loncom/auth/lonroles.pm - view

File: [LON-CAPA] / loncom / auth / lonroles.pm
Revision 1.117: download - view: text, annotated - select for diffs
Thu Mar 3 07:32:49 2005 UTC (19 years, 3 months ago) by albertel
Branches: MAIN
CVS tags: version_1_3_X, version_1_3_3, HEAD

- BG#3985, the adv permissions didn;t have an effect in cases where it depended on athe course id

1: # The LearningOnline Network with CAPA 2: # User Roles Screen 3: # 4: # $Id: lonroles.pm,v 1.117 2005/03/03 07:32:49 albertel Exp $ 5: # 6: # Copyright Michigan State University Board of Trustees 7: # 8: # This file is part of the LearningOnline Network with CAPA (LON-CAPA). 9: # 10: # LON-CAPA is free software; you can redistribute it and/or modify 11: # it under the terms of the GNU General Public License as published by 12: # the Free Software Foundation; either version 2 of the License, or 13: # (at your option) any later version. 14: # 15: # LON-CAPA is distributed in the hope that it will be useful, 16: # but WITHOUT ANY WARRANTY; without even the implied warranty of 17: # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 18: # GNU General Public License for more details. 19: # 20: # You should have received a copy of the GNU General Public License 21: # along with LON-CAPA; if not, write to the Free Software 22: # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 23: # 24: # /home/httpd/html/adm/gpl.txt 25: # 26: # http://www.lon-capa.org/ 27: # 28: ### 29: 30: package Apache::lonroles; 31: 32: use strict; 33: use Apache::lonnet(); 34: use Apache::lonuserstate(); 35: use Apache::Constants qw(:common); 36: use Apache::File(); 37: use Apache::lonmenu; 38: use Apache::loncommon; 39: use Apache::lonhtmlcommon; 40: use Apache::lonannounce; 41: use Apache::lonlocal; 42: 43: sub redirect_user { 44: my ($r,$title,$url,$msg,$launch_nav) = @_; 45: $msg = $title if (! defined($msg)); 46: &Apache::loncommon::content_type($r,'text/html'); 47: &Apache::loncommon::no_cache($r); 48: $r->send_http_header; 49: my $swinfo=&Apache::lonmenu::rawconfig(); 50: my $navwindow; 51: if ($launch_nav eq 'on') { 52: $navwindow.=&Apache::lonnavmaps::launch_win('now'); 53: } else { 54: $navwindow.=&Apache::lonnavmaps::close(); 55: } 56: my $bodytag=&Apache::loncommon::bodytag('Switching Role'); 57: # Note to style police: 58: # This must only replace the spaces, nothing else, or it bombs elsewhere. 59: $url=~s/ /\%20/g; 60: $r->print(<<ENDREDIR); 61: <head><title>$title</title> 62: <meta HTTP-EQUIV="Refresh" CONTENT="1; url=$url"> 63: </head> 64: <html> 65: $bodytag 66: <script type="text/javascript"> 67: $swinfo 68: </script> 69: $navwindow 70: <h1>$msg</h1> 71: <a href="$url">Continue</a> 72: </body> 73: </html> 74: ENDREDIR 75: return; 76: } 77: 78: sub handler { 79: 80: my $r = shift; 81: 82: my $now=time; 83: my $then=$ENV{'user.login.time'}; 84: my $envkey; 85: my %dcroles = (); 86: my $numdc = &check_fordc(\%dcroles,$then); 87: 88: # ================================================================== Roles Init 89: if ($ENV{'form.selectrole'}) { 90: if ($ENV{'request.course.id'}) { 91: my %temp=('logout_'.$ENV{'request.course.id'} => time); 92: &Apache::lonnet::put('email_status',\%temp); 93: &Apache::lonnet::delenv('user.state.'.$ENV{'request.course.id'}); 94: } 95: &Apache::lonnet::appenv("request.course.id" => '', 96: "request.course.fn" => '', 97: "request.course.uri" => '', 98: "request.course.sec" => '', 99: "request.role" => 'cm', 100: "request.role.adv" => $ENV{'user.adv'}, 101: "request.role.domain" => $ENV{'user.domain'}); 102: 103: # Check if user is a DC trying to enter a course and needs privs to be created 104: if ($numdc > 0) { 105: foreach my $envkey (keys %ENV) { 106: if ($envkey =~ m-^form\.cc\./(\w+)/(\w+)$-) { 107: if ($dcroles{$1}) { 108: my $cckey = 'user.role.cc./'.$1.'/'.$2; 109: &check_privs($cckey,$then,$now); 110: } 111: last; 112: } 113: } 114: } 115: 116: foreach $envkey (keys %ENV) { 117: next if ($envkey!~/^user\.role\./); 118: my ($where,$trolecode,$role,$tstatus,$tend,$tstart); 119: &role_status($envkey,$then,$now,\$role,\$where,\$trolecode,\$tstatus,\$tstart,\$tend); 120: if ($ENV{'form.'.$trolecode}) { 121: if ($tstatus eq 'is') { 122: $where=~s/^\///; 123: my ($cdom,$cnum,$csec)=split(/\//,$where); 124: # store role if recent_role list being kept 125: if ($ENV{'environment.recentroles'}) { 126: &Apache::lonhtmlcommon::store_recent('roles', 127: $trolecode,' '); 128: } 129: 130: 131: # check for keyed access 132: if (($role eq 'st') && 133: ($ENV{'course.'