--- loncom/auth/lonroles.pm 2006/08/31 13:25:18 1.164 +++ loncom/auth/lonroles.pm 2008/03/12 02:47:34 1.186 @@ -1,7 +1,7 @@ # The LearningOnline Network with CAPA # User Roles Screen # -# $Id: lonroles.pm,v 1.164 2006/08/31 13:25:18 albertel Exp $ +# $Id: lonroles.pm,v 1.186 2008/03/12 02:47:34 raeburn Exp $ # # Copyright Michigan State University Board of Trustees # @@ -40,8 +40,9 @@ use Apache::lonhtmlcommon; use Apache::lonannounce; use Apache::lonlocal; use Apache::lonpageflip(); +use Apache::lonnavdisplay(); use GDBM_File; -use LONCAPA; +use LONCAPA qw(:DEFAULT :match); sub redirect_user { @@ -53,8 +54,8 @@ sub redirect_user { my $swinfo=&Apache::lonmenu::rawconfig(); my $navwindow; if ($launch_nav eq 'on') { - $navwindow.=&Apache::lonnavmaps::launch_win('now',undef,undef, - ($url =~ m-^/adm/whatsnew-)); + $navwindow.=&Apache::lonnavdisplay::launch_win('now',undef,undef, + ($url =~ m-^/adm/whatsnew-)); } else { $navwindow.=&Apache::lonnavmaps::close(); } @@ -109,25 +110,54 @@ sub handler { $env{'form.'.$env{'form.newrole'}}=1; } if ($env{'request.course.id'}) { + # Check if user is CC trying to select a course role + if ($env{'form.switchrole'}) { + if (!defined($env{'user.role.'.$env{'form.switchrole'}})) { + &adhoc_course_role($then); + } + } my %temp=('logout_'.$env{'request.course.id'} => time); &Apache::lonnet::put('email_status',\%temp); &Apache::lonnet::delenv('user.state.'.$env{'request.course.id'}); } - &Apache::lonnet::appenv("request.course.id" => '', - "request.course.fn" => '', - "request.course.uri" => '', - "request.course.sec" => '', - "request.role" => 'cm', - "request.role.adv" => $env{'user.adv'}, - "request.role.domain" => $env{'user.domain'}); - -# Check if user is a DC trying to enter a course and needs privs to be created + &Apache::lonnet::appenv({"request.course.id" => '', + "request.course.fn" => '', + "request.course.uri" => '', + "request.course.sec" => '', + "request.role" => 'cm', + "request.role.adv" => $env{'user.adv'}, + "request.role.domain" => $env{'user.domain'}}); +# Check if user is a DC trying to enter a course or author space and needs privs to be created if ($numdc > 0) { foreach my $envkey (keys %env) { +# Is this an ad-hoc CC-role? if (my ($domain,$coursenum) = - ($envkey =~ m-^form\.cc\./(\w+)/(\w+)$-)) { + ($envkey =~ m-^form\.cc\./($match_domain)/($match_courseid)$-)) { + if ($dcroles{$domain}) { + &check_privs($domain,$coursenum,$then,$now,'cc'); + } + last; + } +# Is this a recent ad-hoc CA-role? + if (my ($domain,$user) = + ($envkey =~ m-^form\.ca\./($match_domain)/($match_username)$-)) { + if (($dcroles{$domain}) && (&is_author_homeserver($user,$domain))) { + &check_privs($domain,$user,$then,$now,'ca'); + } else { + delete($env{$envkey}); + } + last; + } +# Is this a new ad-hoc CA-role? + if (my ($domain) = + ($envkey =~ m-^form\.adhocca\./($match_domain)$-)) { if ($dcroles{$domain}) { - &check_privs($domain,$coursenum,$then,$now); + my $user=$env{'form.adhoccauname.'.$domain}; + if (!$user) { $user=$env{'form.adhoccaunamerecent.'.$domain} }; + if (($user) && ($user=~/$match_username/) && (&is_author_homeserver($user,$domain))) { + &check_privs($domain,$user,$then,$now,'ca'); + $env{'form.ca./'.$domain.'/'.$user}=1; + } } last; } @@ -164,7 +194,7 @@ sub handler { my $authnum=$cnum; if ($env{'course.'.$cdom.'_'.$cnum.'.keyauth'}) { ($authnum,$authdom)= - split(/\W/,$env{'course.'.$cdom.'_'.$cnum.'.keyauth'}); + split(/:/,$env{'course.'.$cdom.'_'.$cnum.'.keyauth'}); } # check with key authority unless (&Apache::lonnet::validate_access_key( @@ -200,7 +230,7 @@ sub handler { } $r->print(< +
@@ -223,7 +253,7 @@ ENDENTEREDKEY my $end_page=&Apache::loncommon::end_page(); $r->print(< + @@ -244,10 +274,10 @@ ENDENTERKEY "Role ".$trolecode); &Apache::lonnet::appenv( - 'request.role' => $trolecode, - 'request.role.domain' => $cdom, - 'request.course.sec' => $csec, - 'request.course.groups' => $cgrps); + {'request.role' => $trolecode, + 'request.role.domain' => $cdom, + 'request.course.sec' => $csec, + 'request.course.groups' => $cgrps}); my $tadv=0; if (($cnum) && ($role ne 'ca') && ($role ne 'aa')) { @@ -258,7 +288,7 @@ ENDENTERKEY ($env{'form.orgurl'}!~/^\/adm\/flip/)) { my $dest=$env{'form.orgurl'}; if (&Apache::lonnet::allowed('adv') eq 'F') { $tadv=1; } - &Apache::lonnet::appenv('request.role.adv'=>$tadv); + &Apache::lonnet::appenv({'request.role.adv'=>$tadv}); if (($ferr) && ($tadv)) { &error_page($r,$ferr,$dest); } else { @@ -268,7 +298,7 @@ ENDENTERKEY } else { if (!$env{'request.course.id'}) { &Apache::lonnet::appenv( - "request.course.id" => $cdom.'_'.$cnum); + {"request.course.id" => $cdom.'_'.$cnum}); $furl='/adm/roles?tryagain=1'; $msg= '

