq 'ok') {
	return '';
	}

	if (&log($tudom,$tuname,&homeserver($tuname,$tudom),
	&escape('Checkin - '.$token)) ne 'ok') {
	return '';
	}

	return ($symb,$tuname,$tudom,$tcrsid);
	}

# --------------------------------------------- Set Expire Date for Spreadsheet	# --------------------------------------------- Set Expire Date for Spreadsheet

sub expirespread {	sub expirespread {
Line 4747 sub tmprestore {	Line 5241 sub tmprestore {
# ----------------------------------------------------------------------- Store	# ----------------------------------------------------------------------- Store

sub store {	sub store {
my ($storehash,$symb,$namespace,$domain,$stuname) = @_;	my ($storehash,$symb,$namespace,$domain,$stuname,$laststore) = @_;
my $home='';	my $home='';

if ($stuname) { $home=&homeserver($stuname,$domain); }	if ($stuname) { $home=&homeserver($stuname,$domain); }
Line 4777 sub store {	Line 5271 sub store {
}	}
$namevalue=~s/\&$//;	$namevalue=~s/\&$//;
&courselog($symb.':'.$stuname.':'.$domain.':STORE:'.$namevalue);	&courselog($symb.':'.$stuname.':'.$domain.':STORE:'.$namevalue);
return reply("store:$domain:$stuname:$namespace:$symb:$namevalue","$home");	return reply("store:$domain:$stuname:$namespace:$symb:$namevalue:$laststore","$home");
}	}

# -------------------------------------------------------------- Critical Store	# -------------------------------------------------------------- Critical Store

sub cstore {	sub cstore {
my ($storehash,$symb,$namespace,$domain,$stuname) = @_;	my ($storehash,$symb,$namespace,$domain,$stuname,$laststore) = @_;
my $home='';	my $home='';

if ($stuname) { $home=&homeserver($stuname,$domain); }	if ($stuname) { $home=&homeserver($stuname,$domain); }
Line 4814 sub cstore {	Line 5308 sub cstore {
$namevalue=~s/\&$//;	$namevalue=~s/\&$//;
&courselog($symb.':'.$stuname.':'.$domain.':CSTORE:'.$namevalue);	&courselog($symb.':'.$stuname.':'.$domain.':CSTORE:'.$namevalue);
return critical	return critical
("store:$domain:$stuname:$namespace:$symb:$namevalue","$home");	("store:$domain:$stuname:$namespace:$symb:$namevalue:$laststore","$home");
}	}

# --------------------------------------------------------------------- Restore	# --------------------------------------------------------------------- Restore
Line 4994 sub privileged {	Line 5488 sub privileged {
my %rolesdump = &dump("roles", $domain, $username) or return 0;	my %rolesdump = &dump("roles", $domain, $username) or return 0;
my $now = time;	my $now = time;

for my $role (@rolesdump{grep { ! /^rolesdef_/ } keys %rolesdump}) {	for my $role (@rolesdump{grep { ! /^rolesdef_/ } keys(%rolesdump)}) {
my ($trole, $tend, $tstart) = split(/_/, $role);	my ($trole, $tend, $tstart) = split(/_/, $role);
if (grep(/^\Q$trole\E$/,@{$roles})) {	if (grep(/^\Q$trole\E$/,@{$roles})) {
return 1 unless ($tend && $tend < $now)	return 1 unless ($tend && $tend < $now)
Line 5083 sub rolesinit {	Line 5577 sub rolesinit {
my %allroles=();	my %allroles=();
my %allgroups=();	my %allgroups=();

for my $area (grep { ! /^rolesdef_/ } keys %rolesdump) {	for my $area (grep { ! /^rolesdef_/ } keys(%rolesdump)) {
my $role = $rolesdump{$area};	my $role = $rolesdump{$area};
$area =~ s/\_\w\w$//;	$area =~ s/\_\w\w$//;

Line 5175 sub set_arearole {	Line 5669 sub set_arearole {
sub custom_roleprivs {	sub custom_roleprivs {
my ($allroles,$trole,$tdomain,$trest,$spec,$area) = @_;	my ($allroles,$trole,$tdomain,$trest,$spec,$area) = @_;
my ($rdummy,$rdomain,$rauthor,$rrole)=split(/\//,$trole);	my ($rdummy,$rdomain,$rauthor,$rrole)=split(/\//,$trole);
my $homsvr=homeserver($rauthor,$rdomain);	my $homsvr = &homeserver($rauthor,$rdomain);
if (&hostname($homsvr) ne '') {	if (&hostname($homsvr) ne '') {
my ($rdummy,$roledef)=	my ($rdummy,$roledef)=
&get('roles',["rolesdef_$rrole"],$rdomain,$rauthor);	&get('roles',["rolesdef_$rrole"],$rdomain,$rauthor);
Line 5194 sub custom_roleprivs {	Line 5688 sub custom_roleprivs {
$$allroles{$spec.'./'.$tdomain.'/'}.=':'.$dompriv;	$$allroles{$spec.'./'.$tdomain.'/'}.=':'.$dompriv;
}	}
if (($trest ne '') && (defined($coursepriv))) {	if (($trest ne '') && (defined($coursepriv))) {
	if ($trole =~ m{^cr/$tdomain/$tdomain\Q-domainconfig\E/([^/]+)$}) {
	my $rolename = $1;
	$coursepriv = &course_adhocrole_privs($rolename,$tdomain,$trest,$coursepriv);
	}
$$allroles{'cm.'.$area}.=':'.$coursepriv;	$$allroles{'cm.'.$area}.=':'.$coursepriv;
$$allroles{$spec.'.'.$area}.=':'.$coursepriv;	$$allroles{$spec.'.'.$area}.=':'.$coursepriv;
}	}
Line 5202 sub custom_roleprivs {	Line 5700 sub custom_roleprivs {
}	}
}	}

	sub course_adhocrole_privs {
	my ($rolename,$cdom,$cnum,$coursepriv) = @_;
	my %overrides = &get('environment',["internal.adhocpriv.$rolename"],$cdom,$cnum);
	if ($overrides{"internal.adhocpriv.$rolename"}) {
	my (%currprivs,%storeprivs);
	foreach my $item (split(/:/,$coursepriv)) {
	my ($priv,$restrict) = split(/\&/,$item);
	$currprivs{$priv} = $restrict;
	}
	my (%possadd,%possremove,%full);
	foreach my $item (split(/\:/,$Apache::lonnet::pr{'cr:c'})) {
	my ($priv,$restrict)=split(/\&/,$item);
	$full{$priv} = $restrict;
	}
	foreach my $item (split(/,/,$overrides{"internal.adhocpriv.$rolename"})) {
	next if ($item eq '');
	my ($rule,$rest) = split(/=/,$item);
	next unless (($rule eq 'off') \|\| ($rule eq 'on'));
	foreach my $priv (split(/:/,$rest)) {
	if ($priv ne '') {
	if ($rule eq 'off') {
	$possremove{$priv} = 1;
	} else {
	$possadd{$priv} = 1;
	}
	}
	}
	}
	foreach my $priv (sort(keys(%full))) {
	if (exists($currprivs{$priv})) {
	unless (exists($possremove{$priv})) {
	$storeprivs{$priv} = $currprivs{$priv};
	}
	} elsif (exists($possadd{$priv})) {
	$storeprivs{$priv} = $full{$priv};
	}
	}
	$coursepriv = ':'.join(':',map { $_.'&'.$storeprivs{$_}; } sort(keys(%storeprivs)));
	}
	return $coursepriv;
	}

sub group_roleprivs {	sub group_roleprivs {
my ($allgroups,$area,$group_privs,$tend,$tstart) = @_;	my ($allgroups,$area,$group_privs,$tend,$tstart) = @_;
my $access = 1;	my $access = 1;
Line 5296 sub set_userprivs {	Line 5836 sub set_userprivs {

sub role_status {	sub role_status {
my ($rolekey,$update,$refresh,$now,$role,$where,$trolecode,$tstatus,$tstart,$tend) = @_;	my ($rolekey,$update,$refresh,$now,$role,$where,$trolecode,$tstatus,$tstart,$tend) = @_;
my @pwhere = ();
if (exists($env{$rolekey}) && $env{$rolekey} ne '') {	if (exists($env{$rolekey}) && $env{$rolekey} ne '') {
(undef,undef,$$role,@pwhere)=split(/\./,$rolekey);	my ($one,$two) = split(m{\./},$rolekey,2);
	(undef,undef,$$role) = split(/\./,$one,3);
unless (!defined($$role) \|\| $$role eq '') {	unless (!defined($$role) \|\| $$role eq '') {
$$where=join('.',@pwhere);	$$where = '/'.$two;
$$trolecode=$$role.'.'.$$where;	$$trolecode=$$role.'.'.$$where;
($$tstart,$$tend)=split(/\./,$env{$rolekey});	($$tstart,$$tend)=split(/\./,$env{$rolekey});
$$tstatus='is';	$$tstatus='is';
Line 5414 sub delete_env_groupprivs {	Line 5954 sub delete_env_groupprivs {
}	}

sub check_adhoc_privs {	sub check_adhoc_privs {
my ($cdom,$cnum,$update,$refresh,$now,$checkrole,$caller) = @_;	my ($cdom,$cnum,$update,$refresh,$now,$checkrole,$caller,$sec) = @_;
my $cckey = 'user.role.'.$checkrole.'./'.$cdom.'/'.$cnum;	my $cckey = 'user.role.'.$checkrole.'./'.$cdom.'/'.$cnum;
	if ($sec) {
	$cckey .= '/'.$sec;
	}
my $setprivs;	my $setprivs;
if ($env{$cckey}) {	if ($env{$cckey}) {
my ($role,$where,$trolecode,$tstart,$tend,$tremark,$tstatus,$tpstart,$tpend);	my ($role,$where,$trolecode,$tstart,$tend,$tremark,$tstatus,$tpstart,$tpend);
&role_status($cckey,$update,$refresh,$now,\$role,\$where,\$trolecode,\$tstatus,\$tstart,\$tend);	&role_status($cckey,$update,$refresh,$now,\$role,\$where,\$trolecode,\$tstatus,\$tstart,\$tend);
unless (($tstatus eq 'is') \|\| ($tstatus eq 'will_not')) {	unless (($tstatus eq 'is') \|\| ($tstatus eq 'will_not')) {
&set_adhoc_privileges($cdom,$cnum,$checkrole,$caller);	&set_adhoc_privileges($cdom,$cnum,$checkrole,$caller,$sec);
$setprivs = 1;	$setprivs = 1;
}	}
} else {	} else {
&set_adhoc_privileges($cdom,$cnum,$checkrole,$caller);	&set_adhoc_privileges($cdom,$cnum,$checkrole,$caller,$sec);
$setprivs = 1;	$setprivs = 1;
}	}
return $setprivs;	return $setprivs;
}	}

