1: # The LearningOnline Network
2: # TCP networking package
3: #
4: # Functions for use by content handlers:
5: #
6: # plaintext(short) : plain text explanation of short term
7: # fileembstyle(ext) : embed style in page for file extension
8: # filedescription(ext) : descriptor text for file extension
9: # allowed(short,url) : returns codes for allowed actions F,R,S,X,C
10: # definerole(rolename,sys,dom,cou) : define a custom role rolename
11: # set priviledges in format of lonTabs/roles.tab for
12: # system, domain and course level,
13: # assignrole(udom,uname,url,role,end,start) : give a role to a user for the
14: # level given by url. Optional start and end dates
15: # (leave empty string or zero for "no date")
16: # assigncustomrole (udom,uname,url,rdom,rnam,rolename,end,start) : give a
17: # custom role to a user for the level given by url.
18: # Specify name and domain of role author, and role name
19: # revokerole (udom,uname,url,role) : Revoke a role for url
20: # revokecustomrole (udom,uname,url,rdom,rnam,rolename) : Revoke a custom role
21: # appenv(hash) : adds hash to session environment
22: # store(hash) : stores hash permanently for this url
23: # restore : returns hash for this url
24: # eget(namesp,array) : returns hash with keys from array filled in from namesp
25: # get(namesp,array) : returns hash with keys from array filled in from namesp
26: # del(namesp,array) : deletes keys out of arry from namesp
27: # put(namesp,hash) : stores hash in namesp
28: # dump(namesp) : dumps the complete namespace into a hash
29: # ssi(url,hash) : does a complete request cycle on url to localhost, posts
30: # hash
31: # repcopy(filename) : replicate file
32: # dirlist(url) : gets a directory listing
33: # condval(index) : value of condition index based on state
34: # varval(name) : value of a variable
35: #
36: # 6/1/99,6/2,6/10,6/11,6/12,6/14,6/26,6/28,6/29,6/30,
37: # 7/1,7/2,7/9,7/10,7/12,7/14,7/15,7/19,
38: # 11/8,11/16,11/18,11/22,11/23,12/22,
39: # 01/06,01/13,02/24,02/28,02/29,
40: # 03/01,03/02,03/06,03/07,03/13,
41: # 04/05,05/29,05/31,06/01,
42: # 06/05,06/26 Gerd Kortemeyer
43: # 06/26 Ben Tyszka
44: # 06/30,07/15,07/17,07/18,07/20,07/21,07/22,07/25 Gerd Kortemeyer
45: # 08/14 Ben Tyszka
46: # 08/22,08/28,08/31,09/01,09/02 Gerd Kortemeyer
47:
48: package Apache::lonnet;
49:
50: use strict;
51: use Apache::File;
52: use LWP::UserAgent();
53: use HTTP::Headers;
54: use vars
55: qw(%perlvar %hostname %homecache %spareid %hostdom %libserv %pr %prp %fe %fd $readit);
56: use IO::Socket;
57: use Apache::Constants qw(:common :http);
58:
59: # --------------------------------------------------------------------- Logging
60:
61: sub logthis {
62: my $message=shift;
63: my $execdir=$perlvar{'lonDaemons'};
64: my $now=time;
65: my $local=localtime($now);
66: my $fh=Apache::File->new(">>$execdir/logs/lonnet.log");
67: print $fh "$local ($$): $message\n";
68: return 1;
69: }
70:
71: sub logperm {
72: my $message=shift;
73: my $execdir=$perlvar{'lonDaemons'};
74: my $now=time;
75: my $local=localtime($now);
76: my $fh=Apache::File->new(">>$execdir/logs/lonnet.perm.log");
77: print $fh "$now:$message:$local\n";
78: return 1;
79: }
80:
81: # -------------------------------------------------- Non-critical communication
82: sub subreply {
83: my ($cmd,$server)=@_;
84: my $peerfile="$perlvar{'lonSockDir'}/$server";
85: my $client=IO::Socket::UNIX->new(Peer =>"$peerfile",
86: Type => SOCK_STREAM,
87: Timeout => 10)
88: or return "con_lost";
89: print $client "$cmd\n";
90: my $answer=<$client>;
91: if (!$answer) { $answer="con_lost"; }
92: chomp($answer);
93: return $answer;
94: }
95:
96: sub reply {
97: my ($cmd,$server)=@_;
98: my $answer=subreply($cmd,$server);
99: if ($answer eq 'con_lost') { $answer=subreply($cmd,$server); }
100: if (($answer=~/^error:/) || ($answer=~/^refused/) ||
101: ($answer=~/^rejected/)) {
102: &logthis("<font color=blue>WARNING:".
