--- loncom/lonnet/perl/lonnet.pm 2004/01/15 19:41:00 1.463
+++ loncom/lonnet/perl/lonnet.pm 2004/05/27 22:25:16 1.504
@@ -1,7 +1,7 @@
# The LearningOnline Network
# TCP networking package
#
-# $Id: lonnet.pm,v 1.463 2004/01/15 19:41:00 albertel Exp $
+# $Id: lonnet.pm,v 1.504 2004/05/27 22:25:16 albertel Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -32,6 +32,8 @@ package Apache::lonnet;
use strict;
use LWP::UserAgent();
use HTTP::Headers;
+use HTTP::Date;
+# use Date::Parse;
use vars
qw(%perlvar %hostname %homecache %badServerCache %hostip %iphost %spareid %hostdom
%libserv %pr %prp %metacache %packagetab %titlecache %courseresversioncache %resversioncache
@@ -377,7 +379,12 @@ sub delenv {
return 'error: '.$!;
}
foreach (@oldenv) {
- unless ($_=~/^$delthis/) { print $fh $_; }
+ if ($_=~/^$delthis/) {
+ my ($key,undef) = split('=',$_);
+ delete($ENV{$key});
+ } else {
+ print $fh $_;
+ }
}
close($fh);
}
@@ -427,7 +434,7 @@ sub overloaderror {
if ($overload>0) {
$r->err_headers_out->{'Retry-After'}=$overload;
$r->log_error('Overload of '.$overload.' on '.$checkserver);
- return 413;
+ return 409;
}
return '';
}
@@ -524,38 +531,21 @@ sub authenticate {
my ($uname,$upass,$udom)=@_;
$upass=escape($upass);
$uname=~s/\W//g;
- if (($perlvar{'lonRole'} eq 'library') &&
- ($udom eq $perlvar{'lonDefDomain'})) {
- my $answer=reply("encrypt:auth:$udom:$uname:$upass",$perlvar{'lonHostID'});
- if ($answer =~ /authorized/) {
- if ($answer eq 'authorized') {
- &logthis("User $uname at $udom authorized by local server");
- return $perlvar{'lonHostID'};
- }
- if ($answer eq 'non_authorized') {
- &logthis("User $uname at $udom rejected by local server");
- return 'no_host';
- }
- }
+ my $uhome=&homeserver($uname,$udom);
+ if (!$uhome) {
+ &logthis("User $uname at $udom is unknown in authenticate");
+ return 'no_host';
}
-
- my $tryserver;
- foreach $tryserver (keys %libserv) {
- if ($hostdom{$tryserver} eq $udom) {
- my $answer=reply("encrypt:auth:$udom:$uname:$upass",$tryserver);
- if ($answer =~ /authorized/) {
- if ($answer eq 'authorized') {
- &logthis("User $uname at $udom authorized by $tryserver");
- return $tryserver;
- }
- if ($answer eq 'non_authorized') {
- &logthis("User $uname at $udom rejected by $tryserver");
- return 'no_host';
- }
- }
- }
+ my $answer=reply("encrypt:auth:$udom:$uname:$upass",$uhome);
+ if ($answer eq 'authorized') {
+ &logthis("User $uname at $udom authorized by $uhome");
+ return $uhome;
+ }
+ if ($answer eq 'non_authorized') {
+ &logthis("User $uname at $udom rejected by $uhome");
+ return 'no_host';
}
- &logthis("User $uname at $udom could not be authenticated");
+ &logthis("User $uname at $udom threw error $answer when checking authentication mechanism");
return 'no_host';
}
@@ -627,6 +617,7 @@ sub idput {
my ($udom,%ids)=@_;
my %servers=();
foreach (keys %ids) {
+ &cput('environment',{'id'=>$ids{$_}},$udom,$_);
my $uhom=&homeserver($_,$udom);
if ($uhom ne 'no_host') {
my $id=&escape($ids{$_});
@@ -637,7 +628,6 @@ sub idput {
} else {
$servers{$uhom}=$id.'='.$unam;
}
- &critical('put:'.$udom.':'.$unam.':environment:id='.$id,$uhom);
}
}
foreach (keys %servers) {
@@ -652,24 +642,28 @@ sub assign_access_key {
# a valid key looks like uname:udom#comments
# comments are being appended
#
- my ($ckey,$cdom,$cnum,$udom,$uname,$logentry)=@_;
+ my ($ckey,$kdom,$knum,$cdom,$cnum,$udom,$uname,$logentry)=@_;
+ $kdom=
+ $ENV{'course.'.$ENV{'request.course.id'}.'.domain'} unless (defined($kdom));
+ $knum=
+ $ENV{'course.'.$ENV{'request.course.id'}.'.num'} unless (defined($knum));
$cdom=
$ENV{'course.'.$ENV{'request.course.id'}.'.domain'} unless (defined($cdom));
$cnum=
$ENV{'course.'.$ENV{'request.course.id'}.'.num'} unless (defined($cnum));
$udom=$ENV{'user.name'} unless (defined($udom));
$uname=$ENV{'user.domain'} unless (defined($uname));
- my %existing=&get('accesskeys',[$ckey],$cdom,$cnum);
+ my %existing=&get('accesskeys',[$ckey],$kdom,$knum);
if (($existing{$ckey}=~/^\#(.*)$/) || # - new key
- ($existing{$ckey}=~/^$uname\:$udom\#(.*)$/)) {
+ ($existing{$ckey}=~/^\Q$uname\E\:\Q$udom\E\#(.*)$/)) {
# assigned to this person
# - this should not happen,
# unless something went wrong
# the first time around
# ready to assign
$logentry=$1.'; '.$logentry;
- if (&put('accesskey',{$ckey=>$uname.':'.$udom.'#'.$logentry},
- $cdom,$cnum) eq 'ok') {
+ if (&put('accesskeys',{$ckey=>$uname.':'.$udom.'#'.$logentry},
+ $kdom,$knum) eq 'ok') {
# key now belongs to user
my $envkey='key.'.$cdom.'_'.$cnum;
if (&put('environment',{$envkey => $ckey}) eq 'ok') {
@@ -765,10 +759,10 @@ sub validate_access_key {
$ENV{'course.'.$ENV{'request.course.id'}.'.domain'} unless (defined($cdom));
