--- loncom/lonnet/perl/lonnet.pm 2016/08/07 23:33:50 1.1172.2.77
+++ loncom/lonnet/perl/lonnet.pm 2017/06/22 02:11:28 1.1172.2.93.4.2
@@ -1,7 +1,7 @@
# The LearningOnline Network
# TCP networking package
#
-# $Id: lonnet.pm,v 1.1172.2.77 2016/08/07 23:33:50 raeburn Exp $
+# $Id: lonnet.pm,v 1.1172.2.93.4.2 2017/06/22 02:11:28 raeburn Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -89,7 +89,7 @@ use GDBM_File;
use HTML::LCParser;
use Fcntl qw(:flock);
use Storable qw(thaw nfreeze);
-use Time::HiRes qw( gettimeofday tv_interval );
+use Time::HiRes qw( sleep gettimeofday tv_interval );
use Cache::Memcached;
use Digest::MD5;
use Math::Random;
@@ -102,7 +102,7 @@ use LONCAPA::Lond;
use File::Copy;
my $readit;
-my $max_connection_retries = 10; # Or some such value.
+my $max_connection_retries = 20; # Or some such value.
require Exporter;
@@ -370,7 +370,7 @@ sub subreply {
my $lockfile=$peerfile.".lock";
while (-e $lockfile) { # Need to wait for the lockfile to disappear.
- sleep(1);
+ sleep(0.1);
}
# At this point, either a loncnew parent is listening or an old lonc
# or loncnew child is listening so we can connect or everything's dead.
@@ -388,7 +388,7 @@ sub subreply {
} else {
&create_connection(&hostname($server),$server);
}
- sleep(1); # Try again later if failed connection.
+ sleep(0.1); # Try again later if failed connection.
}
my $answer;
if ($client) {
@@ -481,7 +481,7 @@ sub critical {
close($dfh);
}
}
- sleep 2;
+ sleep 1;
my $wcmd='';
{
my $dfh;
@@ -1002,7 +1002,7 @@ sub choose_server {
if ($login_host ne '') {
$hostname = &hostname($login_host);
}
- return ($login_host,$hostname,$portal_path,$isredirect);
+ return ($login_host,$hostname,$portal_path,$isredirect,$lowest_load);
}
# --------------------------------------------- Try to change a user's password
@@ -1274,7 +1274,7 @@ sub get_lonbalancer_config {
}
sub check_loadbalancing {
- my ($uname,$udom) = @_;
+ my ($uname,$udom,$caller) = @_;
my ($is_balancer,$currtargets,$currrules,$dom_in_use,$homeintdom,
$rule_in_effect,$offloadto,$otherserver);
my $lonhost = $perlvar{'lonHostID'};
@@ -1425,13 +1425,15 @@ sub check_loadbalancing {
}
}
}
- if (($otherserver ne '') && (grep(/^\Q$otherserver\E$/,@hosts))) {
- $is_balancer = 0;
- if ($uname ne '' && $udom ne '') {
- if (($env{'user.name'} eq $uname) && ($env{'user.domain'} eq $udom)) {
+ unless ($caller eq 'login') {
+ if (($otherserver ne '') && (grep(/^\Q$otherserver\E$/,@hosts))) {
+ $is_balancer = 0;
+ if ($uname ne '' && $udom ne '') {
+ if (($env{'user.name'} eq $uname) && ($env{'user.domain'} eq $udom)) {
- &appenv({'user.loadbalexempt' => $lonhost,
- 'user.loadbalcheck.time' => time});
+ &appenv({'user.loadbalexempt' => $lonhost,
+ 'user.loadbalcheck.time' => time});
+ }
}
}
}
@@ -1686,7 +1688,12 @@ sub get_dom {
}
}
if ($udom && $uhome && ($uhome ne 'no_host')) {
- my $rep=&reply("getdom:$udom:$namespace:$items",$uhome);
+ my $rep;
+ if ($namespace =~ /^enc/) {
+ $rep=&reply("encrypt:egetdom:$udom:$namespace:$items",$uhome);
+ } else {
+ $rep=&reply("getdom:$udom:$namespace:$items",$uhome);
+ }
my %returnhash;
if ($rep eq '' || $rep =~ /^error: 2 /) {
return %returnhash;
@@ -1730,7 +1737,11 @@ sub put_dom {
$items.=&escape($item).'='.&freeze_escape($$storehash{$item}).'&';
}
$items=~s/\&$//;
- return &reply("putdom:$udom:$namespace:$items",$uhome);
+ if ($namespace =~ /^enc/) {
+ return &reply("encrypt:putdom:$udom:$namespace:$items",$uhome);
+ } else {
+ return &reply("putdom:$udom:$namespace:$items",$uhome);
+ }
} else {
&logthis("put_dom failed - no homeserver and/or domain");
}
@@ -1827,7 +1838,7 @@ sub inst_directory_query {
&escape($srch->{'srchtype'}),$homeserver);
my $host=&hostname($homeserver);
if ($queryid !~/^\Q$host\E\_/) {
- &logthis('instituional directory search invalid queryid: '.$queryid.' for host: '.$homeserver.'in domain '.$udom);
+ &logthis('institutional directory search invalid queryid: '.$queryid.' for host: '.$homeserver.' in domain '.$udom);
return;
}
my $response = &get_query_reply($queryid);
@@ -2100,7 +2111,8 @@ sub get_domain_defaults {
'requestcourses','inststatus',
'coursedefaults','usersessions',
'requestauthor','selfenrollment',
- 'coursecategories','autoenroll'],$domain);
+ 'coursecategories','autoenroll',
+ 'helpsettings'],$domain);
my @coursetypes = ('official','unofficial','community','textbook');
if (ref($domconfig{'defaults'}) eq 'HASH') {
