|
version 1.2, 2015/12/10 16:26:43
|
version 1.10, 2023/11/26 20:47:15
|
|
Line 28
|
Line 28
|
| ### |
### |
| |
|
| package Apache::daxesave; |
package Apache::daxesave; |
| |
use strict; |
| |
|
| use Apache::Constants; |
use Apache::Constants qw(:common); |
| use Apache::lonnet; |
use Apache::lonnet; |
| use Try::Tiny; |
use Try::Tiny; |
| use File::Copy; |
use File::Copy; |
|
Line 37 use File::Copy;
|
Line 38 use File::Copy;
|
| use Apache::lonacc; |
use Apache::lonacc; |
| use Apache::loncommon; |
use Apache::loncommon; |
| use Apache::xml_to_loncapa; |
use Apache::xml_to_loncapa; |
| |
use Apache::lonlocal; |
| |
|
| sub handler { |
sub handler { |
| my $request = shift; |
my $request = shift; |
| |
|
| $request->content_type('text/plain'); |
$request->content_type('text/plain'); |
| |
|
| my $path = $env{'form.path'}; # should be in the form "/daxeopen/priv/..." |
my %editors = &Apache::loncommon::permitted_editors($request->uri); |
| |
unless ($editors{'daxe'}) { |
| |
$request->content_type('text/plain'); |
| |
$request->print(&mt('Daxe editor not enabled for this Authoring Space')); |
| |
return OK; |
| |
} |
| |
|
| |
# path should be in the form "/daxeopen/priv/..." |
| |
# or "/daxeopen/uploaded/$cdom/$cnum/(docs|supplemental)/(default|\d+)/\d+/" |
| |
my $path = $env{'form.path'}; |
| $path =~ s/^\/daxeopen//; |
$path =~ s/^\/daxeopen//; |
| |
|
| my $allowed; |
my $allowed = 0; |
| my ($ownername,$ownerdom,$ownerhome) = |
my ($cdom,$cnum); |
| &Apache::lonnet::constructaccess($path, 'setpriv'); |
if ($path =~ m{^/priv/}) { |
| if (($ownername ne '') && ($ownerdom ne '') && ($ownerhome ne '')) { |
my ($ownername,$ownerdom,$ownerhome) = |
| unless ($ownerhome eq 'no_host') { |
&Apache::lonnet::constructaccess($path); |
| my @hosts = &Apache::lonnet::current_machine_ids(); |
if (($ownername ne '') && ($ownerdom ne '') && ($ownerhome ne '')) { |
| if (grep(/^\Q$ownerhome\E$/,@hosts)) { |
unless ($ownerhome eq 'no_host') { |
| $allowed = 1; |
my @hosts = &Apache::lonnet::current_machine_ids(); |
| |
if (grep(/^\Q$ownerhome\E$/,@hosts)) { |
| |
$allowed = 1; |
| |
} |
| |
} |
| |
} |
| |
} elsif ($path =~ m|^/uploaded/|) { |
| |
if ($env{'user.name'} ne '' && $env{'user.domain'} ne '' && $env{'request.course.id'}) { |
| |
$cdom = $env{'course.'.$env{'request.course.id'}.'.domain'}; |
| |
$cnum = $env{'course.'.$env{'request.course.id'}.'.num'}; |
| |
if ($path =~ m|^/uploaded/\Q$cdom\E/\Q$cnum\E/| && $path !~ /\.\./) { |
| |
if (&Apache::lonnet::allowed('mdc', $env{'request.course.id'})) { |
| |
$allowed = 1; |
| |
} |
| } |
} |
| } |
} |
| } |
} |
|
Line 64 sub handler {
|
Line 88 sub handler {
|
| return OK; |
return OK; |
| } |
} |
| |
|
| my $newpath = &Apache::lonnet::filelocation('', $path); |
if ($path =~ m{^/priv/}) { |
| |
my $newpath = &Apache::lonnet::filelocation('', $path); |
| my $contents = $env{'form.file'}; |
my $contents = $env{'form.file'}; |
| |
