--- loncom/interface/portfolio.pm 2014/01/14 18:54:56 1.252 +++ loncom/interface/portfolio.pm 2023/12/28 18:14:07 1.268 @@ -1,7 +1,7 @@ # The LearningOnline Network # portfolio browser # -# $Id: portfolio.pm,v 1.252 2014/01/14 18:54:56 bisitz Exp $ +# $Id: portfolio.pm,v 1.268 2023/12/28 18:14:07 raeburn Exp $ # # Copyright Michigan State University Board of Trustees # @@ -112,13 +112,17 @@ sub display_common { END } + # Find space available before uploading + my $free_space = &free_space($group); + # Upload File $r->print('
' .'
' .'
' .''.$lt{'upload_label'}.'' .$groupitem - .'' + .'' + .'' .'' .'' .'' @@ -199,7 +203,8 @@ sub display_portfolio_usage { .$helpitem .'
' .'
' - .&Apache::lonhtmlcommon::display_usage($current_disk_usage,$disk_quota) + .&Apache::lonhtmlcommon::display_usage($current_disk_usage, + $disk_quota,'portfolio') .'
'); } @@ -232,7 +237,7 @@ sub display_directory_line { if ($lock_info) { my %anchor_fields = ('lockinfo' => $fullpath); if ($versions) { # hold the folder open - my ($fname,$version,$extension) = &Apache::grades::file_name_version_ext($fullpath); + my ($fname,$version,$extension) = &Apache::lonnet::file_name_version_ext($fullpath); $fname =~ s|^/||; $anchor_fields{'showversions'} = $fname.'.'.$extension; } @@ -262,13 +267,16 @@ sub display_directory_line { sub display_directory { my ($r,$url,$current_path,$is_empty,$dir_list,$group,$can_upload, - $can_modify,$can_delete,$can_setacl)=@_; + $can_modify,$can_delete,$can_setacl,$can_viewacl)=@_; my $iconpath= $r->dir_config('lonIconsURL') . "/"; my $select_mode; my $checked_files; my $port_path = &get_port_path(); my ($uname,$udom) = &get_name_dom($group); - my $access_admin_text = &mt('View Status'); + my $access_admin_text; + if ($can_viewacl) { + $access_admin_text = &mt('View Status'); + } if ($can_setacl) { $access_admin_text = &mt('View/Change Status'); } @@ -365,7 +373,7 @@ sub display_directory { } (@{$dir_list})) { my ($filename,$dom,undef,$testdir,undef,undef,undef,undef,$size,undef,$mtime,undef,undef,undef,$obs,undef)=split(/\&/,$dir_line,16); $filename =~ s/\s+$//; - my ($fname,$version,$extension) = &Apache::grades::file_name_version_ext($filename); + my ($fname,$version,$extension) = &Apache::lonnet::file_name_version_ext($filename); if ($version) { my $fullpath = &prepend_group($current_path.$fname.'.'.$extension); push(@{ $versioned{$fullpath} }, @@ -378,7 +386,7 @@ sub display_directory { my $zerobyte; foreach my $dir_line (@dir_lines) { my ($filename,$dom,$testdir,$size,$mtime,$obs) = @$dir_line; - my ($fname,$version,$extension) = &Apache::grades::file_name_version_ext($filename); + my ($fname,$version,$extension) = &Apache::lonnet::file_name_version_ext($filename); if (($filename ne '.') && ($filename ne '..') && ($filename !~ /\.meta$/ ) && ($filename !~ /(.*)\.(\d+)\.([^\.]*)$/)) { my $version_flag; my $show_versions; @@ -482,6 +490,7 @@ sub display_directory { my $cond_access = 0; foreach my $key (sort(keys(%{$access_controls{$fullpath}}))) { my ($num,$scope,$end,$start) = &unpack_acc_key($key); + next if ($scope eq 'ip'); if (($now > $start) && (!