File:
[LON-CAPA] /
loncom /
interface /
lonsource.pm
Revision
1.37:
download - view:
text,
annotated -
select for diffs
Fri Sep 29 19:18:10 2017 UTC (6 years, 11 months ago) by
raeburn
Branches:
MAIN
CVS tags:
HEAD
- In course context the Functions menu will include a "View source" item/icon
for a published assessment item, if the user does not have rights to edit,
and either of the following are true:
(a) user has a cre priv, and content has source set to "open",
(b) user has vxc priv (View XML of assessments in course where
course owner/co-owner is author/co-author of content).
- vxc priv is assignable to custom role, including ad hoc custom roles
which can be made available to users with domain helpdesk role.
1: # The LearningOnline Network with CAPA
2: # Source Code handler
3: #
4: # $Id: lonsource.pm,v 1.37 2017/09/29 19:18:10 raeburn Exp $
5: #
6: # Copyright Michigan State University Board of Trustees
7: #
8: # This file is part of the LearningOnline Network with CAPA (LON-CAPA).
9: #
10: # LON-CAPA is free software; you can redistribute it and/or modify
11: # it under the terms of the GNU General Public License as published by
12: # the Free Software Foundation; either version 2 of the License, or
13: # (at your option) any later version.
14: #
15: # LON-CAPA is distributed in the hope that it will be useful,
16: # but WITHOUT ANY WARRANTY; without even the implied warranty of
17: # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18: # GNU General Public License for more details.
19: #
20: # You should have received a copy of the GNU General Public License
21: # along with LON-CAPA; if not, write to the Free Software
22: # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
23: #
24: # /home/httpd/html/adm/gpl.txt
25: #
26: # http://www.lon-capa.org/
27: #
28: ###
29:
30:
31: package Apache::lonsource;
32:
33: use strict;
34: use Apache::lonnet;
35: use Apache::loncommon();
36: use Apache::lonhtmlcommon();
37: use Apache::lonsequence();
38: use Apache::Constants qw(:common :http);
39: use Apache::lonmeta;
40: use Apache::lonenc();
41: use Apache::File;
42: use Apache::lonlocal;
43: use HTML::Entities;
44: use LONCAPA qw(:DEFAULT :match);
45:
46: sub make_link {
47: my ($filename, $listname) = @_;
48: my $sourcelink = '/adm/source?inhibitmenu=yes&filename='.
49: &escape(&escape($filename)).'&listname='.
50: &escape(&escape($listname));
51: return $sourcelink;
52: }
53:
54: sub stage_2 {
55: my ($r, $filename, $listname) = @_;
56: my ($author)=($filename=~/\/res\/[^\/]+\/([^\/]+)\//);
57: $r->print(&Apache::loncommon::start_page('Copy Problem Source Code to Authoring Space',undef,
58: {'only_body' => 1,})
59: .&mt('Please enter the directory that you would like the source code to go into.')
60: .'<p>'
61: .&mt('Note: the path is in reference to the root of your Authoring Space,'
62: .' and new directories will be automatically created.')
63: .'</p>');
64: $r->print('<form name="copy" action="/adm/source" target="_parent" method="post">
65: <input type="hidden" name="filename" value="'.$filename.'" />
66: <input type="hidden" name="listname" value="'.$listname.'" />
67: <input type="hidden" name="action" value="copy_stage" />
68: <input type="text" size="50" name="newpath" value="/'.&mt('shared_source').'/'.$author.'" />
69: <input type="submit" value="'.&mt('Copy').'" />
70: </form>'.
