1: # The LearningOnline Network
2: # Opening converted problems and directory listings for Daxe
3: #
4: # $Id: daxeopen.pm,v 1.12 2023/08/23 22:57:39 raeburn Exp $
5: #
6: # Copyright Michigan State University Board of Trustees
7: #
8: # This file is part of the LearningOnline Network with CAPA (LON-CAPA).
9: #
10: # LON-CAPA is free software; you can redistribute it and/or modify
11: # it under the terms of the GNU General Public License as published by
12: # the Free Software Foundation; either version 2 of the License, or
13: # (at your option) any later version.
14: #
15: # LON-CAPA is distributed in the hope that it will be useful,
16: # but WITHOUT ANY WARRANTY; without even the implied warranty of
17: # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18: # GNU General Public License for more details.
19: #
20: # You should have received a copy of the GNU General Public License
21: # along with LON-CAPA; if not, write to the Free Software
22: # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
23: #
24: # /home/httpd/html/adm/gpl.txt
25: #
26: # http://www.lon-capa.org/
27: #
28: ###
29:
30: package Apache::daxeopen;
31: use strict;
32:
33: use Apache::Constants qw(:common);
34: use DateTime;
35: use Try::Tiny;
36: use File::stat;
37: use Fcntl ':mode';
38:
39: use LONCAPA qw(:match);
40: use Apache::loncommon;
41: use Apache::lonnet;
42: use Apache::pre_xml;
43: use Apache::html_to_xml;
44: use Apache::post_xml;
45: use Apache::lonlocal;
46:
47: sub handler {
48: my $request = shift;
49: my $uri = $request->uri;
50: $uri =~ s{^/daxeopen}{};
51: &Apache::loncommon::no_cache($request);
52: if ($uri =~ m{/$}) {
53: return directory_listing($uri, $request);
54: } elsif ($uri =~ m{^/priv/.*\.(task|problem|exam|quiz|assess|survey|library|xml|html|htm|xhtml|xhtm)$}) {
55: return convert_problem($uri, $request);
56: } else {
57: # Apache should send other files directly
58: $request->status(406);
59: return OK;
60: }
61: }
62:
63: sub convert_problem {
64: my ($uri, $request) = @_;
65: if ($uri =~ m{^/priv/$match_domain/$match_username/}) {
66: unless (&has_priv_access($uri)) {
67: $request->content_type('text/plain');
68: $request->print(&mt('Forbidden URI: [_1]',$uri));
69: $request->status(403);
70: return OK;
71: }
72: }
73: my $file = &Apache::lonnet::filelocation('', $uri);
74: &Apache::lonnet::repcopy($file);
75: if (! -e $file) {
76: $request->status(404);
77: return OK;
78: }
79: try {
80: my $warnings = 0; # no warning printed
81: my $textref = &Apache::pre_xml::pre_xml($file, $warnings);
82: my $case_sensitive;
83: if ($uri =~ /\.(task)$/) {
84: $case_sensitive = 1;
85: } else {
86: $case_sensitive = 0;
87: }
88: $textref = &Apache::html_to_xml::html_to_xml($textref, $warnings, $case_sensitive);
89: my $text = &Apache::post_xml::post_xml($textref, $file, $Apache::lonnet::perlvar{'lonDocRoot'}, $warnings);
90: &Apache::loncommon::content_type($request, 'text/xml', 'utf-8');
91: $request->print($text);
92: return OK;
93: } catch {
94: $request->content_type('text/plain');
95: $request->print(&mt('convert failed for [_1]:',$file)." $_");
96: $request->status(406);
97: return OK;
98: };
99: }
100:
101: sub directory_listing {
102: my ($uri, $request) = @_;
103: my $res = '<?xml version="1.0" encoding="UTF-8"?>'."\n";
104: if ($uri eq '/') {
105: # root: let users browse /res
106: $res .= "<directory name=\"/\">\n";
107: $res .= "<directory name=\"priv\"/>\n";
108: $res .= "<directory name=\"res\"/>\n";
109: } elsif ($uri !~ m{^/(priv|res)/}) {
110: $request->content_type('text/plain');
111: $request->print(&mt('Not found: [_1]',$uri));
112: $request->status(404);
113: return OK;
114: } elsif ($uri =~ m{^/res/}) {
115: # NOTE: dirlist does not return an error for /res/idontexist/
116: my ($listref, $listerror) = &Apache::lonnet::dirlist($uri);
117: if ($listerror) {
