# The LearningOnline Network with CAPA # Source Code handler # # $Id: lonsource.pm,v 1.38 2017/10/07 21:07:17 raeburn Exp $ # # Copyright Michigan State University Board of Trustees # # This file is part of the LearningOnline Network with CAPA (LON-CAPA). # # LON-CAPA is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2 of the License, or # (at your option) any later version. # # LON-CAPA is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with LON-CAPA; if not, write to the Free Software # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA # # /home/httpd/html/adm/gpl.txt # # http://www.lon-capa.org/ # ### package Apache::lonsource; use strict; use Apache::lonnet; use Apache::loncommon(); use Apache::lonhtmlcommon(); use Apache::lonsequence(); use Apache::Constants qw(:common :http); use Apache::lonmeta; use Apache::lonenc(); use Apache::File; use Apache::lonlocal; use HTML::Entities; use LONCAPA qw(:DEFAULT :match); sub make_link { my ($filename, $listname) = @_; my $sourcelink = '/adm/source?inhibitmenu=yes&filename='. &escape(&escape($filename)).'&listname='. &escape(&escape($listname)); return $sourcelink; } sub stage_2 { my ($r, $filename, $listname) = @_; my ($author)=($filename=~/\/res\/[^\/]+\/([^\/]+)\//); $r->print(&Apache::loncommon::start_page('Copy Problem Source Code to Authoring Space',undef, {'only_body' => 1,}) .&mt('Please enter the directory that you would like the source code to go into.') .'

' .&mt('Note: the path is in reference to the root of your Authoring Space,' .' and new directories will be automatically created.') .'

'); $r->print(''. &Apache::loncommon::end_page()); return OK; } sub copy_author { my $role; my $domain; my $author_name; if ($env{'request.role'} =~ m{^ca\.}) { ($role, $domain, $author_name) = split(/\//,$env{'request.role'}); } else { $role = "au."; $domain = $env{'user.domain'}; $author_name = $env{'user.name'}; } return ($role,$author_name,$domain); } sub copy_stage { my ($r, $filename, $listname, $newpath) = @_; my ($path_to_new_file,$uname,$udom) = &get_path_to_newfile($r,$newpath,$listname); #allowed if ($path_to_new_file) { $r->print(&Apache::loncommon::start_page('Copying Source',undef,{'only_body' => 1})); my $result = &Apache::loncfile::exists($uname, $udom, $path_to_new_file); $r->print($result); if (($result) && ($result =~ /published/)) { &delete_copy_file($r, $newpath, $filename, $path_to_new_file, '1'); } elsif (($result) && ($result =~ /exists\!/)) { &confirm($r, $newpath, $filename, $listname); } else { ©_file($r, $newpath, $filename, $path_to_new_file); } $r->print(&Apache::loncommon::end_page()); } return; } sub confirm { my ($r, $newpath, $filename, $listname) = @_; $r->print(''.&mt('Press delete to remove file and replace it with a copy of the source you are viewing.').'

'); $r->print(''); return; } sub delete_copy_file { my ($r, $newpath, $filename, $path_to_new_file, $type) = @_; if ($type eq '1') { $r->print('

' .&mt('Cannot delete non-obsolete published file.') .'
' .&mt('Please use the code view in previous window to use shared code.') .'

'); $r->print('

'); return; } else { $r->print(&Apache::loncommon::start_page('Copying Source',undef,{'only_body' => 1})); if (-e $path_to_new_file) { unless (unlink($path_to_new_file)) { $r->print('

'.&mt('Error:').' '.$!.'

'); return 0; } } else { $r->print('

'.&mt('No such file').'

