--- loncom/auth/lonroles.pm 2008/07/05 23:27:34 1.199
+++ loncom/auth/lonroles.pm 2008/12/15 16:37:53 1.214
@@ -1,7 +1,7 @@
# The LearningOnline Network with CAPA
# User Roles Screen
#
-# $Id: lonroles.pm,v 1.199 2008/07/05 23:27:34 raeburn Exp $
+# $Id: lonroles.pm,v 1.214 2008/12/15 16:37:53 raeburn Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -27,6 +27,103 @@
#
###
+=pod
+
+=head1 NAME
+
+Apache::lonroles - User Roles Screen
+
+=head1 SYNOPSIS
+
+Invoked by /etc/httpd/conf/srm.conf:
+
+
+ PerlAccessHandler Apache::lonacc
+ SetHandler perl-script
+ PerlHandler Apache::lonroles
+ ErrorDocument 403 /adm/login
+ ErrorDocument 500 /adm/errorhandler
+
+
+=head1 OVERVIEW
+
+=head2 Choosing Roles
+
+C is a handler that allows a user to switch roles in
+mid-session. LON-CAPA attempts to work with "No Role Specified", the
+default role that a user has before selecting a role, as widely as
+possible, but certain handlers for example need specification which
+course they should act on, etc. Both in this scenario, and when the
+handler determines via C's C<&allowed> function that a certain
+action is not allowed, C is used as error handler. This
+allows the user to select another role which may have permission to do
+what they were trying to do. C can also be accessed via the
+B button in the Remote Control.
+
+=begin latex
+
+\begin{figure}
+\begin{center}
+\includegraphics[width=0.45\paperwidth,keepaspectratio]{Sample_Roles_Screen}
+ \caption{\label{Sample_Roles_Screen}Sample Roles Screen}
+\end{center}
+\end{figure}
+
+=end latex
+
+=head2 Role Initialization
+
+The privileges for a user are established at login time and stored in the session environment. As a consequence, a new role does not become active till the next login. Handlers are able to query for privileges using C's C<&allowed> function. When a user first logs in, their role is the "common" role, which means that they have the sum of all of their privileges. During a session it might become necessary to choose a particular role, which as a consequence also limits the user to only the privileges in that particular role.
+
+=head1 INTRODUCTION
+
+This module enables a user to select what role he wishes to
+operate under (instructor, student, teaching assistant, course
+coordinator, etc). These roles are pre-established by the actions
+of upper-level users.
+
+This is part of the LearningOnline Network with CAPA project
+described at http://www.lon-capa.org.
+
+=head1 HANDLER SUBROUTINE
+
+This routine is called by Apache and mod_perl.
+
+=over 4
+
+=item *
+
+Roles Initialization (yes/no)
+
+=item *
+
+Get Error Message from Environment
+
+=item *
+
+Who is this?
+
+=item *
+
+Generate Page Output
+
+=item *
+
+Choice or no choice
+
+=item *
+
+Table
+
+=item *
+
+Privileges
+
+=back
+
+=cut
+
+
package Apache::lonroles;
use strict;
@@ -43,6 +140,7 @@ use Apache::lonpageflip();
use Apache::lonnavdisplay();
use GDBM_File;
use LONCAPA qw(:DEFAULT :match);
+use HTML::Entities;