'. @@ -277,7 +307,7 @@ ENDENTERKEY '

'.&mt('Please try again.').'

'.$ferr; } if (&Apache::lonnet::allowed('adv') eq 'F') { $tadv=1; } - &Apache::lonnet::appenv('request.role.adv'=>$tadv); + &Apache::lonnet::appenv({'request.role.adv'=>$tadv}); if (($ferr) && ($tadv)) { &error_page($r,$ferr,$furl); @@ -294,6 +324,14 @@ ENDENTERKEY $furl = "/adm/helper/course.initialization.helper"; # Send the user to the course they selected } elsif ($env{'request.course.id'}) { + if ($env{'form.destinationurl'}) { + my $dest = $env{'form.destinationurl'}; + &redirect_user($r,&mt('Entering [_1]', + $env{'course.'.$courseid.'.description'}), + $dest,$msg, + $env{'environment.remotenavmap'}); + return OK; + } if (&Apache::lonnet::allowed('whn', $env{'request.course.id'}) || &Apache::lonnet::allowed('whn', @@ -312,7 +350,7 @@ ENDENTERKEY } } # Are we allowed to look at the first resource? - if (!&Apache::lonnet::allowed('bre',$furl)) { + if ($furl !~ m|^/adm/|) { # Guess not ... $furl=&Apache::lonpageflip::first_accessible_resource(); } @@ -364,11 +402,15 @@ ENDENTERKEY my $start_page=&Apache::loncommon::start_page('User Roles'); my $standby=&mt('Role selected. Please stand by.'); $standby=~s/\n/\\n/g; + my $noscript=''.&mt('Use of LON-CAPA requires Javascript to be enabled in your web browser.').'
'.&mt('As this is not the case, most functionality in the system will be unavailable.').'
'; $r->print(< -'); + $r->print(''); $r->print(&Apache::loncommon::end_page()); return OK; } # More than one possible role # ----------------------------------------------------------------------- Table - unless (($advanced) || ($nochoose)) { - $r->print("

".&mt('Select a Course/Group to Enter')."

