1: # The LearningOnline Network with CAPA
2: # User Roles Screen
3: #
4: # $Id: lonroles.pm,v 1.107 2004/11/11 23:17:13 raeburn Exp $
5: #
6: # Copyright Michigan State University Board of Trustees
7: #
8: # This file is part of the LearningOnline Network with CAPA (LON-CAPA).
9: #
10: # LON-CAPA is free software; you can redistribute it and/or modify
11: # it under the terms of the GNU General Public License as published by
12: # the Free Software Foundation; either version 2 of the License, or
13: # (at your option) any later version.
14: #
15: # LON-CAPA is distributed in the hope that it will be useful,
16: # but WITHOUT ANY WARRANTY; without even the implied warranty of
17: # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18: # GNU General Public License for more details.
19: #
20: # You should have received a copy of the GNU General Public License
21: # along with LON-CAPA; if not, write to the Free Software
22: # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
23: #
24: # /home/httpd/html/adm/gpl.txt
25: #
26: # http://www.lon-capa.org/
27: #
28: ###
29:
30: package Apache::lonroles;
31:
32: use strict;
33: use Apache::lonnet();
34: use Apache::lonuserstate();
35: use Apache::Constants qw(:common);
36: use Apache::File();
37: use Apache::lonmenu;
38: use Apache::loncommon;
39: use Apache::lonhtmlcommon;
40: use Apache::lonannounce;
41: use Apache::lonlocal;
42:
43: sub redirect_user {
44: my ($r,$title,$url,$msg,$launch_nav) = @_;
45: $msg = $title if (! defined($msg));
46: &Apache::loncommon::content_type($r,'text/html');
47: &Apache::loncommon::no_cache($r);
48: $r->send_http_header;
49: my $swinfo=&Apache::lonmenu::rawconfig();
50: my $navwindow;
51: if ($launch_nav eq 'on') {
52: $navwindow.=&Apache::lonnavmaps::launch_win('now');
53: } else {
54: $navwindow.=&Apache::lonnavmaps::close();
55: }
56: my $bodytag=&Apache::loncommon::bodytag('Switching Role');
57: # Note to style police:
58: # This must only replace the spaces, nothing else, or it bombs elsewhere.
59: $url=~s/ /\%20/g;
60: $r->print(<<ENDREDIR);
61: <head><title>$title</title>
62: <meta HTTP-EQUIV="Refresh" CONTENT="1; url=$url">
63: </head>
64: <html>
65: $bodytag
66: <script type="text/javascript">
67: $swinfo
68: </script>
69: $navwindow
70: <h1>$msg</h1>
71: <a href="$url">Continue</a>
72: </body>
73: </html>
74: ENDREDIR
75: return;
76: }
77:
78: sub handler {
79:
80: my $r = shift;
81:
82: my $now=time;
83: my $then=$ENV{'user.login.time'};
84: my $envkey;
85: my $dcselect='';
86: my %dcroles = ();
87: my $numdc = &check_fordc(\%dcroles,$then);
88:
89: # ================================================================== Roles Init
90: if ($ENV{'form.selectrole'}) {
91: if ($ENV{'form.dcselected'}) {
92: my $dcdom = $ENV{'form.dcselected'};
93: my $dckey = 'user.role.dc./'.$dcdom.'/';
94: if ($ENV{$dckey}) {
95: my ($dcstart,$dcend)=split(/\./,$ENV{$dckey});
96: my $active_dc = 1;
97: if ($dcstart) {
98: if ($dcstart>$then) {
99: $active_dc = 0;
100: }
101: }
102: if ($dcend) {
103: if ($dcend < $then) {
104: $active_dc = 0;
105: }
106: }
107: if ($active_dc) {
108: $dcselect = $dcdom;
109: }
110: }
111: }
112: if ($ENV{'request.course.id'}) {
113: my %temp=('logout_'.$ENV{'request.course.id'} => time);
114: &Apache::lonnet::put('email_status',\%temp);
115: &Apache::lonnet::delenv('user.state.'.$ENV{'request.course.id'});
116: }
117: &Apache::lonnet::appenv("request.course.id" => '',
118: "request.course.fn" => '',
119: "request.course.uri" => '',
120: "request.course.sec" => '',
121: "request.role" => 'cm',
122: "request.role.adv" => $ENV{'user.adv'},
123: "request.role.domain" => $ENV{'user.domain'});
124:
125: # Check to see if the user is a DC trying to enter a course and needs privs to be created
126: if ($numdc > 0) {
127: foreach my $envkey (keys %ENV) {
128: if ($envkey =~ m-^form\.cc\./(\w+)/(\w+)$-) {
129: if ($dcroles{$1}) {
130: unless ($ENV{'user.role.cc./'.$1.'/'.$2}) {
131: &set_privileges($1,$2);
132: }
133: }
134: last;
135: }
136: }
137: }
138:
139: if ($ENV{'form.dccourse'}) {
140: my $dcdom = $ENV{'form.dcdomain'};
141: my $pickedcourse = $ENV{'form.dccourse'};
142: if ($dcdom && $pickedcourse) {
143: unless ($ENV{'user.role.cc./'.$dcdom.'/'.$pickedcourse}) {
144: if ($ENV{'user.role.dc./'.$dcdom.'/'}) {
145: &set_privileges($dcdom,$pickedcourse);
146: }
147: }
148: }
149: }
150:
151: foreach $envkey (keys %ENV) {
152: next if ($envkey!~/^user\.role\./);
153: my ($where,$trolecode,$role,$tstatus,$tend,$tstart);
154: &role_status($envkey,$then,$now,\$role,\$where,\$trolecode,\$tstatus,\$tstart,\$tend);
155: if ($ENV{'form.'.$trolecode}) {
156: if ($tstatus eq 'is') {
157: $where=~s/^\///;
158: my ($cdom,$cnum,$csec)=split(/\//,$where);
159: # check for keyed access
160: if (($role eq 'st') &&
161: ($ENV{'course.'.$cdom.'_'.$cnum.'.keyaccess'} eq 'yes')) {
162: # who is key authority?
