|
version 1.1, 1999/10/13 17:48:51
|
version 1.23, 2000/08/14 21:40:46
|
|
Line 1
|
Line 1
|
| # The LearningOnline Network |
# The LearningOnline Network |
| # TCP networking package |
# TCP networking package |
| |
# |
| |
# Functions for use by content handlers: |
| |
# |
| |
# plaintext(short) : plain text explanation of short term |
| |
# allowed(short,url) : returns codes for allowed actions F,R,S,C |
| |
# definerole(rolename,sys,dom,cou) : define a custom role rolename |
| |
# set priviledges in format of lonTabs/roles.tab for |
| |
# system, domain and course level, |
| |
# assignrole(udom,uname,url,role,end,start) : give a role to a user for the |
| |
# level given by url. Optional start and end dates |
| |
# (leave empty string or zero for "no date") |
| |
# assigncustomrole (udom,uname,url,rdom,rnam,rolename,end,start) : give a |
| |
# custom role to a user for the level given by url. |
| |
# Specify name and domain of role author, and role name |
| |
# revokerole (udom,uname,url,role) : Revoke a role for url |
| |
# revokecustomrole (udom,uname,url,rdom,rnam,rolename) : Revoke a custom role |
| |
# appendenv(hash) : adds hash to session environment |
| |
# store(hash) : stores hash permanently for this url |
| |
# restore : returns hash for this url |
| |
# eget(namesp,array) : returns hash with keys from array filled in from namesp |
| |
# get(namesp,array) : returns hash with keys from array filled in from namesp |
| |
# put(namesp,hash) : stores hash in namesp |
| |
# dump(namesp) : dumps the complete namespace into a hash |
| |
# ssi(url,hash) : does a complete request cycle on url to localhost, posts |
| |
# hash |
| |
# repcopy(filename) : replicate file |
| |
# dirlist(url) : gets a directory listing |
| |
# |
| # 6/1/99,6/2,6/10,6/11,6/12,6/14,6/26,6/28,6/29,6/30, |
# 6/1/99,6/2,6/10,6/11,6/12,6/14,6/26,6/28,6/29,6/30, |
| # 7/1,7/2,7/9,7/10,7/12,7/14,7/15,7/19 Gerd Kortemeyer |
# 7/1,7/2,7/9,7/10,7/12,7/14,7/15,7/19, |
| |
# 11/8,11/16,11/18,11/22,11/23,12/22, |
| |
# 01/06,01/13,02/24,02/28,02/29, |
| |
# 03/01,03/02,03/06,03/07,03/13, |
| |
# 04/05,05/29,05/31,06/01, |
| |
# 06/05,06/26 Gerd Kortemeyer |
| |
# 06/26 Ben Tyszka |
| |
# 06/30,07/15,07/17,07/18,07/20,07/21,07/22,07/25 Gerd Kortemeyer |
| |
# 08/14 Ben Tyszka |
| |
|
| package Apache::lonnet; |
package Apache::lonnet; |
| |
|
| use strict; |
use strict; |
| use Apache::File; |
use Apache::File; |
| use vars qw(%perlvar %hostname %homecache %spareid %hostdom %libserv $readit); |
use LWP::UserAgent(); |
| |
use HTTP::Headers; |
| |
use vars |
| |
qw(%perlvar %hostname %homecache %spareid %hostdom %libserv %pr %prp $readit); |
| use IO::Socket; |
use IO::Socket; |
| |
use Apache::Constants qw(:common :http); |
| |
|
| # --------------------------------------------------------------------- Logging |
# --------------------------------------------------------------------- Logging |
| |
|
|
Line 42 sub subreply {
|
Line 82 sub subreply {
|
| or return "con_lost"; |
or return "con_lost"; |
| print $client "$cmd\n"; |
print $client "$cmd\n"; |
| my $answer=<$client>; |
my $answer=<$client>; |
| chomp($answer); |
|
| if (!$answer) { $answer="con_lost"; } |
if (!$answer) { $answer="con_lost"; } |
| |
chomp($answer); |
| return $answer; |
return $answer; |
| } |
} |
| |
|
|
Line 51 sub reply {
|
Line 91 sub reply {
|
| my ($cmd,$server)=@_; |
my ($cmd,$server)=@_; |
| my $answer=subreply($cmd,$server); |