103: " $cmd to $server returned $answer</font>");
104: }
105: return $answer;
106: }
107:
108: # ----------------------------------------------------------- Send USR1 to lonc
109:
110: sub reconlonc {
111: my $peerfile=shift;
112: &logthis("Trying to reconnect for $peerfile");
113: my $loncfile="$perlvar{'lonDaemons'}/logs/lonc.pid";
114: if (my $fh=Apache::File->new("$loncfile")) {
115: my $loncpid=<$fh>;
116: chomp($loncpid);
117: if (kill 0 => $loncpid) {
118: &logthis("lonc at pid $loncpid responding, sending USR1");
119: kill USR1 => $loncpid;
120: sleep 1;
121: if (-e "$peerfile") { return; }
122: &logthis("$peerfile still not there, give it another try");
123: sleep 5;
124: if (-e "$peerfile") { return; }
125: &logthis(
126: "<font color=blue>WARNING: $peerfile still not there, giving up</font>");
127: } else {
128: &logthis(
129: "<font color=blue>WARNING:".
130: " lonc at pid $loncpid not responding, giving up</font>");
131: }
132: } else {
133: &logthis('<font color=blue>WARNING: lonc not running, giving up</font>');
134: }
135: }
136:
137: # ------------------------------------------------------ Critical communication
138:
139: sub critical {
140: my ($cmd,$server)=@_;
141: my $answer=reply($cmd,$server);
142: if ($answer eq 'con_lost') {
143: my $pingreply=reply('ping',$server);
144: &reconlonc("$perlvar{'lonSockDir'}/$server");
145: my $pongreply=reply('pong',$server);
146: &logthis("Ping/Pong for $server: $pingreply/$pongreply");
147: $answer=reply($cmd,$server);
148: if ($answer eq 'con_lost') {
149: my $now=time;
150: my $middlename=$cmd;
151: $middlename=substr($middlename,0,16);
152: $middlename=~s/\W//g;
153: my $dfilename=
154: "$perlvar{'lonSockDir'}/delayed/$now.$middlename.$server";
155: {
156: my $dfh;
157: if ($dfh=Apache::File->new(">$dfilename")) {
158: print $dfh "$cmd\n";
159: }
160: }
161: sleep 2;
162: my $wcmd='';
163: {
164: my $dfh;
165: if ($dfh=Apache::File->new("$dfilename")) {
166: $wcmd=<$dfh>;
167: }
168: }
169: chomp($wcmd);
170: if ($wcmd eq $cmd) {
171: &logthis("<font color=blue>WARNING: ".
172: "Connection buffer $dfilename: $cmd</font>");
173: &logperm("D:$server:$cmd");
174: return 'con_delayed';
175: } else {
176: &logthis("<font color=red>CRITICAL:"
177: ." Critical connection failed: $server $cmd</font>");
178: &logperm("F:$server:$cmd");
179: return 'con_failed';
180: }
181: }
182: }
183: return $answer;
184: }
185:
186: # ---------------------------------------------------------- Append Environment
187:
188: sub appenv {
189: my %newenv=@_;
190: my @oldenv;
191: {
192: my $fh;
193: unless ($fh=Apache::File->new("$ENV{'user.environment'}")) {
194: return 'error';
195: }
196: @oldenv=<$fh>;
197: }
198: for (my $i=0; $i<=$#oldenv; $i++) {
199: chomp($oldenv[$i]);
200: if ($oldenv[$i] ne '') {
201: my ($name,$value)=split(/=/,$oldenv[$i]);
202: unless (defined($newenv{$name})) {
203: $newenv{$name}=$value;
204: }
205: }
206: }
207: {
208: my $fh;
209: unless ($fh=Apache::File->new(">$ENV{'user.environment'}")) {
210: return 'error';
211: }
212: my $newname;
213: foreach $newname (keys %newenv) {
214: print $fh "$newname=$newenv{$newname}\n";
215: }
216: }
217: return 'ok';
218: }
219:
220: # ------------------------------ Find server with least workload from spare.tab
221:
222: sub spareserver {
223: my $tryserver;
224: my $spareserver='';
225: my $lowestserver=100;
226: foreach $tryserver (keys %spareid) {