$cnum=
$ENV{'course.'.$ENV{'request.course.id'}.'.num'} unless (defined($cnum));
- $udom=$ENV{'user.name'} unless (defined($udom));
- $uname=$ENV{'user.domain'} unless (defined($uname));
+ $udom=$ENV{'user.domain'} unless (defined($udom));
+ $uname=$ENV{'user.name'} unless (defined($uname));
my %existing=&get('accesskeys',[$ckey],$cdom,$cnum);
- return ($existing{$ckey}=~/^$uname\:$udom\#/);
+ return ($existing{$ckey}=~/^\Q$uname\E\:\Q$udom\E\#/);
}
# ------------------------------------- Find the section of student in a course
@@ -796,7 +790,7 @@ sub getsection {
&homeserver($unam,$udom)))) {
my ($key,$value)=split(/\=/,$_);
$key=&unescape($key);
- next if ($key !~/^$courseid(?:\/)*(\w+)*\_st$/);
+ next if ($key !~/^\Q$courseid\E(?:\/)*(\w+)*\_st$/);
my $section=$1;
if ($key eq $courseid.'_st') { $section=''; }
my ($dummy,$end,$start)=split(/\_/,&unescape($value));
@@ -975,7 +969,7 @@ sub usection {
&homeserver($unam,$udom)))) {
my ($key,$value)=split(/\=/,$_);
$key=&unescape($key);
- if ($key=~/^$courseid(?:\/)*(\w+)*\_st$/) {
+ if ($key=~/^\Q$courseid\E(?:\/)*(\w+)*\_st$/) {
my $section=$1;
if ($key eq $courseid.'_st') { $section=''; }
my ($dummy,$end,$start)=split(/\_/,&unescape($value));
@@ -1175,30 +1169,107 @@ sub externalssi {
return $response->content;
}
-# ------- Add a token to a remote URI's query string to vouch for access rights
+# -------------------------------- Allow a /uploaded/ URI to be vouched for
-sub tokenwrapper {
- my $uri=shift;
- $uri=~s/^http\:\/\/([^\/]+)//;
- $uri=~s/^\///;
- $ENV{'user.environment'}=~/\/([^\/]+)\.id/;
- my $token=$1;
- if ($uri=~/^uploaded\/([^\/]+)\/([^\/]+)\/([^\/]+)(\?\.*)*$/) {
- &appenv('userfile.'.$1.'/'.$2.'/'.$3 => $ENV{'request.course.id'});
- return 'http://'.$hostname{ &homeserver($2,$1)}.'/'.$uri.
- (($uri=~/\?/)?'&':'?').'token='.$token.
- '&tokenissued='.$perlvar{'lonHostID'};
+sub allowuploaded {
+ my ($srcurl,$url)=@_;
+ $url=&clutter(&declutter($url));
+ my $dir=$url;
+ $dir=~s/\/[^\/]+$//;
+ my %httpref=();
+ my $httpurl=&hreflocation('',$url);
+ $httpref{'httpref.'.$httpurl}=$srcurl;
+ &Apache::lonnet::appenv(%httpref);
+}
+
+# --------- File operations in /home/httpd/html/userfiles/$domain/1/2/3/$course
+# input: action, courseID, current domain, home server for course, intended
+# path to file, source of file.
+# output: url to file (if action was uploaddoc),
+# ok if successful, or diagnostic message otherwise (if action was propagate or copy)
+#
+# Allows directory structure to be used within lonUsers/../userfiles/ for a
+# course.
+#
+# action = propagate - /home/httpd/html/userfiles/$domain/1/2/3/$course/$file
+# will be copied to /home/httpd/lonUsers/1/2/3/$course/userfiles in
+# course's home server.
+#
+# action = copy - /home/httpd/html/userfiles/$domain/1/2/3/$course/$file will
+# be copied from $source (current location) to
+# /home/httpd/html/userfiles/$domain/1/2/3/$course/$file
+# and will then be copied to
+# /home/httpd/lonUsers/$domain/1/2/3/$course/userfiles/$file in
+# course's home server.
+#
+# action = uploaddoc - /home/httpd/html/userfiles/$domain/1/2/3/$course/$file
+# will be retrived from $ENV{form.uploaddoc} (from DOCS interface) to
+# /home/httpd/html/userfiles/$domain/1/2/3/$course/$file
+# and will then be copied to /home/httpd/lonUsers/1/2/3/$course/userfiles/$file
+# in course's home server.
+
+
+sub process_coursefile {
+ my ($action,$docuname,$docudom,$docuhome,$file,$source)=@_;
+ my $fetchresult;
+ if ($action eq 'propagate') {
+ $fetchresult= &reply('fetchuserfile:'.$docudom.'/'.$docuname.'/'.$file
+ ,$docuhome);
} else {
- return '/adm/notfound.html';
+ my $fetchresult = '';
+ my $fpath = '';
+ my $fname = $file;
+ ($fpath,$fname) = ($file =~ m|^(.*)/([^/]+)$|);
+ $fpath=$docudom.'/'.$docuname.'/'.$fpath;
+ my $filepath=$perlvar{'lonDocRoot'}.'/userfiles';
+ unless ($fpath eq '') {
+ my @parts=split('/',$fpath);
+ foreach my $part (@parts) {
+ $filepath.= '/'.$part;
+ if ((-e $filepath)!=1) {
+ mkdir($filepath,0777);
+ }
+ }
+ }
+ if ($action eq 'copy') {
+ if ($source eq '') {
+ $fetchresult = 'no source file';
+ return $fetchresult;
+ } else {
+ my $destination = $filepath.'/'.$fname;
+ rename($source,$destination);
+ $fetchresult= &reply('fetchuserfile:'.$docudom.'/'.$docuname.'/'.$file,
+ $docuhome);
+ }
+ } elsif ($action eq 'uploaddoc') {
+ open(my $fh,'>'.$filepath.'/'.$fname);
+ print $fh $ENV{'form.'.$source};
+ close($fh);
+ $fetchresult= &reply('fetchuserfile:'.$docudom.'/'.$docuname.'/'.$file,
+ $docuhome);
+ if ($fetchresult eq 'ok') {
+ return '/uploaded/'.$fpath.'/'.$fname;
+ } else {
+ &logthis('Failed to transfer '.$docudom.'/'.$docuname.'/'.$file.