my $answer=subreply($cmd,$server); |
| if ($answer eq 'con_lost') { $answer=subreply($cmd,$server); } |
if ($answer eq 'con_lost') { $answer=subreply($cmd,$server); } |
| return $answer; |
if (($answer=~/^error:/) || ($answer=~/^refused/) || |
| } |
($answer=~/^rejected/)) { |
| |
&logthis("<font color=blue>WARNING:". |
| # ------------------------------------------------ Try to send delayed messages |
" $cmd to $server returned $answer</font>"); |
| |
|
| sub senddelayed { |
|
| my $server=shift; |
|
| my $dfname; |
|
| my $path="$perlvar{'lonSockDir'}/delayed"; |
|
| while ($dfname=<$path/*.$server>) { |
|
| my $wcmd; |
|
| { |
|
| my $dfh=Apache::File->new($dfname); |
|
| $wcmd=<$dfh>; |
|
| } |
|
| my ($server,$cmd)=split(/:/,$wcmd); |
|
| chomp($cmd); |
|
| my $answer=subreply($cmd,$server); |
|
| if ($answer ne 'con_lost') { |
|
| unlink("$dfname"); |
|
| &logthis("Delayed $cmd to $server: $answer"); |
|
| &logperm("S:$server:$cmd"); |
|
| } |
|
| } |
} |
| |
return $answer; |
| } |
} |
| |
|
| # ----------------------------------------------------------- Send USR1 to lonc |
# ----------------------------------------------------------- Send USR1 to lonc |
|
Line 94 sub reconlonc {
|
Line 116 sub reconlonc {
|
| &logthis("$peerfile still not there, give it another try"); |
&logthis("$peerfile still not there, give it another try"); |
| sleep 5; |
sleep 5; |
| if (-e "$peerfile") { return; } |
if (-e "$peerfile") { return; } |
| &logthis("$peerfile still not there, giving up"); |
&logthis( |
| |
"<font color=blue>WARNING: $peerfile still not there, giving up</font>"); |
| } else { |
} else { |
| &logthis("lonc at pid $loncpid not responding, giving up"); |
&logthis( |
| |
"<font color=blue>WARNING:". |
| |
" lonc at pid $loncpid not responding, giving up</font>"); |
| } |
} |
| } else { |
} else { |
| &logthis('lonc not running, giving up'); |
&logthis('<font color=blue>WARNING: lonc not running, giving up</font>'); |
| } |
} |
| } |
} |
| |
|
| # ------------------------------------------------------ Critical communication |
# ------------------------------------------------------ Critical communication |
| |
|
| sub critical { |
sub critical { |
| my ($cmd,$server)=@_; |
my ($cmd,$server)=@_; |
| &senddelayed($server); |
|
| my $answer=reply($cmd,$server); |
my $answer=reply($cmd,$server); |
| if ($answer eq 'con_lost') { |
if ($answer eq 'con_lost') { |
| my $pingreply=reply('ping',$server); |
my $pingreply=reply('ping',$server); |
|
Line 117 sub critical {
|
Line 142 sub critical {
|
| if ($answer eq 'con_lost') { |
if ($answer eq 'con_lost') { |
| my $now=time; |
my $now=time; |
| my $middlename=$cmd; |
my $middlename=$cmd; |
| |
$middlename=substr($middlename,0,16); |
| $middlename=~s/\W//g; |
$middlename=~s/\W//g; |
| my $dfilename= |
my $dfilename= |
| "$perlvar{'lonSockDir'}/delayed/$now.$middlename.$server"; |
"$perlvar{'lonSockDir'}/delayed/$now.$middlename.$server"; |
| { |
{ |
| my $dfh; |
my $dfh; |
| if ($dfh=Apache::File->new(">$dfilename")) { |
if ($dfh=Apache::File->new(">$dfilename")) { |
| print $dfh "$server:$cmd\n"; |
print $dfh "$cmd\n"; |
| } |
} |
| } |
} |
| sleep 2; |
sleep 2; |
|
Line 135 sub critical {
|
Line 161 sub critical {
|
| } |
} |
| } |
} |
| chomp($wcmd); |
chomp($wcmd); |
| if ($wcmd eq "$server:$cmd") { |
if ($wcmd eq $cmd) { |
| &logthis("Connection buffer $dfilename: $cmd"); |
&logthis("<font color=blue>WARNING: ". |
| |
"Connection buffer $dfilename: $cmd</font>"); |
