File:
[LON-CAPA] /
loncom /
publisher /
lonrights.pm
Revision
1.24:
download - view:
text,
annotated -
select for diffs
Fri Jul 13 18:35:28 2007 UTC (17 years, 1 month ago) by
albertel
Branches:
MAIN
CVS tags:
version_2_8_X,
version_2_8_2,
version_2_8_1,
version_2_8_0,
version_2_7_X,
version_2_7_99_1,
version_2_7_99_0,
version_2_7_1,
version_2_7_0,
version_2_6_X,
version_2_6_99_1,
version_2_6_99_0,
version_2_6_3,
version_2_6_2,
version_2_6_1,
version_2_6_0,
version_2_5_X,
version_2_5_99_1,
version_2_5_99_0,
version_2_5_2,
version_2_5_1,
version_2_5_0,
version_2_4_99_0,
HEAD,
GCI_1,
BZ5434-fox
- BUG#5307, can allow deny users with _ in their username
1: # The LearningOnline Network with CAPA
2: # Handler to show and edit custom distribution rights
3: #
4: # $Id: lonrights.pm,v 1.24 2007/07/13 18:35:28 albertel Exp $
5: #
6: # Copyright Michigan State University Board of Trustees
7: #
8: # This file is part of the LearningOnline Network with CAPA (LON-CAPA).
9: #
10: # LON-CAPA is free software; you can redistribute it and/or modify
11: # it under the terms of the GNU General Public License as published by
12: # the Free Software Foundation; either version 2 of the License, or
13: # (at your option) any later version.
14: #
15: # LON-CAPA is distributed in the hope that it will be useful,
16: # but WITHOUT ANY WARRANTY; without even the implied warranty of
17: # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18: # GNU General Public License for more details.
19: #
20: # You should have received a copy of the GNU General Public License
21: # along with LON-CAPA; if not, write to the Free Software
22: # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
23: #
24: # /home/httpd/html/adm/gpl.txt
25: #
26: # http://www.lon-capa.org/
27: #
28: #
29: ###
30:
31: package Apache::lonrights;
32:
33: use strict;
34: use Apache::Constants qw(:common :http);
35: use Apache::lonnet;
36: use Apache::loncommon();
37: use HTML::LCParser;
38: use Apache::File;
39: use Apache::lonlocal;
40:
41: sub handler {
42:
43: my $r=shift;
44: my $target = $env{'form.grade_target'};
45: if ($target eq 'meta') {
46: &Apache::loncommon::content_type($r,'text/html');
47: $r->send_http_header;
48: $env{'request.uri'}=$r->uri;
49: my $file = &Apache::lonnet::filelocation("",$r->uri);
50: my $content=&Apache::lonnet::getfile($file);
51: my $result=&Apache::lonxml::xmlparse(undef,'meta',$content);
52: $r->print($result);
53: return OK;
54: }
55: &Apache::loncommon::content_type($r,'text/html');
56: $r->send_http_header;
57:
58: my $js = &Apache::loncommon::coursebrowser_javascript().
59: &Apache::loncommon::studentbrowser_javascript();
60: $r->print(&Apache::loncommon::start_page('Custom Distribution Rights',$js));
61: $r->rflush();
62:
63: my $uri=$r->uri;
64: my $fn=&Apache::lonnet::filelocation('',$uri);
65: my $contents='';
66: my $constructmode=($uri=~/^\/\~/);
67:
68: # ============================================================ Modify and store
69: if ($constructmode && $env{'form.store'}) {
70:
71: my @newrules;
72:
73: # read rules from form
74: foreach my $key (keys(%env)) {
75: next if ($key!~/^form\.effect\_(\d+)$/);
76: my $number=$1;
77: my %rulehash;
78: foreach my $action ('effect','type','domain','course','section','role') {
79: $rulehash{$action}=$env{'form.'.$action.'_'.$number};
80: }
81: if ($rulehash{'type'} !~ /^(user|course)$/) {
82: $rulehash{'type'} = 'course';
83: }
84: if ($rulehash{'type'} eq 'user') {
85: $rulehash{'section'}='';
86: $rulehash{'role'}='';
87: }
88: if ($rulehash{'role'} eq 'au') {
89: $rulehash{'course'}='';
90: $rulehash{'section'}='';
91: }
92: if ($rulehash{'role'} eq 'cc') {
93: $rulehash{'section'}='';
94: }
95: unless (($rulehash{'effect'} eq 'deny') ||
96: ($rulehash{'effect'} eq 'allow')) {
97: $rulehash{'effect'}='deny';
98: }
99: $rulehash{'domain'} =
100: &LONCAPA::clean_domain($rulehash{'domain'});
101: if ($rulehash{'type'} eq 'course') {
102: $rulehash{'course'} =
103: &LONCAPA::clean_courseid($rulehash{'course'});
104: } else {
105: $rulehash{'course'} =
106: &LONCAPA::clean_username($rulehash{'course'});
107: }
108: $rulehash{'section'}=~s/\W//g;
109: if (!$rulehash{'domain'}) {
110: $rulehash{'domain'}=$env{'user.domain'};
111: }
112: my $realm='';
113: my $separator = ($rulehash{'type'} eq 'course') ? '_' : '/';
114: if ($number) {
115: $realm=$rulehash{'domain'};
116: if ($rulehash{'course'}) {
117: $realm.=$separator.$rulehash{'course'};
118: }
119: if ($rulehash{'section'}) {
120: $realm.=$separator.$rulehash{'section'};
121: }
122: }
123: $newrules[$number]=$rulehash{'effect'}.':'.