$end || $end > $now)) { if ($scope eq 'public') { $pub_access = 1; @@ -509,7 +518,7 @@ sub display_directory { } } &display_directory_line($r,$select_mode, $filename, $mtime, $size, $css_class, $line, - \%access_controls, $curr_access,$now, $version_flag, $href_location, + \%access_controls, $curr_access, $now, $version_flag, $href_location, $url, $current_path, $access_admin_text); if ($show_versions) { foreach my $dir_line (@{ $versioned{$fullpath} }) { @@ -882,7 +891,7 @@ sub access_for_renamed { } sub display_access { - my ($r,$url,$group,$can_setacl,$port_path,$action) = @_; + my ($r,$url,$group,$can_setacl,$can_viewacl,$port_path,$action) = @_; my ($uname,$udom) = &get_name_dom($group); my $file_name = $env{'form.currentpath'}.$env{'form.access'}; $file_name = &prepend_group($file_name); @@ -892,6 +901,8 @@ sub display_access { my $aclcount = keys(%access_controls); my ($header,$info); if ($action eq 'chgaccess') { + my $uhome = &Apache::lonnet::homeserver($uname,$udom); + my $prefix = &Apache::lonnet::url_prefix($r,$udom,$uhome,'web'); $header = '

' .&mt('Allowing others to retrieve file: [_1]' @@ -904,15 +915,15 @@ sub display_access { $info .= '
  • '.&mt('Passphrase-protected files do not require log-in, but will require the viewer to enter the passphrase you set.'); $info .= '
  • '.&explain_conditionals(); $info .= '
    • '. - &mt('A listing of files viewable without log-in is available at: ')."".&Apache::lonnet::absolute_url($ENV{'SERVER_NAME'})."/adm/$udom/$uname/aboutme/portfolio.
    "; + &mt('A listing of files viewable without log-in is available at: ')."$prefix/adm/$udom/$uname/aboutme/portfolio.
    "; if ($group eq '') { $info .= &mt("For logged in users a 'Display file listing' link will also appear (when there are viewable files) on your personal information page:"); } else { $info .= &mt("For logged in users a 'Display file listing' link will also appear (when there are viewable files) on the course information page:"); } - $info .= "
    ".&Apache::lonnet::absolute_url($ENV{'SERVER_NAME'})."/adm/$udom/$uname/aboutme
    "; + $info .= "
    $prefix/adm/$udom/$uname/aboutme
    "; if ($group ne '') { - $info .= &mt("Users with privileges to edit course contents may add a course information page to a course using the 'Course Info' button in DOCS").'
    '; + $info .= &mt("Users with course editing rights may add a 'Group Portfolio' item using the Course Editor (Collaboration tab), to provide access to viewable group portfolio files.").'
    '; } } else { $header = '

    '.&mt('Conditional access controls for file: [_1]',$port_path.$env{'form.currentpath'}.$env{'form.access'}).'

    '. @@ -931,20 +942,30 @@ sub display_access { 'cancel' => &mt('Return to directory'), }; &close_form($r,$url,$button_text); - } else { + } elsif ($can_viewacl) { $r->print($header); if ($aclcount) { $r->print($info); } &view_access_settings($r,$url,$access_controls{$file_name},$aclcount); + } else { + $r->print($header); + $r->print(&mt('You do not have sufficient privileges to view access controls').'
    '); } + my %anchor_fields = ( + 'currentpath' => $env{'form.currentpath'} + ); + $r->print('
    '.&make_anchor($url, \%anchor_fields, &mt('Return to directory'))); + return; } sub explain_conditionals { return - &mt('Conditional files are accessible to logged-in users with accounts in the LON-CAPA network, who satisfy the conditions you set.').'
    '."\n". - &mt('The conditions can include affiliation with a particular course or community, or a user account in a specific domain.').'
    '."\n". - &mt('Alternatively access can be granted to people with specific LON-CAPA usernames and domains.'); + &mt('Conditional files are accessible to users who satisfy the conditions you set.').'