\n"); + unless ((!&Apache::lonmenu::show_course()) || ($nochoose)) { + $r->print("

".&mt('Select a Course to Enter')."

\n"); } - $r->print('
'); + $r->print('
'); unless ($nochoose) { $r->print(''); } $r->print(''."\n"); my $doheaders=-1; - foreach my $type ('Domain','Construction Space','Course','Group','Unavailable','System') { + foreach my $type ('Domain','Construction Space','Course','Unavailable','System') { my $haverole=0; foreach my $which (sort {uc($a) cmp uc($b)} (keys(%sortrole))) { if ($roleclass{$sortrole{$which}} =~ /^\Q$type\E/) { @@ -662,8 +704,10 @@ ENDHEADER foreach (sort(keys(%recent_roles))) { if (defined($roletext{'user.role.'.$_})) { $output.=$roletext{'user.role.'.$_}; - if ($_ =~ m-dc\./(\w+)/- && $dcroles{$1}) { - $output .= &allcourses_row($1,'recent'); + if ($_ =~ m-dc\./($match_domain)/- + && $dcroles{$1}) { + $output .= &allcourses_row($1,'recent'). + &allcoauthors_row($1,'recent'); } } elsif ($numdc > 0) { unless ($_ =~/^error\:/) { @@ -684,14 +728,15 @@ ENDHEADER $r->print(&coursepick_jscript()); $r->print(&Apache::loncommon::coursebrowser_javascript()); } - foreach my $type ('Construction Space','Domain','Course','Group','Unavailable','System') { + foreach my $type ('Construction Space','Domain','Course','Unavailable','System') { my $output; foreach my $which (sort {uc($a) cmp uc($b)} (keys(%sortrole))) { if ($roleclass{$sortrole{$which}} =~ /^\Q$type\E/) { $output.=$roletext{$sortrole{$which}}; - if ($sortrole{$which} =~ m-dc\./(\w+)/-) { + if ($sortrole{$which} =~ m-dc\./($match_domain)/-) { if ($dcroles{$1}) { - $output .= &allcourses_row($1,''); + $output .= &allcourses_row($1,''). + &allcoauthors_row($1,''); } } } @@ -721,8 +766,8 @@ ENDHEADER $r->print(''); } } - $r->print(''."\n"); $r->print('
 '.&mt('User Role').''.&mt('Extent'). ''.&mt('Start').''.&mt('End').'
 '.&mt('No role specified'). - ''.$tremark. + $r->print(''.&mt('No role specified'). + ''.$tremark. ' 
'); @@ -732,57 +777,7 @@ ENDHEADER # ------------------------------------------------------------ Privileges Info if (($advanced) && (($env{'user.error.msg'}) || ($error))) { $r->print('

Current Privileges

'); - - foreach $envkey (sort keys %env) { - if ($envkey=~/^user\.priv\.$env{'request.role'}\./) { - my $where=$envkey; - $where=~s/^user\.priv\.$env{'request.role'}\.//; - my $ttype; - my $twhere; - my ($tdom,$trest,$tsec)= - split(/\//,Apache::lonnet::declutter($where)); - if ($trest) { - if ($env{'course.'.$tdom.'_'.$trest.'.description'} eq 'ca') { - $ttype='Construction Space'; - $twhere='User: '.$trest.', Domain: '.$tdom; - } else { - $ttype= - &Apache::loncommon::course_type($tdom.'_'.$trest); - $twhere=$env{'course.'.$tdom.'_'.$trest.'.description'}; - if ($tsec) { - $twhere.=' (Section: '.$tsec.')'; - } - } - } elsif ($tdom) { - $ttype='Domain'; - $twhere=$tdom; - } else { - $ttype='System'; - $twhere='/'; - } - $r->print("\n

".$ttype.': '.$twhere.'

