--- loncom/lonnet/perl/lonnet.pm 2002/05/13 09:26:29 1.218 +++ loncom/lonnet/perl/lonnet.pm 2016/07/25 19:50:44 1.1315 @@ -1,7 +1,7 @@ # The LearningOnline Network # TCP networking package # -# $Id: lonnet.pm,v 1.218 2002/05/13 09:26:29 albertel Exp $ +# $Id: lonnet.pm,v 1.1315 2016/07/25 19:50:44 raeburn Exp $ # # Copyright Michigan State University Board of Trustees # @@ -25,75 +25,128 @@ # # http://www.lon-capa.org/ # -# 6/1/99,6/2,6/10,6/11,6/12,6/14,6/26,6/28,6/29,6/30, -# 7/1,7/2,7/9,7/10,7/12,7/14,7/15,7/19, -# 11/8,11/16,11/18,11/22,11/23,12/22, -# 01/06,01/13,02/24,02/28,02/29, -# 03/01,03/02,03/06,03/07,03/13, -# 04/05,05/29,05/31,06/01, -# 06/05,06/26 Gerd Kortemeyer -# 06/26 Ben Tyszka -# 06/30,07/15,07/17,07/18,07/20,07/21,07/22,07/25 Gerd Kortemeyer -# 08/14 Ben Tyszka -# 08/22,08/28,08/31,09/01,09/02,09/04,09/05,09/25,09/28,09/30 Gerd Kortemeyer -# 10/04 Gerd Kortemeyer -# 10/04 Guy Albertelli -# 10/06,10/09,10/10,10/11,10/14,10/20,10/23,10/25,10/26,10/27,10/28,10/29, -# 10/30,10/31, -# 11/2,11/14,11/15,11/16,11/20,11/21,11/22,11/25,11/27, -# 12/02,12/12,12/13,12/14,12/28,12/29 Gerd Kortemeyer -# 05/01/01 Guy Albertelli -# 05/01,06/01,09/01 Gerd Kortemeyer -# 09/01 Guy Albertelli -# 09/01,10/01,11/01 Gerd Kortemeyer -# YEAR=2001 -# 02/27/01 Scott Harrison -# 3/2 Gerd Kortemeyer -# 3/15,3/19 Scott Harrison -# 3/19,3/20 Gerd Kortemeyer -# 3/22,3/27,4/2,4/16,4/17 Scott Harrison -# 5/26,5/28 Gerd Kortemeyer -# 5/30 H. K. Ng -# 6/1 Gerd Kortemeyer -# July Guy Albertelli -# 8/4,8/7,8/8,8/9,8/11,8/16,8/17,8/18,8/20,8/23,9/20,9/21,9/26, -# 10/2 Gerd Kortemeyer -# 10/5,10/10,11/13,11/15 Scott Harrison -# 11/17,11/20,11/22,11/29 Gerd Kortemeyer -# 12/5 Matthew Hall -# 12/5 Guy Albertelli -# 12/6,12/7,12/12 Gerd Kortemeyer -# 12/18 Scott Harrison -# 12/21,12/22,12/27,12/28 Gerd Kortemeyer -# YEAR=2002 -# 1/4,2/4,2/7 Gerd Kortemeyer -# ### +=pod + +=head1 NAME + +Apache::lonnet.pm + +=head1 SYNOPSIS + +This file is an interface to the lonc processes of +the LON-CAPA network as well as set of elaborated functions for handling information +necessary for navigating through a given cluster of LON-CAPA machines within a +domain. There are over 40 specialized functions in this module which handle the +reading and transmission of metadata, user information (ids, names, environments, roles, +logs), file information (storage, reading, directories, extensions, replication, embedded +styles and descriptors), educational resources (course descriptions, section names and +numbers), url hashing (to assign roles on a url basis), and translating abbreviated symbols to +and from more descriptive phrases or explanations. + +This is part of the LearningOnline Network with CAPA project +described at http://www.lon-capa.org. + +=head1 Package Variables + +These are largely undocumented, so if you decipher one please note it here. + +=over 4 + +=item $processmarker + +Contains the time this process was started and this servers host id. + +=item $dumpcount + +Counts the number of times a message log flush has been attempted (regardless +of success) by this process. Used as part of the filename when messages are +delayed. + +=back + +=cut + package Apache::lonnet; use strict; -use Apache::File; use LWP::UserAgent(); -use HTTP::Headers; -use vars -qw(%perlvar %hostname %homecache %hostip %spareid %hostdom - %libserv %pr %prp %metacache %packagetab - %courselogs %accesshash $processmarker $dumpcount - %coursedombuf %coursehombuf %courseresdatacache); +use HTTP::Date; +use Image::Magick; + + +use Encode; + +use vars qw(%perlvar %spareid %pr %prp $memcache %packagetab $tmpdir + $_64bit %env %protocol %loncaparevs %serverhomeIDs %needsrelease + %managerstab); + +my (%badServerCache, $memcache, %courselogs, %accesshash, %domainrolehash, + %userrolehash, $processmarker, $dumpcount, %coursedombuf, + %coursenumbuf, %coursehombuf, %coursedescrbuf, %courseinstcodebuf, + %courseownerbuf, %coursetypebuf,$locknum); + use IO::Socket; use GDBM_File; -use Apache::Constants qw(:common :http); use HTML::LCParser; use Fcntl qw(:flock); +use Storable qw(thaw nfreeze); +use Time::HiRes qw( sleep gettimeofday tv_interval ); +use Cache::Memcached; +use Digest::MD5; +use Math::Random; +use File::MMagic; +use LONCAPA qw(:DEFAULT :match); +use LONCAPA::Configuration; +use LONCAPA::lonmetadata; +use LONCAPA::Lond; + +use File::Copy; + my $readit; +my $max_connection_retries = 20; # Or some such value. + +require Exporter; + +our @ISA = qw (Exporter); +our @EXPORT = qw(%env); -# --------------------------------------------------------------------- Logging + +# ------------------------------------ Logging (parameters, docs, slots, roles) +{ + my $logid; + sub write_log { + my ($context,$hash_name,$storehash,$delflag,$uname,$udom,$cnum,$cdom)=@_; + if ($context eq 'course') { + if (($cnum eq '') || ($cdom eq '')) { + $cnum = $env{'course.'.$env{'request.course.id'}.'.num'}; + $cdom = $env{'course.'.$env{'request.course.id'}.'.domain'}; + } + } + $logid ++; + my $now = time(); + my $id=$now.'00000'.$$.'00000'.$logid; + my $logentry = { + $id => { + 'exe_uname' => $env{'user.name'}, + 'exe_udom' => $env{'user.domain'}, + 'exe_time' => $now, + 'exe_ip' => $ENV{'REMOTE_ADDR'}, + 'delflag' => $delflag, + 'logentry' => $storehash, + 'uname' => $uname, + 'udom' => $udom, + } + }; + return &put('nohist_'.$hash_name,$logentry,$cdom,$cnum); + } +} sub logtouch { my $execdir=$perlvar{'lonDaemons'}; - unless (-e "$execdir/logs/lonnet.log") { - my $fh=Apache::File->new(">>$execdir/logs/lonnet.log"); + unless (-e "$execdir/logs/lonnet.log") { + open(my $fh,">>$execdir/logs/lonnet.log"); close $fh; } my ($wwwuid,$wwwgid)=(getpwnam('www'))[2,3]; @@ -105,8 +158,11 @@ sub logthis { my $execdir=$perlvar{'lonDaemons'}; my $now=time; my $local=localtime($now); - my $fh=Apache::File->new(">>$execdir/logs/lonnet.log"); - print $fh "$local ($$): $message\n"; + if (open(my $fh,">>$execdir/logs/lonnet.log")) { + my $logstring = $local. " ($$): ".$message."\n"; # Keep any \'s in string. + print $fh $logstring; + close($fh); + } return 1; } @@ -115,48 +171,288 @@ sub logperm { my $execdir=$perlvar{'lonDaemons'}; my $now=time; my $local=localtime($now); - my $fh=Apache::File->new(">>$execdir/logs/lonnet.perm.log"); - print $fh "$now:$message:$local\n"; + if (open(my $fh,">>$execdir/logs/lonnet.perm.log")) { + print $fh "$now:$message:$local\n"; + close($fh); + } return 1; } +sub create_connection { + my ($hostname,$lonid) = @_; + my $client=IO::Socket::UNIX->new(Peer => $perlvar{'lonSockCreate'}, + Type => SOCK_STREAM, + Timeout => 10); + return 0 if (!$client); + print $client (join(':',$hostname,$lonid,&machine_ids($hostname))."\n"); + my $result = <$client>; + chomp($result); + return 1 if ($result eq 'done'); + return 0; +} + +sub get_server_timezone { + my ($cnum,$cdom) = @_; + my $home=&homeserver($cnum,$cdom); + if ($home ne 'no_host') { + my $cachetime = 24*3600; + my ($timezone,$cached)=&is_cached_new('servertimezone',$home); + if (defined($cached)) { + return $timezone; + } else { + my $timezone = &reply('servertimezone',$home); + return &do_cache_new('servertimezone',$home,$timezone,$cachetime); + } + } +} + +sub get_server_distarch { + my ($lonhost,$ignore_cache) = @_; + if (defined($lonhost)) { + if (!defined(&hostname($lonhost))) { + return; + } + my $cachetime = 12*3600; + if (!$ignore_cache) { + my ($distarch,$cached)=&is_cached_new('serverdistarch',$lonhost); + if (defined($cached)) { + return $distarch; + } + } + my $rep = &reply('serverdistarch',$lonhost); + unless ($rep eq 'unknown_command' || $rep eq 'no_such_host' || + $rep eq 'con_lost' || $rep eq 'rejected' || $rep eq 'refused' || + $rep eq '') { + return &do_cache_new('serverdistarch',$lonhost,$rep,$cachetime); + } + } + return; +} + +sub get_servercerts_info { + my ($lonhost,$context) = @_; + my ($rep,$uselocal); + if (grep { $_ eq $lonhost } ¤t_machine_ids()) { + $uselocal = 1; + } + if (($context ne 'cgi') || $uselocal) { + my $distro = (split(/\:/,&get_server_distarch($lonhost)))[0]; + if ($distro =~ /^(?:centos|redhat|scientific)(\d+)$/) { + if ($1 < 6) { + $uselocal = 0; + } + } + } + if ($uselocal) { + $rep = LONCAPA::Lond::server_certs(\%perlvar); + } else { + $rep=&reply('servercerts',$lonhost); + } + my ($result,%returnhash); + if (defined($lonhost)) { + if (!defined(&hostname($lonhost))) { + return; + } + } + if (($rep=~/^(refused|rejected|error)/) || ($rep eq 'con_lost') || + ($rep eq 'unknown_cmd')) { + $result = $rep; + } else { + $result = 'ok'; + my @pairs=split(/\&/,$rep); + foreach my $item (@pairs) { + my ($key,$value)=split(/=/,$item,2); + my $what = &unescape($key); + $returnhash{$what}=&thaw_unescape($value); + } + } + return ($result,\%returnhash); +} + +sub get_server_loncaparev { + my ($dom,$lonhost,$ignore_cache,$caller) = @_; + if (defined($lonhost)) { + if (!defined(&hostname($lonhost))) { + undef($lonhost); + } + } + if (!defined($lonhost)) { + if (defined(&domain($dom,'primary'))) { + $lonhost=&domain($dom,'primary'); + if ($lonhost eq 'no_host') { + undef($lonhost); + } + } + } + if (defined($lonhost)) { + my $cachetime = 12*3600; + if (!$ignore_cache) { + my ($loncaparev,$cached)=&is_cached_new('serverloncaparev',$lonhost); + if (defined($cached)) { + return $loncaparev; + } + } + my ($answer,$loncaparev); + my @ids=¤t_machine_ids(); + if (grep(/^\Q$lonhost\E$/,@ids)) { + $answer = $perlvar{'lonVersion'}; + if ($answer =~ /^[\'\"]?([\w.\-]+)[\'\"]?$/) { + $loncaparev = $1; + } + } else { + $answer = &reply('serverloncaparev',$lonhost); + if (($answer eq 'unknown_cmd') || ($answer eq 'con_lost')) { + if ($caller eq 'loncron') { + my $ua=new LWP::UserAgent; + $ua->timeout(4); + my $protocol = $protocol{$lonhost}; + $protocol = 'http' if ($protocol ne 'https'); + my $url = $protocol.'://'.&hostname($lonhost).'/adm/about.html'; + my $request=new HTTP::Request('GET',$url); + my $response=$ua->request($request); + unless ($response->is_error()) { + my $content = $response->content; + if ($content =~ /
VERSION\:\s*([\w.\-]+)<\/p>/) {
+ $loncaparev = $1;
+ }
+ }
+ } else {
+ $loncaparev = $loncaparevs{$lonhost};
+ }
+ } elsif ($answer =~ /^[\'\"]?([\w.\-]+)[\'\"]?$/) {
+ $loncaparev = $1;
+ }
+ }
+ return &do_cache_new('serverloncaparev',$lonhost,$loncaparev,$cachetime);
+ }
+}
+
+sub get_server_homeID {
+ my ($hostname,$ignore_cache,$caller) = @_;
+ unless ($ignore_cache) {
+ my ($serverhomeID,$cached)=&is_cached_new('serverhomeID',$hostname);
+ if (defined($cached)) {
+ return $serverhomeID;
+ }
+ }
+ my $cachetime = 12*3600;
+ my $serverhomeID;
+ if ($caller eq 'loncron') {
+ my @machine_ids = &machine_ids($hostname);
+ foreach my $id (@machine_ids) {
+ my $response = &reply('serverhomeID',$id);
+ unless (($response eq 'unknown_cmd') || ($response eq 'con_lost')) {
+ $serverhomeID = $response;
+ last;
+ }
+ }
+ if ($serverhomeID eq '') {
+ $serverhomeID = $machine_ids[-1];
+ }
+ } else {
+ $serverhomeID = $serverhomeIDs{$hostname};
+ }
+ return &do_cache_new('serverhomeID',$hostname,$serverhomeID,$cachetime);
+}
+
+sub get_remote_globals {
+ my ($lonhost,$whathash,$ignore_cache) = @_;
+ my ($result,%returnhash,%whatneeded);
+ if (ref($whathash) eq 'HASH') {
+ foreach my $what (sort(keys(%{$whathash}))) {
+ my $hashid = $lonhost.'-'.$what;
+ my ($response,$cached);
+ unless ($ignore_cache) {
+ ($response,$cached)=&is_cached_new('lonnetglobal',$hashid);
+ }
+ if (defined($cached)) {
+ $returnhash{$what} = $response;
+ } else {
+ $whatneeded{$what} = 1;
+ }
+ }
+ if (keys(%whatneeded) == 0) {
+ $result = 'ok';
+ } else {
+ my $requested = &freeze_escape(\%whatneeded);
+ my $rep=&reply('readlonnetglobal:'.$requested,$lonhost);
+ if (($rep=~/^(refused|rejected|error)/) || ($rep eq 'con_lost') ||
+ ($rep eq 'unknown_cmd')) {
+ $result = $rep;
+ } else {
+ $result = 'ok';
+ my @pairs=split(/\&/,$rep);
+ foreach my $item (@pairs) {
+ my ($key,$value)=split(/=/,$item,2);
+ my $what = &unescape($key);
+ my $hashid = $lonhost.'-'.$what;
+ $returnhash{$what}=&thaw_unescape($value);
+ &do_cache_new('lonnetglobal',$hashid,$returnhash{$what},600);
+ }
+ }
+ }
+ }
+ return ($result,\%returnhash);
+}
+
+sub remote_devalidate_cache {
+ my ($lonhost,$cachekeys) = @_;
+ my $items;
+ return unless (ref($cachekeys) eq 'ARRAY');
+ my $cachestr = join('&',@{$cachekeys});
+ my $response = &reply('devalidatecache:'.&escape($cachestr),$lonhost);
+ return $response;
+}
+
# -------------------------------------------------- Non-critical communication
sub subreply {
my ($cmd,$server)=@_;
- my $peerfile="$perlvar{'lonSockDir'}/$server";
- my $client=IO::Socket::UNIX->new(Peer =>"$peerfile",
- Type => SOCK_STREAM,
- Timeout => 10)
- or return "con_lost";
- print $client "$cmd\n";
- my $answer=<$client>;
- if (!$answer) { $answer="con_lost"; }
- chomp($answer);
+ my $peerfile="$perlvar{'lonSockDir'}/".&hostname($server);
+ #
+ # With loncnew process trimming, there's a timing hole between lonc server
+ # process exit and the master server picking up the listen on the AF_UNIX
+ # socket. In that time interval, a lock file will exist:
+
+ my $lockfile=$peerfile.".lock";
+ while (-e $lockfile) { # Need to wait for the lockfile to disappear.
+ sleep(0.1);
+ }
+ # At this point, either a loncnew parent is listening or an old lonc
+ # or loncnew child is listening so we can connect or everything's dead.
+ #
+ # We'll give the connection a few tries before abandoning it. If
+ # connection is not possible, we'll con_lost back to the client.
+ #
+ my $client;
+ for (my $retries = 0; $retries < $max_connection_retries; $retries++) {
+ $client=IO::Socket::UNIX->new(Peer =>"$peerfile",
+ Type => SOCK_STREAM,
+ Timeout => 10);
+ if ($client) {
+ last; # Connected!
+ } else {
+ &create_connection(&hostname($server),$server);
+ }
+ sleep(0.1); # Try again later if failed connection.
+ }
+ my $answer;
+ if ($client) {
+ print $client "sethost:$server:$cmd\n";
+ $answer=<$client>;
+ if (!$answer) { $answer="con_lost"; }
+ chomp($answer);
+ } else {
+ $answer = 'con_lost'; # Failed connection.
+ }
return $answer;
}
sub reply {
my ($cmd,$server)=@_;
- unless (defined($hostname{$server})) { return 'no_such_host'; }
+ unless (defined(&hostname($server))) { return 'no_such_host'; }
my $answer=subreply($cmd,$server);
- if ($answer eq 'con_lost') {
- sleep 5;
- $answer=subreply($cmd,$server);
- if ($answer eq 'con_lost') {
- &logthis("Second attempt con_lost on $server");
- my $peerfile="$perlvar{'lonSockDir'}/$server";
- my $client=IO::Socket::UNIX->new(Peer =>"$peerfile",
- Type => SOCK_STREAM,
- Timeout => 10)
- or return "con_lost";
- &logthis("Killing socket");
- print $client "close_connection_exit\n";
- sleep 5;
- $answer=subreply($cmd,$server);
- }
- }
if (($answer=~/^refused/) || ($answer=~/^rejected/)) {
- &logthis("WARNING:".
+ &logthis("WARNING:".
" $cmd to $server returned $answer");
}
return $answer;
@@ -165,29 +461,40 @@ sub reply {
# ----------------------------------------------------------- Send USR1 to lonc
sub reconlonc {
- my $peerfile=shift;
- &logthis("Trying to reconnect for $peerfile");
+ my ($lonid) = @_;
+ if ($lonid) {
+ my $hostname = &hostname($lonid);
+ my $peerfile="$perlvar{'lonSockDir'}/$hostname";
+ if ($hostname && -e $peerfile) {
+ &logthis("Trying to reconnect lonc for $lonid ($hostname)");
+ my $client=IO::Socket::UNIX->new(Peer => $peerfile,
+ Type => SOCK_STREAM,
+ Timeout => 10);
+ if ($client) {
+ print $client ("reset_retries\n");
+ my $answer=<$client>;
+ #reset just this one.
+ }
+ }
+ return;
+ }
+
+ &logthis("Trying to reconnect lonc");
my $loncfile="$perlvar{'lonDaemons'}/logs/lonc.pid";
- if (my $fh=Apache::File->new("$loncfile")) {
+ if (open(my $fh,"<$loncfile")) {
my $loncpid=<$fh>;
chomp($loncpid);
if (kill 0 => $loncpid) {
&logthis("lonc at pid $loncpid responding, sending USR1");
kill USR1 => $loncpid;
sleep 1;
- if (-e "$peerfile") { return; }
- &logthis("$peerfile still not there, give it another try");
- sleep 5;
- if (-e "$peerfile") { return; }
- &logthis(
- "WARNING: $peerfile still not there, giving up");
} else {
&logthis(
- "WARNING:".
+ "WARNING:".
" lonc at pid $loncpid not responding, giving up");
}
} else {
- &logthis('WARNING: lonc not running, giving up');
+ &logthis('WARNING: lonc not running, giving up');
}
}
@@ -195,47 +502,47 @@ sub reconlonc {
sub critical {
my ($cmd,$server)=@_;
- unless ($hostname{$server}) {
- &logthis("WARNING:".
+ unless (&hostname($server)) {
+ &logthis("WARNING:".
" Critical message to unknown server ($server)");
return 'no_such_host';
}
my $answer=reply($cmd,$server);
if ($answer eq 'con_lost') {
- my $pingreply=reply('ping',$server);
- &reconlonc("$perlvar{'lonSockDir'}/$server");
- my $pongreply=reply('pong',$server);
- &logthis("Ping/Pong for $server: $pingreply/$pongreply");
- $answer=reply($cmd,$server);
+ &reconlonc($server);
+ my $answer=reply($cmd,$server);
if ($answer eq 'con_lost') {
my $now=time;
my $middlename=$cmd;
$middlename=substr($middlename,0,16);
$middlename=~s/\W//g;
my $dfilename=
- "$perlvar{'lonSockDir'}/delayed/$now.$middlename.$server";
+ "$perlvar{'lonSockDir'}/delayed/$now.$dumpcount.$$.$middlename.$server";
+ $dumpcount++;
{
- my $dfh;
- if ($dfh=Apache::File->new(">$dfilename")) {
- print $dfh "$cmd\n";
- }
+ my $dfh;
+ if (open($dfh,">$dfilename")) {
+ print $dfh "$cmd\n";
+ close($dfh);
+ }
}
- sleep 2;
+ sleep 1;
my $wcmd='';
{
- my $dfh;
- if ($dfh=Apache::File->new("$dfilename")) {
- $wcmd=<$dfh>;
- }
+ my $dfh;
+ if (open($dfh,"<$dfilename")) {
+ $wcmd=<$dfh>;
+ close($dfh);
+ }
}
chomp($wcmd);
if ($wcmd eq $cmd) {
- &logthis("WARNING: ".
+ &logthis("WARNING: ".
"Connection buffer $dfilename: $cmd");
&logperm("D:$server:$cmd");
return 'con_delayed';
} else {
- &logthis("CRITICAL:"
+ &logthis("CRITICAL:"
." Critical connection failed: $server $cmd");
&logperm("F:$server:$cmd");
return 'con_failed';
@@ -245,132 +552,512 @@ sub critical {
return $answer;
}
-# ---------------------------------------------------------- Append Environment
+# ------------------------------------------- check if return value is an error
-sub appenv {
- my %newenv=@_;
- foreach (keys %newenv) {
- if (($newenv{$_}=~/^user\.role/) || ($newenv{$_}=~/^user\.priv/)) {
- &logthis("WARNING: ".
- "Attempt to modify environment ".$_." to ".$newenv{$_}
- .'');
- delete($newenv{$_});
- } else {
- $ENV{$_}=$newenv{$_};
- }
+sub error {
+ my ($result) = @_;
+ if ($result =~ /^(con_lost|no_such_host|error: (\d+) (.*))/) {
+ if ($2 == 2) { return undef; }
+ return $1;
+ }
+ return undef;
+}
+
+sub convert_and_load_session_env {
+ my ($lonidsdir,$handle)=@_;
+ my @profile;
+ {
+ my $opened = open(my $idf,'+<',"$lonidsdir/$handle.id");
+ if (!$opened) {
+ return 0;
+ }
+ flock($idf,LOCK_SH);
+ @profile=<$idf>;
+ close($idf);
+ }
+ my %temp_env;
+ foreach my $line (@profile) {
+ if ($line !~ m/=/) {
+ return 0;
+ }
+ chomp($line);
+ my ($envname,$envvalue)=split(/=/,$line,2);
+ $temp_env{&unescape($envname)} = &unescape($envvalue);
+ }
+ unlink("$lonidsdir/$handle.id");
+ if (tie(my %disk_env,'GDBM_File',"$lonidsdir/$handle.id",&GDBM_WRCREAT(),
+ 0640)) {
+ %disk_env = %temp_env;
+ @env{keys(%temp_env)} = @disk_env{keys(%temp_env)};
+ untie(%disk_env);
}
+ return 1;
+}
+
+# ------------------------------------------- Transfer profile into environment
+my $env_loaded;
+sub transfer_profile_to_env {
+ my ($lonidsdir,$handle,$force_transfer) = @_;
+ if (!$force_transfer && $env_loaded) { return; }
- my $lockfh;
- unless ($lockfh=Apache::File->new("$ENV{'user.environment'}")) {
- return 'error: '.$!;
+ if (!defined($lonidsdir)) {
+ $lonidsdir = $perlvar{'lonIDsDir'};
}
- unless (flock($lockfh,LOCK_EX)) {
- &logthis("WARNING: ".
- 'Could not obtain exclusive lock in appenv: '.$!);
- $lockfh->close();
- return 'error: '.$!;
+ if (!defined($handle)) {
+ ($handle) = ($env{'user.environment'} =~m|/([^/]+)\.id$| );
}
- my @oldenv;
+ my $convert;
{
- my $fh;
- unless ($fh=Apache::File->new("$ENV{'user.environment'}")) {
- return 'error: '.$!;
- }
- @oldenv=<$fh>;
- $fh->close();
- }
- for (my $i=0; $i<=$#oldenv; $i++) {
- chomp($oldenv[$i]);
- if ($oldenv[$i] ne '') {
- my ($name,$value)=split(/=/,$oldenv[$i]);
- unless (defined($newenv{$name})) {
- $newenv{$name}=$value;
- }
+ my $opened = open(my $idf,'+<',"$lonidsdir/$handle.id");
+ if (!$opened) {
+ return;
+ }
+ flock($idf,LOCK_SH);
+ if (tie(my %disk_env,'GDBM_File',"$lonidsdir/$handle.id",
+ &GDBM_READER(),0640)) {
+ @env{keys(%disk_env)} = @disk_env{keys(%disk_env)};
+ untie(%disk_env);
+ } else {
+ $convert = 1;
+ }
+ }
+ if ($convert) {
+ if (!&convert_and_load_session_env($lonidsdir,$handle)) {
+ &logthis("Failed to load session, or convert session.");
+ }
+ }
+
+ my %remove;
+ while ( my $envname = each(%env) ) {
+ if (my ($key,$time) = ($envname =~ /^(cgi\.(\d+)_\d+\.)/)) {
+ if ($time < time-300) {
+ $remove{$key}++;
+ }
}
}
- {
- my $fh;
- unless ($fh=Apache::File->new(">$ENV{'user.environment'}")) {
- return 'error';
- }
- my $newname;
- foreach $newname (keys %newenv) {
- print $fh "$newname=$newenv{$newname}\n";
- }
- $fh->close();
+
+ $env{'user.environment'} = "$lonidsdir/$handle.id";
+ $env_loaded=1;
+ foreach my $expired_key (keys(%remove)) {
+ &delenv($expired_key);
+ }
+}
+
+# ---------------------------------------------------- Check for valid session
+sub check_for_valid_session {
+ my ($r,$name,$userhashref) = @_;
+ my %cookies=CGI::Cookie->parse($r->header_in('Cookie'));
+ if ($name eq '') {
+ $name = 'lonID';
+ }
+ my $lonid=$cookies{$name};
+ return undef if (!$lonid);
+
+ my $handle=&LONCAPA::clean_handle($lonid->value);
+ my $lonidsdir;
+ if ($name eq 'lonDAV') {
+ $lonidsdir=$r->dir_config('lonDAVsessDir');
+ } else {
+ $lonidsdir=$r->dir_config('lonIDsDir');
+ }
+ return undef if (!-e "$lonidsdir/$handle.id");
+
+ my $opened = open(my $idf,'+<',"$lonidsdir/$handle.id");
+ return undef if (!$opened);
+
+ flock($idf,LOCK_SH);
+ my %disk_env;
+ if (!tie(%disk_env,'GDBM_File',"$lonidsdir/$handle.id",
+ &GDBM_READER(),0640)) {
+ return undef;
+ }
+
+ if (!defined($disk_env{'user.name'})
+ || !defined($disk_env{'user.domain'})) {
+ return undef;
}
- $lockfh->close();
+ if (ref($userhashref) eq 'HASH') {
+ $userhashref->{'name'} = $disk_env{'user.name'};
+ $userhashref->{'domain'} = $disk_env{'user.domain'};
+ }
+
+ return $handle;
+}
+
+sub timed_flock {
+ my ($file,$lock_type) = @_;
+ my $failed=0;
+ eval {
+ local $SIG{__DIE__}='DEFAULT';
+ local $SIG{ALRM}=sub {
+ $failed=1;
+ die("failed lock");
+ };
+ alarm(13);
+ flock($file,$lock_type);
+ alarm(0);
+ };
+ if ($failed) {
+ return undef;
+ } else {
+ return 1;
+ }
+}
+
+# ---------------------------------------------------------- Append Environment
+
+sub appenv {
+ my ($newenv,$roles) = @_;
+ if (ref($newenv) eq 'HASH') {
+ foreach my $key (keys(%{$newenv})) {
+ my $refused = 0;
+ if (($key =~ /^user\.role/) || ($key =~ /^user\.priv/)) {
+ $refused = 1;
+ if (ref($roles) eq 'ARRAY') {
+ my ($type,$role) = ($key =~ m{^user\.(role|priv)\.(.+?)\./});
+ if (grep(/^\Q$role\E$/,@{$roles})) {
+ $refused = 0;
+ }
+ }
+ }
+ if ($refused) {
+ &logthis("WARNING: ".
+ "Attempt to modify environment ".$key." to ".$newenv->{$key}
+ .'');
+ delete($newenv->{$key});
+ } else {
+ $env{$key}=$newenv->{$key};
+ }
+ }
+ my $opened = open(my $env_file,'+<',$env{'user.environment'});
+ if ($opened
+ && &timed_flock($env_file,LOCK_EX)
+ &&
+ tie(my %disk_env,'GDBM_File',$env{'user.environment'},
+ (&GDBM_WRITER()|&GDBM_NOLOCK()),0640)) {
+ while (my ($key,$value) = each(%{$newenv})) {
+ $disk_env{$key} = $value;
+ }
+ untie(%disk_env);
+ }
+ }
return 'ok';
}
# ----------------------------------------------------- Delete from Environment
sub delenv {
- my $delthis=shift;
- my %newenv=();
- if (($delthis=~/user\.role/) || ($delthis=~/user\.priv/)) {
- &logthis("WARNING: ".
- "Attempt to delete from environment ".$delthis);
- return 'error';
+ my ($delthis,$regexp,$roles) = @_;
+ if (($delthis=~/^user\.role/) || ($delthis=~/^user\.priv/)) {
+ my $refused = 1;
+ if (ref($roles) eq 'ARRAY') {
+ my ($type,$role) = ($delthis =~ /^user\.(role|priv)\.([^.]+)\./);
+ if (grep(/^\Q$role\E$/,@{$roles})) {
+ $refused = 0;
+ }
+ }
+ if ($refused) {
+ &logthis("WARNING: ".
+ "Attempt to delete from environment ".$delthis);
+ return 'error';
+ }
}
- my @oldenv;
- {
- my $fh;
- unless ($fh=Apache::File->new("$ENV{'user.environment'}")) {
- return 'error';
- }
- unless (flock($fh,LOCK_SH)) {
- &logthis("WARNING: ".
- 'Could not obtain shared lock in delenv: '.$!);
- $fh->close();
- return 'error: '.$!;
- }
- @oldenv=<$fh>;
- $fh->close();
+ my $opened = open(my $env_file,'+<',$env{'user.environment'});
+ if ($opened
+ && &timed_flock($env_file,LOCK_EX)
+ &&
+ tie(my %disk_env,'GDBM_File',$env{'user.environment'},
+ (&GDBM_WRITER()|&GDBM_NOLOCK()),0640)) {
+ foreach my $key (keys(%disk_env)) {
+ if ($regexp) {
+ if ($key=~/^$delthis/) {
+ delete($env{$key});
+ delete($disk_env{$key});
+ }
+ } else {
+ if ($key=~/^\Q$delthis\E/) {
+ delete($env{$key});
+ delete($disk_env{$key});
+ }
+ }
+ }
+ untie(%disk_env);
+ }
+ return 'ok';
+}
+
+sub get_env_multiple {
+ my ($name) = @_;
+ my @values;
+ if (defined($env{$name})) {
+ # exists is it an array
+ if (ref($env{$name})) {
+ @values=@{ $env{$name} };
+ } else {
+ $values[0]=$env{$name};
+ }
+ }
+ return(@values);
+}
+
+# ------------------------------------------------------------------- Locking
+
+sub set_lock {
+ my ($text)=@_;
+ $locknum++;
+ my $id=$$.'-'.$locknum;
+ &appenv({'session.locks' => $env{'session.locks'}.','.$id,
+ 'session.lock.'.$id => $text});
+ return $id;
+}
+
+sub get_locks {
+ my $num=0;
+ my %texts=();
+ foreach my $lock (split(/\,/,$env{'session.locks'})) {
+ if ($lock=~/\w/) {
+ $num++;
+ $texts{$lock}=$env{'session.lock.'.$lock};
+ }
+ }
+ return ($num,%texts);
+}
+
+sub remove_lock {
+ my ($id)=@_;
+ my $newlocks='';
+ foreach my $lock (split(/\,/,$env{'session.locks'})) {
+ if (($lock=~/\w/) && ($lock ne $id)) {
+ $newlocks.=','.$lock;
+ }
}
+ &appenv({'session.locks' => $newlocks});
+ &delenv('session.lock.'.$id);
+}
+
+sub remove_all_locks {
+ my $activelocks=$env{'session.locks'};
+ foreach my $lock (split(/\,/,$env{'session.locks'})) {
+ if ($lock=~/\w/) {
+ &remove_lock($lock);
+ }
+ }
+}
+
+
+# ------------------------------------------ Find out current server userload
+sub userload {
+ my $numusers=0;
{
- my $fh;
- unless ($fh=Apache::File->new(">$ENV{'user.environment'}")) {
- return 'error';
- }
- unless (flock($fh,LOCK_EX)) {
- &logthis("WARNING: ".
