--- loncom/auth/lonroles.pm 2021/12/12 18:17:11 1.269.2.39
+++ loncom/auth/lonroles.pm 2022/01/01 19:28:28 1.269.2.39.2.1
@@ -1,7 +1,7 @@
# The LearningOnline Network with CAPA
# User Roles Screen
#
-# $Id: lonroles.pm,v 1.269.2.39 2021/12/12 18:17:11 raeburn Exp $
+# $Id: lonroles.pm,v 1.269.2.39.2.1 2022/01/01 19:28:28 raeburn Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -255,7 +255,7 @@ sub handler {
my $r = shift;
# Check for critical messages and redirect if present.
- my ($redirect,$url) = &Apache::loncommon::critical_redirect(300);
+ my ($redirect,$url) = &Apache::loncommon::critical_redirect(300,'roles');
if ($redirect) {
&Apache::loncommon::content_type($r,'text/html');
$r->header_out(Location => $url);
@@ -273,8 +273,43 @@ sub handler {
$update = $then;
}
- my ($blocked_by_ip,$blocked_type,$clientip);
+ my ($norolelist,$blocked_by_ip,$blocked_type,$clientip);
$clientip = &Apache::lonnet::get_requestor_ip($r);
+ if (($env{'request.course.id'}) && ($env{'request.deeplink.login'})) {
+ my $cnum = $env{'course.'.$env{'request.course.id'}.'.num'};
+ my $cdom = $env{'course.'.$env{'request.course.id'}.'.domain'};
+ my $crstype = $env{'course.'.$env{'request.course.id'}.'.type'};
+ my $deeplink_symb = &Apache::loncommon::deeplink_login_symb($cnum,$cdom);
+ if ($deeplink_symb) {
+ my ($menucoll,$deeplinkmenu,$menuref) = &Apache::loncommon::menucoll_in_effect();
+ if (ref($menuref) eq 'HASH') {
+ unless (($menuref->{'role'}) || ($env{'request.role.adv'})) {
+ foreach my $envkey (keys(%env)) {
+ next unless ($envkey =~ /^form\./);
+ if ($envkey =~ m{\./($match_domain)/($match_courseid)(?:/(\w+)|$)}) {
+ unless (($1 eq $cdom) && ($2 eq $cnum)) {
+ delete($env{$envkey});
+ }
+ }
+ }
+ if ($env{'form.selectrole'}) {
+ if ($env{'form.switchrole'} =~ m{\./($match_domain)/($match_courseid)(?:/(\w+)|$)}) {
+ unless (($1 eq $cdom) && ($2 eq $cnum)) {
+ delete($env{'form.selectrole'});
+ delete($env{'form.switchrole'});
+ }
+ } elsif ($env{'form.newrole'} =~ m{\./($match_domain)/($match_courseid)(?:/(\w+)|$)}) {
+ unless (($1 eq $cdom) && ($2 eq $cnum)) {
+ delete($env{'form.selectrole'});
+ delete($env{'form.newrole'});
+ }
+ }
+ }
+ $norolelist = 1;
+ }
+ }
+ }
+ }
if ($env{'form.selectrole'}) {
my ($role,$cdom,$cnum,$rest);
@@ -732,8 +767,19 @@ ENDCLOSE
my %prog_state = &Apache::lonhtmlcommon::Create_PrgWin($r,undef,$preamble);
&Apache::lonhtmlcommon::Update_PrgWin($r,\%prog_state,&mt('Loading ...'));
$r->rflush();
- my ($msg,$critmsg_check);
+ my ($msg,$blockcrit,$critmsg_check);
$critmsg_check = 1;
+ $blockcrit = &Apache::loncommon::blocking_status('alert',$clientip,$cnum,$cdom,undef,1);
+ if ($blockcrit) {
+ my $checkrole = "cm./$cdom/$cnum";
+ if ($csec ne '') {
+ $checkrole .= "/$csec";
+ }
+ unless ((&Apache::lonnet::allowed('evb',undef,undef,$checkrole)) &&
+ ($trolecode !~ m{^st\./$cdom/$cnum})) {
+ $critmsg_check = 0;
+ }
+ }
my ($furl,$ferr)=
&Apache::lonuserstate::readmap($cdom.'/'.$cnum,$critmsg_check);
&Apache::lonhtmlcommon::Update_PrgWin($r,\%prog_state,&mt('Finished!'));
@@ -836,10 +882,6 @@ ENDCLOSE
&Apache::loncommon::end_page());
}
} else {
- if (($env{'request.lti.login'}) &&
- ($env{'request.lti.rosterid'} || $env{'request.lti.passbackid'})) {
- &process_lti($r,$cdom,$cnum);
- }
$msg = ''.&mt('Entering [_1] ...',
$env{'course.'.$cdom.'_'.$cnum.'.description'}).
'
';
@@ -936,6 +978,9 @@ ENDCLOSE
$msg = ''.&mt('Entering [_1] ...',
$env{'course.'.$cdom.'_'.$cnum.'.description'}).