sub redirect_user {
@@ -145,12 +243,35 @@ sub handler {
# Is this an ad-hoc CA-role?
if (my ($domain,$user) =
($envkey =~ m-^form\.ca\./($match_domain)/($match_username)$-)) {
- # Check if author blocked ca-access
+ if (($domain eq $env{'user.domain'}) && ($user eq $env{'user.name'})) {
+ delete($env{$envkey});
+ $env{'form.au./'.$domain.'/'} = 1;
+ my ($server_status,$home) = &check_author_homeserver($user,$domain);
+ if ($server_status eq 'switchserver') {
+ my $trolecode = 'au./'.$domain.'/';
+ my $switchserver = '/adm/switchserver?otherserver='.$home.'&role='.$trolecode;
+ $r->internal_redirect($switchserver);
+ }
+ last;
+ }
+ if (my ($castart,$caend) = ($env{'user.role.ca./'.$domain.'/'.$user} =~ /^(\d*)\.(\d*)$/)) {
+ if (((($castart) && ($castart < $now)) || !$castart) &&
+ ((!$caend) || (($caend) && ($caend > $now)))) {
+ my ($server_status,$home) = &check_author_homeserver($user,$domain);
+ if ($server_status eq 'switchserver') {
+ my $trolecode = 'ca./'.$domain.'/'.$user;
+ my $switchserver = '/adm/switchserver?otherserver='.$home.'&role='.$trolecode;
+ $r->internal_redirect($switchserver);
+ }
+ last;
+ }
+ }
+ # Check if author blocked ca-access
my %blocked=&Apache::lonnet::get('environment',['domcoord.author'],$domain,$user);
if ($blocked{'domcoord.author'} eq 'blocked') {
- delete($env{$envkey});
- $env{'user.error.msg'}=':::1:User '.$user.' in domain '.$domain.' blocked domain coordinator access';
- last;
+ delete($env{$envkey});
+ $env{'user.error.msg'}=':::1:User '.$user.' in domain '.$domain.' blocked domain coordinator access';
+ last;
}
if ($dcroles{$domain}) {
my ($server_status,$home) = &check_author_homeserver($user,$domain);
@@ -228,8 +349,11 @@ sub handler {
$cdom,$cnum,
$env{'user.domain'},
$env{'user.name'},
- 'Assigned from '.$ENV{'REMOTE_ADDR'}.' at '.localtime().' for '.
- $trolecode);
+ &mt('Assigned from [_1] at [_2] for [_3]'
+ ,$ENV{'REMOTE_ADDR'}
+ ,&Apache::lonlocal::locallocaltime()
+ ,$trolecode)
+ );
unless ($assignresult eq 'ok') {
$assignresult=~s/^error\:\s*//;
$message=&mt($assignresult).
@@ -245,7 +369,7 @@ $swinfo
$end_page
@@ -335,6 +459,10 @@ ENDENTERKEY
} elsif ($env{'request.course.id'}) {
if ($env{'form.destinationurl'}) {
my $dest = $env{'form.destinationurl'};
+ if ($env{'form.destsymb'} ne '') {
+ my $esc_symb = &HTML::Entities::encode($env{'form.destsymb'},'"<>&');
+ $dest .= '?symb='.$esc_symb;
+ }
&redirect_user($r,&mt('Entering [_1]',
$env{'course.'.$courseid.'.description'}),
$dest,$msg,
@@ -349,7 +477,7 @@ ENDENTERKEY
) {
my $startpage = &courseloadpage($courseid);
unless ($startpage eq 'firstres') {
- $msg = &mt('Entering [_1] ....',
+ $msg = &mt('Entering [_1] ...',
$env{'course.'.$courseid.'.description'});
&redirect_user($r,&mt('New in course'),
'/adm/whatsnew?refpage=start',$msg,
@@ -407,8 +535,9 @@ ENDENTERKEY
$r->send_http_header;
return OK if $r->header_only;
+ my $brcrum =[{href=>"/admm/roles",text=>"User Roles"}];
my $swinfo=&Apache::lonmenu::rawconfig();
- my $start_page=&Apache::loncommon::start_page('User Roles');
+ my $start_page=&Apache::loncommon::start_page('User Roles',undef,{bread_crumbs=>$brcrum});
my $standby=&mt('Role selected. Please stand by.');
$standby=~s/\n/\\n/g;
my $noscript=''.&mt('Use of LON-CAPA requires Javascript to be enabled in your web browser.').' '.&mt('As this is not the case, most functionality in the system will be unavailable.').' ';
@@ -452,6 +581,8 @@ ENDHEADER
my $advanced=$env{'user.adv'};
&Apache::loncommon::get_unprocessed_cgi($ENV{'QUERY_STRING'},['tryagain']);
my $tryagain=$env{'form.tryagain'};
+ my $reinit=$env{'user.reinit'};
+ delete $env{'user.reinit'};
# -------------------------------------------------------- Generate Page Output
# --------------------------------------------------------------- Error Header?
@@ -481,10 +612,16 @@ ENDHEADER
&Apache::lonenc::check_encrypt($fn));
} else {
if ($env{'user.error.msg'}) {
- $r->print(
+ if ($reinit) {
+ $r->print(
+ '
'.