- 'Could not obtain exclusive lock in delenv: '.$!);
- $fh->close();
- return 'error: '.$!;
- }
- foreach (@oldenv) {
- unless ($_=~/^$delthis/) { print $fh $_; }
- }
- $fh->close();
+ opendir(LONIDS,$perlvar{'lonIDsDir'});
+ my $filename;
+ my $curtime=time;
+ while ($filename=readdir(LONIDS)) {
+ next if ($filename eq '.' || $filename eq '..');
+ next if ($filename =~ /publicuser_\d+\.id/);
+ my ($mtime)=(stat($perlvar{'lonIDsDir'}.'/'.$filename))[9];
+ if ($curtime-$mtime < 1800) { $numusers++; }
+ }
+ closedir(LONIDS);
}
- return 'ok';
+ my $userloadpercent=0;
+ my $maxuserload=$perlvar{'lonUserLoadLim'};
+ if ($maxuserload) {
+ $userloadpercent=100*$numusers/$maxuserload;
+ }
+ $userloadpercent=sprintf("%.2f",$userloadpercent);
+ return $userloadpercent;
}
# ------------------------------ Find server with least workload from spare.tab
sub spareserver {
- my $tryserver;
- my $spareserver='';
- my $lowestserver=100;
- foreach $tryserver (keys %spareid) {
- my $answer=reply('load',$tryserver);
- if (($answer =~ /\d/) && ($answer<$lowestserver)) {
- $spareserver="http://$hostname{$tryserver}";
- $lowestserver=$answer;
- }
- }
- return $spareserver;
+ my ($loadpercent,$userloadpercent,$want_server_name,$udom) = @_;
+ my $spare_server;
+ if ($userloadpercent !~ /\d/) { $userloadpercent=0; }
+ my $lowest_load=($loadpercent > $userloadpercent) ? $loadpercent
+ : $userloadpercent;
+ my ($uint_dom,$remotesessions);
+ if (($udom ne '') && (&domain($udom) ne '')) {
+ my $uprimary_id = &Apache::lonnet::domain($udom,'primary');
+ $uint_dom = &Apache::lonnet::internet_dom($uprimary_id);
+ my %udomdefaults = &Apache::lonnet::get_domain_defaults($udom);
+ $remotesessions = $udomdefaults{'remotesessions'};
+ }
+ my $spareshash = &this_host_spares($udom);
+ if (ref($spareshash) eq 'HASH') {
+ if (ref($spareshash->{'primary'}) eq 'ARRAY') {
+ foreach my $try_server (@{ $spareshash->{'primary'} }) {
+ next unless (&spare_can_host($udom,$uint_dom,$remotesessions,
+ $try_server));
+ ($spare_server, $lowest_load) =
+ &compare_server_load($try_server, $spare_server, $lowest_load);
+ }
+ }
+
+ my $found_server = ($spare_server ne '' && $lowest_load < 100);
+
+ if (!$found_server) {
+ if (ref($spareshash->{'default'}) eq 'ARRAY') {
+ foreach my $try_server (@{ $spareshash->{'default'} }) {
+ next unless (&spare_can_host($udom,$uint_dom,
+ $remotesessions,$try_server));
+ ($spare_server, $lowest_load) =
+ &compare_server_load($try_server, $spare_server, $lowest_load);
+ }
+ }
+ }
+ }
+
+ if (!$want_server_name) {
+ my $protocol = 'http';
+ if ($protocol{$spare_server} eq 'https') {
+ $protocol = $protocol{$spare_server};
+ }
+ if (defined($spare_server)) {
+ my $hostname = &hostname($spare_server);
+ if (defined($hostname)) {
+ $spare_server = $protocol.'://'.$hostname;
+ }
+ }
+ }
+ return $spare_server;
+}
+
+sub compare_server_load {
+ my ($try_server, $spare_server, $lowest_load, $required) = @_;
+
+ if ($required) {
+ my ($reqdmajor,$reqdminor) = ($required =~ /^(\d+)\.(\d+)$/);
+ my $remoterev = &get_server_loncaparev(undef,$try_server);
+ my ($major,$minor) = ($remoterev =~ /^\'?(\d+)\.(\d+)\.[\w.\-]+\'?$/);
+ if (($major eq '' && $minor eq '') ||
+ (($reqdmajor > $major) || (($reqdmajor == $major) && ($reqdminor > $minor)))) {
+ return ($spare_server,$lowest_load);
+ }
+ }
+
+ my $loadans = &reply('load', $try_server);
+ my $userloadans = &reply('userload',$try_server);
+
+ if ($loadans !~ /\d/ && $userloadans !~ /\d/) {
+ return ($spare_server, $lowest_load); #didn't get a number from the server
+ }
+
+ my $load;
+ if ($loadans =~ /\d/) {
+ if ($userloadans =~ /\d/) {
+ #both are numbers, pick the bigger one
+ $load = ($loadans > $userloadans) ? $loadans
+ : $userloadans;
+ } else {
+ $load = $loadans;
+ }
+ } else {
+ $load = $userloadans;
+ }
+
+ if (($load =~ /\d/) && ($load < $lowest_load)) {
+ $spare_server = $try_server;
+ $lowest_load = $load;
+ }
+ return ($spare_server,$lowest_load);
+}
+
+# --------------------------- ask offload servers if user already has a session
+sub find_existing_session {
+ my ($udom,$uname) = @_;
+ my $spareshash = &this_host_spares($udom);
+ if (ref($spareshash) eq 'HASH') {
+ if (ref($spareshash->{'primary'}) eq 'ARRAY') {
+ foreach my $try_server (@{ $spareshash->{'primary'} }) {
+ return $try_server if (&has_user_session($try_server, $udom, $uname));
+ }
+ }
+ if (ref($spareshash->{'default'}) eq 'ARRAY') {
+ foreach my $try_server (@{ $spareshash->{'default'} }) {
+ return $try_server if (&has_user_session($try_server, $udom, $uname));
+ }
+ }
+ }
+ return;
+}
+
+# -------------------------------- ask if server already has a session for user
+sub has_user_session {
+ my ($lonid,$udom,$uname) = @_;
+ my $result = &reply(join(':','userhassession',
+ map {&escape($_)} ($udom,$uname)),$lonid);
+ return 1 if ($result eq 'ok');
+
+ return 0;
+}
+
+# --------- determine least loaded server in a user's domain which allows login
+
+sub choose_server {
+ my ($udom,$checkloginvia,$required,$skiploadbal) = @_;
+ my %domconfhash = &Apache::loncommon::get_domainconf($udom);
+ my %servers = &get_servers($udom);
+ my $lowest_load = 30000;
+ my ($login_host,$hostname,$portal_path,$isredirect,$balancers);
+ if ($skiploadbal) {
+ ($balancers,my $cached)=&is_cached_new('loadbalancing',$udom);
+ unless (defined($cached)) {
+ my $cachetime = 60*60*24;
+ my %domconfig =
+ &Apache::lonnet::get_dom('configuration',['loadbalancing'],$udom);
+ if (ref($domconfig{'loadbalancing'}) eq 'HASH') {
+ $balancers = &do_cache_new('loadbalancing',$udom,$domconfig{'loadbalancing'},
+ $cachetime);
+ }
+ }
+ }
+ foreach my $lonhost (keys(%servers)) {
+ if ($skiploadbal) {
+ if (ref($balancers) eq 'HASH') {
+ next if (exists($balancers->{$lonhost}));
+ }
+ }
+ my $loginvia;
+ if ($checkloginvia) {
+ $loginvia = $domconfhash{$udom.'.login.loginvia_'.$lonhost};
+ if ($loginvia) {
+ my ($server,$path) = split(/:/,$loginvia);
+ ($login_host, $lowest_load) =
+ &compare_server_load($server, $login_host, $lowest_load, $required);
+ if ($login_host eq $server) {
+ $portal_path = $path;
+ $isredirect = 1;
+ }
+ } else {
+ ($login_host, $lowest_load) =
+ &compare_server_load($lonhost, $login_host, $lowest_load, $required);
+ if ($login_host eq $lonhost) {
+ $portal_path = '';
+ $isredirect = '';
+ }
+ }
+ } else {
+ ($login_host, $lowest_load) =
+ &compare_server_load($lonhost, $login_host, $lowest_load, $required);
+ }
+ }
+ if ($login_host ne '') {
+ $hostname = &hostname($login_host);
+ }
+ return ($login_host,$hostname,$portal_path,$isredirect);
}
# --------------------------------------------- Try to change a user's password
sub changepass {
- my ($uname,$udom,$currentpass,$newpass,$server)=@_;
+ my ($uname,$udom,$currentpass,$newpass,$server,$context)=@_;
$currentpass = &escape($currentpass);
$newpass = &escape($newpass);
- my $answer = reply("encrypt:passwd:$udom:$uname:$currentpass:$newpass",
+ my $lonhost = $perlvar{'lonHostID'};
+ my $answer = reply("encrypt:passwd:$udom:$uname:$currentpass:$newpass:$context:$lonhost",
$server);
if (! $answer) {
&logthis("No reply on password change request to $server ".
@@ -395,6 +1082,9 @@ sub changepass {
} elsif ($answer =~ "^refused") {
&logthis("$server refused to change $uname in $udom password because ".
"it was sent an unencrypted request to change the password.");
+ } elsif ($answer =~ "invalid_client") {
+ &logthis("$server refused to change $uname in $udom password because ".
+ "it was a reset by e-mail originating from an invalid server.");
}
return $answer;
}
@@ -403,126 +1093,555 @@ sub changepass {
sub queryauthenticate {
my ($uname,$udom)=@_;
- if (($perlvar{'lonRole'} eq 'library') &&
- ($udom eq $perlvar{'lonDefDomain'})) {
- my $answer=reply("encrypt:currentauth:$udom:$uname",
- $perlvar{'lonHostID'});
- unless ($answer eq 'unknown_user' or $answer eq 'refused') {
- if (length($answer)) {
- return $answer;
- }
- else {
- &logthis("User $uname at $udom lacks an authentication mechanism");
- return 'no_host';
- }
- }
+ my $uhome=&homeserver($uname,$udom);
+ if (!$uhome) {
+ &logthis("User $uname at $udom is unknown when looking for authentication mechanism");
+ return 'no_host';
+ }
+ my $answer=reply("encrypt:currentauth:$udom:$uname",$uhome);
+ if ($answer =~ /^(unknown_user|refused|con_lost)/) {
+ &logthis("User $uname at $udom threw error $answer when checking authentication mechanism");
}
+ return $answer;
+}
- my $tryserver;
- foreach $tryserver (keys %libserv) {
- if ($hostdom{$tryserver} eq $udom) {
- my $answer=reply("encrypt:currentauth:$udom:$uname",$tryserver);
- unless ($answer eq 'unknown_user' or $answer eq 'refused') {
- if (length($answer)) {
- return $answer;
- }
- else {
- &logthis("User $uname at $udom lacks an authentication mechanism");
- return 'no_host';
- }
- }
- }
+# --------- Try to authenticate user from domain's lib servers (first this one)
+
+sub authenticate {
+ my ($uname,$upass,$udom,$checkdefauth,$clientcancheckhost)=@_;
+ $upass=&escape($upass);
+ $uname= &LONCAPA::clean_username($uname);
+ my $uhome=&homeserver($uname,$udom,1);
+ my $newhome;
+ if ((!$uhome) || ($uhome eq 'no_host')) {
+# Maybe the machine was offline and only re-appeared again recently?
+ &reconlonc();
+# One more
+ $uhome=&homeserver($uname,$udom,1);
+ if (($uhome eq 'no_host') && $checkdefauth) {
+ if (defined(&domain($udom,'primary'))) {
+ $newhome=&domain($udom,'primary');
+ }
+ if ($newhome ne '') {
+ $uhome = $newhome;
+ }
+ }
+ if ((!$uhome) || ($uhome eq 'no_host')) {
+ &logthis("User $uname at $udom is unknown in authenticate");
+ return 'no_host';
+ }
+ }
+ my $answer=reply("encrypt:auth:$udom:$uname:$upass:$checkdefauth:$clientcancheckhost",$uhome);
+ if ($answer eq 'authorized') {
+ if ($newhome) {
+ &logthis("User $uname at $udom authorized by $uhome, but needs account");
+ return 'no_account_on_host';
+ } else {
+ &logthis("User $uname at $udom authorized by $uhome");
+ return $uhome;
+ }
+ }
+ if ($answer eq 'non_authorized') {
+ &logthis("User $uname at $udom rejected by $uhome");
+ return 'no_host';
}
- &logthis("User $uname at $udom lacks an authentication mechanism");
+ &logthis("User $uname at $udom threw error $answer when checking authentication mechanism");
return 'no_host';
}
-# --------- Try to authenticate user from domain's lib servers (first this one)
+sub can_host_session {
+ my ($udom,$lonhost,$remoterev,$remotesessions,$hostedsessions) = @_;
+ my $canhost = 1;
+ my $host_idn = &Apache::lonnet::internet_dom($lonhost);
+ if (ref($remotesessions) eq 'HASH') {
+ if (ref($remotesessions->{'excludedomain'}) eq 'ARRAY') {
+ if (grep(/^\Q$host_idn\E$/,@{$remotesessions->{'excludedomain'}})) {
+ $canhost = 0;
+ } else {
+ $canhost = 1;
+ }
+ }
+ if (ref($remotesessions->{'includedomain'}) eq 'ARRAY') {
+ if (grep(/^\Q$host_idn\E$/,@{$remotesessions->{'includedomain'}})) {
+ $canhost = 1;
+ } else {
+ $canhost = 0;
+ }
+ }
+ if ($canhost) {
+ if ($remotesessions->{'version'} ne '') {
+ my ($reqmajor,$reqminor) = ($remotesessions->{'version'} =~ /^(\d+)\.(\d+)$/);
+ if ($reqmajor ne '' && $reqminor ne '') {
+ if ($remoterev =~ /^\'?(\d+)\.(\d+)/) {
+ my $major = $1;
+ my $minor = $2;
+ if (($major < $reqmajor ) ||
+ (($major == $reqmajor) && ($minor < $reqminor))) {
+ $canhost = 0;
+ }
+ } else {
+ $canhost = 0;
+ }
+ }
+ }
+ }
+ }
+ if ($canhost) {
+ if (ref($hostedsessions) eq 'HASH') {
+ my $uprimary_id = &Apache::lonnet::domain($udom,'primary');
+ my $uint_dom = &Apache::lonnet::internet_dom($uprimary_id);
+ if (ref($hostedsessions->{'excludedomain'}) eq 'ARRAY') {
+ if (($uint_dom ne '') &&
+ (grep(/^\Q$uint_dom\E$/,@{$hostedsessions->{'excludedomain'}}))) {
+ $canhost = 0;
+ } else {
+ $canhost = 1;
+ }
+ }
+ if (ref($hostedsessions->{'includedomain'}) eq 'ARRAY') {
+ if (($uint_dom ne '') &&
+ (grep(/^\Q$uint_dom\E$/,@{$hostedsessions->{'includedomain'}}))) {
+ $canhost = 1;
+ } else {
+ $canhost = 0;
+ }
+ }
+ }
+ }
+ return $canhost;
+}
-sub authenticate {
- my ($uname,$upass,$udom)=@_;
- $upass=escape($upass);
- $uname=~s/\W//g;
- if (($perlvar{'lonRole'} eq 'library') &&
- ($udom eq $perlvar{'lonDefDomain'})) {
- my $answer=reply("encrypt:auth:$udom:$uname:$upass",$perlvar{'lonHostID'});
- if ($answer =~ /authorized/) {
- if ($answer eq 'authorized') {
- &logthis("User $uname at $udom authorized by local server");
- return $perlvar{'lonHostID'};
- }
- if ($answer eq 'non_authorized') {
- &logthis("User $uname at $udom rejected by local server");
- return 'no_host';
- }
- }
+sub spare_can_host {
+ my ($udom,$uint_dom,$remotesessions,$try_server)=@_;
+ my $canhost=1;
+ my $try_server_hostname = &hostname($try_server);
+ my $serverhomeID = &get_server_homeID($try_server_hostname);
+ my $serverhomedom = &host_domain($serverhomeID);
+ my %defdomdefaults = &get_domain_defaults($serverhomedom);
+ if (ref($defdomdefaults{'offloadnow'}) eq 'HASH') {
+ if ($defdomdefaults{'offloadnow'}{$try_server}) {
+ $canhost = 0;
+ }
}
+ if (($canhost) && ($uint_dom)) {
+ my @intdoms;
+ my $internet_names = &get_internet_names($try_server);
+ if (ref($internet_names) eq 'ARRAY') {
+ @intdoms = @{$internet_names};
+ }
+ unless (grep(/^\Q$uint_dom\E$/,@intdoms)) {
+ my $remoterev = &get_server_loncaparev(undef,$try_server);
+ $canhost = &can_host_session($udom,$try_server,$remoterev,
+ $remotesessions,
+ $defdomdefaults{'hostedsessions'});
+ }
+ }
+ return $canhost;
+}
- my $tryserver;
- foreach $tryserver (keys %libserv) {
- if ($hostdom{$tryserver} eq $udom) {
- my $answer=reply("encrypt:auth:$udom:$uname:$upass",$tryserver);
- if ($answer =~ /authorized/) {
- if ($answer eq 'authorized') {
- &logthis("User $uname at $udom authorized by $tryserver");
- return $tryserver;
- }
- if ($answer eq 'non_authorized') {
- &logthis("User $uname at $udom rejected by $tryserver");
- return 'no_host';
- }
- }
- }
+sub this_host_spares {
+ my ($dom) = @_;
+ my ($dom_in_use,$lonhost_in_use,$result);
+ my @hosts = ¤t_machine_ids();
+ foreach my $lonhost (@hosts) {
+ if (&host_domain($lonhost) eq $dom) {
+ $dom_in_use = $dom;
+ $lonhost_in_use = $lonhost;
+ last;
+ }
}
- &logthis("User $uname at $udom could not be authenticated");
- return 'no_host';
+ if ($dom_in_use ne '') {
+ $result = &spares_for_offload($dom_in_use,$lonhost_in_use);
+ }
+ if (ref($result) ne 'HASH') {
+ $lonhost_in_use = $perlvar{'lonHostID'};
+ $dom_in_use = &host_domain($lonhost_in_use);
+ $result = &spares_for_offload($dom_in_use,$lonhost_in_use);
+ if (ref($result) ne 'HASH') {
+ $result = \%spareid;
+ }
+ }
+ return $result;
+}
+
+sub spares_for_offload {
+ my ($dom_in_use,$lonhost_in_use) = @_;
+ my ($result,$cached)=&is_cached_new('spares',$dom_in_use);
+ if (defined($cached)) {
+ return $result;
+ } else {
+ my $cachetime = 60*60*24;
+ my %domconfig =
+ &Apache::lonnet::get_dom('configuration',['usersessions'],$dom_in_use);
+ if (ref($domconfig{'usersessions'}) eq 'HASH') {
+ if (ref($domconfig{'usersessions'}{'spares'}) eq 'HASH') {
+ if (ref($domconfig{'usersessions'}{'spares'}{$lonhost_in_use}) eq 'HASH') {
+ return &do_cache_new('spares',$dom_in_use,$domconfig{'usersessions'}{'spares'}{$lonhost_in_use},$cachetime);
+ }
+ }
+ }
+ }
+ return;
+}
+
+sub get_lonbalancer_config {
+ my ($servers) = @_;
+ my ($currbalancer,$currtargets);
+ if (ref($servers) eq 'HASH') {
+ foreach my $server (keys(%{$servers})) {
+ my %what = (
+ spareid => 1,
+ perlvar => 1,
+ );
+ my ($result,$returnhash) = &get_remote_globals($server,\%what);
+ if ($result eq 'ok') {
+ if (ref($returnhash) eq 'HASH') {
+ if (ref($returnhash->{'perlvar'}) eq 'HASH') {
+ if ($returnhash->{'perlvar'}->{'lonBalancer'} eq 'yes') {
+ $currbalancer = $server;
+ $currtargets = {};
+ if (ref($returnhash->{'spareid'}) eq 'HASH') {
+ if (ref($returnhash->{'spareid'}->{'primary'}) eq 'ARRAY') {
+ $currtargets->{'primary'} = $returnhash->{'spareid'}->{'primary'};
+ }
+ if (ref($returnhash->{'spareid'}->{'default'}) eq 'ARRAY') {
+ $currtargets->{'default'} = $returnhash->{'spareid'}->{'default'};
+ }
+ }
+ last;
+ }
+ }
+ }
+ }
+ }
+ }
+ return ($currbalancer,$currtargets);
+}
+
+sub check_loadbalancing {
+ my ($uname,$udom) = @_;
+ my ($is_balancer,$currtargets,$currrules,$dom_in_use,$homeintdom,
+ $rule_in_effect,$offloadto,$otherserver);
+ my $lonhost = $perlvar{'lonHostID'};
+ my @hosts = ¤t_machine_ids();
+ my $uprimary_id = &Apache::lonnet::domain($udom,'primary');
+ my $uintdom = &Apache::lonnet::internet_dom($uprimary_id);
+ my $intdom = &Apache::lonnet::internet_dom($lonhost);
+ my $serverhomedom = &host_domain($lonhost);
+ my $domneedscache;
+ my $cachetime = 60*60*24;
+
+ if (($uintdom ne '') && ($uintdom eq $intdom)) {
+ $dom_in_use = $udom;
+ $homeintdom = 1;
+ } else {
+ $dom_in_use = $serverhomedom;
+ }
+ my ($result,$cached)=&is_cached_new('loadbalancing',$dom_in_use);
+ unless (defined($cached)) {
+ my %domconfig =
+ &Apache::lonnet::get_dom('configuration',['loadbalancing'],$dom_in_use);
+ if (ref($domconfig{'loadbalancing'}) eq 'HASH') {
+ $result = &do_cache_new('loadbalancing',$dom_in_use,$domconfig{'loadbalancing'},$cachetime);
+ } else {
+ $domneedscache = $dom_in_use;
+ }
+ }
+ if (ref($result) eq 'HASH') {
+ ($is_balancer,$currtargets,$currrules) =
+ &check_balancer_result($result,@hosts);
+ if ($is_balancer) {
+ if (ref($currrules) eq 'HASH') {
+ if ($homeintdom) {
+ if ($uname ne '') {
+ if (($currrules->{'_LC_adv'} ne '') || ($currrules->{'_LC_author'} ne '')) {
+ my ($is_adv,$is_author) = &is_advanced_user($udom,$uname);
+ if (($currrules->{'_LC_author'} ne '') && ($is_author)) {
+ $rule_in_effect = $currrules->{'_LC_author'};
+ } elsif (($currrules->{'_LC_adv'} ne '') && ($is_adv)) {
+ $rule_in_effect = $currrules->{'_LC_adv'}
+ }
+ }
+ if ($rule_in_effect eq '') {
+ my %userenv = &userenvironment($udom,$uname,'inststatus');
+ if ($userenv{'inststatus'} ne '') {
+ my @statuses = map { &unescape($_); } split(/:/,$userenv{'inststatus'});
+ my ($othertitle,$usertypes,$types) =
+ &Apache::loncommon::sorted_inst_types($udom);
+ if (ref($types) eq 'ARRAY') {
+ foreach my $type (@{$types}) {
+ if (grep(/^\Q$type\E$/,@statuses)) {
+ if (exists($currrules->{$type})) {
+ $rule_in_effect = $currrules->{$type};
+ }
+ }
+ }
+ }
+ } else {
+ if (exists($currrules->{'default'})) {
+ $rule_in_effect = $currrules->{'default'};
+ }
+ }
+ }
+ } else {
+ if (exists($currrules->{'default'})) {
+ $rule_in_effect = $currrules->{'default'};
+ }
+ }
+ } else {
+ if ($currrules->{'_LC_external'} ne '') {
+ $rule_in_effect = $currrules->{'_LC_external'};
+ }
+ }
+ $offloadto = &get_loadbalancer_targets($rule_in_effect,$currtargets,
+ $uname,$udom);
+ }
+ }
+ } elsif (($homeintdom) && ($udom ne $serverhomedom)) {
+ ($result,$cached)=&is_cached_new('loadbalancing',$serverhomedom);
+ unless (defined($cached)) {
+ my %domconfig =
+ &Apache::lonnet::get_dom('configuration',['loadbalancing'],$serverhomedom);
+ if (ref($domconfig{'loadbalancing'}) eq 'HASH') {
+ $result = &do_cache_new('loadbalancing',$serverhomedom,$domconfig{'loadbalancing'},$cachetime);
+ } else {
+ $domneedscache = $serverhomedom;
+ }
+ }
+ if (ref($result) eq 'HASH') {
+ ($is_balancer,$currtargets,$currrules) =
+ &check_balancer_result($result,@hosts);
+ if ($is_balancer) {
+ if (ref($currrules) eq 'HASH') {
+ if ($currrules->{'_LC_internetdom'} ne '') {
+ $rule_in_effect = $currrules->{'_LC_internetdom'};
+ }
+ }
+ $offloadto = &get_loadbalancer_targets($rule_in_effect,$currtargets,
+ $uname,$udom);
+ }
+ } else {
+ if ($perlvar{'lonBalancer'} eq 'yes') {
+ $is_balancer = 1;
+ $offloadto = &this_host_spares($dom_in_use);
+ }
+ unless (defined($cached)) {
+ $domneedscache = $serverhomedom;
+ }
+ }
+ } else {
+ if ($perlvar{'lonBalancer'} eq 'yes') {
+ $is_balancer = 1;
+ $offloadto = &this_host_spares($dom_in_use);
+ }
+ unless (defined($cached)) {
+ $domneedscache = $serverhomedom;
+ }
+ }
+ if ($domneedscache) {
+ &do_cache_new('loadbalancing',$domneedscache,$is_balancer,$cachetime);
+ }
+ if ($is_balancer) {
+ my $lowest_load = 30000;
+ if (ref($offloadto) eq 'HASH') {
+ if (ref($offloadto->{'primary'}) eq 'ARRAY') {
+ foreach my $try_server (@{$offloadto->{'primary'}}) {
+ ($otherserver,$lowest_load) =
+ &compare_server_load($try_server,$otherserver,$lowest_load);
+ }
+ }
+ my $found_server = ($otherserver ne '' && $lowest_load < 100);
+
+ if (!$found_server) {
+ if (ref($offloadto->{'default'}) eq 'ARRAY') {
+ foreach my $try_server (@{$offloadto->{'default'}}) {
+ ($otherserver,$lowest_load) =
+ &compare_server_load($try_server,$otherserver,$lowest_load);
+ }
+ }
+ }
+ } elsif (ref($offloadto) eq 'ARRAY') {
+ if (@{$offloadto} == 1) {
+ $otherserver = $offloadto->[0];
+ } elsif (@{$offloadto} > 1) {
+ foreach my $try_server (@{$offloadto}) {
+ ($otherserver,$lowest_load) =
+ &compare_server_load($try_server,$otherserver,$lowest_load);
+ }
+ }
+ }
+ if (($otherserver ne '') && (grep(/^\Q$otherserver\E$/,@hosts))) {
+ $is_balancer = 0;
+ if ($uname ne '' && $udom ne '') {
+ if (($env{'user.name'} eq $uname) && ($env{'user.domain'} eq $udom)) {
+
+ &appenv({'user.loadbalexempt' => $lonhost,
+ 'user.loadbalcheck.time' => time});
+ }
+ }
+ }
+ }
+ return ($is_balancer,$otherserver);
+}
+
+sub check_balancer_result {
+ my ($result,@hosts) = @_;
+ my ($is_balancer,$currtargets,$currrules);
+ if (ref($result) eq 'HASH') {
+ if ($result->{'lonhost'} ne '') {
+ my $currbalancer = $result->{'lonhost'};
+ if (grep(/^\Q$currbalancer\E$/,@hosts)) {
+ $is_balancer = 1;
+ $currtargets = $result->{'targets'};
+ $currrules = $result->{'rules'};
+ }
+ } else {
+ foreach my $key (keys(%{$result})) {
+ if (($key ne '') && (grep(/^\Q$key\E$/,@hosts)) &&
+ (ref($result->{$key}) eq 'HASH')) {
+ $is_balancer = 1;
+ $currrules = $result->{$key}{'rules'};
+ $currtargets = $result->{$key}{'targets'};
+ last;
+ }
+ }
+ }
+ }
+ return ($is_balancer,$currtargets,$currrules);
+}
+
+sub get_loadbalancer_targets {
+ my ($rule_in_effect,$currtargets,$uname,$udom) = @_;
+ my $offloadto;
+ if ($rule_in_effect eq 'none') {
+ return [$perlvar{'lonHostID'}];
+ } elsif ($rule_in_effect eq '') {
+ $offloadto = $currtargets;
+ } else {
+ if ($rule_in_effect eq 'homeserver') {
+ my $homeserver = &homeserver($uname,$udom);
+ if ($homeserver ne 'no_host') {
+ $offloadto = [$homeserver];
+ }
+ } elsif ($rule_in_effect eq 'externalbalancer') {
+ my %domconfig =
+ &Apache::lonnet::get_dom('configuration',['loadbalancing'],$udom);
+ if (ref($domconfig{'loadbalancing'}) eq 'HASH') {
+ if ($domconfig{'loadbalancing'}{'lonhost'} ne '') {
+ if (&hostname($domconfig{'loadbalancing'}{'lonhost'}) ne '') {
+ $offloadto = [$domconfig{'loadbalancing'}{'lonhost'}];
+ }
+ }
+ } else {
+ my %servers = &internet_dom_servers($udom);
+ my ($remotebalancer,$remotetargets) = &get_lonbalancer_config(\%servers);
+ if (&hostname($remotebalancer) ne '') {
+ $offloadto = [$remotebalancer];
+ }
+ }
+ } elsif (&hostname($rule_in_effect) ne '') {
+ $offloadto = [$rule_in_effect];
+ }
+ }
+ return $offloadto;
+}
+
+sub internet_dom_servers {
+ my ($dom) = @_;
+ my (%uniqservers,%servers);
+ my $primaryserver = &hostname(&domain($dom,'primary'));
+ my @machinedoms = &machine_domains($primaryserver);
+ foreach my $mdom (@machinedoms) {
+ my %currservers = %servers;
+ my %server = &get_servers($mdom);
+ %servers = (%currservers,%server);
+ }
+ my %by_hostname;
+ foreach my $id (keys(%servers)) {
+ push(@{$by_hostname{$servers{$id}}},$id);
+ }
+ foreach my $hostname (sort(keys(%by_hostname))) {
+ if (@{$by_hostname{$hostname}} > 1) {
+ my $match = 0;
+ foreach my $id (@{$by_hostname{$hostname}}) {
+ if (&host_domain($id) eq $dom) {
+ $uniqservers{$id} = $hostname;
+ $match = 1;
+ }
+ }
+ unless ($match) {
+ $uniqservers{$by_hostname{$hostname}[0]} = $hostname;
+ }
+ } else {
+ $uniqservers{$by_hostname{$hostname}[0]} = $hostname;
+ }
+ }
+ return %uniqservers;
}
# ---------------------- Find the homebase for a user from domain's lib servers
+my %homecache;
sub homeserver {
- my ($uname,$udom)=@_;
-
+ my ($uname,$udom,$ignoreBadCache)=@_;
my $index="$uname:$udom";
- if ($homecache{$index}) { return "$homecache{$index}"; }
- my $tryserver;
- foreach $tryserver (keys %libserv) {
- if ($hostdom{$tryserver} eq $udom) {
- my $answer=reply("home:$udom:$uname",$tryserver);
- if ($answer eq 'found') {
- $homecache{$index}=$tryserver;
- return $tryserver;
- }
- }
+ if (exists($homecache{$index})) { return $homecache{$index}; }
+
+ my %servers = &get_servers($udom,'library');
+ foreach my $tryserver (keys(%servers)) {
+ next if ($ignoreBadCache ne 'true' &&
+ exists($badServerCache{$tryserver}));
+
+ my $answer=reply("home:$udom:$uname",$tryserver);
+ if ($answer eq 'found') {
+ delete($badServerCache{$tryserver});
+ return $homecache{$index}=$tryserver;
+ } elsif ($answer eq 'no_host') {
+ $badServerCache{$tryserver}=1;
+ }
}
return 'no_host';
}
-# ------------------------------------- Find the usernames behind a list of IDs
+# ----- Find the usernames behind a list of student/employee IDs or clicker IDs
sub idget {
- my ($udom,@ids)=@_;
+ my ($udom,$idsref,$namespace)=@_;
my %returnhash=();
+ my @ids=();
+ if (ref($idsref) eq 'ARRAY') {
+ @ids = @{$idsref};
+ } else {
+ return %returnhash;
+ }
+ if ($namespace eq '') {
+ $namespace = 'ids';
+ }
- my $tryserver;
- foreach $tryserver (keys %libserv) {
- if ($hostdom{$tryserver} eq $udom) {
- my $idlist=join('&',@ids);
- $idlist=~tr/A-Z/a-z/;
- my $reply=&reply("idget:$udom:".$idlist,$tryserver);
- my @answer=();
- if (($reply ne 'con_lost') && ($reply!~/^error\:/)) {
- @answer=split(/\&/,$reply);
- } ;
- my $i;
- for ($i=0;$i<=$#ids;$i++) {
- if ($answer[$i]) {
- $returnhash{$ids[$i]}=$answer[$i];
- }
- }
- }
- }
+ my %servers = &get_servers($udom,'library');
+ foreach my $tryserver (keys(%servers)) {
+ my $idlist=join('&', map { &escape($_); } @ids);
+ if ($namespace eq 'ids') {
+ $idlist=~tr/A-Z/a-z/;
+ }
+ my $reply;
+ if ($namespace eq 'ids') {
+ $reply=&reply("idget:$udom:".$idlist,$tryserver);
+ } else {
+ $reply=&reply("getdom:$udom:$namespace:$idlist",$tryserver);
+ }
+ my @answer=();
+ if (($reply ne 'con_lost') && ($reply!~/^error\:/)) {
+ @answer=split(/\&/,$reply);
+ } ;
+ my $i;
+ for ($i=0;$i<=$#ids;$i++) {
+ if ($answer[$i]) {
+ $returnhash{$ids[$i]}=&unescape($answer[$i]);
+ }
+ }
+ }
return %returnhash;
}
@@ -531,89 +1650,1204 @@ sub idget {
sub idrget {
my ($udom,@unames)=@_;
my %returnhash=();
- foreach (@unames) {
- $returnhash{$_}=(&userenvironment($udom,$_,'id'))[1];
+ foreach my $uname (@unames) {
+ $returnhash{$uname}=(&userenvironment($udom,$uname,'id'))[1];
}
return %returnhash;
}
-# ------------------------------- Store away a list of names and associated IDs
+# Store away a list of names and associated student/employee IDs or clicker IDs
sub idput {
- my ($udom,%ids)=@_;
+ my ($udom,$idsref,$uhom,$namespace)=@_;
my %servers=();
- foreach (keys %ids) {
- my $uhom=&homeserver($_,$udom);
+ my %ids=();
+ my %byid = ();
+ if (ref($idsref) eq 'HASH') {
+ %ids=%{$idsref};
+ }
+ if ($namespace eq '') {
+ $namespace = 'ids';
+ }
+ foreach my $uname (keys(%ids)) {
+ &cput('environment',{'id'=>$ids{$uname}},$udom,$uname);
+ if ($uhom eq '') {
+ $uhom=&homeserver($uname,$udom);
+ }
if ($uhom ne 'no_host') {
- my $id=&escape($ids{$_});
- $id=~tr/A-Z/a-z/;
- my $unam=&escape($_);
- if ($servers{$uhom}) {
- $servers{$uhom}.='&'.$id.'='.$unam;
+ my $esc_unam=&escape($uname);
+ if ($namespace eq 'ids') {
+ my $id=&escape($ids{$uname});
+ $id=~tr/A-Z/a-z/;
+ my $esc_unam=&escape($uname);
+ $servers{$uhom}.=$id.'='.$esc_unam.'&';
+ } else {
+ my @currids = split(/,/,$ids{$uname});
+ foreach my $id (@currids) {
+ $byid{$uhom}{$id} .= $uname.',';
+ }
+ }
+ }
+ }
+ if ($namespace eq 'clickers') {
+ foreach my $server (keys(%byid)) {
+ if (ref($byid{$server}) eq 'HASH') {
+ foreach my $id (keys(%{$byid{$server}})) {
+ $byid{$server} =~ s/,$//;
+ $servers{$uhom}.=&escape($id).'='.&escape($byid{$server}).'&';
+ }
+ }
+ }
+ }
+ foreach my $server (keys(%servers)) {
+ $servers{$server} =~ s/\&$//;
+ if ($namespace eq 'ids') {
+ &critical('idput:'.$udom.':'.$servers{$server},$server);
+ } else {
+ &critical('updateclickers:'.$udom.':add:'.$servers{$server},$server);
+ }
+ }
+}
+
+# ------------- Delete unwanted student/employee IDs or clicker IDs from domain
+
+sub iddel {
+ my ($udom,$idshashref,$uhome,$namespace)=@_;
+ my %result=();
+ my %ids=();
+ my %byid = ();
+ if (ref($idshashref) eq 'HASH') {
+ %ids=%{$idshashref};
+ } else {
+ return %result;
+ }
+ if ($namespace eq '') {
+ $namespace = 'ids';
+ }
+ my %servers=();
+ while (my ($id,$unamestr) = each(%ids)) {
+ if ($namespace eq 'ids') {
+ my $uhom = $uhome;
+ if ($uhom eq '') {
+ $uhom=&homeserver($unamestr,$udom);
+ }
+ if ($uhom ne 'no_host') {
+ $servers{$uhom}.='&'.&escape($id);
+ }
+ } else {
+ my @curritems = split(/,/,$ids{$id});
+ foreach my $uname (@curritems) {
+ my $uhom = $uhome;
+ if ($uhom eq '') {
+ $uhom=&homeserver($uname,$udom);
+ }
+ if ($uhom ne 'no_host') {
+ $byid{$uhom}{$id} .= $uname.',';
+ }
+ }
+ }
+ }
+ if ($namespace eq 'clickers') {
+ foreach my $server (keys(%byid)) {
+ if (ref($byid{$server}) eq 'HASH') {
+ foreach my $id (keys(%{$byid{$server}})) {
+ $byid{$server}{$id} =~ s/,$//;
+ $servers{$server}.=&escape($id).'='.&escape($byid{$server}{$id}).'&';
+ }
+ }
+ }
+ }
+ foreach my $server (keys(%servers)) {
+ $servers{$server} =~ s/\&$//;
+ if ($namespace eq 'ids') {
+ $result{$server} = &critical('iddel:'.$udom.':'.$servers{$server},$uhome);
+ } elsif ($namespace eq 'clickers') {
+ $result{$server} = &critical('updateclickers:'.$udom.':del:'.$servers{$server},$server);
+ }
+ }
+ return %result;
+}
+
+# ----- Update clicker ID-to-username look-ups in clickers.db on library server
+
+sub updateclickers {
+ my ($udom,$action,$idshashref,$uhome,$critical) = @_;
+ my %clickers;
+ if (ref($idshashref) eq 'HASH') {
+ %clickers=%{$idshashref};
+ } else {
+ return;
+ }
+ my $items='';
+ foreach my $item (keys(%clickers)) {
+ $items.=&escape($item).'='.&escape($clickers{$item}).'&';
+ }
+ $items=~s/\&$//;
+ my $request = "updateclickers:$udom:$action:$items";
+ if ($critical) {
+ return &critical($request,$uhome);
+ } else {
+ return &reply($request,$uhome);
+ }
+}
+
+# ------------------------------dump from db file owned by domainconfig user
+sub dump_dom {
+ my ($namespace, $udom, $regexp) = @_;
+
+ $udom ||= $env{'user.domain'};
+
+ return () unless $udom;
+
+ return &dump($namespace, $udom, &get_domainconfiguser($udom), $regexp);
+}
+
+# ------------------------------------------ get items from domain db files
+
+sub get_dom {
+ my ($namespace,$storearr,$udom,$uhome)=@_;
+ return if ($udom eq 'public');
+ my $items='';
+ foreach my $item (@$storearr) {
+ $items.=&escape($item).'&';
+ }
+ $items=~s/\&$//;
+ if (!$udom) {
+ $udom=$env{'user.domain'};
+ return if ($udom eq 'public');
+ if (defined(&domain($udom,'primary'))) {
+ $uhome=&domain($udom,'primary');
+ } else {
+ undef($uhome);
+ }
+ } else {
+ if (!$uhome) {
+ if (defined(&domain($udom,'primary'))) {
+ $uhome=&domain($udom,'primary');
+ }
+ }
+ }
+ if ($udom && $uhome && ($uhome ne 'no_host')) {
+ my $rep=&reply("getdom:$udom:$namespace:$items",$uhome);
+ my %returnhash;
+ if ($rep eq '' || $rep =~ /^error: 2 /) {
+ return %returnhash;
+ }
+ my @pairs=split(/\&/,$rep);
+ if ( $#pairs==0 && $pairs[0] =~ /^(con_lost|error|no_such_host)/i) {
+ return @pairs;
+ }
+ my $i=0;
+ foreach my $item (@$storearr) {
+ $returnhash{$item}=&thaw_unescape($pairs[$i]);
+ $i++;
+ }
+ return %returnhash;
+ } else {
+ &logthis("get_dom failed - no homeserver and/or domain ($udom) ($uhome)");
+ }
+}
+
+# -------------------------------------------- put items in domain db files
+
+sub put_dom {
+ my ($namespace,$storehash,$udom,$uhome)=@_;
+ if (!$udom) {
+ $udom=$env{'user.domain'};
+ if (defined(&domain($udom,'primary'))) {
+ $uhome=&domain($udom,'primary');
+ } else {
+ undef($uhome);
+ }
+ } else {
+ if (!$uhome) {
+ if (defined(&domain($udom,'primary'))) {
+ $uhome=&domain($udom,'primary');
+ }
+ }
+ }
+ if ($udom && $uhome && ($uhome ne 'no_host')) {
+ my $items='';
+ foreach my $item (keys(%$storehash)) {
+ $items.=&escape($item).'='.&freeze_escape($$storehash{$item}).'&';
+ }
+ $items=~s/\&$//;
+ return &reply("putdom:$udom:$namespace:$items",$uhome);
+ } else {
+ &logthis("put_dom failed - no homeserver and/or domain");
+ }
+}
+
+# --------------------- newput for items in db file owned by domainconfig user
+sub newput_dom {
+ my ($namespace,$storehash,$udom) = @_;
+ my $result;
+ if (!$udom) {
+ $udom=$env{'user.domain'};
+ }
+ if ($udom) {
+ my $uname = &get_domainconfiguser($udom);
+ $result = &newput($namespace,$storehash,$udom,$uname);
+ }
+ return $result;
+}
+
+# --------------------- delete for items in db file owned by domainconfig user
+sub del_dom {
+ my ($namespace,$storearr,$udom)=@_;
+ if (ref($storearr) eq 'ARRAY') {
+ if (!$udom) {
+ $udom=$env{'user.domain'};
+ }
+ if ($udom) {
+ my $uname = &get_domainconfiguser($udom);
+ return &del($namespace,$storearr,$udom,$uname);
+ }
+ }
+}
+
+# ----------------------------------construct domainconfig user for a domain
+sub get_domainconfiguser {
+ my ($udom) = @_;
+ return $udom.'-domainconfig';
+}
+
+sub retrieve_inst_usertypes {
+ my ($udom) = @_;
+ my (%returnhash,@order);
+ my %domdefs = &Apache::lonnet::get_domain_defaults($udom);
+ if ((ref($domdefs{'inststatustypes'}) eq 'HASH') &&
+ (ref($domdefs{'inststatusorder'}) eq 'ARRAY')) {
+ return ($domdefs{'inststatustypes'},$domdefs{'inststatusorder'});
+ } else {
+ if (defined(&domain($udom,'primary'))) {
+ my $uhome=&domain($udom,'primary');
+ my $rep=&reply("inst_usertypes:$udom",$uhome);
+ if ($rep =~ /^(con_lost|error|no_such_host|refused)/) {
+ &logthis("retrieve_inst_usertypes failed - $rep returned from $uhome in domain: $udom");
+ return (\%returnhash,\@order);
+ }
+ my ($hashitems,$orderitems) = split(/:/,$rep);
+ my @pairs=split(/\&/,$hashitems);
+ foreach my $item (@pairs) {
+ my ($key,$value)=split(/=/,$item,2);
+ $key = &unescape($key);
+ next if ($key =~ /^error: 2 /);
+ $returnhash{$key}=&thaw_unescape($value);
+ }
+ my @esc_order = split(/\&/,$orderitems);
+ foreach my $item (@esc_order) {
+ push(@order,&unescape($item));
+ }
+ } else {
+ &logthis("retrieve_inst_usertypes failed - no primary domain server for $udom");
+ }
+ return (\%returnhash,\@order);
+ }
+}
+
+sub is_domainimage {
+ my ($url) = @_;
+ if ($url=~m-^/+res/+($match_domain)/+\1\-domainconfig/+(img|logo|domlogo)/+[^/]-) {
+ if (&domain($1) ne '') {
+ return '1';
+ }
+ }
+ return;
+}
+
+sub inst_directory_query {
+ my ($srch) = @_;
+ my $udom = $srch->{'srchdomain'};
+ my %results;
+ my $homeserver = &domain($udom,'primary');
+ my $outcome;
+ if ($homeserver ne '') {
+ my $queryid=&reply("querysend:instdirsearch:".
