--- loncom/interface/lonsource.pm 2004/07/07 18:14:33 1.5 +++ loncom/interface/lonsource.pm 2020/02/17 23:04:18 1.40 @@ -1,7 +1,7 @@ # The LearningOnline Network with CAPA -# Souce Code handler +# Source Code handler # -# $Id: lonsource.pm,v 1.5 2004/07/07 18:14:33 taceyjo1 Exp $ +# $Id: lonsource.pm,v 1.40 2020/02/17 23:04:18 raeburn Exp $ # # Copyright Michigan State University Board of Trustees # @@ -31,124 +31,137 @@ package Apache::lonsource; use strict; -use Apache::lonnet(); +use Apache::lonnet; use Apache::loncommon(); use Apache::lonhtmlcommon(); use Apache::lonsequence(); use Apache::Constants qw(:common :http); use Apache::lonmeta; +use Apache::lonenc(); use Apache::File; use Apache::lonlocal; use HTML::Entities; +use LONCAPA qw(:DEFAULT :match); sub make_link { my ($filename, $listname) = @_; - my $sourcelink = "http://".$ENV{'SERVER_NAME'}. - "/adm/source/?filename=".$filename."&listname=".$listname; - + my $sourcelink = '/adm/source?inhibitmenu=yes&filename='. + &escape(&escape($filename)).'&listname='. + &escape(&escape($listname)); return $sourcelink; } sub stage_2 { - my ($r, $filename, $author, $listname) = @_; - $filename = $filename; - &Apache::loncommon::content_type($r,'text/html'); - my ($uname, $udom) = &Apache::loncacc::constructaccess('/~'.$author.'/',$r->dir_config('lonDefDomain')); - $r->send_http_header; - $r->print('LON-CAPA Move source to construction space'); - $r->print(&Apache::loncommon::bodytag('Problem source code moving operation')); - $r->print("Please enter the directory that you would like the source code to go into, a default has also been provided
"); - $r->print("Also note, the path is in reference to the root of your construction space, and new directories will be automatically created.

"); - $r->print('
+ my ($r, $filename, $listname) = @_; + my ($author)=($filename=~/\/res\/[^\/]+\/([^\/]+)\//); + $r->print(&Apache::loncommon::start_page('Copy Problem Source Code to Authoring Space',undef, + {'only_body' => 1,}) + .&mt('Please enter the directory that you would like the source code to go into.') + .'

' + .&mt('Note: the path is in reference to the root of your Authoring Space,' + .' and new directories will be automatically created.') + .'

'); + $r->print(' -   - -
'); +   + + '. + &Apache::loncommon::end_page()); return OK; } - -sub copy_stage { - my ($r, $filename, $listname, $newpath) = @_; +sub copy_author { my $role; my $domain; my $author_name; -#Figure out if we are author or co-author - - if($ENV{'request.role'} =~ m|ca.|) { - ($role, $domain, $author_name) = split(/\//,$ENV{'request.role'}); + if ($env{'request.role'} =~ m{^ca\.}) { + ($role, $domain, $author_name) = split(/\//,$env{'request.role'}); } else { $role = "au."; - $domain = $ENV{'user.domain'}; - $author_name = $ENV{'user.name'}; + $domain = $env{'user.domain'}; + $author_name = $env{'user.name'}; } + return ($role,$author_name,$domain); +} - my $path_to_new_file = '/home/'.$author_name.'/public_html/'.$newpath.'/'.$listname; -#Just checking again for access as we want to make sure that it is really ok now that we have the real path - my ($uname,$udom)= &Apache::loncacc::constructaccess($path_to_new_file,$domain); - unless (($uname) && ($udom)) { - return HTTP_NOT_ACCEPTABLE; - } - &Apache::loncommon::content_type($r,'text/html'); - $r->send_http_header; - $r->print('LON-CAPA Move source to construction space'); - $r->print(&Apache::loncommon::bodytag('Copying Source')); - my $result = &Apache::loncfile::exists($uname, $udom, $path_to_new_file); - $r->print($result); - if(($result) && ($result =~ m|published|) ) { - &delete_file($r, $author_name, $newpath, $filename, $path_to_new_file, '1'); - } elsif(($result) && ($result =~ m|exists!|)) { - &confirm($r, $author_name, $newpath, $filename, $path_to_new_file); - } else { - ©_file($r, $author_name, $newpath, $filename, $path_to_new_file); - } +sub copy_stage { + my ($r, $filename, $listname, $newpath) = @_; - return OK; + my ($path_to_new_file,$uname,$udom) = &get_path_to_newfile($r,$newpath,$listname); + #allowed + if ($path_to_new_file) { + $r->print(&Apache::loncommon::start_page('Copying Source',undef,{'only_body' => 1})); + my $result = &Apache::loncfile::exists($uname, $udom, $path_to_new_file); + $r->print($result); + if (($result) && ($result =~ /published/)) { + &delete_copy_file($r, $newpath, $filename, $path_to_new_file, '1'); + } elsif (($result) && ($result =~ /exists\!/)) { + &confirm($r, $newpath, $filename, $listname); + } else { + ©_file($r, $newpath, $filename, $path_to_new_file); + } + $r->print(&Apache::loncommon::end_page()); + } + return; } sub confirm { - my ($r, $author_name, $newpath, $filename, $path_to_new_file) = @_; - $r->print("Press delete to remove file and replace it with a copy of the source you are viewing