    '; } sub view_access_settings { @@ -985,8 +1006,9 @@ sub build_access_summary { domains => 'Conditional: domain-based', users => 'Conditional: user-based', course => 'Conditional: course/community-based', + userip => 'Conditional: IP-based', ); - my @allscopes = ('public','guest','domains','users','course'); + my @allscopes = ('public','guest','domains','users','course','userip'); foreach my $scope (@allscopes) { if ((!(exists($todisplay{$scope}))) || (ref($todisplay{$scope}) ne 'HASH')) { next; @@ -1063,6 +1085,9 @@ sub build_access_summary { } elsif ($scope eq 'users') { my $curr_user_list = &sort_users($content->{'users'}); $r->print(&mt('Users: ').$curr_user_list); + } elsif ($scope eq 'userip') { + my $curr_ips_list = &sort_ips($content->{'userip'}); + $r->print(&mt('IP(s):').' '.$curr_ips_list); } else { $r->print(' '); } @@ -1171,7 +1196,7 @@ sub update_access { my $totalnew = 0; my $status = 'new'; my ($firstitem,$lastitem); - my @types = ('course','domains','users'); + my @types = ('course','domains','users','userip'); foreach my $newitem (@types) { $allnew += $env{'form.new'.$newitem}; } @@ -1183,6 +1208,7 @@ sub update_access { course => 'course/community', domains => 'domain', users => 'user', + userip => 'IP', ); foreach my $newitem (@types) { next if ($env{'form.new'.$newitem} <= 0); @@ -1286,6 +1312,13 @@ sub build_access_record { 'udom' => $udom }); } + } elsif ($scope eq 'userip') { + my $ipslist = $env{'form.ips_'.$num}; + $ipslist =~ s/\s+//sg; + my %ipshash = map { ($_,1) } (split(/,/,$ipslist)); + foreach my $ip (keys(%ipshash)) { + push(@{$record->{'ip'}},$ip); + } } return $record; } @@ -1311,6 +1344,13 @@ sub sort_users { return $curr_user_list; } +sub sort_ips { + my ($ips) = @_; + if (ref($ips) eq 'ARRAY') { + return join(",\n",sort(@{$ips})); + } +} + sub access_setting_table { my ($r,$url,$filename,$access_controls,$action) = @_; my ($public,$publictext); @@ -1320,6 +1360,7 @@ sub access_setting_table { my @courses = (); my @domains = (); my @users = (); + my @ips = (); my $now = time; my $then = $now + (60*60*24*180); # six months approx. my ($num,$scope,$publicnum,$guestnum); @@ -1342,6 +1383,8 @@ sub access_setting_table { push(@domains,$key); } elsif ($scope eq 'users') { push(@users,$key); + } elsif ($scope eq 'userip') { + push(@ips,$key); } } $acl_count{$scope} ++; @@ -1353,7 +1396,7 @@ sub access_setting_table { $guesttext,$access_controls,%conditionals); } else { &condition_setting($r,$access_controls,$now,$then,\%acl_count, - \@domains,\@users,\@courses); + \@domains,\@users,\@courses,\@ips); } $r->print(''); } @@ -1398,14 +1441,14 @@ sub standard_settings { $r->print(&Apache::loncommon::end_data_table_row()); $r->print(&Apache::loncommon::end_data_table()); $r->print(' '. - ''); + ''); my $numconditionals = 0; my $conditionstext; my %cond_status; - foreach my $scope ('domains','users','course') { + foreach my $scope ('domains','users','course','userip') { $numconditionals += $acl_count->{$scope}; if ($acl_count->{$scope} > 0) { - if ($conditionstext ne 'Active') { + if ($conditionstext ne 'Active') { foreach my $key (keys(%{$conditionals{$scope}})) { $conditionstext = &acl_status($start->{$key},$end->{$key},$now); if ($conditionstext eq 'Active') { @@ -1436,24 +1479,20 @@ sub standard_settings { &build_access_summary($r,$count,$chg,%conditionals); $r->print(&Apache::loncommon::end_data_table()); } else { - $r->print(&make_anchor($url,\%anchor_fields,&mt('Add conditional access')).' '.