loncom/lonnet/perl/lonnet.pm - diff

Return to lonnet.pm CVS log

Up to [LON-CAPA] / loncom / lonnet / perl

Diff for /loncom/lonnet/perl/lonnet.pm between versions 1.1199 and 1.1348

version 1.1199, 2012/11/27 23:45:22	version 1.1348, 2017/08/08 15:33:13
Line 71 delayed.	Line 71 delayed.
package Apache::lonnet;	package Apache::lonnet;

use strict;	use strict;
use LWP::UserAgent();
use HTTP::Date;	use HTTP::Date;
use Image::Magick;	use Image::Magick;

Line 92 use GDBM_File;	Line 91 use GDBM_File;
use HTML::LCParser;	use HTML::LCParser;
use Fcntl qw(:flock);	use Fcntl qw(:flock);
use Storable qw(thaw nfreeze);	use Storable qw(thaw nfreeze);
use Time::HiRes qw( gettimeofday tv_interval );	use Time::HiRes qw( sleep gettimeofday tv_interval );
use Cache::Memcached;	use Cache::Memcached;
use Digest::MD5;	use Digest::MD5;
use Math::Random;	use Math::Random;
Line 101 use LONCAPA qw(:DEFAULT :match);	Line 100 use LONCAPA qw(:DEFAULT :match);
use LONCAPA::Configuration;	use LONCAPA::Configuration;
use LONCAPA::lonmetadata;	use LONCAPA::lonmetadata;
use LONCAPA::Lond;	use LONCAPA::Lond;
	use LONCAPA::LWPReq;

use File::Copy;	use File::Copy;

my $readit;	my $readit;
my $max_connection_retries = 10; # Or some such value.	my $max_connection_retries = 20; # Or some such value.

require Exporter;	require Exporter;

Line 229 sub get_server_distarch {	Line 229 sub get_server_distarch {
return;	return;
}	}

	sub get_servercerts_info {
	my ($lonhost,$context) = @_;
	my ($rep,$uselocal);
	if (grep { $_ eq $lonhost } &current_machine_ids()) {
	$uselocal = 1;
	}
	if (($context ne 'cgi') && ($uselocal)) {
	my $distro = (split(/\:/,&get_server_distarch($lonhost)))[0];
	if ($distro eq '') {
	$uselocal = 0;
	} elsif ($distro =~ /^(?:centos\|redhat\|scientific)(\d+)$/) {
	if ($1 < 6) {
	$uselocal = 0;
	}
	} elsif ($distro =~ /^(?:sles)(\d+)$/) {
	if ($1 < 12) {
	$uselocal = 0;
	}
	}
	}
	if ($uselocal) {
	$rep = LONCAPA::Lond::server_certs(\%perlvar);
	} else {
	$rep=&reply('servercerts',$lonhost);
	}
	my ($result,%returnhash);
	if (defined($lonhost)) {
	if (!defined(&hostname($lonhost))) {
	return;
	}
	}
	if (($rep=~/^(refused\|rejected\|error)/) \|\| ($rep eq 'con_lost') \|\|
	($rep eq 'unknown_cmd')) {
	$result = $rep;
	} else {
	$result = 'ok';
	my @pairs=split(/\&/,$rep);
	foreach my $item (@pairs) {
	my ($key,$value)=split(/=/,$item,2);
	my $what = &unescape($key);
	$returnhash{$what}=&thaw_unescape($value);
	}
	}
	return ($result,\%returnhash);
	}

sub get_server_loncaparev {	sub get_server_loncaparev {
my ($dom,$lonhost,$ignore_cache,$caller) = @_;	my ($dom,$lonhost,$ignore_cache,$caller) = @_;
if (defined($lonhost)) {	if (defined($lonhost)) {
Line 263 sub get_server_loncaparev {	Line 309 sub get_server_loncaparev {
$answer = &reply('serverloncaparev',$lonhost);	$answer = &reply('serverloncaparev',$lonhost);
if (($answer eq 'unknown_cmd') \|\| ($answer eq 'con_lost')) {	if (($answer eq 'unknown_cmd') \|\| ($answer eq 'con_lost')) {
if ($caller eq 'loncron') {	if ($caller eq 'loncron') {
my $ua=new LWP::UserAgent;
$ua->timeout(4);
my $protocol = $protocol{$lonhost};	my $protocol = $protocol{$lonhost};
$protocol = 'http' if ($protocol ne 'https');	$protocol = 'http' if ($protocol ne 'https');
my $url = $protocol.'://'.&hostname($lonhost).'/adm/about.html';	my $url = $protocol.'://'.&hostname($lonhost).'/adm/about.html';
my $request=new HTTP::Request('GET',$url);	my $request=new HTTP::Request('GET',$url);
my $response=$ua->request($request);	my $response=&LONCAPA::LWPReq::makerequest($lonhost,$request,'',\%perlvar,4,1);
unless ($response->is_error()) {	unless ($response->is_error()) {
my $content = $response->content;	my $content = $response->content;
if ($content =~ /<p>VERSION\:\s*([\w.\-]+)<\/p>/) {	if ($content =~ /<p>VERSION\:\s*([\w.\-]+)<\/p>/) {
Line 356 sub get_remote_globals {	Line 400 sub get_remote_globals {
}	}

sub remote_devalidate_cache {	sub remote_devalidate_cache {
my ($lonhost,$name,$id) = @_;	my ($lonhost,$cachekeys) = @_;
my $response = &reply('devalidatecache:'.&escape($name).':'.&escape($id),$lonhost);	my $items;
	return unless (ref($cachekeys) eq 'ARRAY');
	my $cachestr = join('&',@{$cachekeys});
	my $response = &reply('devalidatecache:'.&escape($cachestr),$lonhost);
return $response;	return $response;
}	}

Line 372 sub subreply {	Line 419 sub subreply {

my $lockfile=$peerfile.".lock";	my $lockfile=$peerfile.".lock";
while (-e $lockfile) { # Need to wait for the lockfile to disappear.	while (-e $lockfile) { # Need to wait for the lockfile to disappear.
sleep(1);	sleep(0.1);
}	}
# At this point, either a loncnew parent is listening or an old lonc	# At this point, either a loncnew parent is listening or an old lonc
# or loncnew child is listening so we can connect or everything's dead.	# or loncnew child is listening so we can connect or everything's dead.
Line 390 sub subreply {	Line 437 sub subreply {
} else {	} else {
&create_connection(&hostname($server),$server);	&create_connection(&hostname($server),$server);
}	}
sleep(1); # Try again later if failed connection.	sleep(0.1); # Try again later if failed connection.
}	}
my $answer;	my $answer;
if ($client) {	if ($client) {
Line 419 sub reply {	Line 466 sub reply {

sub reconlonc {	sub reconlonc {
my ($lonid) = @_;	my ($lonid) = @_;
my $hostname = &hostname($lonid);
if ($lonid) {	if ($lonid) {
	my $hostname = &hostname($lonid);
my $peerfile="$perlvar{'lonSockDir'}/$hostname";	my $peerfile="$perlvar{'lonSockDir'}/$hostname";
if ($hostname && -e $peerfile) {	if ($hostname && -e $peerfile) {
&logthis("Trying to reconnect lonc for $lonid ($hostname)");	&logthis("Trying to reconnect lonc for $lonid ($hostname)");
Line 445 sub reconlonc {	Line 492 sub reconlonc {
&logthis("lonc at pid $loncpid responding, sending USR1");	&logthis("lonc at pid $loncpid responding, sending USR1");
kill USR1 => $loncpid;	kill USR1 => $loncpid;
sleep 1;	sleep 1;
} else {	} else {
&logthis(	&logthis(
"<font color=\"blue\">WARNING:".	"<font color=\"blue\">WARNING:".
" lonc at pid $loncpid not responding, giving up</font>");	" lonc at pid $loncpid not responding, giving up</font>");
Line 466 sub critical {	Line 513 sub critical {
}	}
my $answer=reply($cmd,$server);	my $answer=reply($cmd,$server);
if ($answer eq 'con_lost') {	if ($answer eq 'con_lost') {
&reconlonc("$perlvar{'lonSockDir'}/$server");	&reconlonc($server);
my $answer=reply($cmd,$server);	my $answer=reply($cmd,$server);
if ($answer eq 'con_lost') {	if ($answer eq 'con_lost') {
my $now=time;	my $now=time;
Line 483 sub critical {	Line 530 sub critical {
close($dfh);	close($dfh);
}	}
}	}
sleep 2;	sleep 1;
my $wcmd='';	my $wcmd='';
{	{
my $dfh;	my $dfh;
Line 603 sub transfer_profile_to_env {	Line 650 sub transfer_profile_to_env {

# ---------------------------------------------------- Check for valid session	# ---------------------------------------------------- Check for valid session
sub check_for_valid_session {	sub check_for_valid_session {
my ($r,$name) = @_;	my ($r,$name,$userhashref) = @_;
my %cookies=CGI::Cookie->parse($r->header_in('Cookie'));	my %cookies=CGI::Cookie->parse($r->header_in('Cookie'));
	my ($linkname,$pubname);
if ($name eq '') {	if ($name eq '') {
$name = 'lonID';	$name = 'lonID';
	$linkname = 'lonLinkID';
	$pubname = 'lonPubID';
}	}
my $lonid=$cookies{$name};	my $lonid=$cookies{$name};
	if (!$lonid) {
	if (($name eq 'lonID') && ($ENV{'SERVER_PORT'} != 443) && ($linkname)) {
	$lonid=$cookies{$linkname};
	}
	if (!$lonid) {
	if (($name eq 'lonID') && ($pubname)) {
	$lonid=$cookies{$pubname};
	}
	}
	}
return undef if (!$lonid);	return undef if (!$lonid);

my $handle=&LONCAPA::clean_handle($lonid->value);	my $handle=&LONCAPA::clean_handle($lonid->value);
Line 634 sub check_for_valid_session {	Line 694 sub check_for_valid_session {
\|\| !defined($disk_env{'user.domain'})) {	\|\| !defined($disk_env{'user.domain'})) {
return undef;	return undef;
}	}

	if (ref($userhashref) eq 'HASH') {
	$userhashref->{'name'} = $disk_env{'user.name'};
	$userhashref->{'domain'} = $disk_env{'user.domain'};
	}

return $handle;	return $handle;
}	}

Line 667 sub appenv {	Line 733 sub appenv {
if (($key =~ /^user\.role/) \|\| ($key =~ /^user\.priv/)) {	if (($key =~ /^user\.role/) \|\| ($key =~ /^user\.priv/)) {
$refused = 1;	$refused = 1;
if (ref($roles) eq 'ARRAY') {	if (ref($roles) eq 'ARRAY') {
my ($type,$role) = ($key =~ /^user\.(role\|priv)\.([^.]+)\./);	my ($type,$role) = ($key =~ m{^user\.(role\|priv)\.(.+?)\./});
if (grep(/^\Q$role\E$/,@{$roles})) {	if (grep(/^\Q$role\E$/,@{$roles})) {
$refused = 0;	$refused = 0;
}	}
Line 840 sub spareserver {	Line 906 sub spareserver {
if (ref($spareshash) eq 'HASH') {	if (ref($spareshash) eq 'HASH') {
if (ref($spareshash->{'primary'}) eq 'ARRAY') {	if (ref($spareshash->{'primary'}) eq 'ARRAY') {
foreach my $try_server (@{ $spareshash->{'primary'} }) {	foreach my $try_server (@{ $spareshash->{'primary'} }) {
if ($uint_dom) {	next unless (&spare_can_host($udom,$uint_dom,$remotesessions,
next unless (&spare_can_host($udom,$uint_dom,$remotesessions,	$try_server));
$try_server));
}
($spare_server, $lowest_load) =	($spare_server, $lowest_load) =
&compare_server_load($try_server, $spare_server, $lowest_load);	&compare_server_load($try_server, $spare_server, $lowest_load);
}	}
Line 854 sub spareserver {	Line 918 sub spareserver {
if (!$found_server) {	if (!$found_server) {
if (ref($spareshash->{'default'}) eq 'ARRAY') {	if (ref($spareshash->{'default'}) eq 'ARRAY') {
foreach my $try_server (@{ $spareshash->{'default'} }) {	foreach my $try_server (@{ $spareshash->{'default'} }) {
if ($uint_dom) {	next unless (&spare_can_host($udom,$uint_dom,
next unless (&spare_can_host($udom,$uint_dom,	$remotesessions,$try_server));
$remotesessions,$try_server));
}
($spare_server, $lowest_load) =	($spare_server, $lowest_load) =
&compare_server_load($try_server, $spare_server, $lowest_load);	&compare_server_load($try_server, $spare_server, $lowest_load);
}	}
Line 881 sub spareserver {	Line 943 sub spareserver {
}	}

sub compare_server_load {	sub compare_server_load {
my ($try_server, $spare_server, $lowest_load) = @_;	my ($try_server, $spare_server, $lowest_load, $required) = @_;

	if ($required) {
	my ($reqdmajor,$reqdminor) = ($required =~ /^(\d+)\.(\d+)$/);
	my $remoterev = &get_server_loncaparev(undef,$try_server);
	my ($major,$minor) = ($remoterev =~ /^\'?(\d+)\.(\d+)\.[\w.\-]+\'?$/);
	if (($major eq '' && $minor eq '') \|\|
	(($reqdmajor > $major) \|\| (($reqdmajor == $major) && ($reqdminor > $minor)))) {
	return ($spare_server,$lowest_load);
	}
	}

my $loadans = &reply('load', $try_server);	my $loadans = &reply('load', $try_server);
my $userloadans = &reply('userload',$try_server);	my $userloadans = &reply('userload',$try_server);
Line 942 sub has_user_session {	Line 1014 sub has_user_session {
# --------- determine least loaded server in a user's domain which allows login	# --------- determine least loaded server in a user's domain which allows login

sub choose_server {	sub choose_server {
my ($udom,$checkloginvia) = @_;	my ($udom,$checkloginvia,$required,$skiploadbal) = @_;
my %domconfhash = &Apache::loncommon::get_domainconf($udom);	my %domconfhash = &Apache::loncommon::get_domainconf($udom);
my %servers = &get_servers($udom);	my %servers = &get_servers($udom);
my $lowest_load = 30000;	my $lowest_load = 30000;
my ($login_host,$hostname,$portal_path,$isredirect);	my ($login_host,$hostname,$portal_path,$isredirect,$balancers);
	if ($skiploadbal) {
	($balancers,my $cached)=&is_cached_new('loadbalancing',$udom);
	unless (defined($cached)) {
	my $cachetime = 606024;
	my %domconfig =
	&Apache::lonnet::get_dom('configuration',['loadbalancing'],$udom);
	if (ref($domconfig{'loadbalancing'}) eq 'HASH') {
	$balancers = &do_cache_new('loadbalancing',$udom,$domconfig{'loadbalancing'},
	$cachetime);
	}
	}
	}
foreach my $lonhost (keys(%servers)) {	foreach my $lonhost (keys(%servers)) {
	if ($skiploadbal) {
	if (ref($balancers) eq 'HASH') {
	next if (exists($balancers->{$lonhost}));
	}
	}
my $loginvia;	my $loginvia;
if ($checkloginvia) {	if ($checkloginvia) {
$loginvia = $domconfhash{$udom.'.login.loginvia_'.$lonhost};	$loginvia = $domconfhash{$udom.'.login.loginvia_'.$lonhost};
if ($loginvia) {	if ($loginvia) {
my ($server,$path) = split(/:/,$loginvia);	my ($server,$path) = split(/:/,$loginvia);
($login_host, $lowest_load) =	($login_host, $lowest_load) =
&compare_server_load($server, $login_host, $lowest_load);	&compare_server_load($server, $login_host, $lowest_load, $required);
if ($login_host eq $server) {	if ($login_host eq $server) {
$portal_path = $path;	$portal_path = $path;
$isredirect = 1;	$isredirect = 1;
}	}
} else {	} else {
($login_host, $lowest_load) =	($login_host, $lowest_load) =
&compare_server_load($lonhost, $login_host, $lowest_load);	&compare_server_load($lonhost, $login_host, $lowest_load, $required);
if ($login_host eq $lonhost) {	if ($login_host eq $lonhost) {
$portal_path = '';	$portal_path = '';
$isredirect = '';	$isredirect = '';
Line 969 sub choose_server {	Line 1058 sub choose_server {
}	}
} else {	} else {
($login_host, $lowest_load) =	($login_host, $lowest_load) =
&compare_server_load($lonhost, $login_host, $lowest_load);	&compare_server_load($lonhost, $login_host, $lowest_load, $required);
}	}
}	}
if ($login_host ne '') {	if ($login_host ne '') {
$hostname = &hostname($login_host);	$hostname = &hostname($login_host);
}	}
return ($login_host,$hostname,$portal_path,$isredirect);	return ($login_host,$hostname,$portal_path,$isredirect,$lowest_load);
}	}