163: my $authdom=$cdom;
164: my $authnum=$cnum;
165: if ($ENV{'course.'.$cdom.'_'.$cnum.'.keyauth'}) {
166: ($authnum,$authdom)=
167: split(/\W/,$ENV{'course.'.$cdom.'_'.$cnum.'.keyauth'});
168: }
169: # check with key authority
170: unless (&Apache::lonnet::validate_access_key(
171: $ENV{'environment.key.'.$cdom.'_'.$cnum},
172: $authdom,$authnum)) {
173: # there is no valid key
174: if ($ENV{'form.newkey'}) {
175: # student attempts to register a new key
176: &Apache::loncommon::content_type($r,'text/html');
177: &Apache::loncommon::no_cache($r);
178: $r->send_http_header;
179: my $swinfo=&Apache::lonmenu::rawconfig();
180: my $bodytag=&Apache::loncommon::bodytag
181: ('Verifying Access Key to Unlock this Course');
182: my $buttontext=&mt('Enter Course');
183: my $message=&mt('Successfully registered key');
184: my $assignresult=
185: &Apache::lonnet::assign_access_key(
186: $ENV{'form.newkey'},
187: $authdom,$authnum,
188: $cdom,$cnum,
189: $ENV{'user.domain'},
190: $ENV{'user.name'},
191: 'Assigned from '.$ENV{'REMOTE_ADDR'}.' at '.localtime().' for '.
192: $trolecode);
193: unless ($assignresult eq 'ok') {
194: $assignresult=~s/^error\:\s*//;
195: $message=&mt($assignresult).
196: '<br /><a href="/adm/logout">'.
197: &mt('Logout').'</a>';
198: $buttontext=&mt('Re-Enter Key');
199: }
200: $r->print(<<ENDENTEREDKEY);
201: <head><title>Verifying Course Access Key</title>
202: </head>
203: <html>
204: $bodytag
205: <script>
206: $swinfo
207: </script>
208: <form method="post">
209: <input type="hidden" name="selectrole" value="1" />
210: <input type="hidden" name="$trolecode" value="1" />
211: <font size="+2">$message</font><br />
212: <input type="submit" value="$buttontext" />
213: </form>
214: </body></html>
215: ENDENTEREDKEY
216: return OK;
217: } else {
218: # print form to enter a new key
219: &Apache::loncommon::content_type($r,'text/html');
220: &Apache::loncommon::no_cache($r);
221: $r->send_http_header;
222: my $swinfo=&Apache::lonmenu::rawconfig();
223: my $bodytag=&Apache::loncommon::bodytag
224: ('Enter Access Key to Unlock this Course');
225: $r->print(<<ENDENTERKEY);
226: <head><title>Entering Course Access Key</title>
227: </head>
228: <html>
229: $bodytag
230: <script>
231: $swinfo
232: </script>
233: <form method="post">
234: <input type="hidden" name="selectrole" value="1" />
235: <input type="hidden" name="$trolecode" value="1" />
236: <input type="text" size="20" name="newkey" value="$ENV{'form.newkey'}" />
237: <input type="submit" value="Enter key" />
238: </form>
239: </body></html>
240: ENDENTERKEY
241: return OK;
242: }
243: }
244: }
245: &Apache::lonnet::log($ENV{'user.domain'},
246: $ENV{'user.name'},
247: $ENV{'user.home'},
248: "Role ".$trolecode);
249:
250: &Apache::lonnet::appenv(
251: 'request.role' => $trolecode,
252: 'request.role.domain' => $cdom,
253: 'request.course.sec' => $csec);
254: my $tadv=0;
255: if (&Apache::lonnet::allowed('adv') eq 'F') { $tadv=1; }
256: &Apache::lonnet::appenv('request.role.adv' => $tadv);
257:
258: my $msg=&mt('Entering course ...');
259:
260: if (($cnum) && ($role ne 'ca')) {
261: my ($furl,$ferr)=
262: &Apache::lonuserstate::readmap($cdom.'/'.$cnum);
263: if (($ENV{'form.orgurl'}) &&
264: ($ENV{'form.orgurl'}!~/^\/adm\/flip/)) {
265: my $dest=$ENV{'form.orgurl'};
266: if ( &Apache::lonnet::mod_perl_version() == 2 ) {
267: &Apache::lonnet::cleanenv();
268: }
269: $r->internal_redirect($dest);
270: return OK;
271: } else {
272: unless ($ENV{'request.course.id'}) {
273: &Apache::lonnet::appenv(
274: "request.course.id" => $cdom.'_'.$cnum);
275: $furl='/adm/roles?tryagain=1';
276: $msg=
277: '<h1><font color=red>'.
278: &mt('Could not initialize course at this time.').
279: '</font></h1><h3>'.&mt('Please try again.').'</h3>'.$ferr;
280: }
281:
282: # Check to see if the user is a CC entering a course
283: # for the first time
284: my (undef, undef, $role, $courseid) = split(/\./, $envkey);
285: if (substr($courseid, 0, 1) eq '/') {
286: $courseid = substr($courseid, 1);
287: }
288: $courseid =~ s/\//_/;
289: if ($role eq 'cc' && $ENV{'course.' . $courseid .