+ &escape($srch->{'srchby'}).':'.
+ &escape($srch->{'srchterm'}).':'.
+ &escape($srch->{'srchtype'}),$homeserver);
+ my $host=&hostname($homeserver);
+ if ($queryid !~/^\Q$host\E\_/) {
+ &logthis('instituional directory search invalid queryid: '.$queryid.' for host: '.$homeserver.'in domain '.$udom);
+ return;
+ }
+ my $response = &get_query_reply($queryid);
+ my $maxtries = 5;
+ my $tries = 1;
+ while (($response=~/^timeout/) && ($tries < $maxtries)) {
+ $response = &get_query_reply($queryid);
+ $tries ++;
+ }
+
+ if (!&error($response) && $response ne 'refused') {
+ if ($response eq 'unavailable') {
+ $outcome = $response;
} else {
- $servers{$uhom}=$id.'='.$unam;
+ $outcome = 'ok';
+ my @matches = split(/\n/,$response);
+ foreach my $match (@matches) {
+ my ($key,$value) = split(/=/,$match);
+ $results{&unescape($key).':'.$udom} = &thaw_unescape($value);
+ }
}
- &critical('put:'.$udom.':'.$unam.':environment:id='.$id,$uhom);
}
}
- foreach (keys %servers) {
- &critical('idput:'.$udom.':'.$servers{$_},$_);
+ return ($outcome,%results);
+}
+
+sub usersearch {
+ my ($srch) = @_;
+ my $dom = $srch->{'srchdomain'};
+ my %results;
+ my %libserv = &all_library();
+ my $query = 'usersearch';
+ foreach my $tryserver (keys(%libserv)) {
+ if (&host_domain($tryserver) eq $dom) {
+ my $host=&hostname($tryserver);
+ my $queryid=
+ &reply("querysend:".&escape($query).':'.
+ &escape($srch->{'srchby'}).':'.
+ &escape($srch->{'srchtype'}).':'.
+ &escape($srch->{'srchterm'}),$tryserver);
+ if ($queryid !~/^\Q$host\E\_/) {
+ &logthis('usersearch: invalid queryid: '.$queryid.' for host: '.$host.'in domain '.$dom.' and server: '.$tryserver);
+ next;
+ }
+ my $reply = &get_query_reply($queryid);
+ my $maxtries = 1;
+ my $tries = 1;
+ while (($reply=~/^timeout/) && ($tries < $maxtries)) {
+ $reply = &get_query_reply($queryid);
+ $tries ++;
+ }
+ if ( ($reply =~/^timeout/) || ($reply =~/^error/) ) {
+ &logthis('usersrch error: '.$reply.' for '.$dom.' - searching for : '.$srch->{'srchterm'}.' by '.$srch->{'srchby'}.' ('.$srch->{'srchtype'}.') - maxtries: '.$maxtries.' tries: '.$tries);
+ } else {
+ my @matches;
+ if ($reply =~ /\n/) {
+ @matches = split(/\n/,$reply);
+ } else {
+ @matches = split(/\&/,$reply);
+ }
+ foreach my $match (@matches) {
+ my ($uname,$udom,%userhash);
+ foreach my $entry (split(/:/,$match)) {
+ my ($key,$value) =
+ map {&unescape($_);} split(/=/,$entry);
+ $userhash{$key} = $value;
+ if ($key eq 'username') {
+ $uname = $value;
+ } elsif ($key eq 'domain') {
+ $udom = $value;
+ }
+ }
+ $results{$uname.':'.$udom} = \%userhash;
+ }
+ }
+ }
}
+ return %results;
+}
+
+sub get_instuser {
+ my ($udom,$uname,$id) = @_;
+ my $homeserver = &domain($udom,'primary');
+ my ($outcome,%results);
+ if ($homeserver ne '') {
+ my $queryid=&reply("querysend:getinstuser:".&escape($uname).':'.
+ &escape($id).':'.&escape($udom),$homeserver);
+ my $host=&hostname($homeserver);
+ if ($queryid !~/^\Q$host\E\_/) {
+ &logthis('get_instuser invalid queryid: '.$queryid.' for host: '.$homeserver.'in domain '.$udom);
+ return;
+ }
+ my $response = &get_query_reply($queryid);
+ my $maxtries = 5;
+ my $tries = 1;
+ while (($response=~/^timeout/) && ($tries < $maxtries)) {
+ $response = &get_query_reply($queryid);
+ $tries ++;
+ }
+ if (!&error($response) && $response ne 'refused') {
+ if ($response eq 'unavailable') {
+ $outcome = $response;
+ } else {
+ $outcome = 'ok';
+ my @matches = split(/\n/,$response);
+ foreach my $match (@matches) {
+ my ($key,$value) = split(/=/,$match);
+ $results{&unescape($key)} = &thaw_unescape($value);
+ }
+ }
+ }
+ }
+ my %userinfo;
+ if (ref($results{$uname}) eq 'HASH') {
+ %userinfo = %{$results{$uname}};
+ }
+ return ($outcome,%userinfo);
+}
+
+sub get_multiple_instusers {
+ my ($udom,$users,$caller) = @_;
+ my ($outcome,$results);
+ if (ref($users) eq 'HASH') {
+ my $count = keys(%{$users});
+ my $requested = &freeze_escape($users);
+ my $homeserver = &domain($udom,'primary');
+ if ($homeserver ne '') {
+ my $queryid=&reply('querysend:getmultinstusers:::'.$caller.'='.$requested,$homeserver);
+ my $host=&hostname($homeserver);
+ if ($queryid !~/^\Q$host\E\_/) {
+ &logthis('get_multiple_instusers invalid queryid: '.$queryid.
+ ' for host: '.$homeserver.'in domain '.$udom);
+ return ($outcome,$results);
+ }
+ my $response = &get_query_reply($queryid);
+ my $maxtries = 5;
+ if ($count > 100) {
+ $maxtries = 1+int($count/20);
+ }
+ my $tries = 1;
+ while (($response=~/^timeout/) && ($tries <= $maxtries)) {
+ $response = &get_query_reply($queryid);
+ $tries ++;
+ }
+ if ($response eq '') {
+ $results = {};
+ foreach my $key (keys(%{$users})) {
+ my ($uname,$id);
+ if ($caller eq 'id') {
+ $id = $key;
+ } else {
+ $uname = $key;
+ }
+ my ($resp,%info) = &get_instuser($udom,$uname,$id);
+ $outcome = $resp;
+ if ($resp eq 'ok') {
+ %{$results} = (%{$results}, %info);
+ } else {
+ last;
+ }
+ }
+ } elsif(!&error($response) && ($response ne 'refused')) {
+ if (($response eq 'unavailable') || ($response eq 'invalid') || ($response eq 'timeout')) {
+ $outcome = $response;
+ } else {
+ ($outcome,my $userdata) = split(/=/,$response,2);
+ if ($outcome eq 'ok') {
+ $results = &thaw_unescape($userdata);
+ }
+ }
+ }
+ }
+ }
+ return ($outcome,$results);
+}
+
+sub inst_rulecheck {
+ my ($udom,$uname,$id,$item,$rules) = @_;
+ my %returnhash;
+ if ($udom ne '') {
+ if (ref($rules) eq 'ARRAY') {
+ @{$rules} = map {&escape($_);} (@{$rules});
+ my $rulestr = join(':',@{$rules});
+ my $homeserver=&domain($udom,'primary');
+ if (($homeserver ne '') && ($homeserver ne 'no_host')) {
+ my $response;
+ if ($item eq 'username') {
+ $response=&unescape(&reply('instrulecheck:'.&escape($udom).
+ ':'.&escape($uname).':'.$rulestr,
+ $homeserver));
+ } elsif ($item eq 'id') {
+ $response=&unescape(&reply('instidrulecheck:'.&escape($udom).
+ ':'.&escape($id).':'.$rulestr,
+ $homeserver));
+ } elsif ($item eq 'selfcreate') {
+ $response=&unescape(&reply('instselfcreatecheck:'.
+ &escape($udom).':'.&escape($uname).
+ ':'.$rulestr,$homeserver));
+ }
+ if ($response ne 'refused') {
+ my @pairs=split(/\&/,$response);
+ foreach my $item (@pairs) {
+ my ($key,$value)=split(/=/,$item,2);
+ $key = &unescape($key);
+ next if ($key =~ /^error: 2 /);
+ $returnhash{$key}=&thaw_unescape($value);
+ }
+ }
+ }
+ }
+ }
+ return %returnhash;
+}
+
+sub inst_userrules {
+ my ($udom,$check) = @_;
+ my (%ruleshash,@ruleorder);
+ if ($udom ne '') {
+ my $homeserver=&domain($udom,'primary');
+ if (($homeserver ne '') && ($homeserver ne 'no_host')) {
+ my $response;
+ if ($check eq 'id') {
+ $response=&reply('instidrules:'.&escape($udom),
+ $homeserver);
+ } elsif ($check eq 'email') {
+ $response=&reply('instemailrules:'.&escape($udom),
+ $homeserver);
+ } else {
+ $response=&reply('instuserrules:'.&escape($udom),
+ $homeserver);
+ }
+ if (($response ne 'refused') && ($response ne 'error') &&
+ ($response ne 'unknown_cmd') &&
+ ($response ne 'no_such_host')) {
+ my ($hashitems,$orderitems) = split(/:/,$response);
+ my @pairs=split(/\&/,$hashitems);
+ foreach my $item (@pairs) {
+ my ($key,$value)=split(/=/,$item,2);
+ $key = &unescape($key);
+ next if ($key =~ /^error: 2 /);
+ $ruleshash{$key}=&thaw_unescape($value);
+ }
+ my @esc_order = split(/\&/,$orderitems);
+ foreach my $item (@esc_order) {
+ push(@ruleorder,&unescape($item));
+ }
+ }
+ }
+ }
+ return (\%ruleshash,\@ruleorder);
+}
+
+# ------------- Get Authentication, Language and User Tools Defaults for Domain
+
+sub get_domain_defaults {
+ my ($domain,$ignore_cache) = @_;
+ return if (($domain eq '') || ($domain eq 'public'));
+ my $cachetime = 60*60*24;
+ unless ($ignore_cache) {
+ my ($result,$cached)=&is_cached_new('domdefaults',$domain);
+ if (defined($cached)) {
+ if (ref($result) eq 'HASH') {
+ return %{$result};
+ }
+ }
+ }
+ my %domdefaults;
+ my %domconfig =
+ &Apache::lonnet::get_dom('configuration',['defaults','quotas',
+ 'requestcourses','inststatus',
+ 'coursedefaults','usersessions',
+ 'requestauthor','selfenrollment',
+ 'coursecategories','ssl','autoenroll'],$domain);
+ my @coursetypes = ('official','unofficial','community','textbook','placement');
+ if (ref($domconfig{'defaults'}) eq 'HASH') {
+ $domdefaults{'lang_def'} = $domconfig{'defaults'}{'lang_def'};
+ $domdefaults{'auth_def'} = $domconfig{'defaults'}{'auth_def'};
+ $domdefaults{'auth_arg_def'} = $domconfig{'defaults'}{'auth_arg_def'};
+ $domdefaults{'timezone_def'} = $domconfig{'defaults'}{'timezone_def'};
+ $domdefaults{'datelocale_def'} = $domconfig{'defaults'}{'datelocale_def'};
+ $domdefaults{'portal_def'} = $domconfig{'defaults'}{'portal_def'};
+ } else {
+ $domdefaults{'lang_def'} = &domain($domain,'lang_def');
+ $domdefaults{'auth_def'} = &domain($domain,'auth_def');
+ $domdefaults{'auth_arg_def'} = &domain($domain,'auth_arg_def');
+ }
+ if (ref($domconfig{'quotas'}) eq 'HASH') {
+ if (ref($domconfig{'quotas'}{'defaultquota'}) eq 'HASH') {
+ $domdefaults{'defaultquota'} = $domconfig{'quotas'}{'defaultquota'};
+ } else {
+ $domdefaults{'defaultquota'} = $domconfig{'quotas'};
+ }
+ my @usertools = ('aboutme','blog','webdav','portfolio');
+ foreach my $item (@usertools) {
+ if (ref($domconfig{'quotas'}{$item}) eq 'HASH') {
+ $domdefaults{$item} = $domconfig{'quotas'}{$item};
+ }
+ }
+ if (ref($domconfig{'quotas'}{'authorquota'}) eq 'HASH') {
+ $domdefaults{'authorquota'} = $domconfig{'quotas'}{'authorquota'};
+ }
+ }
+ if (ref($domconfig{'requestcourses'}) eq 'HASH') {
+ foreach my $item ('official','unofficial','community','textbook','placement') {
+ $domdefaults{$item} = $domconfig{'requestcourses'}{$item};
+ }
+ }
+ if (ref($domconfig{'requestauthor'}) eq 'HASH') {
+ $domdefaults{'requestauthor'} = $domconfig{'requestauthor'};
+ }
+ if (ref($domconfig{'inststatus'}) eq 'HASH') {
+ foreach my $item ('inststatustypes','inststatusorder','inststatusguest') {
+ $domdefaults{$item} = $domconfig{'inststatus'}{$item};
+ }
+ }
+ if (ref($domconfig{'coursedefaults'}) eq 'HASH') {
+ $domdefaults{'canuse_pdfforms'} = $domconfig{'coursedefaults'}{'canuse_pdfforms'};
+ $domdefaults{'usejsme'} = $domconfig{'coursedefaults'}{'usejsme'};
+ $domdefaults{'uselcmath'} = $domconfig{'coursedefaults'}{'uselcmath'};
+ if (ref($domconfig{'coursedefaults'}{'postsubmit'}) eq 'HASH') {
+ $domdefaults{'postsubmit'} = $domconfig{'coursedefaults'}{'postsubmit'}{'client'};
+ }
+ foreach my $type (@coursetypes) {
+ if (ref($domconfig{'coursedefaults'}{'coursecredits'}) eq 'HASH') {
+ unless ($type eq 'community') {
+ $domdefaults{$type.'credits'} = $domconfig{'coursedefaults'}{'coursecredits'}{$type};
+ }
+ }
+ if (ref($domconfig{'coursedefaults'}{'uploadquota'}) eq 'HASH') {
+ $domdefaults{$type.'quota'} = $domconfig{'coursedefaults'}{'uploadquota'}{$type};
+ }
+ if ($domdefaults{'postsubmit'} eq 'on') {
+ if (ref($domconfig{'coursedefaults'}{'postsubmit'}{'timeout'}) eq 'HASH') {
+ $domdefaults{$type.'postsubtimeout'} =
+ $domconfig{'coursedefaults'}{'postsubmit'}{'timeout'}{$type};
+ }
+ }
+ }
+ if (ref($domconfig{'coursedefaults'}{'canclone'}) eq 'HASH') {
+ if (ref($domconfig{'coursedefaults'}{'canclone'}{'instcode'}) eq 'ARRAY') {
+ my @clonecodes = @{$domconfig{'coursedefaults'}{'canclone'}{'instcode'}};
+ if (@clonecodes) {
+ $domdefaults{'canclone'} = join('+',@clonecodes);
+ }
+ }
+ } elsif ($domconfig{'coursedefaults'}{'canclone'}) {
+ $domdefaults{'canclone'}=$domconfig{'coursedefaults'}{'canclone'};
+ }
+ }
+ if (ref($domconfig{'usersessions'}) eq 'HASH') {
+ if (ref($domconfig{'usersessions'}{'remote'}) eq 'HASH') {
+ $domdefaults{'remotesessions'} = $domconfig{'usersessions'}{'remote'};
+ }
+ if (ref($domconfig{'usersessions'}{'hosted'}) eq 'HASH') {
+ $domdefaults{'hostedsessions'} = $domconfig{'usersessions'}{'hosted'};
+ }
+ if (ref($domconfig{'usersessions'}{'offloadnow'}) eq 'HASH') {
+ $domdefaults{'offloadnow'} = $domconfig{'usersessions'}{'offloadnow'};
+ }
+ }
+ if (ref($domconfig{'selfenrollment'}) eq 'HASH') {
+ if (ref($domconfig{'selfenrollment'}{'admin'}) eq 'HASH') {
+ my @settings = ('types','registered','enroll_dates','access_dates','section',
+ 'approval','limit');
+ foreach my $type (@coursetypes) {
+ if (ref($domconfig{'selfenrollment'}{'admin'}{$type}) eq 'HASH') {
+ my @mgrdc = ();
+ foreach my $item (@settings) {
+ if ($domconfig{'selfenrollment'}{'admin'}{$type}{$item} eq '0') {
+ push(@mgrdc,$item);
+ }
+ }
+ if (@mgrdc) {
+ $domdefaults{$type.'selfenrolladmdc'} = join(',',@mgrdc);
+ }
+ }
+ }
+ }
+ if (ref($domconfig{'selfenrollment'}{'default'}) eq 'HASH') {
+ foreach my $type (@coursetypes) {
+ if (ref($domconfig{'selfenrollment'}{'default'}{$type}) eq 'HASH') {
+ foreach my $item (keys(%{$domconfig{'selfenrollment'}{'default'}{$type}})) {
+ $domdefaults{$type.'selfenroll'.$item} = $domconfig{'selfenrollment'}{'default'}{$type}{$item};
+ }
+ }
+ }
+ }
+ }
+ if (ref($domconfig{'coursecategories'}) eq 'HASH') {
+ $domdefaults{'catauth'} = 'std';
+ $domdefaults{'catunauth'} = 'std';
+ if ($domconfig{'coursecategories'}{'auth'}) {
+ $domdefaults{'catauth'} = $domconfig{'coursecategories'}{'auth'};
+ }
+ if ($domconfig{'coursecategories'}{'unauth'}) {
+ $domdefaults{'catunauth'} = $domconfig{'coursecategories'}{'unauth'};
+ }
+ }
+ if (ref($domconfig{'ssl'}) eq 'HASH') {
+ if (ref($domconfig{'ssl'}{'replication'}) eq 'HASH') {
+ $domdefaults{'replication'} = $domconfig{'ssl'}{'replication'};
+ }
+ if (ref($domconfig{'ssl'}{'connect'}) eq 'HASH') {
+ $domdefaults{'connect'} = $domconfig{'ssl'}{'connect'};
+ }
+ }
+ if (ref($domconfig{'autoenroll'}) eq 'HASH') {
+ $domdefaults{'autofailsafe'} = $domconfig{'autoenroll'}{'autofailsafe'};
+ }
+ &do_cache_new('domdefaults',$domain,\%domdefaults,$cachetime);
+ return %domdefaults;
+}
+
+sub course_portal_url {
+ my ($cnum,$cdom) = @_;
+ my $chome = &homeserver($cnum,$cdom);
+ my $hostname = &hostname($chome);
+ my $protocol = $protocol{$chome};
+ $protocol = 'http' if ($protocol ne 'https');
+ my %domdefaults = &get_domain_defaults($cdom);
+ my $firsturl;
+ if ($domdefaults{'portal_def'}) {
+ $firsturl = $domdefaults{'portal_def'};
+ } else {
+ $firsturl = $protocol.'://'.$hostname;
+ }
+ return $firsturl;
+}
+
+# --------------------------------------------------- Assign a key to a student
+
+sub assign_access_key {
+#
+# a valid key looks like uname:udom#comments
+# comments are being appended
+#
+ my ($ckey,$kdom,$knum,$cdom,$cnum,$udom,$uname,$logentry)=@_;
+ $kdom=
+ $env{'course.'.$env{'request.course.id'}.'.domain'} unless (defined($kdom));
+ $knum=
+ $env{'course.'.$env{'request.course.id'}.'.num'} unless (defined($knum));
+ $cdom=
+ $env{'course.'.$env{'request.course.id'}.'.domain'} unless (defined($cdom));
+ $cnum=
+ $env{'course.'.$env{'request.course.id'}.'.num'} unless (defined($cnum));
+ $udom=$env{'user.name'} unless (defined($udom));
+ $uname=$env{'user.domain'} unless (defined($uname));
+ my %existing=&get('accesskeys',[$ckey],$kdom,$knum);
+ if (($existing{$ckey}=~/^\#(.*)$/) || # - new key
+ ($existing{$ckey}=~/^\Q$uname\E\:\Q$udom\E\#(.*)$/)) {
+ # assigned to this person
+ # - this should not happen,
+ # unless something went wrong
+ # the first time around
+# ready to assign
+ $logentry=$1.'; '.$logentry;
+ if (&put('accesskeys',{$ckey=>$uname.':'.$udom.'#'.$logentry},
+ $kdom,$knum) eq 'ok') {
+# key now belongs to user
+ my $envkey='key.'.$cdom.'_'.$cnum;
+ if (&put('environment',{$envkey => $ckey}) eq 'ok') {
+ &appenv({'environment.'.$envkey => $ckey});
+ return 'ok';
+ } else {
+ return
+ 'error: Count not permanently assign key, will need to be re-entered later.';
+ }
+ } else {
+ return 'error: Could not assign key, try again later.';
+ }
+ } elsif (!$existing{$ckey}) {
+# the key does not exist
+ return 'error: The key does not exist';
+ } else {
+# the key is somebody else's
+ return 'error: The key is already in use';
+ }
+}
+
+# ------------------------------------------ put an additional comment on a key
+
+sub comment_access_key {
+#
+# a valid key looks like uname:udom#comments
+# comments are being appended
+#
+ my ($ckey,$cdom,$cnum,$logentry)=@_;
+ $cdom=
+ $env{'course.'.$env{'request.course.id'}.'.domain'} unless (defined($cdom));
+ $cnum=
+ $env{'course.'.$env{'request.course.id'}.'.num'} unless (defined($cnum));
+ my %existing=&get('accesskeys',[$ckey],$cdom,$cnum);
+ if ($existing{$ckey}) {
+ $existing{$ckey}.='; '.$logentry;
+# ready to assign
+ if (&put('accesskeys',{$ckey=>$existing{$ckey}},
+ $cdom,$cnum) eq 'ok') {
+ return 'ok';
+ } else {
+ return 'error: Count not store comment.';
+ }
+ } else {
+# the key does not exist
+ return 'error: The key does not exist';
+ }
+}
+
+# ------------------------------------------------------ Generate a set of keys
+
+sub generate_access_keys {
+ my ($number,$cdom,$cnum,$logentry)=@_;
+ $cdom=
+ $env{'course.'.$env{'request.course.id'}.'.domain'} unless (defined($cdom));
+ $cnum=
+ $env{'course.'.$env{'request.course.id'}.'.num'} unless (defined($cnum));
+ unless (&allowed('mky',$cdom)) { return 0; }
+ unless (($cdom) && ($cnum)) { return 0; }
+ if ($number>10000) { return 0; }
+ sleep(2); # make sure don't get same seed twice
+ srand(time()^($$+($$<<15))); # from "Programming Perl"
+ my $total=0;
+ for (my $i=1;$i<=$number;$i++) {
+ my $newkey=sprintf("%lx",int(100000*rand)).'-'.
+ sprintf("%lx",int(100000*rand)).'-'.
+ sprintf("%lx",int(100000*rand));
+ $newkey=~s/1/g/g; # folks mix up 1 and l
+ $newkey=~s/0/h/g; # and also 0 and O
+ my %existing=&get('accesskeys',[$newkey],$cdom,$cnum);
+ if ($existing{$newkey}) {
+ $i--;
+ } else {
+ if (&put('accesskeys',
+ { $newkey => '# generated '.localtime().
+ ' by '.$env{'user.name'}.'@'.$env{'user.domain'}.
+ '; '.$logentry },
+ $cdom,$cnum) eq 'ok') {
+ $total++;
+ }
+ }
+ }
+ &log($env{'user.domain'},$env{'user.name'},$env{'user.home'},
+ 'Generated '.$total.' keys for '.$cnum.' at '.$cdom);
+ return $total;
+}
+
+# ------------------------------------------------------- Validate an accesskey
+
+sub validate_access_key {
+ my ($ckey,$cdom,$cnum,$udom,$uname)=@_;
+ $cdom=
+ $env{'course.'.$env{'request.course.id'}.'.domain'} unless (defined($cdom));
+ $cnum=
+ $env{'course.'.$env{'request.course.id'}.'.num'} unless (defined($cnum));
+ $udom=$env{'user.domain'} unless (defined($udom));
+ $uname=$env{'user.name'} unless (defined($uname));
+ my %existing=&get('accesskeys',[$ckey],$cdom,$cnum);
+ return ($existing{$ckey}=~/^\Q$uname\E\:\Q$udom\E\#/);
}
# ------------------------------------- Find the section of student in a course
+sub devalidate_getsection_cache {
+ my ($udom,$unam,$courseid)=@_;
+ my $hashid="$udom:$unam:$courseid";
+ &devalidate_cache_new('getsection',$hashid);
+}
-sub usection {
+sub courseid_to_courseurl {
+ my ($courseid) = @_;
+ #already url style courseid
+ return $courseid if ($courseid =~ m{^/});
+
+ if (exists($env{'course.'.$courseid.'.num'})) {
+ my $cnum = $env{'course.'.$courseid.'.num'};
+ my $cdom = $env{'course.'.$courseid.'.domain'};
+ return "/$cdom/$cnum";
+ }
+
+ my %courseinfo=&Apache::lonnet::coursedescription($courseid);
+ if (exists($courseinfo{'num'})) {
+ return "/$courseinfo{'domain'}/$courseinfo{'num'}";
+ }
+
+ return undef;
+}
+
+sub getsection {
my ($udom,$unam,$courseid)=@_;
- $courseid=~s/\_/\//g;
- $courseid=~s/^(\w)/\/$1/;
- foreach (split(/\&/,&reply('dump:'.$udom.':'.$unam.':roles',
- &homeserver($unam,$udom)))) {
- my ($key,$value)=split(/\=/,$_);
- $key=&unescape($key);
- if ($key=~/^$courseid(?:\/)*(\w+)*\_st$/) {
- my $section=$1;
- if ($key eq $courseid.'_st') { $section=''; }
- my ($dummy,$end,$start)=split(/\_/,&unescape($value));
- my $now=time;
- my $notactive=0;
- if ($start) {
- if ($now<$start) { $notactive=1; }
- }
- if ($end) {
- if ($now>$end) { $notactive=1; }
- }
- unless ($notactive) { return $section; }
+ my $cachetime=1800;
+
+ my $hashid="$udom:$unam:$courseid";
+ my ($result,$cached)=&is_cached_new('getsection',$hashid);
+ if (defined($cached)) { return $result; }
+
+ my %Pending;
+ my %Expired;
+ #
+ # Each role can either have not started yet (pending), be active,
+ # or have expired.
+ #
+ # If there is an active role, we are done.
+ #
+ # If there is more than one role which has not started yet,
+ # choose the one which will start sooner
+ # If there is one role which has not started yet, return it.
+ #
+ # If there is more than one expired role, choose the one which ended last.
+ # If there is a role which has expired, return it.
+ #
+ $courseid = &courseid_to_courseurl($courseid);
+ my %roleshash = &dump('roles',$udom,$unam,$courseid);
+ foreach my $key (keys(%roleshash)) {
+ next if ($key !~/^\Q$courseid\E(?:\/)*(\w+)*\_st$/);
+ my $section=$1;
+ if ($key eq $courseid.'_st') { $section=''; }
+ my ($dummy,$end,$start)=split(/\_/,&unescape($roleshash{$key}));
+ my $now=time;
+ if (defined($end) && $end && ($now > $end)) {
+ $Expired{$end}=$section;
+ next;
+ }
+ if (defined($start) && $start && ($now < $start)) {
+ $Pending{$start}=$section;
+ next;
}
+ return &do_cache_new('getsection',$hashid,$section,$cachetime);
+ }
+ #
+ # Presumedly there will be few matching roles from the above
+ # loop and the sorting time will be negligible.