sub set_adhoc_privileges {	sub set_adhoc_privileges {
# role can be cc or ca	# role can be cc, ca, or cr/<dom>/<dom>-domainconfig/role
my ($dcdom,$pickedcourse,$role,$caller) = @_;	my ($dcdom,$pickedcourse,$role,$caller,$sec) = @_;
my $area = '/'.$dcdom.'/'.$pickedcourse;	my $area = '/'.$dcdom.'/'.$pickedcourse;
	if ($sec ne '') {
	$area .= '/'.$sec;
	}
my $spec = $role.'.'.$area;	my $spec = $role.'.'.$area;
my %userroles = &set_arearole($role,$area,'','',$env{'user.domain'},	my %userroles = &set_arearole($role,$area,'','',$env{'user.domain'},
$env{'user.name'},1);	$env{'user.name'},1);
my %ccrole = ();	my %rolehash = ();
&standard_roleprivs(\%ccrole,$role,$dcdom,$spec,$pickedcourse,$area);	if ($role =~ m{^\Qcr/$dcdom/$dcdom\E\-domainconfig/(\w+)$}) {
my ($author,$adv)= &set_userprivs(\%userroles,\%ccrole);	my $rolename = $1;
	&custom_roleprivs(\%rolehash,$role,$dcdom,$pickedcourse,$spec,$area);
	my %domdef = &get_domain_defaults($dcdom);
	if (ref($domdef{'adhocroles'}) eq 'HASH') {
	if (ref($domdef{'adhocroles'}{$rolename}) eq 'HASH') {
	&appenv({'request.role.desc' => $domdef{'adhocroles'}{$rolename}{'desc'},});
	}
	}
	} else {
	&standard_roleprivs(\%rolehash,$role,$dcdom,$spec,$pickedcourse,$area);
	}
	my ($author,$adv)= &set_userprivs(\%userroles,\%rolehash);
&appenv(\%userroles,[$role,'cm']);	&appenv(\%userroles,[$role,'cm']);
&log($env{'user.domain'},$env{'user.name'},$env{'user.home'},"Role ".$role);	&log($env{'user.domain'},$env{'user.name'},$env{'user.home'},"Role ".$role);
unless ($caller eq 'constructaccess' && $env{'request.course.id'}) {	unless ($caller eq 'constructaccess' && $env{'request.course.id'}) {
&appenv( {'request.role' => $spec,	&appenv( {'request.role' => $spec,
'request.role.domain' => $dcdom,	'request.role.domain' => $dcdom,
'request.course.sec' => ''	'request.course.sec' => $sec,
}	}
);	);
my $tadv=0;	my $tadv=0;
Line 5523 sub dump {	Line 6080 sub dump {
if (!$uname) { $uname=$env{'user.name'}; }	if (!$uname) { $uname=$env{'user.name'}; }
my $uhome=&homeserver($uname,$udomain);	my $uhome=&homeserver($uname,$udomain);

my $reply;	if ($regexp) {
	$regexp=&escape($regexp);
	} else {
	$regexp='.';
	}
if (grep { $_ eq $uhome } &current_machine_ids()) {	if (grep { $_ eq $uhome } &current_machine_ids()) {
# user is hosted on this machine	# user is hosted on this machine
$reply = LONCAPA::Lond::dump_with_regexp(join(':', ($udomain,	my $reply = LONCAPA::Lond::dump_with_regexp(join(':', ($udomain,
$uname, $namespace, $regexp, $range)), $perlvar{'lonVersion'});	$uname, $namespace, $regexp, $range)), $perlvar{'lonVersion'});
return %{&unserialize($reply, $escapedkeys)};	return %{&unserialize($reply, $escapedkeys)};
}	}
if ($regexp) {
$regexp=&escape($regexp);
} else {
$regexp='.';
}
my $rep=&reply("dump:$udomain:$uname:$namespace:$regexp:$range",$uhome);	my $rep=&reply("dump:$udomain:$uname:$namespace:$regexp:$range",$uhome);
my @pairs=split(/\&/,$rep);	my @pairs=split(/\&/,$rep);
my %returnhash=();	my %returnhash=();
Line 5582 sub currentdump {	Line 6138 sub currentdump {
$sdom = $env{'user.domain'} if (! defined($sdom));	$sdom = $env{'user.domain'} if (! defined($sdom));
$sname = $env{'user.name'} if (! defined($sname));	$sname = $env{'user.name'} if (! defined($sname));
my $uhome = &homeserver($sname,$sdom);	my $uhome = &homeserver($sname,$sdom);
my $rep=reply('currentdump:'.$sdom.':'.$sname.':'.$courseid,$uhome);	my $rep;

	if (grep { $_ eq $uhome } current_machine_ids()) {
	$rep = LONCAPA::Lond::dump_profile_database(join(":", ($sdom, $sname,
	$courseid)));
	} else {
	$rep = reply('currentdump:'.$sdom.':'.$sname.':'.$courseid,$uhome);
	}

return if ($rep =~ /^(error:\|no_such_host)/);	return if ($rep =~ /^(error:\|no_such_host)/);
#	#
my %returnhash=();	my %returnhash=();
Line 5703 sub newput {	Line 6267 sub newput {
# --------------------------------------------------------- putstore interface	# --------------------------------------------------------- putstore interface

sub putstore {	sub putstore {
my ($namespace,$symb,$version,$storehash,$udomain,$uname)=@_;	my ($namespace,$symb,$version,$storehash,$udomain,$uname,$tolog)=@_;
if (!$udomain) { $udomain=$env{'user.domain'}; }	if (!$udomain) { $udomain=$env{'user.domain'}; }
if (!$uname) { $uname=$env{'user.name'}; }	if (!$uname) { $uname=$env{'user.name'}; }
my $uhome=&homeserver($uname,$udomain);	my $uhome=&homeserver($uname,$udomain);
Line 5717 sub putstore {	Line 6281 sub putstore {
my $reply =	my $reply =
&reply("putstore:$udomain:$uname:$namespace:$esc_symb:$esc_v:$items",	&reply("putstore:$udomain:$uname:$namespace:$esc_symb:$esc_v:$items",
$uhome);	$uhome);
	if (($tolog) && ($reply eq 'ok')) {
	my $namevalue='';
	foreach my $key (keys(%{$storehash})) {
	$namevalue.=&escape($key).'='.&freeze_escape($storehash->{$key}).'&';
	}
	$namevalue .= 'ip='.&escape($ENV{'REMOTE_ADDR'}).
	'&host='.&escape($perlvar{'lonHostID'}).
	'&version='.$esc_v.
	'&by='.&escape($env{'user.name'}.':'.$env{'user.domain'});
	&Apache::lonnet::courselog($symb.':'.$uname.':'.$udomain.':PUTSTORE:'.$namevalue);
	}
if ($reply eq 'unknown_cmd') {	if ($reply eq 'unknown_cmd') {
# gfall back to way things use to be done	# gfall back to way things use to be done
return &old_putstore($namespace,$symb,$version,$storehash,$udomain,	return &old_putstore($namespace,$symb,$version,$storehash,$udomain,
Line 5810 sub tmpget {	Line 6385 sub tmpget {
if (!defined($server)) { $server = $perlvar{'lonHostID'}; }	if (!defined($server)) { $server = $perlvar{'lonHostID'}; }
my $rep=&reply("tmpget:$token",$server);	my $rep=&reply("tmpget:$token",$server);
my %returnhash;	my %returnhash;
	if ($rep =~ /^(con_lost\|error\|no_such_host)/i) {
	return %returnhash;
	}
foreach my $item (split(/\&/,$rep)) {	foreach my $item (split(/\&/,$rep)) {
my ($key,$value)=split(/=/,$item);	my ($key,$value)=split(/=/,$item);
next if ($key =~ /^error: 2 /);
$returnhash{&unescape($key)}=&thaw_unescape($value);	$returnhash{&unescape($key)}=&thaw_unescape($value);
}	}
return %returnhash;	return %returnhash;
Line 5875 sub get_timebased_id {	Line 6452 sub get_timebased_id {
my %inuse = &Apache::lonnet::dump('nohist_'.$namespace,$cdom,$cnum,$prefix);	my %inuse = &Apache::lonnet::dump('nohist_'.$namespace,$cdom,$cnum,$prefix);
my $id = time;	my $id = time;
$newid = $id;	$newid = $id;
	if ($idtype eq 'addcode') {
	$newid .= &sixnum_code();
	}
my $idtries = 0;	my $idtries = 0;
while (exists($inuse{$prefix."\0".$newid}) && $idtries < $maxtries) {	while (exists($inuse{$prefix."\0".$newid}) && $idtries < $maxtries) {
if ($idtype eq 'concat') {	if ($idtype eq 'concat') {
$newid = $id.$idtries;	$newid = $id.$idtries;
	} elsif ($idtype eq 'addcode') {
	$newid = $newid.&sixnum_code();
} else {	} else {
$newid ++;	$newid ++;
}	}
Line 5895 sub get_timebased_id {	Line 6477 sub get_timebased_id {
$error = 'error saving new item: '.$putresult;	$error = 'error saving new item: '.$putresult;
}	}
} else {	} else {
	undef($newid);
$error = ('error: no unique suffix available for the new item ');	$error = ('error: no unique suffix available for the new item ');
}	}
# remove lock	# remove lock
Line 5903 sub get_timebased_id {	Line 6486 sub get_timebased_id {
} else {	} else {
$error = "error: could not obtain lockfile\n";	$error = "error: could not obtain lockfile\n";
$dellock = 'ok';	$dellock = 'ok';
	if (($prefix eq 'paste') && ($namespace eq 'courseeditor') && ($keyid eq 'num')) {
	$dellock = 'nolock';
	}
}	}
return ($newid,$dellock,$error);	return ($newid,$dellock,$error);
}	}

	sub sixnum_code {
	my $code;
	for (0..6) {
	$code .= int( rand(9) );
	}
	return $code;
	}