# --------------------------------------------- Try to change a user's password	# --------------------------------------------- Try to change a user's password
Line 1142 sub can_host_session {	Line 1231 sub can_host_session {
sub spare_can_host {	sub spare_can_host {
my ($udom,$uint_dom,$remotesessions,$try_server)=@_;	my ($udom,$uint_dom,$remotesessions,$try_server)=@_;
my $canhost=1;	my $canhost=1;
my @intdoms;	my $try_server_hostname = &hostname($try_server);
my $internet_names = &Apache::lonnet::get_internet_names($try_server);	my $serverhomeID = &get_server_homeID($try_server_hostname);
if (ref($internet_names) eq 'ARRAY') {	my $serverhomedom = &host_domain($serverhomeID);
@intdoms = @{$internet_names};	my %defdomdefaults = &get_domain_defaults($serverhomedom);
}	if (ref($defdomdefaults{'offloadnow'}) eq 'HASH') {
unless (grep(/^\Q$uint_dom\E$/,@intdoms)) {	if ($defdomdefaults{'offloadnow'}{$try_server}) {
my $serverhomeID = &Apache::lonnet::get_server_homeID($try_server);	$canhost = 0;
my $serverhomedom = &Apache::lonnet::host_domain($serverhomeID);	}
my %defdomdefaults = &Apache::lonnet::get_domain_defaults($serverhomedom);	}
my $remoterev = &Apache::lonnet::get_server_loncaparev(undef,$try_server);	if (($canhost) && ($uint_dom)) {
$canhost = &can_host_session($udom,$try_server,$remoterev,	my @intdoms;
$remotesessions,	my $internet_names = &get_internet_names($try_server);
$defdomdefaults{'hostedsessions'});	if (ref($internet_names) eq 'ARRAY') {
	@intdoms = @{$internet_names};
	}
	unless (grep(/^\Q$uint_dom\E$/,@intdoms)) {
	my $remoterev = &get_server_loncaparev(undef,$try_server);
	$canhost = &can_host_session($udom,$try_server,$remoterev,
	$remotesessions,
	$defdomdefaults{'hostedsessions'});
	}
}	}
return $canhost;	return $canhost;
}	}
Line 1239 sub get_lonbalancer_config {	Line 1336 sub get_lonbalancer_config {
}	}

sub check_loadbalancing {	sub check_loadbalancing {
my ($uname,$udom) = @_;	my ($uname,$udom,$caller) = @_;
my ($is_balancer,$currtargets,$currrules,$dom_in_use,$homeintdom,	my ($is_balancer,$currtargets,$currrules,$dom_in_use,$homeintdom,
$rule_in_effect,$offloadto,$otherserver);	$rule_in_effect,$offloadto,$otherserver);
my $lonhost = $perlvar{'lonHostID'};	my $lonhost = $perlvar{'lonHostID'};
Line 1248 sub check_loadbalancing {	Line 1345 sub check_loadbalancing {
my $uintdom = &Apache::lonnet::internet_dom($uprimary_id);	my $uintdom = &Apache::lonnet::internet_dom($uprimary_id);
my $intdom = &Apache::lonnet::internet_dom($lonhost);	my $intdom = &Apache::lonnet::internet_dom($lonhost);
my $serverhomedom = &host_domain($lonhost);	my $serverhomedom = &host_domain($lonhost);
	my $domneedscache;
my $cachetime = 606024;	my $cachetime = 606024;

if (($uintdom ne '') && ($uintdom eq $intdom)) {	if (($uintdom ne '') && ($uintdom eq $intdom)) {
Line 1263 sub check_loadbalancing {	Line 1360 sub check_loadbalancing {
&Apache::lonnet::get_dom('configuration',['loadbalancing'],$dom_in_use);	&Apache::lonnet::get_dom('configuration',['loadbalancing'],$dom_in_use);
if (ref($domconfig{'loadbalancing'}) eq 'HASH') {	if (ref($domconfig{'loadbalancing'}) eq 'HASH') {
$result = &do_cache_new('loadbalancing',$dom_in_use,$domconfig{'loadbalancing'},$cachetime);	$result = &do_cache_new('loadbalancing',$dom_in_use,$domconfig{'loadbalancing'},$cachetime);
	} else {
	$domneedscache = $dom_in_use;
}	}
}	}
if (ref($result) eq 'HASH') {	if (ref($result) eq 'HASH') {
Line 1316 sub check_loadbalancing {	Line 1415 sub check_loadbalancing {
}	}
}	}
} elsif (($homeintdom) && ($udom ne $serverhomedom)) {	} elsif (($homeintdom) && ($udom ne $serverhomedom)) {
my ($result,$cached)=&is_cached_new('loadbalancing',$serverhomedom);	($result,$cached)=&is_cached_new('loadbalancing',$serverhomedom);
unless (defined($cached)) {	unless (defined($cached)) {
my %domconfig =	my %domconfig =
&Apache::lonnet::get_dom('configuration',['loadbalancing'],$serverhomedom);	&Apache::lonnet::get_dom('configuration',['loadbalancing'],$serverhomedom);
if (ref($domconfig{'loadbalancing'}) eq 'HASH') {	if (ref($domconfig{'loadbalancing'}) eq 'HASH') {
$result = &do_cache_new('loadbalancing',$dom_in_use,$domconfig{'loadbalancing'},$cachetime);	$result = &do_cache_new('loadbalancing',$serverhomedom,$domconfig{'loadbalancing'},$cachetime);
	} else {
	$domneedscache = $serverhomedom;
}	}
}	}
if (ref($result) eq 'HASH') {	if (ref($result) eq 'HASH') {
Line 1341 sub check_loadbalancing {	Line 1442 sub check_loadbalancing {
$is_balancer = 1;	$is_balancer = 1;
$offloadto = &this_host_spares($dom_in_use);	$offloadto = &this_host_spares($dom_in_use);
}	}
	unless (defined($cached)) {
	$domneedscache = $serverhomedom;
	}
}	}
} else {	} else {
if ($perlvar{'lonBalancer'} eq 'yes') {	if ($perlvar{'lonBalancer'} eq 'yes') {
$is_balancer = 1;	$is_balancer = 1;
$offloadto = &this_host_spares($dom_in_use);	$offloadto = &this_host_spares($dom_in_use);
}	}
	unless (defined($cached)) {
	$domneedscache = $serverhomedom;
	}
	}
	if ($domneedscache) {
	&do_cache_new('loadbalancing',$domneedscache,$is_balancer,$cachetime);
}	}
if ($is_balancer) {	if ($is_balancer) {
my $lowest_load = 30000;	my $lowest_load = 30000;
Line 1377 sub check_loadbalancing {	Line 1487 sub check_loadbalancing {
}	}
}	}
}	}
if (($otherserver ne '') && (grep(/^\Q$otherserver\E$/,@hosts))) {	unless ($caller eq 'login') {
$is_balancer = 0;	if (($otherserver ne '') && (grep(/^\Q$otherserver\E$/,@hosts))) {
if ($uname ne '' && $udom ne '') {	$is_balancer = 0;
if (($env{'user.name'} eq $uname) && ($env{'user.domain'} eq $udom)) {	if ($uname ne '' && $udom ne '') {
	if (($env{'user.name'} eq $uname) && ($env{'user.domain'} eq $udom)) {

&appenv({'user.loadbalexempt' => $lonhost,	&appenv({'user.loadbalexempt' => $lonhost,
'user.loadbalcheck.time' => time});	'user.loadbalcheck.time' => time});
	}
}	}
}	}
}	}
Line 1486 sub internet_dom_servers {	Line 1598 sub internet_dom_servers {
return %uniqservers;	return %uniqservers;
}	}

	sub trusted_domains {
	my ($cmdtype,$calldom) = @_;
	my (%trusted,%untrusted);
	if (&domain($calldom) eq '') {
	return (\%trusted,\%untrusted);
	}
	unless ($cmdtype =~ /^(content\|shared\|enroll\|coaurem\|domroles\|catalog\|reqcrs\|msg)$/) {
	return (\%trusted,\%untrusted);
	}
	my $callprimary = &domain($calldom,'primary');
	my $intcalldom = &Apache::lonnet::internet_dom($callprimary);
	if ($intcalldom eq '') {
	return (\%trusted,\%untrusted);
	}

	my ($trustconfig,$cached)=&Apache::lonnet::is_cached_new('trust',$calldom);
	unless (defined($cached)) {
	my %domconfig = &Apache::lonnet::get_dom('configuration',['trust'],$calldom);
	&Apache::lonnet::do_cache_new('trust',$calldom,$domconfig{'trust'},3600);
	$trustconfig = $domconfig{'trust'};
	}
	if (ref($trustconfig)) {
	my (%possexc,%possinc,@allexc,@allinc);
	if (ref($trustconfig->{$cmdtype}) eq 'HASH') {
	if (ref($trustconfig->{$cmdtype}->{'exc'}) eq 'ARRAY') {
	map { $possexc{$_} = 1; } @{$trustconfig->{$cmdtype}->{'exc'}};
	}
	if (ref($trustconfig->{$cmdtype}->{'inc'}) eq 'ARRAY') {
	map { $possinc{$_} = 1; } @{$trustconfig->{$cmdtype}->{'inc'}};
	}
	}
	if (keys(%possexc)) {
	if (keys(%possinc)) {
	foreach my $key (sort(keys(%possexc))) {
	next if ($key eq $intcalldom);
	unless ($possinc{$key}) {
	push(@allexc,$key);
	}
	}
	} else {
	@allexc = sort(keys(%possexc));
	}
	}
	if (keys(%possinc)) {
	$possinc{$intcalldom} = 1;
	@allinc = sort(keys(%possinc));
	}
	if ((@allexc > 0) \|\| (@allinc > 0)) {
	my %doms_by_intdom;
	my %allintdoms = &all_host_intdom();
	my %alldoms = &all_host_domain();
	foreach my $key (%allintdoms) {
	if (ref($doms_by_intdom{$allintdoms{$key}}) eq 'ARRAY') {
	unless (grep(/^\Q$alldoms{$key}\E$/,@{$doms_by_intdom{$allintdoms{$key}}})) {
	push(@{$doms_by_intdom{$allintdoms{$key}}},$alldoms{$key});
	}
	} else {
	$doms_by_intdom{$allintdoms{$key}} = [$alldoms{$key}];
	}
	}
	foreach my $exc (@allexc) {
	if (ref($doms_by_intdom{$exc}) eq 'ARRAY') {
	map { $untrusted{$_}; } @{$doms_by_intdom{$exc}};
	}
	}
	foreach my $inc (@allinc) {
	if (ref($doms_by_intdom{$inc}) eq 'ARRAY') {
	map { $trusted{$_}; } @{$doms_by_intdom{$inc}};
	}
	}
	}
	}
	return(\%trusted,\%untrusted);
	}

	sub will_trust {
	my ($cmdtype,$domain,$possdom) = @_;
	return 1 if ($domain eq $possdom);
	my ($trustedref,$untrustedref) = &trusted_domains($cmdtype,$possdom);
	my $willtrust;
	if ((ref($trustedref) eq 'ARRAY') && (@{$trustedref} > 0)) {
	if (grep(/^\Q$domain\E$/,@{$trustedref})) {
	$willtrust = 1;
	}
	} elsif ((ref($untrustedref) eq 'ARRAY') && (@{$untrustedref} > 0)) {
	unless (grep(/^\Q$domain\E$/,@{$untrustedref})) {
	$willtrust = 1;
	}
	} else {
	$willtrust = 1;
	}
	return $willtrust;
	}

# ---------------------- Find the homebase for a user from domain's lib servers	# ---------------------- Find the homebase for a user from domain's lib servers

my %homecache;	my %homecache;
Line 1511 sub homeserver {	Line 1717 sub homeserver {
return 'no_host';	return 'no_host';
}	}

# ------------------------------------- Find the usernames behind a list of IDs	# ----- Find the usernames behind a list of student/employee IDs or clicker IDs

sub idget {	sub idget {
my ($udom,@ids)=@_;	my ($udom,$idsref,$namespace)=@_;
my %returnhash=();	my %returnhash=();
	my @ids=();
	if (ref($idsref) eq 'ARRAY') {
	@ids = @{$idsref};
	} else {
	return %returnhash;
	}
	if ($namespace eq '') {
	$namespace = 'ids';
	}

my %servers = &get_servers($udom,'library');	my %servers = &get_servers($udom,'library');
foreach my $tryserver (keys(%servers)) {	foreach my $tryserver (keys(%servers)) {
my $idlist=join('&',@ids);	my $idlist=join('&', map { &escape($_); } @ids);
$idlist=~tr/A-Z/a-z/;	if ($namespace eq 'ids') {
my $reply=&reply("idget:$udom:".$idlist,$tryserver);	$idlist=~tr/A-Z/a-z/;
	}
	my $reply;
	if ($namespace eq 'ids') {
	$reply=&reply("idget:$udom:".$idlist,$tryserver);
	} else {
	$reply=&reply("getdom:$udom:$namespace:$idlist",$tryserver);
	}
my @answer=();	my @answer=();
if (($reply ne 'con_lost') && ($reply!~/^error\:/)) {	if (($reply ne 'con_lost') && ($reply!~/^error\:/)) {
@answer=split(/\&/,$reply);	@answer=split(/\&/,$reply);
Line 1529 sub idget {	Line 1751 sub idget {
my $i;	my $i;
for ($i=0;$i<=$#ids;$i++) {	for ($i=0;$i<=$#ids;$i++) {
if ($answer[$i]) {	if ($answer[$i]) {
$returnhash{$ids[$i]}=$answer[$i];	$returnhash{$ids[$i]}=&unescape($answer[$i]);
}	}
}	}
}	}
return %returnhash;	return %returnhash;
}	}

Line 1547 sub idrget {	Line 1769 sub idrget {
return %returnhash;	return %returnhash;
}	}

# ------------------------------- Store away a list of names and associated IDs	# Store away a list of names and associated student/employee IDs or clicker IDs

sub idput {	sub idput {
my ($udom,%ids)=@_;	my ($udom,$idsref,$uhom,$namespace)=@_;
my %servers=();	my %servers=();
	my %ids=();
	my %byid = ();
	if (ref($idsref) eq 'HASH') {
	%ids=%{$idsref};
	}
	if ($namespace eq '') {
	$namespace = 'ids';
	}
foreach my $uname (keys(%ids)) {	foreach my $uname (keys(%ids)) {
&cput('environment',{'id'=>$ids{$uname}},$udom,$uname);	&cput('environment',{'id'=>$ids{$uname}},$udom,$uname);
my $uhom=&homeserver($uname,$udom);	if ($uhom eq '') {
	$uhom=&homeserver($uname,$udom);
	}
if ($uhom ne 'no_host') {	if ($uhom ne 'no_host') {
my $id=&escape($ids{$uname});
$id=~tr/A-Z/a-z/;
my $esc_unam=&escape($uname);	my $esc_unam=&escape($uname);
if ($servers{$uhom}) {	if ($namespace eq 'ids') {
$servers{$uhom}.='&'.$id.'='.$esc_unam;	my $id=&escape($ids{$uname});
	$id=~tr/A-Z/a-z/;
	my $esc_unam=&escape($uname);
	$servers{$uhom}.=$id.'='.$esc_unam.'&';
} else {	} else {
$servers{$uhom}=$id.'='.$esc_unam;	my @currids = split(/,/,$ids{$uname});
	foreach my $id (@currids) {
	$byid{$uhom}{$id} .= $uname.',';
	}
	}
	}
	}
	if ($namespace eq 'clickers') {
	foreach my $server (keys(%byid)) {
	if (ref($byid{$server}) eq 'HASH') {
	foreach my $id (keys(%{$byid{$server}})) {
	$byid{$server} =~ s/,$//;
	$servers{$uhom}.=&escape($id).'='.&escape($byid{$server}).'&';
	}
}	}
}	}
}	}
foreach my $server (keys(%servers)) {	foreach my $server (keys(%servers)) {
&critical('idput:'.$udom.':'.$servers{$server},$server);	$servers{$server} =~ s/\&$//;
	if ($namespace eq 'ids') {
	&critical('idput:'.$udom.':'.$servers{$server},$server);
	} else {
	&critical('updateclickers:'.$udom.':add:'.$servers{$server},$server);
	}
	}
	}

	# ------------- Delete unwanted student/employee IDs or clicker IDs from domain

	sub iddel {
	my ($udom,$idshashref,$uhome,$namespace)=@_;
	my %result=();
	my %ids=();
	my %byid = ();
	if (ref($idshashref) eq 'HASH') {
	%ids=%{$idshashref};
	} else {
	return %result;
	}
	if ($namespace eq '') {
	$namespace = 'ids';
	}
	my %servers=();
	while (my ($id,$unamestr) = each(%ids)) {
	if ($namespace eq 'ids') {
	my $uhom = $uhome;
	if ($uhom eq '') {
	$uhom=&homeserver($unamestr,$udom);
	}
	if ($uhom ne 'no_host') {
	$servers{$uhom}.='&'.&escape($id);
	}
	} else {
	my @curritems = split(/,/,$ids{$id});
	foreach my $uname (@curritems) {
	my $uhom = $uhome;
	if ($uhom eq '') {
	$uhom=&homeserver($uname,$udom);
	}
	if ($uhom ne 'no_host') {
	$byid{$uhom}{$id} .= $uname.',';
	}
	}
	}
	}
	if ($namespace eq 'clickers') {
	foreach my $server (keys(%byid)) {
	if (ref($byid{$server}) eq 'HASH') {
	foreach my $id (keys(%{$byid{$server}})) {
	$byid{$server}{$id} =~ s/,$//;
	$servers{$server}.=&escape($id).'='.&escape($byid{$server}{$id}).'&';
	}
	}
	}
	}
	foreach my $server (keys(%servers)) {
	$servers{$server} =~ s/\&$//;
	if ($namespace eq 'ids') {
	$result{$server} = &critical('iddel:'.$udom.':'.$servers{$server},$uhome);
	} elsif ($namespace eq 'clickers') {
	$result{$server} = &critical('updateclickers:'.$udom.':del:'.$servers{$server},$server);
	}
	}
	return %result;
	}

	# ----- Update clicker ID-to-username look-ups in clickers.db on library server

	sub updateclickers {
	my ($udom,$action,$idshashref,$uhome,$critical) = @_;
	my %clickers;
	if (ref($idshashref) eq 'HASH') {
	%clickers=%{$idshashref};
	} else {
	return;
	}
	my $items='';
	foreach my $item (keys(%clickers)) {
	$items.=&escape($item).'='.&escape($clickers{$item}).'&';
	}
	$items=~s/\&$//;
	my $request = "updateclickers:$udom:$action:$items";
	if ($critical) {
	return &critical($request,$uhome);
	} else {
	return &reply($request,$uhome);
}	}
}	}