| &logperm("D:$server:$cmd"); |
&logperm("D:$server:$cmd"); |
| return 'con_delayed'; |
return 'con_delayed'; |
| } else { |
} else { |
| &logthis("CRITICAL CONNECTION FAILED: $server $cmd"); |
&logthis("<font color=red>CRITICAL:" |
| |
." Critical connection failed: $server $cmd</font>"); |
| &logperm("F:$server:$cmd"); |
&logperm("F:$server:$cmd"); |
| return 'con_failed'; |
return 'con_failed'; |
| } |
} |
|
Line 149 sub critical {
|
Line 177 sub critical {
|
| return $answer; |
return $answer; |
| } |
} |
| |
|
| |
# ---------------------------------------------------------- Append Environment |
| |
|
| |
sub appenv { |
| |
my %newenv=@_; |
| |
my @oldenv; |
| |
{ |
| |
my $fh; |
| |
unless ($fh=Apache::File->new("$ENV{'user.environment'}")) { |
| |
return 'error'; |
| |
} |
| |
@oldenv=<$fh>; |
| |
} |
| |
for (my $i=0; $i<=$#oldenv; $i++) { |
| |
chomp($oldenv[$i]); |
| |
if ($oldenv[$i] ne '') { |
| |
my ($name,$value)=split(/=/,$oldenv[$i]); |
| |
$newenv{$name}=$value; |
| |
} |
| |
} |
| |
{ |
| |
my $fh; |
| |
unless ($fh=Apache::File->new(">$ENV{'user.environment'}")) { |
| |
return 'error'; |
| |
} |
| |
my $newname; |
| |
foreach $newname (keys %newenv) { |
| |
print $fh "$newname=$newenv{$newname}\n"; |
| |
} |
| |
} |
| |
return 'ok'; |
| |
} |
| |
|
| # ------------------------------ Find server with least workload from spare.tab |
# ------------------------------ Find server with least workload from spare.tab |
| |
|
| sub spareserver { |
sub spareserver { |
| my $tryserver; |
my $tryserver; |
| my $spareserver=''; |
my $spareserver=''; |
|
Line 166 sub spareserver {
|
Line 226 sub spareserver {
|
| } |
} |
| |
|
| # --------- Try to authenticate user from domain's lib servers (first this one) |
# --------- Try to authenticate user from domain's lib servers (first this one) |
| |
|
| sub authenticate { |
sub authenticate { |
| my ($uname,$upass,$udom)=@_; |
my ($uname,$upass,$udom)=@_; |
| |
$upass=escape($upass); |
| if (($perlvar{'lonRole'} eq 'library') && |
if (($perlvar{'lonRole'} eq 'library') && |
| ($udom eq $perlvar{'lonDefDomain'})) { |
($udom eq $perlvar{'lonDefDomain'})) { |
| my $subdir=$uname; |
my $answer=reply("encrypt:auth:$udom:$uname:$upass",$perlvar{'lonHostID'}); |
| $subdir =~ s/(.)(.)(.).*/$1\/$2\/$3/; |
if ($answer =~ /authorized/) { |
| my $passfilename="$perlvar{'lonUsersDir'}/$udom/$subdir/$uname/passwd"; |
if ($answer eq 'authorized') { |
| if (-e $passfilename) { |
&logthis("User $uname at $udom authorized by local server"); |
| my $pf = Apache::File->new($passfilename); |
return $perlvar{'lonHostID'}; |
| my $realpasswd=<$pf>; |
} |
| chomp($realpasswd); |
if ($answer eq 'non_authorized') { |
| if ( $realpasswd eq $upass ) { |
&logthis("User $uname at $udom rejected by local server"); |
| return $perlvar{'lonHostID'}; |
return 'no_host'; |
| } else { |
} |
| return 'no_host'; |
} |
| } |
|
| } |
|
| } |
} |
| |
|
| my $tryserver; |
my $tryserver; |
| foreach $tryserver (keys %libserv) { |
foreach $tryserver (keys %libserv) { |
| if ($hostdom{$tryserver} eq $udom) { |
if ($hostdom{$tryserver} eq $udom) { |
| my $answer=reply("auth:$udom:$uname:$upass",$tryserver); |
my $answer=reply("encrypt:auth:$udom:$uname:$upass",$tryserver); |
| if ($answer =~ /authorized/) { |
if ($answer =~ /authorized/) { |
| if ($answer eq 'authorized') { return $tryserver; } |
if ($answer eq 'authorized') { |
| |
&logthis("User $uname at $udom authorized by $tryserver"); |