.$cdom.'_'.$cnum.'.keyaccess'} eq 'yes')) { 134: # who is key authority? 135: my $authdom=$cdom; 136: my $authnum=$cnum; 137: if ($ENV{'course.'.$cdom.'_'.$cnum.'.keyauth'}) { 138: ($authnum,$authdom)= 139: split(/\W/,$ENV{'course.'.$cdom.'_'.$cnum.'.keyauth'}); 140: } 141: # check with key authority 142: unless (&Apache::lonnet::validate_access_key( 143: $ENV{'environment.key.'.$cdom.'_'.$cnum}, 144: $authdom,$authnum)) { 145: # there is no valid key 146: if ($ENV{'form.newkey'}) { 147: # student attempts to register a new key 148: &Apache::loncommon::content_type($r,'text/html'); 149: &Apache::loncommon::no_cache($r); 150: $r->send_http_header; 151: my $swinfo=&Apache::lonmenu::rawconfig(); 152: my $bodytag=&Apache::loncommon::bodytag 153: ('Verifying Access Key to Unlock this Course'); 154: my $buttontext=&mt('Enter Course'); 155: my $message=&mt('Successfully registered key'); 156: my $assignresult= 157: &Apache::lonnet::assign_access_key( 158: $ENV{'form.newkey'}, 159: $authdom,$authnum, 160: $cdom,$cnum, 161: $ENV{'user.domain'}, 162: $ENV{'user.name'}, 163: 'Assigned from '.$ENV{'REMOTE_ADDR'}.' at '.localtime().' for '. 164: $trolecode); 165: unless ($assignresult eq 'ok') { 166: $assignresult=~s/^error\:\s*//; 167: $message=&mt($assignresult). 168: '<br /><a href="/adm/logout">'. 169: &mt('Logout').'</a>'; 170: $buttontext=&mt('Re-Enter Key'); 171: } 172: $r->print(<<ENDENTEREDKEY); 173: <head><title>Verifying Course Access Key</title> 174: </head> 175: <html> 176: $bodytag 177: <script> 178: $swinfo 179: </script> 180: <form method="post"> 181: <input type="hidden" name="selectrole" value="1" /> 182: <input type="hidden" name="$trolecode" value="1" /> 183: <font size="+2">$message</font><br /> 184: <input type="submit" value="$buttontext" /> 185: </form> 186: </body></html> 187: ENDENTEREDKEY 188: return OK; 189: } else { 190: # print form to enter a new key 191: &Apache::loncommon::content_type($r,'text/html'); 192: &Apache::loncommon::no_cache($r); 193: $r->send_http_header; 194: my $swinfo=&Apache::lonmenu::rawconfig(); 195: my $bodytag=&Apache::loncommon::bodytag 196: ('Enter Access Key to Unlock this Course'); 197: $r->print(<<ENDENTERKEY); 198: <head><title>Entering Course Access Key</title> 199: </head> 200: <html> 201: $bodytag 202: <script> 203: $swinfo 204: </script> 205: <form method="post"> 206: <input type="hidden" name="selectrole" value="1" /> 207: <input type="hidden" name="$trolecode" value="1" /> 208: <input type="text" size="20" name="newkey" value="$ENV{'form.newkey'}" /> 209: <input type="submit" value="Enter key" /> 210: </form> 211: </body></html> 212: ENDENTERKEY 213: return OK; 214: } 215: } 216: } 217: &Apache::lonnet::log($ENV{'user.domain'}, 218: $ENV{'user.name'}, 219: $ENV{'user.home'}, 220: "Role ".$trolecode); 221: 222: &Apache::lonnet::appenv( 223: 'request.role' => $trolecode, 224: 'request.role.domain' => $cdom, 225: 'request.course.sec' => $csec); 226: my $tadv=0; 227: my $msg=&mt('Entering course ...'); 228: 229: if (($cnum) && ($role ne 'ca')) { 230: my ($furl,$ferr)= 231: &Apache::lonuserstate::readmap($cdom.'/'.$cnum); 232: if (($ENV{'form.orgurl'}) && 233: ($ENV{'form.orgurl'}!~/^\/adm\/flip/)) { 234: my $dest=$ENV{'form.orgurl'}; 235: if ( &Apache::lonnet::mod_perl_version() == 2 ) { 236: &Apache::lonnet::cleanenv(); 237: } 238: if (&Apache::lonnet::allowed('adv') eq 'F') { $tadv=1; } 239: &Apache::lonnet::appenv('request.role.adv'=>$tadv); 240: $r->internal_redirect($dest); 241: return OK; 242: } else { 243: unless ($ENV{'request.course.id'}) { 244: &Apache::lonnet::appenv( 245: "request.course.id" => $cdom.'_'.$cnum); 246: $furl='/adm/roles?tryagain=1'; 247: $msg= 248: '<h1><font color=red>'. 249: &mt('Could not initialize course at this time.'). 250: '</font></h1><h3>'.&mt('Please try again.').'</h3>'.$ferr; 251: } 252: if (&Apache::lonnet::allowed('adv') eq 'F') { $tadv=1; } 253: &Apache::lonnet::appenv('request.role.adv'=>$tadv); 254: 255: # Check to see if the user is a CC entering a course 256: # for the first time 257: my (undef, undef, $role, $courseid) = split(/\./, $envkey); 258: if (substr($courseid, 0, 1) eq '/') { 259: $courseid = substr($courseid, 1); 260: } 261: $courseid =~ s/\//_/; 262: if ($role eq 'cc' && $ENV{'course.' . $courseid . 