290: '.course.helper.not.run'}) {
291: $furl = "/adm/helper/course.initialization.helper";
292: }
293: # Check to see if the user is a DC coming from the
294: # course selection page
295: if ($ENV{'form.dccourse'}) {
296: my $formaction = '/adm/roles/';
297: my ($dcdom,$pickedcourse) = split/_/,$courseid;
298: if ($ENV{'user.role.dc./'.$dcdom.'/'}) {
299: &Apache::lonhtmlcommon::store_recent('cc_pickby_dc_'.$dcdom,
300: $courseid,$formaction);
301: }
302: }
303: #
304: # Send the user to the course they selected
305: &redirect_user($r,&mt('Entering Course'),
306: $furl,$msg,
307: $ENV{'environment.remotenavmap'});
308: return OK;
309: }
310: }
311: #
312: # Send the user to the construction space they selected
313: if ($role =~ /^(au|ca)$/) {
314: my $redirect_url = '/priv/';
315: if ($role eq 'au') {
316: $redirect_url.=$ENV{'user.name'};
317: } else {
318: $where =~ /\/(.*)$/;
319: $redirect_url .= $1;
320: }
321: $redirect_url .= '/';
322: &redirect_user($r,&mt('Entering Construction Space'),
323: $redirect_url);
324: return OK;
325: }
326: if ($role eq 'dc') {
327: unless ($dcselect) {
328: my $redirect_url = '/adm/menu/';
329: &redirect_user($r,&mt('Loading Domain Coordinator Menu'),
330: $redirect_url);
331: return OK;
332: }
333: }
334: }
335: }
336: }
337: }
338:
339:
340: # =============================================================== No Roles Init
341:
342: &Apache::loncommon::content_type($r,'text/html');
343: &Apache::loncommon::no_cache($r);
344: $r->send_http_header;
345: return OK if $r->header_only;
346:
347: my $swinfo=&Apache::lonmenu::rawconfig();
348: my $setDCchoice = &dc_script();
349: my $bodytag=&Apache::loncommon::bodytag('User Roles');
350: my $helptag='<table><tr><td>'.&Apache::loncommon::help_open_menu('','General Intro','General_Intro','User Roles',1,undef,undef,undef,undef,,&mt("Click here for help")).'</td></td></tr></table>';
351: $r->print(<<ENDHEADER);
352: <html>
353: <head>
354: <title>LON-CAPA User Roles</title>
355: </head>
356: $bodytag
357: $helptag<br />
358: <script>
359: $swinfo
360: window.focus();
361: $setDCchoice
362: </script>
363: ENDHEADER
364:
365: # ------------------------------------------ Get Error Message from Environment
366:
367: my ($fn,$priv,$nochoose,$error,$msg)=split(/:/,$ENV{'user.error.msg'});
368: if ($ENV{'user.error.msg'}) {
369: $r->log_reason(
370: "$msg for $ENV{'user.name'} domain $ENV{'user.domain'} access $priv",$fn);
371: }
372:
373: # ------------------------------------------------- Can this user re-init, etc?
374:
375: my $advanced=$ENV{'user.adv'};
376: &Apache::loncommon::get_unprocessed_cgi($ENV{'QUERY_STRING'},['tryagain']);
377: my $tryagain=$ENV{'form.tryagain'};
378:
379: # -------------------------------------------------------- Generate Page Output
380: # -------------------------------------------------------- Domain Coordinator?
381: if ($dcselect ne '') {
382: &choosecourse_display($r,$dcselect,$then,$now);
383: return OK;
384: }
385:
386: # --------------------------------------------------------------- Error Header?
387: if ($error) {
388: $r->print("<h1>LON-CAPA Access Control</h1>");
389: $r->print("<hr><pre>Access : ".
390: Apache::lonnet::plaintext($priv)."\n");
391: $r->print("Resource: $fn\n");
392: $r->print("Action : $msg\n</pre><hr>");
393: } else {
394: if ($ENV{'user.error.msg'}) {
395: $r->print(
396: '<h3><font color=red>'.
397: &mt('You need to choose another user role or enter a specific course for this function').'</font></h3>');
398: }
399: }
400: # -------------------------------------------------------- Choice or no choice?
401: if ($nochoose) {
402: if ($advanced) {
403: $r->print("<h2>".&mt('Assigned User Roles')."</h2>\n");
404: } else {
405: $r->print("<h2>".&mt('Sorry ...')."</h2>\n".
406: &mt('This resource might be part of'));
407: if ($ENV{'request.course.id'}) {
408: $r->print(&mt(' another'));
409: } else {
410: $r->print(&mt(' a certain'));
411: }
412: $r->print(&mt(' course.').'</body></html>');
413: return OK;
414: }
415: } else {
416: if ($advanced) {
417: $r->print(&mt("Your home server is ").
418: $Apache::lonnet::hostname{&Apache::lonnet::homeserver
419: ($ENV{'user.name'},$ENV{'user.domain'})}.
420: "<br />\n");
421: $r->print(&mt(
422: "Author and Co-Author roles may not be available on servers other than your home server."));
423: }
424: if (($ENV{'REDIRECT_QUERY_STRING'}) && ($fn)) {
425: $fn.='?'.$ENV{'REDIRECT_QUERY_STRING'};
426: }
427: $r->print('<form method="post" name="rolechoice" action="'.(($fn)?$fn:$r->uri).'">');
428: $r->print('<input type=hidden name=orgurl value="'.$fn.'">');
429: $r->print('<input type=hidden name=selectrole value=1>');
430: }
431: if ($ENV{'user.adv'}) {
432: $r->print(
433: '<br />'.&mt('Show all roles').': <input type="checkbox" name="showall"');
434: if ($ENV{'form.showall'}) { $r->print(' checked'); }
435: $r->print('><input type=submit value="'.&mt('Display').'">');
436: }
437:
438: my (%roletext,%sortrole,%roleclass);
439: my $countactive=0;
440: my $inrole=0;
441: my $possiblerole='';
442: foreach $envkey (sort keys %ENV) {
443: my $button = 1;
444: my $switchserver='';
445: my $roletext;
446: my $sortkey;
447: if ($envkey=~/^user\.role\./) {
448: my ($role,$where,$trolecode,$tstart,$tend,$tremark,$tstatus,$tpstart,$tpend,$tfont);
449: &role_status($envkey,$then,$now,\$role,\$where,\$trolecode,\$tstatus,\$tstart,\$tend);
450: next if (!defined($role) || $role eq '');
451: $tremark='';
452: $tpstart=' ';
453: $tpend=' ';
454: $tfont='#000000';
455: if ($tstart) {
456: $tpstart=&Apache::lonlocal::locallocaltime($tstart);
457: }
458: if ($tend) {
459: $tpend=&Apache::lonlocal::locallocaltime($tend);
460: }
461: if ($ENV{'request.role'} eq $trolecode) {
462: $tstatus='selected';
463: }
464: my $tbg;
465: if (($tstatus eq 'is') || ($tstatus eq 'selected') ||
466: ($ENV{'form.showall'})) {
467: if ($tstatus eq 'is') {
468: $tbg='#77FF77';
469: $tfont='#003300';
470: $possiblerole=$trolecode;
471: $countactive++;
472: } elsif ($tstatus eq 'future') {
473: $tbg='#FFFF77';
474: $button=0;
475: } elsif ($tstatus eq 'will') {
476: $tbg='#FFAA77';
477: $tremark.=&mt('Active at next login. ');
478: } elsif ($tstatus eq 'expired') {
479: $tbg='#FF7777';
480: $tfont='#330000';
481: $button=0;
482: } elsif ($tstatus eq 'will_not') {
483: $tbg='#AAFF77';
484: $tremark.=&mt('Expired after logout. ');
485: } elsif ($tstatus eq 'selected') {
486: $tbg='#11CC55';
487: $tfont='#002200';
488: $inrole=1;
489: $countactive++;
490: $tremark.=&mt('Currently selected. ');
491: }
492: my $trole;
493: if ($role =~ /^cr\//) {
494: my ($rdummy,$rdomain,$rauthor,$rrole)=split(/\//,$role);
495: $tremark.='<br>'.&mt('Defined by ').$rauthor.