227: my $answer=reply('load',$tryserver);
228: if (($answer =~ /\d/) && ($answer<$lowestserver)) {
229: $spareserver="http://$hostname{$tryserver}";
230: $lowestserver=$answer;
231: }
232: }
233: return $spareserver;
234: }
235:
236: # --------- Try to authenticate user from domain's lib servers (first this one)
237:
238: sub authenticate {
239: my ($uname,$upass,$udom)=@_;
240: $upass=escape($upass);
241: if (($perlvar{'lonRole'} eq 'library') &&
242: ($udom eq $perlvar{'lonDefDomain'})) {
243: my $answer=reply("encrypt:auth:$udom:$uname:$upass",$perlvar{'lonHostID'});
244: if ($answer =~ /authorized/) {
245: if ($answer eq 'authorized') {
246: &logthis("User $uname at $udom authorized by local server");
247: return $perlvar{'lonHostID'};
248: }
249: if ($answer eq 'non_authorized') {
250: &logthis("User $uname at $udom rejected by local server");
251: return 'no_host';
252: }
253: }
254: }
255:
256: my $tryserver;
257: foreach $tryserver (keys %libserv) {
258: if ($hostdom{$tryserver} eq $udom) {
259: my $answer=reply("encrypt:auth:$udom:$uname:$upass",$tryserver);
260: if ($answer =~ /authorized/) {
261: if ($answer eq 'authorized') {
262: &logthis("User $uname at $udom authorized by $tryserver");
263: return $tryserver;
264: }
265: if ($answer eq 'non_authorized') {
266: &logthis("User $uname at $udom rejected by $tryserver");
267: return 'no_host';
268: }
269: }
270: }
271: }
272: &logthis("User $uname at $udom could not be authenticated");
273: return 'no_host';
274: }
275:
276: # ---------------------- Find the homebase for a user from domain's lib servers
277:
278: sub homeserver {
279: my ($uname,$udom)=@_;
280:
281: my $index="$uname:$udom";
282: if ($homecache{$index}) { return "$homecache{$index}"; }
283:
284: my $tryserver;
285: foreach $tryserver (keys %libserv) {
286: if ($hostdom{$tryserver} eq $udom) {
287: my $answer=reply("home:$udom:$uname",$tryserver);
288: if ($answer eq 'found') {
289: $homecache{$index}=$tryserver;
290: return $tryserver;
291: }
292: }
293: }
294: return 'no_host';
295: }
296:
297: # ----------------------------- Subscribe to a resource, return URL if possible
298:
299: sub subscribe {
300: my $fname=shift;
301: my $author=$fname;
302: $author=~s/\/home\/httpd\/html\/res\/([^\/]*)\/([^\/]*).*/$1\/$2/;
303: my ($udom,$uname)=split(/\//,$author);
304: my $home=homeserver($uname,$udom);
305: if (($home eq 'no_host') || ($home eq $perlvar{'lonHostID'})) {
306: return 'not_found';
307: }
308: my $answer=reply("sub:$fname",$home);
309: return $answer;
310: }
311:
312: # -------------------------------------------------------------- Replicate file
313:
314: sub repcopy {
315: my $filename=shift;
316: $filename=~s/\/+/\//g;
317: my $transname="$filename.in.transfer";
318: if ((-e $filename) || (-e $transname)) { return OK; }
319: my $remoteurl=subscribe($filename);
320: if ($remoteurl eq 'con_lost') {
321: &logthis("Subscribe returned con_lost: $filename");
322: return HTTP_SERVICE_UNAVAILABLE;
323: } elsif ($remoteurl eq 'not_found') {
324: &logthis("Subscribe returned not_found: $filename");
325: return HTTP_NOT_FOUND;
326: } elsif ($remoteurl eq 'rejected') {
327: &logthis("Subscribe returned rejected: $filename");
328: return FORBIDDEN;
329: } elsif ($remoteurl eq 'directory') {
330: return OK;
331: } else {
332: my @parts=split(/\//,$filename);
333: my $path="/$parts[1]/$parts[2]/$parts[3]/$parts[4]";