263: '.course.helper.not.run'}) { 264: $furl = "/adm/helper/course.initialization.helper"; 265: } 266: # Send the user to the course they selected 267: &redirect_user($r,&mt('Entering Course'), 268: $furl,$msg, 269: $ENV{'environment.remotenavmap'}); 270: return OK; 271: } 272: } 273: # 274: # Send the user to the construction space they selected 275: if ($role =~ /^(au|ca)$/) { 276: my $redirect_url = '/priv/'; 277: if ($role eq 'au') { 278: $redirect_url.=$ENV{'user.name'}; 279: } else { 280: $where =~ /\/(.*)$/; 281: $redirect_url .= $1; 282: } 283: $redirect_url .= '/'; 284: &redirect_user($r,&mt('Entering Construction Space'), 285: $redirect_url); 286: return OK; 287: } 288: if ($role eq 'dc') { 289: my $redirect_url = '/adm/menu/'; 290: &redirect_user($r,&mt('Loading Domain Coordinator Menu'), 291: $redirect_url); 292: return OK; 293: } 294: } 295: } 296: } 297: } 298: 299: 300: # =============================================================== No Roles Init 301: 302: &Apache::loncommon::content_type($r,'text/html'); 303: &Apache::loncommon::no_cache($r); 304: $r->send_http_header; 305: return OK if $r->header_only; 306: 307: my $swinfo=&Apache::lonmenu::rawconfig(); 308: my $bodytag=&Apache::loncommon::bodytag('User Roles'); 309: my $helptag='<table><tr><td>'.&Apache::loncommon::help_open_menu('','General Intro','General_Intro','User Roles',1,undef,undef,undef,undef,,&mt("Click here for help")).'</td></td></tr></table>'; 310: $r->print(<<ENDHEADER); 311: <html> 312: <head> 313: <title>LON-CAPA User Roles</title> 314: </head> 315: $bodytag 316: $helptag<br /> 317: <script> 318: $swinfo 319: window.focus(); 320: </script> 321: ENDHEADER 322: 323: # ------------------------------------------ Get Error Message from Environment 324: 325: my ($fn,$priv,$nochoose,$error,$msg)=split(/:/,$ENV{'user.error.msg'}); 326: if ($ENV{'user.error.msg'}) { 327: $r->log_reason( 328: "$msg for $ENV{'user.name'} domain $ENV{'user.domain'} access $priv",$fn); 329: } 330: 331: # ------------------------------------------------- Can this user re-init, etc? 332: 333: my $advanced=$ENV{'user.adv'}; 334: &Apache::loncommon::get_unprocessed_cgi($ENV{'QUERY_STRING'},['tryagain']); 335: my $tryagain=$ENV{'form.tryagain'}; 336: 337: # -------------------------------------------------------- Generate Page Output 338: # --------------------------------------------------------------- Error Header? 339: if ($error) { 340: $r->print("<h1>LON-CAPA Access Control</h1>"); 341: $r->print("<hr><pre>Access : ". 342: Apache::lonnet::plaintext($priv)."\n"); 343: $r->print("Resource: ".&Apache::lonenc::check_encrypt($fn)."\n"); 344: $r->print("Action : $msg\n</pre><hr>"); 345: } else { 346: if ($ENV{'user.error.msg'}) { 347: $r->print( 348: '<h3><font color=red>'. 349: &mt('You need to choose another user role or enter a specific course for this function').'</font></h3>'); 350: } 351: } 352: # -------------------------------------------------------- Choice or no choice? 353: if ($nochoose) { 354: if ($advanced) { 355: $r->print("<h2>".&mt('Assigned User Roles')."</h2>\n"); 356: } else { 357: $r->print("<h2>".&mt('Sorry ...')."</h2>\n". 358: &mt('This resource might be part of')); 359: if ($ENV{'request.course.id'}) { 360: $r->print(&mt(' another')); 361: } else { 362: $r->print(&mt(' a certain')); 363: } 364: $r->print(&mt(' course.').'</body></html>'); 365: return OK; 366: } 367: } else { 368: if ($advanced) { 369: $r->print(&mt("Your home server is "). 370: $Apache::lonnet::hostname{&Apache::lonnet::homeserver 371: ($ENV{'user.name'},$ENV{'user.domain'})}. 372: "<br />\n"); 373: $r->print(&mt( 374: "Author and Co-Author roles may not be available on servers other than your home server.")); 375: } 376: if (($ENV{'REDIRECT_QUERY_STRING'}) && ($fn)) { 377: $fn.='?'.$ENV{'REDIRECT_QUERY_STRING'}; 378: } 379: $r->print('<form method="post" name="rolechoice" action="'.(($fn)?$fn:$r->uri).'">'); 380: $r->print('<input type="hidden" name="orgurl" value="'.$fn.'" />'); 381: $r->print('<input type="hidden" name="selectrole" value="1" />'); 382: } 383: if ($ENV{'user.adv'}) { 384: $r->print( 385: '<br /><label>'.&mt('Show all roles').': <input type="checkbox" name="showall"'); 386: if ($ENV{'form.showall'}) { $r->print(' checked="checked" '); } 387: $r->print(' /></label><input type="submit" value="'.