496: &mt(' at ').$rdomain.'.';
497: $trole=$rrole;
498: } else {
499: $trole=Apache::lonnet::plaintext($role);
500: }
501: my $ttype;
502: my $twhere;
503: my ($tdom,$trest,$tsection)=
504: split(/\//,Apache::lonnet::declutter($where));
505: # First, Co-Authorship roles
506: if ($role eq 'ca') {
507: my $home = &Apache::lonnet::homeserver($trest,$tdom);
508: my $allowed=0;
509: my @ids=&Apache::lonnet::current_machine_ids();
510: foreach my $id (@ids) { if ($id eq $home) { $allowed=1; } }
511: if (!$allowed) {
512: $button=0;
513: $switchserver=&Apache::lonnet::escape('http://'.
514: $Apache::lonnet::hostname{$home}.
515: '/adm/login?domain='.$ENV{'user.domain'}.
516: '&username='.$ENV{'user.name'}.
517: '&firsturl=/priv/'.$trest.'/');
518: }
519: #next if ($home eq 'no_host');
520: $home = $Apache::lonnet::hostname{$home};
521: $ttype='Construction Space';
522: $twhere=&mt('User').': '.$trest.'<br />'.&mt('Domain').
523: ': '.$tdom.'<br />'.
524: ' '.&mt('Server').': '.$home;
525: $ENV{'course.'.$tdom.'_'.$trest.'.description'}='ca';
526: $tremark.=&Apache::lonhtmlcommon::authorbombs('/res/'.$tdom.'/'.$trest.'/');
527: $sortkey=$role."$trest:$tdom";
528: } elsif ($role eq 'au') {
529: # Authors
530: my $home = &Apache::lonnet::homeserver
531: ($ENV{'user.name'},$ENV{'user.domain'});
532: my $allowed=0;
533: my @ids=&Apache::lonnet::current_machine_ids();
534: foreach my $id (@ids) { if ($id eq $home) { $allowed=1; } }
535: if (!$allowed) {
536: $button=0;
537: $switchserver=&Apache::lonnet::escape('http://'.
538: $Apache::lonnet::hostname{$home}.
539: '/adm/login?domain='.$ENV{'user.domain'}.
540: '&username='.$ENV{'user.name'}.
541: '&firsturl=/priv/'.$ENV{'user.name'}.'/');
542: }
543: #next if ($home eq 'no_host');
544: $home = $Apache::lonnet::hostname{$home};
545: $ttype='Construction Space';
546: $twhere=&mt('Domain').': '.$tdom.'<br />'.&mt('Server').
547: ': '.$home;
548: $ENV{'course.'.$tdom.'_'.$trest.'.description'}='ca';
549: $tremark.=&Apache::lonhtmlcommon::authorbombs('/res/'.$tdom.'/'.$ENV{'user.name'}.'/');
550: $sortkey=$role;
551: } elsif ($trest) {
552: $ttype='Course';
553: if ($tsection) {
554: $ttype.='<br>'.&mt('Section/Group').': '.$tsection;
555: }
556: my $tcourseid=$tdom.'_'.$trest;
557: if ($ENV{'course.'.$tcourseid.'.description'}) {
558: $twhere=$ENV{'course.'.$tcourseid.'.description'};
559: $sortkey=$role."\0".$tdom."\0".$twhere."\0".$envkey;
560: unless ($twhere eq &mt('Currently not available')) {
561: $twhere.=' <font size="-2">'.
562: &Apache::loncommon::syllabuswrapper(&mt('Syllabus'),$trest,$tdom,$tfont).
563: '</font>';
564: }
565: } else {
566: my %newhash=&Apache::lonnet::coursedescription($tcourseid);
567: if (%newhash) {
568: $sortkey=$role."\0".$tdom."\0".$newhash{'description'}.
569: "\0".$envkey;
570: $twhere=$newhash{'description'}.
571: ' <font size="-2">'.
572: &Apache::loncommon::syllabuswrapper(&mt('Syllabus'),$trest,$tdom,$tfont).
573: '</font>';
574: } else {
575: $twhere=&mt('Currently not available');
576: $ENV{'course.'.$tcourseid.'.description'}=$twhere;
577: $sortkey=$role."\0".$tdom."\0".$twhere."\0".$envkey;
578: }
579: }
580: if ($role ne 'st') { $twhere.="<br />".&mt('Domain').":".$tdom; }
581: } elsif ($tdom) {
582: $ttype='Domain';
583: $twhere=$tdom;
584: $sortkey=$role.$twhere;
585: } else {
586: $ttype='System';
587: $twhere=&mt('system wide');
588: $sortkey=$role.$twhere;
589: }
590:
591: $roletext.='<tr bgcolor='.$tbg.'>';
592: unless ($nochoose) {
593: if (!$button) {
594: if ($switchserver) {
595: $roletext.='<td><a href="/adm/logout?handover='.