|
| try { |
my $mode; |
| $contents = &Apache::xml_to_loncapa::convert_file($contents); |
if ($path =~ /\.(task|problem|exam|quiz|assess|survey|library|xml|html|htm|xhtml|xhtm)$/) { |
| } catch { |
try { |
| $request->print("error\nconvert failed for $path: $_"); |
$contents = &Apache::xml_to_loncapa::convert_file($contents); |
| return OK; |
} catch { |
| }; |
$request->print("error\nconvert failed for $path: $_"); |
| |
return OK; |
| my $filebak = $newpath.".bak"; |
}; |
| if (-e $newpath) { |
$mode = '>:encoding(UTF-8)'; |
| copy($newpath, $filebak); # errors ignored |
} else { |
| |
$mode = '>'; |
| |
} |
| |
|
| |
my $filebak = $newpath.".bak"; |
| |
if (-e $newpath) { |
| |
copy($newpath, $filebak); # errors ignored |
| |
} |
| |
if (open(my $out, $mode, $newpath)) { |
| |
print $out $contents; |
| |
close($out); |
| |
$request->print("ok\n"); |
| |
} else { |
| |
$request->print("error\nFailed to open file to save $path"); |
| |
} |
| |
} elsif ($path =~ m{^/uploaded/}) { |
| |
my ($unauthorized,$unsupported); |
| |
if ($path =~ m{^\Q/uploaded/$cdom/$cnum/\E(docs|supplemental)/(default|\d+)/(\d+)/(.+)$}) { |
| |
my ($type,$folder,$rid,$fname) = ($1,$2,$3,$4); |
| |
my $referrer = $request->headers_in->{'Referer'}; |
| |
if ($referrer =~ m{\Qfile=/daxeopen/uploaded/$cdom/$cnum/$type/$folder/$rid/\E}) { |
| |
if ($fname =~ /\.(html|htm|xhtml|xhtm)$/) { |
| |
try { |
| |
$env{'form.file'} = &Apache::xml_to_loncapa::convert_file($env{'form.file'}); |
| |
} catch { |
| |
$request->print("error\nconvert failed for $fname: $_"); |
| |
return OK; |
| |
} |
| |
} elsif ($fname =~ /\.(task|problem|exam|quiz|assess|survey|library|xml)$/) { |
| |
$unsupported = $1; |
| |
} |
| |
unless ($unsupported) { |
| |
my $url = &Apache::lonnet::userfileupload('file','daxesave',"$type/$folder/$rid", |
| |
undef,undef,undef,$cnum,$cdom); |
| |
if ($url =~ m{^/uploaded/$cdom/$cnum/$type/$folder/$rid/}) { |
| |
$request->print("ok\n"); |
| |
} else { |
| |
$request->print("error\nFailed to save uploaded file: $fname"); |
| |
} |
| |
} |
| |
} else { |
| |
$unauthorized = 1; |
| |
} |
| |
} else { |
| |
$unauthorized = 1; |
| |
} |
| |
if ($unauthorized) { |
| |
$request->log_reason("Unauthorized path: $path", $path); |
| |
$request->print("error\nUnauthorized path: $path"); |
| |
$request->status(403); |
| |
} elsif ($unsupported) { |
| |
$request->log_reason("File extension: $unsupported -- not allowed for upload to course", $path); |
| |
$request->print("error\nFile extension: $unsupported -- not allowed for upload to course"); |
| |
$request->status(403); |
| |
} |
| } |
} |
| open my $out, '>:encoding(UTF-8)', $newpath; |
|
| print $out $contents; |
|
| close $out; |
|
| |
|
| $request->print("ok\n"); |
|
| return OK; |
return OK; |
| } |
} |
| |
|
![[BACK]](/icons/back.gif){kind=icon}
Return to daxesave.pm CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [LON-CAPA] / loncom / homework