118: $request->content_type('text/plain');
119: $request->print(&mt('listing error: [_1]',$listerror));
120: $request->status(406);
121: return OK;
122: } elsif ($uri =~ m{^/res/[^/]+/$} && scalar(@{$listref}) == 0) {
123: $request->content_type('text/plain');
124: $request->print(&mt('Not found: [_1]',$uri));
125: $request->status(404);
126: return OK;
127: }
128: my $dirname = $uri;
129: $dirname =~ s{^.*/([^/]*)$}{$1};
130: $res .= "<directory name=\"$dirname/\">\n";
131: my (%is_course,%is_courseauthor);
132: if (ref($listref) eq 'ARRAY') {
133: my @lines = @{$listref};
134: foreach my $line (@lines) {
135: my ($path, $dom, undef, $testdir, undef, undef, undef, undef, $size, undef, $mtime, undef, undef, undef, $obs, undef) = split(/\&/, $line, 16);
136: my $isdir = ($testdir & 16384) || $dom =~ /^(user|domain)$/;
137: $path =~ s{^/home/httpd/html/res/}{};
138: next if $path eq '.' || $path eq '..';
139: next if $path =~ /\.meta$/ || $obs || $path =~ /\.\d+\.[^.]+$/;
140: if ($dom ne 'domain') {
141: my ($udom,$uname);
142: if ($dom eq 'user') {
143: ($udom) = ($uri =~ m{^/res/($match_domain)});
144: $uname = $path;
145: } else {
146: ($udom, $uname) = ($uri =~ m{^/res/($match_domain)/($match_courseid)});
147: }
148: if ($udom ne '' && $uname ne '') {
149: my $key = $udom.':'.$uname;
150: if (exists($is_course{$key})) {
151: if ($is_course{$key}) {
152: next unless ($is_courseauthor{$key});
153: }
154: } else {
155: if (&Apache::lonnet::is_course($udom, $uname)) {
156: $is_course{$key} = 1;
157: if ($env{'request.course.id'}) {
158: my $cdom = $env{'course.'.$env{'request.course.id'}.'.domain'};
159: my $cnum = $env{'course.'.$env{'request.course.id'}.'.num'};
160: if (($cdom eq $udom) && ($cnum eq $uname)) {
161: if (&Apache::lonnet::allowed('mdc', $env{'request.course.id'})) {
162: $is_courseauthor{$key} = 1;
163: }
164: }
165: }
166: # remove courses from the list
167: next unless ($is_courseauthor{$key});
168: } else {
169: $is_course{$key} = 0;
170: }
171: }
172: }
173: }
174: $path =~ s{/$}{};
175: my $name = $path;
176: if ($isdir) {
177: $res .= "<directory name=\"$name\"/>\n";
178: } else {
179: my $dt = DateTime->from_epoch(epoch => $mtime);
180: my $modified = $dt->iso8601().'Z';
181: $res .= "<file name=\"$name\" size=\"$size\" modified=\"$modified\"/>\n";
182: }
183: }
184: }
185: } elsif ($uri eq '/priv/') {
186: my $referrer = $request->headers_in->{'Referer'};
187: my $defdom = &get_defdom($referrer);
188: if (!defined $defdom) {
189: $request->content_type('text/plain');
190: $request->print(&mt('Forbidden URI: [_1]',$uri));
191: $request->status(403);
192: return OK;
193: }
194: $res .= "<directory name=\"priv\">\n";
195: $res .= "<directory name=\"$defdom\"/>\n";
196: } elsif ($uri =~ m{^/priv/($match_domain)/$}) {
197: my $domain = $1;
198: my $referrer = $request->headers_in->{'Referer'};
199: my $defdom = &get_defdom($referrer);
200: if ($domain ne $defdom) {
201: $request->content_type('text/plain');
202: $request->print(&mt('Forbidden URI: [_1]',$uri));
203: $request->status(403);
204: return OK;
205: }
206: my $defname = &get_defname($domain,$referrer);
207: $res .= "<directory name=\"$domain\">\n";
208: $res .= "<directory name=\"$defname\"/>\n";
209: } elsif ($uri =~ m{^/priv/($match_domain)\/($match_username)/}) {
210: unless (&has_priv_access($uri)) {
211: $request->content_type('text/plain');
212: $request->print(&mt('Forbidden URI: [_1]',$uri));
213: $request->status(403);
214: return OK;
215: }
216: my $dirpath = &Apache::lonnet::filelocation('', $uri);
217: if (! -e $dirpath) {
218: $request->content_type('text/plain');
219: $request->print(&mt('Not found: [_1]',$uri));
220: $request->status(404);
221: return OK;
222: }
223: $dirpath =~ s{/$}{};
224: my @files;
225: if (opendir(my $dir, $dirpath)) {
226: @files = readdir($dir);
227: closedir($dir);
228: } else {