334: if ($path ne "$perlvar{'lonDocRoot'}/res") {
335: &logthis("Malconfiguration for replication: $filename");
336: return HTTP_BAD_REQUEST;
337: }
338: my $count;
339: for ($count=5;$count<$#parts;$count++) {
340: $path.="/$parts[$count]";
341: if ((-e $path)!=1) {
342: mkdir($path,0777);
343: }
344: }
345: my $ua=new LWP::UserAgent;
346: my $request=new HTTP::Request('GET',"$remoteurl");
347: my $response=$ua->request($request,$transname);
348: if ($response->is_error()) {
349: unlink($transname);
350: my $message=$response->status_line;
351: &logthis("<font color=blue>WARNING:"
352: ." LWP get: $message: $filename</font>");
353: return HTTP_SERVICE_UNAVAILABLE;
354: } else {
355: if ($remoteurl!~/\.meta$/) {
356: my $mrequest=new HTTP::Request('GET',$remoteurl.'.meta');
357: my $mresponse=$ua->request($mrequest,$filename.'.meta');
358: if ($mresponse->is_error()) {
359: unlink($filename.'.meta');
360: &logthis(
361: "<font color=yellow>INFO: No metadata: $filename</font>");
362: }
363: }
364: rename($transname,$filename);
365: return OK;
366: }
367: }
368: }
369:
370: # --------------------------------------------------------- Server Side Include
371:
372: sub ssi {
373:
374: my ($fn,%form)=@_;
375:
376: my $ua=new LWP::UserAgent;
377:
378: my $request;
379:
380: if (%form) {
381: $request=new HTTP::Request('POST',"http://".$ENV{'HTTP_HOST'}.$fn);
382: $request->content(join '&', map { "$_=$form{$_}" } keys %form);
383: } else {
384: $request=new HTTP::Request('GET',"http://".$ENV{'HTTP_HOST'}.$fn);
385: }
386:
387: $request->header(Cookie => $ENV{'HTTP_COOKIE'});
388: my $response=$ua->request($request);
389:
390: return $response->content;
391: }
392:
393: # ------------------------------------------------------------------------- Log
394:
395: sub log {
396: my ($dom,$nam,$hom,$what)=@_;
397: return reply("log:$dom:$nam:$what",$hom);
398: }
399:
400: # ----------------------------------------------------------------------- Store
401:
402: sub store {
403: my %storehash=shift;
404: my $namevalue='';
405: map {
406: $namevalue.=escape($_).'='.escape($storehash{$_}).'&';
407: } keys %storehash;
408: $namevalue=~s/\&$//;
409: return reply("store:$ENV{'user.domain'}:$ENV{'user.name'}:"
410: ."$ENV{'user.class'}:$ENV{'request.filename'}:$namevalue",
411: "$ENV{'user.home'}");
412: }
413:
414: # --------------------------------------------------------------------- Restore
415:
416: sub restore {
417: my $answer=reply("restore:$ENV{'user.domain'}:$ENV{'user.name'}:"
418: ."$ENV{'user.class'}:$ENV{'request.filename'}",
419: "$ENV{'user.home'}");
420: my %returnhash=();
421: map {
422: my ($name,$value)=split(/\=/,$_);
423: $returnhash{&unescape($name)}=&unescape($value);
424: } split(/\&/,$answer);
425: return %returnhash;
426: }
427:
428: # -------------------------------------------------------- Get user priviledges
429:
430: sub rolesinit {
431: my ($domain,$username,$authhost)=@_;
432: my $rolesdump=reply("dump:$domain:$username:roles",$authhost);
433: if (($rolesdump eq 'con_lost') || ($rolesdump eq '')) { return ''; }
434: my %allroles=();
435: my %thesepriv=();
436: my $now=time;
437: my $userroles="user.login.time=$now\n";
438: my $thesestr;
439:
440: if ($rolesdump ne '') {
441: map {
442: if ($_!~/^rolesdef\&/) {
443: my ($area,$role)=split(/=/,$_);
444: $area=~s/\_\w\w$//;
445: my ($trole,$tend,$tstart)=split(/_/,$role);
446: $userroles.='user.role.'.$trole.'.'.$area.'='.