    '); - foreach (sort split(/:/,$env{$envkey})) { - if ($_) { - my ($prv,$restr)=split(/\&/,$_); - my $trestr=''; - if ($restr ne 'F') { - my $i; - $trestr.=' ('; - for ($i=0;$iprint('
  • '. - Apache::lonnet::plaintext($prv).$trestr. - '
    • '); - } - } - $r->print('
'); - } - } + $r->print(&privileges_info()); } $r->print(&Apache::lonnet::getannounce()); if ($advanced) { @@ -794,6 +789,61 @@ ENDHEADER return OK; } +sub privileges_info { + my ($which) = @_; + my $output; + + $which ||= $env{'request.role'}; + + foreach my $envkey (sort(keys(%env))) { + next if ($envkey!~/^user\.priv\.\Q$which\E\.(.*)/); + + my $where=$1; + my $ttype; + my $twhere; + my (undef,$tdom,$trest,$tsec)=split(m{/},$where); + if ($trest) { + if ($env{'course.'.$tdom.'_'.$trest.'.description'} eq 'ca') { + $ttype='Construction Space'; + $twhere='User: '.$trest.', Domain: '.$tdom; + } else { + $ttype= &Apache::loncommon::course_type($tdom.'_'.$trest); + $twhere=$env{'course.'.$tdom.'_'.$trest.'.description'}; + if ($tsec) { + my $sec_type = 'Section'; + if (exists($env{"user.role.gr.$where"})) { + $sec_type = 'Group'; + } + $twhere.=' ('.$sec_type.': '.$tsec.')'; + } + } + } elsif ($tdom) { + $ttype='Domain'; + $twhere=$tdom; + } else { + $ttype='System'; + $twhere='/'; + } + $output .= "\n

".$ttype.': '.$twhere.'

