# The LearningOnline Network # Opening converted problems and directory listings for Daxe # # $Id: daxeopen.pm,v 1.15 2024/04/14 17:12:28 raeburn Exp $ # # Copyright Michigan State University Board of Trustees # # This file is part of the LearningOnline Network with CAPA (LON-CAPA). # # LON-CAPA is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2 of the License, or # (at your option) any later version. # # LON-CAPA is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with LON-CAPA; if not, write to the Free Software # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA # # /home/httpd/html/adm/gpl.txt # # http://www.lon-capa.org/ # ### package Apache::daxeopen; use strict; use Apache::Constants qw(:common); use DateTime; use Try::Tiny; use File::stat; use Fcntl ':mode'; use LONCAPA qw(:match); use Apache::loncommon; use Apache::lonnet; use Apache::pre_xml; use Apache::html_to_xml; use Apache::post_xml; use Apache::lonlocal; sub handler { my $request = shift; my $uri = $request->uri; $uri =~ s{^/daxeopen}{}; &Apache::loncommon::no_cache($request); my %editors = &Apache::loncommon::permitted_editors($uri); unless ($editors{'daxe'}) { $request->content_type('text/plain'); $request->print(&mt('Daxe editor is not enabled for this Authoring Space.')); $request->status(403); return OK; } if ($uri =~ m{/$}) { return directory_listing($uri, $request); } elsif ($uri =~ m{^/priv/.*\.(task|problem|exam|quiz|assess|survey|library|xml|html|htm|xhtml|xhtm)$}) { return convert_problem($uri, $request); } elsif ($uri =~ m{^/uploaded/$match_domain/$match_courseid/(docs|supplemental)/(default|\d+)/\d+/.*\.(html|htm|xhtml|xhtm)$}) { return convert_problem($uri, $request); } else { # Apache should send other files directly $request->status(406); return OK; } } sub convert_problem { my ($uri, $request) = @_; if ($uri =~ m{^/priv/$match_domain/$match_username/}) { unless (&has_priv_access($uri)) { $request->content_type('text/plain'); $request->print(&mt('Forbidden URI: [_1]',$uri)); $request->status(403); return OK; } } elsif ($uri =~ m{^/uploaded/($match_domain)/($match_courseid)/}) { my ($posscdom,$posscnum) = ($1,$2); my $allowed; if ($env{'request.course.id'}) { my $cdom = $env{'course.'.$env{'request.course.id'}.'.domain'}; my $cnum = $env{'course.'.$env{'request.course.id'}.'.num'}; if (($posscdom eq $cdom) && ($posscnum eq $cnum)) { if (&Apache::lonnet::allowed('mdc',$env{'request.course.id'})) { $allowed = 1; } } } unless ($allowed) { $request->content_type('text/plain'); $request->print(&mt('Forbidden URI: [_1]',$uri)); $request->status(403); return OK; } } my $file = &Apache::lonnet::filelocation('', $uri); if (&Apache::lonnet::repcopy($file) eq 'ok') { if (! -e $file) { $request->print(&mt('Not found: [_1]',$uri)); $request->status(404); return OK; } } else { $request->print(&mt('Forbidden URI: [_1]',$uri)); $request->status(403); return OK; } try { my $warnings = 0; # no warning printed my $textref = &Apache::pre_xml::pre_xml($file, $warnings); my $case_sensitive; if ($uri =~ /\.(task)$/) { $case_sensitive = 1; } else { $case_sensitive = 0; } $textref = &Apache::html_to_xml::html_to_xml($textref, $warnings, $case_sensitive); my $text = &Apache::post_xml::post_xml($textref, $file, $Apache::lonnet::perlvar{'lonDocRoot'}, $warnings); &Apache::loncommon::content_type($request, 'text/xml', 'utf-8'); $request->print($text); return OK; } catch { $request->content_type('text/plain'); $request->print(&mt('convert failed for [_1]:',$file)." $_"); $request->status(406); return OK; }; } sub directory_listing { my ($uri, $request) = @_; my $res = ''."\n"; my $referrer = $request->headers_in->{'Referer'}; my ($cdom,$cnum); if ($env{'request.course.id'}) { $cdom = $env{'course.'.$env{'request.course.id'}.'.domain'}; $cnum = $env{'course.'.$env{'request.course.id'}.'.num'}; } if ($uri eq '/') { $res .= "\n"; if (($env{'request.course.id'}) && ($referrer =~ m{\Qfile=/daxeopen/uploaded/$cdom/$cnum/\E(docs|supplemental)/(default|\d+)/(\d+)/})) { $res .= "\n"; } else { # root: let users browse /res $res .= "\n"; $res .= "\n"; } } elsif ($uri =~ m{^/uploaded/(.