447: $tstart.'.'.$tend."\n";
448: if ($tend!=0) {
449: if ($tend<$now) {
450: $trole='';
451: }
452: }
453: if ($tstart!=0) {
454: if ($tstart>$now) {
455: $trole='';
456: }
457: }
458: if (($area ne '') && ($trole ne '')) {
459: my ($tdummy,$tdomain,$trest)=split(/\//,$area);
460: if ($trole =~ /^cr\//) {
461: my ($rdummy,$rdomain,$rauthor,$rrole)=split(/\//,$trole);
462: my $homsvr=homeserver($rauthor,$rdomain);
463: if ($hostname{$homsvr} ne '') {
464: my $roledef=
465: reply("get:$rdomain:$rauthor:roles:rolesdef_$rrole",
466: $homsvr);
467: if (($roledef ne 'con_lost') && ($roledef ne '')) {
468: my ($syspriv,$dompriv,$coursepriv)=
469: split(/\_/,unescape($roledef));
470: $allroles{'/'}.=':'.$syspriv;
471: if ($tdomain ne '') {
472: $allroles{'/'.$tdomain.'/'}.=':'.$dompriv;
473: if ($trest ne '') {
474: $allroles{$area}.=':'.$coursepriv;
475: }
476: }
477: }
478: }
479: } else {
480: $allroles{'/'}.=':'.$pr{$trole.':s'};
481: if ($tdomain ne '') {
482: $allroles{'/'.$tdomain.'/'}.=':'.$pr{$trole.':d'};
483: if ($trest ne '') {
484: $allroles{$area}.=':'.$pr{$trole.':c'};
485: }
486: }
487: }
488: }
489: }
490: } split(/&/,$rolesdump);
491: map {
492: %thesepriv=();
493: map {
494: if ($_ ne '') {
495: my ($priviledge,$restrictions)=split(/&/,$_);
496: if ($restrictions eq '') {
497: $thesepriv{$priviledge}='F';
498: } else {
499: if ($thesepriv{$priviledge} ne 'F') {
500: $thesepriv{$priviledge}.=$restrictions;
501: }
502: }
503: }
504: } split(/:/,$allroles{$_});
505: $thesestr='';
506: map { $thesestr.=':'.$_.'&'.$thesepriv{$_}; } keys %thesepriv;
507: $userroles.='user.priv.'.$_.'='.$thesestr."\n";
508: } keys %allroles;
509: }
510: return $userroles;
511: }
512:
513: # --------------------------------------------------------------- get interface
514:
515: sub get {
516: my ($namespace,@storearr)=@_;
517: my $items='';
518: map {
519: $items.=escape($_).'&';
520: } @storearr;
521: $items=~s/\&$//;
522: my $rep=reply("get:$ENV{'user.domain'}:$ENV{'user.name'}:$namespace:$items",
523: $ENV{'user.home'});
524: my @pairs=split(/\&/,$rep);
525: my %returnhash=();
526: map {
527: my ($key,$value)=split(/=/,$_);
528: $returnhash{unespace($key)}=unescape($value);
529: } @pairs;
530: return %returnhash;
531: }
532:
533: # --------------------------------------------------------------- del interface
534:
535: sub del {
536: my ($namespace,@storearr)=@_;
537: my $items='';
538: map {
539: $items.=escape($_).'&';
540: } @storearr;
541: $items=~s/\&$//;
542: return reply("del:$ENV{'user.domain'}:$ENV{'user.name'}:$namespace:$items",
543: $ENV{'user.home'});
544: }
545:
546: # -------------------------------------------------------------- dump interface
547:
548: sub dump {
549: my $namespace=shift;
550: my $rep=reply("dump:$ENV{'user.domain'}:$ENV{'user.name'}:$namespace",
551: $ENV{'user.home'});
552: my @pairs=split(/\&/,$rep);
553: my %returnhash=();
554: map {
555: my ($key,$value)=split(/=/,$_);
556: $returnhash{unespace($key)}=unescape($value);
557: } @pairs;
558: return %returnhash;
559: }
560:
561: # --------------------------------------------------------------- put interface
562:
563: sub put {
564: my ($namespace,%storehash)=@_;
565: my $items='';
566: map {
567: $items.=escape($_).'='.escape($storehash{$_}).'&';
568: } keys %storehash;
569: $items=~s/\&$//;
570: return reply("put:$ENV{'user.domain'}:$ENV{'user.name'}:$namespace:$items",
571: $ENV{'user.home'});
572: }
573:
574: # -------------------------------------------------------------- eget interface