+ if (scalar(keys(%Pending))) {
+ my ($time) = sort {$a <=> $b} keys(%Pending);
+ return &do_cache_new('getsection',$hashid,$Pending{$time},$cachetime);
+ }
+ if (scalar(keys(%Expired))) {
+ my @sorted = sort {$a <=> $b} keys(%Expired);
+ my $time = pop(@sorted);
+ return &do_cache_new('getsection',$hashid,$Expired{$time},$cachetime);
+ }
+ return &do_cache_new('getsection',$hashid,'-1',$cachetime);
+}
+
+sub save_cache {
+ &purge_remembered();
+ #&Apache::loncommon::validate_page();
+ undef(%env);
+ undef($env_loaded);
+}
+
+my $to_remember=-1;
+my %remembered;
+my %accessed;
+my $kicks=0;
+my $hits=0;
+sub make_key {
+ my ($name,$id) = @_;
+ if (length($id) > 65
+ && length(&escape($id)) > 200) {
+ $id=length($id).':'.&Digest::MD5::md5_hex($id);
+ }
+ return &escape($name.':'.$id);
+}
+
+sub devalidate_cache_new {
+ my ($name,$id,$debug) = @_;
+ if ($debug) { &Apache::lonnet::logthis("deleting $name:$id"); }
+ $id=&make_key($name,$id);
+ $memcache->delete($id);
+ delete($remembered{$id});
+ delete($accessed{$id});
+}
+
+sub is_cached_new {
+ my ($name,$id,$debug) = @_;
+ $id=&make_key($name,$id);
+ if (exists($remembered{$id})) {
+ if ($debug) { &Apache::lonnet::logthis("Early return $id of $remembered{$id} "); }
+ $accessed{$id}=[&gettimeofday()];
+ $hits++;
+ return ($remembered{$id},1);
+ }
+ my $value = $memcache->get($id);
+ if (!(defined($value))) {
+ if ($debug) { &Apache::lonnet::logthis("getting $id is not defined"); }
+ return (undef,undef);
+ }
+ if ($value eq '__undef__') {
+ if ($debug) { &Apache::lonnet::logthis("getting $id is __undef__"); }
+ $value=undef;
+ }
+ &make_room($id,$value,$debug);
+ if ($debug) { &Apache::lonnet::logthis("getting $id is $value"); }
+ return ($value,1);
+}
+
+sub do_cache_new {
+ my ($name,$id,$value,$time,$debug) = @_;
+ $id=&make_key($name,$id);
+ my $setvalue=$value;
+ if (!defined($setvalue)) {
+ $setvalue='__undef__';
+ }
+ if (!defined($time) ) {
+ $time=600;
+ }
+ if ($debug) { &Apache::lonnet::logthis("Setting $id to $value"); }
+ my $result = $memcache->set($id,$setvalue,$time);
+ if (! $result) {
+ &logthis("caching of id -> $id failed");
+ $memcache->disconnect_all();
+ }
+ # need to make a copy of $value
+ &make_room($id,$value,$debug);
+ return $value;
+}
+
+sub make_room {
+ my ($id,$value,$debug)=@_;
+
+ $remembered{$id}= (ref($value)) ? &Storable::dclone($value)
+ : $value;
+ if ($to_remember<0) { return; }
+ $accessed{$id}=[&gettimeofday()];
+ if (scalar(keys(%remembered)) <= $to_remember) { return; }
+ my $to_kick;
+ my $max_time=0;
+ foreach my $other (keys(%accessed)) {
+ if (&tv_interval($accessed{$other}) > $max_time) {
+ $to_kick=$other;
+ $max_time=&tv_interval($accessed{$other});
+ }
}
- return '-1';
+ delete($remembered{$to_kick});
+ delete($accessed{$to_kick});
+ $kicks++;
+ if ($debug) { &logthis("kicking $to_kick $max_time $kicks\n"); }
+ return;
}
+sub purge_remembered {
+ #&logthis("Tossing ".scalar(keys(%remembered)));
+ #&logthis(sprintf("%-20s is %s",'%remembered',length(&freeze(\%remembered))));
+ undef(%remembered);
+ undef(%accessed);
+}
# ------------------------------------- Read an entry from a user's environment
sub userenvironment {
my ($udom,$unam,@what)=@_;
+ my $items;
+ foreach my $item (@what) {
+ $items.=&escape($item).'&';
+ }
+ $items=~s/\&$//;
my %returnhash=();
- my @answer=split(/\&/,
- &reply('get:'.$udom.':'.$unam.':environment:'.join('&',@what),
- &homeserver($unam,$udom)));
- my $i;
- for ($i=0;$i<=$#what;$i++) {
- $returnhash{$what[$i]}=&unescape($answer[$i]);
+ my $uhome = &homeserver($unam,$udom);
+ unless ($uhome eq 'no_host') {
+ my @answer=split(/\&/,
+ &reply('get:'.$udom.':'.$unam.':environment:'.$items,$uhome));
+ if ($#answer==0 && $answer[0] =~ /^(con_lost|error:|no_such_host)/i) {
+ return %returnhash;
+ }
+ my $i;
+ for ($i=0;$i<=$#what;$i++) {
+ $returnhash{$what[$i]}=&unescape($answer[$i]);
+ }
}
return %returnhash;
}
+# ---------------------------------------------------------- Get a studentphoto
+sub studentphoto {
+ my ($udom,$unam,$ext) = @_;
+ my $home=&Apache::lonnet::homeserver($unam,$udom);
+ if (defined($env{'request.course.id'})) {
+ if ($env{'course.'.$env{'request.course.id'}.'.internal.showphoto'}) {
+ if ($udom eq $env{'course.'.$env{'request.course.id'}.'.domain'}) {
+ return(&retrievestudentphoto($udom,$unam,$ext));
+ } else {
+ my ($result,$perm_reqd)=
+ &Apache::lonnet::auto_photo_permission($unam,$udom);
+ if ($result eq 'ok') {
+ if (!($perm_reqd eq 'yes')) {
+ return(&retrievestudentphoto($udom,$unam,$ext));
+ }
+ }
+ }
+ }
+ } else {
+ my ($result,$perm_reqd) =
+ &Apache::lonnet::auto_photo_permission($unam,$udom);
+ if ($result eq 'ok') {
+ if (!($perm_reqd eq 'yes')) {
+ return(&retrievestudentphoto($udom,$unam,$ext));
+ }
+ }
+ }
+ return '/adm/lonKaputt/lonlogo_broken.gif';
+}
+
+sub retrievestudentphoto {
+ my ($udom,$unam,$ext,$type) = @_;
+ my $home=&Apache::lonnet::homeserver($unam,$udom);
+ my $ret=&Apache::lonnet::reply("studentphoto:$udom:$unam:$ext:$type",$home);
+ if ($ret eq 'ok') {
+ my $url="/uploaded/$udom/$unam/internal/studentphoto.$ext";
+ if ($type eq 'thumbnail') {
+ $url="/uploaded/$udom/$unam/internal/studentphoto_tn.$ext";
+ }
+ my $tokenurl=&Apache::lonnet::tokenwrapper($url);
+ return $tokenurl;
+ } else {
+ if ($type eq 'thumbnail') {
+ return '/adm/lonKaputt/genericstudent_tn.gif';
+ } else {
+ return '/adm/lonKaputt/lonlogo_broken.gif';
+ }
+ }
+}
+
+# -------------------------------------------------------------------- New chat
+
+sub chatsend {
+ my ($newentry,$anon,$group)=@_;
+ my $cnum=$env{'course.'.$env{'request.course.id'}.'.num'};
+ my $cdom=$env{'course.'.$env{'request.course.id'}.'.domain'};
+ my $chome=$env{'course.'.$env{'request.course.id'}.'.home'};
+ &reply('chatsend:'.$cdom.':'.$cnum.':'.
+ &escape($env{'user.domain'}.':'.$env{'user.name'}.':'.$anon.':'.
+ &escape($newentry)).':'.$group,$chome);
+}
+
+# ------------------------------------------ Find current version of a resource
+
+sub getversion {
+ my $fname=&clutter(shift);
+ unless ($fname=~m{^(/adm/wrapper|)/res/}) { return -1; }
+ return ¤tversion(&filelocation('',$fname));
+}
+
+sub currentversion {
+ my $fname=shift;
+ my $author=$fname;
+ $author=~s/\/home\/httpd\/html\/res\/([^\/]*)\/([^\/]*).*/$1\/$2/;
+ my ($udom,$uname)=split(/\//,$author);
+ my $home=&homeserver($uname,$udom);
+ if ($home eq 'no_host') {
+ return -1;
+ }
+ my $answer=&reply("currentversion:$fname",$home);
+ if (($answer eq 'con_lost') || ($answer eq 'rejected')) {
+ return -1;
+ }
+ return $answer;
+}
+
+#
+# Return special version number of resource if set by override, empty otherwise
+#
+sub usedversion {
+ my $fname=shift;
+ unless ($fname) { $fname=$env{'request.uri'}; }
+ my ($urlversion)=($fname=~/\.(\d+)\.\w+$/);
+ if ($urlversion) { return $urlversion; }
+ return '';
+}
+
# ----------------------------- Subscribe to a resource, return URL if possible
sub subscribe {
my $fname=shift;
+ if ($fname=~/\/(aboutme|syllabus|bulletinboard|smppg)$/) { return ''; }
+ $fname=~s/[\n\r]//g;
my $author=$fname;
$author=~s/\/home\/httpd\/html\/res\/([^\/]*)\/([^\/]*).*/$1\/$2/;
my ($udom,$uname)=split(/\//,$author);
my $home=homeserver($uname,$udom);
- if (($home eq 'no_host') || ($home eq $perlvar{'lonHostID'})) {
- return 'not_found';
+ if ($home eq 'no_host') {
+ return 'not_found';
}
my $answer=reply("sub:$fname",$home);
if (($answer eq 'con_lost') || ($answer eq 'rejected')) {
@@ -627,27 +2861,40 @@ sub subscribe {
sub repcopy {
my $filename=shift;
$filename=~s/\/+/\//g;
- if ($filename=~/^\/home\/httpd\/html\/adm\//) { return OK; }
+ my $londocroot = $perlvar{'lonDocRoot'};
+ if ($filename=~m{^\Q$londocroot/adm/\E}) { return 'ok'; }
+ if ($filename=~m{^\Q/home/httpd/lonUsers/\E}) { return 'ok'; }
+ if ($filename=~m{^\Q$londocroot/userfiles/\E} or
+ $filename=~m{^/*(uploaded|editupload)/}) {
+ return &repcopy_userfile($filename);
+ }
+ $filename=~s/[\n\r]//g;
my $transname="$filename.in.transfer";
- if ((-e $filename) || (-e $transname)) { return OK; }
+# FIXME: this should flock
+ if ((-e $filename) || (-e $transname)) { return 'ok'; }
my $remoteurl=subscribe($filename);
if ($remoteurl =~ /^con_lost by/) {
&logthis("Subscribe returned $remoteurl: $filename");
- return HTTP_SERVICE_UNAVAILABLE;
+ return 'unavailable';
} elsif ($remoteurl eq 'not_found') {
- &logthis("Subscribe returned not_found: $filename");
- return HTTP_NOT_FOUND;
+ #&logthis("Subscribe returned not_found: $filename");
+ return 'not_found';
} elsif ($remoteurl =~ /^rejected by/) {
&logthis("Subscribe returned $remoteurl: $filename");
- return FORBIDDEN;
+ return 'forbidden';
} elsif ($remoteurl eq 'directory') {
- return OK;
+ return 'ok';
} else {
+ my $author=$filename;
+ $author=~s/\/home\/httpd\/html\/res\/([^\/]*)\/([^\/]*).*/$1\/$2/;
+ my ($udom,$uname)=split(/\//,$author);
+ my $home=homeserver($uname,$udom);
+ unless ($home eq $perlvar{'lonHostID'}) {
my @parts=split(/\//,$filename);
my $path="/$parts[1]/$parts[2]/$parts[3]/$parts[4]";
- if ($path ne "$perlvar{'lonDocRoot'}/res") {
+ if ($path ne "$londocroot/res") {
&logthis("Malconfiguration for replication: $filename");
- return HTTP_BAD_REQUEST;
+ return 'bad_request';
}
my $count;
for ($count=5;$count<$#parts;$count++) {
@@ -662,9 +2909,9 @@ sub repcopy {
if ($response->is_error()) {
unlink($transname);
my $message=$response->status_line;
- &logthis("WARNING:"
+ &logthis("WARNING:"
." LWP get: $message: $filename");
- return HTTP_SERVICE_UNAVAILABLE;
+ return 'unavailable';
} else {
if ($remoteurl!~/\.meta$/) {
my $mrequest=new HTTP::Request('GET',$remoteurl.'.meta');
@@ -672,36 +2919,1082 @@ sub repcopy {
if ($mresponse->is_error()) {
unlink($filename.'.meta');
&logthis(
- "INFO: No metadata: $filename");
+ "INFO: No metadata: $filename");
}
}
rename($transname,$filename);
- return OK;
+ return 'ok';
}
+ }
+ }
+}
+
+# ------------------------------------------------ Get server side include body
+sub ssi_body {
+ my ($filelink,%form)=@_;
+ if (! exists($form{'LONCAPA_INTERNAL_no_discussion'})) {
+ $form{'LONCAPA_INTERNAL_no_discussion'}='true';
+ }
+ my $output='';
+ my $response;
+ if ($filelink=~/^https?\:/) {
+ ($output,$response)=&externalssi($filelink);
+ } else {
+ $filelink .= $filelink=~/\?/ ? '&' : '?';
+ $filelink .= 'inhibitmenu=yes';
+ ($output,$response)=&ssi($filelink,%form);
+ }
+ $output=~s|//(\s*)?\s||gs;
+ $output=~s/^.*?\]*\>//si;
+ $output=~s/\<\/body\s*\>.*?$//si;
+ if (wantarray) {
+ return ($output, $response);
+ } else {
+ return $output;
}
}
# --------------------------------------------------------- Server Side Include
+sub absolute_url {
+ my ($host_name) = @_;
+ my $protocol = ($ENV{'SERVER_PORT'} == 443?'https://':'http://');
+ if ($host_name eq '') {
+ $host_name = $ENV{'SERVER_NAME'};
+ }
+ return $protocol.$host_name;
+}
+
+#
+# Server side include.
+# Parameters:
+# fn Possibly encrypted resource name/id.
+# form Hash that describes how the rendering should be done
+# and other things.
+# Returns:
+# Scalar context: The content of the response.
+# Array context: 2 element list of the content and the full response object.
+#
sub ssi {
my ($fn,%form)=@_;
-
my $ua=new LWP::UserAgent;
-
my $request;
-
+
+ $form{'no_update_last_known'}=1;
+ &Apache::lonenc::check_encrypt(\$fn);
if (%form) {
- $request=new HTTP::Request('POST',"http://".$ENV{'HTTP_HOST'}.$fn);
- $request->content(join('&',map { &escape($_).'='.&escape($form{$_}) } keys %form));
+ $request=new HTTP::Request('POST',&absolute_url().$fn);
+ $request->content(join('&',map {
+ my $name = escape($_);
+ "$name=" . ( ref($form{$_}) eq 'ARRAY'
+ ? join("&$name=", map {escape($_) } @{$form{$_}})
+ : &escape($form{$_}) );
+ } keys(%form)));
} else {
- $request=new HTTP::Request('GET',"http://".$ENV{'HTTP_HOST'}.$fn);
+ $request=new HTTP::Request('GET',&absolute_url().$fn);
}
$request->header(Cookie => $ENV{'HTTP_COOKIE'});
+ my $response= $ua->request($request);
+ my $content = $response->content;
+
+
+ if (wantarray) {
+ return ($content, $response);
+ } else {
+ return $content;
+ }
+}
+
+sub externalssi {
+ my ($url)=@_;
+ my $ua=new LWP::UserAgent;
+ my $request=new HTTP::Request('GET',$url);
my $response=$ua->request($request);
+ if (wantarray) {
+ return ($response->content, $response);
+ } else {
+ return $response->content;
+ }
+}
- return $response->content;
+# -------------------------------- Allow a /uploaded/ URI to be vouched for
+
+sub allowuploaded {
+ my ($srcurl,$url)=@_;
+ $url=&clutter(&declutter($url));
+ my $dir=$url;
+ $dir=~s/\/[^\/]+$//;
+ my %httpref=();
+ my $httpurl=&hreflocation('',$url);
+ $httpref{'httpref.'.$httpurl}=$srcurl;
+ &Apache::lonnet::appenv(\%httpref);
+}
+
+#
+# Determine if the current user should be able to edit a particular resource,
+# when viewing in course context.
+# (a) When viewing resource used to determine if "Edit" item is included in
+# Functions.
+# (b) When displaying folder contents in course editor, used to determine if
+# "Edit" link will be displayed alongside resource.
+#
+# input: six args -- filename (decluttered), course number, course domain,
+# url, symb (if registered) and group (if this is a group
+# item -- e.g., bulletin board, group page etc.).
+# output: array of five scalars --
+# $cfile -- url for file editing if editable on current server
+# $home -- homeserver of resource (i.e., for author if published,
+# or course if uploaded.).
+# $switchserver -- 1 if server switch will be needed.
+# $forceedit -- 1 if icon/link should be to go to edit mode
+# $forceview -- 1 if icon/link should be to go to view mode
+#
+
+sub can_edit_resource {
+ my ($file,$cnum,$cdom,$resurl,$symb,$group) = @_;
+ my ($cfile,$home,$switchserver,$forceedit,$forceview,$uploaded,$incourse);
+#
+# For aboutme pages user can only edit his/her own.
+#
+ if ($resurl =~ m{^/?adm/($match_domain)/($match_username)/aboutme$}) {
+ my ($sdom,$sname) = ($1,$2);
+ if (($sdom eq $env{'user.domain'}) && ($sname eq $env{'user.name'})) {
+ $home = $env{'user.home'};
+ $cfile = $resurl;
+ if ($env{'form.forceedit'}) {
+ $forceview = 1;
+ } else {
+ $forceedit = 1;
+ }
+ return ($cfile,$home,$switchserver,$forceedit,$forceview);
+ } else {
+ return;
+ }
+ }
+
+ if ($env{'request.course.id'}) {
+ my $crsedit = &Apache::lonnet::allowed('mdc',$env{'request.course.id'});
+ if ($group ne '') {
+# if this is a group homepage or group bulletin board, check group privs
+ my $allowed = 0;
+ if ($resurl =~ m{^/?adm/$cdom/$cnum/$group/smppg$}) {
+ if ((&allowed('mdg',$env{'request.course.id'}.
+ ($env{'request.course.sec'}?'/'.$env{'request.course.sec'}:''))) ||
+ (&allowed('mgh',$env{'request.course.id'}.'/'.$group)) || $crsedit) {
+ $allowed = 1;
+ }
+ } elsif ($resurl =~ m{^/?adm/$cdom/$cnum/\d+/bulletinboard$}) {
+ if ((&allowed('mdg',$env{'request.course.id'}.($env{'request.course.sec'}?'/'.$env{'request.course.sec'}:''))) ||
+ (&allowed('cgb',$env{'request.course.id'}.'/'.$group)) || $crsedit) {
+ $allowed = 1;
+ }
+ }
+ if ($allowed) {
+ $home=&homeserver($cnum,$cdom);
+ if ($env{'form.forceedit'}) {
+ $forceview = 1;
+ } else {
+ $forceedit = 1;
+ }
+ $cfile = $resurl;
+ } else {
+ return;
+ }
+ } else {
+ if ($resurl =~ m{^/?adm/viewclasslist$}) {
+ unless (&Apache::lonnet::allowed('opa',$env{'request.course.id'})) {
+ return;
+ }
+ } elsif (!$crsedit) {
+#
+# No edit allowed where CC has switched to student role.
+#
+ return;
+ }
+ }
+ }
+
+ if ($file ne '') {
+ if (($cnum =~ /$match_courseid/) && ($cdom =~ /$match_domain/)) {
+ if (&is_course_upload($file,$cnum,$cdom)) {
+ $uploaded = 1;
+ $incourse = 1;
+ if ($file =~/\.(htm|html|css|js|txt)$/) {
+ $cfile = &hreflocation('',$file);
+ if ($env{'form.forceedit'}) {
+ $forceview = 1;
+ } else {
+ $forceedit = 1;
+ }
+ }
+ } elsif ($resurl =~ m{^/public/$cdom/$cnum/syllabus}) {
+ $incourse = 1;
+ if ($env{'form.forceedit'}) {
+ $forceview = 1;
+ } else {
+ $forceedit = 1;
+ }
+ $cfile = $resurl;
+ } elsif (($resurl ne '') && (&is_on_map($resurl))) {
+ if ($resurl =~ m{^/adm/$match_domain/$match_username/\d+/smppg|bulletinboard$}) {
+ $incourse = 1;
+ if ($env{'form.forceedit'}) {
+ $forceview = 1;
+ } else {
+ $forceedit = 1;
+ }
+ $cfile = $resurl;
+ } elsif ($resurl eq '/res/lib/templates/simpleproblem.problem') {
+ $incourse = 1;
+ $cfile = $resurl.'/smpedit';
+ } elsif ($resurl =~ m{^/adm/wrapper/ext/}) {
+ $incourse = 1;
+ if ($env{'form.forceedit'}) {
+ $forceview = 1;
+ } else {
+ $forceedit = 1;
+ }
+ $cfile = $resurl;
+ } elsif ($resurl =~ m{^/adm/wrapper/adm/$cdom/$cnum/\d+/exttools?$}) {
+ $incourse = 1;
+ if ($env{'form.forceedit'}) {
+ $forceview = 1;
+ } else {
+ $forceedit = 1;
+ }
+ $cfile = $resurl;
+ } elsif ($resurl =~ m{^/?adm/viewclasslist$}) {
+ $incourse = 1;
+ if ($env{'form.forceedit'}) {
+ $forceview = 1;
+ } else {
+ $forceedit = 1;
+ }
+ $cfile = ($resurl =~ m{^/} ? $resurl : "/$resurl");
+ }
+ } elsif ($resurl eq '/res/lib/templates/simpleproblem.problem/smpedit') {
+ my $template = '/res/lib/templates/simpleproblem.problem';
+ if (&is_on_map($template)) {
+ $incourse = 1;
+ $forceview = 1;
+ $cfile = $template;
+ }
+ } elsif (($resurl =~ m{^/adm/wrapper/ext/}) && ($env{'form.folderpath'} =~ /^supplemental/)) {
+ $incourse = 1;
+ if ($env{'form.forceedit'}) {
+ $forceview = 1;
+ } else {
+ $forceedit = 1;
+ }
+ $cfile = $resurl;
+ } elsif (($resurl =~ m{^/adm/wrapper/adm/$cdom/$cnum/\d+/exttools?$}) && ($env{'form.folderpath'} =~ /^supplemental/)) {
+ $incourse = 1;
+ if ($env{'form.forceedit'}) {
+ $forceview = 1;
+ } else {
+ $forceedit = 1;
+ }
+ $cfile = $resurl;
+ } elsif (($resurl eq '/adm/extresedit') && ($symb || $env{'form.folderpath'})) {
+ $incourse = 1;
+ $forceview = 1;
+ if ($symb) {
+ my ($map,$id,$res)=&decode_symb($symb);
+ $env{'request.symb'} = $symb;
+ $cfile = &clutter($res);
+ } else {
+ $cfile = $env{'form.suppurl'};
+ my $escfile = &unescape($cfile);
+ if ($escfile =~ m{^/adm/$cdom/$cnum/\d+/exttools?$}) {
+ $cfile = '/adm/wrapper'.$escfile;
+ } else {
+ $escfile =~ s{^http://}{};
+ $cfile = &escape("/adm/wrapper/ext/$escfile");
+ }
+ }
+ } elsif ($resurl =~ m{^/?adm/viewclasslist$}) {
+ if ($env{'form.forceedit'}) {
+ $forceview = 1;
+ } else {
+ $forceedit = 1;
+ }
+ $cfile = ($resurl =~ m{^/} ? $resurl : "/$resurl");
+ }
+ }
+ if ($uploaded || $incourse) {
+ $home=&homeserver($cnum,$cdom);
+ } elsif ($file !~ m{/$}) {
+ $file=~s{^(priv/$match_domain/$match_username)}{/$1};
+ $file=~s{^($match_domain/$match_username)}{/priv/$1};
+ # Check that the user has permission to edit this resource
+ my $setpriv = 1;
+ my ($cfuname,$cfudom)=&constructaccess($file,$setpriv);
+ if (defined($cfudom)) {
+ $home=&homeserver($cfuname,$cfudom);
+ $cfile=$file;
+ }
+ }
+ if (($cfile ne '') && (!$incourse || $uploaded) &&
+ (($home ne '') && ($home ne 'no_host'))) {
+ my @ids=¤t_machine_ids();
+ unless (grep(/^\Q$home\E$/,@ids)) {
+ $switchserver=1;
+ }
+ }
+ }
+ return ($cfile,$home,$switchserver,$forceedit,$forceview);
+}
+
+sub is_course_upload {
+ my ($file,$cnum,$cdom) = @_;
+ my $uploadpath = &LONCAPA::propath($cdom,$cnum);
+ $uploadpath =~ s{^\/}{};
+ if (($file =~ m{^\Q$uploadpath\E/userfiles/(docs|supplemental)/}) ||
+ ($file =~ m{^userfiles/\Q$cdom\E/\Q$cnum\E/(docs|supplemental)/})) {
+ return 1;
+ }
+ return;
+}
+
+sub in_course {
+ my ($udom,$uname,$cdom,$cnum,$type,$hideprivileged) = @_;
+ if ($hideprivileged) {
+ my $skipuser;
+ my %coursehash = &coursedescription($cdom.'_'.$cnum);
+ my @possdoms = ($cdom);
+ if ($coursehash{'checkforpriv'}) {
+ push(@possdoms,split(/,/,$coursehash{'checkforpriv'}));
+ }
+ if (&privileged($uname,$udom,\@possdoms)) {
+ $skipuser = 1;
+ if ($coursehash{'nothideprivileged'}) {
+ foreach my $item (split(/\s*\,\s*/,$coursehash{'nothideprivileged'})) {
+ my $user;
+ if ($item =~ /:/) {
+ $user = $item;
+ } else {
+ $user = join(':',split(/[\@]/,$item));
+ }
+ if ($user eq $uname.':'.$udom) {
+ undef($skipuser);
+ last;
+ }
+ }
+ }
+ if ($skipuser) {
+ return 0;
+ }
+ }
+ }
+ $type ||= 'any';
+ if (!defined($cdom) || !defined($cnum)) {
+ my $cid = $env{'request.course.id'};
+ $cdom = $env{'course.'.$cid.'.domain'};
+ $cnum = $env{'course.'.$cid.'.num'};
+ }
+ my $typesref;
+ if (($type eq 'any') || ($type eq 'all')) {
+ $typesref = ['active','previous','future'];
+ } elsif ($type eq 'previous' || $type eq 'future') {
+ $typesref = [$type];
+ }
+ my %roles = &get_my_roles($uname,$udom,'userroles',
+ $typesref,undef,[$cdom]);
+ my ($tmp) = keys(%roles);
+ return 0 if ($tmp =~ /^(con_lost|error|no_such_host)/i);
+ my @course_roles = grep(/^\Q$cnum\E:\Q$cdom\E:/, keys(%roles));
+ if (@course_roles > 0) {
+ return 1;
+ }
+ return 0;
+}
+
+# --------- File operations in /home/httpd/html/userfiles/$domain/1/2/3/$course
+# input: action, courseID, current domain, intended
+# path to file, source of file, instruction to parse file for objects,
+# ref to hash for embedded objects,
+# ref to hash for codebase of java objects.
+# reference to scalar to accommodate mime type determined
+# from File::MMagic if $parser = parse.
+#
+# output: url to file (if action was uploaddoc),
+# ok if successful, or diagnostic message otherwise (if action was propagate or copy)
+#
+# Allows directory structure to be used within lonUsers/../userfiles/ for a
+# course.
+#
+# action = propagate - /home/httpd/html/userfiles/$domain/1/2/3/$course/$file
+# will be copied to /home/httpd/lonUsers/1/2/3/$course/userfiles in
+# course's home server.
+#
+# action = copy - /home/httpd/html/userfiles/$domain/1/2/3/$course/$file will
+# be copied from $source (current location) to
+# /home/httpd/html/userfiles/$domain/1/2/3/$course/$file
+# and will then be copied to
+# /home/httpd/lonUsers/$domain/1/2/3/$course/userfiles/$file in
+# course's home server.
+#
+# action = uploaddoc - /home/httpd/html/userfiles/$domain/1/2/3/$course/$file
+# will be retrived from $env{form.uploaddoc} (from DOCS interface) to
+# /home/httpd/html/userfiles/$domain/1/2/3/$course/$file
+# and will then be copied to /home/httpd/lonUsers/1/2/3/$course/userfiles/$file
+# in course's home server.
+#
+
+sub process_coursefile {
+ my ($action,$docuname,$docudom,$file,$source,$parser,$allfiles,$codebase,
+ $mimetype)=@_;
+ my $fetchresult;
+ my $home=&homeserver($docuname,$docudom);
+ if ($action eq 'propagate') {
+ $fetchresult= &reply('fetchuserfile:'.$docudom.'/'.$docuname.'/'.$file,
+ $home);
+ } else {
+ my $fpath = '';
+ my $fname = $file;
+ ($fpath,$fname) = ($file =~ m|^(.*)/([^/]+)$|);
+ $fpath=$docudom.'/'.$docuname.'/'.$fpath;
+ my $filepath = &build_filepath($fpath);
+ if ($action eq 'copy') {
+ if ($source eq '') {
+ $fetchresult = 'no source file';
+ return $fetchresult;
+ } else {
+ my $destination = $filepath.'/'.$fname;
+ rename($source,$destination);
+ $fetchresult= &reply('fetchuserfile:'.$docudom.'/'.$docuname.'/'.$file,
+ $home);
+ }
+ } elsif ($action eq 'uploaddoc') {
+ open(my $fh,'>'.$filepath.'/'.$fname);
+ print $fh $env{'form.'.$source};
+ close($fh);
+ if ($parser eq 'parse') {
+ my $mm = new File::MMagic;
+ my $type = $mm->checktype_filename($filepath.'/'.$fname);
+ if ($type eq 'text/html') {
+ my $parse_result = &extract_embedded_items($filepath.'/'.$fname,$allfiles,$codebase);
+ unless ($parse_result eq 'ok') {
+ &logthis('Failed to parse '.$filepath.'/'.$fname.' for embedded media: '.$parse_result);
+ }
+ }
+ if (ref($mimetype)) {
+ $$mimetype = $type;
+ }
+ }
+ $fetchresult= &reply('fetchuserfile:'.$docudom.'/'.$docuname.'/'.$file,
+ $home);
+ if ($fetchresult eq 'ok') {
+ return '/uploaded/'.$fpath.'/'.$fname;
+ } else {
+ &logthis('Failed to transfer '.$docudom.'/'.$docuname.'/'.$file.
+ ' to host '.$home.': '.$fetchresult);
+ return '/adm/notfound.html';
+ }
+ }
+ }
+ unless ( $fetchresult eq 'ok') {
+ &logthis('Failed to transfer '.$docudom.'/'.$docuname.'/'.$file.
+ ' to host '.$home.': '.$fetchresult);
+ }
+ return $fetchresult;
+}
+
+sub build_filepath {
+ my ($fpath) = @_;
+ my $filepath=$perlvar{'lonDocRoot'}.'/userfiles';
+ unless ($fpath eq '') {
+ my @parts=split('/',$fpath);
+ foreach my $part (@parts) {
+ $filepath.= '/'.$part;
+ if ((-e $filepath)!=1) {
+ mkdir($filepath,0777);
+ }
+ }
+ }
+ return $filepath;
+}
+
+sub store_edited_file {
+ my ($primary_url,$content,$docudom,$docuname,$fetchresult) = @_;
+ my $file = $primary_url;
+ $file =~ s#^/uploaded/$docudom/$docuname/##;
+ my $fpath = '';
+ my $fname = $file;
+ ($fpath,$fname) = ($file =~ m|^(.*)/([^/]+)$|);
+ $fpath=$docudom.'/'.$docuname.'/'.$fpath;
+ my $filepath = &build_filepath($fpath);
+ open(my $fh,'>'.$filepath.'/'.$fname);
+ print $fh $content;
+ close($fh);
+ my $home=&homeserver($docuname,$docudom);
+ $$fetchresult= &reply('fetchuserfile:'.$docudom.'/'.$docuname.'/'.$file,
+ $home);
+ if ($$fetchresult eq 'ok') {
+ return '/uploaded/'.$fpath.'/'.$fname;
+ } else {
+ &logthis('Failed to transfer '.$docudom.'/'.$docuname.'/'.$file.
+ ' to host '.$home.': '.$$fetchresult);
+ return '/adm/notfound.html';
+ }
+}
+
+sub clean_filename {
+ my ($fname,$args)=@_;
+# Replace Windows backslashes by forward slashes
+ $fname=~s/\\/\//g;
+ if (!$args->{'keep_path'}) {
+ # Get rid of everything but the actual filename
+ $fname=~s/^.*\/([^\/]+)$/$1/;
+ }
+# Replace spaces by underscores
+ $fname=~s/\s+/\_/g;
+# Replace all other weird characters by nothing
+ $fname=~s{[^/\w\.\-]}{}g;
+# Replace all .\d. sequences with _\d. so they no longer look like version
+# numbers
+ $fname=~s/\.(\d+)(?=\.)/_$1/g;
+ return $fname;
+}
+# This Function checks if an Image's dimensions exceed either $resizewidth (width)
+# or $resizeheight (height) - both pixels. If so, the image is scaled to produce an
+# image with the same aspect ratio as the original, but with dimensions which do
+# not exceed $resizewidth and $resizeheight.
+
+sub resizeImage {
+ my ($img_path,$resizewidth,$resizeheight) = @_;
+ my $ima = Image::Magick->new;
+ my $resized;
+ if (-e $img_path) {
+ $ima->Read($img_path);
+ if (($resizewidth =~ /^\d+$/) && ($resizeheight > 0)) {
+ my $width = $ima->Get('width');
+ my $height = $ima->Get('height');
+ if ($width > $resizewidth) {
+ my $factor = $width/$resizewidth;
+ my $newheight = $height/$factor;
+ $ima->Scale(width=>$resizewidth,height=>$newheight);
+ $resized = 1;
+ }
+ }
+ if (($resizeheight =~ /^\d+$/) && ($resizeheight > 0)) {
+ my $width = $ima->Get('width');
+ my $height = $ima->Get('height');
+ if ($height > $resizeheight) {
+ my $factor = $height/$resizeheight;
+ my $newwidth = $width/$factor;
+ $ima->Scale(width=>$newwidth,height=>$resizeheight);
+ $resized = 1;
+ }
+ }
+ if ($resized) {
+ $ima->Write($img_path);
+ }
+ }
+ return;
+}
+
+# --------------- Take an uploaded file and put it into the userfiles directory
+# input: $formname - the contents of the file are in $env{"form.$formname"}
+# the desired filename is in $env{"form.$formname.filename"}
+# $context - possible values: coursedoc, existingfile, overwrite,
+# canceloverwrite, or ''.
+# if 'coursedoc': upload to the current course
+# if 'existingfile': write file to tmp/overwrites directory
+# if 'canceloverwrite': delete file written to tmp/overwrites directory
+# $context is passed as argument to &finishuserfileupload
+# $subdir - directory in userfile to store the file into
+# $parser - instruction to parse file for objects ($parser = parse)
+# $allfiles - reference to hash for embedded objects
+# $codebase - reference to hash for codebase of java objects
+# $desuname - username for permanent storage of uploaded file
+# $dsetudom - domain for permanaent storage of uploaded file
+# $thumbwidth - width (pixels) of thumbnail to make for uploaded image
+# $thumbheight - height (pixels) of thumbnail to make for uploaded image
+# $resizewidth - width (pixels) to which to resize uploaded image
+# $resizeheight - height (pixels) to which to resize uploaded image
+# $mimetype - reference to scalar to accommodate mime type determined
+# from File::MMagic.
+#
+# output: url of file in userspace, or error: '.
+ '
';
+ } else {
+ return '';
+ }
+ } else {
return '';
+ }
+}
+
+# ---------------------------------------------------------- Course ID routines
+# Deal with domain's nohist_courseid.db files
+#
+
+sub courseidput {
+ my ($domain,$storehash,$coursehome,$caller) = @_;
+ return unless (ref($storehash) eq 'HASH');
+ my $outcome;
+ if ($caller eq 'timeonly') {
+ my $cids = '';
+ foreach my $item (keys(%$storehash)) {
+ $cids.=&escape($item).'&';
+ }
+ $cids=~s/\&$//;
+ $outcome = &reply('courseidputhash:'.$domain.':'.$caller.':'.$cids,
+ $coursehome);
+ } else {
+ my $items = '';
+ foreach my $item (keys(%$storehash)) {
+ $items.= &escape($item).'='.