229: $request->content_type('text/plain');
230: $request->print(&mt('Error opening directory: [_1]',$dirpath));
231: $request->status(403);
232: return OK;
233: }
234: my $dirname = $dirpath;
235: $dirname =~ s{^.*/([^/]*)$}{$1};
236: $res .= "<directory name=\"$dirname\">\n";
237: foreach my $name (@files) {
238: if ($name eq '.' || $name eq '..') {
239: next;
240: }
241: if ($name =~ /\.(bak|log|meta|save)$/) {
242: next;
243: }
244: my $sb = stat($dirpath.'/'.$name);
245: my $mode = $sb->mode;
246: if (S_ISDIR($mode)) {
247: $res .= "<directory name=\"$name\"/>\n";
248: } else {
249: $res .= "<file name=\"$name\"";
250: my $size = $sb->size; # total size of file, in bytes
251: $res .= " size=\"$size\"";
252: my $mtime = $sb->mtime; # last modify time in seconds since the epoch
253: my $dt = DateTime->from_epoch(epoch => $mtime);
254: my $modified = $dt->iso8601().'Z';
255: $res .= " modified=\"$modified\"";
256: $res .= "/>\n";
257: }
258: }
259: } else {
260: $request->content_type('text/plain');
261: $request->print(&mt('Not found: [_1]',$uri));
262: $request->status(404);
263: return OK;
264: }
265: $res .= "</directory>\n";
266: &Apache::loncommon::content_type($request, 'text/xml', 'utf-8');
267: $request->print($res);
268: return OK;
269: }
270:
271: sub has_priv_access {
272: my ($uri) = @_;
273: my ($ownername,$ownerdom,$ownerhome) =
274: &Apache::lonnet::constructaccess($uri);
275: my $allowed;
276: if (($ownername ne '') && ($ownerdom ne '') && ($ownerhome ne '')) {
277: unless ($ownerhome eq 'no_host') {
278: my @hosts = &Apache::lonnet::current_machine_ids();
279: if (grep(/^\Q$ownerhome\E$/,@hosts)) {
280: $allowed = 1;
281: }
282: }
283: }
284: return $allowed;
285: }
286:
287: sub get_defdom {
288: my ($referrer) = @_;
289: my $defdom;
290: if ($env{'request.role'} =~ m{^au\./($match_domain)/$}) {
291: $defdom = $1;
292: } elsif ($env{'request.role'} =~ m{^(?:ca|aa)\.($match_domain)/($match_username)$}) {
293: $defdom = $1;
294: } elsif ($env{'request.course.id'}) {
295: if ($referrer =~ m{\Qfile=/daxeopen/priv/\E($match_domain)/($match_username)/}) {
296: my ($possdom,$possuname) = ($1,$2);
297: if (&Apache::lonnet::is_course($possdom,$possuname)) {
298: my $crsurl = &Apache::lonnet::courseid_to_courseurl($env{'request.course.id'});
299: if ($crsurl eq "/$possdom/$possuname") {
300: $defdom = $possdom;
301: }
302: } else {
303: if (&Apache::lonnet::domain($possdom) ne '') {
304: $defdom = $possdom;
305: }
306: }
307: }
308: }
309: if ($defdom eq '') {
310: my ($is_adv,$is_author) = &Apache::lonnet::is_advanced_user($env{'user.domain'},$env{'user.name'});
311: if ($is_author) {
312: $defdom = $env{'user.domain'};
313: }
314: }
315: return $defdom;
316: }
317:
318: sub get_defname {
319: my ($domain,$referrer) = @_;
320: my $defname;
321: if ($env{'request.role'} eq "au./$domain/") {
322: $defname = $env{'user.name'};
323: } elsif ($env{'request.role'} =~ m{^(?:ca|aa)\./\Q$domain\E/($match_username)$}) {
324: $defname = $1;
325: } elsif ($env{'request.course.id'}) {
326: if ($referrer =~ m{\Qfile=/daxeopen/priv/\E($match_domain)/($match_username)/}) {
327: my ($possdom,$possuname) = ($1,$2);
328: if ($domain eq $possdom) {
329: if (&Apache::lonnet::is_course($possdom,$possuname)) {
330: my $crsurl = &Apache::lonnet::courseid_to_courseurl($env{'request.course.id'});
331: if ($crsurl eq "/$possdom/$possuname") {
332: $defname = $possuname;
333: }
334: } else {
335: unless (&Apache::lonnet::homeserver($possuname,$possdom) eq 'no_host') {
336: $defname = $possuname;
337: }
338: }
339: }
340: }
341: }
342: if ($defname eq '') {
343: my ($is_adv,$is_author) = &Apache::lonnet::is_advanced_user($domain,$env{'user.name'});
344: if ($is_author) {
345: $defname = $env{'user.name'};
346: }
347: }
348: return $defname;
349: }
350:
351: 1;
352: __END__
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>