| |
return $tryserver; |
| |
} |
| |
if ($answer eq 'non_authorized') { |
| |
&logthis("User $uname at $udom rejected by $tryserver"); |
| |
return 'no_host'; |
| |
} |
| } |
} |
| } |
} |
| } |
} |
| |
&logthis("User $uname at $udom could not be authenticated"); |
| return 'no_host'; |
return 'no_host'; |
| } |
} |
| |
|
| # ---------------------- Find the homebase for a user from domain's lib servers |
# ---------------------- Find the homebase for a user from domain's lib servers |
| |
|
| sub homeserver { |
sub homeserver { |
| my ($uname,$udom)=@_; |
my ($uname,$udom)=@_; |
| |
|
|
Line 219 sub homeserver {
|
Line 287 sub homeserver {
|
| } |
} |
| |
|
| # ----------------------------- Subscribe to a resource, return URL if possible |
# ----------------------------- Subscribe to a resource, return URL if possible |
| |
|
| sub subscribe { |
sub subscribe { |
| my $fname=shift; |
my $fname=shift; |
| &logthis($fname); |
|
| my $author=$fname; |
my $author=$fname; |
| $author=~s/\/home\/httpd\/html\/res\/([^\/]*)\/([^\/]*).*/$1\/$2/; |
$author=~s/\/home\/httpd\/html\/res\/([^\/]*)\/([^\/]*).*/$1\/$2/; |
| my ($udom,$uname)=split(/\//,$author); |
my ($udom,$uname)=split(/\//,$author); |
| my $home=homeserver($uname,$udom); |
my $home=homeserver($uname,$udom); |
| &logthis("$home $udom $uname"); |
|
| if (($home eq 'no_host') || ($home eq $perlvar{'lonHostID'})) { |
if (($home eq 'no_host') || ($home eq $perlvar{'lonHostID'})) { |
| return 'not_found'; |
return 'not_found'; |
| } |
} |
|
Line 234 sub subscribe {
|
Line 301 sub subscribe {
|
| return $answer; |
return $answer; |
| } |
} |
| |
|
| |
# -------------------------------------------------------------- Replicate file |
| |
|
| |
sub repcopy { |
| |
my $filename=shift; |
| |
$filename=~s/\/+/\//g; |
| |
my $transname="$filename.in.transfer"; |
| |
if ((-e $filename) || (-e $transname)) { return OK; } |
| |
my $remoteurl=subscribe($filename); |
| |
if ($remoteurl eq 'con_lost') { |
| |
&logthis("Subscribe returned con_lost: $filename"); |
| |
return HTTP_SERVICE_UNAVAILABLE; |
| |
} elsif ($remoteurl eq 'not_found') { |
| |
&logthis("Subscribe returned not_found: $filename"); |
| |
return HTTP_NOT_FOUND; |
| |
} elsif ($remoteurl eq 'rejected') { |
| |
&logthis("Subscribe returned rejected: $filename"); |
| |
return FORBIDDEN; |
| |
} elsif ($remoteurl eq 'directory') { |
| |
return OK; |
| |
} else { |
| |
my @parts=split(/\//,$filename); |
| |
my $path="/$parts[1]/$parts[2]/$parts[3]/$parts[4]"; |
| |
if ($path ne "$perlvar{'lonDocRoot'}/res") { |
| |
&logthis("Malconfiguration for replication: $filename"); |
| |
return HTTP_BAD_REQUEST; |
| |
} |
| |
my $count; |
| |
for ($count=5;$count<$#parts;$count++) { |
| |
$path.="/$parts[$count]"; |
| |
if ((-e $path)!=1) { |
| |
mkdir($path,0777); |
| |
} |
| |
} |
| |
my $ua=new LWP::UserAgent; |
| |
my $request=new HTTP::Request('GET',"$remoteurl"); |
| |
my $response=$ua->request($request,$transname); |
| |
if ($response->is_error()) { |
| |
unlink($transname); |
| |
my $message=$response->status_line; |
| |
&logthis("<font color=blue>WARNING:" |
| |
." LWP get: $message: $filename</font>"); |
| |
return HTTP_SERVICE_UNAVAILABLE; |
| |
} else { |
| |
if ($remoteurl!~/\.meta$/) { |
| |
my $mrequest=new HTTP::Request('GET',$remoteurl.'.meta'); |
| |
my $mresponse=$ua->request($mrequest,$filename.'.meta'); |
| |
if ($mresponse->is_error()) { |
| |
unlink($filename.'.meta'); |
| |
&logthis( |
| |
