--- loncom/interface/londocs.pm 2017/03/15 02:05:20 1.484.2.70
+++ loncom/interface/londocs.pm 2018/01/27 03:46:52 1.484.2.76
@@ -1,7 +1,7 @@
# The LearningOnline Network
# Documents
#
-# $Id: londocs.pm,v 1.484.2.70 2017/03/15 02:05:20 raeburn Exp $
+# $Id: londocs.pm,v 1.484.2.76 2018/01/27 03:46:52 raeburn Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -1203,9 +1203,7 @@ sub print_paste_buffer {
if (($srcdom ne $coursedom) || ($srcnum ne $coursenum)) {
$othercourse = 1;
if ($env{"user.priv.cm./$srcdom/$srcnum"} =~ /\Q:mdc&F\E/) {
- if ($canpaste) {
- $othercrs = '
'.&mt('(from another course)');
- }
+ $othercrs = '
'.&mt('(from another course)');
} else {
$canpaste = 0;
$nopaste = &mt('Paste from another course unavailable.');
@@ -1219,10 +1217,20 @@ sub print_paste_buffer {
}
$is_uploaded_map = 1;
}
+ } elsif ($url =~ m{^/adm/($match_domain)/($match_username)/\d+/(bulletinboard|smppg)$}) {
+ if ($cid ne $env{'request.course.id'}) {
+ my ($srcdom,$srcnum) = split(/_/,$cid);
+ if ($env{"user.priv.cm./$srcdom/$srcnum"} =~ /\Q:mdc&F\E/) {
+ $othercrs = '
'.&mt('(from another course)');
+ } else {
+ $canpaste = 0;
+ $nopaste = &mt('Paste from another course unavailable.');
+ }
+ }
+ }
+ if ($canpaste) {
+ push(@pasteable,$suffix);
}
- }
- if ($canpaste) {
- push(@pasteable,$suffix);
}
my $buffer;
if ($is_external) {
@@ -1512,6 +1520,7 @@ sub do_paste_from_buffer {
foreach my $suffix (@topaste) {
my $url=&LONCAPA::map::qtescape($env{'docs.markedcopy_url_'.$suffix});
+ my $cid=&LONCAPA::map::qtescape($env{'docs.markedcopy_crs_'.$suffix});
# Supplemental content may only include certain types of content
# Early out if pasted content is not supported in Supplemental area
if ($folder =~ /^supplemental/) {
@@ -1533,8 +1542,19 @@ sub do_paste_from_buffer {
}
$srcdom{$suffix} = $srcd;
$srcnum{$suffix} = $srcn;
+ } elsif ($url =~ m{^/adm/$match_domain/$match_username/\d+/(bulletinboard|smppg)$}) {
+ my ($srcd,$srcn) = split(/_/,$cid);
+# When paste buffer was populated using an active role in a different course
+# check for mdc privilege in the course from which the resource was pasted
+ if (($srcd ne $coursedom) || ($srcn ne $coursenum)) {
+ unless ($env{"user.priv.cm./$srcd/$srcn"} =~ /\Q:mdc&F\E/) {
+ $notincrs{$suffix} = 1;
+ next;
+ }
+ }
+ $srcdom{$suffix} = $srcd;
+ $srcnum{$suffix} = $srcn;
}
-
push(@dopaste,$suffix);
if ($url=~/\.(page|sequence)$/) {
$is_map{$suffix} = 1;
@@ -1632,6 +1652,7 @@ sub do_paste_from_buffer {
}
my $url=&LONCAPA::map::qtescape($env{'docs.markedcopy_url_'.$suffix});
my $title=&LONCAPA::map::qtescape($env{'docs.markedcopy_title_'.$suffix});
+ my $cid=&LONCAPA::map::qtescape($env{'docs.markedcopy_crs_'.$suffix});
my $oldurl = $url;
if ($is_map{$suffix}) {
# If pasting a map, check if map contains other maps
@@ -1692,13 +1713,21 @@ sub do_paste_from_buffer {
}
if ($url=~ m{/(bulletinboard|smppg)$}) {
my $prefix = $1;
+ my $fromothercrs;
#need to copy the db contents to a new one, unless this is a move.
my %info = (
src => $url,
cdom => $coursedom,
cnum => $coursenum,
- );
- unless ($env{'form.docs.markedcopy_options_'.$suffix} eq 'move') {
+ );
+ if (($srcdom{$suffix} =~ /^$match_domain$/) && ($srcnum{$suffix} =~ /^$match_courseid$/)) {
+ unless (($srcdom{$suffix} eq $coursedom) && ($srcnum{$suffix} eq $coursenum)) {
+ $fromothercrs = 1;
+ $info{'cdom'} = $srcdom{$suffix};
+ $info{'cnum'} = $srcnum{$suffix};
+ }
+ }
+ unless (($env{'form.docs.markedcopy_options_'.$suffix} eq 'move') && (!$fromothercrs)) {
my (%lockerr,$msg);
my ($newurl,$result,$errtext) =
&dbcopy(\%info,$coursedom,$coursenum,\%lockerr);
@@ -1959,8 +1988,8 @@ sub get_newmap_url {
sub dbcopy {
my ($dbref,$coursedom,$coursenum,$lockerrorsref) = @_;
my ($url,$result,$errtext);
- $url = $dbref->{'src'};
if (ref($dbref) eq 'HASH') {
+ $url = $dbref->{'src'};
if ($url =~ m{/(smppg|bulletinboard)$}) {
my $prefix = $1;
if (($dbref->{'cdom'} =~ /^$match_domain$/) &&
@@ -3746,7 +3775,7 @@ END
}
}
if ($url ne '') {
- $url.=(($url=~/\?/)?'&':'?').'symb='.&HTML::Entities::encode($shownsymb,'"<>&');
+ $url.=(($url=~/\?/)?'&':'?').'symb='.&escape($shownsymb);
}
} elsif (!$env{'request.role.adv'}) {
my $checkencrypt;
@@ -3968,7 +3997,7 @@ $form_end;
$line.=&Apache::loncommon::modal_link($link,$title,600,500);
}
} elsif (($hiddenfolder) || ($hiddenres)) {
- $line.=$title.' '.&mt('(Hidden)').'';
+ $line.=$title.' ('.&mt('Hidden').')';
} else {
$line.=$title.' '.$reinit.'';
}
@@ -5112,6 +5141,7 @@ sub handler {
undef($hadchanges);
$uploadphase = &process_file_upload(\$upload_output,$coursenum,$coursedom,
\%allfiles,\%codebase,$context,$crstype);
+ undef($navmap);
if ($hadchanges) {
&mark_hash_old();
}
@@ -5633,7 +5663,9 @@ unless ($container eq 'page') {
$r->print(''.$error.'
');
}
if ($hadchanges) {
- &mark_hash_old();
+ unless (&is_hash_old()) {
+ &mark_hash_old();
+ }
}
&changewarning($r,'');