--- loncom/lonnet/perl/lonnet.pm 2006/07/21 18:52:35 1.765
+++ loncom/lonnet/perl/lonnet.pm 2006/09/05 20:42:15 1.778
@@ -1,7 +1,7 @@
# The LearningOnline Network
# TCP networking package
#
-# $Id: lonnet.pm,v 1.765 2006/07/21 18:52:35 albertel Exp $
+# $Id: lonnet.pm,v 1.778 2006/09/05 20:42:15 albertel Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -1176,7 +1176,7 @@ sub ssi_body {
}
my $output=($filelink=~/^http\:/?&externalssi($filelink):
&ssi($filelink,%form));
- $output=~s|//(\s*<!--)? BEGIN LON-CAPA Internal.+// END LON-CAPA Internal\s*(-->)?\s||gs;
+ $output=~s|//(\s*<!--)? BEGIN LON-CAPA Internal.+?// END LON-CAPA Internal\s*(-->)?\s||gs;
$output=~s/^.*?\<body[^\>]*\>//si;
$output=~s/(.*)\<\/body\s*\>.*?$/$1/si;
return $output;
@@ -2845,7 +2845,7 @@ sub set_userprivs {
if (keys(%{$allgroups}) > 0) {
foreach my $role (keys %{$allroles}) {
my ($trole,$area,$sec,$extendedarea);
- if ($role =~ m|^(\w+)\.(/\w+/\w+)(/?\w*)|) {
+ if ($role =~ m-^(\w+|cr/\w+/\w+/\w+)\.(/\w+/\w+)(/?\w*)-) {
$trole = $1;
$area = $2;
$sec = $3;
@@ -3220,31 +3220,29 @@ sub tmpdel {
# -------------------------------------------------- portfolio access checking
sub portfolio_access {
- my ($r,$requrl) = @_;
- my $access=&allowed('bre',$requrl);
- if ($access eq '2' || $access eq 'F') {
- return 'ok';
- }
+ my ($requrl) = @_;
my (undef,$udom,$unum,$file_name,$group) = &parse_portfolio_url($requrl);
my $result = &get_portfolio_access($udom,$unum,$file_name,$group);
if ($result eq 'ok') {
- return 'ok';
+ return 'F';
} elsif ($result =~ /^[^:]+:guest_/) {
- &Apache::lonacc::passphrase_access_checker($r,$result,$requrl);
- return 'ok';
+ return 'A';
}
- return undef;
+ return '';
}
sub get_portfolio_access {
- my ($udom,$unum,$file_name,$group) = @_;
-
- my $current_perms = &get_portfile_permissions($udom,$unum);
- my %access_controls = &get_access_controls($current_perms,$group,
- $file_name);
+ my ($udom,$unum,$file_name,$group,$access_hash) = @_;
+
+ if (!ref($access_hash)) {
+ my $current_perms = &get_portfile_permissions($udom,$unum);
+ my %access_controls = &get_access_controls($current_perms,$group,
+ $file_name);
+ $access_hash = $access_controls{$file_name};
+ }
+
my ($public,$guest,@domains,@users,@courses,@groups);
my $now = time;
- my $access_hash = $access_controls{$file_name};
if (ref($access_hash) eq 'HASH') {
foreach my $key (keys(%{$access_hash})) {
my ($num,$scope,$end,$start) = ($key =~ /^([^:]+):([a-z]+)_(\d*)_?(\d*)$/);
@@ -3476,8 +3474,9 @@ sub allowed {
if (defined($env{'allowed.'.$priv})) { return $env{'allowed.'.$priv}; }
# Free bre access to adm and meta resources
- if (((($uri=~/^adm\//) && ($uri !~ m|/bulletinboard$|))
- || ($uri=~/\.meta$/)) && ($priv eq 'bre')) {
+ if (((($uri=~/^adm\//) && ($uri !~ m{/(?:smppg|bulletinboard)$}))
+ || (($uri=~/\.meta$/) && ($uri!~m|^uploaded/|) ))
+ && ($priv eq 'bre')) {
return 'F';
}
@@ -3602,6 +3601,13 @@ sub allowed {
}
}
+ if ($priv eq 'bre'
+ && $thisallowed ne 'F'
+ && $thisallowed ne '2'
+ && &is_portfolio_url($uri)) {
+ $thisallowed = &portfolio_access($uri);