$domdefaults{'lang_def'} = $domconfig{'defaults'}{'lang_def'};
@@ -2109,6 +2121,9 @@ sub get_domain_defaults {
$domdefaults{'timezone_def'} = $domconfig{'defaults'}{'timezone_def'};
$domdefaults{'datelocale_def'} = $domconfig{'defaults'}{'datelocale_def'};
$domdefaults{'portal_def'} = $domconfig{'defaults'}{'portal_def'};
+ $domdefaults{'intauth_cost'} = $domconfig{'defaults'}{'intauth_cost'};
+ $domdefaults{'intauth_switch'} = $domconfig{'defaults'}{'intauth_switch'};
+ $domdefaults{'intauth_check'} = $domconfig{'defaults'}{'intauth_check'};
} else {
$domdefaults{'lang_def'} = &domain($domain,'lang_def');
$domdefaults{'auth_def'} = &domain($domain,'auth_def');
@@ -2228,10 +2243,32 @@ sub get_domain_defaults {
if (ref($domconfig{'autoenroll'}) eq 'HASH') {
$domdefaults{'autofailsafe'} = $domconfig{'autoenroll'}{'autofailsafe'};
}
+ if (ref($domconfig{'helpsettings'}) eq 'HASH') {
+ $domdefaults{'submitbugs'} = $domconfig{'helpsettings'}{'submitbugs'};
+ if (ref($domconfig{'helpsettings'}{'adhoc'}) eq 'HASH') {
+ $domdefaults{'adhocroles'} = $domconfig{'helpsettings'}{'adhoc'};
+ }
+ }
&do_cache_new('domdefaults',$domain,\%domdefaults,$cachetime);
return %domdefaults;
}
+sub course_portal_url {
+ my ($cnum,$cdom) = @_;
+ my $chome = &homeserver($cnum,$cdom);
+ my $hostname = &hostname($chome);
+ my $protocol = $protocol{$chome};
+ $protocol = 'http' if ($protocol ne 'https');
+ my %domdefaults = &get_domain_defaults($cdom);
+ my $firsturl;
+ if ($domdefaults{'portal_def'}) {
+ $firsturl = $domdefaults{'portal_def'};
+ } else {
+ $firsturl = $protocol.'://'.$hostname;
+ }
+ return $firsturl;
+}
+
# --------------------------------------------------- Assign a key to a student
sub assign_access_key {
@@ -2468,21 +2505,25 @@ sub make_key {
sub devalidate_cache_new {
my ($name,$id,$debug) = @_;
if ($debug) { &Apache::lonnet::logthis("deleting $name:$id"); }
+ my $remembered_id=$name.':'.$id;
$id=&make_key($name,$id);
$memcache->delete($id);
- delete($remembered{$id});
- delete($accessed{$id});
+ delete($remembered{$remembered_id});
+ delete($accessed{$remembered_id});
}
sub is_cached_new {
my ($name,$id,$debug) = @_;
- $id=&make_key($name,$id);
- if (exists($remembered{$id})) {
- if ($debug) { &Apache::lonnet::logthis("Early return $id of $remembered{$id} "); }
- $accessed{$id}=[&gettimeofday()];
+ my $remembered_id=$name.':'.$id; # this is to avoid make_key (which is slow) for
+ # keys in %remembered hash, which persists for
+ # duration of request (no restriction on key length).
+ if (exists($remembered{$remembered_id})) {
+ if ($debug) { &Apache::lonnet::logthis("Early return $remembered_id of $remembered{$remembered_id} "); }
+ $accessed{$remembered_id}=[&gettimeofday()];
$hits++;
- return ($remembered{$id},1);
+ return ($remembered{$remembered_id},1);
}
+ $id=&make_key($name,$id);
my $value = $memcache->get($id);
if (!(defined($value))) {
if ($debug) { &Apache::lonnet::logthis("getting $id is not defined"); }
@@ -2492,13 +2533,14 @@ sub is_cached_new {
if ($debug) { &Apache::lonnet::logthis("getting $id is __undef__"); }
$value=undef;
}
- &make_room($id,$value,$debug);
+ &make_room($remembered_id,$value,$debug);
if ($debug) { &Apache::lonnet::logthis("getting $id is $value"); }
return ($value,1);
}
sub do_cache_new {
my ($name,$id,$value,$time,$debug) = @_;
+ my $remembered_id=$name.':'.$id;
$id=&make_key($name,$id);
my $setvalue=$value;
if (!defined($setvalue)) {
@@ -2514,17 +2556,17 @@ sub do_cache_new {
$memcache->disconnect_all();
}
# need to make a copy of $value
- &make_room($id,$value,$debug);
+ &make_room($remembered_id,$value,$debug);
return $value;
}
sub make_room {
- my ($id,$value,$debug)=@_;
+ my ($remembered_id,$value,$debug)=@_;
- $remembered{$id}= (ref($value)) ? &Storable::dclone($value)
+ $remembered{$remembered_id}= (ref($value)) ? &Storable::dclone($value)
: $value;
if ($to_remember<0) { return; }
- $accessed{$id}=[&gettimeofday()];
+ $accessed{$remembered_id}=[&gettimeofday()];
if (scalar(keys(%remembered)) <= $to_remember) { return; }
my $to_kick;
my $max_time=0;
@@ -2987,6 +3029,14 @@ sub can_edit_resource {
$forceedit = 1;
}
$cfile = $resurl;
+ } elsif ($resurl =~ m{^/adm/wrapper/adm/$cdom/$cnum/\d+/ext\.tool$}) {
+ $incourse = 1;
+ if ($env{'form.forceedit'}) {
+ $forceview = 1;
+ } else {
+ $forceedit = 1;
+ }
+ $cfile = $resurl;
} elsif ($resurl =~ m{^/?adm/viewclasslist$}) {