&mt('based on domain, username, or course/community affiliation.')); + $r->print(&make_anchor($url,\%anchor_fields,&mt('Add conditional access')).' '.&mt("based on domain, username, course/community affiliation or user's IP address.")); } } sub condition_setting { - my ($r,$access_controls,$now,$then,$acl_count,$domains,$users,$courses) = @_; + my ($r,$access_controls,$now,$then,$acl_count,$domains,$users,$courses,$ips) = @_; $r->print(''); &access_element($r,'domains',$acl_count,$domains,$access_controls,$now,$then); $r->print(' '); &access_element($r,'users',$acl_count,$users,$access_controls,$now,$then); - $r->print(''); - if ($acl_count->{course} > 0) { - $r->print(''); - } else { - $r->print(''); - } + $r->print(''); &access_element($r,'course',$acl_count,$courses,$access_controls,$now,$then); - $r->print(''); + $r->print(' '); + &access_element($r,'userip',$acl_count,$ips,$access_controls,$now,$then); $r->print(''); } @@ -1473,7 +1512,8 @@ sub access_element { my %typetext = ( domains => 'Domain', users => 'User', - course => 'Course/Community' + course => 'Course/Community', + userip => 'IP', ); $r->print('

    '.&mt($typetext{$type}.'-based conditional access:').' '); if ($$acl_count{$type}) { @@ -1498,6 +1538,9 @@ sub display_access_row { } elsif ($type eq 'users') { $showtype = &mt('Users'); $infotype = 'User'; + } elsif ($type eq 'userip') { + $showtype = &mt('IP-based'); + $infotype = 'IP'; } if (@{$items} > 0) { my @all_doms; @@ -1507,7 +1550,6 @@ sub display_access_row { $r->print(''.&mt('Action?').''.$showtype.''. &mt('Dates available').''); if ($type eq 'course' && $status eq 'old') { - $r->print(''.&mt('Allowed course/community affiliations'). ''); $colspan ++; @@ -1524,6 +1566,8 @@ sub display_access_row { $then); } elsif ($type eq 'users') { &users_row($r,$status,$key,$access_controls,$now,$then); + } elsif ($type eq 'userip') { + &ips_row($r,$status,$key,$access_controls,$now,$then); } $r->print(&Apache::loncommon::end_data_table_row()); } @@ -1702,6 +1746,23 @@ sub users_row { $r->print(''.&actionbox($status,$num,$scope).''.&mt("Format for users' username:domain information:").'
    sparty:msu,illini:uiuc ... etc.
    '.&dateboxes($num,$start,$end).''); } +sub ips_row { + my ($r,$status,$item,$access_controls,$now,$then) = @_; + my ($num,$scope,$end,$start) = &set_identifiers($status,$item,$now,$then, + 'userip'); + my $curr_ips_list; + if ($status eq 'old') { + my $content = $$access_controls{$item}; + $curr_ips_list = &sort_ips($content->{'userip'}); + } + $r->print(''.&actionbox($status,$num,$scope).''.&mt('Format for IP controls').'
    '. + &mt('[_1] or [_2] or [_3] or [_4] or [_5]','35.8.*','35.8.3.[34-56]', + '*.msu.edu','35.8.3.34','somehostname.pa.msu.edu').'
    '. + &mt('Use a comma to separate different ranges.').'