+ ' to host '.$docuhome.': '.$fetchresult);
+ return '/adm/notfound.html';
+ }
+ }
+ }
+ unless ( $fetchresult eq 'ok') {
+ &logthis('Failed to transfer '.$docudom.'/'.$docuname.'/'.$file.
+ ' to host '.$docuhome.': '.$fetchresult);
}
+ return $fetchresult;
}
-
+
# --------------- Take an uploaded file and put it into the userfiles directory
# input: name of form element, coursedoc=1 means this is for the course
# output: url of file in userspace
sub userfileupload {
- my ($formname,$coursedoc)=@_;
+ my ($formname,$coursedoc,$subdir)=@_;
+ if (!defined($subdir)) { $subdir='unknown'; }
my $fname=$ENV{'form.'.$formname.'.filename'};
# Replace Windows backslashes by forward slashes
$fname=~s/\\/\//g;
@@ -1215,23 +1286,35 @@ sub userfileupload {
my $docuname='';
my $docudom='';
my $docuhome='';
+ $fname="$subdir/$fname";
if ($coursedoc) {
$docuname=$ENV{'course.'.$ENV{'request.course.id'}.'.num'};
$docudom=$ENV{'course.'.$ENV{'request.course.id'}.'.domain'};
$docuhome=$ENV{'course.'.$ENV{'request.course.id'}.'.home'};
+ if ($ENV{'form.folder'} =~ m/^default/) {
+ return &finishuserfileupload($docuname,$docudom,$docuhome,$formname,$fname);
+ } else {
+ $fname=$ENV{'form.folder'}.'/'.$fname;
+ return &process_coursefile('uploaddoc',$docuname,$docudom,$docuhome,$fname,$formname);
+ }
} else {
$docuname=$ENV{'user.name'};
$docudom=$ENV{'user.domain'};
$docuhome=$ENV{'user.home'};
+ return &finishuserfileupload($docuname,$docudom,$docuhome,$formname,$fname);
}
- return
- &finishuserfileupload($docuname,$docudom,$docuhome,$formname,$fname);
}
sub finishuserfileupload {
my ($docuname,$docudom,$docuhome,$formname,$fname)=@_;
my $path=$docudom.'/'.$docuname.'/';
my $filepath=$perlvar{'lonDocRoot'};
+ my ($fnamepath,$file);
+ $file=$fname;
+ if ($fname=~m|/|) {
+ ($fnamepath,$file) = ($fname =~ m|^(.*)/([^/]+)$|);
+ $path.=$fnamepath.'/';
+ }
my @parts=split(/\//,$filepath.'/userfiles/'.$path);
my $count;
for ($count=4;$count<=$#parts;$count++) {
@@ -1242,26 +1325,37 @@ sub finishuserfileupload {
}
# Save the file
{
- open(my $fh,'>'.$filepath.'/'.$fname);
+ #&Apache::lonnet::logthis("Saving to $filepath $file");
+ open(my $fh,'>'.$filepath.'/'.$file);
print $fh $ENV{'form.'.$formname};
close($fh);
}
# Notify homeserver to grep it
#
-
- my $fetchresult=
- &reply('fetchuserfile:'.$docudom.'/'.$docuname.'/'.$fname,$docuhome);
+ my $fetchresult= &reply('fetchuserfile:'.$path.$file,$docuhome);
if ($fetchresult eq 'ok') {
#
# Return the URL to it
- return '/uploaded/'.$path.$fname;
+ return '/uploaded/'.$path.$file;
} else {
- &logthis('Failed to transfer '.$docudom.'/'.$docuname.'/'.$fname.
- ' to host '.$docuhome.': '.$fetchresult);
+ &logthis('Failed to transfer '.$path.$file.' to host '.$docuhome.
+ ': '.$fetchresult);
return '/adm/notfound.html';
}
}
+sub removeuploadedurl {
+ my ($url)=@_;
+ my (undef,undef,$udom,$uname,$fname)=split('/',$url,5);
+ return &Apache::lonnet::removeuserfile($uname,$udom,$fname);
+}
+
+sub removeuserfile {
+ my ($docuname,$docudom,$fname)=@_;
+ my $home=&homeserver($docuname,$docudom);
+ return &reply("removeuserfile:$docudom/$docuname/$fname",$home);
+}
+
# ------------------------------------------------------------------------- Log
sub log {
@@ -1424,7 +1518,7 @@ sub userrolelog {
my ($trole,$username,$domain,$area,$tstart,$tend)=@_;
if (($trole=~/^ca/) || ($trole=~/^in/) ||
($trole=~/^cc/) || ($trole=~/^ep/) ||
- ($trole=~/^cr/)) {
+ ($trole=~/^cr/) || ($trole=~/^ta/)) {
my (undef,$rudom,$runame,$rsec)=split(/\//,$area);
$userrolehash
{$trole.':'.$username.':'.$domain.':'.$runame.':'.$rudom.':'.$rsec}
@@ -1436,6 +1530,10 @@ sub get_course_adv_roles {
my $cid=shift;
$cid=$ENV{'request.course.id'} unless (defined($cid));
my %coursehash=&coursedescription($cid);
+ my %nothide=();
+ foreach (split(/\s*\,\s*/,$coursehash{'nothideprivileged'})) {
+ $nothide{join(':',split(/[\@\:]/,$_))}=1;
+ }
my %returnhash=();
my %dumphash=
&dump('nohist_userroles',$coursehash{'domain'},$coursehash{'num'});
@@ -1446,6 +1544,8 @@ sub get_course_adv_roles {
if (($tend) && ($tend<$now)) { next; }
if (($tstart) && ($now<$tstart)) { next; }
my ($role,$username,$domain,$section)=split(/\:/,$_);
+ if ((&privileged($username,$domain)) &&
+ (!$nothide{$username.':'.$domain})) { next; }
my $key=&plaintext($role);