"<font color=yellow>INFO: No metadata: $filename</font>"); |
| |
} |
| |
} |
| |
rename($transname,$filename); |
| |
return OK; |
| |
} |
| |
} |
| |
} |
| |
|
| |
# --------------------------------------------------------- Server Side Include |
| |
|
| |
sub ssi { |
| |
|
| |
my ($fn,%form)=@_; |
| |
|
| |
my $ua=new LWP::UserAgent; |
| |
|
| |
my $request; |
| |
|
| |
if (%form) { |
| |
$request=new HTTP::Request('POST',"http://".$ENV{'HTTP_HOST'}.$fn); |
| |
$request->content(join '&', map { "$_=$form{$_}" } keys %form); |
| |
} else { |
| |
$request=new HTTP::Request('GET',"http://".$ENV{'HTTP_HOST'}.$fn); |
| |
} |
| |
|
| |
$request->header(Cookie => $ENV{'HTTP_COOKIE'}); |
| |
my $response=$ua->request($request); |
| |
|
| |
return $response->content; |
| |
} |
| |
|
| |
# ------------------------------------------------------------------------- Log |
| |
|
| |
sub log { |
| |
my ($dom,$nam,$hom,$what)=@_; |
| |
return reply("log:$dom:$nam:$what",$hom); |
| |
} |
| |
|
| |
# ----------------------------------------------------------------------- Store |
| |
|
| |
sub store { |
| |
my %storehash=shift; |
| |
my $namevalue=''; |
| |
map { |
| |
$namevalue.=escape($_).'='.escape($storehash{$_}).'&'; |
| |
} keys %storehash; |
| |
$namevalue=~s/\&$//; |
| |
return reply("store:$ENV{'user.domain'}:$ENV{'user.name'}:" |
| |
."$ENV{'user.class'}:$ENV{'request.filename'}:$namevalue", |
| |
"$ENV{'user.home'}"); |
| |
} |
| |
|
| |
# --------------------------------------------------------------------- Restore |
| |
|
| |
sub restore { |
| |
my $answer=reply("restore:$ENV{'user.domain'}:$ENV{'user.name'}:" |
| |
."$ENV{'user.class'}:$ENV{'request.filename'}", |
| |
"$ENV{'user.home'}"); |
| |
my %returnhash=(); |
| |
map { |
| |
my ($name,$value)=split(/\=/,$_); |
| |
$returnhash{&unescape($name)}=&unescape($value); |
| |
} split(/\&/,$answer); |
| |
return %returnhash; |
| |
} |
| |
|
| |
# -------------------------------------------------------- Get user priviledges |
| |
|
| |
sub rolesinit { |
| |
my ($domain,$username,$authhost)=@_; |
| |
my $rolesdump=reply("dump:$domain:$username:roles",$authhost); |
| |
if (($rolesdump eq 'con_lost') || ($rolesdump eq '')) { return ''; } |
| |
my %allroles=(); |
| |
my %thesepriv=(); |
| |
my $now=time; |
| |
my $userroles="user.login.time=$now\n"; |
| |
my $thesestr; |
| |
|
| |
if ($rolesdump ne '') { |
| |
map { |
| |
if ($_!~/^rolesdef\&/) { |
| |
my ($area,$role)=split(/=/,$_); |
| |
$area=~s/\_\w\w$//; |
| |
my ($trole,$tend,$tstart)=split(/_/,$role); |
| |
$userroles.='user.role.'.$trole.'.'.$area.'='. |
| |
$tstart.'.'.$tend."\n"; |
| |
if ($tend!=0) { |
| |
if ($tend<$now) { |
| |
$trole=''; |
| |
} |
| |
} |
| |
if ($tstart!=0) { |
| |
if ($tstart>$now) { |
| |
$trole=''; |
| |
} |
| |
} |
| |
if (($area ne '') && ($trole ne '')) { |
| |
my ($tdummy,$tdomain,$trest)=split(/\//,$area); |
| |
if ($trole =~ /^cr\//) { |
| |
my ($rdummy,$rdomain,$rauthor,$rrole)=split(/\//,$trole); |
| |
my $homsvr=homeserver($rauthor,$rdomain); |
| |
if ($hostname{$homsvr} ne '') { |
| |
my $roledef= |
| |
reply("get:$rdomain:$rauthor:roles:rolesdef_$rrole", |
| |
$homsvr); |
| |
if (($roledef ne 'con_lost') && ($roledef ne '')) { |
| |
my ($syspriv,$dompriv,$coursepriv)= |
| |
split(/\_/,unescape($roledef)); |
| |
$allroles{'/'}.=':'.$syspriv; |
| |
if ($tdomain ne '') { |
| |
$allroles{'/'.$tdomain.'/'}.=':'.$dompriv; |
| |
if ($trest ne '') { |
| |