596: $switchserver.'">'.&mt('Switch Server').'</a></td>';
597: } else {
598: $roletext.=('<td> </td>');
599: }
600: } elsif ($tstatus eq 'is') {
601: $roletext.=('<td><input type=submit value="'.
602: &mt('Select').'" name="'.
603: $trolecode.'"></td>');
604: } elsif ($tryagain) {
605: $roletext.=
606: '<td><input type=submit value="'.
607: &mt('Try Selecting Again').'" name="'.$trolecode.'"></td>';
608: } elsif ($advanced) {
609: $roletext.=
610: '<td><input type=submit value="'.
611: &mt('Re-Initialize').'" name="'.$trolecode.'"></td>';
612: } else {
613: $roletext.='<td> </td>';
614: }
615: }
616: $tremark.=&Apache::lonannounce::showday(time,1,
617: &Apache::lonannounce::readcalendar($tdom.'_'.$trest));
618:
619: $roletext.='<td><font color="'.$tfont.'">'.$trole.
620: '</font></td><td><font color="'.$tfont.'">'.$ttype.
621: '</font></td><td><font color="'.$tfont.'">'.$twhere.
622: '</font></td><td><font color="'.$tfont.'">'.$tpstart.
623: '</font></td><td><font color="'.$tfont.'">'.$tpend.
624: '</font></td><td><font color="'.$tfont.'">'.$tremark.
625: ' </font></td></tr>'."\n";
626: $roletext{$envkey}=$roletext;
627: if (!$sortkey) {$sortkey=$twhere."\0".$envkey;}
628: $sortrole{$sortkey}=$envkey;
629: $roleclass{$envkey}=$ttype;
630: }
631: }
632: }
633: # No active roles
634: if ($countactive==0) {
635: if ($inrole) {
636: $r->print('<h2>'.&mt('Currently no additional roles or courses').'</h2>');
637: } else {
638: $r->print('<h2>'.&mt('Currently no active roles or courses').'</h2>');
639: }
640: $r->print('</form></body></html>');
641: return OK;
642: # Is there only one choice?
643: } elsif (($countactive==1) && ($ENV{'request.role'} eq 'cm')) {
644: $r->print('<h3>'.&mt('Please stand by.').'</h3>'.
645: '<input type="hidden" name="'.$possiblerole.'" value="1" />');
646: $r->print("</form>\n");
647: $r->rflush();
648: $r->print('<script>document.forms.rolechoice.submit();</script>');
649: $r->print('</body></html>');
650: return OK;
651: }
652: # More than one possible role
653: # ----------------------------------------------------------------------- Table
654: unless (($advanced) || ($nochoose)) {
655: $r->print("<h2>".&mt('Select a Course to Enter')."</h2>\n");
656: }
657: $r->print('<br /><table><tr>');
658: unless ($nochoose) { $r->print('<th> </th>'); }
659: $r->print('<th>'.&mt('User Role').'</th><th colspan=2>'.&mt('Extent').
660: '</th><th>'.&mt('Start').'</th><th>'.&mt('End').'</th><th>'.
661: &mt('Remarks and Calendar Announcements').'</th></tr>'."\n");
662: my $doheaders=-1;
663: foreach my $type ('Construction Space','Course','Domain','System') {
664: my $haverole=0;
665: foreach my $which (sort {uc($a) cmp uc($b)} (keys(%sortrole))) {
666: if ($roleclass{$sortrole{$which}} =~ /^\Q$type\E/) {
667: $haverole=1;
668: }
669: }
670: if ($haverole) { $doheaders++; }
671: }
672: if ($numdc > 0) {
673: $r->print('<tr bgcolor="#BBffBB">'.
674: '<td align="center" colspan="7">'.
675: '<input type="hidden" name="all_cc_roles" value="1"/>'.
676: '<input type="hidden" name="dcselected" value=""/>'.
677: &mt('Domain').'</td>');
678: foreach my $dcdom (keys %dcroles) {
679: my $output = $roletext{$dcroles{$dcdom}};
680: my $ccrole = Apache::lonnet::plaintext('cc');
681: if ($ENV{'request.role'} =~ m-cc\./$dcdom/-) {
682: $output.=$roletext{'user.role.'.$ENV{'request.role'}};
683: }
684: $r->print($output);
685: $r->print('<tr bgcolor="#77FF77">');
686: $r->print('<td><input type="button" value="'.
687: &mt('Select').'" name="dcpick_'.$dcdom.'/" '.
688: 'onClick="setDCchoice('."'$dcdom'".')"></td>'.
689: '<td><font color="#002200">'.
690: $ccrole.'</font></td><td>'.&mt('Course').'</td>'.
691: '<td><font color="#002200"><b>'.&mt('All courses').'</b>'.
692: '<br />'.&mt('Domain').':'.$dcdom.'</font>'.
693: '<td colspan="4"><font color="#002200">'.
694: &mt('Course Coordinator access to all courses in domain').
695: ': <b>'.$dcdom.'</b></font></td></tr>'."\n");
696: }
697: foreach my $type ('Construction Space','Course','Domain','System') {
698: my $output;
699: foreach my $which (sort {uc($a) cmp uc($b)} (keys(%sortrole))) {
700: my $skiprole = 0;
701: foreach my $dcdom (keys %dcroles) {
702: if ($sortrole{$which} =~ m-(dc)\./$dcdom/-) {
703: $skiprole = 1;
704: last;
705: }
706: }
707: if (($roleclass{$sortrole{$which}} =~ /^\Q$type\E/) && (!$skiprole)) {
708: $output.=$roletext{$sortrole{$which}};
709: }
710: }
711: if ($output) {
712: if ($doheaders > 0) {
713: $r->print("<tr bgcolor='#BBffBB'>".