+ &mt('As your session file for the course has expired, you will need to re-select the course.').'
');
+ } else {
+ $r->print(
'
'.
&mt('You need to choose another user role or enter a specific course for this function').'
');
- }
+ }
+ }
}
# -------------------------------------------------------- Choice or no choice?
if ($nochoose) {
@@ -515,13 +652,12 @@ ENDHEADER
my $roletext;
my $sortkey;
if ($envkey=~/^user\.role\./) {
- my ($role,$where,$trolecode,$tstart,$tend,$tremark,$tstatus,$tpstart,$tpend,$tfont);
+ my ($role,$where,$trolecode,$tstart,$tend,$tremark,$tstatus,$tpstart,$tpend);
&role_status($envkey,$then,$now,\$role,\$where,\$trolecode,\$tstatus,\$tstart,\$tend);
next if (!defined($role) || $role eq '' || $role =~ /^gr/);
$tremark='';
$tpstart=' ';
$tpend=' ';
- $tfont='#000000';
if ($tstart) {
$tpstart=&Apache::lonlocal::locallocaltime($tstart);
}
@@ -538,40 +674,36 @@ ENDHEADER
|| ($tstatus eq 'future')
|| ($env{'form.showall'})) {
if ($tstatus eq 'is') {
- $tbg='#77FF77';
- $tfont='#003300';
+ $tbg='LC_roles_is';
$possiblerole=$trolecode;
$countactive++;
} elsif ($tstatus eq 'future') {
- $tbg='#FFFF77';
+ $tbg='LC_roles_future';
$button=0;
$futureroles{$trolecode} = $tstart.':'.$tend;
$countfuture ++;
} elsif ($tstatus eq 'will') {
- $tbg='#FFAA77';
- $tremark.=&mt('Active at next login. ');
+ $tbg='LC_roles_will';
+ $tremark.=&mt('Active at next login.').' ';
$roles_nextlogin{$trolecode} = $tstart.':'.$tend;
$countwill ++;
} elsif ($tstatus eq 'expired') {
- $tbg='#FF7777';
- $tfont='#330000';
+ $tbg='LC_roles_expired';
$button=0;
} elsif ($tstatus eq 'will_not') {
- $tbg='#AAFF77';
- $tremark.=&mt('Expired after logout. ');
+ $tbg='LC_roles_will_not';
+ $tremark.=&mt('Expired after logout.').' ';
} elsif ($tstatus eq 'selected') {
- $tbg='#11CC55';
- $tfont='#002200';
+ $tbg='LC_roles_selected';
$inrole=1;
$countactive++;
- $tremark.=&mt('Currently selected. ');
+ $tremark.=&mt('Currently selected.').' ';
}
my $trole;
if ($role =~ /^cr\//) {
my ($rdummy,$rdomain,$rauthor,$rrole)=split(/\//,$role);
if ($tremark) { $tremark.=' '; }
- $tremark.=&mt('Defined by ').$rauthor.
- &mt(' at ').$rdomain.'.';
+ $tremark.=&mt('Defined by [_1] at [_2].',$rauthor,$rdomain);
}
$trole=Apache::lonnet::plaintext($role);
my $ttype;
@@ -624,9 +756,9 @@ ENDHEADER
$twhere=$env{'course.'.$tcourseid.'.description'};
$sortkey=$role."\0".$tdom."\0".$twhere."\0".$envkey;
unless ($twhere eq &mt('Currently not available')) {
- $twhere.=' '.
- &Apache::loncommon::syllabuswrapper(&mt('Syllabus'),$trest,$tdom,$tfont).
- '';
+ $twhere.=' '.
+ &Apache::loncommon::syllabuswrapper(&mt('Syllabus'),$trest,$tdom).
+ '';
}
} else {
my %newhash=&Apache::lonnet::coursedescription($tcourseid);
@@ -634,9 +766,9 @@ ENDHEADER
$sortkey=$role."\0".$tdom."\0".$newhash{'description'}.
"\0".$envkey;
$twhere=$newhash{'description'}.
- ' '.
- &Apache::loncommon::syllabuswrapper(&mt('Syllabus'),$trest,$tdom,$tfont).