$incourse = 1;
if ($env{'form.forceedit'}) {
@@ -3011,6 +3061,14 @@ sub can_edit_resource {
$forceedit = 1;
}
$cfile = $resurl;
+ } elsif (($resurl =~ m{^/adm/wrapper/adm/$cdom/$cnum/\d+/ext\.tool$}) && ($env{'form.folderpath'} =~ /^supplemental/)) {
+ $incourse = 1;
+ if ($env{'form.forceedit'}) {
+ $forceview = 1;
+ } else {
+ $forceedit = 1;
+ }
+ $cfile = $resurl;
} elsif (($resurl eq '/adm/extresedit') && ($symb || $env{'form.folderpath'})) {
$incourse = 1;
$forceview = 1;
@@ -3020,8 +3078,13 @@ sub can_edit_resource {
$cfile = &clutter($res);
} else {
$cfile = $env{'form.suppurl'};
- $cfile =~ s{^http://}{};
- $cfile = '/adm/wrapper/ext/'.$cfile;
+ my $escfile = &unescape($cfile);
+ if ($escfile =~ m{^/adm/$cdom/$cnum/\d+/ext\.tool$}) {
+ $cfile = '/adm/wrapper'.$escfile;
+ } else {
+ $escfile =~ s{^http://}{};
+ $cfile = &escape("/adm/wrapper/ext/$escfile");
+ }
}
} elsif ($resurl =~ m{^/?adm/viewclasslist$}) {
if ($env{'form.forceedit'}) {
@@ -3903,7 +3966,7 @@ sub flushcourselogs {
}
}
#
-# Reverse lookup of domain roles (dc, ad, li, sc, au)
+# Reverse lookup of domain roles (dc, ad, li, sc, dh, da, au)
#
my %domrolebuffer = ();
foreach my $entry (keys(%domainrolehash)) {
@@ -3918,10 +3981,19 @@ sub flushcourselogs {
delete $domainrolehash{$entry};
}
foreach my $dom (keys(%domrolebuffer)) {
- my %servers = &get_servers($dom,'library');
+ my %servers;
+ if (defined(&domain($dom,'primary'))) {
+ my $primary=&domain($dom,'primary');
+ my $hostname=&hostname($primary);
+ $servers{$primary} = $hostname;
+ } else {
+ %servers = &get_servers($dom,'library');
+ }
foreach my $tryserver (keys(%servers)) {
- unless (&reply('domroleput:'.$dom.':'.
- $domrolebuffer{$dom},$tryserver) eq 'ok') {
+ if (&reply('domroleput:'.$dom.':'.
+ $domrolebuffer{$dom},$tryserver) eq 'ok') {
+ last;
+ } else {
&logthis('Put of domain roles failed for '.$dom.' and '.$tryserver);
}
}
@@ -4041,7 +4113,7 @@ sub userrolelog {
{$trole.':'.$username.':'.$domain.':'.$env{'user.name'}.':'.$env{'user.domain'}.':'}
=$tend.':'.$tstart;
}
- if ($trole =~ /^(dc|ad|li|au|dg|sc)/ ) {
+ if ($trole =~ /^(dc|ad|li|au|dg|sc|dh|da)/ ) {
my (undef,$rudom,$runame,$rsec)=split(/\//,$area);
$domainrolehash
{$trole.':'.$username.':'.$domain.':'.$runame.':'.$rudom.':'.$rsec}
@@ -4268,6 +4340,195 @@ sub get_my_roles {
return %returnhash;
}
+sub get_all_adhocroles {
+ my ($dom) = @_;
+ my @roles_by_num = ();
+ my %domdefaults = &get_domain_defaults($dom);
+ my (%description,%access_in_dom,%access_info);
+ if (ref($domdefaults{'adhocroles'}) eq 'HASH') {
+ my $count = 0;
+ my %domcurrent = %{$domdefaults{'adhocroles'}};
+ my %ordered;
+ foreach my $role (sort(keys(%domcurrent))) {
+ my ($order,$desc,$access_in_dom);
+ if (ref($domcurrent{$role}) eq 'HASH') {
+ $order = $domcurrent{$role}{'order'};
+ $desc = $domcurrent{$role}{'desc'};
+ $access_in_dom{$role} = $domcurrent{$role}{'access'};
+ $access_info{$role} = $domcurrent{$role}{$access_in_dom{$role}};
+ }
+ if ($order eq '') {
+ $order = $count;
+ }
+ $ordered{$order} = $role;
+ if ($desc ne '') {
+ $description{$role} = $desc;
+ } else {
+ $description{$role}= $role;
+ }
+ $count++;
+ }
+ foreach my $item (sort {$a <=> $b } (keys(%ordered))) {
+ push(@roles_by_num,$ordered{$item});
+ }
+ }
+ return (\@roles_by_num,\%description,\%access_in_dom,\%access_info);
+}
+
+sub get_my_adhocroles {
+ my ($cid,$checkreg) = @_;
+ my ($cdom,$cnum,%info,@possroles,$description,$roles_by_num);
+ if ($env{'request.course.id'} eq $cid) {
+ $cdom = $env{'course.'.$cid.'.domain'};
+ $cnum = $env{'course.'.$cid.'.num'};
+ $info{'internal.coursecode'} = $env{'course.'.$cid.'.internal.coursecode'};
+ } elsif ($cid =~ /^($match_domain)_($match_courseid)$/) {
+ $cdom = $1;
+ $cnum = $2;
+ %info = &Apache::lonnet::get('environment',['internal.coursecode'],
+ $cdom,$cnum);
+ }
+ if (($info{'internal.coursecode'} ne '') && ($checkreg)) {
+ my $user = $env{'user.name'}.':'.$env{'user.domain'};
+ my %rosterhash = &get('classlist',[$user],$cdom,$cnum);
+ if ($rosterhash{$user} ne '') {
+ my $type = (split(/:/,$rosterhash{$user}))[5];
+ return ([],{}) if ($type eq 'auto');
+ }
+ }
+ if (($cdom ne '') && ($cnum ne '')) {
+ if (($env{"user.role.dh./$cdom/"}) || ($env{"user.role.da./$cdom/"})) {
+ my $then=$env{'user.login.time'};
+ my $update=$env{'user.update.time'};
+ if (!$update) {
+ $update = $then;
+ }
+ my @liveroles;