Line 1586 sub dump_dom {	Line 1919 sub dump_dom {

sub get_dom {	sub get_dom {
my ($namespace,$storearr,$udom,$uhome)=@_;	my ($namespace,$storearr,$udom,$uhome)=@_;
	return if ($udom eq 'public');
my $items='';	my $items='';
foreach my $item (@$storearr) {	foreach my $item (@$storearr) {
$items.=&escape($item).'&';	$items.=&escape($item).'&';
Line 1593 sub get_dom {	Line 1927 sub get_dom {
$items=~s/\&$//;	$items=~s/\&$//;
if (!$udom) {	if (!$udom) {
$udom=$env{'user.domain'};	$udom=$env{'user.domain'};
	return if ($udom eq 'public');
if (defined(&domain($udom,'primary'))) {	if (defined(&domain($udom,'primary'))) {
$uhome=&domain($udom,'primary');	$uhome=&domain($udom,'primary');
} else {	} else {
Line 1606 sub get_dom {	Line 1941 sub get_dom {
}	}
}	}
if ($udom && $uhome && ($uhome ne 'no_host')) {	if ($udom && $uhome && ($uhome ne 'no_host')) {
my $rep=&reply("getdom:$udom:$namespace:$items",$uhome);	my $rep;
	if ($namespace =~ /^enc/) {
	$rep=&reply("encrypt:egetdom:$udom:$namespace:$items",$uhome);
	} else {
	$rep=&reply("getdom:$udom:$namespace:$items",$uhome);
	}
my %returnhash;	my %returnhash;
if ($rep eq '' \|\| $rep =~ /^error: 2 /) {	if ($rep eq '' \|\| $rep =~ /^error: 2 /) {
return %returnhash;	return %returnhash;
Line 1650 sub put_dom {	Line 1990 sub put_dom {
$items.=&escape($item).'='.&freeze_escape($$storehash{$item}).'&';	$items.=&escape($item).'='.&freeze_escape($$storehash{$item}).'&';
}	}
$items=~s/\&$//;	$items=~s/\&$//;
return &reply("putdom:$udom:$namespace:$items",$uhome);	if ($namespace =~ /^enc/) {
	return &reply("encrypt:putdom:$udom:$namespace:$items",$uhome);
	} else {
	return &reply("putdom:$udom:$namespace:$items",$uhome);
	}
} else {	} else {
&logthis("put_dom failed - no homeserver and/or domain");	&logthis("put_dom failed - no homeserver and/or domain");
}	}
Line 1696 sub retrieve_inst_usertypes {	Line 2040 sub retrieve_inst_usertypes {
my %domdefs = &Apache::lonnet::get_domain_defaults($udom);	my %domdefs = &Apache::lonnet::get_domain_defaults($udom);
if ((ref($domdefs{'inststatustypes'}) eq 'HASH') &&	if ((ref($domdefs{'inststatustypes'}) eq 'HASH') &&
(ref($domdefs{'inststatusorder'}) eq 'ARRAY')) {	(ref($domdefs{'inststatusorder'}) eq 'ARRAY')) {
%returnhash = %{$domdefs{'inststatustypes'}};	return ($domdefs{'inststatustypes'},$domdefs{'inststatusorder'});
@order = @{$domdefs{'inststatusorder'}};
} else {	} else {
if (defined(&domain($udom,'primary'))) {	if (defined(&domain($udom,'primary'))) {
my $uhome=&domain($udom,'primary');	my $uhome=&domain($udom,'primary');
my $rep=&reply("inst_usertypes:$udom",$uhome);	my $rep=&reply("inst_usertypes:$udom",$uhome);
if ($rep =~ /^(con_lost\|error\|no_such_host\|refused)/) {	if ($rep =~ /^(con_lost\|error\|no_such_host\|refused)/) {
&logthis("get_dom failed - $rep returned from $uhome in domain: $udom");	&logthis("retrieve_inst_usertypes failed - $rep returned from $uhome in domain: $udom");
return (\%returnhash,\@order);	return (\%returnhash,\@order);
}	}
my ($hashitems,$orderitems) = split(/:/,$rep);	my ($hashitems,$orderitems) = split(/:/,$rep);
Line 1719 sub retrieve_inst_usertypes {	Line 2062 sub retrieve_inst_usertypes {
push(@order,&unescape($item));	push(@order,&unescape($item));
}	}
} else {	} else {
&logthis("get_dom failed - no primary domain server for $udom");	&logthis("retrieve_inst_usertypes failed - no primary domain server for $udom");
}	}
	return (\%returnhash,\@order);
}	}
return (\%returnhash,\@order);
}	}

sub is_domainimage {	sub is_domainimage {
my ($url) = @_;	my ($url) = @_;
if ($url=~m-^/+res/+($match_domain)/+\1\-domainconfig/+(img\|logo\|domlogo)/+-) {	if ($url=~m-^/+res/+($match_domain)/+\1\-domainconfig/+(img\|logo\|domlogo)/+[^/]-) {
if (&domain($1) ne '') {	if (&domain($1) ne '') {
return '1';	return '1';
}	}
Line 1748 sub inst_directory_query {	Line 2091 sub inst_directory_query {
&escape($srch->{'srchtype'}),$homeserver);	&escape($srch->{'srchtype'}),$homeserver);
my $host=&hostname($homeserver);	my $host=&hostname($homeserver);
if ($queryid !~/^\Q$host\E\_/) {	if ($queryid !~/^\Q$host\E\_/) {
&logthis('instituional directory search invalid queryid: '.$queryid.' for host: '.$homeserver.'in domain '.$udom);	&logthis('institutional directory search invalid queryid: '.$queryid.' for host: '.$homeserver.' in domain '.$udom);
return;	return;
}	}
my $response = &get_query_reply($queryid);	my $response = &get_query_reply($queryid);
Line 1868 sub get_instuser {	Line 2211 sub get_instuser {
return ($outcome,%userinfo);	return ($outcome,%userinfo);
}	}

	sub get_multiple_instusers {
	my ($udom,$users,$caller) = @_;
	my ($outcome,$results);
	if (ref($users) eq 'HASH') {
	my $count = keys(%{$users});
	my $requested = &freeze_escape($users);
	my $homeserver = &domain($udom,'primary');
	if ($homeserver ne '') {
	my $queryid=&reply('querysend:getmultinstusers:::'.$caller.'='.$requested,$homeserver);
	my $host=&hostname($homeserver);
	if ($queryid !~/^\Q$host\E\_/) {
	&logthis('get_multiple_instusers invalid queryid: '.$queryid.
	' for host: '.$homeserver.'in domain '.$udom);
	return ($outcome,$results);
	}
	my $response = &get_query_reply($queryid);
	my $maxtries = 5;
	if ($count > 100) {
	$maxtries = 1+int($count/20);
	}
	my $tries = 1;
	while (($response=~/^timeout/) && ($tries <= $maxtries)) {
	$response = &get_query_reply($queryid);
	$tries ++;
	}
	if ($response eq '') {
	$results = {};
	foreach my $key (keys(%{$users})) {
	my ($uname,$id);
	if ($caller eq 'id') {
	$id = $key;
	} else {
	$uname = $key;
	}
	my ($resp,%info) = &get_instuser($udom,$uname,$id);
	$outcome = $resp;
	if ($resp eq 'ok') {
	%{$results} = (%{$results}, %info);
	} else {
	last;
	}
	}
	} elsif(!&error($response) && ($response ne 'refused')) {
	if (($response eq 'unavailable') \|\| ($response eq 'invalid') \|\| ($response eq 'timeout')) {
	$outcome = $response;
	} else {
	($outcome,my $userdata) = split(/=/,$response,2);
	if ($outcome eq 'ok') {
	$results = &thaw_unescape($userdata);
	}
	}
	}
	}
	}
	return ($outcome,$results);
	}

sub inst_rulecheck {	sub inst_rulecheck {
my ($udom,$uname,$id,$item,$rules) = @_;	my ($udom,$uname,$id,$item,$rules) = @_;
my %returnhash;	my %returnhash;
Line 1947 sub inst_userrules {	Line 2347 sub inst_userrules {
# ------------- Get Authentication, Language and User Tools Defaults for Domain	# ------------- Get Authentication, Language and User Tools Defaults for Domain

sub get_domain_defaults {	sub get_domain_defaults {
my ($domain) = @_;	my ($domain,$ignore_cache) = @_;
	return if (($domain eq '') \|\| ($domain eq 'public'));
my $cachetime = 606024;	my $cachetime = 606024;
my ($result,$cached)=&is_cached_new('domdefaults',$domain);	unless ($ignore_cache) {
if (defined($cached)) {	my ($result,$cached)=&is_cached_new('domdefaults',$domain);
if (ref($result) eq 'HASH') {	if (defined($cached)) {
return %{$result};	if (ref($result) eq 'HASH') {
	return %{$result};
	}
}	}
}	}
my %domdefaults;	my %domdefaults;
Line 1960 sub get_domain_defaults {	Line 2363 sub get_domain_defaults {
&Apache::lonnet::get_dom('configuration',['defaults','quotas',	&Apache::lonnet::get_dom('configuration',['defaults','quotas',
'requestcourses','inststatus',	'requestcourses','inststatus',
'coursedefaults','usersessions',	'coursedefaults','usersessions',
'requestauthor'],$domain);	'requestauthor','selfenrollment',
	'coursecategories','ssl','autoenroll',
	'trust','helpsettings'],$domain);
	my @coursetypes = ('official','unofficial','community','textbook','placement');
if (ref($domconfig{'defaults'}) eq 'HASH') {	if (ref($domconfig{'defaults'}) eq 'HASH') {
$domdefaults{'lang_def'} = $domconfig{'defaults'}{'lang_def'};	$domdefaults{'lang_def'} = $domconfig{'defaults'}{'lang_def'};
$domdefaults{'auth_def'} = $domconfig{'defaults'}{'auth_def'};	$domdefaults{'auth_def'} = $domconfig{'defaults'}{'auth_def'};
Line 1968 sub get_domain_defaults {	Line 2374 sub get_domain_defaults {
$domdefaults{'timezone_def'} = $domconfig{'defaults'}{'timezone_def'};	$domdefaults{'timezone_def'} = $domconfig{'defaults'}{'timezone_def'};
$domdefaults{'datelocale_def'} = $domconfig{'defaults'}{'datelocale_def'};	$domdefaults{'datelocale_def'} = $domconfig{'defaults'}{'datelocale_def'};
$domdefaults{'portal_def'} = $domconfig{'defaults'}{'portal_def'};	$domdefaults{'portal_def'} = $domconfig{'defaults'}{'portal_def'};
	$domdefaults{'intauth_cost'} = $domconfig{'defaults'}{'intauth_cost'};
	$domdefaults{'intauth_switch'} = $domconfig{'defaults'}{'intauth_switch'};
	$domdefaults{'intauth_check'} = $domconfig{'defaults'}{'intauth_check'};
} else {	} else {
$domdefaults{'lang_def'} = &domain($domain,'lang_def');	$domdefaults{'lang_def'} = &domain($domain,'lang_def');
$domdefaults{'auth_def'} = &domain($domain,'auth_def');	$domdefaults{'auth_def'} = &domain($domain,'auth_def');
Line 1978 sub get_domain_defaults {	Line 2387 sub get_domain_defaults {
$domdefaults{'defaultquota'} = $domconfig{'quotas'}{'defaultquota'};	$domdefaults{'defaultquota'} = $domconfig{'quotas'}{'defaultquota'};
} else {	} else {
$domdefaults{'defaultquota'} = $domconfig{'quotas'};	$domdefaults{'defaultquota'} = $domconfig{'quotas'};
}	}
my @usertools = ('aboutme','blog','webdav','portfolio');	my @usertools = ('aboutme','blog','webdav','portfolio');
foreach my $item (@usertools) {	foreach my $item (@usertools) {
if (ref($domconfig{'quotas'}{$item}) eq 'HASH') {	if (ref($domconfig{'quotas'}{$item}) eq 'HASH') {
$domdefaults{$item} = $domconfig{'quotas'}{$item};	$domdefaults{$item} = $domconfig{'quotas'}{$item};
}	}
}	}
	if (ref($domconfig{'quotas'}{'authorquota'}) eq 'HASH') {
	$domdefaults{'authorquota'} = $domconfig{'quotas'}{'authorquota'};
	}
}	}
if (ref($domconfig{'requestcourses'}) eq 'HASH') {	if (ref($domconfig{'requestcourses'}) eq 'HASH') {
foreach my $item ('official','unofficial','community') {	foreach my $item ('official','unofficial','community','textbook','placement') {
$domdefaults{$item} = $domconfig{'requestcourses'}{$item};	$domdefaults{$item} = $domconfig{'requestcourses'}{$item};
}	}
}	}
Line 1995 sub get_domain_defaults {	Line 2407 sub get_domain_defaults {
$domdefaults{'requestauthor'} = $domconfig{'requestauthor'};	$domdefaults{'requestauthor'} = $domconfig{'requestauthor'};
}	}
if (ref($domconfig{'inststatus'}) eq 'HASH') {	if (ref($domconfig{'inststatus'}) eq 'HASH') {
foreach my $item ('inststatustypes','inststatusorder') {	foreach my $item ('inststatustypes','inststatusorder','inststatusguest') {
$domdefaults{$item} = $domconfig{'inststatus'}{$item};	$domdefaults{$item} = $domconfig{'inststatus'}{$item};
}	}
}	}
if (ref($domconfig{'coursedefaults'}) eq 'HASH') {	if (ref($domconfig{'coursedefaults'}) eq 'HASH') {
foreach my $item ('canuse_pdfforms') {	$domdefaults{'canuse_pdfforms'} = $domconfig{'coursedefaults'}{'canuse_pdfforms'};
$domdefaults{$item} = $domconfig{'coursedefaults'}{$item};	$domdefaults{'usejsme'} = $domconfig{'coursedefaults'}{'usejsme'};
	$domdefaults{'uselcmath'} = $domconfig{'coursedefaults'}{'uselcmath'};
	if (ref($domconfig{'coursedefaults'}{'postsubmit'}) eq 'HASH') {
	$domdefaults{'postsubmit'} = $domconfig{'coursedefaults'}{'postsubmit'}{'client'};
	}
	foreach my $type (@coursetypes) {
	if (ref($domconfig{'coursedefaults'}{'coursecredits'}) eq 'HASH') {
	unless ($type eq 'community') {
	$domdefaults{$type.'credits'} = $domconfig{'coursedefaults'}{'coursecredits'}{$type};
	}
	}
	if (ref($domconfig{'coursedefaults'}{'uploadquota'}) eq 'HASH') {
	$domdefaults{$type.'quota'} = $domconfig{'coursedefaults'}{'uploadquota'}{$type};
	}
	if ($domdefaults{'postsubmit'} eq 'on') {
	if (ref($domconfig{'coursedefaults'}{'postsubmit'}{'timeout'}) eq 'HASH') {
	$domdefaults{$type.'postsubtimeout'} =
	$domconfig{'coursedefaults'}{'postsubmit'}{'timeout'}{$type};
	}
	}
	}
	if (ref($domconfig{'coursedefaults'}{'canclone'}) eq 'HASH') {
	if (ref($domconfig{'coursedefaults'}{'canclone'}{'instcode'}) eq 'ARRAY') {
	my @clonecodes = @{$domconfig{'coursedefaults'}{'canclone'}{'instcode'}};
	if (@clonecodes) {
	$domdefaults{'canclone'} = join('+',@clonecodes);
	}
	}
	} elsif ($domconfig{'coursedefaults'}{'canclone'}) {
	$domdefaults{'canclone'}=$domconfig{'coursedefaults'}{'canclone'};
}	}
}	}
if (ref($domconfig{'usersessions'}) eq 'HASH') {	if (ref($domconfig{'usersessions'}) eq 'HASH') {
Line 2011 sub get_domain_defaults {	Line 2452 sub get_domain_defaults {
if (ref($domconfig{'usersessions'}{'hosted'}) eq 'HASH') {	if (ref($domconfig{'usersessions'}{'hosted'}) eq 'HASH') {
$domdefaults{'hostedsessions'} = $domconfig{'usersessions'}{'hosted'};	$domdefaults{'hostedsessions'} = $domconfig{'usersessions'}{'hosted'};
}	}
	if (ref($domconfig{'usersessions'}{'offloadnow'}) eq 'HASH') {
	$domdefaults{'offloadnow'} = $domconfig{'usersessions'}{'offloadnow'};
	}
	}
	if (ref($domconfig{'selfenrollment'}) eq 'HASH') {
	if (ref($domconfig{'selfenrollment'}{'admin'}) eq 'HASH') {
	my @settings = ('types','registered','enroll_dates','access_dates','section',
	'approval','limit');
	foreach my $type (@coursetypes) {
	if (ref($domconfig{'selfenrollment'}{'admin'}{$type}) eq 'HASH') {
	my @mgrdc = ();
	foreach my $item (@settings) {
	if ($domconfig{'selfenrollment'}{'admin'}{$type}{$item} eq '0') {
	push(@mgrdc,$item);
	}
	}
	if (@mgrdc) {
	$domdefaults{$type.'selfenrolladmdc'} = join(',',@mgrdc);
	}
	}
	}
	}
	if (ref($domconfig{'selfenrollment'}{'default'}) eq 'HASH') {
	foreach my $type (@coursetypes) {
	if (ref($domconfig{'selfenrollment'}{'default'}{$type}) eq 'HASH') {
	foreach my $item (keys(%{$domconfig{'selfenrollment'}{'default'}{$type}})) {
	$domdefaults{$type.'selfenroll'.$item} = $domconfig{'selfenrollment'}{'default'}{$type}{$item};
	}
	}
	}
	}
	}
	if (ref($domconfig{'coursecategories'}) eq 'HASH') {
	$domdefaults{'catauth'} = 'std';
	$domdefaults{'catunauth'} = 'std';
	if ($domconfig{'coursecategories'}{'auth'}) {
	$domdefaults{'catauth'} = $domconfig{'coursecategories'}{'auth'};
	}
	if ($domconfig{'coursecategories'}{'unauth'}) {
	$domdefaults{'catunauth'} = $domconfig{'coursecategories'}{'unauth'};
	}
	}
	if (ref($domconfig{'ssl'}) eq 'HASH') {
	if (ref($domconfig{'ssl'}{'replication'}) eq 'HASH') {
	$domdefaults{'replication'} = $domconfig{'ssl'}{'replication'};
	}
	if (ref($domconfig{'ssl'}{'connto'}) eq 'HASH') {
	$domdefaults{'connect'} = $domconfig{'ssl'}{'connto'};
	}
	if (ref($domconfig{'ssl'}{'connfrom'}) eq 'HASH') {
	$domdefaults{'connect'} = $domconfig{'ssl'}{'connfrom'};
	}
	}
	if (ref($domconfig{'trust'}) eq 'HASH') {
	my @prefixes = qw(content shared enroll othcoau coaurem domroles catalog reqcrs msg);
	foreach my $prefix (@prefixes) {
	if (ref($domconfig{'trust'}{$prefix}) eq 'HASH') {
	$domdefaults{'trust'.$prefix} = $domconfig{'trust'}{$prefix};
	}
	}
	}
	if (ref($domconfig{'autoenroll'}) eq 'HASH') {
	$domdefaults{'autofailsafe'} = $domconfig{'autoenroll'}{'autofailsafe'};
	}
	if (ref($domconfig{'helpsettings'}) eq 'HASH') {
	$domdefaults{'submitbugs'} = $domconfig{'helpsettings'}{'submitbugs'};
	if (ref($domconfig{'helpsettings'}{'adhoc'}) eq 'HASH') {
	$domdefaults{'adhocroles'} = $domconfig{'helpsettings'}{'adhoc'};
	}
}	}
&Apache::lonnet::do_cache_new('domdefaults',$domain,\%domdefaults,	&do_cache_new('domdefaults',$domain,\%domdefaults,$cachetime);
$cachetime);
return %domdefaults;	return %domdefaults;
}	}

	sub course_portal_url {
	my ($cnum,$cdom) = @_;
	my $chome = &homeserver($cnum,$cdom);
	my $hostname = &hostname($chome);
	my $protocol = $protocol{$chome};
	$protocol = 'http' if ($protocol ne 'https');
	my %domdefaults = &get_domain_defaults($cdom);
	my $firsturl;
	if ($domdefaults{'portal_def'}) {
	$firsturl = $domdefaults{'portal_def'};
	} else {
	$firsturl = $protocol.'://'.$hostname;
	}
	return $firsturl;
	}