'
';
+ if ($env{'form.ttoken'}) {
+ $dest .= (($dest =~/\?/)? '&':'?').'ttoken='.$env{'form.ttoken'};
+ }
&finish_loading_course($r,$msg,$dest);
$r->rflush();
return OK;
@@ -991,7 +1036,7 @@ ENDCLOSE
} else {
$access = &Apache::lonnet::allowed('bre',$unencfurl);
}
- if ((!$access) || ($access eq 'B')) {
+ if ((!$access) || ($access eq 'B') || ($access eq 'D')) {
$furl = &Apache::lonpageflip::first_accessible_resource();
if ($furl eq '') {
$furl = '/adm/navmaps?showOnlyHomework=1';
@@ -1068,6 +1113,10 @@ ENDCLOSE
$recent = &mt('Recent Courses');
$standby = &mt('Course selected. Please stand by.');
}
+ if (($norolelist) && ((split(/:/,$env{'user.error.msg'}))[2])) {
+ $crumbtext = 'Access Denied';
+ $pagetitle = 'Unauthorized';
+ }
my $brcrum =[{href=>"/adm/roles",text=>$crumbtext}];
my %roles_in_env;
@@ -1080,10 +1129,12 @@ ENDCLOSE
$cattype = $domdefs{'catauth'};
}
my ($funcs,$crumbsright);
- $funcs = &get_roles_functions($showcount,$cattype);
- if ($env{'browser.mobile'}) {
- $crumbsright = $funcs;
- undef($funcs);
+ unless (($norolelist) && ((split(/:/,$env{'user.error.msg'}))[2])) {
+ $funcs = &get_roles_functions($showcount,$cattype);
+ if ($env{'browser.mobile'}) {
+ $crumbsright = $funcs;
+ undef($funcs);
+ }
}
my $start_page=&Apache::loncommon::start_page($pagetitle,undef,{bread_crumbs=>$brcrum,
bread_crumbs_component=>$crumbsright});
@@ -1190,8 +1241,16 @@ ENDHEADER
}
if ($nochoose) {
$r->print("".&mt('Sorry ...')."
\n".
- &mt('This action is currently not authorized.').''.
- &Apache::loncommon::end_page());
+ &mt('This action is currently not authorized.').'');
+ if ($error && $norolelist) {
+ $r->print('
'.
+ &mt('As your session was launched from a web page external to LON-CAPA some course content may be unavailable, including the resource you were trying to access.').
+ '
'.
+ ''.
+ &mt('You may need to login to LON-CAPA directly, or re-launch from a different external system.').
+ '
');
+ }
+ $r->print(&Apache::loncommon::end_page());
return OK;
} else {
if ($updateresult || $reqauthor || $hotlist) {
@@ -1261,6 +1320,26 @@ ENDHEADER
}
}
+ if ($norolelist) {
+ if ($env{'request.role'}) {
+ my ($roletext,$role_text_end) = &display_curr_role($env{'request.role'});
+ if ($roletext) {
+ $r->print(&Apache::loncommon::start_data_table('LC_textsize_mobile').
+ &Apache::loncommon::start_data_table_row().
+ $roletext.
+ &Apache::loncommon::end_data_table_row());
+ if ($role_text_end) {
+ $r->print(&Apache::loncommon::continue_data_table_row().
+ $role_text_end.
+ &Apache::loncommon::end_data_table_row());
+ }
+ $r->print(&Apache::loncommon::end_data_table());
+ }
+ }
+ $r->print(&Apache::loncommon::end_page());
+ return OK;
+ }
+
# No active roles
if ($countactive==0) {
my $elapsed = 0;
@@ -2265,6 +2344,38 @@ sub display_cc_role {
}
}
return ($roletext,$roletext_end);
+}
+
+sub display_curr_role {
+ my ($currentrole) = @_;
+ my ($roletext,$roletext_end);
+ my $advanced = $env{'user.adv'};
+ my $tryagain = $env{'form.tryagain'};
+ my ($role,$rest) = split(m{\./},$currentrole,2);
+ unless (!defined($role) || $role eq '') {
+ if ($rest =~ m{^($match_domain)/($match_courseid)(?:/(\w+)|$)}) {
+ my $cdom = $1;
+ my $cnum = $2;
+ my $csec = $3;
+ my $cid = $cdom.'_'.$cnum;
+ my $ttype = $env{'course.'.$cid.'.type'};
+ my $skipcal = 1;
+ my $tbg='LC_roles_is';
+ my $twhere = $env{'course.'.$cid.'.description'}.
+ ' '.
+ &Apache::loncommon::syllabuswrapper(&mt('Syllabus'),$cnum,$cdom).
+ '';
+ my $trole = &Apache::lonnet::plaintext($role,$ttype,$cid);
+ if ($csec) {
+ $twhere.= ' '.&mt('Section').': '.$csec;
+ }
+ if ($role ne 'st') {
+ $twhere.= ' '.&mt('Domain').': '.$cdom;
+ }
+ ($roletext,$roletext_end) = &build_roletext($currentrole,$cdom,$cnum,'is',$tryagain,$advanced,'',$tbg,$trole,$twhere,'','','',1,'','','',$skipcal);
+ }
+ }
+ return ($roletext,$roletext_end);
}
sub adhoc_roles_row {