# -------------------------------------------------- portfolio access checking	# -------------------------------------------------- portfolio access checking

sub portfolio_access {	sub portfolio_access {
my ($requrl) = @_;	my ($requrl,$clientip) = @_;
my (undef,$udom,$unum,$file_name,$group) = &parse_portfolio_url($requrl);	my (undef,$udom,$unum,$file_name,$group) = &parse_portfolio_url($requrl);
my $result = &get_portfolio_access($udom,$unum,$file_name,$group);	my $result = &get_portfolio_access($udom,$unum,$file_name,$group,$clientip);
if ($result) {	if ($result) {
my %setters;	my %setters;
if ($env{'user.name'} eq 'public' && $env{'user.domain'} eq 'public') {	if ($env{'user.name'} eq 'public' && $env{'user.domain'} eq 'public') {
Line 5938 sub portfolio_access {	Line 6532 sub portfolio_access {
}	}

sub get_portfolio_access {	sub get_portfolio_access {
my ($udom,$unum,$file_name,$group,$access_hash) = @_;	my ($udom,$unum,$file_name,$group,$clientip,$access_hash) = @_;

if (!ref($access_hash)) {	if (!ref($access_hash)) {
my $current_perms = &get_portfile_permissions($udom,$unum);	my $current_perms = &get_portfile_permissions($udom,$unum);
Line 5947 sub get_portfolio_access {	Line 6541 sub get_portfolio_access {
$access_hash = $access_controls{$file_name};	$access_hash = $access_controls{$file_name};
}	}

my ($public,$guest,@domains,@users,@courses,@groups);	my ($public,$guest,@domains,@users,@courses,@groups,@ips);
my $now = time;	my $now = time;
if (ref($access_hash) eq 'HASH') {	if (ref($access_hash) eq 'HASH') {
foreach my $key (keys(%{$access_hash})) {	foreach my $key (keys(%{$access_hash})) {
Line 5971 sub get_portfolio_access {	Line 6565 sub get_portfolio_access {
push(@courses,$key);	push(@courses,$key);
} elsif ($scope eq 'group') {	} elsif ($scope eq 'group') {
push(@groups,$key);	push(@groups,$key);
	} elsif ($scope eq 'ip') {
	push(@ips,$key);
}	}
}	}
if ($public) {	if ($public) {
return 'ok';	return 'ok';
	} elsif (@ips > 0) {
	my $allowed;
	foreach my $ipkey (@ips) {
	if (ref($access_hash->{$ipkey}{'ip'}) eq 'ARRAY') {
	if (&Apache::loncommon::check_ip_acc(join(',',@{$access_hash->{$ipkey}{'ip'}}),$clientip)) {
	$allowed = 1;
	last;
	}
	}
	}
	if ($allowed) {
	return 'ok';
	}
}	}
if ($env{'user.name'} eq 'public' && $env{'user.domain'} eq 'public') {	if ($env{'user.name'} eq 'public' && $env{'user.domain'} eq 'public') {
if ($guest) {	if ($guest) {
Line 6161 sub usertools_access {	Line 6770 sub usertools_access {
official => 1,	official => 1,
unofficial => 1,	unofficial => 1,
community => 1,	community => 1,
	textbook => 1,
);	);
} elsif ($context eq 'requestauthor') {	} elsif ($context eq 'requestauthor') {
%tools = (	%tools = (
Line 6176 sub usertools_access {	Line 6786 sub usertools_access {
}	}
return if (!defined($tools{$tool}));	return if (!defined($tools{$tool}));

if ((!defined($udom)) \|\| (!defined($uname))) {	if (($udom eq '') \|\| ($uname eq '')) {
$udom = $env{'user.domain'};	$udom = $env{'user.domain'};
$uname = $env{'user.name'};	$uname = $env{'user.name'};
}	}
Line 6457 sub customaccess {	Line 7067 sub customaccess {
# ------------------------------------------------- Check for a user privilege	# ------------------------------------------------- Check for a user privilege

sub allowed {	sub allowed {
my ($priv,$uri,$symb,$role)=@_;	my ($priv,$uri,$symb,$role,$clientip,$noblockcheck)=@_;
my $ver_orguri=$uri;	my $ver_orguri=$uri;
$uri=&deversion($uri);	$uri=&deversion($uri);
my $orguri=$uri;	my $orguri=$uri;
Line 6652 sub allowed {	Line 7262 sub allowed {
if ($match) {	if ($match) {
if ($env{'user.priv.'.$env{'request.role'}.'./'}	if ($env{'user.priv.'.$env{'request.role'}.'./'}
=~/\Q$priv\E\&([^\:]*)/) {	=~/\Q$priv\E\&([^\:]*)/) {
my @blockers = &has_comm_blocking($priv,$symb,$uri);	my $value = $1;
if (@blockers > 0) {	if ($noblockcheck) {
$thisallowed = 'B';	$thisallowed.=$value;
} else {	} else {
$thisallowed.=$1;	my @blockers = &has_comm_blocking($priv,$symb,$uri);
	if (@blockers > 0) {
	$thisallowed = 'B';
	} else {
	$thisallowed.=$value;
	}
}	}
}	}
} else {	} else {
Line 6668 sub allowed {	Line 7283 sub allowed {
$refuri=&declutter($refuri);	$refuri=&declutter($refuri);
my ($match) = &is_on_map($refuri);	my ($match) = &is_on_map($refuri);
if ($match) {	if ($match) {
my @blockers = &has_comm_blocking($priv,$symb,$refuri);	if ($noblockcheck) {
if (@blockers > 0) {
$thisallowed = 'B';
} else {
$thisallowed='F';	$thisallowed='F';
	} else {
	my @blockers = &has_comm_blocking($priv,$symb,$refuri);
	if (@blockers > 0) {
	$thisallowed = 'B';
	} else {
	$thisallowed='F';
	}
}	}
}	}
}	}
Line 6684 sub allowed {	Line 7303 sub allowed {
&& $thisallowed ne 'F'	&& $thisallowed ne 'F'
&& $thisallowed ne '2'	&& $thisallowed ne '2'
&& &is_portfolio_url($uri)) {	&& &is_portfolio_url($uri)) {
$thisallowed = &portfolio_access($uri);	$thisallowed = &portfolio_access($uri,$clientip);
}	}

# Full access at system, domain or course-wide level? Exit.	# Full access at system, domain or course-wide level? Exit.
Line 6727 sub allowed {	Line 7346 sub allowed {
=~/\Q$priv\E\&([^\:]*)/) {	=~/\Q$priv\E\&([^\:]*)/) {
my $value = $1;	my $value = $1;
if ($priv eq 'bre') {	if ($priv eq 'bre') {
my @blockers = &has_comm_blocking($priv,$symb,$uri);	if ($noblockcheck) {
if (@blockers > 0) {
$thisallowed = 'B';
} else {
$thisallowed.=$value;	$thisallowed.=$value;
	} else {
	my @blockers = &has_comm_blocking($priv,$symb,$uri);
	if (@blockers > 0) {
	$thisallowed = 'B';
	} else {
	$thisallowed.=$value;
	}
}	}
} else {	} else {
$thisallowed.=$value;	$thisallowed.=$value;
Line 6765 sub allowed {	Line 7388 sub allowed {
=~/\Q$priv\E\&([^\:]*)/) {	=~/\Q$priv\E\&([^\:]*)/) {
my $value = $1;	my $value = $1;
if ($priv eq 'bre') {	if ($priv eq 'bre') {
my @blockers = &has_comm_blocking($priv,$symb,$refuri);	if ($noblockcheck) {
if (@blockers > 0) {
$thisallowed = 'B';
} else {
$thisallowed.=$value;	$thisallowed.=$value;
	} else {
	my @blockers = &has_comm_blocking($priv,$symb,$refuri);
	if (@blockers > 0) {
	$thisallowed = 'B';
	} else {
	$thisallowed.=$value;
	}
}	}
} else {	} else {
$thisallowed.=$value;	$thisallowed.=$value;
Line 6945 sub constructaccess {	Line 7572 sub constructaccess {
my ($ownername,$ownerdomain,$ownerhome);	my ($ownername,$ownerdomain,$ownerhome);

($ownerdomain,$ownername) =	($ownerdomain,$ownername) =
($url=~ m{^(?:\Q$perlvar{'lonDocRoot'}\E\|)/priv/($match_domain)/($match_username)/});	($url=~ m{^(?:\Q$perlvar{'lonDocRoot'}\E\|)/priv/($match_domain)/($match_username)(?:/\|$)});

# The URL does not really point to any authorspace, forget it	# The URL does not really point to any authorspace, forget it
unless (($ownername) && ($ownerdomain)) { return ''; }	unless (($ownername) && ($ownerdomain)) { return ''; }
Line 7000 sub constructaccess {	Line 7627 sub constructaccess {
return '';	return '';
}	}

	# ----------------------------------------------------------- Content Blocking

	{
	# Caches for faster Course Contents display where content blocking
	# is in operation (i.e., interval param set) for timed quiz.
	#
	# User for whom data are being temporarily cached.
	my $cacheduser='';
	# Cached blockers for this user (a hash of blocking items).
	my %cachedblockers=();
	# When the data were last cached.
	my $cachedlast='';

	sub load_all_blockers {
	my ($uname,$udom,$blocks)=@_;
	if (($uname ne '') && ($udom ne '')) {
	if (($cacheduser eq $uname.':'.$udom) &&
	(abs($cachedlast-time)<5)) {
	return;
	}
	}
	$cachedlast=time;
	$cacheduser=$uname.':'.$udom;
	%cachedblockers = &get_commblock_resources($blocks);
	}

sub get_comm_blocks {	sub get_comm_blocks {
my ($cdom,$cnum) = @_;	my ($cdom,$cnum) = @_;
if ($cdom eq '' \|\| $cnum eq '') {	if ($cdom eq '' \|\| $cnum eq '') {
Line 7020 sub get_comm_blocks {	Line 7673 sub get_comm_blocks {
return %commblocks;	return %commblocks;
}	}