+ foreach my $role ('dh','da') {
+ if ($env{"user.role.$role./$cdom/"}) {
+ my ($tstart,$tend)=split(/\./,$env{"user.role.$role./$cdom/"});
+ my $limit = $update;
+ if ($env{'request.role'} eq "$role./$cdom/") {
+ $limit = $then;
+ }
+ my $activerole = 1;
+ if ($tstart && $tstart>$limit) { $activerole = 0; }
+ if ($tend && $tend <$limit) { $activerole = 0; }
+ if ($activerole) {
+ push(@liveroles,$role);
+ }
+ }
+ }
+ if (@liveroles) {
+ if (&homeserver($cnum,$cdom) ne 'no_host') {
+ my ($accessref,$accessinfo,%access_in_dom);
+ ($roles_by_num,$description,$accessref,$accessinfo) = &get_all_adhocroles($cdom);
+ if (ref($roles_by_num) eq 'ARRAY') {
+ if (@{$roles_by_num}) {
+ my %settings;
+ if ($env{'request.course.id'} eq $cid) {
+ foreach my $envkey (keys(%env)) {
+ if ($envkey =~ /^\Qcourse.$cid.\E(internal\.adhoc.+)$/) {
+ $settings{$1} = $env{$envkey};
+ }
+ }
+ } else {
+ %settings = &dump('environment',$cdom,$cnum,'internal\.adhoc');
+ }
+ my %setincrs;
+ if ($settings{'internal.adhocaccess'}) {
+ map { $setincrs{$_} = 1; } split(/,/,$settings{'internal.adhocaccess'});
+ }
+ my @statuses;
+ if ($env{'environment.inststatus'}) {
+ @statuses = split(/,/,$env{'environment.inststatus'});
+ }
+ my $user = $env{'user.name'}.':'.$env{'user.domain'};
+ if (ref($accessref) eq 'HASH') {
+ %access_in_dom = %{$accessref};
+ }
+ foreach my $role (@{$roles_by_num}) {
+ my ($curraccess,@okstatus,@personnel);
+ if ($setincrs{$role}) {
+ ($curraccess,my $rest) = split(/=/,$settings{'internal.adhoc.'.$role});
+ if ($curraccess eq 'status') {
+ @okstatus = split(/\&/,$rest);
+ } elsif (($curraccess eq 'exc') || ($curraccess eq 'inc')) {
+ @personnel = split(/\&/,$rest);
+ }
+ } else {
+ $curraccess = $access_in_dom{$role};
+ if (ref($accessinfo) eq 'HASH') {
+ if ($curraccess eq 'status') {
+ if (ref($accessinfo->{$role}) eq 'ARRAY') {
+ @okstatus = @{$accessinfo->{$role}};
+ }
+ } elsif (($curraccess eq 'exc') || ($curraccess eq 'inc')) {
+ if (ref($accessinfo->{$role}) eq 'ARRAY') {
+ @personnel = @{$accessinfo->{$role}};
+ }
+ }
+ }
+ }
+ if ($curraccess eq 'none') {
+ next;
+ } elsif ($curraccess eq 'all') {
+ push(@possroles,$role);
+ } elsif ($curraccess eq 'dh') {
+ if (grep(/^dh$/,@liveroles)) {
+ push(@possroles,$role);
+ } else {
+ next;
+ }
+ } elsif ($curraccess eq 'da') {
+ if (grep(/^da$/,@liveroles)) {
+ push(@possroles,$role);
+ } else {
+ next;
+ }
+ } elsif ($curraccess eq 'status') {
+ if (@okstatus) {
+ if (!@statuses) {
+ if (grep(/^default$/,@okstatus)) {
+ push(@possroles,$role);
+ }
+ } else {
+ foreach my $status (@okstatus) {
+ if (grep(/^\Q$status\E$/,@statuses)) {
+ push(@possroles,$role);
+ last;
+ }
+ }
+ }
+ }
+ } elsif (($curraccess eq 'exc') || ($curraccess eq 'inc')) {
+ if (grep(/^\Q$user\E$/,@personnel)) {
+ if ($curraccess eq 'exc') {
+ push(@possroles,$role);
+ }
+ } elsif ($curraccess eq 'inc') {
+ push(@possroles,$role);
+ }
+ }
+ }
+ }
+ }
+ }
+ }
+ }
+ }
+ unless (ref($description) eq 'HASH') {
+ if (ref($roles_by_num) eq 'ARRAY') {
+ my %desc;
+ map { $desc{$_} = $_; } (@{$roles_by_num});
+ $description = \%desc;
+ } else {
+ $description = {};
+ }
+ }
+ return (\@possroles,$description);
+}
+
# ----------------------------------------------------- Frontpage Announcements
#
#
@@ -4508,6 +4769,21 @@ sub get_domain_roles {
return %personnel;
}
+sub get_active_domroles {
+ my ($dom,$roles) = @_;
+ return () unless (ref($roles) eq 'ARRAY');
+ my $now = time;
+ my %dompersonnel = &get_domain_roles($dom,$roles,$now,$now);
+ my %domroles;
+ foreach my $server (keys(%dompersonnel)) {
+ foreach my $user (sort(keys(%{$dompersonnel{$server}}))) {
+ my ($trole,$uname,$udom,$runame,$rudom,$rsec) = split(/:/,$user);
+ $domroles{$uname.':'.$udom} = $dompersonnel{$server}{$user};
+ }
+ }
+ return %domroles;
+}
+
# ----------------------------------------------------------- Interval timing
{
@@ -4522,9 +4798,10 @@ my %cachedtimes=();
my $cachedtime='';
sub load_all_first_access {
- my ($uname,$udom)=@_;
+ my ($uname,$udom,$ignorecache)=@_;
if (($cachedkey eq $uname.':'.$udom) &&
- (abs($cachedtime-time)<5) && (!$env{'form.markaccess'})) {
+ (abs($cachedtime-time)<5) && (!$env{'form.markaccess'}) &&
+ (!$ignorecache)) {
return;
}
$cachedtime=time;
@@ -4533,7 +4810,7 @@ sub load_all_first_access {
}
sub get_first_access {
- my ($type,$argsymb,$argmap)=@_;
+ my ($type,$argsymb,$argmap,$ignorecache)=@_;