$allroles{$area}.=':'.$coursepriv; |
| |
} |
| |
} |
| |
} |
| |
} |
| |
} else { |
| |
$allroles{'/'}.=':'.$pr{$trole.':s'}; |
| |
if ($tdomain ne '') { |
| |
$allroles{'/'.$tdomain.'/'}.=':'.$pr{$trole.':d'}; |
| |
if ($trest ne '') { |
| |
$allroles{$area}.=':'.$pr{$trole.':c'}; |
| |
} |
| |
} |
| |
} |
| |
} |
| |
} |
| |
} split(/&/,$rolesdump); |
| |
map { |
| |
%thesepriv=(); |
| |
map { |
| |
if ($_ ne '') { |
| |
my ($priviledge,$restrictions)=split(/&/,$_); |
| |
if ($restrictions eq '') { |
| |
$thesepriv{$priviledge}='F'; |
| |
} else { |
| |
if ($thesepriv{$priviledge} ne 'F') { |
| |
$thesepriv{$priviledge}.=$restrictions; |
| |
} |
| |
} |
| |
} |
| |
} split(/:/,$allroles{$_}); |
| |
$thesestr=''; |
| |
map { $thesestr.=':'.$_.'&'.$thesepriv{$_}; } keys %thesepriv; |
| |
$userroles.='user.priv.'.$_.'='.$thesestr."\n"; |
| |
} keys %allroles; |
| |
} |
| |
return $userroles; |
| |
} |
| |
|
| |
# --------------------------------------------------------------- get interface |
| |
|
| |
sub get { |
| |
my ($namespace,@storearr)=@_; |
| |
my $items=''; |
| |
map { |
| |
$items.=escape($_).'&'; |
| |
} @storearr; |
| |
$items=~s/\&$//; |
| |
my $rep=reply("get:$ENV{'user.domain'}:$ENV{'user.name'}:$namespace:$items", |
| |
$ENV{'user.home'}); |
| |
my @pairs=split(/\&/,$rep); |
| |
my %returnhash=(); |
| |
map { |
| |
my ($key,$value)=split(/=/,$_); |
| |
$returnhash{unespace($key)}=unescape($value); |
| |
} @pairs; |
| |
return %returnhash; |
| |
} |
| |
|
| |
# -------------------------------------------------------------- dump interface |
| |
|
| |
sub dump { |
| |
my $namespace=shift; |
| |
my $rep=reply("dump:$ENV{'user.domain'}:$ENV{'user.name'}:$namespace", |
| |
$ENV{'user.home'}); |
| |
my @pairs=split(/\&/,$rep); |
| |
my %returnhash=(); |
| |
map { |
| |
my ($key,$value)=split(/=/,$_); |
| |
$returnhash{unespace($key)}=unescape($value); |
| |
} @pairs; |
| |
return %returnhash; |
| |
} |
| |
|
| |
# --------------------------------------------------------------- put interface |
| |
|
| |
sub put { |
| |
my ($namespace,%storehash)=@_; |
| |
my $items=''; |
| |
map { |
| |
$items.=escape($_).'='.escape($storehash{$_}).'&'; |
| |
} keys %storehash; |
| |
$items=~s/\&$//; |
| |
return reply("put:$ENV{'user.domain'}:$ENV{'user.name'}:$namespace:$items", |
| |
$ENV{'user.home'}); |
| |
} |
| |
|
| |
# -------------------------------------------------------------- eget interface |
| |
|
| |
sub eget { |
| |
my ($namespace,@storearr)=@_; |
| |
my $items=''; |
| |
map { |
| |
$items.=escape($_).'&'; |
| |
} @storearr; |
| |
$items=~s/\&$//; |
| |
my $rep=reply("eget:$ENV{'user.domain'}:$ENV{'user.name'}:$namespace:$items", |
| |
$ENV{'user.home'}); |
| |
my @pairs=split(/\&/,$rep); |
| |
my %returnhash=(); |
| |
map { |
| |
my ($key,$value)=split(/=/,$_); |
| |
$returnhash{unespace($key)}=unescape($value); |
| |
} @pairs; |
| |
return %returnhash; |
| |
} |
| |
|
| |
# ------------------------------------------------- Check for a user priviledge |
| |
|
| |
sub allowed { |
| |
my ($priv,$uri)=@_; |
| |
$uri=~s/^\/res//; |
| |
$uri=~s/^\///; |
| |
if ($uri=~/^adm\//) { |
| |
return 'F'; |
| |
} |
| |
my $thisallowed=''; |
| |
if ($ENV{'user.priv./'}=~/$priv\&([^\:]*)/) { |
| |
$thisallowed.=$1; |
| |
} |
| |
if ($ENV{'user.priv./'.(split(/\//,$uri))[0].'/'}=~/$priv\&([^\:]*)/) { |
| |
$thisallowed.=$1; |
| |
} |
| |
if ($ENV{'user.priv./'.$uri}=~/$priv\&([^\:]*)/) { |
| |
$thisallowed.=$1; |
| |
} |