575:
576: sub eget {
577: my ($namespace,@storearr)=@_;
578: my $items='';
579: map {
580: $items.=escape($_).'&';
581: } @storearr;
582: $items=~s/\&$//;
583: my $rep=reply("eget:$ENV{'user.domain'}:$ENV{'user.name'}:$namespace:$items",
584: $ENV{'user.home'});
585: my @pairs=split(/\&/,$rep);
586: my %returnhash=();
587: map {
588: my ($key,$value)=split(/=/,$_);
589: $returnhash{unespace($key)}=unescape($value);
590: } @pairs;
591: return %returnhash;
592: }
593:
594: # ------------------------------------------------- Check for a user priviledge
595:
596: sub allowed {
597: my ($priv,$uri)=@_;
598: $uri=~s/^\/res//;
599: $uri=~s/^\///;
600: if ($uri=~/^adm\//) {
601: return 'F';
602: }
603: my $thisallowed='';
604: if ($ENV{'user.priv./'}=~/$priv\&([^\:]*)/) {
605: $thisallowed.=$1;
606: }
607: if ($ENV{'user.priv./'.(split(/\//,$uri))[0].'/'}=~/$priv\&([^\:]*)/) {
608: $thisallowed.=$1;
609: }
610: if ($ENV{'user.priv./'.$uri}=~/$priv\&([^\:]*)/) {
611: $thisallowed.=$1;
612: }
613: return $thisallowed;
614: }
615:
616: # ----------------------------------------------------------------- Define Role
617:
618: sub definerole {
619: if (allowed('mcr','/')) {
620: my ($rolename,$sysrole,$domrole,$courole)=@_;
621: map {
622: my ($crole,$cqual)=split(/\&/,$_);
623: if ($pr{'cr:s'}!~/$crole/) { return "refused:s:$crole"; }
624: if ($pr{'cr:s'}=~/$crole\&/) {
625: if ($pr{'cr:s'}!~/$crole\&\w*$cqual/) {
626: return "refused:s:$crole&$cqual";
627: }
628: }
629: } split('/',$sysrole);
630: map {
631: my ($crole,$cqual)=split(/\&/,$_);
632: if ($pr{'cr:d'}!~/$crole/) { return "refused:d:$crole"; }
633: if ($pr{'cr:d'}=~/$crole\&/) {
634: if ($pr{'cr:d'}!~/$crole\&\w*$cqual/) {
635: return "refused:d:$crole&$cqual";
636: }
637: }
638: } split('/',$domrole);
639: map {
640: my ($crole,$cqual)=split(/\&/,$_);
641: if ($pr{'cr:c'}!~/$crole/) { return "refused:c:$crole"; }
642: if ($pr{'cr:c'}=~/$crole\&/) {
643: if ($pr{'cr:c'}!~/$crole\&\w*$cqual/) {
644: return "refused:c:$crole&$cqual";
645: }
646: }
647: } split('/',$courole);
648: my $command="encrypt:rolesput:$ENV{'user.domain'}:$ENV{'user.name'}:".
649: "$ENV{'user.domain'}:$ENV{'user.name'}:".
650: "rolesdef_$rolename=".
651: escape($sysrole.'_'.$domrole.'_'.$courole);
652: return reply($command,$ENV{'user.home'});
653: } else {
654: return 'refused';
655: }
656: }
657:
658: # ------------------------------------------------------------------ Plain Text
659:
660: sub plaintext {
661: my $short=shift;
662: return $prp{$short};
663: }
664:
665: # ------------------------------------------------------------------ Plain Text
666:
667: sub fileembstyle {
668: my $ending=shift;
669: return $fe{$ending};
670: }
671:
672: # ------------------------------------------------------------ Description Text
673:
674: sub filedecription {
675: my $ending=shift;
676: return $fd{$ending};
677: }
678:
679: # ----------------------------------------------------------------- Assign Role
680:
681: sub assignrole {
682: my ($udom,$uname,$url,$role,$end,$start)=@_;
683: my $mrole;
684: if ($role =~ /^cr\//) {
685: unless ($url=~/\.course$/) { return 'invalid'; }
686: unless (allowed('ccr',$url)) { return 'refused'; }
687: $mrole='cr';
688: } else {
689: unless (($url=~/\.course$/) || ($url=~/\/$/)) { return 'invalid'; }
690: unless (allowed('c'+$role)) { return 'refused'; }
691: $mrole=$role;
692: }
693: my $command="encrypt:rolesput:$ENV{'user.domain'}:$ENV{'user.name'}:".