sub has_comm_blocking {	sub get_commblock_resources {
my ($priv,$symb,$uri,$blocks) = @_;	my ($blocks) = @_;
return unless ($env{'request.course.id'});	my %blockers = ();
return unless ($priv eq 'bre');	return %blockers unless ($env{'request.course.id'});
return if ($env{'user.priv.'.$env{'request.role'}} =~/evb\&([^\:]*)/);	return %blockers if ($env{'user.priv.'.$env{'request.role'}} =~/evb\&([^\:]*)/);
my %commblocks;	my %commblocks;
if (ref($blocks) eq 'HASH') {	if (ref($blocks) eq 'HASH') {
%commblocks = %{$blocks};	%commblocks = %{$blocks};
} else {	} else {
%commblocks = &get_comm_blocks();	%commblocks = &get_comm_blocks();
}	}
return unless (keys(%commblocks) > 0);	return %blockers unless (keys(%commblocks) > 0);
if (!$symb) { $symb=&symbread($uri,1); }
my ($map,$resid,undef)=&decode_symb($symb);
my %tocheck = (
maps => $map,
resources => $symb,
);
my @blockers;
my $now = time;
my $navmap = Apache::lonnavmaps::navmap->new();	my $navmap = Apache::lonnavmaps::navmap->new();
	return %blockers unless (ref($navmap));
	my $now = time;
foreach my $block (keys(%commblocks)) {	foreach my $block (keys(%commblocks)) {
if ($block =~ /^(\d+)____(\d+)$/) {	if ($block =~ /^(\d+)____(\d+)$/) {
my ($start,$end) = ($1,$2);	my ($start,$end) = ($1,$2);
Line 7048 sub has_comm_blocking {	Line 7695 sub has_comm_blocking {
if (ref($commblocks{$block}{'blocks'}) eq 'HASH') {	if (ref($commblocks{$block}{'blocks'}) eq 'HASH') {
if (ref($commblocks{$block}{'blocks'}{'docs'}) eq 'HASH') {	if (ref($commblocks{$block}{'blocks'}{'docs'}) eq 'HASH') {
if (ref($commblocks{$block}{'blocks'}{'docs'}{'maps'}) eq 'HASH') {	if (ref($commblocks{$block}{'blocks'}{'docs'}{'maps'}) eq 'HASH') {
if ($commblocks{$block}{'blocks'}{'docs'}{'maps'}{$map}) {	if (keys(%{$commblocks{$block}{'blocks'}{'docs'}{'maps'}})) {
unless (grep(/^\Q$block\E$/,@blockers)) {	$blockers{$block}{maps} = $commblocks{$block}{'blocks'}{'docs'}{'maps'};
push(@blockers,$block);
}
}	}
}	}
if (ref($commblocks{$block}{'blocks'}{'docs'}{'resources'}) eq 'HASH') {	if (ref($commblocks{$block}{'blocks'}{'docs'}{'resources'}) eq 'HASH') {
if ($commblocks{$block}{'blocks'}{'docs'}{'resources'}{$symb}) {	if (keys(%{$commblocks{$block}{'blocks'}{'docs'}{'resources'}})) {
unless (grep(/^\Q$block\E$/,@blockers)) {	$blockers{$block}{'resources'} = $commblocks{$block}{'blocks'}{'docs'}{'resources'};
push(@blockers,$block);
}
}	}
}	}
}	}
Line 7069 sub has_comm_blocking {	Line 7712 sub has_comm_blocking {
my @to_test;	my @to_test;
if (ref($commblocks{$block}{'blocks'}) eq 'HASH') {	if (ref($commblocks{$block}{'blocks'}) eq 'HASH') {
if (ref($commblocks{$block}{'blocks'}{'docs'}) eq 'HASH') {	if (ref($commblocks{$block}{'blocks'}{'docs'}) eq 'HASH') {
my $check_interval;	my @interval;
if (&check_docs_block($commblocks{$block}{'blocks'}{'docs'},\%tocheck)) {	my $type = 'map';
my @interval;	if ($item eq 'course') {
my $type = 'map';	$type = 'course';
if ($item eq 'course') {	@interval=&EXT("resource.0.interval");
$type = 'course';	} else {
@interval=&EXT("resource.0.interval");	if ($item =~ /___\d+___/) {
	$type = 'resource';
	@interval=&EXT("resource.0.interval",$item);
	if (ref($navmap)) {
	my $res = $navmap->getBySymb($item);
	push(@to_test,$res);
	}
} else {	} else {
if ($item =~ /___\d+___/) {	my $mapsymb = &symbread($item,1);
$type = 'resource';	if ($mapsymb) {
@interval=&EXT("resource.0.interval",$item);	if (ref($navmap)) {
if (ref($navmap)) {	my $mapres = $navmap->getBySymb($mapsymb);
my $res = $navmap->getBySymb($item);	@to_test = $mapres->retrieveResources($mapres,undef,0,0,0,1);
push(@to_test,$res);	foreach my $res (@to_test) {
}	my $symb = $res->symb();
} else {	next if ($symb eq $mapsymb);
my $mapsymb = &symbread($item,1);	if ($symb ne '') {
if ($mapsymb) {	@interval=&EXT("resource.0.interval",$symb);
if (ref($navmap)) {	if ($interval[1] eq 'map') {
my $mapres = $navmap->getBySymb($mapsymb);
@to_test = $mapres->retrieveResources($mapres,undef,0,1);
foreach my $res (@to_test) {
my $symb = $res->symb();
next if ($symb eq $mapsymb);
if ($symb ne '') {
@interval=&EXT("resource.0.interval",$symb);
last;	last;
}	}
}	}
Line 7102 sub has_comm_blocking {	Line 7744 sub has_comm_blocking {
}	}
}	}
}	}
if ($interval[0] =~ /\d+/) {	}
my $first_access;	if ($interval[0] =~ /^\d+$/) {
if ($type eq 'resource') {	my $first_access;
$first_access=&get_first_access($interval[1],$item);	if ($type eq 'resource') {
} elsif ($type eq 'map') {	$first_access=&get_first_access($interval[1],$item);
$first_access=&get_first_access($interval[1],undef,$item);	} elsif ($type eq 'map') {
} else {	$first_access=&get_first_access($interval[1],undef,$item);
$first_access=&get_first_access($interval[1]);	} else {
}	$first_access=&get_first_access($interval[1]);
if ($first_access) {	}
my $timesup = $first_access+$interval[0];	if ($first_access) {
if ($timesup > $now) {	my $timesup = $first_access+$interval[0];
foreach my $res (@to_test) {	if ($timesup > $now) {
if ($res->is_problem()) {	my $activeblock;
if ($res->completable()) {	foreach my $res (@to_test) {
unless (grep(/^\Q$block\E$/,@blockers)) {	if ($res->answerable()) {
push(@blockers,$block);	$activeblock = 1;
}	last;
last;	}
}	}
	if ($activeblock) {
	if (ref($commblocks{$block}{'blocks'}{'docs'}{'maps'}) eq 'HASH') {
	if (keys(%{$commblocks{$block}{'blocks'}{'docs'}{'maps'}})) {
	$blockers{$block}{'maps'} = $commblocks{$block}{'blocks'}{'docs'}{'maps'};
	}
	}
	if (ref($commblocks{$block}{'blocks'}{'docs'}{'resources'}) eq 'HASH') {
	if (keys(%{$commblocks{$block}{'blocks'}{'docs'}{'resources'}})) {
	$blockers{$block}{'resources'} = $commblocks{$block}{'blocks'}{'docs'}{'resources'};
}	}
}	}
}	}
Line 7132 sub has_comm_blocking {	Line 7783 sub has_comm_blocking {
}	}
}	}
}	}
return @blockers;	return %blockers;
}	}

sub check_docs_block {	sub has_comm_blocking {
my ($docsblock,$tocheck) =@_;	my ($priv,$symb,$uri,$blocks) = @_;
if ((ref($docsblock) ne 'HASH') \|\| (ref($tocheck) ne 'HASH')) {	my @blockers;
return;	return unless ($env{'request.course.id'});
	return unless ($priv eq 'bre');
	return if ($env{'user.priv.'.$env{'request.role'}} =~/evb\&([^\:]*)/);
	return if ($env{'request.state'} eq 'construct');
	&load_all_blockers($env{'user.name'},$env{'user.domain'},$blocks);
	return unless (keys(%cachedblockers) > 0);
	my (%possibles,@symbs);
	if (!$symb) {
	$symb = &symbread($uri,1,1,1,\%possibles);
}	}
if (ref($docsblock->{'maps'}) eq 'HASH') {	if ($symb) {
if ($tocheck->{'maps'}) {	@symbs = ($symb);
if ($docsblock->{'maps'}{$tocheck->{'maps'}}) {	} elsif (keys(%possibles)) {
return 1;	@symbs = keys(%possibles);
	}
	my $noblock;
	foreach my $symb (@symbs) {
	last if ($noblock);
	my ($map,$resid,$resurl)=&decode_symb($symb);
	foreach my $block (keys(%cachedblockers)) {
	if ($block =~ /^firstaccess____(.+)$/) {
	my $item = $1;
	if (($item eq $map) \|\| ($item eq $symb)) {
	$noblock = 1;
	last;
	}
}	}
}	if (ref($cachedblockers{$block}) eq 'HASH') {
}	if (ref($cachedblockers{$block}{'resources'}) eq 'HASH') {
if (ref($docsblock->{'resources'}) eq 'HASH') {	if ($cachedblockers{$block}{'resources'}{$symb}) {
if ($tocheck->{'resources'}) {	unless (grep(/^\Q$block\E$/,@blockers)) {
if ($docsblock->{'resources'}{$tocheck->{'resources'}}) {	push(@blockers,$block);
return 1;	}
	}
	}
	}
	if (ref($cachedblockers{$block}{'maps'}) eq 'HASH') {
	if ($cachedblockers{$block}{'maps'}{$map}) {
	unless (grep(/^\Q$block\E$/,@blockers)) {
	push(@blockers,$block);
	}
	}
}	}
}	}
}	}
return;	return if ($noblock);
	return @blockers;
	}
}	}

	# -------------------------------- Deversion and split uri into path an filename

#	#
# Removes the versino from a URI and	# Removes the version from a URI and
# splits it in to its filename and path to the filename.	# splits it in to its filename and path to the filename.
# Seems like File::Basename could have done this more clearly.	# Seems like File::Basename could have done this more clearly.
# Parameters:	# Parameters:
Line 7226 sub get_symb_from_alias {	Line 7910 sub get_symb_from_alias {

sub definerole {	sub definerole {
if (allowed('mcr','/')) {	if (allowed('mcr','/')) {
my ($rolename,$sysrole,$domrole,$courole)=@_;	my ($rolename,$sysrole,$domrole,$courole,$uname,$udom)=@_;
foreach my $role (split(':',$sysrole)) {	foreach my $role (split(':',$sysrole)) {
my ($crole,$cqual)=split(/\&/,$role);	my ($crole,$cqual)=split(/\&/,$role);
if ($pr{'cr:s'}!~/\Q$crole\E/) { return "refused:s:$crole"; }	if ($pr{'cr:s'}!~/\Q$crole\E/) { return "refused:s:$crole"; }
Line 7254 sub definerole {	Line 7938 sub definerole {
}	}
}	}
}	}
	my $uhome;
	if (($uname ne '') && ($udom ne '')) {
	$uhome = &homeserver($uname,$udom);
	return $uhome if ($uhome eq 'no_host');
	} else {
	$uname = $env{'user.name'};
	$udom = $env{'user.domain'};
	$uhome = $env{'user.home'};
	}
my $command="encrypt:rolesput:$env{'user.domain'}:$env{'user.name'}:".	my $command="encrypt:rolesput:$env{'user.domain'}:$env{'user.name'}:".
"$env{'user.domain'}:$env{'user.name'}:".	"$udom:$uname:rolesdef_$rolename=".
"rolesdef_$rolename=".
escape($sysrole.'_'.$domrole.'_'.$courole);	escape($sysrole.'_'.$domrole.'_'.$courole);
return reply($command,$env{'user.home'});	return reply($command,$uhome);
} else {	} else {
return 'refused';	return 'refused';
}	}
Line 7267 sub definerole {	Line 7959 sub definerole {
# ---------------- Make a metadata query against the network of library servers	# ---------------- Make a metadata query against the network of library servers

sub metadata_query {	sub metadata_query {
my ($query,$custom,$customshow,$server_array)=@_;	my ($query,$custom,$customshow,$server_array,$domains_hash)=@_;
my %rhash;	my %rhash;
my %libserv = &all_library();	my %libserv = &all_library();
my @server_list = (defined($server_array) ? @$server_array	my @server_list = (defined($server_array) ? @$server_array
: keys(%libserv) );	: keys(%libserv) );
for my $server (@server_list) {	for my $server (@server_list) {
	my $domains = '';
	if (ref($domains_hash) eq 'HASH') {
	$domains = $domains_hash->{$server};
	}
unless ($custom or $customshow) {	unless ($custom or $customshow) {
my $reply=&reply("querysend:".&escape($query),$server);	my $reply=&reply("querysend:".&escape($query).':::'.&escape($domains),$server);
$rhash{$server}=$reply;	$rhash{$server}=$reply;
}	}
else {	else {
my $reply=&reply("querysend:".&escape($query).':'.	my $reply=&reply("querysend:".&escape($query).':'.
&escape($custom).':'.&escape($customshow),	&escape($custom).':'.&escape($customshow).':'.&escape($domains),
$server);	$server);
$rhash{$server}=$reply;	$rhash{$server}=$reply;
}	}
Line 7336 sub update_allusers_table {	Line 8032 sub update_allusers_table {