+ &freeze_escape($$storehash{$item}).'&';
+ }
+ $items=~s/\&$//;
+ $outcome = &reply('courseidputhash:'.$domain.':'.$caller.':'.$items,
+ $coursehome);
+ }
+ if ($outcome eq 'unknown_cmd') {
+ my $what;
+ foreach my $cid (keys(%$storehash)) {
+ $what .= &escape($cid).'=';
+ foreach my $item ('description','inst_code','owner','type') {
+ $what .= &escape($storehash->{$cid}{$item}).':';
+ }
+ $what =~ s/\:$/&/;
+ }
+ $what =~ s/\&$//;
+ return &reply('courseidput:'.$domain.':'.$what,$coursehome);
} else {
- &logthis("WARNING: ".
- "Checkout log failed ".$tudom.' - '.$tuname.' - '.$symb.
- "");
+ return $outcome;
}
- return $token;
}
-# ------------------------------------------------------------ Check in an item
+sub courseiddump {
+ my ($domfilter,$descfilter,$sincefilter,$instcodefilter,$ownerfilter,
+ $coursefilter,$hostidflag,$hostidref,$typefilter,$regexp_ok,
+ $selfenrollonly,$catfilter,$showhidden,$caller,$cloner,$cc_clone,
+ $cloneonly,$createdbefore,$createdafter,$creationcontext,$domcloner,
+ $hasuniquecode,$reqcrsdom,$reqinstcode)=@_;
+ my $as_hash = 1;
+ my %returnhash;
+ if (!$domfilter) { $domfilter=''; }
+ my %libserv = &all_library();
+ foreach my $tryserver (keys(%libserv)) {
+ if ( ( $hostidflag == 1
+ && grep(/^\Q$tryserver\E$/,@{$hostidref}) )
+ || (!defined($hostidflag)) ) {
+
+ if (($domfilter eq '') ||
+ (&host_domain($tryserver) eq $domfilter)) {
+ my $rep;
+ if (grep { $_ eq $tryserver } current_machine_ids()) {
+ $rep = LONCAPA::Lond::dump_course_id_handler(
+ join(":", (&host_domain($tryserver), $sincefilter,
+ &escape($descfilter), &escape($instcodefilter),
+ &escape($ownerfilter), &escape($coursefilter),
+ &escape($typefilter), &escape($regexp_ok),
+ $as_hash, &escape($selfenrollonly),
+ &escape($catfilter), $showhidden, $caller,
+ &escape($cloner), &escape($cc_clone), $cloneonly,
+ &escape($createdbefore), &escape($createdafter),
+ &escape($creationcontext),$domcloner,$hasuniquecode,
+ $reqcrsdom,&escape($reqinstcode))));
+ } else {
+ $rep = &reply('courseiddump:'.&host_domain($tryserver).':'.
+ $sincefilter.':'.&escape($descfilter).':'.
+ &escape($instcodefilter).':'.&escape($ownerfilter).
+ ':'.&escape($coursefilter).':'.&escape($typefilter).
+ ':'.&escape($regexp_ok).':'.$as_hash.':'.
+ &escape($selfenrollonly).':'.&escape($catfilter).':'.
+ $showhidden.':'.$caller.':'.&escape($cloner).':'.
+ &escape($cc_clone).':'.$cloneonly.':'.
+ &escape($createdbefore).':'.&escape($createdafter).':'.
+ &escape($creationcontext).':'.$domcloner.':'.$hasuniquecode.
+ ':'.$reqcrsdom.':'.&escape($reqinstcode),$tryserver);
+ }
+
+ my @pairs=split(/\&/,$rep);
+ foreach my $item (@pairs) {
+ my ($key,$value)=split(/\=/,$item,2);
+ $key = &unescape($key);
+ next if ($key =~ /^error: 2 /);
+ my $result = &thaw_unescape($value);
+ if (ref($result) eq 'HASH') {
+ $returnhash{$key}=$result;
+ } else {
+ my @responses = split(/:/,$value);
+ my @items = ('description','inst_code','owner','type');
+ for (my $i=0; $i<@responses; $i++) {
+ $returnhash{$key}{$items[$i]} = &unescape($responses[$i]);
+ }
+ }
+ }
+ }
+ }
+ }
+ return %returnhash;
+}
-sub checkin {
- my $token=shift;
- my $now=time;
- my ($ta,$tb,$lonhost)=split(/\*/,$token);
- $lonhost=~tr/A-Z/a-z/;
- my $dtoken=$ta.'_'.$hostip{$lonhost}.'_'.$tb;
- $dtoken=~s/\W/\_/g;
- my ($tuname,$tudom,$tcrsid,$symb,$chtim,$rmaddr)=
- split(/\&/,&unescape(&reply('tmpget:'.$dtoken,$lonhost)));
+sub courselastaccess {
+ my ($cdom,$cnum,$hostidref) = @_;
+ my %returnhash;
+ if ($cdom && $cnum) {
+ my $chome = &homeserver($cnum,$cdom);
+ if ($chome ne 'no_host') {
+ my $rep = &reply('courselastaccess:'.$cdom.':'.$cnum,$chome);
+ &extract_lastaccess(\%returnhash,$rep);
+ }
+ } else {
+ if (!$cdom) { $cdom=''; }
+ my %libserv = &all_library();
+ foreach my $tryserver (keys(%libserv)) {
+ if (ref($hostidref) eq 'ARRAY') {
+ next unless (grep(/^\Q$tryserver\E$/,@{$hostidref}));
+ }
+ if (($cdom eq '') || (&host_domain($tryserver) eq $cdom)) {
+ my $rep = &reply('courselastaccess:'.&host_domain($tryserver).':',$tryserver);
+ &extract_lastaccess(\%returnhash,$rep);
+ }
+ }
+ }
+ return %returnhash;
+}
- unless (($tuname) && ($tudom)) {
- &logthis('Check in '.$token.' ('.$dtoken.') failed');
- return '';
+sub extract_lastaccess {
+ my ($returnhash,$rep) = @_;
+ if (ref($returnhash) eq 'HASH') {
+ unless ($rep eq 'unknown_command' || $rep eq 'no_such_host' ||
+ $rep eq 'con_lost' || $rep eq 'rejected' || $rep eq 'refused' ||
+ $rep eq '') {
+ my @pairs=split(/\&/,$rep);
+ foreach my $item (@pairs) {
+ my ($key,$value)=split(/\=/,$item,2);
+ $key = &unescape($key);
+ next if ($key =~ /^error: 2 /);
+ $returnhash->{$key} = &thaw_unescape($value);
+ }
+ }
}
-
- unless (&allowed('mgr',$tcrsid)) {
- &logthis('Check in '.$token.' ('.$dtoken.') unauthorized: '.
- $ENV{'user.name'}.' - '.$ENV{'user.domain'});
- return '';
+ return;
+}
+
+# ---------------------------------------------------------- DC e-mail
+
+sub dcmailput {
+ my ($domain,$msgid,$message,$server)=@_;
+ my $status = &Apache::lonnet::critical(
+ 'dcmailput:'.$domain.':'.&escape($msgid).'='.
+ &escape($message),$server);
+ return $status;
+}
+
+sub dcmaildump {
+ my ($dom,$startdate,$enddate,$senders) = @_;
+ my %returnhash=();
+
+ if (defined(&domain($dom,'primary'))) {
+ my $cmd='dcmaildump:'.$dom.':'.&escape($startdate).':'.
+ &escape($enddate).':';
+ my @esc_senders=map { &escape($_)} @$senders;
+ $cmd.=&escape(join('&',@esc_senders));
+ foreach my $line (split(/\&/,&reply($cmd,&domain($dom,'primary')))) {
+ my ($key,$value) = split(/\=/,$line,2);
+ if (($key) && ($value)) {
+ $returnhash{&unescape($key)} = &unescape($value);
+ }
+ }
}
+ return %returnhash;
+}
+# ---------------------------------------------------------- Domain roles
- my %infohash=('resource.0.intoken' => $token,
- 'resource.0.checkintime' => $now,
- 'resource.0.inremote' => $ENV{'REMOTE_ADDR'});
+sub get_domain_roles {
+ my ($dom,$roles,$startdate,$enddate)=@_;
+ if ((!defined($startdate)) || ($startdate eq '')) {
+ $startdate = '.';
+ }
+ if ((!defined($enddate)) || ($enddate eq '')) {
+ $enddate = '.';
+ }
+ my $rolelist;
+ if (ref($roles) eq 'ARRAY') {
+ $rolelist = join('&',@{$roles});
+ }
+ my %personnel = ();
+
+ my %servers = &get_servers($dom,'library');
+ foreach my $tryserver (keys(%servers)) {
+ %{$personnel{$tryserver}}=();
+ foreach my $line (split(/\&/,&reply('domrolesdump:'.$dom.':'.
+ &escape($startdate).':'.
+ &escape($enddate).':'.
+ &escape($rolelist), $tryserver))) {
+ my ($key,$value) = split(/\=/,$line,2);
+ if (($key) && ($value)) {
+ $personnel{$tryserver}{&unescape($key)} = &unescape($value);
+ }
+ }
+ }
+ return %personnel;
+}
- unless (&cstore(\%infohash,$symb,$tcrsid,$tudom,$tuname) eq 'ok') {
- return '';
- }
+# ----------------------------------------------------------- Interval timing
- if (&log($tudom,$tuname,&homeserver($tuname,$tudom),
- &escape('Checkin - '.$token)) ne 'ok') {
- return '';
+{
+# Caches needed for speedup of navmaps
+# We don't want to cache this for very long at all (5 seconds at most)
+#
+# The user for whom we cache
+my $cachedkey='';
+# The cached times for this user
+my %cachedtimes=();
+# When this was last done
+my $cachedtime='';
+
+sub load_all_first_access {
+ my ($uname,$udom,$ignorecache)=@_;
+ if (($cachedkey eq $uname.':'.$udom) &&
+ (abs($cachedtime-time)<5) && (!$env{'form.markaccess'}) &&
+ (!$ignorecache)) {
+ return;
+ }
+ $cachedtime=time;
+ $cachedkey=$uname.':'.$udom;
+ %cachedtimes=&dump('firstaccesstimes',$udom,$uname);
+}
+
+sub get_first_access {
+ my ($type,$argsymb,$argmap,$ignorecache)=@_;
+ my ($symb,$courseid,$udom,$uname)=&whichuser();
+ if ($argsymb) { $symb=$argsymb; }
+ my ($map,$id,$res)=&decode_symb($symb);
+ if ($argmap) { $map = $argmap; }
+ if ($type eq 'course') {
+ $res='course';
+ } elsif ($type eq 'map') {
+ $res=&symbread($map);
+ } else {
+ $res=$symb;
}
+ &load_all_first_access($uname,$udom,$ignorecache);
+ return $cachedtimes{"$courseid\0$res"};
+}
- return ($symb,$tuname,$tudom,$tcrsid);
+sub set_first_access {
+ my ($type,$interval)=@_;
+ my ($symb,$courseid,$udom,$uname)=&whichuser();
+ my ($map,$id,$res)=&decode_symb($symb);
+ if ($type eq 'course') {
+ $res='course';
+ } elsif ($type eq 'map') {
+ $res=&symbread($map);
+ } else {
+ $res=$symb;
+ }
+ $cachedkey='';
+ my $firstaccess=&get_first_access($type,$symb,$map);
+ if (!$firstaccess) {
+ my $start = time;
+ my $putres = &put('firstaccesstimes',{"$courseid\0$res"=>$start},
+ $udom,$uname);
+ if ($putres eq 'ok') {
+ &put('timerinterval',{"$courseid\0$res"=>$interval},
+ $udom,$uname);
+ &appenv(
+ {
+ 'course.'.$courseid.'.firstaccess.'.$res => $start,
+ 'course.'.$courseid.'.timerinterval.'.$res => $interval,
+ }
+ );
+ }
+ return $putres;
+ }
+ return 'already_set';
+}
}
# --------------------------------------------- Set Expire Date for Spreadsheet
sub expirespread {
my ($uname,$udom,$stype,$usymb)=@_;
- my $cid=$ENV{'request.course.id'};
+ my $cid=$env{'request.course.id'};
if ($cid) {
my $now=time;
my $key=$uname.':'.$udom.':'.$stype.':'.$usymb;
- return &reply('put:'.$ENV{'course.'.$cid.'.domain'}.':'.
- $ENV{'course.'.$cid.'.num'}.
+ return &reply('put:'.$env{'course.'.$cid.'.domain'}.':'.
+ $env{'course.'.$cid.'.num'}.
':nohist_expirationdates:'.
&escape($key).'='.$now,
- $ENV{'course.'.$cid.'.home'})
+ $env{'course.'.$cid.'.home'})
}
return 'ok';
}
@@ -894,117 +4794,221 @@ sub expirespread {
# ----------------------------------------------------- Devalidate Spreadsheets
sub devalidate {
- my $symb=shift;
- my $cid=$ENV{'request.course.id'};
+ my ($symb,$uname,$udom)=@_;
+ my $cid=$env{'request.course.id'};
if ($cid) {
- my $key=$ENV{'user.name'}.':'.$ENV{'user.domain'}.':';
+ # delete the stored spreadsheets for
+ # - the student level sheet of this user in course's homespace
+ # - the assessment level sheet for this resource
+ # for this user in user's homespace
+ # - current conditional state info
+ my $key=$uname.':'.$udom.':';
my $status=
- &del('nohist_calculatedsheet',
- [$key.'studentcalc'],
- $ENV{'course.'.$cid.'.domain'},
- $ENV{'course.'.$cid.'.num'})
+ &del('nohist_calculatedsheets',
+ [$key.'studentcalc:'],
+ $env{'course.'.$cid.'.domain'},
+ $env{'course.'.$cid.'.num'})
.' '.
&del('nohist_calculatedsheets_'.$cid,
- [$key.'assesscalc:'.$symb]);
+ [$key.'assesscalc:'.$symb],$udom,$uname);
unless ($status eq 'ok ok') {
&logthis('Could not devalidate spreadsheet '.
- $ENV{'user.name'}.' at '.$ENV{'user.domain'}.' for '.
+ $uname.' at '.$udom.' for '.
$symb.': '.$status);
}
+ &delenv('user.state.'.$cid);
+ }
+}
+
+sub get_scalar {
+ my ($string,$end) = @_;
+ my $value;
+ if ($$string =~ s/^([^&]*?)($end)/$2/) {
+ $value = $1;
+ } elsif ($$string =~ s/^([^&]*?)&//) {
+ $value = $1;
}
+ return &unescape($value);
+}
+
+sub array2str {
+ my (@array) = @_;
+ my $result=&arrayref2str(\@array);
+ $result=~s/^__ARRAY_REF__//;
+ $result=~s/__END_ARRAY_REF__$//;
+ return $result;
}
sub arrayref2str {
my ($arrayref) = @_;
- my $result='_ARRAY_REF__';
+ my $result='__ARRAY_REF__';
foreach my $elem (@$arrayref) {
- if (ref($elem) eq 'ARRAY') {
- $result.=&escape(&arrayref2str($elem)).'&';
- } elsif (ref($elem) eq 'HASH') {
- $result.=&escape(&hashref2str($elem)).'&';
- } elsif (ref($elem)) {
- &logthis("Got a ref of ".(ref($elem))." skipping.");
+ if(ref($elem) eq 'ARRAY') {
+ $result.=&arrayref2str($elem).'&';
+ } elsif(ref($elem) eq 'HASH') {
+ $result.=&hashref2str($elem).'&';
+ } elsif(ref($elem)) {
+ #print("Got a ref of ".(ref($elem))." skipping.");
} else {
$result.=&escape($elem).'&';
}
}
$result=~s/\&$//;
+ $result .= '__END_ARRAY_REF__';
return $result;
}
sub hash2str {
my (%hash) = @_;
my $result=&hashref2str(\%hash);
- $result=~s/^_HASH_REF__//;
+ $result=~s/^__HASH_REF__//;
+ $result=~s/__END_HASH_REF__$//;
return $result;
}
sub hashref2str {
my ($hashref)=@_;
- my $result='_HASH_REF__';
- foreach (keys(%$hashref)) {
- if (ref($_) eq 'ARRAY') {
- $result.=&escape(&arrayref2str($_)).'=';
- } elsif (ref($_) eq 'HASH') {
- $result.=&escape(&hashref2str($_)).'=';
- } elsif (ref($_)) {
- &logthis("Got a ref of ".(ref($_))." skipping.");
- } else {
- $result.=&escape($_).'=';
- }
-
- if (ref($$hashref{$_}) eq 'ARRAY') {
- $result.=&escape(&arrayref2str($$hashref{$_})).'&';
- } elsif (ref($$hashref{$_}) eq 'HASH') {
- $result.=&escape(&hashref2str($$hashref{$_})).'&';
- } elsif (ref($$hashref{$_})) {
- &logthis("Got a ref of ".(ref($$hashref{$_}))." skipping.");
+ my $result='__HASH_REF__';
+ foreach my $key (sort(keys(%$hashref))) {
+ if (ref($key) eq 'ARRAY') {
+ $result.=&arrayref2str($key).'=';
+ } elsif (ref($key) eq 'HASH') {
+ $result.=&hashref2str($key).'=';
+ } elsif (ref($key)) {
+ $result.='=';
+ #print("Got a ref of ".(ref($key))." skipping.");
+ } else {
+ if (defined($key)) {$result.=&escape($key).'=';} else { last; }
+ }
+
+ if(ref($hashref->{$key}) eq 'ARRAY') {
+ $result.=&arrayref2str($hashref->{$key}).'&';
+ } elsif(ref($hashref->{$key}) eq 'HASH') {
+ $result.=&hashref2str($hashref->{$key}).'&';
+ } elsif(ref($hashref->{$key})) {
+ $result.='&';
+ #print("Got a ref of ".(ref($hashref->{$key}))." skipping.");
} else {
- $result.=&escape($$hashref{$_}).'&';
+ $result.=&escape($hashref->{$key}).'&';
}
}
$result=~s/\&$//;
+ $result .= '__END_HASH_REF__';
return $result;
}
sub str2hash {
+ my ($string)=@_;
+ my ($hash)=&str2hashref('__HASH_REF__'.$string.'__END_HASH_REF__');
+ return %$hash;
+}
+
+sub str2hashref {
my ($string) = @_;
- my %returnhash;
- foreach (split(/\&/,$string)) {
- my ($name,$value)=split(/\=/,$_);
- $name=&unescape($name);
- $value=&unescape($value);
- if ($value =~ /^_HASH_REF__/) {
- $value =~ s/^_HASH_REF__//;
- my %hash=&str2hash($value);
- $value=\%hash;
- } elsif ($value =~ /^_ARRAY_REF__/) {
- $value =~ s/^_ARRAY_REF__//;
- my @array=&str2array($value);
- $value=\@array;
- }
- $returnhash{$name}=$value;
+
+ my %hash;
+
+ if($string !~ /^__HASH_REF__/) {
+ if (! ($string eq '' || !defined($string))) {
+ $hash{'error'}='Not hash reference';
+ }
+ return (\%hash, $string);
+ }
+
+ $string =~ s/^__HASH_REF__//;
+
+ while($string !~ /^__END_HASH_REF__/) {
+ #key
+ my $key='';
+ if($string =~ /^__HASH_REF__/) {
+ ($key, $string)=&str2hashref($string);
+ if(defined($key->{'error'})) {
+ $hash{'error'}='Bad data';
+ return (\%hash, $string);
+ }
+ } elsif($string =~ /^__ARRAY_REF__/) {
+ ($key, $string)=&str2arrayref($string);
+ if($key->[0] eq 'Array reference error') {
+ $hash{'error'}='Bad data';
+ return (\%hash, $string);
+ }
+ } else {
+ $string =~ s/^(.*?)=//;
+ $key=&unescape($1);
+ }
+ $string =~ s/^=//;
+
+ #value
+ my $value='';
+ if($string =~ /^__HASH_REF__/) {
+ ($value, $string)=&str2hashref($string);
+ if(defined($value->{'error'})) {
+ $hash{'error'}='Bad data';
+ return (\%hash, $string);
+ }
+ } elsif($string =~ /^__ARRAY_REF__/) {
+ ($value, $string)=&str2arrayref($string);
+ if($value->[0] eq 'Array reference error') {
+ $hash{'error'}='Bad data';
+ return (\%hash, $string);
+ }
+ } else {
+ $value=&get_scalar(\$string,'__END_HASH_REF__');
+ }
+ $string =~ s/^&//;
+
+ $hash{$key}=$value;
}
- return (%returnhash);
+
+ $string =~ s/^__END_HASH_REF__//;
+
+ return (\%hash, $string);
}
sub str2array {
+ my ($string)=@_;
+ my ($array)=&str2arrayref('__ARRAY_REF__'.$string.'__END_ARRAY_REF__');
+ return @$array;
+}
+
+sub str2arrayref {
my ($string) = @_;
- my @returnarray;
- foreach my $value (split(/\&/,$string)) {
- $value=&unescape($value);
- if ($value =~ /^_HASH_REF__/) {
- $value =~ s/^_HASH_REF__//;
- my %hash=&str2hash($value);
- $value=\%hash;
- } elsif ($value =~ /^_ARRAY_REF__/) {
- $value =~ s/^_ARRAY_REF__//;
- my @array=&str2array($value);
- $value=\@array;
- }
- push(@returnarray,$value);
+ my @array;
+
+ if($string !~ /^__ARRAY_REF__/) {
+ if (! ($string eq '' || !defined($string))) {
+ $array[0]='Array reference error';
+ }
+ return (\@array, $string);
+ }
+
+ $string =~ s/^__ARRAY_REF__//;
+
+ while($string !~ /^__END_ARRAY_REF__/) {
+ my $value='';
+ if($string =~ /^__HASH_REF__/) {
+ ($value, $string)=&str2hashref($string);
+ if(defined($value->{'error'})) {
+ $array[0] ='Array reference error';
+ return (\@array, $string);
+ }
+ } elsif($string =~ /^__ARRAY_REF__/) {
+ ($value, $string)=&str2arrayref($string);
+ if($value->[0] eq 'Array reference error') {
+ $array[0] ='Array reference error';
+ return (\@array, $string);
+ }
+ } else {
+ $value=&get_scalar(\$string,'__END_ARRAY_REF__');
+ }
+ $string =~ s/^&//;
+
+ push(@array, $value);
}
- return (@returnarray);
+
+ $string =~ s/^__END_ARRAY_REF__//;
+
+ return (\@array, $string);
}
# -------------------------------------------------------------------Temp Store
@@ -1013,23 +5017,25 @@ sub tmpreset {
my ($symb,$namespace,$domain,$stuname) = @_;
if (!$symb) {
$symb=&symbread();
- if (!$symb) { $symb= $ENV{'REQUEST_URI'}; }
+ if (!$symb) { $symb= $env{'request.url'}; }
}
$symb=escape($symb);
- if (!$namespace) { $namespace=$ENV{'request.state'}; }
+ if (!$namespace) { $namespace=$env{'request.state'}; }
$namespace=~s/\//\_/g;
$namespace=~s/\W//g;
- #FIXME needs to do something for /pub resources
- if (!$domain) { $domain=$ENV{'user.domain'}; }
- if (!$stuname) { $stuname=$ENV{'user.name'}; }
- my $path=$perlvar{'lonDaemons'}.'/tmp';
+ if (!$domain) { $domain=$env{'user.domain'}; }
+ if (!$stuname) { $stuname=$env{'user.name'}; }
+ if ($domain eq 'public' && $stuname eq 'public') {
+ $stuname=$ENV{'REMOTE_ADDR'};
+ }
+ my $path=LONCAPA::tempdir();
my %hash;
if (tie(%hash,'GDBM_File',
$path.'/tmpstore_'.$stuname.'_'.$domain.'_'.$namespace.'.db',
- &GDBM_WRCREAT,0640)) {
- foreach my $key (keys %hash) {
+ &GDBM_WRCREAT(),0640)) {
+ foreach my $key (keys(%hash)) {
if ($key=~ /:$symb/) {
delete($hash{$key});
}
@@ -1042,35 +5048,37 @@ sub tmpstore {
if (!$symb) {
$symb=&symbread();
- if (!$symb) { $symb= $ENV{'request.url'}; }
+ if (!$symb) { $symb= $env{'request.url'}; }
}
$symb=escape($symb);
if (!$namespace) {
# I don't think we would ever want to store this for a course.
# it seems this will only be used if we don't have a course.
- #$namespace=$ENV{'request.course.id'};
+ #$namespace=$env{'request.course.id'};
#if (!$namespace) {
- $namespace=$ENV{'request.state'};
+ $namespace=$env{'request.state'};
#}
}
$namespace=~s/\//\_/g;
$namespace=~s/\W//g;
-#FIXME needs to do something for /pub resources
- if (!$domain) { $domain=$ENV{'user.domain'}; }
- if (!$stuname) { $stuname=$ENV{'user.name'}; }
+ if (!$domain) { $domain=$env{'user.domain'}; }
+ if (!$stuname) { $stuname=$env{'user.name'}; }
+ if ($domain eq 'public' && $stuname eq 'public') {
+ $stuname=$ENV{'REMOTE_ADDR'};
+ }
my $now=time;
my %hash;
- my $path=$perlvar{'lonDaemons'}.'/tmp';
+ my $path=LONCAPA::tempdir();
if (tie(%hash,'GDBM_File',
$path.'/tmpstore_'.$stuname.'_'.$domain.'_'.$namespace.'.db',
- &GDBM_WRCREAT,0640)) {
+ &GDBM_WRCREAT(),0640)) {
$hash{"version:$symb"}++;
my $version=$hash{"version:$symb"};
my $allkeys='';
foreach my $key (keys(%$storehash)) {
$allkeys.=$key.':';
- $hash{"$version:$symb:$key"}=$$storehash{$key};
+ $hash{"$version:$symb:$key"}=&freeze_escape($$storehash{$key});
}
$hash{"$version:$symb:timestamp"}=$now;
$allkeys.='timestamp';
@@ -1092,23 +5100,25 @@ sub tmprestore {
if (!$symb) {
$symb=&symbread();
- if (!$symb) { $symb= $ENV{'request.url'}; }
+ if (!$symb) { $symb= $env{'request.url'}; }
}
$symb=escape($symb);
- if (!$namespace) { $namespace=$ENV{'request.state'}; }
- #FIXME needs to do something for /pub resources
- if (!$domain) { $domain=$ENV{'user.domain'}; }
- if (!$stuname) { $stuname=$ENV{'user.name'}; }
+ if (!$namespace) { $namespace=$env{'request.state'}; }
+ if (!$domain) { $domain=$env{'user.domain'}; }
+ if (!$stuname) { $stuname=$env{'user.name'}; }
+ if ($domain eq 'public' && $stuname eq 'public') {
+ $stuname=$ENV{'REMOTE_ADDR'};
+ }
my %returnhash;
$namespace=~s/\//\_/g;
$namespace=~s/\W//g;
my %hash;
- my $path=$perlvar{'lonDaemons'}.'/tmp';
+ my $path=LONCAPA::tempdir();
if (tie(%hash,'GDBM_File',
$path.'/tmpstore_'.$stuname.'_'.$domain.'_'.$namespace.'.db',
- &GDBM_READER,0640)) {
+ &GDBM_READER(),0640)) {
my $version=$hash{"version:$symb"};
$returnhash{'version'}=$version;
my $scope;
@@ -1118,8 +5128,8 @@ sub tmprestore {
my $key;
$returnhash{"$scope:keys"}=$vkeys;
foreach $key (@keys) {
- $returnhash{"$scope:$key"}=$hash{"$scope:$symb:$key"};
- $returnhash{"$key"}=$hash{"$scope:$symb:$key"};
+ $returnhash{"$scope:$key"}=&thaw_unescape($hash{"$scope:$symb:$key"});
+ $returnhash{"$key"}=&thaw_unescape($hash{"$scope:$symb:$key"});
}
}
if (!(untie(%hash))) {
@@ -1134,7 +5144,7 @@ sub tmprestore {
# ----------------------------------------------------------------------- Store
sub store {
- my ($storehash,$symb,$namespace,$domain,$stuname) = @_;
+ my ($storehash,$symb,$namespace,$domain,$stuname,$laststore) = @_;
my $home='';
if ($stuname) { $home=&homeserver($stuname,$domain); }
@@ -1142,30 +5152,35 @@ sub store {
$symb=&symbclean($symb);
if (!$symb) { unless ($symb=&symbread()) { return ''; } }
- &devalidate($symb);
+ if (!$domain) { $domain=$env{'user.domain'}; }
+ if (!$stuname) { $stuname=$env{'user.name'}; }
+
+ &devalidate($symb,$stuname,$domain);
$symb=escape($symb);
if (!$namespace) {
- unless ($namespace=$ENV{'request.course.id'}) {
+ unless ($namespace=$env{'request.course.id'}) {
return '';
}
}
- if (!$domain) { $domain=$ENV{'user.domain'}; }
- if (!$stuname) { $stuname=$ENV{'user.name'}; }
- if (!$home) { $home=$ENV{'user.home'}; }
+ if (!$home) { $home=$env{'user.home'}; }
+
+ $$storehash{'ip'}=$ENV{'REMOTE_ADDR'};
+ $$storehash{'host'}=$perlvar{'lonHostID'};
+
my $namevalue='';
- foreach (keys %$storehash) {
- $namevalue.=escape($_).'='.escape($$storehash{$_}).'&';
+ foreach my $key (keys(%$storehash)) {
+ $namevalue.=&escape($key).'='.&freeze_escape($$storehash{$key}).'&';
}
$namevalue=~s/\&$//;
&courselog($symb.':'.$stuname.':'.$domain.':STORE:'.$namevalue);
- return reply("store:$domain:$stuname:$namespace:$symb:$namevalue","$home");
+ return reply("store:$domain:$stuname:$namespace:$symb:$namevalue:$laststore","$home");
}
# -------------------------------------------------------------- Critical Store
sub cstore {
- my ($storehash,$symb,$namespace,$domain,$stuname) = @_;
+ my ($storehash,$symb,$namespace,$domain,$stuname,$laststore) = @_;
my $home='';
if ($stuname) { $home=&homeserver($stuname,$domain); }
@@ -1173,26 +5188,30 @@ sub cstore {
$symb=&symbclean($symb);
if (!$symb) { unless ($symb=&symbread()) { return ''; } }
- &devalidate($symb);
+ if (!$domain) { $domain=$env{'user.domain'}; }
+ if (!$stuname) { $stuname=$env{'user.name'}; }
+
+ &devalidate($symb,$stuname,$domain);
$symb=escape($symb);
if (!$namespace) {
- unless ($namespace=$ENV{'request.course.id'}) {
+ unless ($namespace=$env{'request.course.id'}) {
return '';
}
}
- if (!$domain) { $domain=$ENV{'user.domain'}; }
- if (!$stuname) { $stuname=$ENV{'user.name'}; }
- if (!$home) { $home=$ENV{'user.home'}; }
+ if (!$home) { $home=$env{'user.home'}; }
+
+ $$storehash{'ip'}=$ENV{'REMOTE_ADDR'};
+ $$storehash{'host'}=$perlvar{'lonHostID'};
my $namevalue='';
- foreach (keys %$storehash) {
- $namevalue.=escape($_).'='.escape($$storehash{$_}).'&';
+ foreach my $key (keys(%$storehash)) {
+ $namevalue.=&escape($key).'='.&freeze_escape($$storehash{$key}).'&';
}
$namevalue=~s/\&$//;
&courselog($symb.':'.$stuname.':'.$domain.':CSTORE:'.$namevalue);
return critical
- ("store:$domain:$stuname:$namespace:$symb:$namevalue","$home");
+ ("store:$domain:$stuname:$namespace:$symb:$namevalue:$laststore","$home");
}
# --------------------------------------------------------------------- Restore
@@ -1204,164 +5223,633 @@ sub restore {
if ($stuname) { $home=&homeserver($stuname,$domain); }
if (!$symb) {
- unless ($symb=escape(&symbread())) { return ''; }
+ return if ($namespace eq 'courserequests');
+ unless ($symb=escape(&symbread())) { return ''; }
} else {
- $symb=&escape(&symbclean($symb));
+ unless ($namespace eq 'courserequests') {
+ $symb=&escape(&symbclean($symb));
+ }
}
if (!$namespace) {
- unless ($namespace=$ENV{'request.course.id'}) {
+ unless ($namespace=$env{'request.course.id'}) {
return '';
}
}
- if (!$domain) { $domain=$ENV{'user.domain'}; }
- if (!$stuname) { $stuname=$ENV{'user.name'}; }
- if (!$home) { $home=$ENV{'user.home'}; }
+ if (!$domain) { $domain=$env{'user.domain'}; }
+ if (!$stuname) { $stuname=$env{'user.name'}; }
+ if (!$home) { $home=$env{'user.home'}; }
my $answer=&reply("restore:$domain:$stuname:$namespace:$symb","$home");
my %returnhash=();
- foreach (split(/\&/,$answer)) {
- my ($name,$value)=split(/\=/,$_);
- $returnhash{&unescape($name)}=&unescape($value);
+ foreach my $line (split(/\&/,$answer)) {
+ my ($name,$value)=split(/\=/,$line);
+ $returnhash{&unescape($name)}=&thaw_unescape($value);
}
my $version;
for ($version=1;$version<=$returnhash{'version'};$version++) {
- foreach (split(/\:/,$returnhash{$version.':keys'})) {
- $returnhash{$_}=$returnhash{$version.':'.$_};
+ foreach my $item (split(/\:/,$returnhash{$version.':keys'})) {
+ $returnhash{$item}=$returnhash{$version.':'.$item};
}
}
return %returnhash;
}
# ---------------------------------------------------------- Course Description
+#
+#
sub coursedescription {
- my $courseid=shift;
+ my ($courseid,$args)=@_;
$courseid=~s/^\///;
$courseid=~s/\_/\//g;
my ($cdomain,$cnum)=split(/\//,$courseid);
my $chome=&homeserver($cnum,$cdomain);
+ my $normalid=$cdomain.'_'.$cnum;
+ # need to always cache even if we get errors otherwise we keep
+ # trying and trying and trying to get the course description.
+ my %envhash=();
+ my %returnhash=();
+
+ my $expiretime=600;
+ if ($env{'request.course.id'} eq $normalid) {
+ $expiretime=120;
+ }
+
+ my $prefix='course.'.$cdomain.'_'.$cnum.'.';
+ if (!$args->{'freshen_cache'}
+ && ((time-$env{$prefix.'last_cache'}) < $expiretime) ) {
+ foreach my $key (keys(%env)) {
+ next if ($key !~ /^\Q$prefix\E(.*)/);
+ my ($setting) = $1;
+ $returnhash{$setting} = $env{$key};
+ }
+ return %returnhash;
+ }
+
+ # get the data again
+
+ if (!$args->{'one_time'}) {
+ $envhash{'course.'.$normalid.'.last_cache'}=time;
+ }
+
if ($chome ne 'no_host') {
- my %returnhash=&dump('environment',$cdomain,$cnum);
+ %returnhash=&dump('environment',$cdomain,$cnum);
if (!exists($returnhash{'con_lost'})) {
- my $normalid=$cdomain.'_'.$cnum;
- my %envhash=();
+ my $username = $env{'user.name'}; # Defult username
+ if(defined $args->{'user'}) {
+ $username = $args->{'user'};
+ }
$returnhash{'home'}= $chome;
$returnhash{'domain'} = $cdomain;
$returnhash{'num'} = $cnum;
+ if (!defined($returnhash{'type'})) {
+ $returnhash{'type'} = 'Course';
+ }
while (my ($name,$value) = each %returnhash) {
$envhash{'course.'.$normalid.'.'.$name}=$value;
}
- $returnhash{'url'}='/res/'.declutter($returnhash{'url'});
- $returnhash{'fn'}=$perlvar{'lonDaemons'}.'/tmp/'.
- $ENV{'user.name'}.'_'.$cdomain.'_'.$cnum;
- $envhash{'course.'.$normalid.'.last_cache'}=time;
+ $returnhash{'url'}=&clutter($returnhash{'url'});
+ $returnhash{'fn'}=LONCAPA::tempdir() .