71: &Apache::loncommon::end_page());
72: return OK;
73: }
74:
75: sub copy_author {
76: my $role;
77: my $domain;
78: my $author_name;
79: if ($env{'request.role'} =~ m{^ca\.}) {
80: ($role, $domain, $author_name) = split(/\//,$env{'request.role'});
81: } else {
82: $role = "au.";
83: $domain = $env{'user.domain'};
84: $author_name = $env{'user.name'};
85: }
86: return ($role,$author_name,$domain);
87: }
88:
89:
90: sub copy_stage {
91: my ($r, $filename, $listname, $newpath) = @_;
92:
93: my ($path_to_new_file,$uname,$udom) = &get_path_to_newfile($r,$newpath,$listname);
94:
95: #allowed
96: if ($path_to_new_file) {
97: $r->print(&Apache::loncommon::start_page('Copying Source',undef,{'only_body' => 1}));
98: my $result = &Apache::loncfile::exists($uname, $udom, $path_to_new_file);
99: $r->print($result);
100: if (($result) && ($result =~ /published/)) {
101: &delete_copy_file($r, $newpath, $filename, $path_to_new_file, '1');
102: } elsif (($result) && ($result =~ /exists\!/)) {
103: &confirm($r, $newpath, $filename, $listname);
104: } else {
105: ©_file($r, $newpath, $filename, $path_to_new_file);
106: }
107: $r->print(&Apache::loncommon::end_page());
108: }
109: return;
110: }
111:
112: sub confirm {
113: my ($r, $newpath, $filename, $listname) = @_;
114: $r->print('<b>'.&mt('Press delete to remove file and replace it with a copy of the source you are viewing.').'</b><br /><br />');
115: $r->print('<form name="delete_confirm" action="/adm/source" target="_parent" method="post">
116: <input type="hidden" name="filename" value="'.$filename.'" />
117: <input type="hidden" name="listname" value="'.$listname.'" />
118: <input type="hidden" name="newpath" value="'.$newpath.'" />
119: <input type="hidden" name="action" value="delete_confirm" />
120: <input type="submit" value="Delete" />
121: </form>');
122: return;
123: }
124:
125: sub delete_copy_file {
126: my ($r, $newpath, $filename, $path_to_new_file, $type) = @_;
127: if ($type eq '1') {
128: $r->print('<p><span class="LC_warning">'
129: .&mt('Cannot delete non-obsolete published file.')
130: .'</span><br />'
131: .&mt('Please use the code view in previous window to use shared code.')
132: .'<br /><br />');
133: $r->print('<form name="delete_done" action="/adm/source" target="_parent" method="post">'
134: .'<input type="button" value="'.&mt('Close Window').'" name="close"'
135: .' onclick="window.close()" />'
136: .'</form></p>');
137: return;
138: } else {
139: $r->print(&Apache::loncommon::start_page('Copying Source',undef,{'only_body' => 1}));
140: if (-e $path_to_new_file) {
141: unless (unlink($path_to_new_file)) {
142: $r->print('<p class="LC_error"">'.&mt('Error:').' '.$!.'</p>');
143: return 0;
144: }
145: } else {
146: $r->print('<p class="LC_error">'.&mt('No such file').'</p>');
147: return 0;
148: }
149: ©_file($r, $newpath, $filename, $path_to_new_file);
150: $r->print(&Apache::loncommon::end_page());
151: return;
152: }
153: }
154:
155: sub copy_file {
156: my ($r, $newpath, $filename, $path_to_new_file) = @_;
157: $r->print('<b>'.&mt('Creating directories').'</b>');
158:
159: #Figure out if we are author or co-author
160: my ($role,$author_name,$domain)=©_author();
161:
162: my $path = $r->dir_config('lonDocRoot')."/priv/$domain/$author_name/";
163: my @directories = split(/\//,$newpath);
164:
165: foreach my $now_checking (@directories) {
166: if($now_checking ne '') {
167: $path = $path.'/'.$now_checking;
168: if(-e $path) {} #More moving along, isn't recursion fun'
169:
170: else {
171: unless(mkdir($path, 02770)) {
172: $r->print('<p class="LC_error">'.&mt('Error:').' '.$!.'</p>');
173: return 0;
174: }
175: unless(chmod(02770, ($path))) {
176: $r->print('<p class="LC_error"> '.&mt('Error:').' '.$!.'</p>');
177: return 0;
178: }
179: }
180: } else { } #Just move along
181:
182: }
183: $r->print('<br /><b>'.&mt('Copying File').'</b>');
184: my $problem_filename = $Apache::lonnet::perlvar{'lonDocRoot'}.$filename;
185: my $file_output = &includemeta(&Apache::lonnet::getfile($problem_filename),$filename);
186: my $fs=Apache::File->new(">$path_to_new_file");
187: if (defined($fs)) {
188: print $fs $file_output;
189: }
190: $r->print("<br /><br />");
191: $r->print('<form name="copied_file" action="/adm/source" target="_parent" method="post">'
192: .'<input type="button" value="'
193: .&mt('Close Window').'" name="close" onclick="window.close()" />'
194: .'</form>');
195: #Some 1.3'ish feature is to include the derivative feature, will go here..'
196: return;
197: }
198:
199: sub print_item {
200: my ($r,$filename,$listname,$context) = @_;
201: my $file_output;
202: if ($context eq 'view') {
203: $file_output =
204: &Apache::lonnet::getfile($Apache::lonnet::perlvar{'lonDocRoot'}.$filename);
205: } else {
206: $file_output =
207: &includemeta(&Apache::lonnet::getfile($Apache::lonnet::perlvar{'lonDocRoot'}.$filename),
208: $filename);
209: }
210: $r->print(&Apache::loncommon::start_page('View Source Code',undef,
211: {'only_body' => 1}));
212: if ($file_output ne '') {
213: my $access_to_cstr;
214: my $lonhost = $r->dir_config('lonHostID');
215: if ($context eq 'view') {
216: $r->print('<form name="view" action="" target="_parent" method="post"><span class="LC_info">'.