sub fetch_enrollment_query {	sub fetch_enrollment_query {
my ($context,$affiliatesref,$replyref,$dom,$cnum) = @_;	my ($context,$affiliatesref,$replyref,$dom,$cnum) = @_;
my $homeserver;	my ($homeserver,$sleep,$loopmax);
my $maxtries = 1;	my $maxtries = 1;
if ($context eq 'automated') {	if ($context eq 'automated') {
$homeserver = $perlvar{'lonHostID'};	$homeserver = $perlvar{'lonHostID'};
	$sleep = 2;
	$loopmax = 100;
$maxtries = 10; # will wait for up to 2000s for retrieval of classlist data before timeout	$maxtries = 10; # will wait for up to 2000s for retrieval of classlist data before timeout
} else {	} else {
$homeserver = &homeserver($cnum,$dom);	$homeserver = &homeserver($cnum,$dom);
Line 7357 sub fetch_enrollment_query {	Line 8055 sub fetch_enrollment_query {
&logthis('fetch_enrollment_query: invalid queryid: '.$queryid.' for host: '.$host.' and homeserver: '.$homeserver.' context: '.$context.' '.$cnum);	&logthis('fetch_enrollment_query: invalid queryid: '.$queryid.' for host: '.$host.' and homeserver: '.$homeserver.' context: '.$context.' '.$cnum);
return 'error: '.$queryid;	return 'error: '.$queryid;
}	}
my $reply = &get_query_reply($queryid);	my $reply = &get_query_reply($queryid,$sleep.$loopmax);
my $tries = 1;	my $tries = 1;
while (($reply=~/^timeout/) && ($tries < $maxtries)) {	while (($reply=~/^timeout/) && ($tries < $maxtries)) {
$reply = &get_query_reply($queryid);	$reply = &get_query_reply($queryid,$sleep,$loopmax);
$tries ++;	$tries ++;
}	}
if ( ($reply =~/^timeout/) \|\| ($reply =~/^error/) ) {	if ( ($reply =~/^timeout/) \|\| ($reply =~/^error/) ) {
&logthis('fetch_enrollment_query error: '.$reply.' for '.$dom.' '.$env{'user.name'}.' for '.$queryid.' context: '.$context.' '.$cnum.' maxtries: '.$maxtries.' tries: '.$tries);	&logthis('fetch_enrollment_query error: '.$reply.' for '.$dom.' '.$env{'user.name'}.' for '.$queryid.' context: '.$context.' '.$cnum.' maxtries: '.$maxtries.' tries: '.$tries);
} else {	} else {
my @responses = split(/:/,$reply);	my @responses = split(/:/,$reply);
if ($homeserver eq $perlvar{'lonHostID'}) {	if (grep { $_ eq $homeserver } &current_machine_ids()) {
foreach my $line (@responses) {	foreach my $line (@responses) {
my ($key,$value) = split(/=/,$line,2);	my ($key,$value) = split(/=/,$line,2);
$$replyref{$key} = $value;	$$replyref{$key} = $value;
Line 7402 sub fetch_enrollment_query {	Line 8100 sub fetch_enrollment_query {
}	}

sub get_query_reply {	sub get_query_reply {
my $queryid=shift;	my ($queryid,$sleep,$loopmax) = @_;
	if (($sleep eq '') \|\| ($sleep !~ /^\d+\.?\d*$/)) {
	$sleep = 0.2;
	}
	if (($loopmax eq '') \|\| ($loopmax =~ /\D/)) {
	$loopmax = 100;
	}
my $replyfile=LONCAPA::tempdir().$queryid;	my $replyfile=LONCAPA::tempdir().$queryid;
my $reply='';	my $reply='';
for (1..100) {	for (1..$loopmax) {
sleep 2;	sleep($sleep);
if (-e $replyfile.'.end') {	if (-e $replyfile.'.end') {
if (open(my $fh,$replyfile)) {	if (open(my $fh,$replyfile)) {
$reply = join('',<$fh>);	$reply = join('',<$fh>);
Line 7768 sub auto_courserequest_checks {	Line 8472 sub auto_courserequest_checks {
}	}

sub auto_courserequest_validation {	sub auto_courserequest_validation {
my ($dom,$owner,$crstype,$inststatuslist,$instcode,$instseclist) = @_;	my ($dom,$owner,$crstype,$inststatuslist,$instcode,$instseclist,$custominfo) = @_;
my ($homeserver,$response);	my ($homeserver,$response);
if ($dom =~ /^$match_domain$/) {	if ($dom =~ /^$match_domain$/) {
$homeserver = &domain($dom,'primary');	$homeserver = &domain($dom,'primary');
}	}
unless ($homeserver eq 'no_host') {	unless ($homeserver eq 'no_host') {
	my $customdata;
	if (ref($custominfo) eq 'HASH') {
	$customdata = &freeze_escape($custominfo);
	}
$response=&unescape(&reply('autocrsreqvalidation:'.$dom.':'.&escape($owner).	$response=&unescape(&reply('autocrsreqvalidation:'.$dom.':'.&escape($owner).
':'.&escape($crstype).':'.&escape($inststatuslist).	':'.&escape($crstype).':'.&escape($inststatuslist).
':'.&escape($instcode).':'.&escape($instseclist),	':'.&escape($instcode).':'.&escape($instseclist).':'.
$homeserver));	$customdata,$homeserver));
}	}
return $response;	return $response;
}	}
Line 7797 sub auto_validate_class_sec {	Line 8504 sub auto_validate_class_sec {
return $response;	return $response;
}	}

	sub auto_crsreq_update {
	my ($cdom,$cnum,$crstype,$action,$ownername,$ownerdomain,$fullname,$title,
	$code,$accessstart,$accessend,$inbound) = @_;
	my ($homeserver,%crsreqresponse);
	if ($cdom =~ /^$match_domain$/) {
	$homeserver = &domain($cdom,'primary');
	}
	unless (($homeserver eq 'no_host') \|\| ($homeserver eq '')) {
	my $info;
	if (ref($inbound) eq 'HASH') {
	$info = &freeze_escape($inbound);
	}
	my $response=&reply('autocrsrequpdate:'.$cdom.':'.$cnum.':'.&escape($crstype).
	':'.&escape($action).':'.&escape($ownername).':'.
	&escape($ownerdomain).':'.&escape($fullname).':'.
	&escape($title).':'.&escape($code).':'.
	&escape($accessstart).':'.&escape($accessend).':'.$info,$homeserver);
	unless ($response =~ /(con_lost\|error\|no_such_host\|refused)/) {
	my @items = split(/&/,$response);
	foreach my $item (@items) {
	my ($key,$value) = split('=',$item);
	$crsreqresponse{&unescape($key)} = &thaw_unescape($value);
	}
	}
	}
	return \%crsreqresponse;
	}

	sub auto_export_grades {
	my ($cdom,$cnum,$inforef,$gradesref) = @_;
	my ($homeserver,%exportresponse);
	if ($cdom =~ /^$match_domain$/) {
	$homeserver = &domain($cdom,'primary');
	}
	unless (($homeserver eq 'no_host') \|\| ($homeserver eq '')) {
	my $info;
	if (ref($inforef) eq 'HASH') {
	$info = &freeze_escape($inforef);
	}
	if (ref($gradesref) eq 'HASH') {
	my $grades = &freeze_escape($gradesref);
	my $response=&reply('encrypt:autoexportgrades:'.$cdom.':'.$cnum.':'.
	$info.':'.$grades,$homeserver);
	unless ($response =~ /(con_lost\|error\|no_such_host\|refused\|unknown_command)/) {
	my @items = split(/&/,$response);
	foreach my $item (@items) {
	my ($key,$value) = split('=',$item);
	$exportresponse{&unescape($key)} = &thaw_unescape($value);
	}
	}
	}
	}
	return \%exportresponse;
	}

	sub check_instcode_cloning {
	my ($codedefaults,$code_order,$cloner,$clonefromcode,$clonetocode) = @_;
	unless ((ref($codedefaults) eq 'HASH') && (ref($code_order) eq 'ARRAY')) {
	return;
	}
	my $canclone;
	if (@{$code_order} > 0) {
	my $instcoderegexp ='^';
	my @clonecodes = split(/\&/,$cloner);
	foreach my $item (@{$code_order}) {
	if (grep(/^\Q$item\E=/,@clonecodes)) {
	foreach my $pair (@clonecodes) {
	my ($key,$val) = split(/\=/,$pair,2);
	$val = &unescape($val);
	if ($key eq $item) {
	$instcoderegexp .= '('.$val.')';
	last;
	}
	}
	} else {
	$instcoderegexp .= $codedefaults->{$item};
	}
	}
	$instcoderegexp .= '$';
	my (@from,@to);
	eval {
	(@from) = ($clonefromcode =~ /$instcoderegexp/);
	(@to) = ($clonetocode =~ /$instcoderegexp/);
	};
	if ((@from > 0) && (@to > 0)) {
	my @diffs = &Apache::loncommon::compare_arrays(\@from,\@to);
	if (!@diffs) {
	$canclone = 1;
	}
	}
	}
	return $canclone;
	}

	sub default_instcode_cloning {
	my ($clonedom,$domdefclone,$clonefromcode,$clonetocode,$codedefaultsref,$codeorderref) = @_;
	my (%codedefaults,@code_order,$canclone);
	if ((ref($codedefaultsref) eq 'HASH') && (ref($codeorderref) eq 'ARRAY')) {
	%codedefaults = %{$codedefaultsref};
	@code_order = @{$codeorderref};
	} elsif ($clonedom) {
	&auto_instcode_defaults($clonedom,\%codedefaults,\@code_order);
	}
	if (($domdefclone) && (@code_order)) {
	my @clonecodes = split(/\+/,$domdefclone);
	my $instcoderegexp ='^';
	foreach my $item (@code_order) {
	if (grep(/^\Q$item\E$/,@clonecodes)) {
	$instcoderegexp .= '('.$codedefaults{$item}.')';
	} else {
	$instcoderegexp .= $codedefaults{$item};
	}
	}
	$instcoderegexp .= '$';
	my (@from,@to);
	eval {
	(@from) = ($clonefromcode =~ /$instcoderegexp/);
	(@to) = ($clonetocode =~ /$instcoderegexp/);
	};
	if ((@from > 0) && (@to > 0)) {
	my @diffs = &Apache::loncommon::compare_arrays(\@from,\@to);
	if (!@diffs) {
	$canclone = 1;
	}
	}
	}
	return $canclone;
	}