"); - $r->print('
+ my ($r, $newpath, $filename, $listname) = @_; + $r->print(''.&mt('Press delete to remove file and replace it with a copy of the source you are viewing.').'

'); + $r->print(' - - + -
'); + return; } -sub delete_file { - my ($r, $author_name, $newpath, $filename, $path_to_new_file, $type) = @_; - if($type eq '1') { - $r->print("Cannot delete non-obsolete published file
Please - use the code view in previous window to use shared code

"); - $r->print(''); - } else { - if(-e $path_to_new_file) { - unless(unlink($path_to_new_file)) { - $r->print(''.&mt('Error').': '.$!.''); +sub delete_copy_file { + my ($r, $newpath, $filename, $path_to_new_file, $type) = @_; + if ($type eq '1') { + $r->print('

' + .&mt('Cannot delete non-obsolete published file.') + .'
' + .&mt('Please use the code view in previous window to use shared code.') + .'

'); + $r->print('

' + .'' + .'

'); + return; + } else { + $r->print(&Apache::loncommon::start_page('Copying Source',undef,{'only_body' => 1})); + if (-e $path_to_new_file) { + unless (unlink($path_to_new_file)) { + $r->print('

'.&mt('Error:').' '.$!.'

'); return 0; } } else { - $r->print('

'.&mt('No such file').'.

'); + $r->print('

'.&mt('No such file').'

'); return 0; } - ©_file($r, $author_name, $newpath, $filename, $path_to_new_file); + ©_file($r, $newpath, $filename, $path_to_new_file); + $r->print(&Apache::loncommon::end_page()); + return; } } sub copy_file { - my ($r, $author_name, $newpath, $filename, $path_to_new_file) = @_; - $r->print("Creating directories"); - my $path = '/home/'.$author_name.'/public_html/'; + my ($r, $newpath, $filename, $path_to_new_file) = @_; + $r->print(''.&mt('Creating directories').''); + +#Figure out if we are author or co-author + my ($role,$author_name,$domain)=©_author(); + + my $path = $r->dir_config('lonDocRoot')."/priv/$domain/$author_name/"; my @directories = split(/\//,$newpath); + foreach my $now_checking (@directories) { if($now_checking ne '') { $path = $path.'/'.$now_checking; @@ -156,94 +169,248 @@ sub copy_file { else { unless(mkdir($path, 02770)) { - $r->print(''.&mt('Error').': '.$!.''); + $r->print('

'.&mt('Error:').' '.$!.'

'); return 0; } unless(chmod(02770, ($path))) { - $r->print(' '.&mt('Error').': '.$!.''); + $r->print('

'.&mt('Error:').' '.$!.'

'); return 0; } } } else { } #Just move along } - $r->print("
Copying File"); - my $problem_filename = "/home/httpd/html".$filename; - my $file_output = &Apache::lonnet::getfile($problem_filename); + $r->print('
'.&mt('Copying File').''); + my $problem_filename = $Apache::lonnet::perlvar{'lonDocRoot'}.$filename; + my $file_output = &includemeta(&Apache::lonnet::getfile($problem_filename),$filename); my $fs=Apache::File->new(">$path_to_new_file"); if (defined($fs)) { print $fs $file_output; } $r->print("