- '';
+ ' '.
+ &Apache::loncommon::syllabuswrapper(&mt('Syllabus'),$trest,$tdom).
+ '';
$ttype = $newhash{'type'};
$trole = &Apache::lonnet::plaintext($role,$ttype);
} else {
@@ -659,7 +791,7 @@ ENDHEADER
$twhere=&mt('system wide');
$sortkey=$role.$twhere;
}
- $roletext.=&build_roletext($trolecode,$tdom,$trest,$tstatus,$tryagain,$advanced,$tremark,$tbg,$tfont,$trole,$twhere,$tpstart,$tpend,$nochoose,$button,$switchserver);
+ $roletext.=&build_roletext($trolecode,$tdom,$trest,$tstatus,$tryagain,$advanced,$tremark,$tbg,$trole,$twhere,$tpstart,$tpend,$nochoose,$button,$switchserver,$reinit);
$roletext{$envkey}=$roletext;
if (!$sortkey) {$sortkey=$twhere."\0".$envkey;}
$sortrole{$sortkey}=$envkey;
@@ -669,13 +801,14 @@ ENDHEADER
}
if ($env{'user.adv'}) {
$r->print(
- ' ');
+ $r->print(' />');
} else {
if ($countactive > 0) {
my $domdesc = &Apache::lonnet::domain($env{'user.domain'},'description');
- $r->print('
'.&mt('[_1]Visit the [_2]Course Catalog[_3] to view all [_4] LON-CAPA courses.','','','',$domdesc).' '.&mt('If a course is [_1]not[_2] in your list of current courses below, you may be able to enroll if self-enrollment is permitted.','','').'
');
+ my $esc_dom = &HTML::Entities::encode($env{'user.domain'},'"<>&');
+ $r->print('
'.&mt('[_1]Visit the [_2]Course Catalog[_3] to view all [_4] LON-CAPA courses.','','','',$domdesc).' '.&mt('If a course is [_1]not[_2] in your list of current courses below, you may be able to enroll if self-enrollment is permitted.','','').'
');
}
}
@@ -695,36 +828,29 @@ ENDHEADER
&print_rolerows($r,$doheaders,\%roleclass,\%sortrole,\%dcroles,
\%roletext);
my $tremark='';
- my $tfont='#003300';
+ my $tbg;
if ($env{'request.role'} eq 'cm') {
- $r->print('
'
+ .&Apache::loncommon::end_data_table_empty_row()
+ );
}
$r->print($output);
}
@@ -866,7 +1011,8 @@ sub print_rolerows {
sub findcourse_advice {
my ($r) = @_;
my $domdesc = &Apache::lonnet::domain($env{'user.domain'},'description');
- if (&check_autoenroll($env{'user.domain'})) {
+ my $esc_dom = &HTML::Entities::encode($env{'user.domain'},'"<>&');
+ if (&Apache::lonnet::auto_run(undef,$env{'user.domain'})) {
$r->print(&mt('If you were expecting to see an active role listed for a particular course in the [_1] domain, it may be missing for one of the following reasons:',$domdesc).'
'.&mt('The course has yet to be created.').'
@@ -878,7 +1024,7 @@ sub findcourse_advice {
} else {
$r->print(&mt('If you were expecting to see an active role listed for a particular course, that course may not have been created yet.').' ');
}
- $r->print('
'.&mt('The [_1]Course Catalog[_2] provides information about all [_3] classes for which LON-CAPA courses have been created.','','',$domdesc).' ');
+ $r->print('
'.&mt('The [_1]Course Catalog[_2] provides information about all [_3] classes for which LON-CAPA courses have been created.','','',$domdesc).' ');
$r->print(&mt('You can search the course catalog for courses which permit self-enrollment, if you would like to enroll in a course.').'
";
foreach my $priv (sort(split(/:/,$env{$envkey}))) {
next if (!$priv);
@@ -964,8 +1110,8 @@ sub role_status {
}
sub build_roletext {
- my ($trolecode,$tdom,$trest,$tstatus,$tryagain,$advanced,$tremark,$tbg,$tfont,$trole,$twhere,$tpstart,$tpend,$nochoose,$button,$switchserver) = @_;
- my $roletext='