# ------------------------------------------------------- Course Group routines	# ------------------------------------------------------- Course Group routines

sub get_coursegroups {	sub get_coursegroups {
Line 8161 sub assignrole {	Line 8997 sub assignrole {
&courserolelog($role,$uname,$udom,$url,$origstart,$origend,$delflag,	&courserolelog($role,$uname,$udom,$url,$origstart,$origend,$delflag,
$selfenroll,$context);	$selfenroll,$context);
} elsif (($role eq 'li') \|\| ($role eq 'dg') \|\| ($role eq 'sc') \|\|	} elsif (($role eq 'li') \|\| ($role eq 'dg') \|\| ($role eq 'sc') \|\|
($role eq 'au') \|\| ($role eq 'dc')) {	($role eq 'au') \|\| ($role eq 'dc') \|\| ($role eq 'dh')) {
&domainrolelog($role,$uname,$udom,$url,$origstart,$origend,$delflag,	&domainrolelog($role,$uname,$udom,$url,$origstart,$origend,$delflag,
$context);	$context);
} elsif (($role eq 'ca') \|\| ($role eq 'aa')) {	} elsif (($role eq 'ca') \|\| ($role eq 'aa')) {
Line 8466 sub modifyuser {	Line 9302 sub modifyuser {
sub modifystudent {	sub modifystudent {
my ($udom,$uname,$uid,$umode,$upass,$first,$middle,$last,$gene,$usec,	my ($udom,$uname,$uid,$umode,$upass,$first,$middle,$last,$gene,$usec,
$end,$start,$forceid,$desiredhome,$email,$type,$locktype,$cid,	$end,$start,$forceid,$desiredhome,$email,$type,$locktype,$cid,
$selfenroll,$context,$inststatus,$credits)=@_;	$selfenroll,$context,$inststatus,$credits,$instsec)=@_;
if (!$cid) {	if (!$cid) {
unless ($cid=$env{'request.course.id'}) {	unless ($cid=$env{'request.course.id'}) {
return 'not_in_class';	return 'not_in_class';
Line 8478 sub modifystudent {	Line 9314 sub modifystudent {
$desiredhome,$email,$inststatus);	$desiredhome,$email,$inststatus);
unless ($reply eq 'ok') { return $reply; }	unless ($reply eq 'ok') { return $reply; }
# This will cause &modify_student_enrollment to get the uid from the	# This will cause &modify_student_enrollment to get the uid from the
# students environment	# student's environment
$uid = undef if (!$forceid);	$uid = undef if (!$forceid);
$reply = &modify_student_enrollment($udom,$uname,$uid,$first,$middle,$last,	$reply = &modify_student_enrollment($udom,$uname,$uid,$first,$middle,$last,
$gene,$usec,$end,$start,$type,$locktype,	$gene,$usec,$end,$start,$type,$locktype,
$cid,$selfenroll,$context,$credits);	$cid,$selfenroll,$context,$credits,$instsec);
return $reply;	return $reply;
}	}

sub modify_student_enrollment {	sub modify_student_enrollment {
my ($udom,$uname,$uid,$first,$middle,$last,$gene,$usec,$end,$start,$type,	my ($udom,$uname,$uid,$first,$middle,$last,$gene,$usec,$end,$start,$type,
$locktype,$cid,$selfenroll,$context,$credits) = @_;	$locktype,$cid,$selfenroll,$context,$credits,$instsec) = @_;
my ($cdom,$cnum,$chome);	my ($cdom,$cnum,$chome);
if (!$cid) {	if (!$cid) {
unless ($cid=$env{'request.course.id'}) {	unless ($cid=$env{'request.course.id'}) {
Line 8535 sub modify_student_enrollment {	Line 9371 sub modify_student_enrollment {
my %old_entry = &Apache::lonnet::get('classlist',[$user],$cdom,$cnum);	my %old_entry = &Apache::lonnet::get('classlist',[$user],$cdom,$cnum);
my $reply=cput('classlist',	my $reply=cput('classlist',
{$user =>	{$user =>
join(':',$end,$start,$uid,$usec,$fullname,$type,$locktype,$credits) },	join(':',$end,$start,$uid,$usec,$fullname,$type,$locktype,$credits,$instsec) },
$cdom,$cnum);	$cdom,$cnum);
if (($reply eq 'ok') \|\| ($reply eq 'delayed')) {	if (($reply eq 'ok') \|\| ($reply eq 'delayed')) {
&devalidate_getsection_cache($udom,$uname,$cid);	&devalidate_getsection_cache($udom,$uname,$cid);
Line 9059 sub modify_access_controls {	Line 9895 sub modify_access_controls {
my $tries = 0;	my $tries = 0;
my $gotlock = &newput('file_permissions',$lockhash,$domain,$user);	my $gotlock = &newput('file_permissions',$lockhash,$domain,$user);

while (($gotlock ne 'ok') && $tries <3) {	while (($gotlock ne 'ok') && $tries < 10) {
$tries ++;	$tries ++;
sleep 1;	sleep(0.1);
$gotlock = &newput('file_permissions',$lockhash,$domain,$user);	$gotlock = &newput('file_permissions',$lockhash,$domain,$user);
}	}
if ($gotlock eq 'ok') {	if ($gotlock eq 'ok') {
Line 9354 sub dirlist {	Line 10190 sub dirlist {
foreach my $user (sort(keys(%allusers))) {	foreach my $user (sort(keys(%allusers))) {
push(@alluserslist,$user.'&user');	push(@alluserslist,$user.'&user');
}	}
return (\@alluserslist);	if (!%listerror) {
	# no errors
	return (\@alluserslist);
	} elsif (scalar(keys(%servers)) == 1) {
	# one library server, one error
	my ($key) = keys(%listerror);
	return (\@alluserslist, $listerror{$key});
	} elsif ( grep { $_ eq 'con_lost' } values(%listerror) ) {
	# con_lost indicates that we might miss data from at least one
	# library server
	return (\@alluserslist, 'con_lost');
	} else {
	# multiple library servers and no con_lost -> data should be
	# complete.
	return (\@alluserslist);
	}

} else {	} else {
return ([],'missing username');	return ([],'missing username');
}	}
Line 9571 sub get_userresdata {	Line 10423 sub get_userresdata {
}	}
#error 2 occurs when the .db doesn't exist	#error 2 occurs when the .db doesn't exist
if ($tmp!~/error: 2 /) {	if ($tmp!~/error: 2 /) {
&logthis("<font color=\"blue\">WARNING:".	if ((!defined($cached)) \|\| ($tmp ne 'con_lost')) {
" Trying to get resource data for ".	&logthis("<font color=\"blue\">WARNING:".
$uname." at ".$udom.": ".	" Trying to get resource data for ".
$tmp."</font>");	$uname." at ".$udom.": ".
	$tmp."</font>");
	}
} elsif ($tmp=~/error: 2 /) {	} elsif ($tmp=~/error: 2 /) {
#&EXT_cache_set($udom,$uname);	#&EXT_cache_set($udom,$uname);
&do_cache_new('userres',$hashid,undef,600);	&do_cache_new('userres',$hashid,undef,600);
Line 9614 sub resdata {	Line 10468 sub resdata {
return undef;	return undef;
}	}

	sub get_numsuppfiles {
	my ($cnum,$cdom,$ignorecache)=@_;
	my $hashid=$cnum.':'.$cdom;
	my ($suppcount,$cached);
	unless ($ignorecache) {
	($suppcount,$cached) = &is_cached_new('suppcount',$hashid);
	}
	unless (defined($cached)) {
	my $chome=&homeserver($cnum,$cdom);
	unless ($chome eq 'no_host') {
	($suppcount,my $errors) = (0,0);
	my $suppmap = 'supplemental.sequence';
	($suppcount,$errors) =
	&Apache::loncommon::recurse_supplemental($cnum,$cdom,$suppmap,$suppcount,$errors);
	}
	&do_cache_new('suppcount',$hashid,$suppcount,600);
	}
	return $suppcount;
	}

#	#
# EXT resource caching routines	# EXT resource caching routines
#	#
Line 10052 sub metadata {	Line 10926 sub metadata {
($uri =~ m\|/$\|) \|\| ($uri =~ m\|/.meta$\|) \|\| ($uri =~ m{^/*uploaded/.+\.sequence$})) {	($uri =~ m\|/$\|) \|\| ($uri =~ m\|/.meta$\|) \|\| ($uri =~ m{^/*uploaded/.+\.sequence$})) {
return undef;	return undef;
}	}
if (($uri =~ /^priv/ \|\| $uri=~/home\/httpd\/html\/priv/)	if (($uri =~ /^priv/ \|\| $uri=~m{^home/httpd/html/priv})
&& &Apache::lonxml::get_state('target') =~ /^(\|meta)$/) {	&& &Apache::lonxml::get_state('target') =~ /^(\|meta)$/) {
return undef;	return undef;
}	}
Line 10313 sub metadata {	Line 11187 sub metadata {

$metaentry{':keys'} = join(',',keys(%metathesekeys));	$metaentry{':keys'} = join(',',keys(%metathesekeys));
&metadata_generate_part0(\%metathesekeys,\%metaentry,$uri);	&metadata_generate_part0(\%metathesekeys,\%metaentry,$uri);
$metaentry{':allpossiblekeys'}=join(',',keys %metathesekeys);	$metaentry{':allpossiblekeys'}=join(',',keys(%metathesekeys));
&do_cache_new('meta',$uri,\%metaentry,$cachetime);	&do_cache_new('meta',$uri,\%metaentry,$cachetime);
# this is the end of "was not already recently cached	# this is the end of "was not already recently cached
}	}
Line 10684 sub deversion {	Line 11558 sub deversion {
# ------------------------------------------------------ Return symb list entry	# ------------------------------------------------------ Return symb list entry