my ($symb,$courseid,$udom,$uname)=&whichuser();
if ($argsymb) { $symb=$argsymb; }
my ($map,$id,$res)=&decode_symb($symb);
@@ -4545,7 +4822,7 @@ sub get_first_access {
} else {
$res=$symb;
}
- &load_all_first_access($uname,$udom);
+ &load_all_first_access($uname,$udom,$ignorecache);
return $cachedtimes{"$courseid\0$res"};
}
@@ -5446,9 +5723,10 @@ sub rolesinit {
}
}
- @userroles{'user.author', 'user.adv'} = &set_userprivs(\%userroles,
- \%allroles, \%allgroups);
+ @userroles{'user.author','user.adv','user.rar'} = &set_userprivs(\%userroles,
+ \%allroles, \%allgroups);
$env{'user.adv'} = $userroles{'user.adv'};
+ $env{'user.rar'} = $userroles{'user.rar'};
return (\%userroles,\%firstaccenv,\%timerintenv);
}
@@ -5484,6 +5762,10 @@ sub custom_roleprivs {
$$allroles{$spec.'./'.$tdomain.'/'}.=':'.$dompriv;
}
if (($trest ne '') && (defined($coursepriv))) {
+ if ($trole =~ m{^cr/$tdomain/$tdomain\Q-domainconfig\E/([^/]+)$}) {
+ my $rolename = $1;
+ $coursepriv = &course_adhocrole_privs($rolename,$tdomain,$trest,$coursepriv);
+ }
$$allroles{'cm.'.$area}.=':'.$coursepriv;
$$allroles{$spec.'.'.$area}.=':'.$coursepriv;
}
@@ -5492,6 +5774,48 @@ sub custom_roleprivs {
}
}
+sub course_adhocrole_privs {
+ my ($rolename,$cdom,$cnum,$coursepriv) = @_;
+ my %overrides = &get('environment',["internal.adhocpriv.$rolename"],$cdom,$cnum);
+ if ($overrides{"internal.adhocpriv.$rolename"}) {
+ my (%currprivs,%storeprivs);
+ foreach my $item (split(/:/,$coursepriv)) {
+ my ($priv,$restrict) = split(/\&/,$item);
+ $currprivs{$priv} = $restrict;
+ }
+ my (%possadd,%possremove,%full);
+ foreach my $item (split(/\:/,$Apache::lonnet::pr{'cr:c'})) {
+ my ($priv,$restrict)=split(/\&/,$item);
+ $full{$priv} = $restrict;
+ }
+ foreach my $item (split(/,/,$overrides{"internal.adhocpriv.$rolename"})) {
+ next if ($item eq '');
+ my ($rule,$rest) = split(/=/,$item);
+ next unless (($rule eq 'off') || ($rule eq 'on'));
+ foreach my $priv (split(/:/,$rest)) {
+ if ($priv ne '') {
+ if ($rule eq 'off') {
+ $possremove{$priv} = 1;
+ } else {
+ $possadd{$priv} = 1;
+ }
+ }
+ }
+ }
+ foreach my $priv (sort(keys(%full))) {
+ if (exists($currprivs{$priv})) {
+ unless (exists($possremove{$priv})) {
+ $storeprivs{$priv} = $currprivs{$priv};
+ }
+ } elsif (exists($possadd{$priv})) {
+ $storeprivs{$priv} = $full{$priv};
+ }
+ }
+ $coursepriv = ':'.join(':',map { $_.'&'.$storeprivs{$_}; } sort(keys(%storeprivs)));
+ }
+ return $coursepriv;
+}
+
sub group_roleprivs {
my ($allgroups,$area,$group_privs,$tend,$tstart) = @_;
my $access = 1;
@@ -5526,6 +5850,7 @@ sub set_userprivs {
my ($userroles,$allroles,$allgroups,$groups_roles) = @_;
my $author=0;
my $adv=0;
+ my $rar=0;
my %grouproles = ();
if (keys(%{$allgroups}) > 0) {
my @groupkeys;
@@ -5573,6 +5898,7 @@ sub set_userprivs {
$thesepriv{$privilege}.=$restrictions;
}
if ($thesepriv{'adv'} eq 'F') { $adv=1; }
+ if ($thesepriv{'rar'} eq 'F') { $rar=1; }
}
}
my $thesestr='';
@@ -5581,7 +5907,7 @@ sub set_userprivs {
}
$userroles->{'user.priv.'.$role} = $thesestr;
}
- return ($author,$adv);
+ return ($author,$adv,$rar);
}
sub role_status {
@@ -5626,9 +5952,10 @@ sub role_status {
push(@rolecodes,$$role);
&standard_roleprivs(\%allroles,$$role,$tdomain,$spec,$trest,$$where);
}
- my ($author,$adv)= &set_userprivs(\%userroles,\%allroles,\%allgroups,\%groups_roles);
+ my ($author,$adv,$rar)= &set_userprivs(\%userroles,\%allroles,\%allgroups,
+ \%groups_roles);
&appenv(\%userroles,\@rolecodes);
- &log($env{'user.domain'},$env{'user.name'},$env{'user.home'},"Role ".$role);
+ &log($env{'user.domain'},$env{'user.name'},$env{'user.home'},"Role ".$spec);
}
}
$$tstatus = 'is';
@@ -5704,39 +6031,56 @@ sub delete_env_groupprivs {
}
sub check_adhoc_privs {
- my ($cdom,$cnum,$update,$refresh,$now,$checkrole,$caller) = @_;
+ my ($cdom,$cnum,$update,$refresh,$now,$checkrole,$caller,$sec) = @_;
my $cckey = 'user.role.'.$checkrole.'./'.$cdom.'/'.$cnum;
+ if ($sec) {
+ $cckey .= '/'.$sec;
+ }
my $setprivs;
if ($env{$cckey}) {
my ($role,$where,$trolecode,$tstart,$tend,$tremark,$tstatus,$tpstart,$tpend);
&role_status($cckey,$update,$refresh,$now,\$role,\$where,\$trolecode,\$tstatus,\$tstart,\$tend);
unless (($tstatus eq 'is') || ($tstatus eq 'will_not')) {
- &set_adhoc_privileges($cdom,$cnum,$checkrole,$caller);
+ &set_adhoc_privileges($cdom,$cnum,$checkrole,$caller,$sec);
$setprivs = 1;
}
} else {