694: "$udom:$uname:$url".'_'."$mrole=$role";
695: if ($end) { $command.='_$end'; }
696: if ($start) {
697: if ($end) {
698: $command.='_$start';
699: } else {
700: $command.='_0_$start';
701: }
702: }
703: return &reply($command,&homeserver($uname,$udom));
704: }
705:
706: # ---------------------------------------------------------- Assign Custom Role
707:
708: sub assigncustomrole {
709: my ($udom,$uname,$url,$rdom,$rnam,$rolename,$end,$start)=@_;
710: return &assignrole($udom,$uname,$url,'cr/'.$rdom.'/'.$rnam.'/'.$rolename,
711: $end,$start);
712: }
713:
714: # ----------------------------------------------------------------- Revoke Role
715:
716: sub revokerole {
717: my ($udom,$uname,$url,$role)=@_;
718: my $now=time;
719: return &assignrole($udom,$uname,$url,$role,$now);
720: }
721:
722: # ---------------------------------------------------------- Revoke Custom Role
723:
724: sub revokecustomrole {
725: my ($udom,$uname,$url,$rdom,$rnam,$rolename)=@_;
726: my $now=time;
727: return &assigncustomrole($udom,$uname,$url,$rdom,$rnam,$rolename,$now);
728: }
729:
730: # ------------------------------------------------------------ Directory lister
731:
732: sub dirlist {
733: my $uri=shift;
734: $uri=~s/^\///;
735: $uri=~s/\/$//;
736: my ($res,$udom,$uname,@rest)=split(/\//,$uri);
737: if ($udom) {
738: if ($uname) {
739: my $listing=reply('ls:'.$perlvar{'lonDocRoot'}.'/'.$uri,
740: homeserver($uname,$udom));
741: return split(/:/,$listing);
742: } else {
743: my $tryserver;
744: my %allusers=();
745: foreach $tryserver (keys %libserv) {
746: if ($hostdom{$tryserver} eq $udom) {
747: my $listing=reply('ls:'.$perlvar{'lonDocRoot'}.'/res/'.$udom,
748: $tryserver);
749: if (($listing ne 'no_such_dir') && ($listing ne 'empty')
750: && ($listing ne 'con_lost')) {
751: map {
752: my ($entry,@stat)=split(/&/,$_);
753: $allusers{$entry}=1;
754: } split(/:/,$listing);
755: }
756: }
757: }
758: my $alluserstr='';
759: map {
760: $alluserstr.=$_.'&user:';
761: } sort keys %allusers;
762: $alluserstr=~s/:$//;
763: return split(/:/,$alluserstr);
764: }
765: } else {
766: my $tryserver;
767: my %alldom=();
768: foreach $tryserver (keys %libserv) {
769: $alldom{$hostdom{$tryserver}}=1;
770: }
771: my $alldomstr='';
772: map {
773: $alldomstr.=$perlvar{'lonDocRoot'}.'/res/'.$_.'&domain:';
774: } sort keys %alldom;
775: $alldomstr=~s/:$//;
776: return split(/:/,$alldomstr);
777: }
778: }
779:
780: # -------------------------------------------------------- Value of a Condition
781:
782: sub condval {
783: my $condidx=shift;
784: my $result=0;
785: if ($ENV{'request.course'}) {
786: if (defined($ENV{'acc.cond.'.$ENV{'request.course'}.'.'.$condidx})) {
787: my $operand='|';
788: my @stack;
789: map {
790: if ($_ eq '(') {
791: push @stack,($operand,$result)
792: } elsif ($_ eq ')') {
793: my $before=pop @stack;
794: if (pop @stack eq '&') {
795: $result=$result>$before?$before:$result;
796: } else {
797: $result=$result>$before?$result:$before;
798: }
799: } elsif (($_ eq '&') || ($_ eq '|')) {
800: $operand=$_;
801: } else {
802: my $new=
803: substr($ENV{'user.state.'.$ENV{'request.course'}},$_,1);
804: if ($operand eq '&') {
805: $result=$result>$new?$new:$result;
806: } else {
807: $result=$result>$new?$result:$new;
808: }
809: }
810: } ($ENV{'acc.cond.'.$ENV{'request.course'}.'.'.$condidx}=~
811: /(\d+|\(|\)|\&|\|)/g);
812: }
813: }
814: return $result;
815: }
816:
817: # --------------------------------------------------------- Value of a Variable
818:
819: sub varval {
820: my ($realm,$space,@components)=split(/\./,shift);
821: my $value='';
822: if ($realm eq 'user') {
823: } elsif ($realm eq 'course') {
824: } elsif ($realm eq 'session') {
825: } elsif ($realm eq 'system') {
826: }
827: return $value;
828: }
829:
830: # -------------------------------------------------------- Escape Special Chars
831:
832: sub escape {
833: my $str=shift;
834: $str =~ s/(\W)/"%".unpack('H2',$1)/eg;
835: return $str;
836: }
837:
838: # ----------------------------------------------------- Un-Escape Special Chars
839:
840: sub unescape {
841: my $str=shift;
842: $str =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C",hex($1))/eg;
843: return $str;
844: }
845:
846: # ================================================================ Main Program
847:
848: sub BEGIN {
849: if ($readit ne 'done') {
850: # ------------------------------------------------------------ Read access.conf
851: {
852: my $config=Apache::File->new("/etc/httpd/conf/access.conf");
853:
854: while (my $configline=<$config>) {
855: if ($configline =~ /PerlSetVar/) {
856: my ($dummy,$varname,$varvalue)=split(/\s+/,$configline);
857: chomp($varvalue);
858: $perlvar{$varname}=$varvalue;
859: }
860: }
861: }
862:
863: # ------------------------------------------------------------- Read hosts file
864: {
865: my $config=Apache::File->new("$perlvar{'lonTabDir'}/hosts.tab");
866:
867: while (my $configline=<$config>) {
868: my ($id,$domain,$role,$name,$ip)=split(/:/,$configline);
869: $hostname{$id}=$name;
870: $hostdom{$id}=$domain;
871: if ($role eq 'library') { $libserv{$id}=$name; }
872: }
873: }
874:
875: # ------------------------------------------------------ Read spare server file
876: {
877: my $config=Apache::File->new("$perlvar{'lonTabDir'}/spare.tab");
878:
879: while (my $configline=<$config>) {
880: chomp($configline);
881: if (($configline) && ($configline ne $perlvar{'lonHostID'})) {
882: $spareid{$configline}=1;
883: }
884: }
885: }
886: # ------------------------------------------------------------ Read permissions
887: {
888: my $config=Apache::File->new("$perlvar{'lonTabDir'}/roles.tab");
889:
890: while (my $configline=<$config>) {
891: chomp($configline);
892: my ($role,$perm)=split(/ /,$configline);
893: if ($perm ne '') { $pr{$role}=$perm; }
894: }
895: }
896:
897: # -------------------------------------------- Read plain texts for permissions
898: {
899: my $config=Apache::File->new("$perlvar{'lonTabDir'}/rolesplain.tab");
900:
901: while (my $configline=<$config>) {
902: chomp($configline);
903: my ($short,$plain)=split(/:/,$configline);
904: if ($plain ne '') { $prp{$short}=$plain; }
905: }
906: }
907:
908: # ------------------------------------------------------------- Read file types
909: {
910: my $config=Apache::File->new("$perlvar{'lonTabDir'}/filetypes.tab");
911:
912: while (my $configline=<$config>) {
913: chomp($configline);
914: my ($ending,$emb,@descr)=split(/\s+/,$configline);
915: if ($descr[0] ne '') {
916: $fe{$ending}=$emb;
917: $fd{$ending}=join(' ',@descr);
918: }
919: }
920: }
921:
922:
923: $readit='done';
924: &logthis('<font color=yellow>INFO: Read configuration</font>');
925: }
926: }
927: 1;
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/back.gif){kind=icon}
Return to lonnet.pm CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [LON-CAPA] / loncom / lonnet / perl