if ($section) { $key.=' (Sec/Grp '.$section.')'; }
if ($returnhash{$key}) {
@@ -1538,6 +1638,24 @@ sub courseiddump {
#
# ----------------------------------------------------------- Check out an item
+sub get_first_access {
+ my ($type,$argsymb)=@_;
+ my ($symb,$courseid,$udom,$uname)=&Apache::lonxml::whichuser();
+ if ($argsymb) { $symb=$argsymb; }
+ my ($map,$id,$res)=&decode_symb($symb);
+ if ($type eq 'map') { $res=$map; }
+ my %times=&get('firstaccesstimes',[$res],$udom,$uname);
+ return $times{$res};
+}
+
+sub set_first_access {
+ my ($type)=@_;
+ my ($symb,$courseid,$udom,$uname)=&Apache::lonxml::whichuser();
+ my ($map,$id,$res)=&decode_symb($symb);
+ if ($type eq 'map') { $res=$map; }
+ return &put('firstaccesstimes',{$res=>time},$udom,$uname);
+}
+
sub checkout {
my ($symb,$tuname,$tudom,$tcrsid)=@_;
my $now=time;
@@ -1716,7 +1834,7 @@ sub hash2str {
sub hashref2str {
my ($hashref)=@_;
my $result='__HASH_REF__';
- foreach (keys(%$hashref)) {
+ foreach (sort(keys(%$hashref))) {
if (ref($_) eq 'ARRAY') {
$result.=&arrayref2str($_).'=';
} elsif (ref($_) eq 'HASH') {
@@ -2577,14 +2695,14 @@ sub allowed {
# Course
- if ($ENV{'user.priv.'.$ENV{'request.role'}.'./'}=~/$priv\&([^\:]*)/) {
+ if ($ENV{'user.priv.'.$ENV{'request.role'}.'./'}=~/\Q$priv\E\&([^\:]*)/) {
$thisallowed.=$1;
}
# Domain
if ($ENV{'user.priv.'.$ENV{'request.role'}.'./'.(split(/\//,$uri))[0].'/'}
- =~/$priv\&([^\:]*)/) {
+ =~/\Q$priv\E\&([^\:]*)/) {
$thisallowed.=$1;
}
@@ -2594,16 +2712,21 @@ sub allowed {
$courseuri=~s/^([^\/])/\/$1/;
if ($ENV{'user.priv.'.$ENV{'request.role'}.'.'.$courseuri}
- =~/$priv\&([^\:]*)/) {
+ =~/\Q$priv\E\&([^\:]*)/) {
$thisallowed.=$1;
}
# URI is an uploaded document for this course
- if (($priv eq 'bre') &&
- ($uri=~/^uploaded\/$ENV{'course.'.$ENV{'request.course.id'}.'.domain'}\/$ENV{'course.'.$ENV{'request.course.id'}.'.num'}/)) {
- return 'F';
+ if (($priv eq 'bre') && ($uri=~m|^uploaded/|)) {
+ my $refuri=$ENV{'httpref.'.$orguri};
+ if ($refuri) {
+ if ($refuri =~ m|^/adm/|) {
+ $thisallowed='F';
+ }
+ }
}
+
# Full access at system, domain or course-wide level? Exit.
if ($thisallowed=~/F/) {
@@ -2612,7 +2735,7 @@ sub allowed {
# If this is generating or modifying users, exit with special codes
- if (':csu:cdc:ccc:cin:cta:cep:ccr:cst:cad:cli:cau:cdg:cca:'=~/\:$priv\:/) {
+ if (':csu:cdc:ccc:cin:cta:cep:ccr:cst:cad:cli:cau:cdg:cca:'=~/\:\Q$priv\E\:/) {
return $thisallowed;
}
#
@@ -2633,7 +2756,7 @@ sub allowed {
if ($match) {
$statecond=$cond;
if ($ENV{'user.priv.'.$ENV{'request.role'}.'./'.$courseprivid}
- =~/$priv\&([^\:]*)/) {
+ =~/\Q$priv\E\&([^\:]*)/) {
$thisallowed.=$1;
$checkreferer=0;
}
@@ -2661,7 +2784,7 @@ sub allowed {
if ($match) {
my $refstatecond=$cond;
if ($ENV{'user.priv.'.$ENV{'request.role'}.'./'.$courseprivid}
- =~/$priv\&([^\:]*)/) {
+ =~/\Q$priv\E\&([^\:]*)/) {
$thisallowed.=$1;
$uri=$refuri;
$statecond=$refstatecond;
@@ -2714,7 +2837,7 @@ sub allowed {
if ((time-$ENV{$prefix.'last_cache'})>$expiretime) {
&coursedescription($courseid);
}
- if (($ENV{$prefix.'res.'.$uri.'.lock.sections'}=~/\,$csec\,/)
+ if (($ENV{$prefix.'res.'.$uri.'.lock.sections'}=~/\,\Q$csec\E\,/)
|| ($ENV{$prefix.'res.'.$uri.'.lock.sections'} eq 'all')) {
if ($ENV{$prefix.'res.'.$uri.'.lock.expire'}>time) {
&log($ENV{'user.domain'},$ENV{'user.name'},
@@ -2725,7 +2848,7 @@ sub allowed {
return '';
}
}
- if (($ENV{$prefix.'priv.'.$priv.'.lock.sections'}=~/\,$csec\,/)
+ if (($ENV{$prefix.'priv.'.$priv.'.lock.sections'}=~/\,\Q$csec\E\,/)
|| ($ENV{$prefix.'priv.'.$priv.'.lock.sections'} eq 'all')) {
if ($ENV{'priv.'.$priv.'.lock.expire'}>time) {
&log($ENV{'user.domain'},$ENV{'user.name'},
@@ -2759,7 +2882,7 @@ sub allowed {
my $rolecode=(split(/\./,$ENV{'request.role'}))[0];
my $unamedom=$ENV{'user.name'}.':'.$ENV{'user.domain'};
if ($ENV{'course.'.$ENV{'request.course.id'}.'.'.$priv.'.roles.denied'}
- =~/$rolecode/) {
+ =~/\Q$rolecode\E/) {
&log($ENV{'user.domain'},$ENV{'user.name'},$ENV{'user.host'},
'Denied by role: '.$priv.' for '.$uri.' as '.$rolecode.' in '.
$ENV{'request.course.id'});
@@ -2767,7 +2890,7 @@ sub allowed {
}
if ($ENV{'course.'.$ENV{'request.course.id'}.'.'.$priv.'.users.denied'}
- =~/$unamedom/) {
+ =~/\Q$unamedom\E/) {
&log($ENV{'user.domain'},$ENV{'user.name'},$ENV{'user.host'},
'Denied by user: '.$priv.' for '.$uri.' as '.$unamedom.' in '.