- &set_adhoc_privileges($cdom,$cnum,$checkrole,$caller);
+ &set_adhoc_privileges($cdom,$cnum,$checkrole,$caller,$sec);
$setprivs = 1;
}
return $setprivs;
}
sub set_adhoc_privileges {
-# role can be cc or ca
- my ($dcdom,$pickedcourse,$role,$caller) = @_;
+# role can be cc, ca, or cr/<dom>/<dom>-domainconfig/role
+ my ($dcdom,$pickedcourse,$role,$caller,$sec) = @_;
my $area = '/'.$dcdom.'/'.$pickedcourse;
+ if ($sec ne '') {
+ $area .= '/'.$sec;
+ }
my $spec = $role.'.'.$area;
my %userroles = &set_arearole($role,$area,'','',$env{'user.domain'},
$env{'user.name'},1);
- my %ccrole = ();
- &standard_roleprivs(\%ccrole,$role,$dcdom,$spec,$pickedcourse,$area);
- my ($author,$adv)= &set_userprivs(\%userroles,\%ccrole);
+ my %rolehash = ();
+ if ($role =~ m{^\Qcr/$dcdom/$dcdom\E\-domainconfig/(\w+)$}) {
+ my $rolename = $1;
+ &custom_roleprivs(\%rolehash,$role,$dcdom,$pickedcourse,$spec,$area);
+ my %domdef = &get_domain_defaults($dcdom);
+ if (ref($domdef{'adhocroles'}) eq 'HASH') {
+ if (ref($domdef{'adhocroles'}{$rolename}) eq 'HASH') {
+ &appenv({'request.role.desc' => $domdef{'adhocroles'}{$rolename}{'desc'},});
+ }
+ }
+ } else {
+ &standard_roleprivs(\%rolehash,$role,$dcdom,$spec,$pickedcourse,$area);
+ }
+ my ($author,$adv,$rar)= &set_userprivs(\%userroles,\%rolehash);
&appenv(\%userroles,[$role,'cm']);
- &log($env{'user.domain'},$env{'user.name'},$env{'user.home'},"Role ".$role);
+ &log($env{'user.domain'},$env{'user.name'},$env{'user.home'},"Role ".$spec);
unless ($caller eq 'constructaccess' && $env{'request.course.id'}) {
&appenv( {'request.role' => $spec,
'request.role.domain' => $dcdom,
- 'request.course.sec' => ''
+ 'request.course.sec' => $sec,
}
);
my $tadv=0;
@@ -5884,7 +6228,7 @@ sub currentdump {
#
my %returnhash=();
#
- if ($rep eq "unknown_cmd") {
+ if ($rep eq 'unknown_cmd') {
# an old lond will not know currentdump
# Do a dump and make it look like a currentdump
my @tmp = &dumpstore($courseid,$sdom,$sname,'.');
@@ -6118,9 +6462,11 @@ sub tmpget {
if (!defined($server)) { $server = $perlvar{'lonHostID'}; }
my $rep=&reply("tmpget:$token",$server);
my %returnhash;
+ if ($rep =~ /^(con_lost|error|no_such_host)/i) {
+ return %returnhash;
+ }
foreach my $item (split(/\&/,$rep)) {
my ($key,$value)=split(/=/,$item);
- next if ($key =~ /^error: 2 /);
$returnhash{&unescape($key)}=&thaw_unescape($value);
}
return %returnhash;
@@ -6815,7 +7161,7 @@ sub allowed {
if (defined($env{'allowed.'.$priv})) { return $env{'allowed.'.$priv}; }
# Free bre access to adm and meta resources
- if (((($uri=~/^adm\//) && ($uri !~ m{/(?:smppg|bulletinboard)$}))
+ if (((($uri=~/^adm\//) && ($uri !~ m{/(?:smppg|bulletinboard|ext\.tool)$}))
|| (($uri=~/\.meta$/) && ($uri!~m|^uploaded/|) ))
&& ($priv eq 'bre')) {
return 'F';
@@ -7303,7 +7649,7 @@ sub constructaccess {
my ($ownername,$ownerdomain,$ownerhome);
($ownerdomain,$ownername) =
- ($url=~ m{^(?:\Q$perlvar{'lonDocRoot'}\E|)/priv/($match_domain)/($match_username)/});
+ ($url=~ m{^(?:\Q$perlvar{'lonDocRoot'}\E|)/priv/($match_domain)/($match_username)(?:/|$)});
# The URL does not really point to any authorspace, forget it
unless (($ownername) && ($ownerdomain)) { return ''; }
@@ -7476,7 +7822,8 @@ sub get_commblock_resources {
}
}
}
- if ($interval[0] =~ /^\d+$/) {
+ if ($interval[0] =~ /^(\d+)/) {
+ my $timelimit = $1;
my $first_access;
if ($type eq 'resource') {
$first_access=&get_first_access($interval[1],$item);
@@ -7486,7 +7833,7 @@ sub get_commblock_resources {
$first_access=&get_first_access($interval[1]);
}
if ($first_access) {
- my $timesup = $first_access+$interval[0];
+ my $timesup = $first_access+$timelimit;
if ($timesup > $now) {
my $activeblock;
foreach my $res (@to_test) {
@@ -7641,7 +7988,7 @@ sub get_symb_from_alias {
sub definerole {
if (allowed('mcr','/')) {
- my ($rolename,$sysrole,$domrole,$courole)=@_;
+ my ($rolename,$sysrole,$domrole,$courole,$uname,$udom)=@_;
foreach my $role (split(':',$sysrole)) {
my ($crole,$cqual)=split(/\&/,$role);
if ($pr{'cr:s'}!~/\Q$crole\E/) { return "refused:s:$crole"; }
@@ -7669,11 +8016,19 @@ sub definerole {
}
}
}
+ my $uhome;
+ if (($uname ne '') && ($udom ne '')) {
+ $uhome = &homeserver($uname,$udom);
+ return $uhome if ($uhome eq 'no_host');
+ } else {
+ $uname = $env{'user.name'};
+ $udom = $env{'user.domain'};
+ $uhome = $env{'user.home'};
+ }
my $command="encrypt:rolesput:$env{'user.domain'}:$env{'user.name'}:".