714: "<td align='center' colspan='7'>".&mt($type)."</td>
715: ");
716: }
717: $r->print($output);
718: }
719: }
720: } else {
721: foreach my $type ('Construction Space','Course','Domain','System') {
722: my $output;
723: foreach my $which (sort {uc($a) cmp uc($b)} (keys(%sortrole))) {
724: if ($roleclass{$sortrole{$which}} =~ /^\Q$type\E/) {
725: $output.=$roletext{$sortrole{$which}};
726: }
727: }
728: if ($output) {
729: if ($doheaders > 0) {
730: $r->print("<tr bgcolor='#BBffBB'>".
731: "<td align='center' colspan='7'>".&mt($type)."</td>");
732: }
733: $r->print($output);
734: }
735: }
736: }
737: my $tremark='';
738: my $tfont='#003300';
739: if ($ENV{'request.role'} eq 'cm') {
740: $r->print('<tr bgcolor="#11CC55">');
741: $tremark=&mt('Currently selected. ');
742: $tfont='#002200';
743: } else {
744: $r->print('<tr bgcolor="#77FF77">');
745: }
746: unless ($nochoose) {
747: if ($ENV{'request.role'} ne 'cm') {
748: $r->print('<td><input type=submit value="'.
749: &mt('Select').'" name="cm"></td>');
750: } else {
751: $r->print('<td> </td>');
752: }
753: }
754: $r->print('<td colspan=5><font color="'.$tfont.'">'.&mt('No role specified').
755: '</font></td><td><font color="'.$tfont.'">'.$tremark.
756: ' </font></td></tr>'."\n");
757:
758: $r->print('</table>');
759: unless ($nochoose) {
760: $r->print("</form>\n");
761: }
762: # ------------------------------------------------------------ Privileges Info
763: if (($advanced) && (($ENV{'user.error.msg'}) || ($error))) {
764: $r->print('<hr><h2>Current Privileges</h2>');
765:
766: foreach $envkey (sort keys %ENV) {
767: if ($envkey=~/^user\.priv\.$ENV{'request.role'}\./) {
768: my $where=$envkey;
769: $where=~s/^user\.priv\.$ENV{'request.role'}\.//;
770: my $ttype;
771: my $twhere;
772: my ($tdom,$trest,$tsec)=
773: split(/\//,Apache::lonnet::declutter($where));
774: if ($trest) {
775: if ($ENV{'course.'.$tdom.'_'.$trest.'.description'} eq 'ca') {
776: $ttype='Construction Space';
777: $twhere='User: '.$trest.', Domain: '.$tdom;
778: } else {
779: $ttype='Course';
780: $twhere=$ENV{'course.'.$tdom.'_'.$trest.'.description'};
781: if ($tsec) {
782: $twhere.=' (Section/Group: '.$tsec.')';
783: }
784: }
785: } elsif ($tdom) {
786: $ttype='Domain';
787: $twhere=$tdom;
788: } else {
789: $ttype='System';
790: $twhere='/';
791: }
792: $r->print("\n<h3>".$ttype.': '.$twhere.'</h3><ul>');
793: foreach (sort split(/:/,$ENV{$envkey})) {
794: if ($_) {
795: my ($prv,$restr)=split(/\&/,$_);
796: my $trestr='';
797: if ($restr ne 'F') {
798: my $i;
799: $trestr.=' (';
800: for ($i=0;$i<length($restr);$i++) {
801: $trestr.=
802: Apache::lonnet::plaintext(substr($restr,$i,1));
803: if ($i<length($restr)-1) { $trestr.=', '; }
804: }
805: $trestr.=')';
806: }
807: $r->print('<li>'.
808: Apache::lonnet::plaintext($prv).$trestr.
809: '</li>');
810: }
811: }
812: $r->print('</ul>');
813: }
814: }
815: }
816: $r->print(&Apache::lonnet::getannounce());
817: if ($advanced) {
818: $r->print('<p><small><i>This is LON-CAPA '.
819: $r->dir_config('lonVersion').'</i><br />'.
820: '<a href="/adm/logout">'.&mt('Logout').'</a></small></p>');
821: }
822: $r->print("</body></html>\n");
823: return OK;
824: }
825:
826: sub role_status {
827: my ($rolekey,$then,$now,$role,$where,$trolecode,$tstatus,$tstart,$tend) = @_;
828: my @pwhere = ();
829: if (exists($ENV{$rolekey}) && $ENV{$rolekey} ne '') {
830: (undef,undef,$$role,@pwhere)=split(/\./,$rolekey);
831: unless (!defined($$role) || $$role eq '') {
832: $$where=join('.',@pwhere);
833: $$trolecode=$$role.'.'.$$where;
834: ($$tstart,$$tend)=split(/\./,$ENV{$rolekey});
835: $$tstatus='is';
836: if ($$tstart && $$tstart>$then) {
837: $$tstatus='future';
838: if ($$tstart<$now) { $$tstatus='will'; }
839: }
840: if ($$tend) {
841: if ($$tend<$then) {
842: $$tstatus='expired';
843: } elsif ($$tend<$now) {
844: $$tstatus='will_not';
845: }
846: }
847: }
848: }
849: }
850:
851: sub dc_script {
852: my $response = (<<"END");
853: function setDCchoice(caller) {
854: var dcname = "dc./"+caller+"/"
855: document.rolechoice.dcselected.value = caller
856: document.rolechoice.elements[3].name = dcname
857: document.rolechoice.submit()
858: }
859: END
860: return $response;
861: }
862:
863: sub check_fordc {
864: my ($dcroles,$then) = @_;
865: my $numdc = 0;
866: if ($ENV{'user.adv'}) {
867: foreach my $envkey (sort keys %ENV) {
868: if ($envkey=~/^user\.role\.dc\.\/(\w+)\/$/) {
869: my $dcdom = $1;
870: my $livedc = 1;
871: my ($tstart,$tend)=split(/\./,$ENV{$envkey});
872: if ($tstart && $tstart>$then) { $livedc = 0; }
873: if ($tend && $tend <$then) { $livedc = 0; }
874: if ($livedc) {
875: $$dcroles{$dcdom} = $envkey;
876: $numdc++;
877: }
878: }
879: }
880: }
881: return $numdc;
882: }
883:
884: sub choosecourse_display {
885: my ($r,$dcdom,$then,$now) = @_;
886: my $cb_jscript = &Apache::loncommon::coursebrowser_javascript($dcdom,'dom');
887: my $verify_script = <<"END";
888: <script>
889: function verifyCoursePick() {
890: var pickedCourse = document.roles.dccourse.value
891: var pickedDomain = document.roles.dcdomain.value
892: if (document.roles.dcdomain.value == document.roles.origdom.value) {
893: if (pickedCourse != '') {
894: var courseTarget = "cc./"+pickedDomain+"/"+pickedCourse
895: document.roles.elements[0].value = 1
896: document.roles.elements[0].name = courseTarget
897: document.roles.selectrole.value = 1
898: document.roles.submit()
899: }
900: else {
901: alert("You must use the 'Select Course' link to open a separate pick course window which you can use to select the course you wish to enter");
902: }
903: }
904: else {
905: alert("You can only use this screen to select courses in the current domain")
906: }
907: }
908: </script>
909: END
910: my $courseform=&Apache::loncommon::selectcourse_link
911: ('roles','dccourse','dcdomain','coursedesc');
912: $r->print($cb_jscript.$verify_script);
913: my $formaction='/adm/roles';
914: $formaction=~s/\/+/\//g;
915: my $crs;
916: &select_recent_courses($r,$dcdom,$then,$now);
917: $r->print('<br /><form name="roles" method="post" action="'.$formaction.'" />');
918: $r->print('<h3>'.&mt('Choose a course from domain').': '.$dcdom.'</h3><font size="+1">'.$courseform.'</font><br /><br />'.