$ENV{'request.course.id'});
@@ -2779,7 +2902,7 @@ sub allowed {
if ($thisallowed=~/R/) {
my $rolecode=(split(/\./,$ENV{'request.role'}))[0];
- if (&metadata($uri,'roledeny')=~/$rolecode/) {
+ if (&metadata($uri,'roledeny')=~/\Q$rolecode\E/) {
&log($ENV{'user.domain'},$ENV{'user.name'},$ENV{'user.host'},
'Denied by role: '.$priv.' for '.$uri.' as '.$rolecode);
return '';
@@ -2791,7 +2914,7 @@ sub allowed {
if ($thisallowed=~/X/) {
if ($ENV{'acc.randomout'}) {
my $symb=&symbread($uri,1);
- if (($symb) && ($ENV{'acc.randomout'}=~/\&$symb\&/)) {
+ if (($symb) && ($ENV{'acc.randomout'}=~/\&\Q$symb\E\&/)) {
return '';
}
}
@@ -2855,27 +2978,27 @@ sub definerole {
my ($rolename,$sysrole,$domrole,$courole)=@_;
foreach (split(':',$sysrole)) {
my ($crole,$cqual)=split(/\&/,$_);
- if ($pr{'cr:s'}!~/$crole/) { return "refused:s:$crole"; }
- if ($pr{'cr:s'}=~/$crole\&/) {
- if ($pr{'cr:s'}!~/$crole\&\w*$cqual/) {
+ if ($pr{'cr:s'}!~/\Q$crole\E/) { return "refused:s:$crole"; }
+ if ($pr{'cr:s'}=~/\Q$crole\E\&/) {
+ if ($pr{'cr:s'}!~/\Q$crole\E\&\w*\Q$cqual\E/) {
return "refused:s:$crole&$cqual";
}
}
}
foreach (split(':',$domrole)) {
my ($crole,$cqual)=split(/\&/,$_);
- if ($pr{'cr:d'}!~/$crole/) { return "refused:d:$crole"; }
- if ($pr{'cr:d'}=~/$crole\&/) {
- if ($pr{'cr:d'}!~/$crole\&\w*$cqual/) {
+ if ($pr{'cr:d'}!~/\Q$crole\E/) { return "refused:d:$crole"; }
+ if ($pr{'cr:d'}=~/\Q$crole\E\&/) {
+ if ($pr{'cr:d'}!~/\Q$crole\W\&\w*\Q$cqual\E/) {
return "refused:d:$crole&$cqual";
}
}
}
foreach (split(':',$courole)) {
my ($crole,$cqual)=split(/\&/,$_);
- if ($pr{'cr:c'}!~/$crole/) { return "refused:c:$crole"; }
- if ($pr{'cr:c'}=~/$crole\&/) {
- if ($pr{'cr:c'}!~/$crole\&\w*$cqual/) {
+ if ($pr{'cr:c'}!~/\Q$crole\E/) { return "refused:c:$crole"; }
+ if ($pr{'cr:c'}=~/\Q$crole\E\&/) {
+ if ($pr{'cr:c'}!~/\Q$crole\E\&\w*\Q$cqual\E/) {
return "refused:c:$crole&$cqual";
}
}
@@ -2922,7 +3045,7 @@ sub log_query {
my $command=&escape(join(':',map{$_.'='.$filters{$_}} keys %filters));
my $queryid=&reply("querysend:".$query.':'.$udom.':'.$uname.':'.$command,
$uhome);
- unless ($queryid=~/^$uhost\_/) { return 'error: '.$queryid; }
+ unless ($queryid=~/^\Q$uhost\E\_/) { return 'error: '.$queryid; }
return get_query_reply($queryid);
}
@@ -3225,9 +3348,10 @@ sub modify_student_enrollment {
}
my $fullname = &Apache::loncoursedata::ProcessFullName($last,$gene,
$first,$middle);
- my $value=&escape($uname.':'.$udom).'='.
- &escape(join(':',$end,$start,$uid,$usec,$fullname,$type));
- my $reply=critical('put:'.$cdom.':'.$cnum.':classlist:'.$value,$chome);
+ my $reply=cput('classlist',
+ {"$uname:$udom" =>
+ join(':',$end,$start,$uid,$usec,$fullname,$type) },
+ $cdom,$cnum);
unless (($reply eq 'ok') || ($reply eq 'delayed')) {
return 'error: '.$reply;
}
@@ -3821,10 +3945,11 @@ sub packages_tab_default {
my $packages=&metadata($uri,'packages');
foreach my $package (split(/,/,$packages)) {
my ($pack_type,$pack_part)=split(/_/,$package,2);
- if ($pack_part eq $part) {
- if (defined($packagetab{"$pack_type&$name&default"})) {
- return $packagetab{"$pack_type&$name&default"};
- }
+ if (defined($packagetab{"$pack_type&$name&default"})) {
+ return $packagetab{"$pack_type&$name&default"};
+ }
+ if (defined($packagetab{$pack_type."_".$pack_part."&$name&default"})) {
+ return $packagetab{$pack_type."_".$pack_part."&$name&default"};
}
}
return undef;
@@ -3855,7 +3980,7 @@ sub metadata {
if (($uri eq '') || (($uri =~ m|^/*adm/|) && ($uri !~ m|^adm/includes|)) ||
($uri =~ m|/$|) || ($uri =~ m|/.meta$|) || ($uri =~ /^~/) ||
($uri =~ m|home/[^/]+/public_html/|)) {
- return '';
+ return undef;
}
my $filename=$uri;
$uri=~s/\.meta$//;
@@ -3883,7 +4008,10 @@ sub metadata {
}
my %metathesekeys=();
unless ($filename=~/\.meta$/) { $filename.='.meta'; }
- my $metastring=&getfile(&filelocation('',&clutter($filename)));
+ my $metastring;
+ if ($uri !~ m|^uploaded/|) {
+ $metastring=&getfile(&filelocation('',&clutter($filename)));
+ }
my $parser=HTML::LCParser->new(\$metastring);
my $token;
undef %metathesekeys;
@@ -3994,6 +4122,22 @@ sub metadata {
# the next is the end of "start tag"
}
}
+ my ($extension) = ($uri =~ /\.(\w+)$/);
+ foreach my $key (sort(keys(%packagetab))) {
+ #&logthis("extsion1 $extension $key !!");
+ #no specific packages #how's our extension
+ if ($key!~/^extension_\Q$extension\E&/) { next; }
+ &metadata_create_package_def($uri,$key,'extension_'.$extension,
+ \%metathesekeys);
+ }
+ if (!exists($metacache{$uri}->{':packages'})) {
+ foreach my $key (sort(keys(%packagetab))) {
+ #no specific packages well let's get default then
+ if ($key!~/^default&/) { next; }
+ &metadata_create_package_def($uri,$key,'default',
+ \%metathesekeys);
+ }
+ }
# are there custom rights to evaluate
if ($metacache{$uri}->{':copyright'} eq 'custom') {
@@ -4022,6 +4166,30 @@ sub metadata {
return $metacache{$uri}->{':'.$what};
}
+sub metadata_create_package_def {
+ my ($uri,$key,$package,$metathesekeys)=@_;
+ my ($pack,$name,$subp)=split(/\&/,$key);
+ if ($subp eq 'default') { next; }
+
+ if (defined($metacache{$uri}->{':packages'})) {
+ $metacache{$uri}->{':packages'}.=','.$package;
+ } else {
+ $metacache{$uri}->{':packages'}=$package;
+ }
+ my $value=$packagetab{$key};
+ my $unikey;
+ $unikey='parameter_0_'.$name;
+ $metacache{$uri}->{':'.$unikey.'.part'}=0;
+ $$metathesekeys{$unikey}=1;
+ unless (defined($metacache{$uri}->{':'.$unikey.'.'.$subp})) {
+ $metacache{$uri}->{':'.$unikey.'.'.$subp}=$value;
+ }
+ if (defined($metacache{$uri}->{':'.$unikey.'.default'})) {
+ $metacache{$uri}->{':'.$unikey}=
+ $metacache{$uri}->{':'.$unikey.'.default'};
+ }
+}
+
sub metadata_generate_part0 {
my ($metadata,$metacache,$uri) = @_;
my %allnames;
@@ -4045,7 +4213,7 @@ sub metadata_generate_part0 {
my $olddis=$$metacache{':parameter_'.$allnames{$name}.'_'.$name.