# --------------------------------------------------- Assign a key to a student	# --------------------------------------------------- Assign a key to a student

sub assign_access_key {	sub assign_access_key {
Line 2253 sub make_key {	Line 2778 sub make_key {
sub devalidate_cache_new {	sub devalidate_cache_new {
my ($name,$id,$debug) = @_;	my ($name,$id,$debug) = @_;
if ($debug) { &Apache::lonnet::logthis("deleting $name:$id"); }	if ($debug) { &Apache::lonnet::logthis("deleting $name:$id"); }
	my $remembered_id=$name.':'.$id;
$id=&make_key($name,$id);	$id=&make_key($name,$id);
$memcache->delete($id);	$memcache->delete($id);
delete($remembered{$id});	delete($remembered{$remembered_id});
delete($accessed{$id});	delete($accessed{$remembered_id});
}	}

sub is_cached_new {	sub is_cached_new {
my ($name,$id,$debug) = @_;	my ($name,$id,$debug) = @_;
$id=&make_key($name,$id);	my $remembered_id=$name.':'.$id; # this is to avoid make_key (which is slow) whenever possible
if (exists($remembered{$id})) {	if (exists($remembered{$remembered_id})) {
if ($debug) { &Apache::lonnet::logthis("Early return $id of $remembered{$id} "); }	if ($debug) { &Apache::lonnet::logthis("Early return $remembered_id of $remembered{$remembered_id} "); }
$accessed{$id}=[&gettimeofday()];	$accessed{$remembered_id}=[&gettimeofday()];
$hits++;	$hits++;
return ($remembered{$id},1);	return ($remembered{$remembered_id},1);
}	}
	$id=&make_key($name,$id);
my $value = $memcache->get($id);	my $value = $memcache->get($id);
if (!(defined($value))) {	if (!(defined($value))) {
if ($debug) { &Apache::lonnet::logthis("getting $id is not defined"); }	if ($debug) { &Apache::lonnet::logthis("getting $id is not defined"); }
Line 2277 sub is_cached_new {	Line 2804 sub is_cached_new {
if ($debug) { &Apache::lonnet::logthis("getting $id is __undef__"); }	if ($debug) { &Apache::lonnet::logthis("getting $id is __undef__"); }
$value=undef;	$value=undef;
}	}
&make_room($id,$value,$debug);	&make_room($remembered_id,$value,$debug);
if ($debug) { &Apache::lonnet::logthis("getting $id is $value"); }	if ($debug) { &Apache::lonnet::logthis("getting $id is $value"); }
return ($value,1);	return ($value,1);
}	}

sub do_cache_new {	sub do_cache_new {
my ($name,$id,$value,$time,$debug) = @_;	my ($name,$id,$value,$time,$debug) = @_;
	my $remembered_id=$name.':'.$id;
$id=&make_key($name,$id);	$id=&make_key($name,$id);
my $setvalue=$value;	my $setvalue=$value;
if (!defined($setvalue)) {	if (!defined($setvalue)) {
Line 2299 sub do_cache_new {	Line 2827 sub do_cache_new {
$memcache->disconnect_all();	$memcache->disconnect_all();
}	}
# need to make a copy of $value	# need to make a copy of $value
&make_room($id,$value,$debug);	&make_room($remembered_id,$value,$debug);
return $value;	return $value;
}	}

sub make_room {	sub make_room {
my ($id,$value,$debug)=@_;	my ($remembered_id,$value,$debug)=@_;

$remembered{$id}= (ref($value)) ? &Storable::dclone($value)	$remembered{$remembered_id}= (ref($value)) ? &Storable::dclone($value)
: $value;	: $value;
if ($to_remember<0) { return; }	if ($to_remember<0) { return; }
$accessed{$id}=[&gettimeofday()];	$accessed{$remembered_id}=[&gettimeofday()];
if (scalar(keys(%remembered)) <= $to_remember) { return; }	if (scalar(keys(%remembered)) <= $to_remember) { return; }
my $to_kick;	my $to_kick;
my $max_time=0;	my $max_time=0;
Line 2521 sub repcopy {	Line 3049 sub repcopy {
mkdir($path,0777);	mkdir($path,0777);
}	}
}	}
my $ua=new LWP::UserAgent;
my $request=new HTTP::Request('GET',"$remoteurl");	my $request=new HTTP::Request('GET',"$remoteurl");
my $response=$ua->request($request,$transname);	my $response;
	if ($remoteurl =~ m{/raw/}) {
	$response=&LONCAPA::LWPReq::makerequest($home,$request,$transname,\%perlvar,'',0,1);
	} else {
	$response=&LONCAPA::LWPReq::makerequest($home,$request,$transname,\%perlvar,'',1);
	}
if ($response->is_error()) {	if ($response->is_error()) {
unlink($transname);	unlink($transname);
my $message=$response->status_line;	my $message=$response->status_line;
Line 2533 sub repcopy {	Line 3065 sub repcopy {
} else {	} else {
if ($remoteurl!~/\.meta$/) {	if ($remoteurl!~/\.meta$/) {
my $mrequest=new HTTP::Request('GET',$remoteurl.'.meta');	my $mrequest=new HTTP::Request('GET',$remoteurl.'.meta');
my $mresponse=$ua->request($mrequest,$filename.'.meta');	my $mresponse;
	if ($remoteurl =~ m{/raw/}) {
	$mresponse = &LONCAPA::LWPReq::makerequest($home,$mrequest,$filename.'.meta',\%perlvar,'',0,1);
	} else {
	$mresponse = &LONCAPA::LWPReq::makerequest($home,$mrequest,$filename.'.meta',\%perlvar,'',1);
	}
if ($mresponse->is_error()) {	if ($mresponse->is_error()) {
unlink($filename.'.meta');	unlink($filename.'.meta');
&logthis(	&logthis(
Line 2596 sub absolute_url {	Line 3133 sub absolute_url {
sub ssi {	sub ssi {

my ($fn,%form)=@_;	my ($fn,%form)=@_;
my $ua=new LWP::UserAgent;
my $request;	my $request;

$form{'no_update_last_known'}=1;	$form{'no_update_last_known'}=1;
&Apache::lonenc::check_encrypt(\$fn);	&Apache::lonenc::check_encrypt(\$fn);
if (%form) {	if (%form) {
$request=new HTTP::Request('POST',&absolute_url().$fn);	$request=new HTTP::Request('POST',&absolute_url().$fn);
$request->content(join('&',map { &escape($_).'='.&escape($form{$_}) } keys(%form)));	$request->content(join('&',map {
	my $name = escape($_);
	"$name=" . ( ref($form{$_}) eq 'ARRAY'
	? join("&$name=", map {escape($_) } @{$form{$_}})
	: &escape($form{$_}) );
	} keys(%form)));
} else {	} else {
$request=new HTTP::Request('GET',&absolute_url().$fn);	$request=new HTTP::Request('GET',&absolute_url().$fn);
}	}

$request->header(Cookie => $ENV{'HTTP_COOKIE'});	$request->header(Cookie => $ENV{'HTTP_COOKIE'});
my $response= $ua->request($request);	my $lonhost = $perlvar{'lonHostID'};
my $content = $response->content;	my $response= &LONCAPA::LWPReq::makerequest($lonhost,$request,'',\%perlvar);


if (wantarray) {	if (wantarray) {
return ($content, $response);	return ($response->content, $response);
} else {	} else {
return $content;	return $response->content;
}	}
}	}

sub externalssi {	sub externalssi {
my ($url)=@_;	my ($url)=@_;
my $ua=new LWP::UserAgent;
my $request=new HTTP::Request('GET',$url);	my $request=new HTTP::Request('GET',$url);
my $response=$ua->request($request);	my $response = &LONCAPA::LWPReq::makerequest('',$request,'',\%perlvar);
if (wantarray) {	if (wantarray) {
return ($response->content, $response);	return ($response->content, $response);
} else {	} else {
Line 2716 sub can_edit_resource {	Line 3255 sub can_edit_resource {
return;	return;
}	}
} else {	} else {
	if ($resurl =~ m{^/?adm/viewclasslist$}) {
	unless (&Apache::lonnet::allowed('opa',$env{'request.course.id'})) {
	return;
	}
	} elsif (!$crsedit) {
#	#
# No edit allowed where CC has switched to student role.	# No edit allowed where CC has switched to student role.
#	#
unless ($crsedit) {
return;	return;
}	}
}	}
Line 2732 sub can_edit_resource {	Line 3275 sub can_edit_resource {
$incourse = 1;	$incourse = 1;
if ($file =~/\.(htm\|html\|css\|js\|txt)$/) {	if ($file =~/\.(htm\|html\|css\|js\|txt)$/) {
$cfile = &hreflocation('',$file);	$cfile = &hreflocation('',$file);
$forceedit = 1;	if ($env{'form.forceedit'}) {
	$forceview = 1;
	} else {
	$forceedit = 1;
	}
}	}
} elsif ($resurl =~ m{^/public/$cdom/$cnum/syllabus}) {	} elsif ($resurl =~ m{^/public/$cdom/$cnum/syllabus}) {
$incourse = 1;	$incourse = 1;
Line 2762 sub can_edit_resource {	Line 3309 sub can_edit_resource {
$forceedit = 1;	$forceedit = 1;
}	}
$cfile = $resurl;	$cfile = $resurl;
	} elsif ($resurl =~ m{^/adm/wrapper/adm/$cdom/$cnum/\d+/ext\.tool$}) {
	$incourse = 1;
	if ($env{'form.forceedit'}) {
	$forceview = 1;
	} else {
	$forceedit = 1;
	}
	$cfile = $resurl;
	} elsif ($resurl =~ m{^/?adm/viewclasslist$}) {
	$incourse = 1;
	if ($env{'form.forceedit'}) {
	$forceview = 1;
	} else {
	$forceedit = 1;
	}
	$cfile = ($resurl =~ m{^/} ? $resurl : "/$resurl");
}	}
} elsif ($resurl eq '/res/lib/templates/simpleproblem.problem/smpedit') {	} elsif ($resurl eq '/res/lib/templates/simpleproblem.problem/smpedit') {
my $template = '/res/lib/templates/simpleproblem.problem';	my $template = '/res/lib/templates/simpleproblem.problem';
Line 2778 sub can_edit_resource {	Line 3341 sub can_edit_resource {
$forceedit = 1;	$forceedit = 1;
}	}
$cfile = $resurl;	$cfile = $resurl;
	} elsif (($resurl =~ m{^/adm/wrapper/adm/$cdom/$cnum/\d+/ext\.tool$}) && ($env{'form.folderpath'} =~ /^supplemental/)) {
	$incourse = 1;
	if ($env{'form.forceedit'}) {
	$forceview = 1;
	} else {
	$forceedit = 1;
	}
	$cfile = $resurl;
} elsif (($resurl eq '/adm/extresedit') && ($symb \|\| $env{'form.folderpath'})) {	} elsif (($resurl eq '/adm/extresedit') && ($symb \|\| $env{'form.folderpath'})) {
$incourse = 1;	$incourse = 1;
$forceview = 1;	$forceview = 1;
Line 2787 sub can_edit_resource {	Line 3358 sub can_edit_resource {
$cfile = &clutter($res);	$cfile = &clutter($res);
} else {	} else {
$cfile = $env{'form.suppurl'};	$cfile = $env{'form.suppurl'};
$cfile =~ s{^http://}{};	my $escfile = &unescape($cfile);
$cfile = '/adm/wrapper/ext/'.$cfile;	if ($escfile =~ m{^/adm/$cdom/$cnum/\d+/ext\.tool$}) {
	$cfile = '/adm/wrapper'.$escfile;
	} else {
	$escfile =~ s{^http://}{};
	$cfile = &escape("/adm/wrapper/ext/$escfile");
	}
}	}
	} elsif ($resurl =~ m{^/?adm/viewclasslist$}) {
	if ($env{'form.forceedit'}) {
	$forceview = 1;
	} else {
	$forceedit = 1;
	}
	$cfile = ($resurl =~ m{^/} ? $resurl : "/$resurl");
}	}
}	}
if ($uploaded \|\| $incourse) {	if ($uploaded \|\| $incourse) {
$home=&homeserver($cnum,$cdom);	$home=&homeserver($cnum,$cdom);
} else {	} elsif ($file !~ m{/$}) {
$file=~s{^(priv/$match_domain/$match_username)}{/$1};	$file=~s{^(priv/$match_domain/$match_username)}{/$1};
$file=~s{^($match_domain/$match_username)}{/priv/$1};	$file=~s{^($match_domain/$match_username)}{/priv/$1};
# Check that the user has permission to edit this resource	# Check that the user has permission to edit this resource
Line 2820 sub is_course_upload {	Line 3403 sub is_course_upload {
my ($file,$cnum,$cdom) = @_;	my ($file,$cnum,$cdom) = @_;
my $uploadpath = &LONCAPA::propath($cdom,$cnum);	my $uploadpath = &LONCAPA::propath($cdom,$cnum);
$uploadpath =~ s{^\/}{};	$uploadpath =~ s{^\/}{};
if (($file =~ m{^\Q$uploadpath\E/userfiles/docs/}) \|\|	if (($file =~ m{^\Q$uploadpath\E/userfiles/(docs\|supplemental)/}) \|\|
($file =~ m{^userfiles/\Q$cdom\E/\Q$cnum\E/docs/})) {	($file =~ m{^userfiles/\Q$cdom\E/\Q$cnum\E/(docs\|supplemental)/})) {
return 1;	return 1;
}	}
return;	return;
Line 2831 sub in_course {	Line 3414 sub in_course {
my ($udom,$uname,$cdom,$cnum,$type,$hideprivileged) = @_;	my ($udom,$uname,$cdom,$cnum,$type,$hideprivileged) = @_;
if ($hideprivileged) {	if ($hideprivileged) {
my $skipuser;	my $skipuser;
if (&privileged($uname,$udom)) {	my %coursehash = &coursedescription($cdom.'_'.$cnum);
	my @possdoms = ($cdom);
	if ($coursehash{'checkforpriv'}) {
	push(@possdoms,split(/,/,$coursehash{'checkforpriv'}));
	}
	if (&privileged($uname,$udom,\@possdoms)) {
$skipuser = 1;	$skipuser = 1;
my %coursehash = &coursedescription($cdom.'_'.$cnum);
if ($coursehash{'nothideprivileged'}) {	if ($coursehash{'nothideprivileged'}) {
foreach my $item (split(/\s\,\s/,$coursehash{'nothideprivileged'})) {	foreach my $item (split(/\s\,\s/,$coursehash{'nothideprivileged'})) {
my $user;	my $user;
Line 3166 sub userfileupload {	Line 3753 sub userfileupload {
$codebase,$thumbwidth,$thumbheight,	$codebase,$thumbwidth,$thumbheight,
$resizewidth,$resizeheight,$context,$mimetype);	$resizewidth,$resizeheight,$context,$mimetype);
} else {	} else {
$fname=$env{'form.folder'}.'/'.$fname;	if ($env{'form.folder'}) {
	$fname=$env{'form.folder'}.'/'.$fname;
	}
return &process_coursefile('uploaddoc',$docuname,$docudom,	return &process_coursefile('uploaddoc',$docuname,$docudom,
$fname,$formname,$parser,	$fname,$formname,$parser,
$allfiles,$codebase,$mimetype);	$allfiles,$codebase,$mimetype);
Line 3181 sub userfileupload {	Line 3770 sub userfileupload {
} else {	} else {
my $docuname=$env{'user.name'};	my $docuname=$env{'user.name'};
my $docudom=$env{'user.domain'};	my $docudom=$env{'user.domain'};
if (exists($env{'form.group'})) {	if ((exists($env{'form.group'})) \|\| ($context eq 'syllabus')) {
$docuname=$env{'course.'.$env{'request.course.id'}.'.num'};	$docuname=$env{'course.'.$env{'request.course.id'}.'.num'};
$docudom=$env{'course.'.$env{'request.course.id'}.'.domain'};	$docudom=$env{'course.'.$env{'request.course.id'}.'.domain'};
}	}
Line 3331 sub extract_embedded_items {	Line 3920 sub extract_embedded_items {
&add_filetype($allfiles,$attr->{'src'},'src');	&add_filetype($allfiles,$attr->{'src'},'src');
}	}
if (lc($tagname) eq 'a') {	if (lc($tagname) eq 'a') {
&add_filetype($allfiles,$attr->{'href'},'href');	unless (($attr->{'href'} =~ /^#/) \|\| ($attr->{'href'} eq '')) {
	&add_filetype($allfiles,$attr->{'href'},'href');
	}
}	}
if (lc($tagname) eq 'script') {	if (lc($tagname) eq 'script') {
my $src;	my $src;
Line 3419 sub extract_embedded_items {	Line 4010 sub extract_embedded_items {
}	}
}	}
}	}
	if (lc($tagname) eq 'iframe') {
	my $src = $attr->{'src'} ;
	if (($src ne '') && ($src !~ m{^(/\|https?://)})) {
	&add_filetype($allfiles,$src,'src');
	} elsif ($src =~ m{^/}) {
	if ($env{'request.course.id'}) {
	my $cdom = $env{'course.'.$env{'request.course.id'}.'.domain'};
	my $cnum = $env{'course.'.$env{'request.course.id'}.'.num'};
	my $url = &hreflocation('',$fullpath);
	if ($url =~ m{^/uploaded/$cdom/$cnum/docs/(\w+/\d+)/}) {
	my $relpath = $1;
	if ($src =~ m{^/uploaded/$cdom/$cnum/docs/\Q$relpath\E/(.+)$}) {
	&add_filetype($allfiles,$1,'src');
	}
	}
	}
	}
	}
if ($t->[4] =~ m{/>$}) {	if ($t->[4] =~ m{/>$}) {
pop(@state);	pop(@state);
}	}
} elsif ($t->[0] eq 'E') {	} elsif ($t->[0] eq 'E') {
my ($tagname) = ($t->[1]);	my ($tagname) = ($t->[1]);
Line 3637 sub flushcourselogs {	Line 4246 sub flushcourselogs {
}	}
}	}
#	#
# Reverse lookup of domain roles (dc, ad, li, sc, au)	# Reverse lookup of domain roles (dc, ad, li, sc, dh, da, au)
#	#
my %domrolebuffer = ();	my %domrolebuffer = ();
foreach my $entry (keys(%domainrolehash)) {	foreach my $entry (keys(%domainrolehash)) {
Line 3652 sub flushcourselogs {	Line 4261 sub flushcourselogs {
delete $domainrolehash{$entry};	delete $domainrolehash{$entry};
}	}
foreach my $dom (keys(%domrolebuffer)) {	foreach my $dom (keys(%domrolebuffer)) {
my %servers = &get_servers($dom,'library');	my %servers;
	if (defined(&domain($dom,'primary'))) {
	my $primary=&domain($dom,'primary');
	my $hostname=&hostname($primary);
	$servers{$primary} = $hostname;
	} else {
	%servers = &get_servers($dom,'library');
	}
foreach my $tryserver (keys(%servers)) {	foreach my $tryserver (keys(%servers)) {
unless (&reply('domroleput:'.$dom.':'.	if (&reply('domroleput:'.$dom.':'.
$domrolebuffer{$dom},$tryserver) eq 'ok') {	$domrolebuffer{$dom},$tryserver) eq 'ok') {
	last;
	} else {
&logthis('Put of domain roles failed for '.$dom.' and '.$tryserver);	&logthis('Put of domain roles failed for '.$dom.' and '.$tryserver);
}	}
}	}
Line 3775 sub userrolelog {	Line 4393 sub userrolelog {
{$trole.':'.$username.':'.$domain.':'.$env{'user.name'}.':'.$env{'user.domain'}.':'}	{$trole.':'.$username.':'.$domain.':'.$env{'user.name'}.':'.$env{'user.domain'}.':'}
=$tend.':'.$tstart;	=$tend.':'.$tstart;
}	}
if ($trole =~ /^(dc\|ad\|li\|au\|dg\|sc)/ ) {	if ($trole =~ /^(dc\|ad\|li\|au\|dg\|sc\|dh\|da)/ ) {
my (undef,$rudom,$runame,$rsec)=split(/\//,$area);	my (undef,$rudom,$runame,$rsec)=split(/\//,$area);
$domainrolehash	$domainrolehash
{$trole.':'.$username.':'.$domain.':'.$runame.':'.$rudom.':'.$rsec}	{$trole.':'.$username.':'.$domain.':'.$runame.':'.$rudom.':'.$rsec}
Line 3862 sub get_course_adv_roles {	Line 4480 sub get_course_adv_roles {
$nothide{$user}=1;	$nothide{$user}=1;
}	}
}	}
	my @possdoms = ($coursehash{'domain'});
	if ($coursehash{'checkforpriv'}) {
	push(@possdoms,split(/,/,$coursehash{'checkforpriv'}));
	}
my %returnhash=();	my %returnhash=();
my %dumphash=	my %dumphash=
&dump('nohist_userroles',$coursehash{'domain'},$coursehash{'num'});	&dump('nohist_userroles',$coursehash{'domain'},$coursehash{'num'});
Line 3874 sub get_course_adv_roles {	Line 4496 sub get_course_adv_roles {
if (($tstart) && ($now<$tstart)) { next; }	if (($tstart) && ($now<$tstart)) { next; }
my ($role,$username,$domain,$section)=split(/\:/,$entry);	my ($role,$username,$domain,$section)=split(/\:/,$entry);
if ($username eq '' \|\| $domain eq '') { next; }	if ($username eq '' \|\| $domain eq '') { next; }
unless (ref($privileged{$domain}) eq 'HASH') {	if ((&privileged($username,$domain,\@possdoms)) &&
my %dompersonnel =
&Apache::lonnet::get_domain_roles($domain,['dc'],$now,$now);
$privileged{$domain} = {};
foreach my $server (keys(%dompersonnel)) {
if (ref($dompersonnel{$server}) eq 'HASH') {
foreach my $user (keys(%{$dompersonnel{$server}})) {
my ($trole,$uname,$udom) = split(/:/,$user);
$privileged{$udom}{$uname} = 1;
}
}
}
}
if ((exists($privileged{$domain}{$username})) &&
(!$nothide{$username.':'.$domain})) { next; }	(!$nothide{$username.':'.$domain})) { next; }
if ($role eq 'cr') { next; }	if ($role eq 'cr') { next; }
if ($codes) {	if ($codes) {
Line 3918 sub get_my_roles {	Line 4527 sub get_my_roles {
if ($context eq 'userroles') {	if ($context eq 'userroles') {
%dumphash = &dump('roles',$udom,$uname);	%dumphash = &dump('roles',$udom,$uname);
} else {	} else {
%dumphash=	%dumphash = &dump('nohist_userroles',$udom,$uname);
&dump('nohist_userroles',$udom,$uname);
if ($hidepriv) {	if ($hidepriv) {
my %coursehash=&coursedescription($udom.'_'.$uname);	my %coursehash=&coursedescription($udom.'_'.$uname);
foreach my $user (split(/\s\,\s/,$coursehash{'nothideprivileged'})) {	foreach my $user (split(/\s\,\s/,$coursehash{'nothideprivileged'})) {
Line 3987 sub get_my_roles {	Line 4595 sub get_my_roles {
}	}
}	}
if ($hidepriv) {	if ($hidepriv) {
	my @privroles = ('dc','su');
if ($context eq 'userroles') {	if ($context eq 'userroles') {
if ((&privileged($username,$domain)) &&	next if (grep(/^\Q$role\E$/,@privroles));
(!$nothide{$username.':'.$domain})) {
next;
}
} else {	} else {
unless (ref($privileged{$domain}) eq 'HASH') {	my $possdoms = [$domain];
my %dompersonnel =	if (ref($roledoms) eq 'ARRAY') {
&Apache::lonnet::get_domain_roles($domain,['dc'],$now,$now);	push(@{$possdoms},@{$roledoms});
$privileged{$domain} = {};
if (keys(%dompersonnel)) {
foreach my $server (keys(%dompersonnel)) {
if (ref($dompersonnel{$server}) eq 'HASH') {
foreach my $user (keys(%{$dompersonnel{$server}})) {
my ($trole,$uname,$udom) = split(/:/,$user);
$privileged{$udom}{$uname} = $trole;
}
}
}
}
}	}
if (exists($privileged{$domain}{$username})) {	if (&privileged($username,$domain,$possdoms,\@privroles)) {
if (!$nothide{$username.':'.$domain}) {	if (!$nothide{$username.':'.$domain}) {
next;	next;
}	}
Line 4025 sub get_my_roles {	Line 4620 sub get_my_roles {
return %returnhash;	return %returnhash;
}	}