919: '<input type="hidden" name="chosencourse" value=""/>'.
920: 'Course Title: <input type="text" size="20" name="coursedesc" value=""><br />'.
921: 'Course ID: <input type="text" size="15" name="dccourse" />'.
922: '<input type="hidden" name="dcdomain" value="'.$dcdom.'" />'.
923: '<input type="hidden" name="origdom" value="'.$dcdom.'" />'.
924: '<input type="hidden" name="selectrole" value="" />'.
925: '<br /><br /><input type="button" name="proceed" value="'.&mt('Enter this course').'" onClick="verifyCoursePick()" />'.
926: '</form>');
927: return;
928: }
929:
930: sub select_recent_courses {
931: my ($r,$dcdom,$then,$now)=@_;
932: my $advanced = $ENV{'user.adv'};
933: my $tryagain = $ENV{'form.tryagain'};
934: my %recent=&Apache::lonnet::dump(&recent_filename('cc_pickby_dc_'.$dcdom));
935: my $numrecent = 0;
936: my $roletext = '<h3>'.&mt('Enter a recently visited course').'</h3>'.
937: '<form name="rolechoice" action="/adm/roles" method="post">'.
938: '<table><tr><th> </th>'.
939: '<th>'.&mt('User Role').'</th><th colspan=2>'.&mt('Extent').
940: '</th><th>'.&mt('Start').'</th><th>'.&mt('End').'</th><th>'.
941: &mt('Remarks and Calendar Announcements').'</th></tr>'."\n".
942: '<tr bgcolor="#BBffBB">'.
943: '<td align="center" colspan="7">'.
944: &mt('Domain').' - '.&mt('Recent courses accessed in this domain').
945: '</td></tr>'."\n";
946: foreach my $courseid (sort keys %recent) {
947: unless ($courseid =~/^error\:/) {
948: my ($dom,$crs) = split/_/,$courseid;
949: if ($dom eq $dcdom) {
950: $numrecent ++;
951: my $crskey = 'user.role.cc./'.$dom.'/'.$crs;
952: my ($where,$trolecode,$role,$tstatus,$tend,$tstart,$tbg,$tfont,$tremark,$inrole,$tpstart,$tpend);
953: my $button = 1;
954: &role_status($crskey,$then,$now,\$role,\$where,\$trolecode,\$tstatus,\$tstart,\$tend);
955: if ($tstart) {
956: $tpstart=&Apache::lonlocal::locallocaltime($tstart);
957: }
958: if ($tend) {
959: $tpend=&Apache::lonlocal::locallocaltime($tend);
960: }
961: my $ttype = &mt('Course');
962: my $twhere;
963: if ($ENV{'course.'.$courseid.'.description'}) {
964: $twhere=$ENV{'course.'.$courseid.'.description'};
965: }
966: my ($tdom,$trest,$tsection)=
967: split(/\//,Apache::lonnet::declutter($where));
968: if ($ENV{'request.role'} eq $trolecode) {
969: $tstatus='selected';
970: }
971: if ($tstatus eq 'is') {
972: $tbg='#77FF77';
973: $tfont='#003300';
974: } elsif ($tstatus eq 'future') {
975: $tbg='#FFFF77';
976: $button=0;
977: } elsif ($tstatus eq 'will') {
978: $tbg='#FFAA77';
979: $tremark.=&mt('Active at next login. ');
980: } elsif ($tstatus eq 'expired') {
981: $tbg='#FF7777';
982: $tfont='#330000';
983: $button=0;
984: } elsif ($tstatus eq 'will_not') {
985: $tbg='#AAFF77';
986: $tremark.=&mt('Expired after logout. ');
987: } elsif ($tstatus eq 'selected') {
988: $tbg='#11CC55';
989: $tfont='#002200';
990: $inrole=1;
991: $tremark.=&mt('Currently selected. ');
992: }
993: my $trole=Apache::lonnet::plaintext($role);
994: $roletext.='<tr bgcolor='.$tbg.'>';
995: if (!$button) {
996: $roletext.=('<td> </td>');
997: } elsif ($tstatus eq 'is') {
998: $roletext.=('<td><input type=submit value="'.
999: &mt('Select').'" name="'.
1000: $trolecode.'"></td>');
1001: } elsif ($tryagain) {
1002: $roletext.=
1003: '<td><input type=submit value="'.