+ $username.'_'.$cdomain.'_'.$cnum;
$envhash{'course.'.$normalid.'.home'}=$chome;
$envhash{'course.'.$normalid.'.domain'}=$cdomain;
$envhash{'course.'.$normalid.'.num'}=$cnum;
- &appenv(%envhash);
- return %returnhash;
}
}
- return ();
+ if (!$args->{'one_time'}) {
+ &appenv(\%envhash);
+ }
+ return %returnhash;
+}
+
+sub update_released_required {
+ my ($needsrelease,$cdom,$cnum,$chome,$cid) = @_;
+ if ($cdom eq '' || $cnum eq '' || $chome eq '' || $cid eq '') {
+ $cid = $env{'request.course.id'};
+ $cdom = $env{'course.'.$cid.'.domain'};
+ $cnum = $env{'course.'.$cid.'.num'};
+ $chome = $env{'course.'.$cid.'.home'};
+ }
+ if ($needsrelease) {
+ my %curr_reqd_hash = &userenvironment($cdom,$cnum,'internal.releaserequired');
+ my $needsupdate;
+ if ($curr_reqd_hash{'internal.releaserequired'} eq '') {
+ $needsupdate = 1;
+ } else {
+ my ($currmajor,$currminor) = split(/\./,$curr_reqd_hash{'internal.releaserequired'});
+ my ($needsmajor,$needsminor) = split(/\./,$needsrelease);
+ if (($currmajor < $needsmajor) || ($currmajor == $needsmajor && $currminor < $needsminor)) {
+ $needsupdate = 1;
+ }
+ }
+ if ($needsupdate) {
+ my %needshash = (
+ 'internal.releaserequired' => $needsrelease,
+ );
+ my $putresult = &put('environment',\%needshash,$cdom,$cnum);
+ if ($putresult eq 'ok') {
+ &appenv({'course.'.$cid.'.internal.releaserequired' => $needsrelease});
+ my %crsinfo = &courseiddump($cdom,'.',1,'.','.',$cnum,undef,undef,'.');
+ if (ref($crsinfo{$cid}) eq 'HASH') {
+ $crsinfo{$cid}{'releaserequired'} = $needsrelease;
+ &courseidput($cdom,\%crsinfo,$chome,'notime');
+ }
+ }
+ }
+ }
+ return;
+}
+
+# -------------------------------------------------See if a user is privileged
+
+sub privileged {
+ my ($username,$domain,$possdomains,$possroles)=@_;
+ my $now = time;
+ my $roles;
+ if (ref($possroles) eq 'ARRAY') {
+ $roles = $possroles;
+ } else {
+ $roles = ['dc','su'];
+ }
+ if (ref($possdomains) eq 'ARRAY') {
+ my %privileged = &privileged_by_domain($possdomains,$roles);
+ foreach my $dom (@{$possdomains}) {
+ if (($username =~ /^$match_username$/) && ($domain =~ /^$match_domain$/) &&
+ (ref($privileged{$dom}) eq 'HASH')) {
+ foreach my $role (@{$roles}) {
+ if (ref($privileged{$dom}{$role}) eq 'HASH') {
+ if (exists($privileged{$dom}{$role}{$username.':'.$domain})) {
+ my ($end,$start) = split(/:/,$privileged{$dom}{$role}{$username.':'.$domain});
+ return 1 unless (($end && $end < $now) ||
+ ($start && $start > $now));
+ }
+ }
+ }
+ }
+ }
+ } else {
+ my %rolesdump = &dump("roles", $domain, $username) or return 0;
+ my $now = time;
+
+ for my $role (@rolesdump{grep { ! /^rolesdef_/ } keys(%rolesdump)}) {
+ my ($trole, $tend, $tstart) = split(/_/, $role);
+ if (grep(/^\Q$trole\E$/,@{$roles})) {
+ return 1 unless ($tend && $tend < $now)
+ or ($tstart && $tstart > $now);
+ }
+ }
+ }
+ return 0;
+}
+
+sub privileged_by_domain {
+ my ($domains,$roles) = @_;
+ my %privileged = ();
+ my $cachetime = 60*60*24;
+ my $now = time;
+ unless ((ref($domains) eq 'ARRAY') && (ref($roles) eq 'ARRAY')) {
+ return %privileged;
+ }
+ foreach my $dom (@{$domains}) {
+ next if (ref($privileged{$dom}) eq 'HASH');
+ my $needroles;
+ foreach my $role (@{$roles}) {
+ my ($result,$cached)=&is_cached_new('priv_'.$role,$dom);
+ if (defined($cached)) {
+ if (ref($result) eq 'HASH') {
+ $privileged{$dom}{$role} = $result;
+ }
+ } else {
+ $needroles = 1;
+ }
+ }
+ if ($needroles) {
+ my %dompersonnel = &get_domain_roles($dom,$roles);
+ $privileged{$dom} = {};
+ foreach my $server (keys(%dompersonnel)) {
+ if (ref($dompersonnel{$server}) eq 'HASH') {
+ foreach my $item (keys(%{$dompersonnel{$server}})) {
+ my ($trole,$uname,$udom,$rest) = split(/:/,$item,4);
+ my ($end,$start) = split(/:/,$dompersonnel{$server}{$item});
+ next if ($end && $end < $now);
+ $privileged{$dom}{$trole}{$uname.':'.$udom} =
+ $dompersonnel{$server}{$item};
+ }
+ }
+ }
+ if (ref($privileged{$dom}) eq 'HASH') {
+ foreach my $role (@{$roles}) {
+ if (ref($privileged{$dom}{$role}) eq 'HASH') {
+ &do_cache_new('priv_'.$role,$dom,$privileged{$dom}{$role},$cachetime);
+ } else {
+ my %hash = ();
+ &do_cache_new('priv_'.$role,$dom,\%hash,$cachetime);
+ }
+ }
+ }
+ }
+ }
+ return %privileged;
}
# -------------------------------------------------------- Get user privileges
sub rolesinit {
- my ($domain,$username,$authhost)=@_;
- my $rolesdump=reply("dump:$domain:$username:roles",$authhost);
- if (($rolesdump eq 'con_lost') || ($rolesdump eq '')) { return ''; }
+ my ($domain, $username) = @_;
+ my %userroles = ('user.login.time' => time);
+ my %rolesdump = &dump("roles", $domain, $username) or return \%userroles;
+
+ # firstaccess and timerinterval are related to timed maps/resources.
+ # also, blocking can be triggered by an activating timer
+ # it's saved in the user's %env.
+ my %firstaccess = &dump('firstaccesstimes', $domain, $username);
+ my %timerinterval = &dump('timerinterval', $domain, $username);
+ my (%coursetimerstarts, %firstaccchk, %firstaccenv, %coursetimerintervals,
+ %timerintchk, %timerintenv);
+
+ foreach my $key (keys(%firstaccess)) {
+ my ($cid, $rest) = split(/\0/, $key);
+ $coursetimerstarts{$cid}{$rest} = $firstaccess{$key};
+ }
+
+ foreach my $key (keys(%timerinterval)) {
+ my ($cid,$rest) = split(/\0/,$key);
+ $coursetimerintervals{$cid}{$rest} = $timerinterval{$key};
+ }
+
my %allroles=();
- my %thesepriv=();
- my $now=time;
- my $userroles="user.login.time=$now\n";
- my $thesestr;
+ my %allgroups=();
- if ($rolesdump ne '') {
- foreach (split(/&/,$rolesdump)) {
- if ($_!~/^rolesdef\&/) {
- my ($area,$role)=split(/=/,$_);
- $area=~s/\_\w\w$//;
- my ($trole,$tend,$tstart)=split(/_/,$role);
- $userroles.='user.role.'.$trole.'.'.$area.'='.
- $tstart.'.'.$tend."\n";
- if ($tend!=0) {
- if ($tend<$now) {
- $trole='';
- }
+ for my $area (grep { ! /^rolesdef_/ } keys(%rolesdump)) {
+ my $role = $rolesdump{$area};
+ $area =~ s/\_\w\w$//;
+
+ my ($trole, $tend, $tstart, $group_privs);
+
+ if ($role =~ /^cr/) {
+ # Custom role, defined by a user
+ # e.g., user.role.cr/msu/smith/mynewrole
+ if ($role =~ m|^(cr/$match_domain/$match_username/[a-zA-Z0-9]+)_(.*)$|) {
+ $trole = $1;
+ ($tend, $tstart) = split('_', $2);
+ } else {
+ $trole = $role;
}
- if ($tstart!=0) {
- if ($tstart>$now) {
- $trole='';
- }
- }
- if (($area ne '') && ($trole ne '')) {
- my $spec=$trole.'.'.$area;
- my ($tdummy,$tdomain,$trest)=split(/\//,$area);
- if ($trole =~ /^cr\//) {
- my ($rdummy,$rdomain,$rauthor,$rrole)=split(/\//,$trole);
- my $homsvr=homeserver($rauthor,$rdomain);
- if ($hostname{$homsvr} ne '') {
- my $roledef=
- reply("get:$rdomain:$rauthor:roles:rolesdef_$rrole",
- $homsvr);
- if (($roledef ne 'con_lost') && ($roledef ne '')) {
- my ($syspriv,$dompriv,$coursepriv)=
- split(/\_/,unescape($roledef));
- $allroles{'cm./'}.=':'.$syspriv;
- $allroles{$spec.'./'}.=':'.$syspriv;
- if ($tdomain ne '') {
- $allroles{'cm./'.$tdomain.'/'}.=':'.$dompriv;
- $allroles{$spec.'./'.$tdomain.'/'}.=':'.$dompriv;
- if ($trest ne '') {
- $allroles{'cm.'.$area}.=':'.$coursepriv;
- $allroles{$spec.'.'.$area}.=':'.$coursepriv;
- }
- }
- }
- }
- } else {
- $allroles{'cm./'}.=':'.$pr{$trole.':s'};
- $allroles{$spec.'./'}.=':'.$pr{$trole.':s'};
- if ($tdomain ne '') {
- $allroles{'cm./'.$tdomain.'/'}.=':'.$pr{$trole.':d'};
- $allroles{$spec.'./'.$tdomain.'/'}.=':'.$pr{$trole.':d'};
- if ($trest ne '') {
- $allroles{'cm.'.$area}.=':'.$pr{$trole.':c'};
- $allroles{$spec.'.'.$area}.=':'.$pr{$trole.':c'};
- }
- }
- }
+ } elsif ($role =~ m|^gr/|) {
+ # Role of member in a group, defined within a course/community
+ # e.g., user.role.gr/msu/04935610a19ee4a5fmsul1/leopards
+ ($trole, $tend, $tstart) = split(/_/, $role);
+ next if $tstart eq '-1';
+ ($trole, $group_privs) = split(/\//, $trole);
+ $group_privs = &unescape($group_privs);
+ } else {
+ # Just a normal role, defined in roles.tab
+ ($trole, $tend, $tstart) = split(/_/,$role);
+ }
+
+ my %new_role = &set_arearole($trole,$area,$tstart,$tend,$domain,
+ $username);
+ @userroles{keys(%new_role)} = @new_role{keys(%new_role)};
+
+ # role expired or not available yet?
+ $trole = '' if ($tend != 0 && $tend < $userroles{'user.login.time'}) or
+ ($tstart != 0 && $tstart > $userroles{'user.login.time'});
+
+ next if $area eq '' or $trole eq '';
+
+ my $spec = "$trole.$area";
+ my ($tdummy, $tdomain, $trest) = split(/\//, $area);
+
+ if ($trole =~ /^cr\//) {
+ # Custom role, defined by a user
+ &custom_roleprivs(\%allroles,$trole,$tdomain,$trest,$spec,$area);
+ } elsif ($trole eq 'gr') {
+ # Role of a member in a group, defined within a course/community
+ &group_roleprivs(\%allgroups,$area,$group_privs,$tend,$tstart);
+ next;
+ } else {
+ # Normal role, defined in roles.tab
+ &standard_roleprivs(\%allroles,$trole,$tdomain,$spec,$trest,$area);
+ }
+
+ my $cid = $tdomain.'_'.$trest;
+ unless ($firstaccchk{$cid}) {
+ if (ref($coursetimerstarts{$cid}) eq 'HASH') {
+ foreach my $item (keys(%{$coursetimerstarts{$cid}})) {
+ $firstaccenv{'course.'.$cid.'.firstaccess.'.$item} =
+ $coursetimerstarts{$cid}{$item};
+ }
}
- }
+ $firstaccchk{$cid} = 1;
}
- my $adv=0;
- my $author=0;
- foreach (keys %allroles) {
- %thesepriv=();
- if (($_!~/^st/) && ($_!~/^ta/) && ($_!~/^cm/)) { $adv=1; }
- if (($_=~/^au/) || ($_=~/^ca/)) { $author=1; }
- foreach (split(/:/,$allroles{$_})) {
- if ($_ ne '') {
- my ($privilege,$restrictions)=split(/&/,$_);
- if ($restrictions eq '') {
- $thesepriv{$privilege}='F';
+ unless ($timerintchk{$cid}) {
+ if (ref($coursetimerintervals{$cid}) eq 'HASH') {
+ foreach my $item (keys(%{$coursetimerintervals{$cid}})) {
+ $timerintenv{'course.'.$cid.'.timerinterval.'.$item} =
+ $coursetimerintervals{$cid}{$item};
+ }
+ }
+ $timerintchk{$cid} = 1;
+ }
+ }
+
+ @userroles{'user.author', 'user.adv'} = &set_userprivs(\%userroles,
+ \%allroles, \%allgroups);
+ $env{'user.adv'} = $userroles{'user.adv'};
+
+ return (\%userroles,\%firstaccenv,\%timerintenv);
+}
+
+sub set_arearole {
+ my ($trole,$area,$tstart,$tend,$domain,$username,$nolog) = @_;
+ unless ($nolog) {
+# log the associated role with the area
+ &userrolelog($trole,$username,$domain,$area,$tstart,$tend);
+ }
+ return ('user.role.'.$trole.'.'.$area => $tstart.'.'.$tend);
+}
+
+sub custom_roleprivs {
+ my ($allroles,$trole,$tdomain,$trest,$spec,$area) = @_;
+ my ($rdummy,$rdomain,$rauthor,$rrole)=split(/\//,$trole);
+ my $homsvr = &homeserver($rauthor,$rdomain);
+ if (&hostname($homsvr) ne '') {
+ my ($rdummy,$roledef)=
+ &get('roles',["rolesdef_$rrole"],$rdomain,$rauthor);
+ if (($rdummy ne 'con_lost') && ($roledef ne '')) {
+ my ($syspriv,$dompriv,$coursepriv)=split(/\_/,$roledef);
+ if (defined($syspriv)) {
+ if ($trest =~ /^$match_community$/) {
+ $syspriv =~ s/bre\&S//;
+ }
+ $$allroles{'cm./'}.=':'.$syspriv;
+ $$allroles{$spec.'./'}.=':'.$syspriv;
+ }
+ if ($tdomain ne '') {
+ if (defined($dompriv)) {
+ $$allroles{'cm./'.$tdomain.'/'}.=':'.$dompriv;
+ $$allroles{$spec.'./'.$tdomain.'/'}.=':'.$dompriv;
+ }
+ if (($trest ne '') && (defined($coursepriv))) {
+ $$allroles{'cm.'.$area}.=':'.$coursepriv;
+ $$allroles{$spec.'.'.$area}.=':'.$coursepriv;
+ }
+ }
+ }
+ }
+}
+
+sub group_roleprivs {
+ my ($allgroups,$area,$group_privs,$tend,$tstart) = @_;
+ my $access = 1;
+ my $now = time;
+ if (($tend!=0) && ($tend<$now)) { $access = 0; }
+ if (($tstart!=0) && ($tstart>$now)) { $access=0; }
+ if ($access) {
+ my ($course,$group) = ($area =~ m|(/$match_domain/$match_courseid)/([^/]+)$|);
+ $$allgroups{$course}{$group} .=':'.$group_privs;
+ }
+}
+
+sub standard_roleprivs {
+ my ($allroles,$trole,$tdomain,$spec,$trest,$area) = @_;
+ if (defined($pr{$trole.':s'})) {
+ $$allroles{'cm./'}.=':'.$pr{$trole.':s'};
+ $$allroles{$spec.'./'}.=':'.$pr{$trole.':s'};
+ }
+ if ($tdomain ne '') {
+ if (defined($pr{$trole.':d'})) {
+ $$allroles{'cm./'.$tdomain.'/'}.=':'.$pr{$trole.':d'};
+ $$allroles{$spec.'./'.$tdomain.'/'}.=':'.$pr{$trole.':d'};
+ }
+ if (($trest ne '') && (defined($pr{$trole.':c'}))) {
+ $$allroles{'cm.'.$area}.=':'.$pr{$trole.':c'};
+ $$allroles{$spec.'.'.$area}.=':'.$pr{$trole.':c'};
+ }
+ }
+}
+
+sub set_userprivs {
+ my ($userroles,$allroles,$allgroups,$groups_roles) = @_;
+ my $author=0;
+ my $adv=0;
+ my %grouproles = ();
+ if (keys(%{$allgroups}) > 0) {
+ my @groupkeys;
+ foreach my $role (keys(%{$allroles})) {
+ push(@groupkeys,$role);
+ }
+ if (ref($groups_roles) eq 'HASH') {
+ foreach my $key (keys(%{$groups_roles})) {
+ unless (grep(/^\Q$key\E$/,@groupkeys)) {
+ push(@groupkeys,$key);
+ }
+ }
+ }
+ if (@groupkeys > 0) {
+ foreach my $role (@groupkeys) {
+ my ($trole,$area,$sec,$extendedarea);
+ if ($role =~ m-^(\w+|cr/$match_domain/$match_username/\w+)\.(/$match_domain/$match_courseid)(/?\w*)\.-) {
+ $trole = $1;
+ $area = $2;
+ $sec = $3;
+ $extendedarea = $area.$sec;
+ if (exists($$allgroups{$area})) {
+ foreach my $group (keys(%{$$allgroups{$area}})) {
+ my $spec = $trole.'.'.$extendedarea;
+ $grouproles{$spec.'.'.$area.'/'.$group} =
+ $$allgroups{$area}{$group};
+ }
+ }
+ }
+ }
+ }
+ }
+ foreach my $group (keys(%grouproles)) {
+ $$allroles{$group} = $grouproles{$group};
+ }
+ foreach my $role (keys(%{$allroles})) {
+ my %thesepriv;
+ if (($role=~/^au/) || ($role=~/^ca/) || ($role=~/^aa/)) { $author=1; }
+ foreach my $item (split(/:/,$$allroles{$role})) {
+ if ($item ne '') {
+ my ($privilege,$restrictions)=split(/&/,$item);
+ if ($restrictions eq '') {
+ $thesepriv{$privilege}='F';
+ } elsif ($thesepriv{$privilege} ne 'F') {
+ $thesepriv{$privilege}.=$restrictions;
+ }
+ if ($thesepriv{'adv'} eq 'F') { $adv=1; }
+ }
+ }
+ my $thesestr='';
+ foreach my $priv (sort(keys(%thesepriv))) {
+ $thesestr.=':'.$priv.'&'.$thesepriv{$priv};
+ }
+ $userroles->{'user.priv.'.$role} = $thesestr;
+ }
+ return ($author,$adv);
+}
+
+sub role_status {
+ my ($rolekey,$update,$refresh,$now,$role,$where,$trolecode,$tstatus,$tstart,$tend) = @_;
+ if (exists($env{$rolekey}) && $env{$rolekey} ne '') {
+ my ($one,$two) = split(m{\./},$rolekey,2);
+ (undef,undef,$$role) = split(/\./,$one,3);
+ unless (!defined($$role) || $$role eq '') {
+ $$where = '/'.$two;
+ $$trolecode=$$role.'.'.$$where;
+ ($$tstart,$$tend)=split(/\./,$env{$rolekey});
+ $$tstatus='is';
+ if ($$tstart && $$tstart>$update) {
+ $$tstatus='future';
+ if ($$tstart<$now) {
+ if ($$tstart && $$tstart>$refresh) {
+ if (($$where ne '') && ($$role ne '')) {
+ my (%allroles,%allgroups,$group_privs,
+ %groups_roles,@rolecodes);
+ my %userroles = (
+ 'user.role.'.$$role.'.'.$$where => $$tstart.'.'.$$tend
+ );
+ @rolecodes = ('cm');
+ my $spec=$$role.'.'.$$where;
+ my ($tdummy,$tdomain,$trest)=split(/\//,$$where);
+ if ($$role =~ /^cr\//) {
+ &custom_roleprivs(\%allroles,$$role,$tdomain,$trest,$spec,$$where);
+ push(@rolecodes,'cr');
+ } elsif ($$role eq 'gr') {
+ push(@rolecodes,$$role);
+ my %rolehash = &get('roles',[$$where.'_'.$$role],$env{'user.domain'},
+ $env{'user.name'});
+ my ($trole) = split('_',$rolehash{$$where.'_'.$$role},2);
+ (undef,my $group_privs) = split(/\//,$trole);
+ $group_privs = &unescape($group_privs);
+ &group_roleprivs(\%allgroups,$$where,$group_privs,$$tend,$$tstart);
+ my %course_roles = &get_my_roles($env{'user.name'},$env{'user.domain'},'userroles',['active'],['cc','co','in','ta','ep','ad','st','cr'],[$tdomain],1);
+ &get_groups_roles($tdomain,$trest,
+ \%course_roles,\@rolecodes,
+ \%groups_roles);
+ } else {
+ push(@rolecodes,$$role);
+ &standard_roleprivs(\%allroles,$$role,$tdomain,$spec,$trest,$$where);
+ }
+ my ($author,$adv)= &set_userprivs(\%userroles,\%allroles,\%allgroups,\%groups_roles);
+ &appenv(\%userroles,\@rolecodes);
+ &log($env{'user.domain'},$env{'user.name'},$env{'user.home'},"Role ".$role);
+ }
+ }
+ $$tstatus = 'is';
+ }
+ }
+ if ($$tend) {
+ if ($$tend<$update) {
+ $$tstatus='expired';
+ } elsif ($$tend<$now) {
+ $$tstatus='will_not';
+ }
+ }
+ }
+ }
+}
+
+sub get_groups_roles {
+ my ($cdom,$rest,$cdom_courseroles,$rolecodes,$groups_roles) = @_;
+ return unless((ref($cdom_courseroles) eq 'HASH') &&
+ (ref($rolecodes) eq 'ARRAY') &&
+ (ref($groups_roles) eq 'HASH'));
+ if (keys(%{$cdom_courseroles}) > 0) {
+ my ($cnum) = ($rest =~ /^($match_courseid)/);
+ if ($cdom ne '' && $cnum ne '') {
+ foreach my $key (keys(%{$cdom_courseroles})) {
+ if ($key =~ /^\Q$cnum\E:\Q$cdom\E:([^:]+):?([^:]*)/) {
+ my $crsrole = $1;
+ my $crssec = $2;
+ if ($crsrole =~ /^cr/) {
+ unless (grep(/^cr$/,@{$rolecodes})) {
+ push(@{$rolecodes},'cr');
+ }
} else {
- if ($thesepriv{$privilege} ne 'F') {
- $thesepriv{$privilege}.=$restrictions;
+ unless(grep(/^\Q$crsrole\E$/,@{$rolecodes})) {
+ push(@{$rolecodes},$crsrole);
}
}
+ my $rolekey = "$crsrole./$cdom/$cnum";
+ if ($crssec ne '') {
+ $rolekey .= "/$crssec";
+ }
+ $rolekey .= './';
+ $groups_roles->{$rolekey} = $rolecodes;
}
}
- $thesestr='';
- foreach (keys %thesepriv) { $thesestr.=':'.$_.'&'.$thesepriv{$_}; }
- $userroles.='user.priv.'.$_.'='.$thesestr."\n";
}
- $userroles.='user.adv='.$adv."\n".
- 'user.author='.$author."\n";
- $ENV{'user.adv'}=$adv;
}
- return $userroles;
+ return;
+}
+
+sub delete_env_groupprivs {
+ my ($where,$courseroles,$possroles) = @_;
+ return unless((ref($courseroles) eq 'HASH') && (ref($possroles) eq 'ARRAY'));
+ my ($dummy,$udom,$uname,$group) = split(/\//,$where);
+ unless (ref($courseroles->{$udom}) eq 'HASH') {
+ %{$courseroles->{$udom}} =
+ &get_my_roles('','','userroles',['active'],
+ $possroles,[$udom],1);
+ }
+ if (ref($courseroles->{$udom}) eq 'HASH') {
+ foreach my $item (keys(%{$courseroles->{$udom}})) {
+ my ($cnum,$cdom,$crsrole,$crssec) = split(/:/,$item);
+ my $area = '/'.$cdom.'/'.$cnum;
+ my $privkey = "user.priv.$crsrole.$area";
+ if ($crssec ne '') {
+ $privkey .= '/'.$crssec;
+ }
+ $privkey .= ".$area/$group";
+ &Apache::lonnet::delenv($privkey,undef,[$crsrole]);
+ }
+ }
+ return;
+}
+
+sub check_adhoc_privs {
+ my ($cdom,$cnum,$update,$refresh,$now,$checkrole,$caller) = @_;
+ my $cckey = 'user.role.'.$checkrole.'./'.$cdom.'/'.$cnum;
+ my $setprivs;
+ if ($env{$cckey}) {
+ my ($role,$where,$trolecode,$tstart,$tend,$tremark,$tstatus,$tpstart,$tpend);
+ &role_status($cckey,$update,$refresh,$now,\$role,\$where,\$trolecode,\$tstatus,\$tstart,\$tend);
+ unless (($tstatus eq 'is') || ($tstatus eq 'will_not')) {
+ &set_adhoc_privileges($cdom,$cnum,$checkrole,$caller);
+ $setprivs = 1;
+ }
+ } else {
+ &set_adhoc_privileges($cdom,$cnum,$checkrole,$caller);
+ $setprivs = 1;
+ }
+ return $setprivs;
+}
+
+sub set_adhoc_privileges {
+# role can be cc or ca
+ my ($dcdom,$pickedcourse,$role,$caller) = @_;
+ my $area = '/'.$dcdom.'/'.$pickedcourse;
+ my $spec = $role.'.'.$area;
+ my %userroles = &set_arearole($role,$area,'','',$env{'user.domain'},
+ $env{'user.name'},1);
+ my %ccrole = ();
+ &standard_roleprivs(\%ccrole,$role,$dcdom,$spec,$pickedcourse,$area);
+ my ($author,$adv)= &set_userprivs(\%userroles,\%ccrole);
+ &appenv(\%userroles,[$role,'cm']);
+ &log($env{'user.domain'},$env{'user.name'},$env{'user.home'},"Role ".$role);
+ unless ($caller eq 'constructaccess' && $env{'request.course.id'}) {
+ &appenv( {'request.role' => $spec,
+ 'request.role.domain' => $dcdom,
+ 'request.course.sec' => ''
+ }
+ );
+ my $tadv=0;
+ if (&allowed('adv') eq 'F') { $tadv=1; }
+ &appenv({'request.role.adv' => $tadv});
+ }
}
# --------------------------------------------------------------- get interface
@@ -1369,20 +5857,23 @@ sub rolesinit {
sub get {
my ($namespace,$storearr,$udomain,$uname)=@_;
my $items='';
- foreach (@$storearr) {
- $items.=escape($_).'&';
+ foreach my $item (@$storearr) {
+ $items.=&escape($item).'&';
}
$items=~s/\&$//;
- if (!$udomain) { $udomain=$ENV{'user.domain'}; }
- if (!$uname) { $uname=$ENV{'user.name'}; }
+ if (!$udomain) { $udomain=$env{'user.domain'}; }
+ if (!$uname) { $uname=$env{'user.name'}; }
my $uhome=&homeserver($uname,$udomain);
my $rep=&reply("get:$udomain:$uname:$namespace:$items",$uhome);
my @pairs=split(/\&/,$rep);
+ if ( $#pairs==0 && $pairs[0] =~ /^(con_lost|error|no_such_host)/i) {
+ return @pairs;
+ }
my %returnhash=();
my $i=0;
- foreach (@$storearr) {
- $returnhash{$_}=unescape($pairs[$i]);
+ foreach my $item (@$storearr) {
+ $returnhash{$item}=&thaw_unescape($pairs[$i]);
$i++;
}
return %returnhash;
@@ -1393,64 +5884,301 @@ sub get {
sub del {
my ($namespace,$storearr,$udomain,$uname)=@_;
my $items='';
- foreach (@$storearr) {
- $items.=escape($_).'&';
+ foreach my $item (@$storearr) {
+ $items.=&escape($item).'&';
}
+
$items=~s/\&$//;
- if (!$udomain) { $udomain=$ENV{'user.domain'}; }
- if (!$uname) { $uname=$ENV{'user.name'}; }
+ if (!$udomain) { $udomain=$env{'user.domain'}; }
+ if (!$uname) { $uname=$env{'user.name'}; }
my $uhome=&homeserver($uname,$udomain);
-
return &reply("del:$udomain:$uname:$namespace:$items",$uhome);
}
# -------------------------------------------------------------- dump interface
+sub unserialize {
+ my ($rep, $escapedkeys) = @_;
+
+ return {} if $rep =~ /^error/;
+
+ my %returnhash=();
+ foreach my $item (split(/\&/,$rep)) {
+ my ($key, $value) = split(/=/, $item, 2);
+ $key = unescape($key) unless $escapedkeys;
+ next if $key =~ /^error: 2 /;
+ $returnhash{$key} = &thaw_unescape($value);
+ }
+ #return %returnhash;
+ return \%returnhash;
+}
+
+# see Lond::dump_with_regexp
+# if $escapedkeys hash keys won't get unescaped.
sub dump {
- my ($namespace,$udomain,$uname,$regexp)=@_;
- if (!$udomain) { $udomain=$ENV{'user.domain'}; }
- if (!$uname) { $uname=$ENV{'user.name'}; }
+ my ($namespace,$udomain,$uname,$regexp,$range,$escapedkeys)=@_;
+ if (!$udomain) { $udomain=$env{'user.domain'}; }
+ if (!$uname) { $uname=$env{'user.name'}; }
+ my $uhome=&homeserver($uname,$udomain);
+
+ if ($regexp) {
+ $regexp=&escape($regexp);
+ } else {
+ $regexp='.';
+ }
+ if (grep { $_ eq $uhome } current_machine_ids()) {
+ # user is hosted on this machine
+ my $reply = LONCAPA::Lond::dump_with_regexp(join(":", ($udomain,
+ $uname, $namespace, $regexp, $range)), $perlvar{'lonVersion'});
+ return %{unserialize($reply, $escapedkeys)};
+ }
+ my $rep=&reply("dump:$udomain:$uname:$namespace:$regexp:$range",$uhome);
+ my @pairs=split(/\&/,$rep);
+ my %returnhash=();
+ if (!($rep =~ /^error/ )) {
+ foreach my $item (@pairs) {
+ my ($key,$value)=split(/=/,$item,2);
+ $key = unescape($key) unless $escapedkeys;
+ #$key = &unescape($key);
+ next if ($key =~ /^error: 2 /);
+ $returnhash{$key}=&thaw_unescape($value);
+ }
+ }
+ return %returnhash;
+}
+
+
+# --------------------------------------------------------- dumpstore interface
+
+sub dumpstore {
+ my ($namespace,$udomain,$uname,$regexp,$range)=@_;
+ # same as dump but keys must be escaped. They may contain colon separated
+ # lists of values that may themself contain colons (e.g. symbs).
+ return &dump($namespace, $udomain, $uname, $regexp, $range, 1);
+}
+
+# -------------------------------------------------------------- keys interface
+
+sub getkeys {
+ my ($namespace,$udomain,$uname)=@_;
+ if (!$udomain) { $udomain=$env{'user.domain'}; }
+ if (!$uname) { $uname=$env{'user.name'}; }
my $uhome=&homeserver($uname,$udomain);
- if ($regexp) {
- $regexp=&escape($regexp);
+ my $rep=reply("keys:$udomain:$uname:$namespace",$uhome);
+ my @keyarray=();
+ foreach my $key (split(/\&/,$rep)) {
+ next if ($key =~ /^error: 2 /);
+ push(@keyarray,&unescape($key));
+ }
+ return @keyarray;
+}
+
+# --------------------------------------------------------------- currentdump
+sub currentdump {
+ my ($courseid,$sdom,$sname)=@_;
+ $courseid = $env{'request.course.id'} if (! defined($courseid));
+ $sdom = $env{'user.domain'} if (! defined($sdom));
+ $sname = $env{'user.name'} if (! defined($sname));
+ my $uhome = &homeserver($sname,$sdom);
+ my $rep;
+
+ if (grep { $_ eq $uhome } current_machine_ids()) {
+ $rep = LONCAPA::Lond::dump_profile_database(join(":", ($sdom, $sname,
+ $courseid)));
} else {
- $regexp='.';
+ $rep = reply('currentdump:'.$sdom.':'.$sname.':'.$courseid,$uhome);
}
- my $rep=reply("dump:$udomain:$uname:$namespace:$regexp",$uhome);
- my @pairs=split(/\&/,$rep);
+
+ return if ($rep =~ /^(error:|no_such_host)/);
+ #
my %returnhash=();
- foreach (@pairs) {
- my ($key,$value)=split(/=/,$_);
- $returnhash{unescape($key)}=unescape($value);
+ #
+ if ($rep eq "unknown_cmd") {
+ # an old lond will not know currentdump
+ # Do a dump and make it look like a currentdump
+ my @tmp = &dumpstore($courseid,$sdom,$sname,'.');
+ return if ($tmp[0] =~ /^(error:|no_such_host)/);
+ my %hash = @tmp;
+ @tmp=();
+ %returnhash = %{&convert_dump_to_currentdump(\%hash)};
+ } else {
+ my @pairs=split(/\&/,$rep);
+ foreach my $pair (@pairs) {
+ my ($key,$value)=split(/=/,$pair,2);
+ my ($symb,$param) = split(/:/,$key);
+ $returnhash{&unescape($symb)}->{&unescape($param)} =
+ &thaw_unescape($value);
+ }
}
return %returnhash;
}
+sub convert_dump_to_currentdump{
+ my %hash = %{shift()};
+ my %returnhash;
+ # Code ripped from lond, essentially. The only difference
+ # here is the unescaping done by lonnet::dump(). Conceivably
+ # we might run in to problems with parameter names =~ /^v\./
+ while (my ($key,$value) = each(%hash)) {
+ my ($v,$symb,$param) = split(/:/,$key);
+ $symb = &unescape($symb);
+ $param = &unescape($param);
+ next if ($v eq 'version' || $symb eq 'keys');
+ next if (exists($returnhash{$symb}) &&
+ exists($returnhash{$symb}->{$param}) &&
+ $returnhash{$symb}->{'v.'.$param} > $v);
+ $returnhash{$symb}->{$param}=$value;
+ $returnhash{$symb}->{'v.'.$param}=$v;
+ }
+ #
+ # Remove all of the keys in the hashes which keep track of
+ # the version of the parameter.
+ while (my ($symb,$param_hash) = each(%returnhash)) {
+ # use a foreach because we are going to delete from the hash.