| |
return $thisallowed; |
| |
} |
| |
|
| |
# ----------------------------------------------------------------- Define Role |
| |
|
| |
sub definerole { |
| |
if (allowed('mcr','/')) { |
| |
my ($rolename,$sysrole,$domrole,$courole)=@_; |
| |
map { |
| |
my ($crole,$cqual)=split(/\&/,$_); |
| |
if ($pr{'cr:s'}!~/$crole/) { return "refused:s:$crole"; } |
| |
if ($pr{'cr:s'}=~/$crole\&/) { |
| |
if ($pr{'cr:s'}!~/$crole\&\w*$cqual/) { |
| |
return "refused:s:$crole&$cqual"; |
| |
} |
| |
} |
| |
} split('/',$sysrole); |
| |
map { |
| |
my ($crole,$cqual)=split(/\&/,$_); |
| |
if ($pr{'cr:d'}!~/$crole/) { return "refused:d:$crole"; } |
| |
if ($pr{'cr:d'}=~/$crole\&/) { |
| |
if ($pr{'cr:d'}!~/$crole\&\w*$cqual/) { |
| |
return "refused:d:$crole&$cqual"; |
| |
} |
| |
} |
| |
} split('/',$domrole); |
| |
map { |
| |
my ($crole,$cqual)=split(/\&/,$_); |
| |
if ($pr{'cr:c'}!~/$crole/) { return "refused:c:$crole"; } |
| |
if ($pr{'cr:c'}=~/$crole\&/) { |
| |
if ($pr{'cr:c'}!~/$crole\&\w*$cqual/) { |
| |
return "refused:c:$crole&$cqual"; |
| |
} |
| |
} |
| |
} split('/',$courole); |
| |
my $command="encrypt:rolesput:$ENV{'user.domain'}:$ENV{'user.name'}:". |
| |
"$ENV{'user.domain'}:$ENV{'user.name'}:". |
| |
"rolesdef_$rolename=". |
| |
escape($sysrole.'_'.$domrole.'_'.$courole); |
| |
return reply($command,$ENV{'user.home'}); |
| |
} else { |
| |
return 'refused'; |
| |
} |
| |
} |
| |
|
| |
# ------------------------------------------------------------------ Plain Text |
| |
|
| |
sub plaintext { |
| |
my $short=shift; |
| |
return $prp{$short}; |
| |
} |
| |
|
| |
# ----------------------------------------------------------------- Assign Role |
| |
|
| |
sub assignrole { |
| |
my ($udom,$uname,$url,$role,$end,$start)=@_; |
| |
my $mrole; |
| |
if ($role =~ /^cr\//) { |
| |
unless ($url=~/\.course$/) { return 'invalid'; } |
| |
unless (allowed('ccr',$url)) { return 'refused'; } |
| |
$mrole='cr'; |
| |
} else { |
| |
unless (($url=~/\.course$/) || ($url=~/\/$/)) { return 'invalid'; } |
| |
unless (allowed('c'+$role)) { return 'refused'; } |
| |
$mrole=$role; |
| |
} |
| |
my $command="encrypt:rolesput:$ENV{'user.domain'}:$ENV{'user.name'}:". |
| |
"$udom:$uname:$url".'_'."$mrole=$role"; |
| |
if ($end) { $command.='_$end'; } |
| |
if ($start) { |
| |
if ($end) { |
| |
$command.='_$start'; |
| |
} else { |
| |
$command.='_0_$start'; |
| |
} |
| |
} |
| |
return &reply($command,&homeserver($uname,$udom)); |
| |
} |
| |
|
| |
# ---------------------------------------------------------- Assign Custom Role |
| |
|
| |
sub assigncustomrole { |
| |
my ($udom,$uname,$url,$rdom,$rnam,$rolename,$end,$start)=@_; |
| |
return &assignrole($udom,$uname,$url,'cr/'.$rdom.'/'.$rnam.'/'.$rolename, |
| |
$end,$start); |
| |
} |
| |
|
| |
# ----------------------------------------------------------------- Revoke Role |
| |
|
| |
sub revokerole { |
| |
my ($udom,$uname,$url,$role)=@_; |
| |
my $now=time; |
| |
return &assignrole($udom,$uname,$url,$role,$now); |
| |
} |
| |
|
| |
# ---------------------------------------------------------- Revoke Custom Role |
| |
|
| |
sub revokecustomrole { |
| |
my ($udom,$uname,$url,$rdom,$rnam,$rolename)=@_; |
| |
my $now=time; |
| |
return &assigncustomrole($udom,$uname,$url,$rdom,$rnam,$rolename,$now); |
| |
} |
| |
|
| |
# ------------------------------------------------------------ Directory lister |
| |
|
| |
sub dirlist { |
| |
my $uri=shift; |
| |
$uri=~s/^\///; |
| |