*)$}) { my $rem = $1; $rem =~ s{/$}{}; if (($env{'request.course.id'}) && ($referrer =~ m{\Qfile=/daxeopen/uploaded/$cdom/$cnum/\E(docs|supplemental)/(default|\d+)/(\d+)/})) { my ($type,$folder,$rid) = ($1,$2,$3); if ($rem eq '') { $res .= "\n"; $res .= "\n"; } else { my @expected = ($cdom,$cnum,$type,$folder,$rid); my @rest = split(/\//,$rem); my $valid = 1; for (my $i=0; $i<@rest; $i++) { unless ($rest[$i] eq $expected[$i]) { $valid = 0; last; } } if ($valid) { my $dirname = $rest[-1]; $res .= "\n"; if (scalar(@rest) == scalar(@expected)) { my $subdir = "/userfiles/$type/$folder/$rid"; my ($listref, $listerror) = &Apache::lonnet::dirlist($subdir,$cdom,$cnum,'',1); if ($listerror) { $request->content_type('text/plain'); $request->print(&mt('listing error: [_1]',$listerror)); $request->status(406); return OK; } elsif (scalar(@{$listref}) == 0) { $request->content_type('text/plain'); $request->print(&mt('Not found: [_1]',$uri)); $request->status(404); return OK; } else { my @lines = @{$listref}; my $dirpath = &LONCAPA::propath($cdom,$cnum).'/userfiles'; my $dirname = $uri; $dirname =~ s{^.*/([^/]*)$}{$1}; foreach my $line (@lines) { my ($path,$dom,undef,$testdir,undef,undef,undef,undef,$size,undef,$mtime) = split(/\&/,$line,12); my $isdir = ($testdir & 16384); $path =~ s{^$dirpath}{}; next if ($path eq '.' || $path eq '..'); $path =~ s{/$}{}; my $name = $path; if ($isdir) { $res .= "\n"; } else { next if ($name =~ /\.bak$/); my $dt = DateTime->from_epoch(epoch => $mtime); my $modified = $dt->iso8601().'Z'; $res .= "\n"; } } } } else { my $nextidx = scalar(@rest); my $subdir = $expected[$nextidx]; $res .= ""."\n"; } } else { $request->content_type('text/plain'); $request->print(&mt('Forbidden URI: [_1]',$uri)); $request->status(403); return OK; } } } else { $request->content_type('text/plain'); $request->print(&mt('Forbidden URI: [_1]',$uri)); $request->status(403); return OK; } } elsif ($uri !~ m{^/(priv|res)/}) { $request->content_type('text/plain'); $request->print(&mt('Not found: [_1]',$uri)); $request->status(404); return OK; } elsif ($uri =~ m{^/res/}) { # NOTE: dirlist does not return an error for /res/idontexist/ my ($listref, $listerror) = &Apache::lonnet::dirlist($uri); if ($listerror) { $request->content_type('text/plain'); $request->print(&mt('listing error: [_1]',$listerror)); $request->status(406); return OK; } elsif ($uri =~ m{^/res/[^/]+/$} && scalar(@{$listref}) == 0) { $request->content_type('text/plain'); $request->print(&mt('Not found: [_1]',$uri)); $request->status(404); return OK; } my $dirname = $uri; $dirname =~ s{^.*/([^/]*)$}{$1}; $res .= "\n"; my (%is_course,%is_courseauthor); if (ref($listref) eq 'ARRAY') { my @lines = @{$listref}; foreach my $line (@lines) { my ($path, $dom, undef, $testdir, undef, undef, undef, undef, $size, undef, $mtime, undef, undef, undef, $obs, undef) = split(/\&/, $line, 16); my $isdir = ($testdir & 16384) || $dom =~ /^(user|domain)$/; $path =~ s{^/home/httpd/html/res/}{}; next if $path eq '.' || $path eq '..'; next if $path =~ /\.meta$/ || $obs || $path =~ /\.\d+\.[^.]+$/; if ($dom ne 'domain') { my ($udom,$uname); if ($dom eq 'user') { ($udom) = ($uri =~ m{^/res/($match_domain)}); $uname = $path; } else { ($udom, $uname) = ($uri =~ m{^/res/($match_domain)/($match_courseid)}); } if ($udom ne '' && $uname ne '') { my $key = $udom.':'.$uname; if (exists($is_course{$key})) { if ($is_course{$key}) { next unless ($is_courseauthor{$key}); } } else { if (&Apache::lonnet::is_course($udom, $uname)) { $is_course{$key} = 1; if ($env{'request.course.id'}) { my $cdom = $env{'course.'.$env{'request.course.id'}.'.domain'}; my $cnum = $env{'course.'.$env{'request.course.id'}.'.num'}; if (($cdom eq $udom) && ($cnum eq $uname)) { if (&Apache::lonnet::allowed('mdc', $env{'request.course.id'})) { $is_courseauthor{$key} = 1; } } } # remove courses from the list next unless ($is_courseauthor{$key}); } else { $is_course{$key} = 0; } } } } $path =~ s{/$}{}; my $name = $path; if ($isdir) { $res .= "\n"; } else { my $dt = DateTime->from_epoch(epoch => $mtime); my $modified = $dt->iso8601().'Z'; $res .