+ foreach my $key (keys(%$param_hash)) {
+ delete($param_hash->{$key}) if ($key =~ /^v\./);
+ }
+ }
+ return \%returnhash;
+}
+
+# ------------------------------------------------------ critical inc interface
+
+sub cinc {
+ return &inc(@_,'critical');
+}
+
+# --------------------------------------------------------------- inc interface
+
+sub inc {
+ my ($namespace,$store,$udomain,$uname,$critical) = @_;
+ if (!$udomain) { $udomain=$env{'user.domain'}; }
+ if (!$uname) { $uname=$env{'user.name'}; }
+ my $uhome=&homeserver($uname,$udomain);
+ my $items='';
+ if (! ref($store)) {
+ # got a single value, so use that instead
+ $items = &escape($store).'=&';
+ } elsif (ref($store) eq 'SCALAR') {
+ $items = &escape($$store).'=&';
+ } elsif (ref($store) eq 'ARRAY') {
+ $items = join('=&',map {&escape($_);} @{$store});
+ } elsif (ref($store) eq 'HASH') {
+ while (my($key,$value) = each(%{$store})) {
+ $items.= &escape($key).'='.&escape($value).'&';
+ }
+ }
+ $items=~s/\&$//;
+ if ($critical) {
+ return &critical("inc:$udomain:$uname:$namespace:$items",$uhome);
+ } else {
+ return &reply("inc:$udomain:$uname:$namespace:$items",$uhome);
+ }
+}
+
# --------------------------------------------------------------- put interface
sub put {
my ($namespace,$storehash,$udomain,$uname)=@_;
- if (!$udomain) { $udomain=$ENV{'user.domain'}; }
- if (!$uname) { $uname=$ENV{'user.name'}; }
+ if (!$udomain) { $udomain=$env{'user.domain'}; }
+ if (!$uname) { $uname=$env{'user.name'}; }
my $uhome=&homeserver($uname,$udomain);
my $items='';
- foreach (keys %$storehash) {
- $items.=&escape($_).'='.&escape($$storehash{$_}).'&';
+ foreach my $item (keys(%$storehash)) {
+ $items.=&escape($item).'='.&freeze_escape($$storehash{$item}).'&';
}
$items=~s/\&$//;
return &reply("put:$udomain:$uname:$namespace:$items",$uhome);
}
+# ------------------------------------------------------------ newput interface
+
+sub newput {
+ my ($namespace,$storehash,$udomain,$uname)=@_;
+ if (!$udomain) { $udomain=$env{'user.domain'}; }
+ if (!$uname) { $uname=$env{'user.name'}; }
+ my $uhome=&homeserver($uname,$udomain);
+ my $items='';
+ foreach my $key (keys(%$storehash)) {
+ $items.=&escape($key).'='.&freeze_escape($$storehash{$key}).'&';
+ }
+ $items=~s/\&$//;
+ return &reply("newput:$udomain:$uname:$namespace:$items",$uhome);
+}
+
+# --------------------------------------------------------- putstore interface
+
+sub putstore {
+ my ($namespace,$symb,$version,$storehash,$udomain,$uname,$tolog)=@_;
+ if (!$udomain) { $udomain=$env{'user.domain'}; }
+ if (!$uname) { $uname=$env{'user.name'}; }
+ my $uhome=&homeserver($uname,$udomain);
+ my $items='';
+ foreach my $key (keys(%$storehash)) {
+ $items.= &escape($key).'='.&freeze_escape($storehash->{$key}).'&';
+ }
+ $items=~s/\&$//;
+ my $esc_symb=&escape($symb);
+ my $esc_v=&escape($version);
+ my $reply =
+ &reply("putstore:$udomain:$uname:$namespace:$esc_symb:$esc_v:$items",
+ $uhome);
+ if (($tolog) && ($reply eq 'ok')) {
+ my $namevalue='';
+ foreach my $key (keys(%{$storehash})) {
+ $namevalue.=&escape($key).'='.&freeze_escape($storehash->{$key}).'&';
+ }
+ $namevalue .= 'ip='.&escape($ENV{'REMOTE_ADDR'}).
+ '&host='.&escape($perlvar{'lonHostID'}).
+ '&version='.$esc_v.
+ '&by='.&escape($env{'user.name'}.':'.$env{'user.domain'});
+ &Apache::lonnet::courselog($symb.':'.$uname.':'.$udomain.':PUTSTORE:'.$namevalue);
+ }
+ if ($reply eq 'unknown_cmd') {
+ # gfall back to way things use to be done
+ return &old_putstore($namespace,$symb,$version,$storehash,$udomain,
+ $uname);
+ }
+ return $reply;
+}
+
+sub old_putstore {
+ my ($namespace,$symb,$version,$storehash,$udomain,$uname)=@_;
+ if (!$udomain) { $udomain=$env{'user.domain'}; }
+ if (!$uname) { $uname=$env{'user.name'}; }
+ my $uhome=&homeserver($uname,$udomain);
+ my %newstorehash;
+ foreach my $item (keys(%$storehash)) {
+ my $key = $version.':'.&escape($symb).':'.$item;
+ $newstorehash{$key} = $storehash->{$item};
+ }
+ my $items='';
+ my %allitems = ();
+ foreach my $item (keys(%newstorehash)) {
+ if ($item =~ m/^([^\:]+):([^\:]+):([^\:]+)$/) {
+ my $key = $1.':keys:'.$2;
+ $allitems{$key} .= $3.':';
+ }
+ $items.=$item.'='.&freeze_escape($newstorehash{$item}).'&';
+ }
+ foreach my $item (keys(%allitems)) {
+ $allitems{$item} =~ s/\:$//;
+ $items.= $item.'='.$allitems{$item}.'&';
+ }
+ $items=~s/\&$//;
+ return &reply("put:$udomain:$uname:$namespace:$items",$uhome);
+}
+
# ------------------------------------------------------ critical put interface
sub cput {
my ($namespace,$storehash,$udomain,$uname)=@_;
- if (!$udomain) { $udomain=$ENV{'user.domain'}; }
- if (!$uname) { $uname=$ENV{'user.name'}; }
+ if (!$udomain) { $udomain=$env{'user.domain'}; }
+ if (!$uname) { $uname=$env{'user.name'}; }
my $uhome=&homeserver($uname,$udomain);
my $items='';
- foreach (keys %$storehash) {
- $items.=escape($_).'='.escape($$storehash{$_}).'&';
+ foreach my $item (keys(%$storehash)) {
+ $items.=&escape($item).'='.&freeze_escape($$storehash{$item}).'&';
}
$items=~s/\&$//;
return &critical("put:$udomain:$uname:$namespace:$items",$uhome);
@@ -1461,59 +6189,898 @@ sub cput {
sub eget {
my ($namespace,$storearr,$udomain,$uname)=@_;
my $items='';
- foreach (@$storearr) {
- $items.=escape($_).'&';
+ foreach my $item (@$storearr) {
+ $items.=&escape($item).'&';
}
$items=~s/\&$//;
- if (!$udomain) { $udomain=$ENV{'user.domain'}; }
- if (!$uname) { $uname=$ENV{'user.name'}; }
+ if (!$udomain) { $udomain=$env{'user.domain'}; }
+ if (!$uname) { $uname=$env{'user.name'}; }
my $uhome=&homeserver($uname,$udomain);
my $rep=&reply("eget:$udomain:$uname:$namespace:$items",$uhome);
my @pairs=split(/\&/,$rep);
my %returnhash=();
my $i=0;
- foreach (@$storearr) {
- $returnhash{$_}=unescape($pairs[$i]);
+ foreach my $item (@$storearr) {
+ $returnhash{$item}=&thaw_unescape($pairs[$i]);
$i++;
}
return %returnhash;
}
-# ------------------------------------------------- Check for a user privilege
+# ------------------------------------------------------------ tmpput interface
+sub tmpput {
+ my ($storehash,$server,$context)=@_;
+ my $items='';
+ foreach my $item (keys(%$storehash)) {
+ $items.=&escape($item).'='.&freeze_escape($$storehash{$item}).'&';
+ }
+ $items=~s/\&$//;
+ if (defined($context)) {
+ $items .= ':'.&escape($context);
+ }
+ return &reply("tmpput:$items",$server);
+}
+
+# ------------------------------------------------------------ tmpget interface
+sub tmpget {
+ my ($token,$server)=@_;
+ if (!defined($server)) { $server = $perlvar{'lonHostID'}; }
+ my $rep=&reply("tmpget:$token",$server);
+ my %returnhash;
+ foreach my $item (split(/\&/,$rep)) {
+ my ($key,$value)=split(/=/,$item);
+ next if ($key =~ /^error: 2 /);
+ $returnhash{&unescape($key)}=&thaw_unescape($value);
+ }
+ return %returnhash;
+}
-sub allowed {
+# ------------------------------------------------------------ tmpdel interface
+sub tmpdel {
+ my ($token,$server)=@_;
+ if (!defined($server)) { $server = $perlvar{'lonHostID'}; }
+ return &reply("tmpdel:$token",$server);
+}
+
+# ------------------------------------------------------------ get_timebased_id
+
+sub get_timebased_id {
+ my ($prefix,$keyid,$namespace,$cdom,$cnum,$idtype,$who,$locktries,
+ $maxtries) = @_;
+ my ($newid,$error,$dellock);
+ unless (($prefix =~ /^\w+$/) && ($keyid =~ /^\w+$/) && ($namespace ne '')) {
+ return ('','ok','invalid call to get suffix');
+ }
+
+# set defaults for any optional args for which values were not supplied
+ if ($who eq '') {
+ $who = $env{'user.name'}.':'.$env{'user.domain'};
+ }
+ if (!$locktries) {
+ $locktries = 3;
+ }
+ if (!$maxtries) {
+ $maxtries = 10;
+ }
+
+ if (($cdom eq '') || ($cnum eq '')) {
+ if ($env{'request.course.id'}) {
+ $cdom = $env{'course.'.$env{'request.course.id'}.'.domain'};
+ $cnum = $env{'course.'.$env{'request.course.id'}.'.num'};
+ }
+ if (($cdom eq '') || ($cnum eq '')) {
+ return ('','ok','call to get suffix not in course context');
+ }
+ }
+
+# construct locking item
+ my $lockhash = {
+ $prefix."\0".'locked_'.$keyid => $who,
+ };
+ my $tries = 0;
+
+# attempt to get lock on nohist_$namespace file
+ my $gotlock = &Apache::lonnet::newput('nohist_'.$namespace,$lockhash,$cdom,$cnum);
+ while (($gotlock ne 'ok') && $tries <$locktries) {
+ $tries ++;
+ sleep 1;
+ $gotlock = &Apache::lonnet::newput('nohist_'.$namespace,$lockhash,$cdom,$cnum);
+ }
+
+# attempt to get unique identifier, based on current timestamp
+ if ($gotlock eq 'ok') {
+ my %inuse = &Apache::lonnet::dump('nohist_'.$namespace,$cdom,$cnum,$prefix);
+ my $id = time;
+ $newid = $id;
+ if ($idtype eq 'addcode') {
+ $newid .= &sixnum_code();
+ }
+ my $idtries = 0;
+ while (exists($inuse{$prefix."\0".$newid}) && $idtries < $maxtries) {
+ if ($idtype eq 'concat') {
+ $newid = $id.$idtries;
+ } elsif ($idtype eq 'addcode') {
+ $newid = $newid.&sixnum_code();
+ } else {
+ $newid ++;
+ }
+ $idtries ++;
+ }
+ if (!exists($inuse{$prefix."\0".$newid})) {
+ my %new_item = (
+ $prefix."\0".$newid => $who,
+ );
+ my $putresult = &Apache::lonnet::put('nohist_'.$namespace,\%new_item,
+ $cdom,$cnum);
+ if ($putresult ne 'ok') {
+ undef($newid);
+ $error = 'error saving new item: '.$putresult;
+ }
+ } else {
+ undef($newid);
+ $error = ('error: no unique suffix available for the new item ');
+ }
+# remove lock
+ my @del_lock = ($prefix."\0".'locked_'.$keyid);
+ $dellock = &Apache::lonnet::del('nohist_'.$namespace,\@del_lock,$cdom,$cnum);
+ } else {
+ $error = "error: could not obtain lockfile\n";
+ $dellock = 'ok';
+ if (($prefix eq 'paste') && ($namespace eq 'courseeditor') && ($keyid eq 'num')) {
+ $dellock = 'nolock';
+ }
+ }
+ return ($newid,$dellock,$error);
+}
+
+sub sixnum_code {
+ my $code;
+ for (0..6) {
+ $code .= int( rand(9) );
+ }
+ return $code;
+}
+
+# -------------------------------------------------- portfolio access checking
+
+sub portfolio_access {
+ my ($requrl,$clientip) = @_;
+ my (undef,$udom,$unum,$file_name,$group) = &parse_portfolio_url($requrl);
+ my $result = &get_portfolio_access($udom,$unum,$file_name,$group,$clientip);
+ if ($result) {
+ my %setters;
+ if ($env{'user.name'} eq 'public' && $env{'user.domain'} eq 'public') {
+ my ($startblock,$endblock) =
+ &Apache::loncommon::blockcheck(\%setters,'port',$unum,$udom);
+ if ($startblock && $endblock) {
+ return 'B';
+ }
+ } else {
+ my ($startblock,$endblock) =
+ &Apache::loncommon::blockcheck(\%setters,'port');
+ if ($startblock && $endblock) {
+ return 'B';
+ }
+ }
+ }
+ if ($result eq 'ok') {
+ return 'F';
+ } elsif ($result =~ /^[^:]+:guest_/) {
+ return 'A';
+ }
+ return '';
+}
+
+sub get_portfolio_access {
+ my ($udom,$unum,$file_name,$group,$clientip,$access_hash) = @_;
+
+ if (!ref($access_hash)) {
+ my $current_perms = &get_portfile_permissions($udom,$unum);
+ my %access_controls = &get_access_controls($current_perms,$group,
+ $file_name);
+ $access_hash = $access_controls{$file_name};
+ }
+
+ my ($public,$guest,@domains,@users,@courses,@groups,@ips);
+ my $now = time;
+ if (ref($access_hash) eq 'HASH') {
+ foreach my $key (keys(%{$access_hash})) {
+ my ($num,$scope,$end,$start) = ($key =~ /^([^:]+):([a-z]+)_(\d*)_?(\d*)$/);
+ if ($start > $now) {
+ next;
+ }
+ if ($end && $end<$now) {
+ next;
+ }
+ if ($scope eq 'public') {
+ $public = $key;
+ last;
+ } elsif ($scope eq 'guest') {
+ $guest = $key;
+ } elsif ($scope eq 'domains') {
+ push(@domains,$key);
+ } elsif ($scope eq 'users') {
+ push(@users,$key);
+ } elsif ($scope eq 'course') {
+ push(@courses,$key);
+ } elsif ($scope eq 'group') {
+ push(@groups,$key);
+ } elsif ($scope eq 'ip') {
+ push(@ips,$key);
+ }
+ }
+ if ($public) {
+ return 'ok';
+ } elsif (@ips > 0) {
+ my $allowed;
+ foreach my $ipkey (@ips) {
+ if (ref($access_hash->{$ipkey}{'ip'}) eq 'ARRAY') {
+ if (&Apache::loncommon::check_ip_acc(join(',',@{$access_hash->{$ipkey}{'ip'}}),$clientip)) {
+ $allowed = 1;
+ last;
+ }
+ }
+ }
+ if ($allowed) {
+ return 'ok';
+ }
+ }
+ if ($env{'user.name'} eq 'public' && $env{'user.domain'} eq 'public') {
+ if ($guest) {
+ return $guest;
+ }
+ } else {
+ if (@domains > 0) {
+ foreach my $domkey (@domains) {
+ if (ref($access_hash->{$domkey}{'dom'}) eq 'ARRAY') {
+ if (grep(/^\Q$env{'user.domain'}\E$/,@{$access_hash->{$domkey}{'dom'}})) {
+ return 'ok';
+ }
+ }
+ }
+ }
+ if (@users > 0) {
+ foreach my $userkey (@users) {
+ if (ref($access_hash->{$userkey}{'users'}) eq 'ARRAY') {
+ foreach my $item (@{$access_hash->{$userkey}{'users'}}) {
+ if (ref($item) eq 'HASH') {
+ if (($item->{'uname'} eq $env{'user.name'}) &&
+ ($item->{'udom'} eq $env{'user.domain'})) {
+ return 'ok';
+ }
+ }
+ }
+ }
+ }
+ }
+ my %roleshash;
+ my @courses_and_groups = @courses;
+ push(@courses_and_groups,@groups);
+ if (@courses_and_groups > 0) {
+ my (%allgroups,%allroles);
+ my ($start,$end,$role,$sec,$group);
+ foreach my $envkey (%env) {
+ if ($envkey =~ m-^user\.role\.(gr|cc|co|in|ta|ep|ad|st)\./($match_domain)/($match_courseid)/?([^/]*)$-) {
+ my $cid = $2.'_'.$3;
+ if ($1 eq 'gr') {
+ $group = $4;
+ $allgroups{$cid}{$group} = $env{$envkey};
+ } else {
+ if ($4 eq '') {
+ $sec = 'none';
+ } else {
+ $sec = $4;
+ }
+ $allroles{$cid}{$1}{$sec} = $env{$envkey};
+ }
+ } elsif ($envkey =~ m-^user\.role\./cr/($match_domain/$match_username/\w*)./($match_domain)/($match_courseid)/?([^/]*)$-) {
+ my $cid = $2.'_'.$3;
+ if ($4 eq '') {
+ $sec = 'none';
+ } else {
+ $sec = $4;
+ }
+ $allroles{$cid}{$1}{$sec} = $env{$envkey};
+ }
+ }
+ if (keys(%allroles) == 0) {
+ return;
+ }
+ foreach my $key (@courses_and_groups) {
+ my %content = %{$$access_hash{$key}};
+ my $cnum = $content{'number'};
+ my $cdom = $content{'domain'};
+ my $cid = $cdom.'_'.$cnum;
+ if (!exists($allroles{$cid})) {
+ next;
+ }
+ foreach my $role_id (keys(%{$content{'roles'}})) {
+ my @sections = @{$content{'roles'}{$role_id}{'section'}};
+ my @groups = @{$content{'roles'}{$role_id}{'group'}};
+ my @status = @{$content{'roles'}{$role_id}{'access'}};
+ my @roles = @{$content{'roles'}{$role_id}{'role'}};
+ foreach my $role (keys(%{$allroles{$cid}})) {
+ if ((grep/^all$/,@roles) || (grep/^\Q$role\E$/,@roles)) {
+ foreach my $sec (keys(%{$allroles{$cid}{$role}})) {
+ if (&course_group_datechecker($allroles{$cid}{$role}{$sec},$now,\@status) eq 'ok') {
+ if (grep/^all$/,@sections) {
+ return 'ok';
+ } else {
+ if (grep/^$sec$/,@sections) {
+ return 'ok';
+ }
+ }
+ }
+ }
+ if (keys(%{$allgroups{$cid}}) == 0) {
+ if (grep/^none$/,@groups) {
+ return 'ok';
+ }
+ } else {
+ if (grep/^all$/,@groups) {
+ return 'ok';
+ }
+ foreach my $group (keys(%{$allgroups{$cid}})) {
+ if (grep/^$group$/,@groups) {
+ return 'ok';
+ }
+ }
+ }
+ }
+ }
+ }
+ }
+ }
+ if ($guest) {
+ return $guest;
+ }
+ }
+ }
+ return;
+}
+
+sub course_group_datechecker {
+ my ($dates,$now,$status) = @_;
+ my ($start,$end) = split(/\./,$dates);
+ if (!$start && !$end) {
+ return 'ok';
+ }
+ if (grep/^active$/,@{$status}) {
+ if (((!$start) || ($start && $start <= $now)) && ((!$end) || ($end && $end >= $now))) {
+ return 'ok';
+ }
+ }
+ if (grep/^previous$/,@{$status}) {
+ if ($end > $now ) {
+ return 'ok';
+ }
+ }
+ if (grep/^future$/,@{$status}) {
+ if ($start > $now) {
+ return 'ok';
+ }
+ }
+ return;
+}
+
+sub parse_portfolio_url {
+ my ($url) = @_;
+
+ my ($type,$udom,$unum,$group,$file_name);
+
+ if ($url =~ m-^/*(?:uploaded|editupload)/($match_domain)/($match_username)/portfolio(/.+)$-) {
+ $type = 1;
+ $udom = $1;
+ $unum = $2;
+ $file_name = $3;
+ } elsif ($url =~ m-^/*(?:uploaded|editupload)/($match_domain)/($match_courseid)/groups/([^/]+)/portfolio/(.+)$-) {
+ $type = 2;
+ $udom = $1;
+ $unum = $2;
+ $group = $3;
+ $file_name = $3.'/'.$4;
+ }
+ if (wantarray) {
+ return ($type,$udom,$unum,$file_name,$group);
+ }
+ return $type;
+}
+
+sub is_portfolio_url {
+ my ($url) = @_;
+ return scalar(&parse_portfolio_url($url));
+}
+
+sub is_portfolio_file {
+ my ($file) = @_;
+ if (($file =~ /^portfolio/) || ($file =~ /^groups\/\w+\/portfolio/)) {
+ return 1;
+ }
+ return;
+}
+
+sub usertools_access {
+ my ($uname,$udom,$tool,$action,$context,$userenvref,$domdefref,$is_advref)=@_;
+ my ($access,%tools);
+ if ($context eq '') {
+ $context = 'tools';
+ }
+ if ($context eq 'requestcourses') {
+ %tools = (
+ official => 1,
+ unofficial => 1,
+ community => 1,
+ textbook => 1,
+ placement => 1,
+ );
+ } elsif ($context eq 'requestauthor') {
+ %tools = (
+ requestauthor => 1,
+ );
+ } else {
+ %tools = (
+ aboutme => 1,
+ blog => 1,
+ webdav => 1,
+ portfolio => 1,
+ );
+ }
+ return if (!defined($tools{$tool}));
+
+ if (($udom eq '') || ($uname eq '')) {
+ $udom = $env{'user.domain'};
+ $uname = $env{'user.name'};
+ }
+
+ if (($udom eq $env{'user.domain'}) && ($uname eq $env{'user.name'})) {
+ if ($action ne 'reload') {
+ if ($context eq 'requestcourses') {
+ return $env{'environment.canrequest.'.$tool};
+ } elsif ($context eq 'requestauthor') {
+ return $env{'environment.canrequest.author'};
+ } else {
+ return $env{'environment.availabletools.'.$tool};
+ }
+ }
+ }
+
+ my ($toolstatus,$inststatus,$envkey);
+ if ($context eq 'requestauthor') {
+ $envkey = $context;
+ } else {
+ $envkey = $context.'.'.$tool;
+ }
+
+ if (($udom eq $env{'user.domain'}) && ($uname eq $env{'user.name'}) &&
+ ($action ne 'reload')) {
+ $toolstatus = $env{'environment.'.$envkey};
+ $inststatus = $env{'environment.inststatus'};
+ } else {
+ if (ref($userenvref) eq 'HASH') {
+ $toolstatus = $userenvref->{$envkey};
+ $inststatus = $userenvref->{'inststatus'};
+ } else {
+ my %userenv = &userenvironment($udom,$uname,$envkey,'inststatus');
+ $toolstatus = $userenv{$envkey};
+ $inststatus = $userenv{'inststatus'};
+ }
+ }
+
+ if ($toolstatus ne '') {
+ if ($toolstatus) {
+ $access = 1;
+ } else {
+ $access = 0;
+ }
+ return $access;
+ }
+
+ my ($is_adv,%domdef);
+ if (ref($is_advref) eq 'HASH') {
+ $is_adv = $is_advref->{'is_adv'};
+ } else {
+ $is_adv = &is_advanced_user($udom,$uname);
+ }
+ if (ref($domdefref) eq 'HASH') {
+ %domdef = %{$domdefref};
+ } else {
+ %domdef = &get_domain_defaults($udom);
+ }
+ if (ref($domdef{$tool}) eq 'HASH') {
+ if ($is_adv) {
+ if ($domdef{$tool}{'_LC_adv'} ne '') {
+ if ($domdef{$tool}{'_LC_adv'}) {
+ $access = 1;
+ } else {
+ $access = 0;
+ }
+ return $access;
+ }
+ }
+ if ($inststatus ne '') {
+ my ($hasaccess,$hasnoaccess);
+ foreach my $affiliation (split(/:/,$inststatus)) {
+ if ($domdef{$tool}{$affiliation} ne '') {
+ if ($domdef{$tool}{$affiliation}) {
+ $hasaccess = 1;
+ } else {
+ $hasnoaccess = 1;
+ }
+ }
+ }
+ if ($hasaccess || $hasnoaccess) {
+ if ($hasaccess) {
+ $access = 1;
+ } elsif ($hasnoaccess) {
+ $access = 0;
+ }
+ return $access;
+ }
+ } else {
+ if ($domdef{$tool}{'default'} ne '') {
+ if ($domdef{$tool}{'default'}) {
+ $access = 1;
+ } elsif ($domdef{$tool}{'default'} == 0) {
+ $access = 0;
+ }
+ return $access;
+ }
+ }
+ } else {
+ if (($context eq 'tools') && ($tool ne 'webdav')) {
+ $access = 1;
+ } else {
+ $access = 0;
+ }
+ return $access;
+ }
+}
+
+sub is_course_owner {
+ my ($cdom,$cnum,$udom,$uname) = @_;
+ if (($udom eq '') || ($uname eq '')) {
+ $udom = $env{'user.domain'};
+ $uname = $env{'user.name'};
+ }
+ unless (($udom eq '') || ($uname eq '')) {
+ if (exists($env{'course.'.$cdom.'_'.$cnum.'.internal.courseowner'})) {
+ if ($env{'course.'.$cdom.'_'.$cnum.'.internal.courseowner'} eq $uname.':'.$udom) {
+ return 1;
+ } else {
+ my %courseinfo = &Apache::lonnet::coursedescription($cdom.'/'.$cnum);
+ if ($courseinfo{'internal.courseowner'} eq $uname.':'.$udom) {
+ return 1;
+ }
+ }
+ }
+ }
+ return;
+}
+
+sub is_advanced_user {
+ my ($udom,$uname) = @_;
+ if ($udom ne '' && $uname ne '') {
+ if (($udom eq $env{'user.domain'}) && ($uname eq $env{'user.name'})) {
+ if (wantarray) {
+ return ($env{'user.adv'},$env{'user.author'});
+ } else {
+ return $env{'user.adv'};
+ }
+ }
+ }
+ my %roleshash = &get_my_roles($uname,$udom,'userroles',undef,undef,undef,1);
+ my %allroles;
+ my ($is_adv,$is_author);
+ foreach my $role (keys(%roleshash)) {
+ my ($trest,$tdomain,$trole,$sec) = split(/:/,$role);
+ my $area = '/'.$tdomain.'/'.$trest;
+ if ($sec ne '') {
+ $area .= '/'.$sec;
+ }
+ if (($area ne '') && ($trole ne '')) {
+ my $spec=$trole.'.'.$area;
+ if ($trole =~ /^cr\//) {
+ &custom_roleprivs(\%allroles,$trole,$tdomain,$trest,$spec,$area);
+ } elsif ($trole ne 'gr') {
+ &standard_roleprivs(\%allroles,$trole,$tdomain,$spec,$trest,$area);
+ }
+ if ($trole eq 'au') {
+ $is_author = 1;
+ }
+ }
+ }
+ foreach my $role (keys(%allroles)) {
+ last if ($is_adv);
+ foreach my $item (split(/:/,$allroles{$role})) {
+ if ($item ne '') {
+ my ($privilege,$restrictions)=split(/&/,$item);
+ if ($privilege eq 'adv') {
+ $is_adv = 1;
+ last;
+ }
+ }
+ }
+ }
+ if (wantarray) {
+ return ($is_adv,$is_author);
+ }
+ return $is_adv;
+}
+
+sub check_can_request {
+ my ($dom,$can_request,$request_domains) = @_;
+ my $canreq = 0;
+ my ($types,$typename) = &Apache::loncommon::course_types();
+ my @options = ('approval','validate','autolimit');
+ my $optregex = join('|',@options);
+ if ((ref($can_request) eq 'HASH') && (ref($types) eq 'ARRAY')) {
+ foreach my $type (@{$types}) {
+ if (&usertools_access($env{'user.name'},
+ $env{'user.domain'},
+ $type,undef,'requestcourses')) {
+ $canreq ++;
+ if (ref($request_domains) eq 'HASH') {
+ push(@{$request_domains->{$type}},$env{'user.domain'});
+ }
+ if ($dom eq $env{'user.domain'}) {
+ $can_request->{$type} = 1;
+ }
+ }
+ if ($env{'environment.reqcrsotherdom.'.$type} ne '') {
+ my @curr = split(',',$env{'environment.reqcrsotherdom.'.$type});
+ if (@curr > 0) {
+ foreach my $item (@curr) {
+ if (ref($request_domains) eq 'HASH') {
+ my ($otherdom) = ($item =~ /^($match_domain):($optregex)(=?\d*)$/);
+ if ($otherdom ne '') {
+ if (ref($request_domains->{$type}) eq 'ARRAY') {
+ unless (grep(/^\Q$otherdom\E$/,@{$request_domains->{$type}})) {
+ push(@{$request_domains->{$type}},$otherdom);
+ }
+ } else {
+ push(@{$request_domains->{$type}},$otherdom);
+ }
+ }
+ }
+ }
+ unless($dom eq $env{'user.domain'}) {
+ $canreq ++;
+ if (grep(/^\Q$dom\E:($optregex)(=?\d*)$/,@curr)) {
+ $can_request->{$type} = 1;
+ }
+ }
+ }
+ }
+ }
+ }
+ return $canreq;
+}
+
+# ---------------------------------------------- Custom access rule evaluation
+
+sub customaccess {
my ($priv,$uri)=@_;
+ my ($urole,$urealm)=split(/\./,$env{'request.role'},2);
+ my (undef,$udom,$ucrs,$usec)=split(/\//,$urealm);
+ $udom = &LONCAPA::clean_domain($udom);
+ $ucrs = &LONCAPA::clean_username($ucrs);
+ my $access=0;
+ foreach my $right (split(/\s*\,\s*/,&metadata($uri,'rule_rights'))) {
+ my ($effect,$realm,$role,$type)=split(/\:/,$right);
+ if ($type eq 'user') {
+ foreach my $scope (split(/\s*\,\s*/,$realm)) {
+ my ($tdom,$tuname)=split(m{/},$scope);
+ if ($tdom) {
+ if ($tdom ne $env{'user.domain'}) { next; }
+ }
+ if ($tuname) {
+ if ($tuname ne $env{'user.name'}) { next; }
+ }
+ $access=($effect eq 'allow');
+ last;
+ }
+ } else {
+ if ($role) {
+ if ($role ne $urole) { next; }
+ }
+ foreach my $scope (split(/\s*\,\s*/,$realm)) {
+ my ($tdom,$tcrs,$tsec)=split(/\_/,$scope);
+ if ($tdom) {
+ if ($tdom ne $udom) { next; }
+ }
+ if ($tcrs) {
+ if ($tcrs ne $ucrs) { next; }
+ }
+ if ($tsec) {
+ if ($tsec ne $usec) { next; }
+ }
+ $access=($effect eq 'allow');
+ last;
+ }
+ if ($realm eq '' && $role eq '') {
+ $access=($effect eq 'allow');
+ }
+ }
+ }
+ return $access;
+}
+
+# ------------------------------------------------- Check for a user privilege
+sub allowed {
+ my ($priv,$uri,$symb,$role,$clientip,$noblockcheck)=@_;
+ my $ver_orguri=$uri;
+ $uri=&deversion($uri);
my $orguri=$uri;
$uri=&declutter($uri);
-# Free bre access to adm and meta resources
+ if ($priv eq 'evb') {
+# Evade communication block restrictions for specified role in a course
+ if ($env{'user.priv.'.$role} =~/evb\&([^\:]*)/) {
+ return $1;
+ } else {
+ return;
+ }
+ }
- if ((($uri=~/^adm\//) || ($uri=~/\.meta$/)) && ($priv eq 'bre')) {
+ if (defined($env{'allowed.'.$priv})) { return $env{'allowed.'.$priv}; }
+# Free bre access to adm and meta resources
+ if (((($uri=~/^adm\//) && ($uri !~ m{/(?:smppg|bulletinboard)$}))
+ || (($uri=~/\.meta$/) && ($uri!~m|^uploaded/|) ))
+ && ($priv eq 'bre')) {
return 'F';
}
+# Free bre access to user's own portfolio contents
+ my ($space,$domain,$name,@dir)=split('/',$uri);
+ if (($space=~/^(uploaded|editupload)$/) && ($env{'user.name'} eq $name) &&
+ ($env{'user.domain'} eq $domain) && ('portfolio' eq $dir[0])) {
+ my %setters;
+ my ($startblock,$endblock) =
+ &Apache::loncommon::blockcheck(\%setters,'port');
+ if ($startblock && $endblock) {
+ return 'B';
+ } else {
+ return 'F';
+ }
+ }
+
+# bre access to group portfolio for rgf priv in group, or mdg or vcg in course.
+ if (($space=~/^(uploaded|editupload)$/) && ($dir[0] eq 'groups')
+ && ($dir[2] eq 'portfolio') && ($priv eq 'bre')) {
+ if (exists($env{'request.course.id'})) {
+ my $cdom = $env{'course.'.$env{'request.course.id'}.'.domain'};
+ my $cnum = $env{'course.'.$env{'request.course.id'}.'.num'};
+ if (($domain eq $cdom) && ($name eq $cnum)) {
+ my $courseprivid=$env{'request.course.id'};
+ $courseprivid=~s/\_/\//;
+ if ($env{'user.priv.'.$env{'request.role'}.'./'.$courseprivid
+ .'/'.$dir[1]} =~/rgf\&([^\:]*)/) {
+ return $1;
+ } else {
+ if ($env{'request.course.sec'}) {
+ $courseprivid.='/'.$env{'request.course.sec'};
+ }
+ if ($env{'user.priv.'.$env{'request.role'}.'./'.
+ $courseprivid} =~/(mdg|vcg)\&([^\:]*)/) {
+ return $2;
+ }
+ }
+ }
+ }
+ }
+
# Free bre to public access
if ($priv eq 'bre') {
- if (&metadata($uri,'copyright') eq 'public') { return 'F'; }
+ my $copyright=&metadata($uri,'copyright');
+ if (($copyright eq 'public') && (!$env{'request.course.id'})) {
+ return 'F';
+ }
+ if ($copyright eq 'priv') {
+ $uri=~/([^\/]+)\/([^\/]+)\//;
+ unless (($env{'user.name'} eq $2) && ($env{'user.domain'} eq $1)) {
+ return '';
+ }
+ }
+ if ($copyright eq 'domain') {
+ $uri=~/([^\/]+)\/([^\/]+)\//;
+ unless (($env{'user.domain'} eq $1) ||
+ ($env{'course.'.$env{'request.course.id'}.'.domain'} eq $1)) {
+ return '';
+ }
+ }
+ if ($env{'request.role'}=~ /li\.\//) {
+ # Library role, so allow browsing of resources in this domain.
+ return 'F';
+ }
+ if ($copyright eq 'custom') {
+ unless (&customaccess($priv,$uri)) { return ''; }
+ }
+ }
+ # Domain coordinator is trying to create a course
+ if (($priv eq 'ccc') && ($env{'request.role'} =~ /^dc\./)) {
+ # uri is the requested domain in this case.
+ # comparison to 'request.role.domain' shows if the user has selected
+ # a role of dc for the domain in question.
+ return 'F' if ($uri eq $env{'request.role.domain'});
}
my $thisallowed='';
my $statecond=0;
my $courseprivid='';
+ my $ownaccess;
+ # Community Coordinator or Assistant Co-author browsing resource space.
+ if (($priv eq 'bro') && ($env{'user.author'})) {
+ if ($uri eq '') {
+ $ownaccess = 1;
+ } else {
+ if (($env{'user.domain'} ne '') && ($env{'user.name'} ne '')) {
+ my $udom = $env{'user.domain'};
+ my $uname = $env{'user.name'};
+ if ($uri =~ m{^\Q$udom\E/?$}) {
+ $ownaccess = 1;
+ } elsif ($uri =~ m{^\Q$udom\E/\Q$uname\E/?}) {
+ unless ($uri =~ m{\.\./}) {
+ $ownaccess = 1;
+ }
+ } elsif (($udom ne 'public') && ($uname ne 'public')) {
+ my $now = time;
+ if ($uri =~ m{^([^/]+)/?$}) {
+ my $adom = $1;
+ foreach my $key (keys(%env)) {
+ if ($key =~ m{^user\.role\.(ca|aa)/\Q$adom\E}) {
+ my ($start,$end) = split('.',$env{$key});
+ if (($now >= $start) && (!$end || $end < $now)) {
+ $ownaccess = 1;
+ last;
+ }
+ }
+ }
+ } elsif ($uri =~ m{^([^/]+)/([^/]+)/?}) {
+ my $adom = $1;
+ my $aname = $2;
+ foreach my $role ('ca','aa') {
+ if ($env{"user.role.$role./$adom/$aname"}) {
+ my ($start,$end) =
+ split('.',$env{"user.role.$role./$adom/$aname"});
+ if (($now >= $start) && (!$end || $end < $now)) {
+ $ownaccess = 1;
+ last;
+ }
+ }
+ }
+ }
+ }
+ }
+ }
+ }
+
# Course
- if ($ENV{'user.priv.'.$ENV{'request.role'}.'./'}=~/$priv\&([^\:]*)/) {
- $thisallowed.=$1;
+ if ($env{'user.priv.'.$env{'request.role'}.'./'}=~/\Q$priv\E\&([^\:]*)/) {
+ unless (($priv eq 'bro') && (!$ownaccess)) {
+ $thisallowed.=$1;
+ }
}
# Domain
- if ($ENV{'user.priv.'.$ENV{'request.role'}.'./'.(split(/\//,$uri))[0].'/'}
- =~/$priv\&([^\:]*)/) {
- $thisallowed.=$1;
+ if ($env{'user.priv.'.$env{'request.role'}.'./'.(split(/\//,$uri))[0].'/'}
+ =~/\Q$priv\E\&([^\:]*)/) {
+ unless (($priv eq 'bro') && (!$ownaccess)) {
+ $thisallowed.=$1;
+ }
+ }
+
+# User who is not author or co-author might still be able to edit
+# resource of an author in the domain (e.g., if Domain Coordinator).