'); return 0; } ©_file($r, $newpath, $filename, $path_to_new_file); $r->print(&Apache::loncommon::end_page()); return; } } sub copy_file { my ($r, $newpath, $filename, $path_to_new_file) = @_; $r->print(''.&mt('Creating directories').''); #Figure out if we are author or co-author my ($role,$author_name,$domain)=©_author(); my $path = $r->dir_config('lonDocRoot')."/priv/$domain/$author_name/"; my @directories = split(/\//,$newpath); foreach my $now_checking (@directories) { if($now_checking ne '') { $path = $path.'/'.$now_checking; if(-e $path) {} #More moving along, isn't recursion fun' else { unless(mkdir($path, 02770)) { $r->print('

'.&mt('Error:').' '.$!.'

'); return 0; } unless(chmod(02770, ($path))) { $r->print('

'.&mt('Error:').' '.$!.'

'); return 0; } } } else { } #Just move along } $r->print('
'.&mt('Copying File').''); my $problem_filename = $Apache::lonnet::perlvar{'lonDocRoot'}.$filename; my $file_output = &includemeta(&Apache::lonnet::getfile($problem_filename),$filename); my $fs=Apache::File->new(">$path_to_new_file"); if (defined($fs)) { print $fs $file_output; } $r->print("

"); $r->print(''); #Some 1.3'ish feature is to include the derivative feature, will go here..' return; } sub print_item { my ($r,$filename,$listname,$context) = @_; my $file_output; if ($context eq 'view') { $file_output = &Apache::lonnet::getfile($Apache::lonnet::perlvar{'lonDocRoot'}.$filename); } else { $file_output = &includemeta(&Apache::lonnet::getfile($Apache::lonnet::perlvar{'lonDocRoot'}.$filename), $filename); } $r->print(&Apache::loncommon::start_page('View Source Code',undef, {'only_body' => 1})); if ($file_output ne '') { my $access_to_cstr; my $lonhost = $r->dir_config('lonHostID'); if ($context eq 'view') { $r->print('

'); } elsif (&Apache::lonnet::is_library($lonhost)) { my @possdoms = &Apache::lonnet::current_machine_domains(); foreach my $dom (@possdoms) { if ($env{"user.role.au./$dom/"}) { $access_to_cstr = 1; last; } } unless ($access_to_cstr) { foreach my $key (keys(%env)) { if ($key =~ m{^\Quser.role.ca./\E($match_domain)/}) { my $adom = $1; if (grep(/^\Q$adom\E$/,@possdoms)) { $access_to_cstr = 1; last; } } } } if ($access_to_cstr) { $r->print('

'); } else { $r->print('

'. &mt('Source code is displayed, but you can not copy to Authoring Space, as you do not have an author or co-author role on this server.'). '

'.&mt('Close Window'). '

' ); } } else { $r->print('

'. &mt('Source code is displayed, but you can not copy to Authoring Space on this server.'). '

'.&mt('Close Window'). '

' ); } my $count=0; my $maxlength=-1; foreach (split ("\n", $file_output)) { $count+=int(length($_)/79); $count++; if (length($_) > $maxlength) { $maxlength = length($_); } } my $rows = $count; my $cols = $maxlength; $r->print(''); } else { $r->print('

'. &mt('Unable to retrieve file contents.'). '