"); - $r->print(''); + $r->print('
' + .'' + .'
'); #Some 1.3'ish feature is to include the derivative feature, will go here..' + return; } sub print_item { - my ($r, $filename) = @_; - $filename = "/home/httpd/html".$filename; - &Apache::lonnet::logthis("print_item filename = $filename"); - my $file_output = &Apache::lonnet::getfile($filename); - my $count=0; - my $maxlength=-1; - foreach (split ("\n", $file_output)) { - $count+=int(length($_)/79); - $count++; - if (length($_) > $maxlength) { - $maxlength = length($_); - } - } - my $rows = $count; - my $cols = $maxlength; - $r->print(''); - return OK; + my ($r,$filename,$listname,$context) = @_; + my $file_output; + if ($context eq 'view') { + $file_output = + &Apache::lonnet::getfile($Apache::lonnet::perlvar{'lonDocRoot'}.$filename); + } else { + $file_output = + &includemeta(&Apache::lonnet::getfile($Apache::lonnet::perlvar{'lonDocRoot'}.$filename), + $filename); + } + $r->print(&Apache::loncommon::start_page('View Source Code',undef, + {'only_body' => 1})); + if ($file_output ne '') { + my $access_to_cstr; + my $lonhost = $r->dir_config('lonHostID'); + if ($context eq 'view') { + $r->print('
'. + &mt('Source code is displayed below.'). + ''.(' ' x4).'
'); + } elsif (&Apache::lonnet::is_library($lonhost)) { + my @possdoms = &Apache::lonnet::current_machine_domains(); + foreach my $dom (@possdoms) { + if ($env{"user.role.au./$dom/"}) { + $access_to_cstr = 1; + last; + } + } + unless ($access_to_cstr) { + foreach my $key (keys(%env)) { + if ($key =~ m{^\Quser.role.ca./\E($match_domain)/}) { + my $adom = $1; + if (grep(/^\Q$adom\E$/,@possdoms)) { + $access_to_cstr = 1; + last; + } + } + } + } + if ($access_to_cstr) { + $r->print(' +
+ + + + + +
+ '); + } else { + $r->print('

'. + &mt('Source code is displayed, but you can not copy to Authoring Space, as you do not have an author or co-author role on this server.'). + '

'.&mt('Close Window'). + '
' + ); + } + } else { + $r->print('

'. + &mt('Source code is displayed, but you can not copy to Authoring Space on this server.'). + '

'.&mt('Close Window'). + '
' + ); + + } + my $count=0; + my $maxlength=-1; + foreach (split ("\n", $file_output)) { + $count+=int(length($_)/79); + $count++; + if (length($_) > $maxlength) { + $maxlength = length($_); + } + } + my $rows = $count; + my $cols = $maxlength; + $r->print('
'."\n". + '
'); + } else { + $r->print('

'. + &mt('Unable to retrieve file contents.'). + '