&mt('Display').'" />'); 388: } 389: 390: my (%roletext,%sortrole,%roleclass); 391: my $countactive=0; 392: my $inrole=0; 393: my $possiblerole=''; 394: foreach $envkey (sort keys %ENV) { 395: my $button = 1; 396: my $switchserver=''; 397: my $roletext; 398: my $sortkey; 399: if ($envkey=~/^user\.role\./) { 400: my ($role,$where,$trolecode,$tstart,$tend,$tremark,$tstatus,$tpstart,$tpend,$tfont); 401: &role_status($envkey,$then,$now,\$role,\$where,\$trolecode,\$tstatus,\$tstart,\$tend); 402: next if (!defined($role) || $role eq ''); 403: $tremark=''; 404: $tpstart=' '; 405: $tpend=' '; 406: $tfont='#000000'; 407: if ($tstart) { 408: $tpstart=&Apache::lonlocal::locallocaltime($tstart); 409: } 410: if ($tend) { 411: $tpend=&Apache::lonlocal::locallocaltime($tend); 412: } 413: if ($ENV{'request.role'} eq $trolecode) { 414: $tstatus='selected'; 415: } 416: my $tbg; 417: if (($tstatus eq 'is') || ($tstatus eq 'selected') || 418: ($ENV{'form.showall'})) { 419: if ($tstatus eq 'is') { 420: $tbg='#77FF77'; 421: $tfont='#003300'; 422: $possiblerole=$trolecode; 423: $countactive++; 424: } elsif ($tstatus eq 'future') { 425: $tbg='#FFFF77'; 426: $button=0; 427: } elsif ($tstatus eq 'will') { 428: $tbg='#FFAA77'; 429: $tremark.=&mt('Active at next login. '); 430: } elsif ($tstatus eq 'expired') { 431: $tbg='#FF7777'; 432: $tfont='#330000'; 433: $button=0; 434: } elsif ($tstatus eq 'will_not') { 435: $tbg='#AAFF77'; 436: $tremark.=&mt('Expired after logout. '); 437: } elsif ($tstatus eq 'selected') { 438: $tbg='#11CC55'; 439: $tfont='#002200'; 440: $inrole=1; 441: $countactive++; 442: $tremark.=&mt('Currently selected. '); 443: } 444: my $trole; 445: if ($role =~ /^cr\//) { 446: my ($rdummy,$rdomain,$rauthor,$rrole)=split(/\//,$role); 447: $tremark.='<br>'.&mt('Defined by ').$rauthor. 448: &mt(' at ').$rdomain.'.'; 449: $trole=$rrole; 450: } else { 451: $trole=Apache::lonnet::plaintext($role); 452: } 453: my $ttype; 454: my $twhere; 455: my ($tdom,$trest,$tsection)= 456: split(/\//,Apache::lonnet::declutter($where)); 457: # First, Co-Authorship roles 458: if ($role eq 'ca') { 459: my $home = &Apache::lonnet::homeserver($trest,$tdom); 460: my $allowed=0; 461: my @ids=&Apache::lonnet::current_machine_ids(); 462: foreach my $id (@ids) { if ($id eq $home) { $allowed=1; } } 463: if (!$allowed) { 464: $button=0; 465: $switchserver=&Apache::lonnet::escape('http://'. 466: $Apache::lonnet::hostname{$home}. 467: '/adm/login?domain='.$ENV{'user.domain'}. 468: '&username='.$ENV{'user.name'}. 469: '&firsturl=/priv/'.$trest.'/'); 470: } 471: #next if ($home eq 'no_host'); 472: $home = $Apache::lonnet::hostname{$home}; 473: $ttype='Construction Space'; 474: $twhere=&mt('User').': '.$trest.'<br />'.&mt('Domain'). 475: ': '.$tdom.'<br />'. 476: ' '.&mt('Server').': '.$home; 477: $ENV{'course.'.$tdom.'_'.$trest.'.description'}='ca'; 478: $tremark.=&Apache::lonhtmlcommon::authorbombs('/res/'.$tdom.'/'.$trest.'/'); 479: $sortkey=$role."$trest:$tdom"; 480: } elsif ($role eq 'au') { 481: # Authors 482: my $home = &Apache::lonnet::homeserver 483: ($ENV{'user.name'},$ENV{'user.domain'}); 484: my $allowed=0; 485: my @ids=&Apache::lonnet::current_machine_ids(); 486: foreach my $id (@ids) { if ($id eq $home) { $allowed=1; } } 487: if (!$allowed) { 488: $button=0; 489: $switchserver=&Apache::lonnet::escape('http://'. 490: $Apache::lonnet::hostname{$home}. 491: '/adm/login?domain='.$ENV{'user.domain'}. 492: '&username='.$ENV{'user.name'}. 493: '&firsturl=/priv/'.$ENV{'user.name'}.'/'); 494: } 495: #next if ($home eq 'no_host'); 496: $home = $Apache::lonnet::hostname{$home}; 497: $ttype='Construction Space'; 498: $twhere=&mt('Domain').': '.$tdom.'<br />'.&mt('Server'). 499: ': '.$home; 500: $ENV{'course.'.$tdom.'_'.$trest.'.description'}='ca'; 501: $tremark.=&Apache::lonhtmlcommon::authorbombs('/res/'.$tdom.'/'.$ENV{'user.name'}.'/'); 502: $sortkey=$role; 503: } elsif ($trest) { 504: $ttype='Course'; 505: if ($tsection) { 506: $ttype.='<br>'.&mt('Section/Group').': '.$tsection; 507: } 508: my $tcourseid=$tdom.'_'.$trest; 509: if ($ENV{'course.'.$tcourseid.'.description'}) { 510: $twhere=$ENV{'course.'.$tcourseid.'.description'}; 511: $sortkey=$role."\0".$tdom."\0".$twhere."\0".$envkey; 512: unless ($twhere eq &mt('Currently not available')) { 513: $twhere.=' <font size="-2">'. 514: &Apache::loncommon::syllabuswrapper(&mt('Syllabus'),$trest,$tdom,$tfont). 515: '</font>'; 516: } 517: } else { 518: my %newhash=&Apache::lonnet::coursedescription($tcourseid); 519: if (%newhash) { 520: $sortkey=$role."\0".$tdom."\0".$newhash{'description'}. 521: "\0".$envkey; 522: $twhere=$newhash{'description'}. 523: ' <font size="-2">'. 524: &Apache::loncommon::syllabuswrapper(&mt('Syllabus'),$trest,$tdom,$tfont). 525: '</font>'; 526: } else { 527: $twhere=&mt('Currently not available'); 528: $ENV{'course.'.$tcourseid.'.description'}=$twhere; 529: $sortkey=$role."\0".$tdom."\0".$twhere."\0".