124: $realm.':'.$rulehash{'role'}.':'.$rulehash{'type'};
125: }
126: # edit actions?
127: foreach my $key (keys(%env)) {
128: next if ($key!~/^form\.action\_(\d+)$/);
129: my $number=$1;
130: if ($env{$key} eq 'delete') { splice(@newrules,$number,1); }
131: if (($env{$key} eq 'moveup') && ($number>1)) {
132: @newrules[$number-1,$number] = @newrules[$number,$number-1];
133: }
134: if (($env{$key} eq 'movedown') && ($number<$#newrules)) {
135: @newrules[$number+1,$number] = @newrules[$number,$number+1];
136: }
137: if ($env{$key} eq 'insertabove') {
138: splice(@newrules,$number,0,'deny');
139: }
140: if ($env{$key} eq 'insertbelow') {
141: splice(@newrules,$number+1,0,'deny');
142: }
143: }
144:
145: # store file
146: my $fh=Apache::File->new('>'.$fn);
147: foreach (my $i=0;$i<=$#newrules;$i++) {
148: if ($newrules[$i]) {
149: my ($effect,$realm,$role,$type)=split(/\:/,$newrules[$i]);
150: print $fh
151: "<accessrule effect='$effect' realm='$realm' role='$role' type='$type' />\n";
152: }
153: }
154: $fh->close;
155: }
156: # ============================================================ Read and display
157: unless ($constructmode) {
158: # =========================================== This is not in construction space
159: $contents=&Apache::lonnet::getfile($fn);
160: if ($contents==-1) { $contents=''; }
161: } else {
162: # =============================================== This is in construction space
163: if (-e $fn) {
164: my $fh=Apache::File->new($fn);
165: $contents=join('',<$fh>);
166: $fh->close();
167: }
168: $r->print('<form name="rules" method="post">');
169: }
170: unless ($contents=~/\<accessrule/s) {
171: $contents='<accessrule effect="deny" />';
172: }
173: my $parser=HTML::LCParser->new(\$contents);
174: my $token;
175: my $rulecounter=0;
176: my $colzero=&mt($constructmode?'Edit action':'Rule');
177: my %lt=&Apache::lonlocal::texthash('ef' => 'Effect',
178: 'do' => 'Domain',
179: 'co' => 'Course / User',
180: 'se' => 'Section',
181: 'ro' => 'Role');
182: # ---------------------------------------------------------- Start table output
183: $r->print(&Apache::loncommon::start_data_table().
184: &Apache::loncommon::start_data_table_header_row().
185: "<th>$colzero</th><th>$lt{'ef'}</th><th>Type</th><th>$lt{'do'}</th>".
186: "<th>$lt{'co'}</th><th>$lt{'se'}</th><th>$lt{'ro'}</th>".
187: &Apache::loncommon::end_data_table_header_row());
188: # --------------------------------------------------------------------- Default
189: # Fast forward to first rule
190: $token=$parser->get_token;
191: while ($token->[1] ne 'accessrule') { $token=$parser->get_token; }
192: # print default
193: $r->print(&Apache::loncommon::start_data_table_row().'<td align="right">');
194: if ($constructmode) {
195: $r->print(&Apache::loncommon::select_form('','action_0',
196: ('' => '',
197: 'insertbelow' => 'Insert rule below ')));
198:
199: } else {
200: $r->print(' ');
201: }
202: $r->print('</td><td>');
203: if ($constructmode) {
204: $r->print(&Apache::loncommon::select_form
205: ($token->[2]->{'effect'},'effect_0',
206: ('allow' => 'allow',
207: 'deny' => 'deny')));
208: } else {
209: $r->print($token->[2]->{'effect'});
210: }
211: $r->print('</td><td colspan="5">'.&mt('Default'));
212: if (($token->[2]->{'realm'}) || ($token->[2]->{'role'})) {
213: $r->print(' - <span class="LC_error">'.&mt('Error! No default set.').
214: '</span>');
215: }
216: $r->print('</td>'.&Apache::loncommon::end_data_table_row());
217: # Additional roles
218: while ($token=$parser->get_token) {
219: if (($token->[0] eq 'S') && ($token->[1] eq 'accessrule')) {
220: $rulecounter++;
221: $r->print(&Apache::loncommon::start_data_table_row().