= "\n"; } } } } elsif ($uri eq '/priv/') { my $defdom = &get_defdom($referrer); if (!defined $defdom) { $request->content_type('text/plain'); $request->print(&mt('Forbidden URI: [_1]',$uri)); $request->status(403); return OK; } $res .= "\n"; $res .= "\n"; } elsif ($uri =~ m{^/priv/($match_domain)/$}) { my $domain = $1; my $defdom = &get_defdom($referrer); if ($domain ne $defdom) { $request->content_type('text/plain'); $request->print(&mt('Forbidden URI: [_1]',$uri)); $request->status(403); return OK; } my $defname = &get_defname($domain,$referrer); $res .= "\n"; $res .= "\n"; } elsif ($uri =~ m{^/priv/($match_domain)\/($match_username)/}) { unless (&has_priv_access($uri)) { $request->content_type('text/plain'); $request->print(&mt('Forbidden URI: [_1]',$uri)); $request->status(403); return OK; } my $dirpath = &Apache::lonnet::filelocation('', $uri); if (! -e $dirpath) { $request->content_type('text/plain'); $request->print(&mt('Not found: [_1]',$uri)); $request->status(404); return OK; } $dirpath =~ s{/$}{}; my @files; if (opendir(my $dir, $dirpath)) { @files = readdir($dir); closedir($dir); } else { $request->content_type('text/plain'); $request->print(&mt('Error opening directory: [_1]',$dirpath)); $request->status(403); return OK; } my $dirname = $dirpath; $dirname =~ s{^.*/([^/]*)$}{$1}; $res .= "\n"; foreach my $name (@files) { if ($name eq '.' || $name eq '..') { next; } if ($name =~ /\.(bak|log|meta|save)$/) { next; } my $sb = stat($dirpath.'/'.$name); my $mode = $sb->mode; if (S_ISDIR($mode)) { $res .= "\n"; } else { $res .= "size; # total size of file, in bytes $res .= " size=\"$size\""; my $mtime = $sb->mtime; # last modify time in seconds since the epoch my $dt = DateTime->from_epoch(epoch => $mtime); my $modified = $dt->iso8601().'Z'; $res .= " modified=\"$modified\""; $res .= "/>\n"; } } } else { $request->content_type('text/plain'); $request->print(&mt('Not found: [_1]',$uri)); $request->status(404); return OK; } $res .= "\n"; &Apache::loncommon::content_type($request, 'text/xml', 'utf-8'); $request->print($res); return OK; } sub has_priv_access { my ($uri) = @_; my ($ownername,$ownerdom,$ownerhome) = &Apache::lonnet::constructaccess($uri); my $allowed; if (($ownername ne '') && ($ownerdom ne '') && ($ownerhome ne '')) { unless ($ownerhome eq 'no_host') { my @hosts = &Apache::lonnet::current_machine_ids(); if (grep(/^\Q$ownerhome\E$/,@hosts)) { $allowed = 1; } } } return $allowed; } sub get_defdom { my ($referrer) = @_; my $defdom; if ($env{'request.role'} =~ m{^au\./($match_domain)/$}) { $defdom = $1; } elsif ($env{'request.role'} =~ m{^(?:ca|aa)\.($match_domain)/($match_username)$}) { $defdom = $1; } elsif ($env{'request.course.id'}) { if ($referrer =~ m{\Qfile=/daxeopen/priv/\E($match_domain)/($match_username)/}) { my ($possdom,$possuname) = ($1,$2); if (&Apache::lonnet::is_course($possdom,$possuname)) { my $crsurl = &Apache::lonnet::courseid_to_courseurl($env{'request.course.id'}); if ($crsurl eq "/$possdom/$possuname") { $defdom = $possdom; } } else { if (&Apache::lonnet::domain($possdom) ne '') { $defdom = $possdom; } } } } if ($defdom eq '') { my ($is_adv,$is_author) = &Apache::lonnet::is_advanced_user($env{'user.domain'},$env{'user.name'}); if ($is_author) { $defdom = $env{'user.domain'}; } } return $defdom; } sub get_defname { my ($domain,$referrer) = @_; my $defname; if ($env{'request.role'} eq "au./$domain/") { $defname = $env{'user.name'}; } elsif ($env{'request.role'} =~ m{^(?:ca|aa)\./\Q$domain\E/($match_username)$}) { $defname = $1; } elsif ($env{'request.course.id'}) { if ($referrer =~ m{\Qfile=/daxeopen/priv/\E($match_domain)/($match_username)/}) { my ($possdom,$possuname) = ($1,$2); if ($domain eq $possdom) { if (&Apache::lonnet::is_course($possdom,$possuname)) { my $crsurl = &Apache::lonnet::courseid_to_courseurl($env{'request.course.id'}); if ($crsurl eq "/$possdom/$possuname") { $defname = $possuname; } } else { unless (&Apache::lonnet::homeserver($possuname,$possdom) eq 'no_host') { $defname = $possuname; } } } } } if ($defname eq '') { my ($is_adv,$is_author) = &Apache::lonnet::is_advanced_user($domain,$env{'user.name'}); if ($is_author) { $defname = $env{'user.name'}; } } return $defname; } 1; __END__