$envkey; 530: } 531: } 532: if ($role ne 'st') { $twhere.="<br />".&mt('Domain').":".$tdom; } 533: } elsif ($tdom) { 534: $ttype='Domain'; 535: $twhere=$tdom; 536: $sortkey=$role.$twhere; 537: } else { 538: $ttype='System'; 539: $twhere=&mt('system wide'); 540: $sortkey=$role.$twhere; 541: } 542: 543: $roletext.=&build_roletext($trolecode,$tdom,$trest,$tstatus,$tryagain,$advanced,$tremark,$tbg,$tfont,$trole,$ttype,$twhere,$tpstart,$tpend,$nochoose,$button,$switchserver); 544: $roletext{$envkey}=$roletext; 545: if (!$sortkey) {$sortkey=$twhere."\0".$envkey;} 546: $sortrole{$sortkey}=$envkey; 547: $roleclass{$envkey}=$ttype; 548: } 549: } 550: } 551: # No active roles 552: if ($countactive==0) { 553: if ($inrole) { 554: $r->print('<h2>'.&mt('Currently no additional roles or courses').'</h2>'); 555: } else { 556: $r->print('<h2>'.&mt('Currently no active roles or courses').'</h2>'); 557: } 558: $r->print('</form></body></html>'); 559: return OK; 560: # Is there only one choice? 561: } elsif (($countactive==1) && ($ENV{'request.role'} eq 'cm')) { 562: $r->print('<h3>'.&mt('Please stand by.').'</h3>'. 563: '<input type="hidden" name="'.$possiblerole.'" value="1" />'); 564: $r->print("</form>\n"); 565: $r->rflush(); 566: $r->print('<script>document.forms.rolechoice.submit();</script>'); 567: $r->print('</body></html>'); 568: return OK; 569: } 570: # More than one possible role 571: # ----------------------------------------------------------------------- Table 572: unless (($advanced) || ($nochoose)) { 573: $r->print("<h2>".&mt('Select a Course to Enter')."</h2>\n"); 574: } 575: $r->print('<br /><table><tr>'); 576: unless ($nochoose) { $r->print('<th> </th>'); } 577: $r->print('<th>'.&mt('User Role').'</th><th colspan=2>'.&mt('Extent'). 578: '</th><th>'.&mt('Start').'</th><th>'.&mt('End').'</th><th>'. 579: &mt('Remarks and Calendar Announcements').'</th></tr>'."\n"); 580: my $doheaders=-1; 581: foreach my $type ('Construction Space','Course','Domain','System') { 582: my $haverole=0; 583: foreach my $which (sort {uc($a) cmp uc($b)} (keys(%sortrole))) { 584: if ($roleclass{$sortrole{$which}} =~ /^\Q$type\E/) { 585: $haverole=1; 586: } 587: } 588: if ($haverole) { $doheaders++; } 589: } 590: 591: if ($ENV{'environment.recentroles'}) { 592: my %recent_roles = 593: &Apache::lonhtmlcommon::get_recent('roles',$ENV{'environment.recentrolesn'}); 594: my $output=''; 595: foreach (sort(keys(%recent_roles))) { 596: if (defined($roletext{'user.role.'.$_})) { 597: $output.=$roletext{'user.role.'.$_}; 598: } elsif ($numdc > 0) { 599: unless ($_ =~/^error\:/) { 600: $output.=&display_cc_role('user.role.'.$_); 601: } 602: } 603: } 604: if ($output) { 605: $r->print("<tr bgcolor='#BBffBB'><td align='center' colspan='7'>". 606: &mt('Recent Roles')."</td>"); 607: $r->print($output); 608: $r->print("</tr>"); 609: $doheaders ++; 610: } 611: } 612: 613: if ($numdc > 0) { 614: $r->print(&coursepick_jscript()); 615: $r->print(&Apache::loncommon::coursebrowser_javascript()); 616: } 617: foreach my $type ('Construction Space','Course','Domain','System') { 618: my $output; 619: foreach my $which (sort {uc($a) cmp uc($b)} (keys(%sortrole))) { 620: if ($roleclass{$sortrole{$which}} =~ /^\Q$type\E/) { 621: $output.=$roletext{$sortrole{$which}}; 622: if ($sortrole{$which} =~ m-dc\./(\w+)/-) { 623: if ($dcroles{$1}) { 624: $output .= &allcourses_row($1); 625: } 626: } 627: } 628: } 629: if ($output) { 630: if ($doheaders > 0) { 631: $r->print("<tr bgcolor='#BBffBB'>". 632: "<td align='center' colspan='7'>".&mt($type)."</td></tr>"); 633: } 634: $r->print($output); 635: } 636: } 637: my $tremark=''; 638: my $tfont='#003300'; 639: if ($ENV{'request.role'} eq 'cm') { 640: $r->print('<tr bgcolor="#11CC55">'); 641: $tremark=&mt('Currently selected. '); 642: $tfont='#002200'; 643: } else { 644: $r->print('<tr bgcolor="#77FF77">'); 645: } 646: unless ($nochoose) { 647: if ($ENV{'request.role'} ne 'cm') { 648: $r->print('<td><input type=submit value="'. 649: &mt('Select').'" name="cm"></td>'); 650: } else { 651: $r->print('<td> </td>'); 652: } 653: } 654: $r->print('<td colspan=5><font color="'.$tfont.'">'.&mt('No role specified'). 655: '</font></td><td><font color="'.$tfont.'">'.$tremark. 656: ' </font></td></tr>'."\n"); 657: 658: $r->print('</table>'); 659: unless ($nochoose) { 660: $r->print("</form>\n"); 661: } 662: # ------------------------------------------------------------ Privileges Info 663: if (($advanced) && (($ENV{'user.error.msg'}) || ($error))) { 664: $r->print('<hr><h2>Current Privileges</h2>'); 665: 666: foreach $envkey (sort keys %ENV) { 667: if ($envkey=~/^user\.priv\.