sub symbread {	sub symbread {
my ($thisfn,$donotrecurse)=@_;	my ($thisfn,$donotrecurse,$ignorecachednull,$checkforblock,$possibles)=@_;
my $cache_str;	my $cache_str='request.symbread.cached.'.$thisfn;
if ($thisfn ne '') {	if (defined($env{$cache_str})) {
$cache_str='request.symbread.cached.'.$thisfn;	if ($ignorecachednull) {
if ($env{$cache_str} ne '') {	return $env{$cache_str} unless ($env{$cache_str} eq '');
	} else {
return $env{$cache_str};	return $env{$cache_str};
}	}
} else {	}
# no filename provided? try from environment	# no filename provided? try from environment
	unless ($thisfn) {
if ($env{'request.symb'}) {	if ($env{'request.symb'}) {
return $env{$cache_str}=&symbclean($env{'request.symb'});	return $env{$cache_str}=&symbclean($env{'request.symb'});
}	}
Line 10752 sub symbread {	Line 11628 sub symbread {
my ($mapid,$resid)=split(/\./,$ids);	my ($mapid,$resid)=split(/\./,$ids);
$syval=&encode_symb($bighash{'map_id_'.$mapid},	$syval=&encode_symb($bighash{'map_id_'.$mapid},
$resid,$thisfn);	$resid,$thisfn);
} elsif (!$donotrecurse) {	if (ref($possibles) eq 'HASH') {
	$possibles->{$syval} = 1;
	}
	if ($checkforblock) {
	my @blockers = &has_comm_blocking('bre',$syval,$bighash{'src_'.$ids});
	if (@blockers) {
	$syval = '';
	return;
	}
	}
	} elsif ((!$donotrecurse) \|\| ($checkforblock) \|\| (ref($possibles) eq 'HASH')) {
# ------------------------------------------ There is more than one possibility	# ------------------------------------------ There is more than one possibility
my $realpossible=0;	my $realpossible=0;
foreach my $id (@possibilities) {	foreach my $id (@possibilities) {
my $file=$bighash{'src_'.$id};	my $file=$bighash{'src_'.$id};
if (&allowed('bre',$file)) {	my $canaccess;
my ($mapid,$resid)=split(/\./,$id);	if (($donotrecurse) \|\| ($checkforblock) \|\| (ref($possibles) eq 'HASH')) {
if ($bighash{'map_type_'.$mapid} ne 'page') {	$canaccess = 1;
$realpossible++;	} else {
$syval=&encode_symb($bighash{'map_id_'.$mapid},	$canaccess = &allowed('bre',$file);
$resid,$thisfn);	}
}	if ($canaccess) {
	my ($mapid,$resid)=split(/\./,$id);
	if ($bighash{'map_type_'.$mapid} ne 'page') {
	my $poss_syval=&encode_symb($bighash{'map_id_'.$mapid},
	$resid,$thisfn);
	if (ref($possibles) eq 'HASH') {
	$possibles->{$syval} = 1;
	}
	if ($checkforblock) {
	my @blockers = &has_comm_blocking('bre',$poss_syval,$file);
	unless (@blockers > 0) {
	$syval = $poss_syval;
	$realpossible++;
	}
	} else {
	$syval = $poss_syval;
	$realpossible++;
	}
	}
}	}
}	}
if ($realpossible!=1) { $syval=''; }	if ($realpossible!=1) { $syval=''; }
Line 10771 sub symbread {	Line 11675 sub symbread {
$syval='';	$syval='';
}	}
}	}
untie(%bighash)	untie(%bighash);
}	}
}	}
if ($syval) {	if ($syval) {
Line 11109 sub rndseed_CODE_64bit5 {	Line 12013 sub rndseed_CODE_64bit5 {
sub setup_random_from_rndseed {	sub setup_random_from_rndseed {
my ($rndseed)=@_;	my ($rndseed)=@_;
if ($rndseed =~/([,:])/) {	if ($rndseed =~/([,:])/) {
my ($num1,$num2)=split(/[,:]/,$rndseed);	my ($num1,$num2) = map { abs($_); } (split(/[,:]/,$rndseed));
&Math::Random::random_set_seed(abs($num1),abs($num2));	if ((!$num1) \|\| (!$num2) \|\| ($num1 > 2147483562) \|\| ($num2 > 2147483398)) {
	&Math::Random::random_set_seed_from_phrase($rndseed);
	} else {
	&Math::Random::random_set_seed($num1,$num2);
	}
} else {	} else {
&Math::Random::random_set_seed_from_phrase($rndseed);	&Math::Random::random_set_seed_from_phrase($rndseed);
}	}
Line 11501 sub default_login_domain {	Line 12409 sub default_login_domain {
sub declutter {	sub declutter {
my $thisfn=shift;	my $thisfn=shift;
if ($thisfn=~m\|^/enc/\|) { $thisfn=&Apache::lonenc::unencrypted($thisfn); }	if ($thisfn=~m\|^/enc/\|) { $thisfn=&Apache::lonenc::unencrypted($thisfn); }
$thisfn=~s/^\Q$perlvar{'lonDocRoot'}\E//;	unless ($thisfn=~m{^/home/httpd/html/priv/}) {
	$thisfn=~s{^/home/httpd/html}{};
	}
$thisfn=~s/^\///;	$thisfn=~s/^\///;
$thisfn=~s\|^adm/wrapper/\|\|;	$thisfn=~s\|^adm/wrapper/\|\|;
$thisfn=~s\|^adm/coursedocs/showdoc/\|\|;	$thisfn=~s\|^adm/coursedocs/showdoc/\|\|;
Line 11628 sub get_dns {	Line 12538 sub get_dns {
$alldns{$host} = $protocol;	$alldns{$host} = $protocol;
}	}
while (%alldns) {	while (%alldns) {
my ($dns) = keys(%alldns);	my ($dns) = sort { $b cmp $a } keys(%alldns);
my $ua=new LWP::UserAgent;	my $ua=new LWP::UserAgent;
$ua->timeout(30);	$ua->timeout(30);
my $request=new HTTP::Request('GET',"$alldns{$dns}://$dns$url");	my $request=new HTTP::Request('GET',"$alldns{$dns}://$dns$url");
Line 11654 sub get_dns {	Line 12564 sub get_dns {
# ------------------------------------------------------Get DNS checksums file	# ------------------------------------------------------Get DNS checksums file
sub parse_dns_checksums_tab {	sub parse_dns_checksums_tab {
my ($lines,$hashref) = @_;	my ($lines,$hashref) = @_;
my $machine_dom = &Apache::lonnet::host_domain($perlvar{'lonHostID'});	my $lonhost = $perlvar{'lonHostID'};
	my $machine_dom = &Apache::lonnet::host_domain($lonhost);
my $loncaparev = &get_server_loncaparev($machine_dom);	my $loncaparev = &get_server_loncaparev($machine_dom);
	my $distro = (split(/\:/,&get_server_distarch($lonhost)))[0];
	my $webconfdir = '/etc/httpd/conf';
	if ($distro =~ /^(ubuntu\|debian)(\d+)$/) {
	$webconfdir = '/etc/apache2';
	} elsif ($distro =~ /^sles(\d+)$/) {
	if ($1 >= 10) {
	$webconfdir = '/etc/apache2';
	}
	} elsif ($distro =~ /^suse(\d+\.\d+)$/) {
	if ($1 >= 10.0) {
	$webconfdir = '/etc/apache2';
	}
	}
my ($release,$timestamp) = split(/\-/,$loncaparev);	my ($release,$timestamp) = split(/\-/,$loncaparev);
my (%chksum,%revnum);	my (%chksum,%revnum);
if (ref($lines) eq 'ARRAY') {	if (ref($lines) eq 'ARRAY') {
chomp(@{$lines});	chomp(@{$lines});
my $versions = shift(@{$lines});	my $version = shift(@{$lines});
my %supported;	if ($version eq $release) {
if ($versions =~ /^VERSIONS\:([\w\.\,]+)$/) {
my $releaseslist = $1;
if ($releaseslist =~ /,/) {
map { $supported{$_} = 1; } split(/,/,$releaseslist);
} elsif ($releaseslist) {
$supported{$releaseslist} = 1;
}
}
if ($supported{$release}) {
my $matchthis = 0;
foreach my $line (@{$lines}) {	foreach my $line (@{$lines}) {
if ($line =~ /^(\d[\w\.]+)$/) {	my ($file,$version,$shasum) = split(/,/,$line);
if ($matchthis) {	if ($file =~ m{^/etc/httpd/conf}) {
last;	if ($webconfdir eq '/etc/apache2') {
} elsif ($1 eq $release) {	$file =~ s{^\Q/etc/httpd/conf/\E}{$webconfdir/};
$matchthis = 1;
}	}
} elsif ($matchthis) {
my ($file,$version,$shasum) = split(/,/,$line);
$chksum{$file} = $shasum;
$revnum{$file} = $version;
}	}
	$chksum{$file} = $shasum;
	$revnum{$file} = $version;
}	}
if (ref($hashref) eq 'HASH') {	if (ref($hashref) eq 'HASH') {
%{$hashref} = (	%{$hashref} = (
Line 11698 sub parse_dns_checksums_tab {	Line 12609 sub parse_dns_checksums_tab {

sub fetch_dns_checksums {	sub fetch_dns_checksums {
my %checksums;	my %checksums;
&get_dns('/adm/dns/checksums',\&parse_dns_checksums_tab,1,1,	my $machine_dom = &Apache::lonnet::host_domain($perlvar{'lonHostID'});
	my $loncaparev = &get_server_loncaparev($machine_dom,$perlvar{'lonHostID'});
	my ($release,$timestamp) = split(/\-/,$loncaparev);
	&get_dns("/adm/dns/checksums/$release",\&parse_dns_checksums_tab,1,1,
\%checksums);	\%checksums);
return \%checksums;	return \%checksums;
}	}
Line 11731 sub fetch_dns_checksums {	Line 12645 sub fetch_dns_checksums {
}	}

sub load_domain_tab {	sub load_domain_tab {
my ($ignore_cache) = @_;	my ($ignore_cache,$nocache) = @_;
&get_dns('/adm/dns/domain',\&parse_domain_tab,$ignore_cache);	&get_dns('/adm/dns/domain',\&parse_domain_tab,$ignore_cache,$nocache);
my $fh;	my $fh;
if (open($fh,"<".$perlvar{'lonTabDir'}.'/domain.tab')) {	if (open($fh,"<".$perlvar{'lonTabDir'}.'/domain.tab')) {
my @lines = <$fh>;	my @lines = <$fh>;
Line 11818 sub fetch_dns_checksums {	Line 12732 sub fetch_dns_checksums {
}	}

sub load_hosts_tab {	sub load_hosts_tab {
my ($ignore_cache) = @_;	my ($ignore_cache,$nocache) = @_;
&get_dns('/adm/dns/hosts',\&parse_hosts_tab,$ignore_cache);	&get_dns('/adm/dns/hosts',\&parse_hosts_tab,$ignore_cache,$nocache);
open(my $config,"<$perlvar{'lonTabDir'}/hosts.tab");	open(my $config,"<$perlvar{'lonTabDir'}/hosts.tab");
my @config = <$config>;	my @config = <$config>;
&parse_hosts_tab(\@config);	&parse_hosts_tab(\@config);
Line 11841 sub fetch_dns_checksums {	Line 12755 sub fetch_dns_checksums {
}	}

sub all_names {	sub all_names {
&load_hosts_tab() if (!$loaded);	my ($ignore_cache,$nocache) = @_;
	&load_hosts_tab($ignore_cache,$nocache) if (!$loaded);

return %name_to_host;	return %name_to_host;
}	}
Line 11963 sub fetch_dns_checksums {	Line 12878 sub fetch_dns_checksums {
}	}

sub get_iphost {	sub get_iphost {
my ($ignore_cache) = @_;	my ($ignore_cache,$nocache) = @_;

if (!$ignore_cache) {	if (!$ignore_cache) {
if (%iphost) {	if (%iphost) {
Line 11987 sub fetch_dns_checksums {	Line 12902 sub fetch_dns_checksums {
%old_name_to_ip = %{$ip_info->[1]};	%old_name_to_ip = %{$ip_info->[1]};
}	}

my %name_to_host = &all_names();	my %name_to_host = &all_names($ignore_cache,$nocache);
foreach my $name (keys(%name_to_host)) {	foreach my $name (keys(%name_to_host)) {
my $ip;	my $ip;
if (!exists($name_to_ip{$name})) {	if (!exists($name_to_ip{$name})) {
Line 12012 sub fetch_dns_checksums {	Line 12927 sub fetch_dns_checksums {
}	}
push(@{$iphost{$ip}},@{$name_to_host{$name}});	push(@{$iphost{$ip}},@{$name_to_host{$name}});
}	}
&do_cache_new('iphost','iphost',	unless ($nocache) {
[\%iphost,\%name_to_ip,\%lonid_to_ip],	&do_cache_new('iphost','iphost',
486060);	[\%iphost,\%name_to_ip,\%lonid_to_ip],
	486060);
	}

return %iphost;	return %iphost;
}	}
Line 12076 sub fetch_dns_checksums {	Line 12993 sub fetch_dns_checksums {
}	}

sub all_loncaparevs {	sub all_loncaparevs {
return qw(1.1 1.2 1.3 2.0 2.1 2.2 2.3 2.4 2.5 2.6 2.7 2.8 2.9 2.10);	return qw(1.1 1.2 1.3 2.0 2.1 2.2 2.3 2.4 2.5 2.6 2.7 2.8 2.9 2.10 2.11);
}	}

# ------------------------------------------------------- Read loncaparev table	# ------------------------------------------------------- Read loncaparev table
Line 12254 $readit=1;	Line 13171 $readit=1;
if ($test != 0) { $_64bit=1; } else { $_64bit=0; }	if ($test != 0) { $_64bit=1; } else { $_64bit=0; }
&logthis(" Detected 64bit platform ($_64bit)");	&logthis(" Detected 64bit platform ($_64bit)");
}	}

{
eval {
($apache) =
(Apache2::ServerUtil::get_server_version() =~ m{Apache/(\d+\.\d+)});
};
if ($@) {
$apache = 1.3;
}
}

}	}
}	}

Line 12406 were new keys. I.E. 1:foo will become 1:	Line 13312 were new keys. I.E. 1:foo will become 1:
Calling convention:	Calling convention:

my %record=&Apache::lonnet::restore($symb,$courseid,$domain,$uname);	my %record=&Apache::lonnet::restore($symb,$courseid,$domain,$uname);
&Apache::lonnet::cstore(\%newrecord,$symb,$courseid,$domain,$uname);	&Apache::lonnet::cstore(\%newrecord,$symb,$courseid,$domain,$uname,$laststore);

For more detailed information, see lonnet specific documentation.	For more detailed information, see lonnet specific documentation.