'."\n
    "; + foreach my $priv (sort(split(/:/,$env{$envkey}))) { + next if (!$priv); + + my ($prv,$restr)=split(/\&/,$priv); + my $trestr=''; + if ($restr ne 'F') { + $trestr.=' ('. + join(', ', + map { &Apache::lonnet::plaintext($_) } + (split('',$restr))).') '; + } + $output .= "\n\t". + '
  • '.&Apache::lonnet::plaintext($prv).$trestr.'
    • '; + } + $output .= "\n".'
'; + } + return $output; +} + sub role_status { my ($rolekey,$then,$now,$role,$where,$trolecode,$tstatus,$tstart,$tend) = @_; my @pwhere = (); @@ -821,7 +871,7 @@ sub role_status { sub build_roletext { my ($trolecode,$tdom,$trest,$tstatus,$tryagain,$advanced,$tremark,$tbg,$tfont,$trole,$twhere,$tpstart,$tpend,$nochoose,$button,$switchserver) = @_; - my $roletext=''; + my $roletext=''; my $is_dc=($trolecode =~ m/^dc\./); my $rowspan=($is_dc) ? '' : ' rowspan="2" '; @@ -831,8 +881,8 @@ sub build_roletext { $buttonname=~s/\W//g; if (!$button) { if ($switchserver) { - $roletext.=''.&mt('Switch Server').''; + $roletext.=''.&mt('Switch Server').''; } else { $roletext.=(' '); } @@ -854,32 +904,47 @@ sub build_roletext { $roletext.=' '; } } - $tremark.=&Apache::lonannounce::showday(time,1, - &Apache::lonannounce::readcalendar($tdom.'_'.$trest)); - + if ($trolecode !~ m/^(dc|ca|au|aa)\./) { + $tremark.=&Apache::lonannounce::showday(time,1, + &Apache::lonannounce::readcalendar($tdom.'_'.$trest)); + } $roletext.=''.$trole. ''.$twhere. ''.$tpstart. ''.$tpend. ''; if (!$is_dc) { - $roletext.=''.$tremark. - ' '."\n"; + $roletext.=''.$tremark. + ' '."\n"; } return $roletext; } +sub is_author_homeserver { + my ($uname,$udom)=@_; + my $home = &Apache::lonnet::homeserver($uname,$udom); + my @ids=&Apache::lonnet::current_machine_ids(); + foreach my $id (@ids) { + if ($id eq $home) { + if (-e "/home/".$uname."/public_html") { + return 1; + } + } + } + return 0; +} + sub check_privs { - my ($cdom,$cnum,$then,$now) = @_; - my $cckey = 'user.role.cc./'.$cdom.'/'.$cnum; + my ($cdom,$cnum,$then,$now,$checkrole) = @_; + my $cckey = 'user.role.'.$checkrole.'./'.$cdom.'/'.$cnum; if ($env{$cckey}) { my ($role,$where,$trolecode,$tstart,$tend,$tremark,$tstatus,$tpstart,$tpend,$tfont); &role_status($cckey,$then,$now,\$role,\$where,\$trolecode,\$tstatus,\$tstart,\$tend); unless (($tstatus eq 'is') || ($tstatus eq 'will_not')) { - &set_privileges($cdom,$cnum); + &set_privileges($cdom,$cnum,$checkrole); } } else { - &set_privileges($cdom,$cnum); + &set_privileges($cdom,$cnum,$checkrole); } } @@ -888,7 +953,7 @@ sub check_fordc { my $numdc = 0; if ($env{'user.adv'}) { foreach my $envkey (sort keys %env) { - if ($envkey=~/^user\.role\.dc\.\/(\w+)\/$/) { + if ($envkey=~/^user\.role\.dc\.\/($match_domain)\/$/) { my $dcdom = $1; my $livedc = 1; my ($tstart,$tend)=split(/\./,$env{$envkey}); @@ -904,12 +969,75 @@ sub check_fordc { return $numdc; } +sub adhoc_course_role { + my ($then) = @_; + my ($cdom,$cnum); + my $cdom = $env{'course.'.$env{'request.course.id'}.'.domain'}; + my $cnum = $env{'course.'.$env{'request.course.id'}.'.num'}; + if (&check_forcc($cdom,$cnum,$then)) { + my $setprivs; + if (!defined($env{'user.role.'.$env{'form.selectrole'}})) { + $setprivs = 1; + } else { + my ($start,$end) = split(/\./,$env{'user.role.'.$env{'form.selectrole'}}); + if (($start && ($start>$then || $start == -1)) || + ($end && $end<$then)) { + $setprivs = 1; + } + } + if ($setprivs) { + if ($env{'form.switchrole'} =~ m-^(in|ta|ep|ad|st|cr)([\w/]*)\./\Q$cdom\E/\Q$cnum\E(/?\w*)$-) { + my $role = $1; + my $custom_role = $2; + my $usec = $3; + if ($role eq 'cr') { + if ($custom_role =~ m-^$match_domain/$match_courseid/\w+$-) { + $role .= $custom_role; + } else { + return; + } + } + my (%userroles,%newrole,%newgroups); + my $area = '/'.$cdom.'/'.$cnum; + my $spec = $role.'.'.$area; + if ($usec ne '') { + $spec .= '/'.$usec; + $area .= '/'.