$ENV{'request.role'}\./) { 668: my $where=$envkey; 669: $where=~s/^user\.priv\.$ENV{'request.role'}\.//; 670: my $ttype; 671: my $twhere; 672: my ($tdom,$trest,$tsec)= 673: split(/\//,Apache::lonnet::declutter($where)); 674: if ($trest) { 675: if ($ENV{'course.'.$tdom.'_'.$trest.'.description'} eq 'ca') { 676: $ttype='Construction Space'; 677: $twhere='User: '.$trest.', Domain: '.$tdom; 678: } else { 679: $ttype='Course'; 680: $twhere=$ENV{'course.'.$tdom.'_'.$trest.'.description'}; 681: if ($tsec) { 682: $twhere.=' (Section/Group: '.$tsec.')'; 683: } 684: } 685: } elsif ($tdom) { 686: $ttype='Domain'; 687: $twhere=$tdom; 688: } else { 689: $ttype='System'; 690: $twhere='/'; 691: } 692: $r->print("\n<h3>".$ttype.': '.$twhere.'</h3><ul>'); 693: foreach (sort split(/:/,$ENV{$envkey})) { 694: if ($_) { 695: my ($prv,$restr)=split(/\&/,$_); 696: my $trestr=''; 697: if ($restr ne 'F') { 698: my $i; 699: $trestr.=' ('; 700: for ($i=0;$i<length($restr);$i++) { 701: $trestr.= 702: Apache::lonnet::plaintext(substr($restr,$i,1)); 703: if ($i<length($restr)-1) { $trestr.=', '; } 704: } 705: $trestr.=')'; 706: } 707: $r->print('<li>'. 708: Apache::lonnet::plaintext($prv).$trestr. 709: '</li>'); 710: } 711: } 712: $r->print('</ul>'); 713: } 714: } 715: } 716: $r->print(&Apache::lonnet::getannounce()); 717: if ($advanced) { 718: $r->print('<p><small><i>This is LON-CAPA '. 719: $r->dir_config('lonVersion').'</i><br />'. 720: '<a href="/adm/logout">'.&mt('Logout').'</a></small></p>'); 721: } 722: $r->print("</body></html>\n"); 723: return OK; 724: } 725: 726: sub role_status { 727: my ($rolekey,$then,$now,$role,$where,$trolecode,$tstatus,$tstart,$tend) = @_; 728: my @pwhere = (); 729: if (exists($ENV{$rolekey}) && $ENV{$rolekey} ne '') { 730: (undef,undef,$$role,@pwhere)=split(/\./,$rolekey); 731: unless (!defined($$role) || $$role eq '') { 732: $$where=join('.',@pwhere); 733: $$trolecode=$$role.'.'.$$where; 734: ($$tstart,$$tend)=split(/\./,$ENV{$rolekey}); 735: $$tstatus='is'; 736: if ($$tstart && $$tstart>$then) { 737: $$tstatus='future'; 738: if ($$tstart<$now) { $$tstatus='will'; } 739: } 740: if ($$tend) { 741: if ($$tend<$then) { 742: $$tstatus='expired'; 743: } elsif ($$tend<$now) { 744: $$tstatus='will_not'; 745: } 746: } 747: } 748: } 749: } 750: 751: sub build_roletext { 752: my ($trolecode,$tdom,$trest,$tstatus,$tryagain,$advanced,$tremark,$tbg,$tfont,$trole,$ttype,$twhere,$tpstart,$tpend,$nochoose,$button,$switchserver) = @_; 753: my $roletext='<tr bgcolor="'.$tbg.'">'; 754: unless ($nochoose) { 755: if (!$button) { 756: if ($switchserver) { 757: $roletext.='<td><a href="/adm/logout?handover='. 758: $switchserver.'">'.&mt('Switch Server').'</a></td>'; 759: } else { 760: $roletext.=('<td> </td>'); 761: } 762: } elsif ($tstatus eq 'is') { 763: $roletext.=('<td><input type=submit value="'. 764: &mt('Select').'" name="'. 765: $trolecode.'"></td>'); 766: } elsif ($tryagain) { 767: $roletext.= 768: '<td><input type=submit value="'. 769: &mt('Try Selecting Again').'" name="'.$trolecode.'"></td>'; 770: } elsif ($advanced) { 771: $roletext.= 772: '<td><input type=submit value="'. 773: &mt('Re-Initialize').'" name="'.$trolecode.'"></td>'; 774: } else { 775: $roletext.='<td> </td>'; 776: } 777: } 778: $tremark.=&Apache::lonannounce::showday(time,1, 779: &Apache::lonannounce::readcalendar($tdom.'_'.$trest)); 780: 781: 782: $roletext.='<td><font color="'.$tfont.'">'.$trole. 783: '</font></td><td><font color="'.$tfont.'">'.$ttype. 784: '</font></td><td><font color="'.$tfont.'">'.$twhere. 785: '</font></td><td><font color="'.$tfont.'">'.$tpstart. 786: '</font></td><td><font color="'.$tfont.'">'.$tpend. 787: '</font></td><td><font color="'.$tfont.'">'.$tremark. 788: ' </font></td></tr>'."\n"; 789: return $roletext; 790: } 791: 792: sub check_privs { 793: my ($cckey,$then,$now) = @_; 794: if ($ENV{$cckey}) { 795: my ($role,$where,$trolecode,$tstart,$tend,$tremark,$tstatus,$tpstart,$tpend,$tfont); 796: &role_status($cckey,$then,$now,\$role,\$where,\$trolecode,\$tstatus,\$tstart,\$tend); 797: unless (($tstatus eq 'is') || ($tstatus eq 'will_not')) { 798: &set_privileges($1,$2); 799: } 800: } else { 801: &set_privileges($1,$2); 802: } 803: } 804: 805: sub check_fordc { 806: my ($dcroles,$then) = @_; 807: my $numdc = 0; 808: if ($ENV{'user.adv'}) { 809: foreach my $envkey (sort keys %ENV) { 810: if ($envkey=~/^user\.role\.dc\.