'.display'};
my $expr='\\[Part: '.$allnames{$name}.'\\]';
- $olddis=~s/$expr/\[Part: 0\]/;
+ $olddis=~s/\Q$expr\E/\[Part: 0\]/;
$$metacache{"$key.display"}=$olddis;
}
}
@@ -4214,9 +4382,13 @@ sub symbread {
my %bighash;
my $syval='';
if (($ENV{'request.course.fn'}) && ($thisfn)) {
+ my $targetfn = $thisfn;
+ if ( ($thisfn =~ m/^uploaded\//) && ($thisfn !~ m/\.(page|sequence)$/) ) {
+ $targetfn = 'adm/wrapper/'.$thisfn;
+ }
if (tie(%hash,'GDBM_File',$ENV{'request.course.fn'}.'_symb.db',
&GDBM_READER(),0640)) {
- $syval=$hash{$thisfn};
+ $syval=$hash{$targetfn};
untie(%hash);
}
# ---------------------------------------------------------- There was an entry
@@ -4268,7 +4440,7 @@ sub symbread {
}
}
untie(%bighash)
- }
+ }
}
if ($syval) {
return &symbclean($syval.'___'.$thisfn);
@@ -4292,8 +4464,41 @@ sub numval {
return int($txt);
}
+sub numval2 {
+ my $txt=shift;
+ $txt=~tr/A-J/0-9/;
+ $txt=~tr/a-j/0-9/;
+ $txt=~tr/K-T/0-9/;
+ $txt=~tr/k-t/0-9/;
+ $txt=~tr/U-Z/0-5/;
+ $txt=~tr/u-z/0-5/;
+ $txt=~s/\D//g;
+ my @txts=split(/(\d\d\d\d\d\d\d\d\d)/,$txt);
+ my $total;
+ foreach my $val (@txts) { $total+=$val; }
+ return int($total);
+}
+
sub latest_rnd_algorithm_id {
- return '64bit2';
+ return '64bit3';
+}
+
+sub get_rand_alg {
+ my ($courseid)=@_;
+ if (!$courseid) { $courseid=(&Apache::lonxml::whichuser())[1]; }
+ if ($courseid) {
+ return $ENV{"course.$courseid.rndseed"};
+ }
+ return &latest_rnd_algorithm_id();
+}
+
+sub getCODE {
+ if (defined($ENV{'form.CODE'})) { return $ENV{'form.CODE'}; }
+ if (defined($Apache::lonhomework::parsing_a_problem) &&
+ defined($Apache::lonhomework::history{'resource.CODE'})) {
+ return $Apache::lonhomework::history{'resource.CODE'};
+ }
+ return undef;
}
sub rndseed {
@@ -4306,10 +4511,11 @@ sub rndseed {
if (!$courseid) { $courseid=$wcourseid; }
if (!$domain) { $domain=$wdomain; }
if (!$username) { $username=$wusername }
- my $which=$ENV{"course.$courseid.rndseed"};
- my $CODE=$ENV{'scantron.CODE'};
- if (defined($CODE)) {
- &rndseed_CODE_64bit($symb,$courseid,$domain,$username);
+ my $which=&get_rand_alg();
+ if (defined(&getCODE())) {
+ return &rndseed_CODE_64bit($symb,$courseid,$domain,$username);
+ } elsif ($which eq '64bit3') {
+ return &rndseed_64bit3($symb,$courseid,$domain,$username);
} elsif ($which eq '64bit2') {
return &rndseed_64bit2($symb,$courseid,$domain,$username);
} elsif ($which eq '64bit') {
@@ -4377,75 +4583,215 @@ sub rndseed_64bit2 {
}
}
+sub rndseed_64bit3 {
+ my ($symb,$courseid,$domain,$username)=@_;
+ {
+ use integer;
+ # strings need to be an even # of cahracters long, it it is odd the
+ # last characters gets thrown away
+ my $symbchck=unpack("%32S*",$symb.' ') << 21;
+ my $symbseed=numval2($symb) << 10;
+ my $namechck=unpack("%32S*",$username.' ');
+
+ my $nameseed=numval2($username) << 21;
+ my $domainseed=unpack("%32S*",$domain.' ') << 10;
+ my $courseseed=unpack("%32S*",$courseid.' ');
+
+ my $num1=$symbchck+$symbseed+$namechck;
+ my $num2=$nameseed+$domainseed+$courseseed;
+ #&Apache::lonxml::debug("$symbseed:$nameseed;$domainseed|$courseseed;$namechck:$symbchck");
+ #&Apache::lonxml::debug("rndseed :$num:$symb");
+ return "$num1:$num2";
+ }
+}
+
sub rndseed_CODE_64bit {
my ($symb,$courseid,$domain,$username)=@_;
{
use integer;
my $symbchck=unpack("%32S*",$symb.' ') << 16;
- my $symbseed=numval($symb);
- my $CODEseed=numval($ENV{'scantron.CODE'}) << 16;
+ my $symbseed=numval2($symb);