1004: &mt('Try Selecting Again').'" name="'.$trolecode.'"></td>';
1005: } elsif ($advanced) {
1006: $roletext.=
1007: '<td><input type=submit value="'.
1008: &mt('Re-Initialize').'" name="'.$trolecode.'"></td>';
1009: } else {
1010: $roletext.='<td> </td>';
1011: }
1012: $tremark.=&Apache::lonannounce::showday(time,1,
1013: &Apache::lonannounce::readcalendar($tdom.'_'.$trest));
1014:
1015: $roletext.='<td><font color="'.$tfont.'">'.$trole.
1016: '</font></td><td><font color="'.$tfont.'">'.$ttype.
1017: '</font></td><td><font color="'.$tfont.'">'.$twhere.
1018: '</font></td><td><font color="'.$tfont.'">'.$tpstart.
1019: '</font></td><td><font color="'.$tfont.'">'.$tpend.
1020: '</font></td><td><font color="'.$tfont.'">'.$tremark.
1021: ' </font></td></tr>'."\n";
1022: }
1023: }
1024: }
1025: if ($numrecent > 0) {
1026: $r->print($roletext.'</table><input type="hidden" '.
1027: 'name="selectrole" value="1" /></form>'."\n");
1028: }
1029: }
1030:
1031: sub recent_filename {
1032: my $area=shift;
1033: return 'nohist_recent_'.&Apache::lonnet::escape($area);
1034: }
1035:
1036: sub set_privileges {
1037: my ($dcdom,$pickedcourse) = @_;
1038: my $area = '/'.$dcdom.'/'.$pickedcourse;
1039: my $role = 'cc';
1040: my $spec = $role.'.'.$area;
1041: my $userroles = &Apache::lonnet::set_arearole($role,$area,'','',$dcdom,$ENV{'user.name'});
1042: my %ccrole = ();
1043: &Apache::lonnet::standard_roleprivs(\%ccrole,$role,$dcdom,$spec,$pickedcourse,$area);
1044: my ($author,$adv)= &Apache::lonnet::set_userprivs(\$userroles,\%ccrole);
1045: my @newprivs = split/\n/,$userroles;
1046: my %newccroles = ();
1047: foreach (@newprivs) {
1048: my ($key,$val) = split/=/,$_;
1049: $newccroles{$key} = $val;
1050: }
1051: &Apache::lonnet::appenv(%newccroles);
1052: &Apache::lonnet::log($ENV{'user.domain'},
1053: $ENV{'user.name'},
1054: $ENV{'user.home'},
1055: "Role ".$role);
1056: &Apache::lonnet::appenv(
1057: 'request.role' => $role,
1058: 'request.role.domain' => $dcdom,
1059: 'request.course.sec' => '');
1060: my $tadv=0;
1061: if (&Apache::lonnet::allowed('adv') eq 'F') { $tadv=1; }
1062: &Apache::lonnet::appenv('request.role.adv' => $tadv);
1063: }
1064:
1065: 1;
1066: __END__
1067:
1068: =head1 NAME
1069:
1070: Apache::lonroles - User Roles Screen
1071:
1072: =head1 SYNOPSIS
1073:
1074: Invoked by /etc/httpd/conf/srm.conf:
1075:
1076: <Location /adm/roles>
1077: PerlAccessHandler Apache::lonacc
1078: SetHandler perl-script
1079: PerlHandler Apache::lonroles
1080: ErrorDocument 403 /adm/login
1081: ErrorDocument 500 /adm/errorhandler
1082: </Location>
1083:
1084: =head1 OVERVIEW
1085:
1086: =head2 Choosing Roles
1087:
1088: C<lonroles> is a handler that allows a user to switch roles in
1089: mid-session. LON-CAPA attempts to work with "No Role Specified", the
1090: default role that a user has before selecting a role, as widely as
1091: possible, but certain handlers for example need specification which
1092: course they should act on, etc. Both in this scenario, and when the
1093: handler determines via C<lonnet>'s C<&allowed> function that a certain
1094: action is not allowed, C<lonroles> is used as error handler. This
1095: allows the user to select another role which may have permission to do
1096: what they were trying to do. C<lonroles> can also be accessed via the
1097: B<CRS> button in the Remote Control.
1098:
1099: =begin latex
1100:
1101: \begin{figure}
1102: \begin{center}
1103: \includegraphics[width=0.45\paperwidth,keepaspectratio]{Sample_Roles_Screen}
1104: \caption{\label{Sample_Roles_Screen}Sample Roles Screen}
1105: \end{center}
1106: \end{figure}
1107:
1108: =end latex
1109:
1110: =head2 Role Initialization
1111:
1112: The privileges for a user are established at login time and stored in the session environment. As a consequence, a new role does not become active till the next login. Handlers are able to query for privileges using C<lonnet>'s C<&allowed> function. When a user first logs in, their role is the "common" role, which means that they have the sum of all of their privileges. During a session it might become necessary to choose a particular role, which as a consequence also limits the user to only the privileges in that particular role.
1113:
1114: =head1 INTRODUCTION
1115:
1116: This module enables a user to select what role he wishes to
1117: operate under (instructor, student, teaching assistant, course
1118: coordinator, etc). These roles are pre-established by the actions
1119: of upper-level users.
1120:
1121: This is part of the LearningOnline Network with CAPA project
1122: described at http://www.lon-capa.org.
1123:
1124: =head1 HANDLER SUBROUTINE
1125:
1126: This routine is called by Apache and mod_perl.
1127:
1128: =over 4
1129:
1130: =item *
1131:
1132: Roles Initialization (yes/no)
1133:
1134: =item *
1135:
1136: Get Error Message from Environment
1137:
1138: =item *
1139:
1140: Who is this?
1141:
1142: =item *
1143:
1144: Generate Page Output
1145:
1146: =item *
1147:
1148: Choice or no choice
1149:
1150: =item *
1151:
1152: Table
1153:
1154: =item *
1155:
1156: Privileges
1157:
1158: =back
1159:
1160: =cut
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/back.gif){kind=icon}
Return to lonroles.pm CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [LON-CAPA] / loncom / auth