\/(\w+)\/$/) { 811: my $dcdom = $1; 812: my $livedc = 1; 813: my ($tstart,$tend)=split(/\./,$ENV{$envkey}); 814: if ($tstart && $tstart>$then) { $livedc = 0; } 815: if ($tend && $tend <$then) { $livedc = 0; } 816: if ($livedc) { 817: $$dcroles{$dcdom} = $envkey; 818: $numdc++; 819: } 820: } 821: } 822: } 823: return $numdc; 824: } 825: 826: sub courselink { 827: my ($dcdom) = @_; 828: my $courseform=&Apache::loncommon::selectcourse_link 829: ('rolechoice','dccourse_'.$dcdom,'dcdomain_'.$dcdom,'coursedesc_'.$dcdom,$dcdom); 830: my $hiddenitems = '<input type="hidden" name="dcdomain_'.$dcdom.'" value="'.$dcdom.'" />'. 831: '<input type="hidden" name="origdom_'.$dcdom.'" value="'.$dcdom.'" />'. 832: '<input type="hidden" name="dccourse_'.$dcdom.'" value="" />'. 833: '<input type="hidden" name="coursedesc_'.$dcdom.'" value="" />'; 834: return $courseform.$hiddenitems; 835: } 836: 837: sub coursepick_jscript { 838: my $verify_script = <<"END"; 839: <script> 840: function verifyCoursePick(caller) { 841: var numbutton = getIndex(caller) 842: var pickedCourse = document.rolechoice.elements[numbutton+4].value 843: var pickedDomain = document.rolechoice.elements[numbutton+2].value 844: if (document.rolechoice.elements[numbutton+2].value == document.rolechoice.elements[numbutton+3].value) { 845: if (pickedCourse != '') { 846: if (numbutton != -1) { 847: var courseTarget = "cc./"+pickedDomain+"/"+pickedCourse 848: document.rolechoice.elements[numbutton+1].name = courseTarget 849: document.rolechoice.submit() 850: } 851: } 852: else { 853: alert("Please use the 'Select Course' link to open a separate pick course window where you may select the course you wish to enter."); 854: } 855: } 856: else { 857: alert("You can only use this screen to select courses in the current domain") 858: } 859: } 860: function getIndex(caller) { 861: for (var i=0;i<document.rolechoice.elements.length;i++) { 862: if (document.rolechoice.elements[i] == caller) { 863: return i; 864: } 865: } 866: return -1; 867: } 868: </script> 869: END 870: return $verify_script; 871: } 872: 873: sub processpick { 874: my $dcdom = shift; 875: my $process_pick = <<"END"; 876: <script> 877: function process_pick(dom) { 878: var numbutton = getIndex(dom) 879: var pickedCourse = opener.document.rolechoice.dccourse_$dcdom.value 880: var pickedDomain = opener.document.rolechoice.dcdomain_$dcdom.value 881: if (opener.document.rolechoice.dcdomain_$dcdom.value == opener.document.rolechoice.origdom_$dcdom.value) { 882: if (pickedCourse != '') { 883: if (numbutton != -1) { 884: var courseTarget = "cc./"+pickedDomain+"/"+pickedCourse 885: opener.document.rolechoice.elements[numbutton+1].name = courseTarget 886: opener.document.rolechoice.submit() 887: } 888: } 889: } 890: } 891: 892: function getIndex(dom) { 893: var callername = 'ccpick_'+dom 894: for (var i=0;i<opener.document.rolechoice.elements.length;i++) { 895: var elemname = opener.document.rolechoice.elements[i].name 896: if (elemname == callername) { 897: return i; 898: } 899: } 900: return -1; 901: } 902: </script> 903: END 904: return $process_pick; 905: } 906: 907: sub display_cc_role { 908: my $rolekey = shift; 909: my $roletext; 910: my $advanced = $ENV{'user.adv'}; 911: my $tryagain = $ENV{'form.tryagain'}; 912: unless ($rolekey =~/^error\:/) { 913: if ($rolekey =~ m-^user\.role.cc\./(\w+)/(\w+)$-) { 914: my $tcourseid = $1.'_'.$2; 915: my $trolecode = 'cc./'.$1.'/'.$2; 916: my $trole = Apache::lonnet::plaintext('cc'); 917: my $twhere; 918: my $tbg='#77FF77'; 919: my $tfont='#003300'; 920: my %newhash=&Apache::lonnet::coursedescription($tcourseid); 921: if (%newhash) { 922: $twhere=$newhash{'description'}. 923: ' <font size="-2">'. 924: &Apache::loncommon::syllabuswrapper(&mt('Syllabus'),$2,$1,$tfont). 925: '</font>'; 926: } else { 927: $twhere=&mt('Currently not available'); 928: $ENV{'course.'.$tcourseid.'.description'}=$twhere; 929: } 930: $twhere.="<br />".&mt('Domain').":".$1; 931: $roletext = &build_roletext($trolecode,$1,$2,'is',$tryagain,$advanced,'',$tbg,$tfont,$trole,&mt('Course'),$twhere,'','','',1,''); 932: } 933: } 934: return $roletext; 935: } 936: 937: sub allcourses_row { 938: my $dcdom = shift; 939: my $ccrole = Apache::lonnet::plaintext('cc'); 940: my $selectlink = &courselink($dcdom); 941: my $output = '<tr bgcolor="#77FF77">'. 942: '<td><input type="button" value="'. 943: &mt('Select').'" name="ccpick_'.$dcdom.'"'. 944: 'onClick="verifyCoursePick(this)">'. 945: '<input type="hidden" name="pick_'.$dcdom.'" value="1"></td>'. 946: '<td><font color="#002200">'. 