--- loncom/auth/lonroles.pm 2021/06/12 23:14:56 1.350 +++ loncom/auth/lonroles.pm 2021/10/26 14:25:09 1.352 @@ -1,7 +1,7 @@ # The LearningOnline Network with CAPA # User Roles Screen # -# $Id: lonroles.pm,v 1.350 2021/06/12 23:14:56 raeburn Exp $ +# $Id: lonroles.pm,v 1.352 2021/10/26 14:25:09 raeburn Exp $ # # Copyright Michigan State University Board of Trustees # @@ -266,6 +266,43 @@ sub handler { $update = $then; } + my $norolelist; + if (($env{'request.course.id'}) && ($env{'request.deeplink.login'})) { + my $cnum = $env{'course.'.$env{'request.course.id'}.'.num'}; + my $cdom = $env{'course.'.$env{'request.course.id'}.'.domain'}; + my $crstype = $env{'course.'.$env{'request.course.id'}.'.type'}; + my $deeplink_symb = &Apache::loncommon::deeplink_login_symb($cnum,$cdom); + if ($deeplink_symb) { + my ($menucoll,$deeplinkmenu,$menuref) = &Apache::loncommon::menucoll_in_effect(); + if (ref($menuref) eq 'HASH') { + unless (($menuref->{'role'}) || ($env{'request.role.adv'})) { + foreach my $envkey (keys(%env)) { + next unless ($envkey =~ /^form\./); + if ($envkey =~ m{\./($match_domain)/($match_courseid)(?:/(\w+)|$)}) { + unless (($1 eq $cdom) && ($2 eq $cnum)) { + delete($env{$envkey}); + } + } + } + if ($env{'form.selectrole'}) { + if ($env{'form.switchrole'} =~ m{\./($match_domain)/($match_courseid)(?:/(\w+)|$)}) { + unless (($1 eq $cdom) && ($2 eq $cnum)) { + delete($env{'form.selectrole'}); + delete($env{'form.switchrole'}); + } + } elsif ($env{'form.newrole'} =~ m{\./($match_domain)/($match_courseid)(?:/(\w+)|$)}) { + unless (($1 eq $cdom) && ($2 eq $cnum)) { + delete($env{'form.selectrole'}); + delete($env{'form.newrole'}); + } + } + } + $norolelist = 1; + } + } + } + } + $registered_cleanup=0; @{$rosterupdates}=(); &Apache::loncommon::get_unprocessed_cgi($ENV{'QUERY_STRING'}); @@ -902,23 +939,44 @@ ENDCLOSE } } # Are we allowed to look at the first resource? - my $access; - if ($furl =~ m{^(/adm/wrapper|)/ext/}) { - # If it's an external resource, - # strip off the symb argument and possible query - my ($exturl,$symb) = ($furl =~ m{^(.+)(?:\?|\&)symb=(.+)$}); - # Unencode $symb - $symb = &unescape($symb); - # Then check for permission - $access = &Apache::lonnet::allowed('bre',$exturl,$symb); - # For other resources just check for permission + # + # $furl returned by lonuserstate::readmap() has format: + # $url?symb=escaped($symb). If the resource has the + # encrypturl parameter in effect, the entire string + # $url?symb=escaped($symb) is encrypted as a string + # beginning /enc/. + # + my ($access,$unencfurl,$unencsymb); + if ($furl =~ m{^(.+)(?:\?|\&)symb=([^&]+)(?:$|&)}) { + my ($poss_url,$poss_symb) = ($1,$2); + $unencsymb = &unescape($poss_symb); + $unencfurl = $poss_url; + } elsif ($furl =~ m{^/enc/}) { + my $unenc = &Apache::lonenc::unencrypted($furl); + if ($unenc =~ m{^(.+)(?:\?|\&)symb=([^&]+)(?:$|&)}) { + ($unencfurl,$unencsymb) = ($1,$2); + $unencsymb = &unescape($unencsymb); + } else { + $unencfurl = $unenc; + } + } else { + $unencfurl = $furl; + } + if ($unencsymb) { + my $symb = &Apache::lonnet::symbclean($unencsymb); + if (($symb ne '') && (&Apache::lonnet::symbverify($symb,$unencfurl))) { + $access = &Apache::lonnet::allowed('bre',$unencfurl,$symb); + } else { + $access = &Apache::lonnet::allowed('bre',$unencfurl); + } } else { - $access = &Apache::lonnet::allowed('bre',$furl); + $access = &Apache::lonnet::allowed('bre',$unencfurl); } - if ((!$access) || ($access eq 'D')) { + if ((!$access) || ($access eq 'B') || ($access eq 'D')) { $furl = &Apache::lonpageflip::first_accessible_resource(); - } elsif ($access eq 'B') { - $furl = '/adm/navmaps?showOnlyHomework=1'; + if ($furl eq '') { + $furl = '/adm/navmaps?showOnlyHomework=1'; + } } if ($env{'request.lti.login'}) { undef($msg); @@ -1219,6 +1277,26 @@ ENDHEADER } } + if ($norolelist) { + if ($env{'request.role'}) { + my ($roletext,$role_text_end) = &display_curr_role($env{'request.role'}); + if ($roletext) { + $r->print(&Apache::loncommon::start_data_table('LC_textsize_mobile'). + &Apache::loncommon::start_data_table_row(). + $roletext. + &Apache::loncommon::end_data_table_row()); + if ($role_text_end) { + $r->print(&Apache::loncommon::continue_data_table_row(). + $role_text_end. + &Apache::loncommon::end_data_table_row()); + } + $r->print(&Apache::loncommon::end_data_table()); + } + } + $r->print(&Apache::loncommon::end_page()); + return OK; + } + # No active roles if ($countactive==0) { my $elapsed = 0; @@ -2252,6 +2330,38 @@ sub display_cc_role { } } return ($roletext,$roletext_end); +} + +sub display_curr_role { + my ($currentrole) = @_; + my ($roletext,$roletext_end); + my $advanced = $env{'user.adv'}; + my $tryagain = $env{'form.tryagain'}; + my ($role,$rest) = split(m{\./},$currentrole,2); + unless (!defined($role) || $role eq '') { + if ($rest =~ m{^($match_domain)/($match_courseid)(?:/(\w+)|$)}) { + my $cdom = $1; + my $cnum = $2; + my $csec = $3; + my $cid = $cdom.'_'.$cnum; + my $ttype = $env{'course.'.$cid.'.type'}; + my $skipcal = 1; + my $tbg='LC_roles_is'; + my $twhere = $env{'course.'.$cid.'.description'}. + ' '. + &Apache::loncommon::syllabuswrapper(&mt('Syllabus'),$cnum,$cdom). + ''; + my $trole = &Apache::lonnet::plaintext($role,$ttype,$cid); + if ($csec) { + $twhere.= '  '.&mt('Section').': '.$csec; + } + if ($role ne 'st') { + $twhere.= '  '.&mt('Domain').': '.$cdom; + } + ($roletext,$roletext_end) = &build_roletext($currentrole,$cdom,$cnum,'is',$tryagain,$advanced,'',$tbg,$trole,$twhere,'','','',1,'','','',$skipcal); + } + } + return ($roletext,$roletext_end); } sub adhoc_roles_row {