'.&mt('Close Window').'' + ); + } + $r->print(&Apache::loncommon::end_page()); + return; +} +sub includemeta { + my ($file_output,$orgfilename)=@_; + my $escfilename=&escape($orgfilename); + my $copytime=time; + if ($file_output=~/\]*\>)/$1\n\/i; + } + if ($file_output=~/\]*\>)/$1\n\/i; + } + if ($file_output eq '-1') { + return; + } else { + return $file_output; + } } +sub get_path_to_newfile { + my ($r,$newpath,$listname) = @_; + + #Figure out if we are author or co-author + my ($role,$author_name,$domain) = ©_author(); + + # Construct path to copy and filter out any possibly nasty stuff + my $path = $r->dir_config('lonDocRoot')."/priv/$domain/$author_name/"; + my $path_to_new_file = $path."$newpath/$listname"; + $path_to_new_file=~s/\.\.//g; + $path_to_new_file=~s/\~//g; + $path_to_new_file=~s/\/+/\//g; + + #Just checking again for access as we want to make sure that it is really ok + #now that we have the real path + + my ($uname,$udom)= &Apache::lonnet::constructaccess($path_to_new_file); + + if (!$uname || !$udom) { + $r->print(&Apache::loncommon::start_page('Not Allowed',undef,{'only_body' => 1})); + $r->print(&mt('Not allowed to create file [_1]', $path_to_new_file)); + $r->print(&Apache::loncommon::end_page()); + if (wantarray) { + return(); + } else { + return; + } + } + if (wantarray) { + return ($path_to_new_file,$uname,$udom); + } else { + return $path_to_new_file; + } +} sub handler { my $r=shift; &Apache::loncommon::get_unprocessed_cgi($ENV{'QUERY_STRING'}, - ['filename','listname']); - my $filename = $ENV{'form.filename'}; - my $listname = $ENV{'form.listname'}; - my $source = &Apache::lonnet::metadata($filename,'sourceavail'); - if ($source ne 'open') { - $ENV{'user.error.msg'}="$filename:cre:1:1:Source code not available"; + ['filename','listname','viewonly']); + my $filename = $env{'form.filename'}; + my $shownfilename = $filename; + $shownfilename =~ s/(`)/'/g; + $shownfilename =~ s/\$/\(\$\)/g; + my $listname = $env{'form.listname'}; + my $viewonly = $env{'form.viewonly'}; + + if ($viewonly) { + my $canview; + if ((&Apache::lonnet::metadata($filename,'sourceavail') eq 'open') && + (&Apache::lonnet::allowed('cre','/'))) { + $canview = 1; + } elsif (($env{'request.course.id'}) && (&Apache::lonnet::is_on_map($filename))) { + my $crs_sec = $env{'request.course.id'} . (($env{'request.course.sec'} ne '') + ? "/$env{'request.course.sec'}" + : ''); + if (&Apache::lonnet::allowed('vxc',$crs_sec)) { + my $cdom = $env{'course.'.$env{'request.course.id'}.'.domain'}; + &Apache::lonenc::check_decrypt(\$filename); + if (($env{'request.role.domain'} eq $cdom) && ($filename =~ /$LONCAPA::assess_re/)) { + my ($auname) = ($filename =~ m{^\Q/res/$cdom/\E($match_username)/}); + if (($auname ne '') && ($env{'request.course.adhocsrcaccess'} ne '') && + (grep(/^\Q$auname\E$/,split(/,/,$env{'request.course.adhocsrcaccess'})))) { + $canview = 1; + } elsif ((&Apache::lonnet::metadata($filename,'sourceavail') eq 'open') && + ($filename =~ m{^\Q/res/$cdom/}) && + (&Apache::lonnet::allowed('bre',$crs_sec))) { + $canview = 1; + } + } + } + } + unless ($canview) { + $env{'user.error.msg'}="$shownfilename:cre:1:1:Source code not available"; + return HTTP_NOT_ACCEPTABLE; + } + } elsif (&Apache::lonnet::metadata($filename,'sourceavail') ne 'open') { + $env{'user.error.msg'}="$shownfilename:cre:1:1:Source code not available"; + return HTTP_NOT_ACCEPTABLE; + } + unless (&Apache::lonnet::allowed('bre',$filename)) { + $env{'user.error.msg'}="$shownfilename:bre:1:1:Access to resource denied"; return HTTP_NOT_ACCEPTABLE; } - if ((!&Apache::lonnet::allowed('cre',$filename)) || - (!&Apache::lonnet::allowed('bre',$filename))) { - $ENV{'user.error.msg'}="$filename:bre:1:1:Access to resource denied"; + unless (($viewonly) || (&Apache::lonnet::allowed('cre','/'))) { + $env{'user.error.msg'}="$shownfilename:cre:1:1:Access to source code denied"; return HTTP_NOT_ACCEPTABLE; } - if ($ENV{'form.action'} eq 'stage2') { - my $author = &Apache::lonnet::metadata($filename,'authorspace'); - $author =~ m|@|; - $author = $`; #This just tells who the author name is for later processing. - &stage_2($r, $ENV{'form.filename'}, $author, $listname); - } - elsif($ENV{'form.action'} eq 'copy_stage') { - ©_stage($r, $filename,$ENV{'form.listname'},$ENV{'form.newpath'}); - } - elsif($ENV{'form.action'} eq 'delete_confirm') { - &Apache::loncommon::content_type($r,'text/html'); - $r->send_http_header; - &delete_file($r, $ENV{'form.author'}, $ENV{'form.newpath'}, $ENV{'form.filename'}, $ENV{'form.path'}, '0'); - } - else { - &Apache::loncommon::content_type($r,'text/html'); - $r->send_http_header; - $r->print('
- - - - - -
'); - $r->print('
'); - &print_item($r, $ENV{'form.filename'}); + my $newpath = $env{'form.newpath'}; + + &Apache::loncommon::content_type($r,'text/html'); + $r->send_http_header; + + if ($viewonly) { + &print_item($r,$filename,$listname,'view'); + } elsif ($env{'form.action'} eq 'stage2') { + &stage_2($r,$filename,$listname); + } elsif($env{'form.action'} eq 'copy_stage') { + ©_stage($r,$filename,$listname,$newpath); + } elsif($env{'form.action'} eq 'delete_confirm') { + my $path_to_new_file = &get_path_to_newfile($r,$newpath,$listname); + if ($path_to_new_file) { + &delete_copy_file($r, $newpath, $filename, $path_to_new_file, '0'); + } + } else { + &print_item($r,$filename,$listname); } return OK; }