947: $ccrole.'</font></td><td>'.&mt('Course').'</td>'. 948: '<td><font color="#002200">'.&mt('All courses').':<b> '. 949: $selectlink.'</b>'. 950: '<br />'.&mt('Domain').':'.$dcdom.'</font>'. 951: '<td colspan="4"><font color="#002200">'. 952: &mt('Course Coordinator access to all courses in domain'). 953: ': <b>'.$dcdom.'</b></font></td></tr>'."\n"; 954: return $output; 955: } 956: 957: sub recent_filename { 958: my $area=shift; 959: return 'nohist_recent_'.&Apache::lonnet::escape($area); 960: } 961: 962: sub set_privileges { 963: my ($dcdom,$pickedcourse) = @_; 964: my $area = '/'.$dcdom.'/'.$pickedcourse; 965: my $role = 'cc'; 966: my $spec = $role.'.'.$area; 967: my $userroles = &Apache::lonnet::set_arearole($role,$area,'','',$dcdom,$ENV{'user.name'}); 968: my %ccrole = (); 969: &Apache::lonnet::standard_roleprivs(\%ccrole,$role,$dcdom,$spec,$pickedcourse,$area); 970: my ($author,$adv)= &Apache::lonnet::set_userprivs(\$userroles,\%ccrole); 971: my @newprivs = split/\n/,$userroles; 972: my %newccroles = (); 973: foreach (@newprivs) { 974: my ($key,$val) = split/=/,$_; 975: $newccroles{$key} = $val; 976: } 977: &Apache::lonnet::appenv(%newccroles); 978: &Apache::lonnet::log($ENV{'user.domain'}, 979: $ENV{'user.name'}, 980: $ENV{'user.home'}, 981: "Role ".$role); 982: &Apache::lonnet::appenv( 983: 'request.role' => $role, 984: 'request.role.domain' => $dcdom, 985: 'request.course.sec' => ''); 986: my $tadv=0; 987: if (&Apache::lonnet::allowed('adv') eq 'F') { $tadv=1; } 988: &Apache::lonnet::appenv('request.role.adv' => $tadv); 989: } 990: 991: 1; 992: __END__ 993: 994: =head1 NAME 995: 996: Apache::lonroles - User Roles Screen 997: 998: =head1 SYNOPSIS 999: 1000: Invoked by /etc/httpd/conf/srm.conf: 1001: 1002: <Location /adm/roles> 1003: PerlAccessHandler Apache::lonacc 1004: SetHandler perl-script 1005: PerlHandler Apache::lonroles 1006: ErrorDocument 403 /adm/login 1007: ErrorDocument 500 /adm/errorhandler 1008: </Location> 1009: 1010: =head1 OVERVIEW 1011: 1012: =head2 Choosing Roles 1013: 1014: C<lonroles> is a handler that allows a user to switch roles in 1015: mid-session. LON-CAPA attempts to work with "No Role Specified", the 1016: default role that a user has before selecting a role, as widely as 1017: possible, but certain handlers for example need specification which 1018: course they should act on, etc. Both in this scenario, and when the 1019: handler determines via C<lonnet>'s C<&allowed> function that a certain 1020: action is not allowed, C<lonroles> is used as error handler. This 1021: allows the user to select another role which may have permission to do 1022: what they were trying to do. C<lonroles> can also be accessed via the 1023: B<CRS> button in the Remote Control. 1024: 1025: =begin latex 1026: 1027: \begin{figure} 1028: \begin{center} 1029: \includegraphics[width=0.45\paperwidth,keepaspectratio]{Sample_Roles_Screen} 1030: \caption{\label{Sample_Roles_Screen}Sample Roles Screen} 1031: \end{center} 1032: \end{figure} 1033: 1034: =end latex 1035: 1036: =head2 Role Initialization 1037: 1038: The privileges for a user are established at login time and stored in the session environment. As a consequence, a new role does not become active till the next login. Handlers are able to query for privileges using C<lonnet>'s C<&allowed> function. When a user first logs in, their role is the "common" role, which means that they have the sum of all of their privileges. During a session it might become necessary to choose a particular role, which as a consequence also limits the user to only the privileges in that particular role. 1039: 1040: =head1 INTRODUCTION 1041: 1042: This module enables a user to select what role he wishes to 1043: operate under (instructor, student, teaching assistant, course 1044: coordinator, etc). These roles are pre-established by the actions 1045: of upper-level users. 1046: 1047: This is part of the LearningOnline Network with CAPA project 1048: described at http://www.lon-capa.org. 1049: 1050: =head1 HANDLER SUBROUTINE 1051: 1052: This routine is called by Apache and mod_perl. 1053: 1054: =over 4 1055: 1056: =item * 1057: 1058: Roles Initialization (yes/no) 1059: 1060: =item * 1061: 1062: Get Error Message from Environment 1063: 1064: =item * 1065: 1066: Who is this? 1067: 1068: =item * 1069: 1070: Generate Page Output 1071: 1072: =item * 1073: 1074: Choice or no choice 1075: 1076: =item * 1077: 1078: Table 1079: 1080: =item * 1081: 1082: Privileges 1083: 1084: =back 1085: 1086: =cut