	sub get_all_adhocroles {
	my ($dom) = @_;
	my @roles_by_num = ();
	my %domdefaults = &get_domain_defaults($dom);
	my (%description,%access_in_dom,%access_info);
	if (ref($domdefaults{'adhocroles'}) eq 'HASH') {
	my $count = 0;
	my %domcurrent = %{$domdefaults{'adhocroles'}};
	my %ordered;
	foreach my $role (sort(keys(%domcurrent))) {
	my ($order,$desc,$access_in_dom);
	if (ref($domcurrent{$role}) eq 'HASH') {
	$order = $domcurrent{$role}{'order'};
	$desc = $domcurrent{$role}{'desc'};
	$access_in_dom{$role} = $domcurrent{$role}{'access'};
	$access_info{$role} = $domcurrent{$role}{$access_in_dom{$role}};
	}
	if ($order eq '') {
	$order = $count;
	}
	$ordered{$order} = $role;
	if ($desc ne '') {
	$description{$role} = $desc;
	} else {
	$description{$role}= $role;
	}
	$count++;
	}
	foreach my $item (sort {$a <=> $b } (keys(%ordered))) {
	push(@roles_by_num,$ordered{$item});
	}
	}
	return (\@roles_by_num,\%description,\%access_in_dom,\%access_info);
	}

	sub get_my_adhocroles {
	my ($cid,$checkreg) = @_;
	my ($cdom,$cnum,%info,@possroles,$description,$roles_by_num);
	if ($env{'request.course.id'} eq $cid) {
	$cdom = $env{'course.'.$cid.'.domain'};
	$cnum = $env{'course.'.$cid.'.num'};
	$info{'internal.coursecode'} = $env{'course.'.$cid.'.internal.coursecode'};
	} elsif ($cid =~ /^($match_domain)_($match_courseid)$/) {
	$cdom = $1;
	$cnum = $2;
	%info = &Apache::lonnet::get('environment',['internal.coursecode'],
	$cdom,$cnum);
	}
	if (($info{'internal.coursecode'} ne '') && ($checkreg)) {
	my $user = $env{'user.name'}.':'.$env{'user.domain'};
	my %rosterhash = &get('classlist',[$user],$cdom,$cnum);
	if ($rosterhash{$user} ne '') {
	my $type = (split(/:/,$rosterhash{$user}))[5];
	return ([],{}) if ($type eq 'auto');
	}
	}
	if (($cdom ne '') && ($cnum ne '')) {
	if (($env{"user.role.dh./$cdom/"}) \|\| ($env{"user.role.da./$cdom/"})) {
	my $then=$env{'user.login.time'};
	my $update=$env{'user.update.time'};
	if (!$update) {
	$update = $then;
	}
	my @liveroles;
	foreach my $role ('dh','da') {
	if ($env{"user.role.$role./$cdom/"}) {
	my ($tstart,$tend)=split(/\./,$env{"user.role.$role./$cdom/"});
	my $limit = $update;
	if ($env{'request.role'} eq "$role./$cdom/") {
	$limit = $then;
	}
	my $activerole = 1;
	if ($tstart && $tstart>$limit) { $activerole = 0; }
	if ($tend && $tend <$limit) { $activerole = 0; }
	if ($activerole) {
	push(@liveroles,$role);
	}
	}
	}
	if (@liveroles) {
	if (&homeserver($cnum,$cdom) ne 'no_host') {
	my ($accessref,$accessinfo,%access_in_dom);
	($roles_by_num,$description,$accessref,$accessinfo) = &get_all_adhocroles($cdom);
	if (ref($roles_by_num) eq 'ARRAY') {
	if (@{$roles_by_num}) {
	my %settings;
	if ($env{'request.course.id'} eq $cid) {
	foreach my $envkey (keys(%env)) {
	if ($envkey =~ /^\Qcourse.$cid.\E(internal\.adhoc.+)$/) {
	$settings{$1} = $env{$envkey};
	}
	}
	} else {
	%settings = &dump('environment',$cdom,$cnum,'internal\.adhoc');
	}
	my %setincrs;
	if ($settings{'internal.adhocaccess'}) {
	map { $setincrs{$_} = 1; } split(/,/,$settings{'internal.adhocaccess'});
	}
	my @statuses;
	if ($env{'environment.inststatus'}) {
	@statuses = split(/,/,$env{'environment.inststatus'});
	}
	my $user = $env{'user.name'}.':'.$env{'user.domain'};
	if (ref($accessref) eq 'HASH') {
	%access_in_dom = %{$accessref};
	}
	foreach my $role (@{$roles_by_num}) {
	my ($curraccess,@okstatus,@personnel);
	if ($setincrs{$role}) {
	($curraccess,my $rest) = split(/=/,$settings{'internal.adhoc.'.$role});
	if ($curraccess eq 'status') {
	@okstatus = split(/\&/,$rest);
	} elsif (($curraccess eq 'exc') \|\| ($curraccess eq 'inc')) {
	@personnel = split(/\&/,$rest);
	}
	} else {
	$curraccess = $access_in_dom{$role};
	if (ref($accessinfo) eq 'HASH') {
	if ($curraccess eq 'status') {
	if (ref($accessinfo->{$role}) eq 'ARRAY') {
	@okstatus = @{$accessinfo->{$role}};
	}
	} elsif (($curraccess eq 'exc') \|\| ($curraccess eq 'inc')) {
	if (ref($accessinfo->{$role}) eq 'ARRAY') {
	@personnel = @{$accessinfo->{$role}};
	}
	}
	}
	}
	if ($curraccess eq 'none') {
	next;
	} elsif ($curraccess eq 'all') {
	push(@possroles,$role);
	} elsif ($curraccess eq 'dh') {
	if (grep(/^dh$/,@liveroles)) {
	push(@possroles,$role);
	} else {
	next;
	}
	} elsif ($curraccess eq 'da') {
	if (grep(/^da$/,@liveroles)) {
	push(@possroles,$role);
	} else {
	next;
	}
	} elsif ($curraccess eq 'status') {
	if (@okstatus) {
	if (!@statuses) {
	if (grep(/^default$/,@okstatus)) {
	push(@possroles,$role);
	}
	} else {
	foreach my $status (@okstatus) {
	if (grep(/^\Q$status\E$/,@statuses)) {
	push(@possroles,$role);
	last;
	}
	}
	}
	}
	} elsif (($curraccess eq 'exc') \|\| ($curraccess eq 'inc')) {
	if (grep(/^\Q$user\E$/,@personnel)) {
	if ($curraccess eq 'exc') {
	push(@possroles,$role);
	}
	} elsif ($curraccess eq 'inc') {
	push(@possroles,$role);
	}
	}
	}
	}
	}
	}
	}
	}
	}
	unless (ref($description) eq 'HASH') {
	if (ref($roles_by_num) eq 'ARRAY') {
	my %desc;
	map { $desc{$_} = $_; } (@{$roles_by_num});
	$description = \%desc;
	} else {
	$description = {};
	}
	}
	return (\@possroles,$description);
	}

# ----------------------------------------------------- Frontpage Announcements	# ----------------------------------------------------- Frontpage Announcements
#	#
#	#
Line 4100 sub courseiddump {	Line 4884 sub courseiddump {
my ($domfilter,$descfilter,$sincefilter,$instcodefilter,$ownerfilter,	my ($domfilter,$descfilter,$sincefilter,$instcodefilter,$ownerfilter,
$coursefilter,$hostidflag,$hostidref,$typefilter,$regexp_ok,	$coursefilter,$hostidflag,$hostidref,$typefilter,$regexp_ok,
$selfenrollonly,$catfilter,$showhidden,$caller,$cloner,$cc_clone,	$selfenrollonly,$catfilter,$showhidden,$caller,$cloner,$cc_clone,
$cloneonly,$createdbefore,$createdafter,$creationcontext,$domcloner)=@_;	$cloneonly,$createdbefore,$createdafter,$creationcontext,$domcloner,
	$hasuniquecode,$reqcrsdom,$reqinstcode)=@_;
my $as_hash = 1;	my $as_hash = 1;
my %returnhash;	my %returnhash;
if (!$domfilter) { $domfilter=''; }	if (!$domfilter) { $domfilter=''; }
Line 4123 sub courseiddump {	Line 4908 sub courseiddump {
&escape($catfilter), $showhidden, $caller,	&escape($catfilter), $showhidden, $caller,
&escape($cloner), &escape($cc_clone), $cloneonly,	&escape($cloner), &escape($cc_clone), $cloneonly,
&escape($createdbefore), &escape($createdafter),	&escape($createdbefore), &escape($createdafter),
&escape($creationcontext), $domcloner)));	&escape($creationcontext),$domcloner,$hasuniquecode,
	$reqcrsdom,&escape($reqinstcode))));
} else {	} else {
$rep = &reply('courseiddump:'.&host_domain($tryserver).':'.	$rep = &reply('courseiddump:'.&host_domain($tryserver).':'.
$sincefilter.':'.&escape($descfilter).':'.	$sincefilter.':'.&escape($descfilter).':'.
Line 4134 sub courseiddump {	Line 4920 sub courseiddump {
$showhidden.':'.$caller.':'.&escape($cloner).':'.	$showhidden.':'.$caller.':'.&escape($cloner).':'.
&escape($cc_clone).':'.$cloneonly.':'.	&escape($cc_clone).':'.$cloneonly.':'.
&escape($createdbefore).':'.&escape($createdafter).':'.	&escape($createdbefore).':'.&escape($createdafter).':'.
&escape($creationcontext).':'.$domcloner,	&escape($creationcontext).':'.$domcloner.':'.$hasuniquecode.
$tryserver);	':'.$reqcrsdom.':'.&escape($reqinstcode),$tryserver);
}	}

my @pairs=split(/\&/,$rep);	my @pairs=split(/\&/,$rep);
Line 4243 sub get_domain_roles {	Line 5029 sub get_domain_roles {
}	}
my $rolelist;	my $rolelist;
if (ref($roles) eq 'ARRAY') {	if (ref($roles) eq 'ARRAY') {
$rolelist = join(':',@{$roles});	$rolelist = join('&',@{$roles});
}	}
my %personnel = ();	my %personnel = ();

Line 4263 sub get_domain_roles {	Line 5049 sub get_domain_roles {
return %personnel;	return %personnel;
}	}

	sub get_active_domroles {
	my ($dom,$roles) = @_;
	return () unless (ref($roles) eq 'ARRAY');
	my $now = time;
	my %dompersonnel = &get_domain_roles($dom,$roles,$now,$now);
	my %domroles;
	foreach my $server (keys(%dompersonnel)) {
	foreach my $user (sort(keys(%{$dompersonnel{$server}}))) {
	my ($trole,$uname,$udom,$runame,$rudom,$rsec) = split(/:/,$user);
	$domroles{$uname.':'.$udom} = $dompersonnel{$server}{$user};
	}
	}
	return %domroles;
	}

# ----------------------------------------------------------- Interval timing	# ----------------------------------------------------------- Interval timing

{	{
Line 4274 my $cachedkey='';	Line 5075 my $cachedkey='';
# The cached times for this user	# The cached times for this user
my %cachedtimes=();	my %cachedtimes=();
# When this was last done	# When this was last done
my $cachedtime=();	my $cachedtime='';

sub load_all_first_access {	sub load_all_first_access {
my ($uname,$udom)=@_;	my ($uname,$udom,$ignorecache)=@_;
if (($cachedkey eq $uname.':'.$udom) &&	if (($cachedkey eq $uname.':'.$udom) &&
(abs($cachedtime-time)<5) && (!$env{'form.markaccess'})) {	(abs($cachedtime-time)<5) && (!$env{'form.markaccess'}) &&
	(!$ignorecache)) {
return;	return;
}	}
$cachedtime=time;	$cachedtime=time;
Line 4288 sub load_all_first_access {	Line 5090 sub load_all_first_access {
}	}

sub get_first_access {	sub get_first_access {
my ($type,$argsymb,$argmap)=@_;	my ($type,$argsymb,$argmap,$ignorecache)=@_;
my ($symb,$courseid,$udom,$uname)=&whichuser();	my ($symb,$courseid,$udom,$uname)=&whichuser();
if ($argsymb) { $symb=$argsymb; }	if ($argsymb) { $symb=$argsymb; }
my ($map,$id,$res)=&decode_symb($symb);	my ($map,$id,$res)=&decode_symb($symb);
Line 4300 sub get_first_access {	Line 5102 sub get_first_access {
} else {	} else {
$res=$symb;	$res=$symb;
}	}
&load_all_first_access($uname,$udom);	&load_all_first_access($uname,$udom,$ignorecache);
return $cachedtimes{"$courseid\0$res"};	return $cachedtimes{"$courseid\0$res"};
}	}

Line 4336 sub set_first_access {	Line 5138 sub set_first_access {
return 'already_set';	return 'already_set';
}	}
}	}

# --------------------------------------------- Set Expire Date for Spreadsheet	# --------------------------------------------- Set Expire Date for Spreadsheet

sub expirespread {	sub expirespread {
Line 4706 sub tmprestore {	Line 5509 sub tmprestore {
# ----------------------------------------------------------------------- Store	# ----------------------------------------------------------------------- Store

sub store {	sub store {
my ($storehash,$symb,$namespace,$domain,$stuname) = @_;	my ($storehash,$symb,$namespace,$domain,$stuname,$laststore) = @_;
my $home='';	my $home='';

if ($stuname) { $home=&homeserver($stuname,$domain); }	if ($stuname) { $home=&homeserver($stuname,$domain); }
Line 4736 sub store {	Line 5539 sub store {
}	}
$namevalue=~s/\&$//;	$namevalue=~s/\&$//;
&courselog($symb.':'.$stuname.':'.$domain.':STORE:'.$namevalue);	&courselog($symb.':'.$stuname.':'.$domain.':STORE:'.$namevalue);
return reply("store:$domain:$stuname:$namespace:$symb:$namevalue","$home");	return reply("store:$domain:$stuname:$namespace:$symb:$namevalue:$laststore","$home");
}	}

# -------------------------------------------------------------- Critical Store	# -------------------------------------------------------------- Critical Store

sub cstore {	sub cstore {
my ($storehash,$symb,$namespace,$domain,$stuname) = @_;	my ($storehash,$symb,$namespace,$domain,$stuname,$laststore) = @_;
my $home='';	my $home='';

if ($stuname) { $home=&homeserver($stuname,$domain); }	if ($stuname) { $home=&homeserver($stuname,$domain); }
Line 4773 sub cstore {	Line 5576 sub cstore {
$namevalue=~s/\&$//;	$namevalue=~s/\&$//;
&courselog($symb.':'.$stuname.':'.$domain.':CSTORE:'.$namevalue);	&courselog($symb.':'.$stuname.':'.$domain.':CSTORE:'.$namevalue);
return critical	return critical
("store:$domain:$stuname:$namespace:$symb:$namevalue","$home");	("store:$domain:$stuname:$namespace:$symb:$namevalue:$laststore","$home");
}	}