- "$env{'user.domain'}:$env{'user.name'}:".
- "rolesdef_$rolename=".
+ "$udom:$uname:rolesdef_$rolename=".
escape($sysrole.'_'.$domrole.'_'.$courole);
- return reply($command,$env{'user.home'});
+ return reply($command,$uhome);
} else {
return 'refused';
}
@@ -7755,10 +8110,12 @@ sub update_allusers_table {
sub fetch_enrollment_query {
my ($context,$affiliatesref,$replyref,$dom,$cnum) = @_;
- my $homeserver;
+ my ($homeserver,$sleep,$loopmax);
my $maxtries = 1;
if ($context eq 'automated') {
$homeserver = $perlvar{'lonHostID'};
+ $sleep = 2;
+ $loopmax = 100;
$maxtries = 10; # will wait for up to 2000s for retrieval of classlist data before timeout
} else {
$homeserver = &homeserver($cnum,$dom);
@@ -7776,17 +8133,17 @@ sub fetch_enrollment_query {
&logthis('fetch_enrollment_query: invalid queryid: '.$queryid.' for host: '.$host.' and homeserver: '.$homeserver.' context: '.$context.' '.$cnum);
return 'error: '.$queryid;
}
- my $reply = &get_query_reply($queryid);
+ my $reply = &get_query_reply($queryid,$sleep,$loopmax);
my $tries = 1;
while (($reply=~/^timeout/) && ($tries < $maxtries)) {
- $reply = &get_query_reply($queryid);
+ $reply = &get_query_reply($queryid,$sleep,$loopmax);
$tries ++;
}
if ( ($reply =~/^timeout/) || ($reply =~/^error/) ) {
&logthis('fetch_enrollment_query error: '.$reply.' for '.$dom.' '.$env{'user.name'}.' for '.$queryid.' context: '.$context.' '.$cnum.' maxtries: '.$maxtries.' tries: '.$tries);
} else {
my @responses = split(/:/,$reply);
- if ($homeserver eq $perlvar{'lonHostID'}) {
+ if (grep { $_ eq $homeserver } ¤t_machine_ids()) {
foreach my $line (@responses) {
my ($key,$value) = split(/=/,$line,2);
$$replyref{$key} = $value;
@@ -7821,11 +8178,17 @@ sub fetch_enrollment_query {
}
sub get_query_reply {
- my $queryid=shift;
+ my ($queryid,$sleep,$loopmax) = @_;
+ if (($sleep eq '') || ($sleep !~ /^\d+\.?\d*$/)) {
+ $sleep = 0.2;
+ }
+ if (($loopmax eq '') || ($loopmax =~ /\D/)) {
+ $loopmax = 100;
+ }
my $replyfile=LONCAPA::tempdir().$queryid;
my $reply='';
- for (1..100) {
- sleep 2;
+ for (1..$loopmax) {
+ sleep($sleep);
if (-e $replyfile.'.end') {
if (open(my $fh,$replyfile)) {
$reply = join('',<$fh>);
@@ -8247,6 +8610,33 @@ sub auto_crsreq_update {
return \%crsreqresponse;
}
+sub auto_export_grades {
+ my ($cdom,$cnum,$inforef,$gradesref) = @_;
+ my ($homeserver,%exportresponse);
+ if ($cdom =~ /^$match_domain$/) {
+ $homeserver = &domain($cdom,'primary');
+ }
+ unless (($homeserver eq 'no_host') || ($homeserver eq '')) {
+ my $info;
+ if (ref($inforef) eq 'HASH') {
+ $info = &freeze_escape($inforef);
+ }
+ if (ref($gradesref) eq 'HASH') {
+ my $grades = &freeze_escape($gradesref);
+ my $response=&reply('encrypt:autoexportgrades:'.$cdom.':'.$cnum.':'.