$usec; + } + &Apache::lonnet::standard_roleprivs(\%newrole,$role,$cdom,$spec,$cnum,$area); + &Apache::lonnet::set_userprivs(\%userroles,\%newrole,%newgroups); + my $adhocstart = $then-1; + $userroles{'user.role.'.$spec} = $adhocstart.'.'; + &Apache::lonnet::appenv(\%userroles,[$role,'cm']); + } + } + } + return; +} + +sub check_forcc { + my ($cdom,$cnum,$then) = @_; + my $is_cc; + if ($cdom ne '' && $cnum ne '') { + if (&Apache::lonnet::is_course($cdom,$cnum)) { + my $envkey = 'user.role.cc./'.$cdom.'/'.$cnum; + if (defined($env{$envkey})) { + $is_cc = 1; + my ($tstart,$tend)=split(/\./,$env{$envkey}); + if ($tstart && $tstart>$then) { $is_cc = 0; } + if ($tend && $tend <$then) { $is_cc = 0; } + } + } + } + return $is_cc; +} + sub courselink { my ($dcdom,$rowtype,$selecttype) = @_; my $courseform=&Apache::loncommon::selectcourse_link ('rolechoice','dccourse'.$rowtype.'_'.$dcdom, 'dcdomain'.$rowtype.'_'.$dcdom,'coursedesc'.$rowtype.'_'. - $dcdom,$dcdom,undef,$selecttype); + $dcdom,$dcdom,undef); my $hiddenitems = ''. ''. ''. @@ -918,8 +1046,12 @@ sub courselink { } sub coursepick_jscript { + my %lt = &Apache::lonlocal::texthash( + plsu => "Please use the 'Select Course' link to open a separate pick course window where you may select the course you wish to enter.", + youc => 'You can only use this screen to select courses in the current domain.', + ); my $verify_script = <<"END"; - -END - return $process_pick; -} - sub display_cc_role { my $rolekey = shift; my $roletext; my $advanced = $env{'user.adv'}; my $tryagain = $env{'form.tryagain'}; unless ($rolekey =~/^error\:/) { - if ($rolekey =~ m-^user\.role.cc\./(\w+)/(\w+)$-) { + if ($rolekey =~ m-^user\.role.cc\./($match_domain)/($match_courseid)$-) { my $tcourseid = $1.'_'.$2; my $trolecode = 'cc./'.$1.'/'.$2; my $twhere; @@ -1015,14 +1121,24 @@ sub allcourses_row { my ($dcdom,$rowtype) = @_; my $output = ''. ' '; - foreach my $type ('Course','Group') { - my $selectlink = &courselink($dcdom,$rowtype,$type); - my $ccrole = &Apache::lonnet::plaintext('cc',$type); - $output.= ''.$ccrole.''. - ' '.$selectlink.''. - ' from '.&mt('Domain').' '.$dcdom.'
'; - } - $output .= ''."\n"; + my $selectlink = &courselink($dcdom,$rowtype); + my $ccrole = &Apache::lonnet::plaintext('cc'); + $output.= ''. + &mt('[_1]: [_2] from domain [_3]',$ccrole,$selectlink,$dcdom). + '
'."\n"; + return $output; +} + +sub allcoauthors_row { + my ($dcdom,$rowtype) = @_; + my $output = ''. + ' '; + my $carole = &Apache::lonnet::plaintext('ca'); + my $inputlink=''; + my $gobutton=''; + $output.= ''. + &mt('[_1]: [_2] in domain [_3] [_4]',$carole,$inputlink,$dcdom,$gobutton). + '
'."\n"; return $output; } @@ -1032,26 +1148,29 @@ sub recent_filename { } sub set_privileges { - my ($dcdom,$pickedcourse) = @_; +# role can be cc or ca + my ($dcdom,$pickedcourse,$role) = @_; my $area = '/'.$dcdom.'/'.$pickedcourse; - my $role = 'cc'; my $spec = $role.'.'.$area; - my %userroles = &Apache::lonnet::set_arearole($role,$area,'','',$dcdom,$env{'user.name'}); + my %userroles = &Apache::lonnet::set_arearole($role,$area,'','', + $env{'user.domain'}, + $env{'user.name'}); my %ccrole = (); &Apache::lonnet::standard_roleprivs(\%ccrole,$role,$dcdom,$spec,$pickedcourse,$area); my ($author,$adv)= &Apache::lonnet::set_userprivs(\%userroles,\%ccrole); - &Apache::lonnet::appenv(%userroles); + &Apache::lonnet::appenv(\%userroles,[$role,'cm']); + &Apache::lonnet::log($env{'user.domain'}, $env{'user.name'}, $env{'user.home'}, "Role ".$role); &Apache::lonnet::appenv( - 'request.role' => $spec, + {'request.role' => $spec, 'request.role.domain' => $dcdom, - 'request.course.sec' => ''); + 'request.course.sec' => ''}); my $tadv=0; if (&Apache::lonnet::allowed('adv') eq 'F') { $tadv=1; } - &Apache::lonnet::appenv('request.role.adv' => $tadv); + &Apache::lonnet::appenv({'request.role.adv' => $tadv}); } sub courseloadpage {