# --------------------------------------------------------------------- Restore	# --------------------------------------------------------------------- Restore
Line 4785 sub restore {	Line 5588 sub restore {
if ($stuname) { $home=&homeserver($stuname,$domain); }	if ($stuname) { $home=&homeserver($stuname,$domain); }

if (!$symb) {	if (!$symb) {
unless ($symb=escape(&symbread())) { return ''; }	return if ($namespace eq 'courserequests');
	unless ($symb=escape(&symbread())) { return ''; }
} else {	} else {
$symb=&escape(&symbclean($symb));	unless ($namespace eq 'courserequests') {
	$symb=&escape(&symbclean($symb));
	}
}	}
if (!$namespace) {	if (!$namespace) {
unless ($namespace=$env{'request.course.id'}) {	unless ($namespace=$env{'request.course.id'}) {
Line 4922 sub update_released_required {	Line 5728 sub update_released_required {
# -------------------------------------------------See if a user is privileged	# -------------------------------------------------See if a user is privileged

sub privileged {	sub privileged {
my ($username,$domain)=@_;	my ($username,$domain,$possdomains,$possroles)=@_;

my %rolesdump = &dump("roles", $domain, $username) or return 0;
my $now = time;	my $now = time;
	my $roles;
	if (ref($possroles) eq 'ARRAY') {
	$roles = $possroles;
	} else {
	$roles = ['dc','su'];
	}
	if (ref($possdomains) eq 'ARRAY') {
	my %privileged = &privileged_by_domain($possdomains,$roles);
	foreach my $dom (@{$possdomains}) {
	if (($username =~ /^$match_username$/) && ($domain =~ /^$match_domain$/) &&
	(ref($privileged{$dom}) eq 'HASH')) {
	foreach my $role (@{$roles}) {
	if (ref($privileged{$dom}{$role}) eq 'HASH') {
	if (exists($privileged{$dom}{$role}{$username.':'.$domain})) {
	my ($end,$start) = split(/:/,$privileged{$dom}{$role}{$username.':'.$domain});
	return 1 unless (($end && $end < $now) \|\|
	($start && $start > $now));
	}
	}
	}
	}
	}
	} else {
	my %rolesdump = &dump("roles", $domain, $username) or return 0;
	my $now = time;

for my $role (@rolesdump{grep { ! /^rolesdef_/ } keys %rolesdump}) {	for my $role (@rolesdump{grep { ! /^rolesdef_/ } keys(%rolesdump)}) {
my ($trole, $tend, $tstart) = split(/_/, $role);	my ($trole, $tend, $tstart) = split(/_/, $role);
if (($trole eq 'dc') \|\| ($trole eq 'su')) {	if (grep(/^\Q$trole\E$/,@{$roles})) {
return 1 unless ($tend && $tend < $now)	return 1 unless ($tend && $tend < $now)
or ($tstart && $tstart > $now);	or ($tstart && $tstart > $now);
}	}
}	}
	}
return 0;	return 0;
}	}

	sub privileged_by_domain {
	my ($domains,$roles) = @_;
	my %privileged = ();
	my $cachetime = 606024;
	my $now = time;
	unless ((ref($domains) eq 'ARRAY') && (ref($roles) eq 'ARRAY')) {
	return %privileged;
	}
	foreach my $dom (@{$domains}) {
	next if (ref($privileged{$dom}) eq 'HASH');
	my $needroles;
	foreach my $role (@{$roles}) {
	my ($result,$cached)=&is_cached_new('priv_'.$role,$dom);
	if (defined($cached)) {
	if (ref($result) eq 'HASH') {
	$privileged{$dom}{$role} = $result;
	}
	} else {
	$needroles = 1;
	}
	}
	if ($needroles) {
	my %dompersonnel = &get_domain_roles($dom,$roles);
	$privileged{$dom} = {};
	foreach my $server (keys(%dompersonnel)) {
	if (ref($dompersonnel{$server}) eq 'HASH') {
	foreach my $item (keys(%{$dompersonnel{$server}})) {
	my ($trole,$uname,$udom,$rest) = split(/:/,$item,4);
	my ($end,$start) = split(/:/,$dompersonnel{$server}{$item});
	next if ($end && $end < $now);
	$privileged{$dom}{$trole}{$uname.':'.$udom} =
	$dompersonnel{$server}{$item};
	}
	}
	}
	if (ref($privileged{$dom}) eq 'HASH') {
	foreach my $role (@{$roles}) {
	if (ref($privileged{$dom}{$role}) eq 'HASH') {
	&do_cache_new('priv_'.$role,$dom,$privileged{$dom}{$role},$cachetime);
	} else {
	my %hash = ();
	&do_cache_new('priv_'.$role,$dom,\%hash,$cachetime);
	}
	}
	}
	}
	}
	return %privileged;
	}

# -------------------------------------------------------- Get user privileges	# -------------------------------------------------------- Get user privileges

sub rolesinit {	sub rolesinit {
Line 4966 sub rolesinit {	Line 5845 sub rolesinit {
my %allroles=();	my %allroles=();
my %allgroups=();	my %allgroups=();

for my $area (grep { ! /^rolesdef_/ } keys %rolesdump) {	for my $area (grep { ! /^rolesdef_/ } keys(%rolesdump)) {
my $role = $rolesdump{$area};	my $role = $rolesdump{$area};
$area =~ s/\_\w\w$//;	$area =~ s/\_\w\w$//;

Line 5039 sub rolesinit {	Line 5918 sub rolesinit {
}	}
}	}

@userroles{'user.author', 'user.adv'} = &set_userprivs(\%userroles,	@userroles{'user.author','user.adv','user.rar'} = &set_userprivs(\%userroles,
\%allroles, \%allgroups);	\%allroles, \%allgroups);
$env{'user.adv'} = $userroles{'user.adv'};	$env{'user.adv'} = $userroles{'user.adv'};
	$env{'user.rar'} = $userroles{'user.rar'};

return (\%userroles,\%firstaccenv,\%timerintenv);	return (\%userroles,\%firstaccenv,\%timerintenv);
}	}

sub set_arearole {	sub set_arearole {
my ($trole,$area,$tstart,$tend,$domain,$username) = @_;	my ($trole,$area,$tstart,$tend,$domain,$username,$nolog) = @_;
	unless ($nolog) {
# log the associated role with the area	# log the associated role with the area
&userrolelog($trole,$username,$domain,$area,$tstart,$tend);	&userrolelog($trole,$username,$domain,$area,$tstart,$tend);
	}
return ('user.role.'.$trole.'.'.$area => $tstart.'.'.$tend);	return ('user.role.'.$trole.'.'.$area => $tstart.'.'.$tend);
}	}

sub custom_roleprivs {	sub custom_roleprivs {
my ($allroles,$trole,$tdomain,$trest,$spec,$area) = @_;	my ($allroles,$trole,$tdomain,$trest,$spec,$area) = @_;
my ($rdummy,$rdomain,$rauthor,$rrole)=split(/\//,$trole);	my ($rdummy,$rdomain,$rauthor,$rrole)=split(/\//,$trole);
my $homsvr=homeserver($rauthor,$rdomain);	my $homsvr = &homeserver($rauthor,$rdomain);
if (&hostname($homsvr) ne '') {	if (&hostname($homsvr) ne '') {
my ($rdummy,$roledef)=	my ($rdummy,$roledef)=
&get('roles',["rolesdef_$rrole"],$rdomain,$rauthor);	&get('roles',["rolesdef_$rrole"],$rdomain,$rauthor);
Line 5075 sub custom_roleprivs {	Line 5957 sub custom_roleprivs {
$$allroles{$spec.'./'.$tdomain.'/'}.=':'.$dompriv;	$$allroles{$spec.'./'.$tdomain.'/'}.=':'.$dompriv;
}	}
if (($trest ne '') && (defined($coursepriv))) {	if (($trest ne '') && (defined($coursepriv))) {
	if ($trole =~ m{^cr/$tdomain/$tdomain\Q-domainconfig\E/([^/]+)$}) {
	my $rolename = $1;
	$coursepriv = &course_adhocrole_privs($rolename,$tdomain,$trest,$coursepriv);
	}
$$allroles{'cm.'.$area}.=':'.$coursepriv;	$$allroles{'cm.'.$area}.=':'.$coursepriv;
$$allroles{$spec.'.'.$area}.=':'.$coursepriv;	$$allroles{$spec.'.'.$area}.=':'.$coursepriv;
}	}
Line 5083 sub custom_roleprivs {	Line 5969 sub custom_roleprivs {
}	}
}	}

	sub course_adhocrole_privs {
	my ($rolename,$cdom,$cnum,$coursepriv) = @_;
	my %overrides = &get('environment',["internal.adhocpriv.$rolename"],$cdom,$cnum);
	if ($overrides{"internal.adhocpriv.$rolename"}) {
	my (%currprivs,%storeprivs);
	foreach my $item (split(/:/,$coursepriv)) {
	my ($priv,$restrict) = split(/\&/,$item);
	$currprivs{$priv} = $restrict;
	}
	my (%possadd,%possremove,%full);
	foreach my $item (split(/\:/,$Apache::lonnet::pr{'cr:c'})) {
	my ($priv,$restrict)=split(/\&/,$item);
	$full{$priv} = $restrict;
	}
	foreach my $item (split(/,/,$overrides{"internal.adhocpriv.$rolename"})) {
	next if ($item eq '');
	my ($rule,$rest) = split(/=/,$item);
	next unless (($rule eq 'off') \|\| ($rule eq 'on'));
	foreach my $priv (split(/:/,$rest)) {
	if ($priv ne '') {
	if ($rule eq 'off') {
	$possremove{$priv} = 1;
	} else {
	$possadd{$priv} = 1;
	}
	}
	}
	}
	foreach my $priv (sort(keys(%full))) {
	if (exists($currprivs{$priv})) {
	unless (exists($possremove{$priv})) {
	$storeprivs{$priv} = $currprivs{$priv};
	}
	} elsif (exists($possadd{$priv})) {
	$storeprivs{$priv} = $full{$priv};
	}
	}
	$coursepriv = ':'.join(':',map { $_.'&'.$storeprivs{$_}; } sort(keys(%storeprivs)));
	}
	return $coursepriv;
	}

sub group_roleprivs {	sub group_roleprivs {
my ($allgroups,$area,$group_privs,$tend,$tstart) = @_;	my ($allgroups,$area,$group_privs,$tend,$tstart) = @_;
my $access = 1;	my $access = 1;
Line 5117 sub set_userprivs {	Line 6045 sub set_userprivs {
my ($userroles,$allroles,$allgroups,$groups_roles) = @_;	my ($userroles,$allroles,$allgroups,$groups_roles) = @_;
my $author=0;	my $author=0;
my $adv=0;	my $adv=0;
	my $rar=0;
my %grouproles = ();	my %grouproles = ();
if (keys(%{$allgroups}) > 0) {	if (keys(%{$allgroups}) > 0) {
my @groupkeys;	my @groupkeys;
Line 5164 sub set_userprivs {	Line 6093 sub set_userprivs {
$thesepriv{$privilege}.=$restrictions;	$thesepriv{$privilege}.=$restrictions;
}	}
if ($thesepriv{'adv'} eq 'F') { $adv=1; }	if ($thesepriv{'adv'} eq 'F') { $adv=1; }
	if ($thesepriv{'rar'} eq 'F') { $rar=1; }
}	}
}	}
my $thesestr='';	my $thesestr='';
Line 5172 sub set_userprivs {	Line 6102 sub set_userprivs {
}	}
$userroles->{'user.priv.'.$role} = $thesestr;	$userroles->{'user.priv.'.$role} = $thesestr;
}	}
return ($author,$adv);	return ($author,$adv,$rar);
}	}

sub role_status {	sub role_status {
my ($rolekey,$update,$refresh,$now,$role,$where,$trolecode,$tstatus,$tstart,$tend) = @_;	my ($rolekey,$update,$refresh,$now,$role,$where,$trolecode,$tstatus,$tstart,$tend) = @_;
my @pwhere = ();
if (exists($env{$rolekey}) && $env{$rolekey} ne '') {	if (exists($env{$rolekey}) && $env{$rolekey} ne '') {
(undef,undef,$$role,@pwhere)=split(/\./,$rolekey);	my ($one,$two) = split(m{\./},$rolekey,2);
	(undef,undef,$$role) = split(/\./,$one,3);
unless (!defined($$role) \|\| $$role eq '') {	unless (!defined($$role) \|\| $$role eq '') {
$$where=join('.',@pwhere);	$$where = '/'.$two;
$$trolecode=$$role.'.'.$$where;	$$trolecode=$$role.'.'.$$where;
($$tstart,$$tend)=split(/\./,$env{$rolekey});	($$tstart,$$tend)=split(/\./,$env{$rolekey});
$$tstatus='is';	$$tstatus='is';
Line 5217 sub role_status {	Line 6147 sub role_status {
push(@rolecodes,$$role);	push(@rolecodes,$$role);
&standard_roleprivs(\%allroles,$$role,$tdomain,$spec,$trest,$$where);	&standard_roleprivs(\%allroles,$$role,$tdomain,$spec,$trest,$$where);
}	}
my ($author,$adv)= &set_userprivs(\%userroles,\%allroles,\%allgroups,\%groups_roles);	my ($author,$adv,$rar)= &set_userprivs(\%userroles,\%allroles,\%allgroups,
	\%groups_roles);
&appenv(\%userroles,\@rolecodes);	&appenv(\%userroles,\@rolecodes);
&log($env{'user.domain'},$env{'user.name'},$env{'user.home'},"Role ".$role);	&log($env{'user.domain'},$env{'user.name'},$env{'user.home'},"Role ".$spec);
}	}
}	}
$$tstatus = 'is';	$$tstatus = 'is';
Line 5295 sub delete_env_groupprivs {	Line 6226 sub delete_env_groupprivs {
}	}

sub check_adhoc_privs {	sub check_adhoc_privs {
my ($cdom,$cnum,$update,$refresh,$now,$checkrole,$caller) = @_;	my ($cdom,$cnum,$update,$refresh,$now,$checkrole,$caller,$sec) = @_;
my $cckey = 'user.role.'.$checkrole.'./'.$cdom.'/'.$cnum;	my $cckey = 'user.role.'.$checkrole.'./'.$cdom.'/'.$cnum;
	if ($sec) {
	$cckey .= '/'.$sec;
	}
my $setprivs;	my $setprivs;
if ($env{$cckey}) {	if ($env{$cckey}) {
my ($role,$where,$trolecode,$tstart,$tend,$tremark,$tstatus,$tpstart,$tpend);	my ($role,$where,$trolecode,$tstart,$tend,$tremark,$tstatus,$tpstart,$tpend);
&role_status($cckey,$update,$refresh,$now,\$role,\$where,\$trolecode,\$tstatus,\$tstart,\$tend);	&role_status($cckey,$update,$refresh,$now,\$role,\$where,\$trolecode,\$tstatus,\$tstart,\$tend);
unless (($tstatus eq 'is') \|\| ($tstatus eq 'will_not')) {	unless (($tstatus eq 'is') \|\| ($tstatus eq 'will_not')) {
&set_adhoc_privileges($cdom,$cnum,$checkrole,$caller);	&set_adhoc_privileges($cdom,$cnum,$checkrole,$caller,$sec);
$setprivs = 1;	$setprivs = 1;
}	}
} else {	} else {
&set_adhoc_privileges($cdom,$cnum,$checkrole,$caller);	&set_adhoc_privileges($cdom,$cnum,$checkrole,$caller,$sec);
$setprivs = 1;	$setprivs = 1;
}	}
return $setprivs;	return $setprivs;
}	}

sub set_adhoc_privileges {	sub set_adhoc_privileges {
# role can be cc or ca	# role can be cc, ca, or cr/<dom>/<dom>-domainconfig/role
my ($dcdom,$pickedcourse,$role,$caller) = @_;	my ($dcdom,$pickedcourse,$role,$caller,$sec) = @_;
my $area = '/'.$dcdom.'/'.$pickedcourse;	my $area = '/'.$dcdom.'/'.$pickedcourse;
	if ($sec ne '') {
	$area .= '/'.$sec;
	}
my $spec = $role.'.'.$area;	my $spec = $role.'.'.$area;
my %userroles = &set_arearole($role,$area,'','',$env{'user.domain'},	my %userroles = &set_arearole($role,$area,'','',$env{'user.domain'},
$env{'user.name'});	$env{'user.name'},1);
my %ccrole = ();	my %rolehash = ();
&standard_roleprivs(\%ccrole,$role,$dcdom,$spec,$pickedcourse,$area);	if ($role =~ m{^\Qcr/$dcdom/$dcdom\E\-domainconfig/(\w+)$}) {
my ($author,$adv)= &set_userprivs(\%userroles,\%ccrole);	my $rolename = $1;
	&custom_roleprivs(\%rolehash,$role,$dcdom,$pickedcourse,$spec,$area);
	my %domdef = &get_domain_defaults($dcdom);
	if (ref($domdef{'adhocroles'}) eq 'HASH') {
	if (ref($domdef{'adhocroles'}{$rolename}) eq 'HASH') {
	&appenv({'request.role.desc' => $domdef{'adhocroles'}{$rolename}{'desc'},});
	}
	}
	} else {
	&standard_roleprivs(\%rolehash,$role,$dcdom,$spec,$pickedcourse,$area);
	}
	my ($author,$adv,$rar)= &set_userprivs(\%userroles,\%rolehash);
&appenv(\%userroles,[$role,'cm']);	&appenv(\%userroles,[$role,'cm']);
&log($env{'user.domain'},$env{'user.name'},$env{'user.home'},"Role ".$role);	&log($env{'user.domain'},$env{'user.name'},$env{'user.home'},"Role ".$spec);
unless ($caller eq 'constructaccess' && $env{'request.course.id'}) {	unless ($caller eq 'constructaccess' && $env{'request.course.id'}) {
&appenv( {'request.role' => $spec,	&appenv( {'request.role' => $spec,
'request.role.domain' => $dcdom,	'request.role.domain' => $dcdom,
'request.course.sec' => ''	'request.course.sec' => $sec,
}	}
);	);
my $tadv=0;	my $tadv=0;
Line 5387 sub unserialize {	Line 6335 sub unserialize {
return {} if $rep =~ /^error/;	return {} if $rep =~ /^error/;

my %returnhash=();	my %returnhash=();
foreach my $item (split /\&/, $rep) {	foreach my $item (split(/\&/,$rep)) {
my ($key, $value) = split(/=/, $item, 2);	my ($key, $value) = split(/=/, $item, 2);
$key = unescape($key) unless $escapedkeys;	$key = unescape($key) unless $escapedkeys;
next if $key =~ /^error: 2 /;	next if $key =~ /^error: 2 /;
$returnhash{$key} = Apache::lonnet::thaw_unescape($value);	$returnhash{$key} = &thaw_unescape($value);
}	}
#return %returnhash;	#return %returnhash;
return \%returnhash;	return \%returnhash;
Line 5405 sub dump {	Line 6353 sub dump {
if (!$uname) { $uname=$env{'user.name'}; }	if (!$uname) { $uname=$env{'user.name'}; }
my $uhome=&homeserver($uname,$udomain);	my $uhome=&homeserver($uname,$udomain);