222: '<td align="right" rowspan="2">');
223: # insert, delete, etc
224: $r->print('<span class="LC_nobreak">'.$rulecounter.'. ');
225: if ($constructmode) {
226: $r->print(&Apache::loncommon::select_form(
227: '','action_'.$rulecounter,
228: ('' => '',
229: 'delete' => 'Delete this rule',
230: 'insertabove' => 'Insert rule above',
231: 'insertbelow' => 'Insert rule below ',
232: 'moveup' => 'Move rule up',
233: 'movedown' => 'Move rule down')));
234: }
235: $r->print('</span></td>'.
236: '<td rowspan="2">');
237: # effect
238: if ($constructmode) {
239: $r->print(&Apache::loncommon::select_form
240: ($token->[2]->{'effect'},
241: 'effect_'.$rulecounter,
242: ('allow' => 'allow',
243: 'deny' => 'deny')));
244: } else {
245: $r->print($token->[2]->{'effect'});
246: }
247:
248: # type
249: $r->print('</td><td rowspan="2">');
250: my $type = ($token->[2]{'type'} || 'course');
251: if ($constructmode) {
252: $r->print(&Apache::loncommon::select_form($type,
253: 'type_'.$rulecounter,
254: ('course' => 'Course',
255: 'user' => 'User')));
256: } else {
257: $r->print($type);
258: }
259:
260: # ---- realm
261: my $realm=$token->[2]->{'realm'};
262: my ($rdom,$rcourse,$rsec);
263: if ($type eq 'course') {
264: ($rdom,$rcourse,$rsec) = split(m{[/_]},$realm,3);
265: $rcourse = &LONCAPA::clean_courseid($rcourse);
266: } else {
267: ($rdom,$rcourse,$rsec) = split(m{/},$realm,3);
268: $rcourse = &LONCAPA::clean_username($rcourse);
269: }
270: $r->print('</td><td>');
271: # realm domain
272: if ($constructmode) {
273: unless ($rdom) { $rdom=$env{'user.domain'}; }
274: $r->print(&Apache::loncommon::select_dom_form($rdom,
275: 'domain_'.$rulecounter));
276: } else {
277: $r->print($rdom);
278: }
279: $r->print('</td><td>');
280: # realm course
281: if ($constructmode) {
282: $r->print('<input type="text" size="25" name="course_'.
283: $rulecounter.'" value="'.$rcourse.'" />');
284: } else {
285: $r->print($rcourse);
286: }
287:
288: $r->print('</td><td rowspan="2">');
289: # realm section
290: if ($type eq 'course') {
291: if ($constructmode) {
292: $r->print('<input type="text" size="5" name="section_'.
293: $rulecounter.'" value="'.$rsec.'" />');
294: } else {
295: $r->print($rsec);
296: }
297: }
298:
299: $r->print('</td><td rowspan="2">');
300: # role
301: if ($type eq 'course') {
302: if ($constructmode) {
303: my %hash=('' => '');
304: foreach ('au','cc','in','ta','st') {
305: $hash{$_}=&Apache::lonnet::plaintext($_);
306: }
307: my $role=$token->[2]->{'role'};
308: unless ($role) { $role=''; }
309: $r->print(&Apache::loncommon::select_form(
310: $role,'role_'.$rulecounter,%hash));
311: } else {
312: $r->print(&Apache::lonnet::plaintext($token->[2]->{'role'}));
313: }
314: }
315: # course selection link
316: $r->print('</td>'.
317: &Apache::loncommon::end_data_table_row().
318: &Apache::loncommon::continue_data_table_row().
319: '<td colspan="2" align="right">');
320: if ($type eq 'course') {
321: if ($rcourse) {
322: my %descript=
323: &Apache::lonnet::coursedescription($rdom.'_'.$rcourse,
324: {'one_time' => 1});
325: $r->print($descript{'description'}.' ');
326: }
327: if ($constructmode) {
328: $r->print(&Apache::loncommon::selectcourse_link('rules',
329: 'course_'.$rulecounter,'domain_'.$rulecounter));
330: }
331: } else {
332: if ($rcourse) {
333: my $name = &Apache::loncommon::plainname($rcourse,$rdom);
334: $r->print($name.' ');
335: }
336: if ($constructmode) {
337: $r->print(&Apache::loncommon::selectstudent_link('rules','course_'.$rulecounter,'domain_'.$rulecounter));
338: }
339: }
340: # close row
341: $r->print('</td>'.&Apache::loncommon::end_data_table_row());
342: }
343: }
344: $r->print(&Apache::loncommon::end_data_table());
345: # ------------------------------------------------------------ End table output
346: if ($constructmode) {
347: $r->print('<input type="submit" name="store" value="'.&mt('Save').'" /></form>');
348: }
349: $r->print(&Apache::loncommon::end_page());
350: return OK;
351: }
352:
353:
354: 1;
355: __END__
356:
357:
358:
359:
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>