$uri=~s/\/$//; |
| |
my ($res,$udom,$uname,@rest)=split(/\//,$uri); |
| |
if ($udom) { |
| |
if ($uname) { |
| |
my $listing=reply('ls:'.$perlvar{'lonDocRoot'}.'/'.$uri, |
| |
homeserver($uname,$udom)); |
| |
return split(/:/,$listing); |
| |
} else { |
| |
my $tryserver; |
| |
my %allusers=(); |
| |
foreach $tryserver (keys %libserv) { |
| |
if ($hostdom{$tryserver} eq $udom) { |
| |
my $listing=reply('ls:'.$perlvar{'lonDocRoot'}.'/res/'.$udom, |
| |
$tryserver); |
| |
if (($listing ne 'no_such_dir') && ($listing ne 'empty') |
| |
&& ($listing ne 'con_lost')) { |
| |
map { |
| |
my ($entry,@stat)=split(/&/,$_); |
| |
$allusers{$entry}=1; |
| |
} split(/:/,$listing); |
| |
} |
| |
} |
| |
} |
| |
my $alluserstr=''; |
| |
map { |
| |
$alluserstr.=$_.'&user:'; |
| |
} sort keys %allusers; |
| |
$alluserstr=~s/:$//; |
| |
return split(/:/,$alluserstr); |
| |
} |
| |
} else { |
| |
my $tryserver; |
| |
my %alldom=(); |
| |
foreach $tryserver (keys %libserv) { |
| |
$alldom{$hostdom{$tryserver}}=1; |
| |
} |
| |
my $alldomstr=''; |
| |
map { |
| |
$alldomstr.=$perlvar{'lonDocRoot'}.'/res/'.$_.'&domain:'; |
| |
} sort keys %alldom; |
| |
$alldomstr=~s/:$//; |
| |
return split(/:/,$alldomstr); |
| |
} |
| |
} |
| |
|
| |
# -------------------------------------------------------- Escape Special Chars |
| |
|
| |
sub escape { |
| |
my $str=shift; |
| |
$str =~ s/(\W)/"%".unpack('H2',$1)/eg; |
| |
return $str; |
| |
} |
| |
|
| |
# ----------------------------------------------------- Un-Escape Special Chars |
| |
|
| |
sub unescape { |
| |
my $str=shift; |
| |
$str =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C",hex($1))/eg; |
| |
return $str; |
| |
} |
| |
|
| # ================================================================ Main Program |
# ================================================================ Main Program |
| |
|
|
Line 246 if ($readit ne 'done') {
|
Line 769 if ($readit ne 'done') {
|
| while (my $configline=<$config>) { |
while (my $configline=<$config>) { |
| if ($configline =~ /PerlSetVar/) { |
if ($configline =~ /PerlSetVar/) { |
| my ($dummy,$varname,$varvalue)=split(/\s+/,$configline); |
my ($dummy,$varname,$varvalue)=split(/\s+/,$configline); |
| |
chomp($varvalue); |
| $perlvar{$varname}=$varvalue; |
$perlvar{$varname}=$varvalue; |
| } |
} |
| } |
} |
|
Line 274 if ($readit ne 'done') {
|
Line 798 if ($readit ne 'done') {
|
| } |
} |
| } |
} |
| } |
} |
| $readit='done'; |
# ------------------------------------------------------------ Read permissions |
| &logthis('Read configuration'); |
{ |
| } |
my $config=Apache::File->new("$perlvar{'lonTabDir'}/roles.tab"); |
| |
|
| |
while (my $configline=<$config>) { |
| |
chomp($configline); |
| |
my ($role,$perm)=split(/ /,$configline); |
| |
if ($perm ne '') { $pr{$role}=$perm; } |
| |
} |
| } |
} |
| 1; |
|
| |
|
| |
# -------------------------------------------- Read plain texts for permissions |
| |
{ |
| |
my $config=Apache::File->new("$perlvar{'lonTabDir'}/rolesplain.tab"); |
| |
|
| |
while (my $configline=<$config>) { |
| |
chomp($configline); |
| |
my ($short,$plain)=split(/:/,$configline); |
| |
if ($plain ne '') { $prp{$short}=$plain; } |
| |
} |
| |
} |
| |
|
| |
|
| |
$readit='done'; |
| |
&logthis('<font color=yellow>INFO: Read configuration</font>'); |
| |
} |
| |
} |
| |
1; |
![[BACK]](/icons/back.gif){kind=icon}
Return to lonnet.pm CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [LON-CAPA] / loncom / lonnet / perl