my $reply;	if ($regexp) {
	$regexp=&escape($regexp);
	} else {
	$regexp='.';
	}
if (grep { $_ eq $uhome } current_machine_ids()) {	if (grep { $_ eq $uhome } current_machine_ids()) {
# user is hosted on this machine	# user is hosted on this machine
$reply = LONCAPA::Lond::dump_with_regexp(join(":", ($udomain,	my $reply = LONCAPA::Lond::dump_with_regexp(join(":", ($udomain,
$uname, $namespace, $regexp, $range)), $loncaparevs{$uhome});	$uname, $namespace, $regexp, $range)), $perlvar{'lonVersion'});
return %{unserialize($reply, $escapedkeys)};	return %{unserialize($reply, $escapedkeys)};
}	}
if ($regexp) {
$regexp=&escape($regexp);
} else {
$regexp='.';
}
my $rep=&reply("dump:$udomain:$uname:$namespace:$regexp:$range",$uhome);	my $rep=&reply("dump:$udomain:$uname:$namespace:$regexp:$range",$uhome);
my @pairs=split(/\&/,$rep);	my @pairs=split(/\&/,$rep);
my %returnhash=();	my %returnhash=();
Line 5478 sub currentdump {	Line 6425 sub currentdump {
#	#
my %returnhash=();	my %returnhash=();
#	#
if ($rep eq "unknown_cmd") {	if ($rep eq 'unknown_cmd') {
# an old lond will not know currentdump	# an old lond will not know currentdump
# Do a dump and make it look like a currentdump	# Do a dump and make it look like a currentdump
my @tmp = &dumpstore($courseid,$sdom,$sname,'.');	my @tmp = &dumpstore($courseid,$sdom,$sname,'.');
Line 5594 sub newput {	Line 6541 sub newput {
# --------------------------------------------------------- putstore interface	# --------------------------------------------------------- putstore interface

sub putstore {	sub putstore {
my ($namespace,$symb,$version,$storehash,$udomain,$uname)=@_;	my ($namespace,$symb,$version,$storehash,$udomain,$uname,$tolog)=@_;
if (!$udomain) { $udomain=$env{'user.domain'}; }	if (!$udomain) { $udomain=$env{'user.domain'}; }
if (!$uname) { $uname=$env{'user.name'}; }	if (!$uname) { $uname=$env{'user.name'}; }
my $uhome=&homeserver($uname,$udomain);	my $uhome=&homeserver($uname,$udomain);
Line 5608 sub putstore {	Line 6555 sub putstore {
my $reply =	my $reply =
&reply("putstore:$udomain:$uname:$namespace:$esc_symb:$esc_v:$items",	&reply("putstore:$udomain:$uname:$namespace:$esc_symb:$esc_v:$items",
$uhome);	$uhome);
	if (($tolog) && ($reply eq 'ok')) {
	my $namevalue='';
	foreach my $key (keys(%{$storehash})) {
	$namevalue.=&escape($key).'='.&freeze_escape($storehash->{$key}).'&';
	}
	$namevalue .= 'ip='.&escape($ENV{'REMOTE_ADDR'}).
	'&host='.&escape($perlvar{'lonHostID'}).
	'&version='.$esc_v.
	'&by='.&escape($env{'user.name'}.':'.$env{'user.domain'});
	&Apache::lonnet::courselog($symb.':'.$uname.':'.$udomain.':PUTSTORE:'.$namevalue);
	}
if ($reply eq 'unknown_cmd') {	if ($reply eq 'unknown_cmd') {
# gfall back to way things use to be done	# gfall back to way things use to be done
return &old_putstore($namespace,$symb,$version,$storehash,$udomain,	return &old_putstore($namespace,$symb,$version,$storehash,$udomain,
Line 5701 sub tmpget {	Line 6659 sub tmpget {
if (!defined($server)) { $server = $perlvar{'lonHostID'}; }	if (!defined($server)) { $server = $perlvar{'lonHostID'}; }
my $rep=&reply("tmpget:$token",$server);	my $rep=&reply("tmpget:$token",$server);
my %returnhash;	my %returnhash;
	if ($rep =~ /^(con_lost\|error\|no_such_host)/i) {
	return %returnhash;
	}
foreach my $item (split(/\&/,$rep)) {	foreach my $item (split(/\&/,$rep)) {
my ($key,$value)=split(/=/,$item);	my ($key,$value)=split(/=/,$item);
next if ($key =~ /^error: 2 /);
$returnhash{&unescape($key)}=&thaw_unescape($value);	$returnhash{&unescape($key)}=&thaw_unescape($value);
}	}
return %returnhash;	return %returnhash;
Line 5766 sub get_timebased_id {	Line 6726 sub get_timebased_id {
my %inuse = &Apache::lonnet::dump('nohist_'.$namespace,$cdom,$cnum,$prefix);	my %inuse = &Apache::lonnet::dump('nohist_'.$namespace,$cdom,$cnum,$prefix);
my $id = time;	my $id = time;
$newid = $id;	$newid = $id;
	if ($idtype eq 'addcode') {
	$newid .= &sixnum_code();
	}
my $idtries = 0;	my $idtries = 0;
while (exists($inuse{$prefix."\0".$newid}) && $idtries < $maxtries) {	while (exists($inuse{$prefix."\0".$newid}) && $idtries < $maxtries) {
if ($idtype eq 'concat') {	if ($idtype eq 'concat') {
$newid = $id.$idtries;	$newid = $id.$idtries;
	} elsif ($idtype eq 'addcode') {
	$newid = $newid.&sixnum_code();
} else {	} else {
$newid ++;	$newid ++;
}	}
Line 5786 sub get_timebased_id {	Line 6751 sub get_timebased_id {
$error = 'error saving new item: '.$putresult;	$error = 'error saving new item: '.$putresult;
}	}
} else {	} else {
	undef($newid);
$error = ('error: no unique suffix available for the new item ');	$error = ('error: no unique suffix available for the new item ');
}	}
# remove lock	# remove lock
Line 5794 sub get_timebased_id {	Line 6760 sub get_timebased_id {
} else {	} else {
$error = "error: could not obtain lockfile\n";	$error = "error: could not obtain lockfile\n";
$dellock = 'ok';	$dellock = 'ok';
	if (($prefix eq 'paste') && ($namespace eq 'courseeditor') && ($keyid eq 'num')) {
	$dellock = 'nolock';
	}
}	}
return ($newid,$dellock,$error);	return ($newid,$dellock,$error);
}	}

	sub sixnum_code {
	my $code;
	for (0..6) {
	$code .= int( rand(9) );
	}
	return $code;
	}

# -------------------------------------------------- portfolio access checking	# -------------------------------------------------- portfolio access checking

sub portfolio_access {	sub portfolio_access {
my ($requrl) = @_;	my ($requrl,$clientip) = @_;
my (undef,$udom,$unum,$file_name,$group) = &parse_portfolio_url($requrl);	my (undef,$udom,$unum,$file_name,$group) = &parse_portfolio_url($requrl);
my $result = &get_portfolio_access($udom,$unum,$file_name,$group);	my $result = &get_portfolio_access($udom,$unum,$file_name,$group,$clientip);
if ($result) {	if ($result) {
my %setters;	my %setters;
if ($env{'user.name'} eq 'public' && $env{'user.domain'} eq 'public') {	if ($env{'user.name'} eq 'public' && $env{'user.domain'} eq 'public') {
Line 5829 sub portfolio_access {	Line 6806 sub portfolio_access {
}	}

sub get_portfolio_access {	sub get_portfolio_access {
my ($udom,$unum,$file_name,$group,$access_hash) = @_;	my ($udom,$unum,$file_name,$group,$clientip,$access_hash) = @_;

if (!ref($access_hash)) {	if (!ref($access_hash)) {
my $current_perms = &get_portfile_permissions($udom,$unum);	my $current_perms = &get_portfile_permissions($udom,$unum);
Line 5838 sub get_portfolio_access {	Line 6815 sub get_portfolio_access {
$access_hash = $access_controls{$file_name};	$access_hash = $access_controls{$file_name};
}	}

my ($public,$guest,@domains,@users,@courses,@groups);	my ($public,$guest,@domains,@users,@courses,@groups,@ips);
my $now = time;	my $now = time;
if (ref($access_hash) eq 'HASH') {	if (ref($access_hash) eq 'HASH') {
foreach my $key (keys(%{$access_hash})) {	foreach my $key (keys(%{$access_hash})) {
Line 5862 sub get_portfolio_access {	Line 6839 sub get_portfolio_access {
push(@courses,$key);	push(@courses,$key);
} elsif ($scope eq 'group') {	} elsif ($scope eq 'group') {
push(@groups,$key);	push(@groups,$key);
	} elsif ($scope eq 'ip') {
	push(@ips,$key);
}	}
}	}
if ($public) {	if ($public) {
return 'ok';	return 'ok';
	} elsif (@ips > 0) {
	my $allowed;
	foreach my $ipkey (@ips) {
	if (ref($access_hash->{$ipkey}{'ip'}) eq 'ARRAY') {
	if (&Apache::loncommon::check_ip_acc(join(',',@{$access_hash->{$ipkey}{'ip'}}),$clientip)) {
	$allowed = 1;
	last;
	}
	}
	}
	if ($allowed) {
	return 'ok';
	}
}	}
if ($env{'user.name'} eq 'public' && $env{'user.domain'} eq 'public') {	if ($env{'user.name'} eq 'public' && $env{'user.domain'} eq 'public') {
if ($guest) {	if ($guest) {
Line 6052 sub usertools_access {	Line 7044 sub usertools_access {
official => 1,	official => 1,
unofficial => 1,	unofficial => 1,
community => 1,	community => 1,
	textbook => 1,
	placement => 1,
);	);
} elsif ($context eq 'requestauthor') {	} elsif ($context eq 'requestauthor') {
%tools = (	%tools = (
Line 6067 sub usertools_access {	Line 7061 sub usertools_access {
}	}
return if (!defined($tools{$tool}));	return if (!defined($tools{$tool}));

if ((!defined($udom)) \|\| (!defined($uname))) {	if (($udom eq '') \|\| ($uname eq '')) {
$udom = $env{'user.domain'};	$udom = $env{'user.domain'};
$uname = $env{'user.name'};	$uname = $env{'user.name'};
}	}
Line 6348 sub customaccess {	Line 7342 sub customaccess {
# ------------------------------------------------- Check for a user privilege	# ------------------------------------------------- Check for a user privilege

sub allowed {	sub allowed {
my ($priv,$uri,$symb,$role)=@_;	my ($priv,$uri,$symb,$role,$clientip,$noblockcheck)=@_;
my $ver_orguri=$uri;	my $ver_orguri=$uri;
$uri=&deversion($uri);	$uri=&deversion($uri);
my $orguri=$uri;	my $orguri=$uri;
Line 6365 sub allowed {	Line 7359 sub allowed {

if (defined($env{'allowed.'.$priv})) { return $env{'allowed.'.$priv}; }	if (defined($env{'allowed.'.$priv})) { return $env{'allowed.'.$priv}; }
# Free bre access to adm and meta resources	# Free bre access to adm and meta resources
if (((($uri=~/^adm\//) && ($uri !~ m{/(?:smppg\|bulletinboard)$}))	if (((($uri=~/^adm\//) && ($uri !~ m{/(?:smppg\|bulletinboard\|ext\.tool)$}))
\|\| (($uri=~/\.meta$/) && ($uri!~m\|^uploaded/\|) ))	\|\| (($uri=~/\.meta$/) && ($uri!~m\|^uploaded/\|) ))
&& ($priv eq 'bre')) {	&& ($priv eq 'bre')) {
return 'F';	return 'F';
Line 6543 sub allowed {	Line 7537 sub allowed {
if ($match) {	if ($match) {
if ($env{'user.priv.'.$env{'request.role'}.'./'}	if ($env{'user.priv.'.$env{'request.role'}.'./'}
=~/\Q$priv\E\&([^\:]*)/) {	=~/\Q$priv\E\&([^\:]*)/) {
my @blockers = &has_comm_blocking($priv,$symb,$uri);	my $value = $1;
if (@blockers > 0) {	if ($noblockcheck) {
$thisallowed = 'B';	$thisallowed.=$value;
} else {	} else {
$thisallowed.=$1;	my @blockers = &has_comm_blocking($priv,$symb,$uri);
	if (@blockers > 0) {
	$thisallowed = 'B';
	} else {
	$thisallowed.=$value;
	}
}	}
}	}
} else {	} else {
Line 6559 sub allowed {	Line 7558 sub allowed {
$refuri=&declutter($refuri);	$refuri=&declutter($refuri);
my ($match) = &is_on_map($refuri);	my ($match) = &is_on_map($refuri);
if ($match) {	if ($match) {
my @blockers = &has_comm_blocking($priv,$symb,$refuri);	if ($noblockcheck) {
if (@blockers > 0) {
$thisallowed = 'B';
} else {
$thisallowed='F';	$thisallowed='F';
	} else {
	my @blockers = &has_comm_blocking($priv,$symb,$refuri);
	if (@blockers > 0) {
	$thisallowed = 'B';
	} else {
	$thisallowed='F';
	}
}	}
}	}
}	}
Line 6575 sub allowed {	Line 7578 sub allowed {
&& $thisallowed ne 'F'	&& $thisallowed ne 'F'
&& $thisallowed ne '2'	&& $thisallowed ne '2'
&& &is_portfolio_url($uri)) {	&& &is_portfolio_url($uri)) {
$thisallowed = &portfolio_access($uri);	$thisallowed = &portfolio_access($uri,$clientip);
}	}

# Full access at system, domain or course-wide level? Exit.	# Full access at system, domain or course-wide level? Exit.
if ($thisallowed=~/F/) {	if ($thisallowed=~/F/) {
return 'F';	return 'F';
Line 6618 sub allowed {	Line 7621 sub allowed {
=~/\Q$priv\E\&([^\:]*)/) {	=~/\Q$priv\E\&([^\:]*)/) {
my $value = $1;	my $value = $1;
if ($priv eq 'bre') {	if ($priv eq 'bre') {
my @blockers = &has_comm_blocking($priv,$symb,$uri);	if ($noblockcheck) {
if (@blockers > 0) {
$thisallowed = 'B';
} else {
$thisallowed.=$value;	$thisallowed.=$value;
	} else {
	my @blockers = &has_comm_blocking($priv,$symb,$uri);
	if (@blockers > 0) {
	$thisallowed = 'B';
	} else {
	$thisallowed.=$value;
	}
}	}
} else {	} else {
$thisallowed.=$value;	$thisallowed.=$value;
Line 6656 sub allowed {	Line 7663 sub allowed {
=~/\Q$priv\E\&([^\:]*)/) {	=~/\Q$priv\E\&([^\:]*)/) {
my $value = $1;	my $value = $1;
if ($priv eq 'bre') {	if ($priv eq 'bre') {
my @blockers = &has_comm_blocking($priv,$symb,$refuri);	if ($noblockcheck) {
if (@blockers > 0) {
$thisallowed = 'B';
} else {
$thisallowed.=$value;	$thisallowed.=$value;
	} else {
	my @blockers = &has_comm_blocking($priv,$symb,$refuri);
	if (@blockers > 0) {
	$thisallowed = 'B';
	} else {
	$thisallowed.=$value;
	}
}	}
} else {	} else {
$thisallowed.=$value;	$thisallowed.=$value;
Line 6768 sub allowed {	Line 7779 sub allowed {
my $unamedom=$env{'user.name'}.':'.$env{'user.domain'};	my $unamedom=$env{'user.name'}.':'.$env{'user.domain'};
if ($env{'course.'.$env{'request.course.id'}.'.'.$priv.'.roles.denied'}	if ($env{'course.'.$env{'request.course.id'}.'.'.$priv.'.roles.denied'}
=~/\Q$rolecode\E/) {	=~/\Q$rolecode\E/) {
if (($priv ne 'pch') && ($priv ne 'plc')) {	if (($priv ne 'pch') && ($priv ne 'plc') && ($priv ne 'pac')) {
&logthis($env{'user.domain'}.':'.$env{'user.name'}.':'.$env{'user.home'}.':'.	&logthis($env{'user.domain'}.':'.$env{'user.name'}.':'.$env{'user.home'}.':'.
'Denied by role: '.$priv.' for '.$uri.' as '.$rolecode.' in '.	'Denied by role: '.$priv.' for '.$uri.' as '.$rolecode.' in '.
$env{'request.course.id'});	$env{'request.course.id'});
Line 6778 sub allowed {	Line 7789 sub allowed {

if ($env{'course.'.$env{'request.course.id'}.'.'.$priv.'.users.denied'}	if ($env{'course.'.$env{'request.course.id'}.'.'.$priv.'.users.denied'}
=~/\Q$unamedom\E/) {	=~/\Q$unamedom\E/) {
if (($priv ne 'pch') && ($priv ne 'plc')) {	if (($priv ne 'pch') && ($priv ne 'plc') && ($priv ne 'pac')) {
&logthis($env{'user.domain'}.':'.$env{'user.name'}.':'.$env{'user.home'}.	&logthis($env{'user.domain'}.':'.$env{'user.name'}.':'.$env{'user.home'}.
'Denied by user: '.$priv.' for '.$uri.' as '.$unamedom.' in '.	'Denied by user: '.$priv.' for '.$uri.' as '.$unamedom.' in '.
$env{'request.course.id'});	$env{'request.course.id'});
Line 6836 sub constructaccess {	Line 7847 sub constructaccess {
my ($ownername,$ownerdomain,$ownerhome);	my ($ownername,$ownerdomain,$ownerhome);

($ownerdomain,$ownername) =	($ownerdomain,$ownername) =
($url=~ m{^(?:\Q$perlvar{'lonDocRoot'}\E\|)/priv/($match_domain)/($match_username)/});	($url=~ m{^(?:\Q$perlvar{'lonDocRoot'}\E\|)(?:/daxepage\|/daxeopen)?/priv/($match_domain)/($match_username)(?:/\|$)});

# The URL does not really point to any authorspace, forget it	# The URL does not really point to any authorspace, forget it
unless (($ownername) && ($ownerdomain)) { return ''; }	unless (($ownername) && ($ownerdomain)) { return ''; }
Line 6857 sub constructaccess {	Line 7868 sub constructaccess {
$ownerhome = &homeserver($ownername,$ownerdomain);	$ownerhome = &homeserver($ownername,$ownerdomain);
return ($ownername,$ownerdomain,$ownerhome);	return ($ownername,$ownerdomain,$ownerhome);
}	}
	if ($env{'request.course.id'}) {
	if (($ownername eq $env{'course.'.$env{'request.course.id'}.'.num'}) &&
	($ownerdomain eq $env{'course.'.$env{'request.course.id'}.'.domain'})) {
	if (&allowed('mdc',$env{'request.course.id'})) {
	$ownerhome = $env{'course.'.$env{'request.course.id'}.'.home'};
	return ($ownername,$ownerdomain,$ownerhome);
	}
	}
	}
}	}