+ }
+
# Full access at system, domain or course-wide level? Exit.
if ($thisallowed=~/F/) {
@@ -3752,7 +3758,11 @@ sub allowed {
#
unless ($env{'request.course.id'}) {
- return '1';
+ if ($thisallowed eq 'A') {
+ return 'A';
+ } else {
+ return '1';
+ }
}
#
@@ -3815,6 +3825,9 @@ sub allowed {
}
}
+ if ($thisallowed eq 'A') {
+ return 'A';
+ }
return 'F';
}
@@ -4061,7 +4074,7 @@ sub auto_run {
my $response = &reply('autorun:'.$cdom,$homeserver);
return $response;
}
-
+
sub auto_get_sections {
my ($cnum,$cdom,$inst_coursecode) = @_;
my $homeserver = &homeserver($cnum,$cdom);
@@ -4072,21 +4085,21 @@ sub auto_get_sections {
}
return @secs;
}
-
+
sub auto_new_course {
my ($cnum,$cdom,$inst_course_id,$owner) = @_;
my $homeserver = &homeserver($cnum,$cdom);
my $response=&unescape(&reply('autonewcourse:'.$inst_course_id.':'.$owner.':'.$cdom,$homeserver));
return $response;
}
-
+
sub auto_validate_courseID {
my ($cnum,$cdom,$inst_course_id) = @_;
my $homeserver = &homeserver($cnum,$cdom);
my $response=&unescape(&reply('autovalidatecourse:'.$inst_course_id.':'.$cdom,$homeserver));
return $response;
}
-
+
sub auto_create_password {
my ($cnum,$cdom,$authparam) = @_;
my $homeserver = &homeserver($cnum,$cdom);
@@ -4180,33 +4193,49 @@ sub auto_photoupdate {
sub auto_instcode_format {
my ($caller,$codedom,$instcodes,$codes,$codetitles,$cat_titles,$cat_order) = @_;
my $courses = '';
- my $homeserver;
+ my @homeservers;
if ($caller eq 'global') {
foreach my $tryserver (keys %libserv) {
if ($hostdom{$tryserver} eq $codedom) {
- $homeserver = $tryserver;
- last;
+ if (!grep/^\Q$tryserver\E$/,@homeservers) {
+ push(@homeservers,$tryserver);
+ }
}
}
- if (($env{'user.name'}) && ($env{'user.domain'} eq $codedom)) {
- $homeserver = &homeserver($env{'user.name'},$codedom);
- }
} else {
- $homeserver = &homeserver($caller,$codedom);
+ push(@homeservers,&homeserver($caller,$codedom));
}
foreach (keys %{$instcodes}) {
$courses .= &escape($_).'='.&escape($$instcodes{$_}).'&';
}
chop($courses);
- my $response=&reply('autoinstcodeformat:'.$codedom.':'.$courses,$homeserver);
- unless ($response =~ /(con_lost|error|no_such_host|refused)/) {
- my ($codes_str,$codetitles_str,$cat_titles_str,$cat_order_str) = split/:/,$response;
- %{$codes} = &str2hash($codes_str);
- @{$codetitles} = &str2array($codetitles_str);
- %{$cat_titles} = &str2hash($cat_titles_str);
- %{$cat_order} = &str2hash($cat_order_str);
+ my $ok_response = 0;
+ my $response;
+ while (@homeservers > 0 && $ok_response == 0) {
+ my $server = shift(@homeservers);
+ $response=&reply('autoinstcodeformat:'.$codedom.':'.$courses,$server);
+ if ($response !~ /(con_lost|error|no_such_host|refused)/) {
+ my ($codes_str,$codetitles_str,$cat_titles_str,$cat_order_str) =
+ split/:/,$response;
+ %{$codes} = (%{$codes},&str2hash($codes_str));
+ push(@{$codetitles},&str2array($codetitles_str));
+ %{$cat_titles} = (%{$cat_titles},&str2hash($cat_titles_str));
+ %{$cat_order} = (%{$cat_order},&str2hash($cat_order_str));
+ $ok_response = 1;
+ }
+ }
+ if ($ok_response) {
return 'ok';
+ } else {
+ return $response;
}
+}
+
+sub auto_validate_class_sec {
+ my ($cdom,$cnum,$owner,$inst_class) = @_;
+ my $homeserver = &homeserver($cnum,$cdom);
+ my $response=&reply('autovalidateclass_sec:'.$inst_class.':'.
+ &escape($owner).':'.$cdom,$homeserver);
return $response;
}
@@ -4902,11 +4931,13 @@ sub get_portfile_permissions {
sub get_access_controls {
my ($current_permissions,$group,$file) = @_;
- my %access;
+ my %access;
+ my $real_file = $file;
+ $file =~ s/\.meta$//;
if (defined($file)) {
if (ref($$current_permissions{$file."\0".'accesscontrol'}) eq 'HASH') {
foreach my $control (keys(%{$$current_permissions{$file."\0".'accesscontrol'}})) {
- $access{$file}{$control} = $$current_permissions{$file."\0".$control};
+ $access{$real_file}{$control} = $$current_permissions{$file."\0".$control};
}
}
} else {
@@ -5722,6 +5753,9 @@ sub EXT {
if (($uname eq $env{'user.name'})&&($udom eq $env{'user.domain'})) {
return $env{'environment.'.$spacequalifierrest};
} else {
+ if ($uname eq 'anonymous' && $udom eq '') {
+ return '';
+ }
my %returnhash=&userenvironment($udom,$uname,
$spacequalifierrest);
return $returnhash{$spacequalifierrest};
@@ -5872,7 +5906,7 @@ sub metadata {
my %metathesekeys=();
unless ($filename=~/\.meta$/) { $filename.='.meta'; }
my $metastring;
- if ($uri !~ m -^(uploaded|editupload)/-) {
+ if ($uri !~ m -^(editupload)/-) {
my $file=&filelocation('',&clutter($filename));
#push(@{$metaentry{$uri.'.file'}},$file);
$metastring=&getfile($file);
@@ -7508,6 +7542,7 @@ actions
'': forbidden
1: user needs to choose course
2: browse allowed
+ A: passphrase authentication needed
=item *
@@ -8235,15 +8270,6 @@ Internal notes:
Locks on files (resulting from submission of portfolio file to a homework problem stored in array of arrays.
-parse_access_controls():
-
-Parses XML of an access control record
-Args
-1. Text string (XML) of access comtrol record
-
-Returns:
-1. Hash of access control settings.
-
modify_access_controls():
Modifies access controls for a portfolio file