Line 12542 escaped strings of the action recorded i	Line 13448 escaped strings of the action recorded i

=item *	=item *

allowed($priv,$uri,$symb,$role) : check for a user privilege; returns codes for allowed actions	allowed($priv,$uri,$symb,$role,$clientip,$noblockcheck) : check for a user privilege;
	returns codes for allowed actions.

	The first argument is required, all others are optional.

	$priv is the privilege being checked.
	$uri contains additional information about what is being checked for access (e.g.,
	URL, course ID etc.).
	$symb is the unique resource instance identifier in a course; if needed,
	but not provided, it will be retrieved via a call to &symbread().
	$role is the role for which a priv is being checked (only used if priv is evb).
	$clientip is the user's IP address (only used when checking for access to portfolio
	files).
	$noblockcheck, if true, skips calls to &has_comm_blocking() for the bre priv. This
	prevents recursive calls to &allowed.

F: full access	F: full access
U,I,K: authentication modes (cxx only)	U,I,K: authentication modes (cxx only)
'': forbidden	'': forbidden
1: user needs to choose course	1: user needs to choose course
2: browse allowed	2: browse allowed
A: passphrase authentication needed	A: passphrase authentication needed
	B: access temporarily blocked because of a blocking event in a course.

=item *	=item *

Line 12567 in which case the null string is returne	Line 13489 in which case the null string is returne

=item *	=item *

definerole($rolename,$sysrole,$domrole,$courole) : define role; define a custom	definerole($rolename,$sysrole,$domrole,$courole,$uname,$udom) : define role;
role rolename set privileges in format of lonTabs/roles.tab for system, domain,	define a custom role rolename set privileges in format of lonTabs/roles.tab
and course level	for system, domain, and course level. $uname and $udom are optional (current
	user's username and domain will be used when either of $uname or $udom are absent.

=item *	=item *

Line 12673 or when Autoupdate.pl is run by cron in	Line 13596 or when Autoupdate.pl is run by cron in
modifystudent	modifystudent

modify a student's enrollment and identification information.	modify a student's enrollment and identification information.
The course id is resolved based on the current users environment.	The course id is resolved based on the current user's environment.
This means the envoking user must be a course coordinator or otherwise	This means the invoking user must be a course coordinator or otherwise
associated with a course.	associated with a course.

This call is essentially a wrapper for lonnet::modifyuser and	This call is essentially a wrapper for lonnet::modifyuser and
Line 12734 Inputs:	Line 13657 Inputs:

modify_student_enrollment	modify_student_enrollment

Change a students enrollment status in a class. The environment variable	Change a student's enrollment status in a class. The environment variable
'role.request.course' must be defined for this function to proceed.	'role.request.course' must be defined for this function to proceed.

Inputs:	Inputs:

=over 4	=over 4

=item $udom, students domain	=item $udom, student's domain

=item $uname, students name	=item $uname, student's name

=item $uid, students user id	=item $uid, student's user id

=item $first, students first name	=item $first, student's first name

=item $middle	=item $middle

Line 12773 Inputs:	Line 13696 Inputs:

=item $credits, number of credits student will earn from this class	=item $credits, number of credits student will earn from this class

	=item $instsec, institutional course section code for student

=back	=back


Line 12829 If defined, the supplied username is use	Line 13754 If defined, the supplied username is use
resdata($name,$domain,$type,@which) : request for current parameter	resdata($name,$domain,$type,@which) : request for current parameter
setting for a specific $type, where $type is either 'course' or 'user',	setting for a specific $type, where $type is either 'course' or 'user',
@what should be a list of parameters to ask about. This routine caches	@what should be a list of parameters to ask about. This routine caches
answers for 5 minutes.	answers for 10 minutes.

=item *	=item *

Line 12838 data base, returning a hash that is keye	Line 13763 data base, returning a hash that is keye
values that are the resource value. I believe that the timestamps and	values that are the resource value. I believe that the timestamps and
versions are also returned.	versions are also returned.

	get_numsuppfiles($cnum,$cdom) : retrieve number of files in a course's
	supplemental content area. This routine caches the number of files for
	10 minutes.

=back	=back

=head2 Course Modification	=head2 Course Modification
Line 12938 will be stored for query	Line 13867 will be stored for query

=item *	=item *

symbread($filename) : return symbolic list entry (filename argument optional);	symbread($filename,$donotrecurse,$ignorecachednull,$checkforblock,$possibles) :
	return symbolic list entry (all arguments optional).

	Args: filename is the filename (including path) for the file for which a symb
	is required; donotrecurse, if true will prevent calls to allowed() being made
	to check access status if more than one resource was found in the bighash
	(see rev. 1.249) to avoid an infinite loop if an ambiguous resource is part of
	a randompick); ignorecachednull, if true will prevent a symb of '' being
	returned if $env{$cache_str} is defined as ''; checkforblock if true will
	cause possible symbs to be checked to determine if they are subject to content
	blocking, if so they will not be included as possible symbs; possibles is a
	ref to a hash, which, as a side effect, will be populated with all possible
	symbs (content blocking not tested).

returns the data handle	returns the data handle

=item *	=item *
Line 13039 homeserver.	Line 13981 homeserver.

=item *	=item *

store($storehash,$symb,$namespace,$udom,$uname) : stores hash permanently	store($storehash,$symb,$namespace,$udom,$uname,$laststore) : stores hash
for this url; hashref needs to be given and should be a \%hashname; the	permanently for this url; hashref needs to be given and should be a \%hashname;
remaining args aren't required and if they aren't passed or are '' they will	the remaining args aren't required and if they aren't passed or are '' they will
be derived from the env	be derived from the env (with the exception of $laststore, which is an
	optional arg used when a user's submission is stored in grading).
	$laststore is $version=$timestamp, where $version is the most recent version
	number retrieved for the corresponding $symb in the $namespace db file, and
	$timestamp is the timestamp for that transaction (UNIX time).
	$laststore is currently only passed when cstore() is called by
	structuretags::finalize_storage().

=item *	=item *

cstore($storehash,$symb,$namespace,$udom,$uname) : same as store but	cstore($storehash,$symb,$namespace,$udom,$uname,$laststore) : same as store
uses critical subroutine	but uses critical subroutine

=item *	=item *

Line 13070 $range should be either an integer '100'	Line 14018 $range should be either an integer '100'

=item *	=item *

putstore($namespace,$symb,$version,$storehash,$udomain,$uname) :	putstore($namespace,$symb,$version,$storehash,$udomain,$uname,$tolog) :
replaces a &store() version of data with a replacement set of data	replaces a &store() version of data with a replacement set of data
for a particular resource in a namespace passed in the $storehash hash	for a particular resource in a namespace passed in the $storehash hash
reference	reference. If $tolog is true, the transaction is logged in the courselog
	with an action=PUTSTORE.

=item *	=item *

Line 13183 server ($udom and $uhome are optional)	Line 14132 server ($udom and $uhome are optional)

=item *	=item *

get_domain_defaults($target_domain) : returns hash with defaults for	get_domain_defaults($target_domain,$ignore_cache) : returns hash with defaults
authentication and language in the domain. Keys are: auth_def, auth_arg_def,	for: authentication, language, quotas, timezone, date locale, and portal URL in
lang_def; corresponsing values are authentication type (internal, krb4, krb5,	the target domain.
or localauth), initial password or a kerberos realm, language (e.g., en-us).
Values are retrieved from cache (if current), or from domain's configuration.db	May also include additional key => value pairs for the following groups:
(if available), or lastly from values in lonTabs/dns_domain,tab,
or lonTabs/domain.tab.	=over

	=item
	disk quotas (MB allocated by default to portfolios and authoring spaces).

	=over

	=item defaultquota, authorquota

	=back

	=item
	tools (availability of aboutme page, blog, webDAV access for authoring spaces,
	portfolio for users).

	=over

	=item
	aboutme, blog, webdav, portfolio

	=back

	=item
	requestcourses: ability to request courses, and how requests are processed.

	=over

	=item
	official, unofficial, community, textbook

	=back

	=item
	inststatus: types of institutional affiliation, and order in which they are displayed.

	=over

	=item
	inststatustypes, inststatusorder, inststatusguest

	=back

	=item
	coursedefaults: can PDF forms can be created, default credits for courses, default quotas (MB)
	for course's uploaded content.

	=over

	=item
	canuse_pdfforms, officialcredits, unofficialcredits, textbookcredits, officialquota, unofficialquota,
	communityquota, textbookquota

	=back

	=item
	usersessions: set options for hosting of your users in other domains, and hosting of users from other domains
	on your servers.

	=over

	=item
	remotesessions, hostedsessions

	=back

	=back

	In cases where a domain coordinator has never used the "Set Domain Configuration"
	utility to create a configuration.db file on a domain's primary library server
	only the following domain defaults: auth_def, auth_arg_def, lang_def
	-- corresponding values are authentication type (internal, krb4, krb5,
	or localauth), initial password or a kerberos realm, language (e.g., en-us) --
	will be available. Values are retrieved from cache (if current), unless the
	optional $ignore_cache arg is true, or from domain's configuration.db (if available),
	or lastly from values in lonTabs/dns_domain,tab, or lonTabs/domain.tab.

	Typical usage:

%domdefaults = &get_auth_defaults($target_domain);	%domdefaults = &get_domain_defaults($target_domain);

=back	=back

Line 13416 filelocation except for hrefs	Line 14441 filelocation except for hrefs

=item *	=item *

declutter() : declutters URLs (remove docroot, beginning slashes, 'res' etc)	declutter() : declutters URLs -- remove beginning slashes, 'res' etc.
	also removes beginning /home/httpd/html unless /priv/ follows it.

=back	=back

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>

Removed from v.1.1172.2.30
changed lines
	Added in v.1.1172.2.89