    '. + ''. + ''.&dateboxes($num,$start,$end).''); +} + sub additional_item { my ($type) = @_; my $showtype; @@ -1711,6 +1772,8 @@ sub additional_item { $showtype = 'domain'; } elsif ($type eq 'users') { $showtype = 'user'; + } elsif ($type eq 'userip') { + $showtype = 'IP'; } return &mt('Add new '.$showtype.'-based condition(s)?') @@ -1723,7 +1786,7 @@ sub actionbox { my $output = ''; + $output .= ''; return $output; } @@ -2464,6 +2527,7 @@ sub missing_priv { delete => 'delete files', rename => 'rename files', setacl => 'set access controls for files', + viewacl => 'view access controls for files', ); my $escpath = &HTML::Entities::encode($env{'form.currentpath'},'&<>"'); my $rtnlink = '"$ucgpterm: $grp_desc", - title=>"Go to group's home page"}, + text=>&mt('Group').": $grp_desc", + title=>&mt("Go to group's home page"), + no_mt=>1}, {href=>"/adm/coursegrp_portfolio?".&group_args(), text=>"Group Portfolio", title=>"Display group portfolio"}); my $output = &Apache::lonhtmlcommon::breadcrumbs( - &mt('[_1] portfolio files - [_2]',$gpterm,$grp_desc)); + &mt('Group portfolio files - [_1]',$grp_desc), + undef,undef,undef,undef,1); return $output; } @@ -2523,7 +2589,7 @@ sub get_quota { } else { $disk_quota = &Apache::loncommon::get_user_quota($env{'user.name'}, $env{'user.domain'}); #expressed in MB - $disk_quota = 1000 * $disk_quota; # convert from MB to kB + $disk_quota = 1024 * $disk_quota; # convert from MB to kB } return $disk_quota; } @@ -2553,6 +2619,58 @@ STATE return $state; } +# Find space available in a user's portfolio (convert to bytes) +sub free_space { + my ($group) = @_; + my $disk_quota = &get_quota($group); # Expressed in kB + my ($uname,$udom) = &get_name_dom($group); + my $portfolio_root = &get_portfolio_root(); + my $getpropath = 1; + my $current_disk_usage = &Apache::lonnet::diskusage($udom, $uname, + $portfolio_root, $getpropath); # Expressed in kB + my $free_space = 1024 * ($disk_quota - $current_disk_usage); + return $free_space; +} + +sub valid_container { + my ($uname,$udom,$group) = @_; + my $container_prefix; + if ($group ne '') { + $container_prefix = "/uploaded/$udom/$uname/groups/$group/portfolio"; + } else { + $container_prefix = "/uploaded/$udom/$uname/portfolio"; + } + if ($env{'form.currentpath'}) { + $container_prefix .= $env{'form.currentpath'}; + } else { + $container_prefix .= '/'; + } + if ($env{'form.container'} =~ m{^\Q$container_prefix\E(.+)$}) { + my $filename = $1; + if ($filename eq &Apache::lonnet::clean_filename($filename)) { + return 1; + } + } + return; +} + +sub invalid_parms { + my ($r,$url,$currentpath) = @_; + my $escpath = &HTML::Entities::encode($currentpath,'&<>"'); + my $rtnlink = ''.&mt('Return to directory').''; + $r->print('

    '.&mt('Action disallowed').'

    '); + $r->print(&mt('Some of the data included with this request were invalid')); + $r->print('
    '.$rtnlink); + return; +} + sub handler { # this handles file management my $r = shift; @@ -2565,7 +2683,7 @@ sub handler { $url = $1.$2; $caller = $2; } - my ($can_modify,$can_delete,$can_upload,$can_setacl); + my ($can_modify,$can_delete,$can_upload,$can_setacl,$can_viewacl); if ($caller eq 'coursegrp_portfolio') { # Needs to be in a course if (! ($env{'request.course.fn'})) { @@ -2609,6 +2727,7 @@ sub handler { $can_delete = 1; $can_upload = 1; $can_setacl = 1; + $can_viewacl = 1; } else { if (&Apache::lonnet::allowed('agf',$env{'request.course.id'}.'/'.$group)) { $can_setacl = 1; @@ -2622,6 +2741,9 @@ sub handler { if (&Apache::lonnet::allowed('dgf',$env{'request.course.id'}.'