217: &mt('Source code is displayed below.').
218: '</span>'.(' ' x4).'<input type="button" name="close" onclick="window.close();"'.
219: ' value="'.&mt('Close Window').'" /></form><hr />');
220: } elsif (&Apache::lonnet::is_library($lonhost)) {
221: my @possdoms = &Apache::lonnet::current_machine_domains();
222: foreach my $dom (@possdoms) {
223: if ($env{"user.role.au./$dom/"}) {
224: $access_to_cstr = 1;
225: last;
226: }
227: }
228: unless ($access_to_cstr) {
229: foreach my $key (keys(%env)) {
230: if ($key =~ m{^\Quser.role.ca./\E($match_domain)/}) {
231: my $adom = $1;
232: if (grep(/^\Q$adom\E$/,@possdoms)) {
233: $access_to_cstr = 1;
234: last;
235: }
236: }
237: }
238: }
239: if ($access_to_cstr) {
240: $r->print('
241: <form name="copy" action="/adm/source" target="_parent" method="post">
242: <input type="button" value="'.&mt('Close Window').'" name="close" onclick="window.close();" />
243: <input type="hidden" name="filename" value="'.$filename.'" />
244: <input type="hidden" name="listname" value="'.$listname.'" />
245: <input type="hidden" name="action" value="stage2" />
246: <input type="submit" value="'.&mt('Copy to Authoring Space').'" />
247: </form><hr />
248: ');
249: } else {
250: $r->print('<p><span class="LC_info">'.
251: &mt('Source code is displayed, but you can not copy to Authoring Space, as you do not have an author or co-author role on this server.').
252: '</span></p><a href="javascript:window.close();">'.&mt('Close Window').
253: '</a><br /><hr />'
254: );
255: }
256: } else {
257: $r->print('<p><span class="LC_info">'.
258: &mt('Source code is displayed, but you can not copy to Authoring Space on this server.').
259: '</span></p><a href="javascript:window.close();">'.&mt('Close Window').
260: '</a><br /><hr />'
261: );
262:
263: }
264: my $count=0;
265: my $maxlength=-1;
266: foreach (split ("\n", $file_output)) {
267: $count+=int(length($_)/79);
268: $count++;
269: if (length($_) > $maxlength) {
270: $maxlength = length($_);
271: }
272: }
273: my $rows = $count;
274: my $cols = $maxlength;
275: $r->print('<form name="showsrc" action="" method="post" onsubmit="return false">'."\n".
276: '<textarea rows="'.$rows.'" cols="'.$cols.'" name="editxmltext">'.
277: &HTML::Entities::encode($file_output,'<>&"').'</textarea></form>');
278: } else {
279: $r->print('<p class="LC_warning">'.
280: &mt('Unable to retrieve file contents.').
281: '</p><a href="javascript:window.close();">'.&mt('Close Window').'</a>'
282: );
283: }
284: $r->print(&Apache::loncommon::end_page());
285: return;
286: }
287:
288: sub includemeta {
289: my ($file_output,$orgfilename)=@_;
290: my $escfilename=&escape($orgfilename);
291: my $copytime=time;
292: if ($file_output=~/\<meta\s*name\=\"isbasedonres\"/i) {
293: $file_output=~s/(\<meta\s*name\=\"isbasedonres\"\s*content\=\"[^\"]*)\"/$1\,\Q$escfilename\E\"/i;
294: } else {
295: $file_output=~s/(\<(?:html|problem)[^\>]*\>)/$1\n\<meta name=\"isbasedonres\" content=\"\Q$escfilename\E\" \/\>/i;
296: }
297: if ($file_output=~/\<meta\s*name\=\"isbasedontime\"/i) {
298: $file_output=~s/(\<meta\s*name\=\"isbasedontime\"\s*content\=\"[^\"]*)\"/$1\,\Q$copytime\E\"/i;
299: } else {
300: $file_output=~s/(\<(?:html|problem)[^\>]*\>)/$1\n\<meta name=\"isbasedontime\" content=\"\Q$copytime\E\" \/\>/i;
301: }
302: if ($file_output eq '-1') {
303: return;
304: } else {
305: return $file_output;
306: }
307: }
308:
309: sub get_path_to_newfile {
310: my ($r,$newpath,$listname) = @_;
311:
312: #Figure out if we are author or co-author
313: my ($role,$author_name,$domain) = ©_author();
314:
315: # Construct path to copy and filter out any possibly nasty stuff