+ my $CODEchck=unpack("%32S*",&getCODE().' ') << 16;
+ my $CODEseed=numval(&getCODE());
my $courseseed=unpack("%32S*",$courseid.' ');
- my $num1=$symbseed+$CODEseed;
- my $num2=$courseseed+$symbchck;
- #&Apache::lonxml::debug("$symbseed:$CODEseed|$courseseed:$symbchck");
+ my $num1=$symbseed+$CODEchck;
+ my $num2=$CODEseed+$courseseed+$symbchck;
+ #&Apache::lonxml::debug("$symbseed:$CODEchck|$CODEseed:$courseseed:$symbchck");
#&Apache::lonxml::debug("rndseed :$num1:$num2:$symb");
- return "$num1,$num2";
+ return "$num1:$num2";
}
}
sub setup_random_from_rndseed {
my ($rndseed)=@_;
- if ($rndseed =~/,/) {
- my ($num1,$num2)=split(/,/,$rndseed);
+ if ($rndseed =~/([,:])/) {
+ my ($num1,$num2)=split(/[,:]/,$rndseed);
&Math::Random::random_set_seed(abs($num1),abs($num2));
} else {
&Math::Random::random_set_seed_from_phrase($rndseed);
}
}
+sub latest_receipt_algorithm_id {
+ return 'receipt2';
+}
+
+sub recunique {
+ my $fucourseid=shift;
+ my $unique;
+ if ($ENV{"course.$fucourseid.receiptalg"} eq 'receipt2') {
+ $unique=$ENV{"course.$fucourseid.internal.encseed"};
+ } else {
+ $unique=$perlvar{'lonReceipt'};
+ }
+ return unpack("%32C*",$unique);
+}
+
+sub recprefix {
+ my $fucourseid=shift;
+ my $prefix;
+ if ($ENV{"course.$fucourseid.receiptalg"} eq 'receipt2') {
+ $prefix=$ENV{"course.$fucourseid.internal.encpref"};
+ } else {
+ $prefix=$perlvar{'lonHostID'};
+ }
+ return unpack("%32C*",$prefix);
+}
+
sub ireceipt {
- my ($funame,$fudom,$fucourseid,$fusymb)=@_;
+ my ($funame,$fudom,$fucourseid,$fusymb,$part)=@_;
my $cuname=unpack("%32C*",$funame);
my $cudom=unpack("%32C*",$fudom);
my $cucourseid=unpack("%32C*",$fucourseid);
my $cusymb=unpack("%32C*",$fusymb);
- my $cunique=unpack("%32C*",$perlvar{'lonReceipt'});
- return unpack("%32C*",$perlvar{'lonHostID'}).'-'.
- ($cunique%$cuname+
- $cunique%$cudom+
- $cusymb%$cuname+
- $cusymb%$cudom+
- $cucourseid%$cuname+
- $cucourseid%$cudom);
+ my $cunique=&recunique($fucourseid);
+ my $cpart=unpack("%32S*",$part);
+ my $return =&recprefix($fucourseid).'-';
+ if ($ENV{"course.$fucourseid.receiptalg"} eq 'receipt2' ||
+ $ENV{'request.state'} eq 'construct') {
+ &Apache::lonxml::debug("doing receipt2 using parts $cpart, uname $cuname and udom $cudom gets ".($cpart%$cuname).
+ " and ".($cpart%$cudom));
+
+ $return.= ($cunique%$cuname+
+ $cunique%$cudom+
+ $cusymb%$cuname+
+ $cusymb%$cudom+
+ $cucourseid%$cuname+
+ $cucourseid%$cudom+
+ $cpart%$cuname+
+ $cpart%$cudom);
+ } else {
+ $return.= ($cunique%$cuname+
+ $cunique%$cudom+
+ $cusymb%$cuname+
+ $cusymb%$cudom+
+ $cucourseid%$cuname+
+ $cucourseid%$cudom);
+ }
+ return $return;
}
sub receipt {
- my ($symb,$courseid,$domain,$name) = &Apache::lonxml::whichuser();
- return &ireceipt($name,$domain,$courseid,$symb);
+ my ($part)=@_;
+ my ($symb,$courseid,$domain,$name) = &Apache::lonxml::whichuser();
+ return &ireceipt($name,$domain,$courseid,$symb,$part);
}
# ------------------------------------------------------------ Serves up a file
-# returns either the contents of the file or a -1
+# returns either the contents of the file or
+# -1 if the file doesn't exist
+#
+# if the target is a file that was uploaded via DOCS,
+# a check will be made to see if a current copy exists on the local server,
+# if it does this will be served, otherwise a copy will be retrieved from
+# the home server for the course and stored in /home/httpd/html/userfiles on
+# the local server.