'.&mt('Close Window').'' ); } $r->print(&Apache::loncommon::end_page()); return; } sub includemeta { my ($file_output,$orgfilename)=@_; my $escfilename=&escape($orgfilename); my $copytime=time; if ($file_output=~/\]*\>)/$1\n\/i; } if ($file_output=~/\]*\>)/$1\n\/i; } if ($file_output eq '-1') { return; } else { return $file_output; } } sub get_path_to_newfile { my ($r,$newpath,$listname) = @_; #Figure out if we are author or co-author my ($role,$author_name,$domain) = ©_author(); # Construct path to copy and filter out any possibly nasty stuff my $path = $r->dir_config('lonDocRoot')."/priv/$domain/$author_name/"; my $path_to_new_file = $path."$newpath/$listname"; $path_to_new_file=~s/\.\.//g; $path_to_new_file=~s/\~//g; $path_to_new_file=~s/\/+/\//g; #Just checking again for access as we want to make sure that it is really ok #now that we have the real path my ($uname,$udom)= &Apache::lonnet::constructaccess($path_to_new_file); if (!$uname || !$udom) { $r->print(&Apache::loncommon::start_page('Not Allowed',undef,{'only_body' => 1})); $r->print(&mt('Not allowed to create file [_1]', $path_to_new_file)); $r->print(&Apache::loncommon::end_page()); if (wantarray) { return(); } else { return; } } if (wantarray) { return ($path_to_new_file,$uname,$udom); } else { return $path_to_new_file; } } sub handler { my $r=shift; &Apache::loncommon::get_unprocessed_cgi($ENV{'QUERY_STRING'}, ['filename','listname','viewonly']); my $filename = $env{'form.filename'}; my $shownfilename = $filename; $shownfilename =~ s/(`)/'/g; $shownfilename =~ s/\$/$\$$/g; my $listname = $env{'form.listname'}; my $viewonly = $env{'form.viewonly'}; if ($viewonly) { my $canview; $filename =~ s/\.\.//g; $filename =~ s/\~//g; $filename =~ s/\/+/\//g; if (($env{'request.course.id'}) && (&Apache::lonnet::is_on_map($filename))) { if ((&Apache::lonnet::metadata(&Apache::lonenc::check_decrypt($filename)) eq 'open') && (&Apache::lonnet::allowed('cre','/'))) { $canview = 1; } elsif (&Apache::lonnet::allowed('vxc',$env{'request.course.id'})) { my $cdom = $env{'course.'.$env{'request.course.id'}.'.domain'}; &Apache::lonenc::check_decrypt(\$filename); if (($env{'request.role.domain'} eq $cdom) && ($filename =~ /$LONCAPA::assess_re/)) { my ($auname) = ($filename =~ m{^\Q/res/$cdom/\E($match_username)/}); if (($auname ne '') && ($env{'request.course.adhocsrcaccess'} ne '') && (grep(/^\Q$auname\E$/,split(/,/,$env{'request.course.adhocsrcaccess'})))) { $canview = 1; } elsif ((&Apache::lonnet::metadata($filename) eq 'open') && ($filename =~ m{^\Q/res/$cdom/}) && (&Apache::lonnet::allowed('bre','/'))) { $canview = 1; } } } } unless ($canview) { $env{'user.error.msg'}="$shownfilename:cre:1:1:Source code not available"; return HTTP_NOT_ACCEPTABLE; } } elsif (&Apache::lonnet::metadata($filename,'sourceavail') ne 'open') { $env{'user.error.msg'}="$shownfilename:cre:1:1:Source code not available"; return HTTP_NOT_ACCEPTABLE; } unless (&Apache::lonnet::allowed('bre',$filename)) { $env{'user.error.msg'}="$shownfilename:bre:1:1:Access to resource denied"; return HTTP_NOT_ACCEPTABLE; } unless ($viewonly) { unless (&Apache::lonnet::allowed('cre','/')) { $env{'user.error.msg'}="$shownfilename:cre:1:1:Access to source code denied"; return HTTP_NOT_ACCEPTABLE; } } my $newpath = $env{'form.newpath'}; &Apache::loncommon::content_type($r,'text/html'); $r->send_http_header; if ($viewonly) { &print_item($r,$filename,$listname,'view'); } elsif ($env{'form.action'} eq 'stage2') { &stage_2($r,$filename,$listname); } elsif($env{'form.action'} eq 'copy_stage') { ©_stage($r,$filename,$listname,$newpath); } elsif($env{'form.action'} eq 'delete_confirm') { my $path_to_new_file = &get_path_to_newfile($r,$newpath,$listname); if ($path_to_new_file) { &delete_copy_file($r, $newpath, $filename, $path_to_new_file, '0'); } } else { &print_item($r,$filename,$listname); } return OK; } 1;