316: my $path = $r->dir_config('lonDocRoot')."/priv/$domain/$author_name/";
317: my $path_to_new_file = $path."$newpath/$listname";
318: $path_to_new_file=~s/\.\.//g;
319: $path_to_new_file=~s/\~//g;
320: $path_to_new_file=~s/\/+/\//g;
321:
322: #Just checking again for access as we want to make sure that it is really ok
323: #now that we have the real path
324:
325: my ($uname,$udom)= &Apache::lonnet::constructaccess($path_to_new_file);
326:
327: if (!$uname || !$udom) {
328: $r->print(&Apache::loncommon::start_page('Not Allowed',undef,{'only_body' => 1}));
329: $r->print(&mt('Not allowed to create file [_1]', $path_to_new_file));
330: $r->print(&Apache::loncommon::end_page());
331: if (wantarray) {
332: return();
333: } else {
334: return;
335: }
336: }
337: if (wantarray) {
338: return ($path_to_new_file,$uname,$udom);
339: } else {
340: return $path_to_new_file;
341: }
342: }
343:
344: sub handler {
345: my $r=shift;
346: &Apache::loncommon::get_unprocessed_cgi($ENV{'QUERY_STRING'},
347: ['filename','listname','viewonly']);
348: my $filename = $env{'form.filename'};
349: my $shownfilename = $filename;
350: $shownfilename =~ s/(`)/'/g;
351: $shownfilename =~ s/\$/\(\$\)/g;
352: my $listname = $env{'form.listname'};
353: my $viewonly = $env{'form.viewonly'};
354:
355: if ($viewonly) {
356: my $canview;
357: $filename =~ s/\.\.//g;
358: $filename =~ s/\~//g;
359: $filename =~ s/\/+/\//g;
360: if (($env{'request.course.id'}) && (&Apache::lonnet::is_on_map($filename))) {
361: if ((&Apache::lonnet::metadata(&Apache::lonenc::check_decrypt($filename)) eq 'open') &&
362: (&Apache::lonnet::allowed('cre','/'))) {
363: $canview = 1;
364: } elsif (&Apache::lonnet::allowed('vxc',$env{'request.course.id'})) {
365: my $cdom = $env{'course.'.$env{'request.course.id'}.'.domain'};
366: &Apache::lonenc::check_decrypt(\$filename);
367: if (($env{'request.role.domain'} eq $cdom) && ($filename =~ /$LONCAPA::assess_re/)) {
368: my ($auname) = ($filename =~ m{^\Q/res/$cdom/\E($match_username)/});
369: if (($env{'request.course.adhocsrcaccess'} ne '') &&
370: (grep(/^\Q$auname\E$/,split(/,/,$env{'request.course.adhocsrcaccess'})))) {
371: $canview = 1;
372: }
373: }
374: }
375: }
376: unless ($canview) {
377: $env{'user.error.msg'}="$shownfilename:cre:1:1:Source code not available";
378: return HTTP_NOT_ACCEPTABLE;
379: }
380: } elsif (&Apache::lonnet::metadata($filename,'sourceavail') ne 'open') {
381: $env{'user.error.msg'}="$shownfilename:cre:1:1:Source code not available";
382: return HTTP_NOT_ACCEPTABLE;
383: }
384: unless (&Apache::lonnet::allowed('bre',$filename)) {
385: $env{'user.error.msg'}="$shownfilename:bre:1:1:Access to resource denied";
386: return HTTP_NOT_ACCEPTABLE;
387: }
388: unless ($viewonly) {
389: unless (&Apache::lonnet::allowed('cre','/')) {
390: $env{'user.error.msg'}="$shownfilename:cre:1:1:Access to source code denied";
391: return HTTP_NOT_ACCEPTABLE;
392: }
393: }
394: my $newpath = $env{'form.newpath'};
395:
396: &Apache::loncommon::content_type($r,'text/html');
397: $r->send_http_header;
398:
399: if ($viewonly) {
400: &print_item($r,$filename,$listname,'view');
401: } elsif ($env{'form.action'} eq 'stage2') {
402: &stage_2($r,$filename,$listname);
403: } elsif($env{'form.action'} eq 'copy_stage') {
404: ©_stage($r,$filename,$listname,$newpath);
405: } elsif($env{'form.action'} eq 'delete_confirm') {
406: my $path_to_new_file = &get_path_to_newfile($r,$newpath,$listname);
407: if ($path_to_new_file) {
408: &delete_copy_file($r, $newpath, $filename, $path_to_new_file, '0');
409: }
410: } else {
411: &print_item($r,$filename,$listname);
412: }
413: return OK;
414: }
415:
416: 1;
417:
418:
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>