/'.$group)) { $can_delete = 1; } + if (&Apache::lonnet::allowed('rgf',$env{'request.course.id'}.'/'.$group)) { + $can_viewacl = 1; + } } } else { ($uname,$udom) = &get_name_dom(); @@ -2630,7 +2752,11 @@ sub handler { $can_modify = 1; $can_delete = 1; $can_upload = 1; - $can_setacl = 1; + if (&Apache::lonnet::usertools_access('','','portaccess', + undef,'tools')) { + $can_viewacl = 1; + $can_setacl = 1; + } } my $port_path = &get_port_path(); @@ -2640,16 +2766,19 @@ sub handler { # Give the LON-CAPA page header my $brcrum = [{href=>"/adm/portfolio",text=>"Portfolio Manager"}]; + my $js = ''; + if ($env{"form.mode"} eq 'selectfile'){ - $r->print(&Apache::loncommon::start_page($title,undef, + $r->print(&Apache::loncommon::start_page($title, $js, {'only_body' => 1})); } elsif ($env{'form.action'} eq 'rolepicker') { - $r->print(&Apache::loncommon::start_page('New role-based condition',undef, + $r->print(&Apache::loncommon::start_page('New role-based condition', $js, {'no_nav_bar' => 1, })); } elsif ($caller eq 'coursegrp_portfolio') { - $r->print(&Apache::loncommon::start_page($title)); + $r->print(&Apache::loncommon::start_page($title, $js)); } else { - $r->print(&Apache::loncommon::start_page($title,undef, + $r->print(&Apache::loncommon::start_page($title, $js, {'bread_crumbs' => $brcrum})); if (!&Apache::lonnet::usertools_access($uname,$udom,'portfolio')) { $r->print('

    '.&mt('No user portfolio available') .'

    '. @@ -2663,8 +2792,9 @@ sub handler { } $r->rflush(); # Check if access to portfolio is blocked by one or more blocking events in courses. + my $clientip = &Apache::lonnet::get_requestor_ip($r); my ($blocked,$blocktext) = - &Apache::loncommon::blocking_status('port',$uname,$udom); + &Apache::loncommon::blocking_status('port',$clientip,$uname,$udom); if ($blocked) { my $evade_block; # If portfolio display is in a window popped up from a "Select Portfolio Files" @@ -2699,6 +2829,21 @@ sub handler { return OK; } } + if (($env{'form.currentpath'}) && ($env{'form.currentpath'} ne '/')) { + my $clean_currentpath = '/'.&Apache::loncommon::clean_path($env{'form.currentpath'}).'/'; + unless ($env{'form.currentpath'} eq $clean_currentpath) { + &invalid_parms($r,$url); + $r->print(&Apache::loncommon::end_page()); + return OK; + } + } + if ($env{'form.container'}) { + unless (&valid_container($uname,$udom,$group)) { + &invalid_parms($r,$url,$env{'form.currentpath'}); + $r->print(&Apache::loncommon::end_page()); + return OK; + } + } if (($env{'form.storeupl'}) & (!$env{'form.uploaddoc.filename'})){ $r->print( '

    ' @@ -2792,10 +2937,14 @@ sub handler { } } elsif ($env{'form.access'}) { $env{'form.selectfile'} = $env{'form.access'}; - if (!defined($env{'form.action'})) { + if (!defined($env{'form.action'})) { $env{'form.action'} = 'chgaccess'; } - &display_access($r,$url,$group,$can_setacl,$port_path,$env{'form.action'}); + if (($can_viewacl) || ($can_setacl)) { + &display_access($r,$url,$group,$can_setacl,$can_viewacl,$port_path,$env{'form.action'}); + } else { + &missing_priv($r,$url,'viewacl'); + } } elsif (($env{'form.action'} eq 'chgaccess') || ($env{'form.action'} eq 'chgconditions')) { if ($can_setacl) { @@ -2869,7 +3018,8 @@ sub handler { &display_common($r,$url,$current_path,$is_empty,$dirlistref, $can_upload,$group); &display_directory($r,$url,$current_path,$is_empty,$dirlistref,$group, - $can_upload,$can_modify,$can_delete,$can_setacl); + $can_upload,$can_modify,$can_delete,$can_setacl, + $can_viewacl); } $r->print(&Apache::loncommon::end_page()); return OK;