+
sub getfile {
- my $file=shift;
- if ($file=~/^\/*uploaded\//) { # user file
+ my ($file,$caller) = @_;
+
+ if ($file !~ m|^/*uploaded/(\w+)/(\w+)/(.+)$|) {
+ # normal file from res space
+ &repcopy($file);
+ return &readfile($file);
+ }
+
+ my $info;
+ my $cdom = $1;
+ my $cnum = $2;
+ my $filename = $3;
+ my $path = $Apache::lonnet::perlvar{'lonDocRoot'}.'/userfiles';
+ my ($lwpresp,$rtncode);
+ my $localfile = $path.'/'.$cdom.'/'.$cnum.'/'.$filename;
+ if (-e "$localfile") {
+ my @fileinfo = stat($localfile);
+ $lwpresp = &getuploaded('HEAD',$file,$cdom,$cnum,\$info,\$rtncode);
+ if ($lwpresp ne 'ok') {
+ if ($rtncode eq '404') {
+ unlink($localfile);
+ }
+ return -1;
+ }
+ if ($info < $fileinfo[9]) {
+ return &readfile($localfile);
+ }
+ $info = '';
+ $lwpresp = &getuploaded('GET',$file,$cdom,$cnum,\$info,\$rtncode);
+ if ($lwpresp ne 'ok') {
+ return -1;
+ }
+ } else {
+ $lwpresp = &getuploaded('GET',$file,$cdom,$cnum,\$info,\$rtncode);
+ if ($lwpresp ne 'ok') {
+ return -1;
+ }
+ my @parts = ($cdom,$cnum);
+ if ($filename =~ m|^(.+)/[^/]+$|) {
+ push @parts, split(/\//,$1);
+ }
+ foreach my $part (@parts) {
+ $path .= '/'.$part;
+ if (!-e $path) {
+ mkdir($path,0770);
+ }
+ }
+ }
+ open (FILE,">$localfile");
+ print FILE $info;
+ close(FILE);
+ if ($caller eq 'uploadrep') {
+ return 'ok';
+ }
+ return $info;
+}
+
+sub getuploaded {
+ my ($reqtype,$uri,$cdom,$cnum,$info,$rtncode) = @_;
+ $uri=~s/^\///;
+ $uri = 'http://'.$hostname{ &homeserver($cnum,$cdom)}.'/raw/'.$uri;
my $ua=new LWP::UserAgent;
- my $request=new HTTP::Request('GET',&tokenwrapper($file));
+ my $request=new HTTP::Request($reqtype,$uri);
my $response=$ua->request($request);
- if ($response->is_success()) {
- return $response->content;
- } else {
- return -1;
- }
- } else { # normal file from res space
- &repcopy($file);
- if (! -e $file ) { return -1; };
- my $fh;
- open($fh,"<$file");
- my $a='';
- while (<$fh>) { $a .=$_; }
- return $a;
- }
+ $$rtncode = $response->code;
+ if (! $response->is_success()) {
+ return 'failed';
+ }
+ if ($reqtype eq 'HEAD') {
+ $$info = &HTTP::Date::str2time( $response->header('Last-modified') );
+ } elsif ($reqtype eq 'GET') {
+ $$info = $response->content;
+ }
+ return 'ok';
+}
+
+sub readfile {
+ my $file = shift;
+ if ( (! -e $file ) || ($file eq '') ) { return -1; };
+ my $fh;
+ open($fh,"<$file");
+ my $a='';
+ while (<$fh>) { $a .=$_; }
+ return $a;
}
sub filelocation {
@@ -4458,8 +4804,8 @@ sub filelocation {
} elsif ($file=~/^\/*uploaded/) { # is an uploaded file
$location=$file;
} else {
- $file=~s/^$perlvar{'lonDocRoot'}//;
- $file=~s:^/*res::;
+ $file=~s/^\Q$perlvar{'lonDocRoot'}\E//;
+ $file=~s:^/res/:/:;
if ( !( $file =~ m:^/:) ) {
$location = $dir. '/'.$file;
} else {
@@ -4468,6 +4814,7 @@ sub filelocation {
}
$location=~s://+:/:g; # remove duplicate /
while ($location=~m:/\.\./:) {$location=~ s:/[^/]+/\.\./:/:g;} #remove dir/..
+ while ($location=~m:/\./:) {$location=~ s:/\./:/:g;} #remove /./
return $location;
}
@@ -4486,11 +4833,35 @@ sub hreflocation {
return $file;
}
+sub current_machine_domains {
+ my $hostname=$hostname{$perlvar{'lonHostID'}};
+ my @domains;
+ while( my($id, $name) = each(%hostname)) {
+# &logthis("-$id-$name-$hostname-");
+ if ($hostname eq $name) {
+ push(@domains,$hostdom{$id});
+ }
+ }
+ return @domains;
+}
+
+sub current_machine_ids {
+ my $hostname=$hostname{$perlvar{'lonHostID'}};
+ my @ids;
+ while( my($id, $name) = each(%hostname)) {
+# &logthis("-$id-$name-$hostname-");
+ if ($hostname eq $name) {
+ push(@ids,$id);
+ }
+ }
+ return @ids;
+}
+
# ------------------------------------------------------------- Declutters URLs
sub declutter {
my $thisfn=shift;
- $thisfn=~s/^$perlvar{'lonDocRoot'}//;
+ $thisfn=~s/^\Q$perlvar{'lonDocRoot'}\E//;
$thisfn=~s/^\///;
$thisfn=~s/^res\///;
$thisfn=~s/\?.+$//;
@@ -4563,7 +4934,7 @@ BEGIN {
open(my $config,"</etc/httpd/conf/loncapa.conf");
while (my $configline=<$config>) {
- if ($configline =~ /^[^\#]*PerlSetVar/) {
+ if ($configline=~/\S/ && $configline =~ /^[^\#]*PerlSetVar/) {
my ($dummy,$varname,$varvalue)=split(/\s+/,$configline);
chomp($varvalue);
$perlvar{$varname}=$varvalue;
@@ -4681,6 +5052,7 @@ BEGIN {
open(my $config,"<$perlvar{'lonTabDir'}/packages.tab");
while (my $configline=<$config>) {
+ if ($configline !~ /\S/ || $configline=~/^#/) { next; }
chomp($configline);
my ($short,$plain)=split(/:/,$configline);
my ($pack,$name)=split(/\&/,$short);
@@ -5426,8 +5798,29 @@ messages of critical importance should g
=item *
-getfile($file) : returns the entire contents of a file or -1; it
-properly subscribes to and replicates the file if neccessary.
+getfile($file,$caller) : two cases - requests for files in /res or in /uploaded.
+(a) files in /uploaded
+ (i) If a local copy of the file exists -
+ compares modification date of local copy with last-modified date for
+ definitive version stored on home server for course. If local copy is
+ stale, requests a new version from the home server and stores it.
+ If the original has been removed from the home server, then local copy
+ is unlinked.
+ (ii) If local copy does not exist -
+ requests the file from the home server and stores it.
+
+ If $caller is 'uploadrep':
+ This indicates a call from lonuploadrep.pm (PerlHeaderParserHandler phase)
+ for request for files originally uploaded via DOCS.
+ - returns 'ok' if fresh local copy now available, -1 otherwise.
+
+ Otherwise:
+ This indicates a call from the content generation phase of the request.
+ - returns the entire contents of the file or -1.
+
+(b) files in /res
+ - returns the entire contents of a file or -1;
+ it properly subscribes to and replicates the file if neccessary.
=item *