+ if (($priv eq 'eco') && ($thisallowed eq '') && ($env{'request.course.id'}) &&
+ (&allowed('mdc',$env{'request.course.id'}))) {
+ if ($env{"user.priv.cm./$uri/"}=~/\Q$priv\E\&([^\:]*)/) {
+ $thisallowed.=$1;
+ }
}
# Course: uri itself is a course
@@ -1521,20 +7088,82 @@ sub allowed {
$courseuri=~s/\_(\d)/\/$1/;
$courseuri=~s/^([^\/])/\/$1/;
- if ($ENV{'user.priv.'.$ENV{'request.role'}.'.'.$courseuri}
- =~/$priv\&([^\:]*)/) {
- $thisallowed.=$1;
+ if ($env{'user.priv.'.$env{'request.role'}.'.'.$courseuri}
+ =~/\Q$priv\E\&([^\:]*)/) {
+ unless (($priv eq 'bro') && (!$ownaccess)) {
+ $thisallowed.=$1;
+ }
}
-# Full access at system, domain or course-wide level? Exit.
+# URI is an uploaded document for this course, default permissions don't matter
+# not allowing 'edit' access (editupload) to uploaded course docs
+ if (($priv eq 'bre') && ($uri=~m|^uploaded/|)) {
+ $thisallowed='';
+ my ($match)=&is_on_map($uri);
+ if ($match) {
+ if ($env{'user.priv.'.$env{'request.role'}.'./'}
+ =~/\Q$priv\E\&([^\:]*)/) {
+ my $value = $1;
+ if ($noblockcheck) {
+ $thisallowed.=$value;
+ } else {
+ my @blockers = &has_comm_blocking($priv,$symb,$uri);
+ if (@blockers > 0) {
+ $thisallowed = 'B';
+ } else {
+ $thisallowed.=$value;
+ }
+ }
+ }
+ } else {
+ my $refuri = $env{'httpref.'.$orguri} || $env{'httpref.'.$ver_orguri};
+ if ($refuri) {
+ if ($refuri =~ m|^/adm/|) {
+ $thisallowed='F';
+ } else {
+ $refuri=&declutter($refuri);
+ my ($match) = &is_on_map($refuri);
+ if ($match) {
+ if ($noblockcheck) {
+ $thisallowed='F';
+ } else {
+ my @blockers = &has_comm_blocking($priv,$symb,$refuri);
+ if (@blockers > 0) {
+ $thisallowed = 'B';
+ } else {
+ $thisallowed='F';
+ }
+ }
+ }
+ }
+ }
+ }
+ }
+
+ if ($priv eq 'bre'
+ && $thisallowed ne 'F'
+ && $thisallowed ne '2'
+ && &is_portfolio_url($uri)) {
+ $thisallowed = &portfolio_access($uri,$clientip);
+ }
+# Full access at system, domain or course-wide level? Exit.
if ($thisallowed=~/F/) {
return 'F';
}
# If this is generating or modifying users, exit with special codes
- if (':csu:cdc:ccc:cin:cta:cep:ccr:cst:cad:cli:cau:cdg:cca:'=~/\:$priv\:/) {
+ if (':csu:cdc:ccc:cin:cta:cep:ccr:cst:cad:cli:cau:cdg:cca:caa:'=~/\:\Q$priv\E\:/) {
+ if (($priv eq 'cca') || ($priv eq 'caa')) {
+ my ($audom,$auname)=split('/',$uri);
+# no author name given, so this just checks on the general right to make a co-author in this domain
+ unless ($auname) { return $thisallowed; }
+# an author name is given, so we are about to actually make a co-author for a certain account
+ if (($auname ne $env{'user.name'} && $env{'request.role'} !~ /^dc\./) ||
+ (($audom ne $env{'user.domain'} && $env{'request.role'} !~ /^dc\./) &&
+ ($audom ne $env{'request.role.domain'}))) { return ''; }
+ }
return $thisallowed;
}
#
@@ -1543,55 +7172,76 @@ sub allowed {
# Course: See if uri or referer is an individual resource that is part of
# the course
- if ($ENV{'request.course.id'}) {
- $courseprivid=$ENV{'request.course.id'};
- if ($ENV{'request.course.sec'}) {
- $courseprivid.='/'.$ENV{'request.course.sec'};
+ if ($env{'request.course.id'}) {
+
+ $courseprivid=$env{'request.course.id'};
+ if ($env{'request.course.sec'}) {
+ $courseprivid.='/'.$env{'request.course.sec'};
}
$courseprivid=~s/\_/\//;
my $checkreferer=1;
- my @uriparts=split(/\//,$uri);
- my $filename=$uriparts[$#uriparts];
- my $pathname=$uri;
- $pathname=~s/\/$filename$//;
- if ($ENV{'acc.res.'.$ENV{'request.course.id'}.'.'.$pathname}=~
- /\&$filename\:([\d\|]+)\&/) {
- $statecond=$1;
- if ($ENV{'user.priv.'.$ENV{'request.role'}.'./'.$courseprivid}
- =~/$priv\&([^\:]*)/) {
- $thisallowed.=$1;
+ my ($match,$cond)=&is_on_map($uri);
+ if ($match) {
+ $statecond=$cond;
+ if ($env{'user.priv.'.$env{'request.role'}.'./'.$courseprivid}
+ =~/\Q$priv\E\&([^\:]*)/) {
+ my $value = $1;
+ if ($priv eq 'bre') {
+ if ($noblockcheck) {
+ $thisallowed.=$value;
+ } else {
+ my @blockers = &has_comm_blocking($priv,$symb,$uri);
+ if (@blockers > 0) {
+ $thisallowed = 'B';
+ } else {
+ $thisallowed.=$value;
+ }
+ }
+ } else {
+ $thisallowed.=$value;
+ }
$checkreferer=0;
}
}
if ($checkreferer) {
- my $refuri=$ENV{'httpref.'.$orguri};
-
+ my $refuri=$env{'httpref.'.$orguri};
unless ($refuri) {
- foreach (keys %ENV) {
- if ($_=~/^httpref\..*\*/) {
- my $pattern=$_;
+ foreach my $key (keys(%env)) {
+ if ($key=~/^httpref\..*\*/) {
+ my $pattern=$key;
$pattern=~s/^httpref\.\/res\///;
$pattern=~s/\*/\[\^\/\]\+/g;
$pattern=~s/\//\\\//g;
if ($orguri=~/$pattern/) {
- $refuri=$ENV{$_};
+ $refuri=$env{$key};
}
}
}
}
+
if ($refuri) {
$refuri=&declutter($refuri);
- my @uriparts=split(/\//,$refuri);
- my $filename=$uriparts[$#uriparts];
- my $pathname=$refuri;
- $pathname=~s/\/$filename$//;
- if ($ENV{'acc.res.'.$ENV{'request.course.id'}.'.'.$pathname}=~
- /\&$filename\:([\d\|]+)\&/) {
- my $refstatecond=$1;
- if ($ENV{'user.priv.'.$ENV{'request.role'}.'./'.$courseprivid}
- =~/$priv\&([^\:]*)/) {
- $thisallowed.=$1;
+ my ($match,$cond)=&is_on_map($refuri);
+ if ($match) {
+ my $refstatecond=$cond;
+ if ($env{'user.priv.'.$env{'request.role'}.'./'.$courseprivid}
+ =~/\Q$priv\E\&([^\:]*)/) {
+ my $value = $1;
+ if ($priv eq 'bre') {
+ if ($noblockcheck) {
+ $thisallowed.=$value;
+ } else {
+ my @blockers = &has_comm_blocking($priv,$symb,$refuri);
+ if (@blockers > 0) {
+ $thisallowed = 'B';
+ } else {
+ $thisallowed.=$value;
+ }
+ }
+ } else {
+ $thisallowed.=$value;
+ }
$uri=$refuri;
$statecond=$refstatecond;
}
@@ -1629,39 +7279,39 @@ sub allowed {
my $envkey;
if ($thisallowed=~/L/) {
- foreach $envkey (keys %ENV) {
+ foreach $envkey (keys(%env)) {
if ($envkey=~/^user\.role\.(st|ta)\.([^\.]*)/) {
my $courseid=$2;
my $roleid=$1.'.'.$2;
$courseid=~s/^\///;
my $expiretime=600;
- if ($ENV{'request.role'} eq $roleid) {
+ if ($env{'request.role'} eq $roleid) {
$expiretime=120;
}
my ($cdom,$cnum,$csec)=split(/\//,$courseid);
my $prefix='course.'.$cdom.'_'.$cnum.'.';
- if ((time-$ENV{$prefix.'last_cache'})>$expiretime) {
- &coursedescription($courseid);
+ if ((time-$env{$prefix.'last_cache'})>$expiretime) {
+ &coursedescription($courseid,{'freshen_cache' => 1});
}
- if (($ENV{$prefix.'res.'.$uri.'.lock.sections'}=~/\,$csec\,/)
- || ($ENV{$prefix.'res.'.$uri.'.lock.sections'} eq 'all')) {
- if ($ENV{$prefix.'res.'.$uri.'.lock.expire'}>time) {
- &log($ENV{'user.domain'},$ENV{'user.name'},
- $ENV{'user.host'},
+ if (($env{$prefix.'res.'.$uri.'.lock.sections'}=~/\,\Q$csec\E\,/)
+ || ($env{$prefix.'res.'.$uri.'.lock.sections'} eq 'all')) {
+ if ($env{$prefix.'res.'.$uri.'.lock.expire'}>time) {
+ &log($env{'user.domain'},$env{'user.name'},
+ $env{'user.home'},
'Locked by res: '.$priv.' for '.$uri.' due to '.
$cdom.'/'.$cnum.'/'.$csec.' expire '.
- $ENV{$prefix.'priv.'.$priv.'.lock.expire'});
+ $env{$prefix.'priv.'.$priv.'.lock.expire'});
return '';
}
}
- if (($ENV{$prefix.'priv.'.$priv.'.lock.sections'}=~/\,$csec\,/)
- || ($ENV{$prefix.'priv.'.$priv.'.lock.sections'} eq 'all')) {
- if ($ENV{'priv.'.$priv.'.lock.expire'}>time) {
- &log($ENV{'user.domain'},$ENV{'user.name'},
- $ENV{'user.host'},
+ if (($env{$prefix.'priv.'.$priv.'.lock.sections'}=~/\,\Q$csec\E\,/)
+ || ($env{$prefix.'priv.'.$priv.'.lock.sections'} eq 'all')) {
+ if ($env{'priv.'.$priv.'.lock.expire'}>time) {
+ &log($env{'user.domain'},$env{'user.name'},
+ $env{'user.home'},
'Locked by priv: '.$priv.' for '.$uri.' due to '.
$cdom.'/'.$cnum.'/'.$csec.' expire '.
- $ENV{$prefix.'priv.'.$priv.'.lock.expire'});
+ $env{$prefix.'priv.'.$priv.'.lock.expire'});
return '';
}
}
@@ -1673,8 +7323,14 @@ sub allowed {
# Rest of the restrictions depend on selected course
#
- unless ($ENV{'request.course.id'}) {
- return '1';
+ unless ($env{'request.course.id'}) {
+ if ($thisallowed eq 'A') {
+ return 'A';
+ } elsif ($thisallowed eq 'B') {
+ return 'B';
+ } else {
+ return '1';
+ }
}
#
@@ -1685,12 +7341,25 @@ sub allowed {
# Course preferences
if ($thisallowed=~/C/) {
- my $rolecode=(split(/\./,$ENV{'request.role'}))[0];
- if ($ENV{'course.'.$ENV{'request.course.id'}.'.'.$priv.'.roles.denied'}
- =~/$rolecode/) {
- &log($ENV{'user.domain'},$ENV{'user.name'},$ENV{'user.host'},
- 'Denied by role: '.$priv.' for '.$uri.' as '.$rolecode.' in '.
- $ENV{'request.course.id'});
+ my $rolecode=(split(/\./,$env{'request.role'}))[0];
+ my $unamedom=$env{'user.name'}.':'.$env{'user.domain'};
+ if ($env{'course.'.$env{'request.course.id'}.'.'.$priv.'.roles.denied'}
+ =~/\Q$rolecode\E/) {
+ if (($priv ne 'pch') && ($priv ne 'plc') && ($priv ne 'pac')) {
+ &logthis($env{'user.domain'}.':'.$env{'user.name'}.':'.$env{'user.home'}.':'.
+ 'Denied by role: '.$priv.' for '.$uri.' as '.$rolecode.' in '.
+ $env{'request.course.id'});
+ }
+ return '';
+ }
+
+ if ($env{'course.'.$env{'request.course.id'}.'.'.$priv.'.users.denied'}
+ =~/\Q$unamedom\E/) {
+ if (($priv ne 'pch') && ($priv ne 'plc') && ($priv ne 'pac')) {
+ &logthis($env{'user.domain'}.':'.$env{'user.name'}.':'.$env{'user.home'}.
+ 'Denied by user: '.$priv.' for '.$uri.' as '.$unamedom.' in '.
+ $env{'request.course.id'});
+ }
return '';
}
}
@@ -1698,27 +7367,25 @@ sub allowed {
# Resource preferences
if ($thisallowed=~/R/) {
- my $rolecode=(split(/\./,$ENV{'request.role'}))[0];
- my $filename=$perlvar{'lonDocRoot'}.'/res/'.$uri.'.meta';
- if (-e $filename) {
- my @content;
- {
- my $fh=Apache::File->new($filename);
- @content=<$fh>;
+ my $rolecode=(split(/\./,$env{'request.role'}))[0];
+ if (&metadata($uri,'roledeny')=~/\Q$rolecode\E/) {
+ if (($priv ne 'pch') && ($priv ne 'plc')) {
+ &logthis($env{'user.domain'}.':'.$env{'user.name'}.':'.$env{'user.home'}.':'.
+ 'Denied by role: '.$priv.' for '.$uri.' as '.$rolecode);
}
- if (join('',@content)=~
- /\'.$announcement.'
'.$space.' - '.$qualifier.' - '.$spacequalifierrest;
# ----------------------------------------------------- Cascading lookup scheme
- if (!$symbparm) { $symbparm=&symbread(); }
my $symbp=$symbparm;
- my $mapp=(split(/\_\_\_/,$symbp))[0];
-
+ $mapp=&deversion((&decode_symb($symbp))[0]);
my $symbparm=$symbp.'.'.$spacequalifierrest;
+ my $recurseparm=$mapp.'___(rec).'.$spacequalifierrest;
my $mapparm=$mapp.'___(all).'.$spacequalifierrest;
-
- my $section;
- if (($ENV{'user.name'} eq $uname) &&
- ($ENV{'user.domain'} eq $udom)) {
- $section={'request.course.sec'};
+ if (($env{'user.name'} eq $uname) &&
+ ($env{'user.domain'} eq $udom)) {
+ $section=$env{'request.course.sec'};
+ @groups = split(/:/,$env{'request.course.groups'});
+ @groups=&sort_course_groups($courseid,@groups);
} else {
- $section=&usection($udom,$uname,$courseid);
+ if (! defined($usection)) {
+ $section=&getsection($udom,$uname,$courseid);
+ } else {
+ $section = $usection;
+ }
+ @groups = &get_users_groups($udom,$uname,$courseid);
}
my $seclevel=$courseid.'.['.$section.'].'.$spacequalifierrest;
my $seclevelr=$courseid.'.['.$section.'].'.$symbparm;
+ my $secleveli=$courseid.'.['.$section.'].'.$recurseparm;
my $seclevelm=$courseid.'.['.$section.'].'.$mapparm;
- my $courselevel=$courseid.'.'.$spacequalifierrest;
+ $courselevel=$courseid.'.'.$spacequalifierrest;
my $courselevelr=$courseid.'.'.$symbparm;
- my $courselevelm=$courseid.'.'.$mapparm;
+ $courseleveli=$courseid.'.'.$recurseparm;
+ $courselevelm=$courseid.'.'.$mapparm;
# ----------------------------------------------------------- first, check user
- my %resourcedata=&get('resourcedata',
- [$courselevelr,$courselevelm,$courselevel],
- $udom,$uname);
- if (($resourcedata{$courselevelr}!~/^error\:/) &&
- ($resourcedata{$courselevelr}!~/^con_lost/)) {
-
- if ($resourcedata{$courselevelr}) {
- return $resourcedata{$courselevelr}; }
- if ($resourcedata{$courselevelm}) {
- return $resourcedata{$courselevelm}; }
- if ($resourcedata{$courselevel}) {
- return $resourcedata{$courselevel}; }
- } else {
- if ($resourcedata{$courselevelr}!~/No such file/) {
- &logthis("WARNING:".
- " Trying to get resource data for ".
- $uname." at ".$udom.": ".
- $resourcedata{$courselevelr}."");
- }
- }
-# -------------------------------------------------------- second, check course
-
- my $coursereply=&courseresdata($ENV{'course.'.$courseid.'.num'},
- $ENV{'course.'.$courseid.'.domain'},
- ($seclevelr,$seclevelm,$seclevel,
- $courselevelr,$courselevelm,
- $courselevel));
- if ($coursereply) { return $coursereply; }
+ my $userreply=&resdata($uname,$udom,'user',$mapp,\$recursed,
+ \@recurseup,$courseid,'.',$spacequalifierrest,
+ ([$courselevelr,'resource'],
+ [$courselevelm,'map' ],
+ [$courseleveli,'map' ],
+ [$courselevel, 'course' ]));
+ if (defined($userreply)) { return &get_reply($userreply); }
+
+# ------------------------------------------------ second, check some of course
+ my $coursereply;
+ if (@groups > 0) {
+ $coursereply = &check_group_parms($courseid,\@groups,$symbparm,
+ $recurseparm,$mapparm,$spacequalifierrest,
+ $mapp,\$recursed,\@recurseup);
+ if (defined($coursereply)) { return &get_reply($coursereply); }
+ }
+
+ $coursereply=&resdata($env{'course.'.$courseid.'.num'},
+ $env{'course.'.$courseid.'.domain'},
+ 'course',$mapp,\$recursed,\@recurseup,
+ $courseid,'.['.$section.'].',$spacequalifierrest,
+ ([$seclevelr, 'resource'],
+ [$seclevelm, 'map' ],
+ [$secleveli, 'map' ],
+ [$seclevel, 'course' ],
+ [$courselevelr,'resource']));
+ if (defined($coursereply)) { return &get_reply($coursereply); }
# ------------------------------------------------------ third, check map parms
my %parmhash=();
my $thisparm='';
if (tie(%parmhash,'GDBM_File',
- $ENV{'request.course.fn'}.'_parms.db',
- &GDBM_READER,0640)) {
+ $env{'request.course.fn'}.'_parms.db',
+ &GDBM_READER(),0640)) {
$thisparm=$parmhash{$symbparm};
untie(%parmhash);
}
- if ($thisparm) { return $thisparm; }
+ if ($thisparm) { return &get_reply([$thisparm,'resource']); }
+ }
+# ------------------------------------------ fourth, look in resource metadata
+
+ my $what = $spacequalifierrest;
+ $what=~s/\./\_/;
+ my $filename;
+ if (!$symbparm) { $symbparm=&symbread(); }
+ if ($symbparm) {
+ $filename=(&decode_symb($symbparm))[2];
+ } else {
+ $filename=$env{'request.filename'};
+ }
+ my $metadata=&metadata($filename,$what);
+ if (defined($metadata)) { return &get_reply([$metadata,'resource']); }
+ $metadata=&metadata($filename,'parameter_'.$what);
+ if (defined($metadata)) { return &get_reply([$metadata,'resource']); }
+
+# ----------------------------------------------- fifth, look in rest of course
+ if ($symbparm && defined($courseid) &&
+ $courseid eq $env{'request.course.id'}) {
+ my $coursereply=&resdata($env{'course.'.$courseid.'.num'},
+ $env{'course.'.$courseid.'.domain'},
+ 'course',$mapp,\$recursed,\@recurseup,
+ $courseid,'.',$spacequalifierrest,
+ ([$courselevelm,'map' ],
+ [$courseleveli,'map' ],
+ [$courselevel, 'course']));
+ if (defined($coursereply)) { return &get_reply($coursereply); }
}
-# --------------------------------------------- last, look in resource metadata
-
- $spacequalifierrest=~s/\./\_/;
- my $metadata=&metadata($ENV{'request.filename'},$spacequalifierrest);
- if ($metadata) { return $metadata; }
- $metadata=&metadata($ENV{'request.filename'},
- 'parameter_'.$spacequalifierrest);
- if ($metadata) { return $metadata; }
-
# ------------------------------------------------------------------ Cascade up
unless ($space eq '0') {
- my ($part,$id)=split(/\_/,$space);
- if ($id) {
- my $partgeneral=&EXT('resource.'.$part.'.'.$qualifierrest,
- $symbparm,$udom,$uname);
- if ($partgeneral) { return $partgeneral; }
- } else {
- my $resourcegeneral=&EXT('resource.0.'.$qualifierrest,
- $symbparm,$udom,$uname);
- if ($resourcegeneral) { return $resourcegeneral; }
- }
+ my @parts=split(/_/,$space);
+ my $id=pop(@parts);
+ my $part=join('_',@parts);
+ if ($part eq '') { $part='0'; }
+ my @partgeneral=&EXT('resource.'.$part.'.'.$qualifierrest,
+ $symbparm,$udom,$uname,$section,1);
+ if (defined($partgeneral[0])) { return &get_reply(\@partgeneral); }
}
-
+ if ($recurse) { return undef; }
+ my $pack_def=&packages_tab_default($filename,$varname);
+ if (defined($pack_def)) { return &get_reply([$pack_def,'resource']); }
# ---------------------------------------------------- Any other user namespace
} elsif ($realm eq 'environment') {
# ----------------------------------------------------------------- environment
- return $ENV{'environment.'.$spacequalifierrest};
+ if (($uname eq $env{'user.name'})&&($udom eq $env{'user.domain'})) {
+ return $env{'environment.'.$spacequalifierrest};
+ } else {
+ if ($uname eq 'anonymous' && $udom eq '') {
+ return '';
+ }
+ my %returnhash=&userenvironment($udom,$uname,
+ $spacequalifierrest);
+ return $returnhash{$spacequalifierrest};
+ }
} elsif ($realm eq 'system') {
# ----------------------------------------------------------------- system.time
if ($space eq 'time') {
return time;
}
+ } elsif ($realm eq 'server') {
+# ----------------------------------------------------------------- system.time
+ if ($space eq 'name') {
+ return $ENV{'SERVER_NAME'};
+ }
}
return '';
}
+sub get_reply {
+ my ($reply_value) = @_;
+ if (ref($reply_value) eq 'ARRAY') {
+ if (wantarray) {
+ return @$reply_value;
+ }
+ return $reply_value->[0];
+ } else {
+ return $reply_value;
+ }
+}
+
+sub check_group_parms {
+ my ($courseid,$groups,$symbparm,$recurseparm,$mapparm,$what,$mapp,
+ $recursed,$recurseupref) = @_;
+ my @levels = ([$symbparm,'resource'],[$mapparm,'map'],[$recurseparm,'map'],
+ [$what,'course']);
+ my $coursereply;
+ foreach my $group (@{$groups}) {
+ my @groupitems = ();
+ foreach my $level (@levels) {
+ my $item = $courseid.'.['.$group.'].'.$level->[0];
+ push(@groupitems,[$item,$level->[1]]);
+ }
+ my $coursereply = &resdata($env{'course.'.$courseid.'.num'},
+ $env{'course.'.$courseid.'.domain'},
+ 'course',$mapp,$recursed,$recurseupref,
+ $courseid,'.['.$group.'].',$what,
+ @groupitems);
+ last if (defined($coursereply));
+ }
+ return $coursereply;
+}
+
+sub get_map_hierarchy {
+ my ($mapname,$courseid) = @_;
+ my @recurseup = ();
+ if ($mapname) {
+ if (($cachedmapkey eq $courseid) &&
+ (abs($cachedmaptime-time)<5)) {
+ if (ref($cachedmaps{$mapname}) eq 'ARRAY') {
+ return @{$cachedmaps{$mapname}};
+ }
+ }
+ my $navmap = Apache::lonnavmaps::navmap->new();
+ if (ref($navmap)) {
+ @recurseup = $navmap->recurseup_maps($mapname);
+ undef($navmap);
+ $cachedmaps{$mapname} = \@recurseup;
+ $cachedmaptime=time;
+ $cachedmapkey=$courseid;
+ }
+ }
+ return @recurseup;
+}
+
+}
+
+sub sort_course_groups { # Sort groups based on defined rankings. Default is sort().
+ my ($courseid,@groups) = @_;
+ @groups = sort(@groups);
+ return @groups;
+}
+
+sub packages_tab_default {
+ my ($uri,$varname)=@_;
+ my (undef,$part,$name)=split(/\./,$varname);
+
+ my (@extension,@specifics,$do_default);
+ foreach my $package (split(/,/,&metadata($uri,'packages'))) {
+ my ($pack_type,$pack_part)=split(/_/,$package,2);
+ if ($pack_type eq 'default') {
+ $do_default=1;
+ } elsif ($pack_type eq 'extension') {
+ push(@extension,[$package,$pack_type,$pack_part]);
+ } elsif ($pack_part eq $part || $pack_type eq 'part') {
+ # only look at packages defaults for packages that this id is
+ push(@specifics,[$package,$pack_type,$pack_part]);
+ }
+ }
+ # first look for a package that matches the requested part id
+ foreach my $package (@specifics) {
+ my (undef,$pack_type,$pack_part)=@{$package};
+ next if ($pack_part ne $part);
+ if (defined($packagetab{"$pack_type&$name&default"})) {
+ return $packagetab{"$pack_type&$name&default"};
+ }
+ }
+ # look for any possible matching non extension_ package
+ foreach my $package (@specifics) {
+ my (undef,$pack_type,$pack_part)=@{$package};
+ if (defined($packagetab{"$pack_type&$name&default"})) {
+ return $packagetab{"$pack_type&$name&default"};
+ }
+ if ($pack_type eq 'part') { $pack_part='0'; }
+ if (defined($packagetab{$pack_type."_".$pack_part."&$name&default"})) {
+ return $packagetab{$pack_type."_".$pack_part."&$name&default"};
+ }
+ }
+ # look for any posible extension_ match
+ foreach my $package (@extension) {
+ my ($package,$pack_type)=@{$package};
+ if (defined($packagetab{"$pack_type&$name&default"})) {
+ return $packagetab{"$pack_type&$name&default"};
+ }
+ if (defined($packagetab{$package."&$name&default"})) {
+ return $packagetab{$package."&$name&default"};
+ }
+ }
+ # look for a global default setting
+ if ($do_default && defined($packagetab{"default&$name&default"})) {
+ return $packagetab{"default&$name&default"};
+ }
+ return undef;
+}
+
+sub add_prefix_and_part {
+ my ($prefix,$part)=@_;
+ my $keyroot;
+ if (defined($prefix) && $prefix !~ /^__/) {
+ # prefix that has a part already
+ $keyroot=$prefix;
+ } elsif (defined($prefix)) {
+ # prefix that is missing a part
+ if (defined($part)) { $keyroot='_'.$part.substr($prefix,1); }
+ } else {
+ # no prefix at all
+ if (defined($part)) { $keyroot='_'.$part; }
+ }
+ return $keyroot;
+}
+
# ---------------------------------------------------------------- Get metadata
+my %metaentry;
+my %importedpartids;
sub metadata {
my ($uri,$what,$liburi,$prefix,$depthcount)=@_;
-
$uri=&declutter($uri);
+ # if it is a non metadata possible uri return quickly
+ if (($uri eq '') ||
+ (($uri =~ m|^/*adm/|) &&
+ ($uri !~ m|^adm/includes|) && ($uri !~ m{/(smppg|bulletinboard|exttools?)$})) ||
+ ($uri =~ m|/$|) || ($uri =~ m|/.meta$|) || ($uri =~ m{^/*uploaded/.+\.sequence$})) {
+ return undef;
+ }
+ if (($uri =~ /^priv/ || $uri=~m{^home/httpd/html/priv})
+ && &Apache::lonxml::get_state('target') =~ /^(|meta)$/) {
+ return undef;
+ }
my $filename=$uri;
$uri=~s/\.meta$//;
#
@@ -2395,135 +11123,485 @@ sub metadata {
# Look at timestamp of caching
# Everything is cached by the main uri, libraries are never directly cached
#
- unless (abs($metacache{$uri.':cachedtimestamp'}-time)<600) {
+ if (!defined($liburi)) {
+ my ($result,$cached)=&is_cached_new('meta',$uri);
+ if (defined($cached)) { return $result->{':'.$what}; }
+ }
+ {
+# Imported parts would go here
+ my %importedids=();
+ my @origfileimportpartids=();
+ my $importedparts=0;
#
# Is this a recursive call for a library?
#
+# if (! exists($metacache{$uri})) {
+# $metacache{$uri}={};
+# }
+ my $cachetime = 60*60;
if ($liburi) {
$liburi=&declutter($liburi);
$filename=$liburi;
- }
+ } else {
+ &devalidate_cache_new('meta',$uri);
+ undef(%metaentry);
+ }
my %metathesekeys=();
unless ($filename=~/\.meta$/) { $filename.='.meta'; }
- my $metastring=&getfile($perlvar{'lonDocRoot'}.'/res/'.$filename);
+ my $metastring;
+ if ($uri =~ /^priv/ || $uri=~/home\/httpd\/html\/priv/) {
+ my $which = &hreflocation('','/'.($liburi || $uri));
+ $metastring =
+ &Apache::lonnet::ssi_body($which,
+ ('grade_target' => 'meta'));
+ $cachetime = 1; # only want this cached in the child not long term
+ } elsif (($uri !~ m -^(editupload)/-) &&
+ ($uri !~ m{^/*uploaded/$match_domain/$match_courseid/docs/})) {
+ my $file=&filelocation('',&clutter($filename));
+ #push(@{$metaentry{$uri.'.file'}},$file);
+ $metastring=&getfile($file);
+ }
my $parser=HTML::LCParser->new(\$metastring);
my $token;
undef %metathesekeys;
while ($token=$parser->get_token) {
- if ($token->[0] eq 'S') {
- if (defined($token->[2]->{'package'})) {
+ if ($token->[0] eq 'S') {
+ if (defined($token->[2]->{'package'})) {
#
# This is a package - get package info
#
- my $package=$token->[2]->{'package'};
- my $keyroot='';
- if ($prefix) {
- $keyroot.='_'.$prefix;
- } else {
- if (defined($token->[2]->{'part'})) {
- $keyroot.='_'.$token->[2]->{'part'};
- }
- }
- if (defined($token->[2]->{'id'})) {
- $keyroot.='_'.$token->[2]->{'id'};
- }
- if ($metacache{$uri.':packages'}) {
- $metacache{$uri.':packages'}.=','.$package.$keyroot;
- } else {
- $metacache{$uri.':packages'}=$package.$keyroot;
- }
- foreach (keys %packagetab) {
- if ($_=~/^$package\&/) {
- my ($pack,$name,$subp)=split(/\&/,$_);
- my $value=$packagetab{$_};
- my $part=$keyroot;
- $part=~s/^\_//;
- if ($subp eq 'display') {
- $value.=' [Part: '.$part.']';
- }
- my $unikey='parameter'.$keyroot.'_'.$name;
- $metathesekeys{$unikey}=1;
- $metacache{$uri.':'.$unikey.'.part'}=$part;
- unless
- (defined($metacache{$uri.':'.$unikey.'.'.$subp})) {
- $metacache{$uri.':'.$unikey.'.'.$subp}=$value;
- }
- }
- }
- } else {
+ my $package=$token->[2]->{'package'};
+ my $keyroot=&add_prefix_and_part($prefix,$token->[2]->{'part'});
+ if (defined($token->[2]->{'id'})) {
+ $keyroot.='_'.$token->[2]->{'id'};
+ }
+ if ($metaentry{':packages'}) {
+ $metaentry{':packages'}.=','.$package.$keyroot;
+ } else {
+ $metaentry{':packages'}=$package.$keyroot;
+ }
+ foreach my $pack_entry (keys(%packagetab)) {
+ my $part=$keyroot;
+ $part=~s/^\_//;
+ if ($pack_entry=~/^\Q$package\E\&/ ||
+ $pack_entry=~/^\Q$package\E_0\&/) {
+ my ($pack,$name,$subp)=split(/\&/,$pack_entry);
+ # ignore package.tab specified default values
+ # here &package_tab_default() will fetch those
+ if ($subp eq 'default') { next; }
+ my $value=$packagetab{$pack_entry};
+ my $unikey;
+ if ($pack =~ /_0$/) {
+ $unikey='parameter_0_'.$name;
+ $part=0;
+ } else {
+ $unikey='parameter'.$keyroot.'_'.$name;
+ }
+ if ($subp eq 'display') {
+ $value.=' [Part: '.$part.']';
+ }
+ $metaentry{':'.$unikey.'.part'}=$part;
+ $metathesekeys{$unikey}=1;
+ unless (defined($metaentry{':'.$unikey.'.'.$subp})) {
+ $metaentry{':'.$unikey.'.'.$subp}=$value;
+ }
+ if (defined($metaentry{':'.$unikey.'.default'})) {
+ $metaentry{':'.$unikey}=
+ $metaentry{':'.$unikey.'.default'};
+ }
+ }
+ }
+ } else {
#
# This is not a package - some other kind of start tag
-#
- my $entry=$token->[1];
- my $unikey;
- if ($entry eq 'import') {
- $unikey='';
- } else {
- $unikey=$entry;
- }
- if ($prefix) {
- $unikey.=$prefix;
- } else {
- if (defined($token->[2]->{'part'})) {
- $unikey.='_'.$token->[2]->{'part'};
- }
- }
- if (defined($token->[2]->{'id'})) {
- $unikey.='_'.$token->[2]->{'id'};
- }
+#
+ my $entry=$token->[1];
+ my $unikey='';
- if ($entry eq 'import') {
+ if ($entry eq 'import') {
#
# Importing a library here
-#
- if (defined($depthcount)) { $depthcount++; } else
- { $depthcount=0; }
- if ($depthcount<20) {
- foreach (split(/\,/,&metadata($uri,'keys',
- $parser->get_text('/import'),$unikey,
- $depthcount))) {
- $metathesekeys{$_}=1;
- }
- }
- } else {
+#
+ my $location=$parser->get_text('/import');
+ my $dir=$filename;
+ $dir=~s|[^/]*$||;
+ $location=&filelocation($dir,$location);
+
+ my $importmode=$token->[2]->{'importmode'};
+ if ($importmode eq 'problem') {
+# Import as problem/response
+ $unikey=&add_prefix_and_part($prefix,$token->[2]->{'part'});
+ } elsif ($importmode eq 'part') {
+# Import as part(s)
+ $importedparts=1;
+# We need to get the original file and the imported file to get the part order correct
+# Good news: we do not need to worry about nested libraries, since parts cannot be nested
+# Load and inspect original file
+ if ($#origfileimportpartids<0) {
+ undef(%importedpartids);
+ my $origfilelocation=$perlvar{'lonDocRoot'}.&clutter($uri);
+ my $origfile=&getfile($origfilelocation);
+ @origfileimportpartids=($origfile=~/<(part|import)[^>]*id\s*=\s*[\"\']([^\"\']+)[\"\'][^>]*>/gs);
+ }
+
+# Load and inspect imported file
+ my $impfile=&getfile($location);
+ my @impfilepartids=($impfile=~/