+ $info.':'.$grades,$homeserver);
+ unless ($response =~ /(con_lost|error|no_such_host|refused|unknown_command)/) {
+ my @items = split(/&/,$response);
+ foreach my $item (@items) {
+ my ($key,$value) = split('=',$item);
+ $exportresponse{&unescape($key)} = &thaw_unescape($value);
+ }
+ }
+ }
+ }
+ return \%exportresponse;
+}
+
sub check_instcode_cloning {
my ($codedefaults,$code_order,$cloner,$clonefromcode,$clonetocode) = @_;
unless ((ref($codedefaults) eq 'HASH') && (ref($code_order) eq 'ARRAY')) {
@@ -8685,7 +9075,8 @@ sub assignrole {
&courserolelog($role,$uname,$udom,$url,$origstart,$origend,$delflag,
$selfenroll,$context);
} elsif (($role eq 'li') || ($role eq 'dg') || ($role eq 'sc') ||
- ($role eq 'au') || ($role eq 'dc')) {
+ ($role eq 'au') || ($role eq 'dc') || ($role eq 'dh') ||
+ ($role eq 'da')) {
&domainrolelog($role,$uname,$udom,$url,$origstart,$origend,$delflag,
$context);
} elsif (($role eq 'ca') || ($role eq 'aa')) {
@@ -9583,9 +9974,9 @@ sub modify_access_controls {
my $tries = 0;
my $gotlock = &newput('file_permissions',$lockhash,$domain,$user);
- while (($gotlock ne 'ok') && $tries <3) {
+ while (($gotlock ne 'ok') && $tries < 10) {
$tries ++;
- sleep 1;
+ sleep(0.1);
$gotlock = &newput('file_permissions',$lockhash,$domain,$user);
}
if ($gotlock eq 'ok') {
@@ -9878,7 +10269,23 @@ sub dirlist {
foreach my $user (sort(keys(%allusers))) {
push(@alluserslist,$user.'&user');
}
- return (\@alluserslist);
+ if (!%listerror) {
+ # no errors
+ return (\@alluserslist);
+ } elsif (scalar(keys(%servers)) == 1) {
+ # one library server, one error
+ my ($key) = keys(%listerror);
+ return (\@alluserslist, $listerror{$key});
+ } elsif ( grep { $_ eq 'con_lost' } values(%listerror) ) {
+ # con_lost indicates that we might miss data from at least one
+ # library server
+ return (\@alluserslist, 'con_lost');
+ } else {
+ # multiple library servers and no con_lost -> data should be
+ # complete.
+ return (\@alluserslist);
+ }
+
} else {
return ([],'missing username');
}
@@ -10114,7 +10521,7 @@ sub get_userresdata {
# Parameters:
# $name - Course/user name.
# $domain - Name of the domain the user/course is registered on.
-# $type - Type of thing $name is (must be 'course' or 'user'
+# $type - Type of thing $name is (must be 'course' or 'user')
# @which - Array of names of resources desired.
# Returns:
# The value of the first reasource in @which that is found in the
@@ -10133,13 +10540,44 @@ sub resdata {
}
if (!ref($result)) { return $result; }
foreach my $item (@which) {
- if (defined($result->{$item->[0]})) {
- return [$result->{$item->[0]},$item->[1]];
- }
+ if (ref($item) eq 'ARRAY') {
+ if (defined($result->{$item->[0]})) {
+ return [$result->{$item->[0]},$item->[1]];
+ }
+ }
}
return undef;
}
+sub get_domain_ltitools {
+ my ($cdom) = @_;
+ my %ltitools;
+ my ($result,$cached)=&is_cached_new('ltitools',$cdom);
+ if (defined($cached)) {
+ if (ref($result) eq 'HASH') {
+ %ltitools = %{$result};
+ }
+ } else {
+ my %domconfig = &get_dom('configuration',['ltitools'],$cdom);
+ if (ref($domconfig{'ltitools'}) eq 'HASH') {
+ %ltitools = %{$domconfig{'ltitools'}};
+ my %encdomconfig = &get_dom('encconfig',['ltitools'],$cdom);
+ if (ref($encdomconfig{'ltitools'}) eq 'HASH') {
+ foreach my $id (keys(%ltitools)) {
+ if (ref($encdomconfig{'ltitools'}{$id}) eq 'HASH') {
+ foreach my $item ('key','secret') {
+ $ltitools{$id}{$item} = $encdomconfig{'ltitools'}{$id}{$item};
+ }
+ }
+ }
+ }
+ }
+ my $cachetime = 24*60*60;
+ &do_cache_new('ltitools',$cdom,\%ltitools,$cachetime);
+ }
+ return %ltitools;
+}
+
sub get_numsuppfiles {
my ($cnum,$cdom,$ignorecache)=@_;
my $hashid=$cnum.':'.$cdom;
@@ -10594,7 +11032,7 @@ sub metadata {
# if it is a non metadata possible uri return quickly
if (($uri eq '') ||
(($uri =~ m|^/*adm/|) &&
- ($uri !~ m|^adm/includes|) && ($uri !~ m{/(smppg|bulletinboard)$})) ||
+ ($uri !~ m|^adm/includes|) && ($uri !~ m{/(smppg|bulletinboard|ext\.tool)$})) ||
($uri =~ m|/$|) || ($uri =~ m|/.meta$|) || ($uri =~ m{^/*uploaded/.+\.sequence$})) {
return undef;
}
@@ -12126,6 +12564,8 @@ sub clutter {
# &logthis("Got a blank emb style");
}
}
+ } elsif ($thisfn =~ m{^/adm/$match_domain/$match_courseid/\d+/ext\.tool$}) {
+ $thisfn='/adm/wrapper'.$thisfn;
}
return $thisfn;
}
@@ -13161,9 +13601,10 @@ in which case the null string is returne
=item *
-definerole($rolename,$sysrole,$domrole,$courole) : define role; define a custom
-role rolename set privileges in format of lonTabs/roles.tab for system, domain,
-and course level
+definerole($rolename,$sysrole,$domrole,$courole,$uname,$udom) : define role;
+define a custom role rolename set privileges in format of lonTabs/roles.tab
+for system, domain, and course level. $uname and $udom are optional (current
+user's username and domain will be used when either of $uname or $udom are absent.
=item *