# We don't have any access right now. If we are not possibly going to do anything about this,	# We don't have any access right now. If we are not possibly going to do anything about this,
Line 6877 sub constructaccess {	Line 7897 sub constructaccess {
if (($allowed eq 'F') \|\| ($allowed eq 'U')) {	if (($allowed eq 'F') \|\| ($allowed eq 'U')) {
# Grant temporary access	# Grant temporary access
my $then=$env{'user.login.time'};	my $then=$env{'user.login.time'};
my $update==$env{'user.update.time'};	my $update=$env{'user.update.time'};
if (!$update) { $update = $then; }	if (!$update) { $update = $then; }
my $refresh=$env{'user.refresh.time'};	my $refresh=$env{'user.refresh.time'};
if (!$refresh) { $refresh = $update; }	if (!$refresh) { $refresh = $update; }
Line 6891 sub constructaccess {	Line 7911 sub constructaccess {
return '';	return '';
}	}

	# ----------------------------------------------------------- Content Blocking

	{
	# Caches for faster Course Contents display where content blocking
	# is in operation (i.e., interval param set) for timed quiz.
	#
	# User for whom data are being temporarily cached.
	my $cacheduser='';
	# Cached blockers for this user (a hash of blocking items).
	my %cachedblockers=();
	# When the data were last cached.
	my $cachedlast='';

	sub load_all_blockers {
	my ($uname,$udom,$blocks)=@_;
	if (($uname ne '') && ($udom ne '')) {
	if (($cacheduser eq $uname.':'.$udom) &&
	(abs($cachedlast-time)<5)) {
	return;
	}
	}
	$cachedlast=time;
	$cacheduser=$uname.':'.$udom;
	%cachedblockers = &get_commblock_resources($blocks);
	}

sub get_comm_blocks {	sub get_comm_blocks {
my ($cdom,$cnum) = @_;	my ($cdom,$cnum) = @_;
if ($cdom eq '' \|\| $cnum eq '') {	if ($cdom eq '' \|\| $cnum eq '') {
Line 6911 sub get_comm_blocks {	Line 7957 sub get_comm_blocks {
return %commblocks;	return %commblocks;
}	}

sub has_comm_blocking {	sub get_commblock_resources {
my ($priv,$symb,$uri,$blocks) = @_;	my ($blocks) = @_;
return unless ($env{'request.course.id'});	my %blockers = ();
return unless ($priv eq 'bre');	return %blockers unless ($env{'request.course.id'});
return if ($env{'user.priv.'.$env{'request.role'}} =~/evb\&([^\:]*)/);	return %blockers if ($env{'user.priv.'.$env{'request.role'}} =~/evb\&([^\:]*)/);
my %commblocks;	my %commblocks;
if (ref($blocks) eq 'HASH') {	if (ref($blocks) eq 'HASH') {
%commblocks = %{$blocks};	%commblocks = %{$blocks};
} else {	} else {
%commblocks = &get_comm_blocks();	%commblocks = &get_comm_blocks();
}	}
return unless (keys(%commblocks) > 0);	return %blockers unless (keys(%commblocks) > 0);
if (!$symb) { $symb=&symbread($uri,1); }
my ($map,$resid,undef)=&decode_symb($symb);
my %tocheck = (
maps => $map,
resources => $symb,
);
my @blockers;
my $now = time;
my $navmap = Apache::lonnavmaps::navmap->new();	my $navmap = Apache::lonnavmaps::navmap->new();
	return %blockers unless (ref($navmap));
	my $now = time;
foreach my $block (keys(%commblocks)) {	foreach my $block (keys(%commblocks)) {
if ($block =~ /^(\d+)____(\d+)$/) {	if ($block =~ /^(\d+)____(\d+)$/) {
my ($start,$end) = ($1,$2);	my ($start,$end) = ($1,$2);
Line 6939 sub has_comm_blocking {	Line 7979 sub has_comm_blocking {
if (ref($commblocks{$block}{'blocks'}) eq 'HASH') {	if (ref($commblocks{$block}{'blocks'}) eq 'HASH') {
if (ref($commblocks{$block}{'blocks'}{'docs'}) eq 'HASH') {	if (ref($commblocks{$block}{'blocks'}{'docs'}) eq 'HASH') {
if (ref($commblocks{$block}{'blocks'}{'docs'}{'maps'}) eq 'HASH') {	if (ref($commblocks{$block}{'blocks'}{'docs'}{'maps'}) eq 'HASH') {
if ($commblocks{$block}{'blocks'}{'docs'}{'maps'}{$map}) {	if (keys(%{$commblocks{$block}{'blocks'}{'docs'}{'maps'}})) {
unless (grep(/^\Q$block\E$/,@blockers)) {	$blockers{$block}{maps} = $commblocks{$block}{'blocks'}{'docs'}{'maps'};
push(@blockers,$block);
}
}	}
}	}
if (ref($commblocks{$block}{'blocks'}{'docs'}{'resources'}) eq 'HASH') {	if (ref($commblocks{$block}{'blocks'}{'docs'}{'resources'}) eq 'HASH') {
if ($commblocks{$block}{'blocks'}{'docs'}{'resources'}{$symb}) {	if (keys(%{$commblocks{$block}{'blocks'}{'docs'}{'resources'}})) {
unless (grep(/^\Q$block\E$/,@blockers)) {	$blockers{$block}{'resources'} = $commblocks{$block}{'blocks'}{'docs'}{'resources'};
push(@blockers,$block);
}
}	}
}	}
}	}
Line 6960 sub has_comm_blocking {	Line 7996 sub has_comm_blocking {
my @to_test;	my @to_test;
if (ref($commblocks{$block}{'blocks'}) eq 'HASH') {	if (ref($commblocks{$block}{'blocks'}) eq 'HASH') {
if (ref($commblocks{$block}{'blocks'}{'docs'}) eq 'HASH') {	if (ref($commblocks{$block}{'blocks'}{'docs'}) eq 'HASH') {
my $check_interval;	my @interval;
if (&check_docs_block($commblocks{$block}{'blocks'}{'docs'},\%tocheck)) {	my $type = 'map';
my @interval;	if ($item eq 'course') {
my $type = 'map';	$type = 'course';
if ($item eq 'course') {	@interval=&EXT("resource.0.interval");
$type = 'course';	} else {
@interval=&EXT("resource.0.interval");	if ($item =~ /___\d+___/) {
	$type = 'resource';
	@interval=&EXT("resource.0.interval",$item);
	if (ref($navmap)) {
	my $res = $navmap->getBySymb($item);
	push(@to_test,$res);
	}
} else {	} else {
if ($item =~ /___\d+___/) {	my $mapsymb = &symbread($item,1);
$type = 'resource';	if ($mapsymb) {
@interval=&EXT("resource.0.interval",$item);	if (ref($navmap)) {
if (ref($navmap)) {	my $mapres = $navmap->getBySymb($mapsymb);
my $res = $navmap->getBySymb($item);	@to_test = $mapres->retrieveResources($mapres,undef,0,0,0,1);
push(@to_test,$res);	foreach my $res (@to_test) {
}	my $symb = $res->symb();
} else {	next if ($symb eq $mapsymb);
my $mapsymb = &symbread($item,1);	if ($symb ne '') {
if ($mapsymb) {	@interval=&EXT("resource.0.interval",$symb);
if (ref($navmap)) {	if ($interval[1] eq 'map') {
my $mapres = $navmap->getBySymb($mapsymb);
@to_test = $mapres->retrieveResources($mapres,undef,0,1);
foreach my $res (@to_test) {
my $symb = $res->symb();
next if ($symb eq $mapsymb);
if ($symb ne '') {
@interval=&EXT("resource.0.interval",$symb);
last;	last;
}	}
}	}
Line 6993 sub has_comm_blocking {	Line 8028 sub has_comm_blocking {
}	}
}	}
}	}
if ($interval[0] =~ /\d+/) {	}
my $first_access;	if ($interval[0] =~ /^(\d+)/) {
if ($type eq 'resource') {	my $timelimit = $1;
$first_access=&get_first_access($interval[1],$item);	my $first_access;
} elsif ($type eq 'map') {	if ($type eq 'resource') {
$first_access=&get_first_access($interval[1],undef,$item);	$first_access=&get_first_access($interval[1],$item);
} else {	} elsif ($type eq 'map') {
$first_access=&get_first_access($interval[1]);	$first_access=&get_first_access($interval[1],undef,$item);
}	} else {
if ($first_access) {	$first_access=&get_first_access($interval[1]);
my $timesup = $first_access+$interval[0];	}
if ($timesup > $now) {	if ($first_access) {
foreach my $res (@to_test) {	my $timesup = $first_access+$timelimit;
if ($res->is_problem()) {	if ($timesup > $now) {
if ($res->completable()) {	my $activeblock;
unless (grep(/^\Q$block\E$/,@blockers)) {	foreach my $res (@to_test) {
push(@blockers,$block);	if ($res->answerable()) {
}	$activeblock = 1;
last;	last;
}	}
	}
	if ($activeblock) {
	if (ref($commblocks{$block}{'blocks'}{'docs'}{'maps'}) eq 'HASH') {
	if (keys(%{$commblocks{$block}{'blocks'}{'docs'}{'maps'}})) {
	$blockers{$block}{'maps'} = $commblocks{$block}{'blocks'}{'docs'}{'maps'};
	}
	}
	if (ref($commblocks{$block}{'blocks'}{'docs'}{'resources'}) eq 'HASH') {
	if (keys(%{$commblocks{$block}{'blocks'}{'docs'}{'resources'}})) {
	$blockers{$block}{'resources'} = $commblocks{$block}{'blocks'}{'docs'}{'resources'};
}	}
}	}
}	}
Line 7023 sub has_comm_blocking {	Line 8068 sub has_comm_blocking {
}	}
}	}
}	}
return @blockers;	return %blockers;
}	}

sub check_docs_block {	sub has_comm_blocking {
my ($docsblock,$tocheck) =@_;	my ($priv,$symb,$uri,$blocks) = @_;
if ((ref($docsblock) ne 'HASH') \|\| (ref($tocheck) ne 'HASH')) {	my @blockers;
return;	return unless ($env{'request.course.id'});
	return unless ($priv eq 'bre');
	return if ($env{'user.priv.'.$env{'request.role'}} =~/evb\&([^\:]*)/);
	return if ($env{'request.state'} eq 'construct');
	&load_all_blockers($env{'user.name'},$env{'user.domain'},$blocks);
	return unless (keys(%cachedblockers) > 0);
	my (%possibles,@symbs);
	if (!$symb) {
	$symb = &symbread($uri,1,1,1,\%possibles);
}	}
if (ref($docsblock->{'maps'}) eq 'HASH') {	if ($symb) {
if ($tocheck->{'maps'}) {	@symbs = ($symb);
if ($docsblock->{'maps'}{$tocheck->{'maps'}}) {	} elsif (keys(%possibles)) {
return 1;	@symbs = keys(%possibles);
	}
	my $noblock;
	foreach my $symb (@symbs) {
	last if ($noblock);
	my ($map,$resid,$resurl)=&decode_symb($symb);
	foreach my $block (keys(%cachedblockers)) {
	if ($block =~ /^firstaccess____(.+)$/) {
	my $item = $1;
	if (($item eq $map) \|\| ($item eq $symb)) {
	$noblock = 1;
	last;
	}
}	}
}	if (ref($cachedblockers{$block}) eq 'HASH') {
}	if (ref($cachedblockers{$block}{'resources'}) eq 'HASH') {
if (ref($docsblock->{'resources'}) eq 'HASH') {	if ($cachedblockers{$block}{'resources'}{$symb}) {
if ($tocheck->{'resources'}) {	unless (grep(/^\Q$block\E$/,@blockers)) {
if ($docsblock->{'resources'}{$tocheck->{'resources'}}) {	push(@blockers,$block);
return 1;	}
	}
	}
	}
	if (ref($cachedblockers{$block}{'maps'}) eq 'HASH') {
	if ($cachedblockers{$block}{'maps'}{$map}) {
	unless (grep(/^\Q$block\E$/,@blockers)) {
	push(@blockers,$block);
	}
	}
}	}
}	}
}	}
return;	return if ($noblock);
	return @blockers;
	}
}	}

	# -------------------------------- Deversion and split uri into path an filename

#	#
# Removes the versino from a URI and	# Removes the version from a URI and
# splits it in to its filename and path to the filename.	# splits it in to its filename and path to the filename.
# Seems like File::Basename could have done this more clearly.	# Seems like File::Basename could have done this more clearly.
# Parameters:	# Parameters:
Line 7117 sub get_symb_from_alias {	Line 8195 sub get_symb_from_alias {

sub definerole {	sub definerole {
if (allowed('mcr','/')) {	if (allowed('mcr','/')) {
my ($rolename,$sysrole,$domrole,$courole)=@_;	my ($rolename,$sysrole,$domrole,$courole,$uname,$udom)=@_;
foreach my $role (split(':',$sysrole)) {	foreach my $role (split(':',$sysrole)) {
my ($crole,$cqual)=split(/\&/,$role);	my ($crole,$cqual)=split(/\&/,$role);
if ($pr{'cr:s'}!~/\Q$crole\E/) { return "refused:s:$crole"; }	if ($pr{'cr:s'}!~/\Q$crole\E/) { return "refused:s:$crole"; }
Line 7145 sub definerole {	Line 8223 sub definerole {
}	}
}	}
}	}
	my $uhome;
	if (($uname ne '') && ($udom ne '')) {
	$uhome = &homeserver($uname,$udom);
	return $uhome if ($uhome eq 'no_host');
	} else {
	$uname = $env{'user.name'};
	$udom = $env{'user.domain'};
	$uhome = $env{'user.home'};
	}
my $command="encrypt:rolesput:$env{'user.domain'}:$env{'user.name'}:".	my $command="encrypt:rolesput:$env{'user.domain'}:$env{'user.name'}:".
"$env{'user.domain'}:$env{'user.name'}:".	"$udom:$uname:rolesdef_$rolename=".
"rolesdef_$rolename=".
escape($sysrole.'_'.$domrole.'_'.$courole);	escape($sysrole.'_'.$domrole.'_'.$courole);
return reply($command,$env{'user.home'});	return reply($command,$uhome);
} else {	} else {
return 'refused';	return 'refused';
}	}
Line 7158 sub definerole {	Line 8244 sub definerole {
# ---------------- Make a metadata query against the network of library servers	# ---------------- Make a metadata query against the network of library servers

sub metadata_query {	sub metadata_query {
my ($query,$custom,$customshow,$server_array)=@_;	my ($query,$custom,$customshow,$server_array,$domains_hash)=@_;
my %rhash;	my %rhash;
my %libserv = &all_library();	my %libserv = &all_library();
my @server_list = (defined($server_array) ? @$server_array	my @server_list = (defined($server_array) ? @$server_array
: keys(%libserv) );	: keys(%libserv) );
for my $server (@server_list) {	for my $server (@server_list) {
	my $domains = '';
	if (ref($domains_hash) eq 'HASH') {
	$domains = $domains_hash->{$server};
	}
unless ($custom or $customshow) {	unless ($custom or $customshow) {
my $reply=&reply("querysend:".&escape($query),$server);	my $reply=&reply("querysend:".&escape($query).':::'.&escape($domains),$server);
$rhash{$server}=$reply;	$rhash{$server}=$reply;
}	}
else {	else {
my $reply=&reply("querysend:".&escape($query).':'.	my $reply=&reply("querysend:".&escape($query).':'.
&escape($custom).':'.&escape($customshow),	&escape($custom).':'.&escape($customshow).':'.&escape($domains),
$server);	$server);
$rhash{$server}=$reply;	$rhash{$server}=$reply;
}	}
Line 7227 sub update_allusers_table {	Line 8317 sub update_allusers_table {

sub fetch_enrollment_query {	sub fetch_enrollment_query {
my ($context,$affiliatesref,$replyref,$dom,$cnum) = @_;	my ($context,$affiliatesref,$replyref,$dom,$cnum) = @_;
my $homeserver;	my ($homeserver,$sleep,$loopmax);
my $maxtries = 1;	my $maxtries = 1;
if ($context eq 'automated') {	if ($context eq 'automated') {
$homeserver = $perlvar{'lonHostID'};	$homeserver = $perlvar{'lonHostID'};
	$sleep = 2;
	$loopmax = 100;
$maxtries = 10; # will wait for up to 2000s for retrieval of classlist data before timeout	$maxtries = 10; # will wait for up to 2000s for retrieval of classlist data before timeout
} else {	} else {
$homeserver = &homeserver($cnum,$dom);	$homeserver = &homeserver($cnum,$dom);
Line 7248 sub fetch_enrollment_query {	Line 8340 sub fetch_enrollment_query {
&logthis('fetch_enrollment_query: invalid queryid: '.$queryid.' for host: '.$host.' and homeserver: '.$homeserver.' context: '.$context.' '.$cnum);	&logthis('fetch_enrollment_query: invalid queryid: '.$queryid.' for host: '.$host.' and homeserver: '.$homeserver.' context: '.$context.' '.$cnum);
return 'error: '.$queryid;	return 'error: '.$queryid;
}	}
my $reply = &get_query_reply($queryid);	my $reply = &get_query_reply($queryid,$sleep,$loopmax);
my $tries = 1;	my $tries = 1;
while (($reply=~/^timeout/) && ($tries < $maxtries)) {	while (($reply=~/^timeout/) && ($tries < $maxtries)) {
$reply = &get_query_reply($queryid);	$reply = &get_query_reply($queryid,$sleep,$loopmax);
$tries ++;	$tries ++;
}	}
if ( ($reply =~/^timeout/) \|\| ($reply =~/^error/) ) {	if ( ($reply =~/^timeout/) \|\| ($reply =~/^error/) ) {
&logthis('fetch_enrollment_query error: '.$reply.' for '.$dom.' '.$env{'user.name'}.' for '.$queryid.' context: '.$context.' '.$cnum.' maxtries: '.$maxtries.' tries: '.$tries);	&logthis('fetch_enrollment_query error: '.$reply.' for '.$dom.' '.$env{'user.name'}.' for '.$queryid.' context: '.$context.' '.$cnum.' maxtries: '.$maxtries.' tries: '.$tries);
} else {	} else {
my @responses = split(/:/,$reply);	my @responses = split(/:/,$reply);
if ($homeserver eq $perlvar{'lonHostID'}) {	if (grep { $_ eq $homeserver } &current_machine_ids()) {
foreach my $line (@responses) {	foreach my $line (@responses) {
my ($key,$value) = split(/=/,$line,2);	my ($key,$value) = split(/=/,$line,2);
$$replyref{$key} = $value;	$$replyref{$key} = $value;
Line 7293 sub fetch_enrollment_query {	Line 8385 sub fetch_enrollment_query {
}	}

sub get_query_reply {	sub get_query_reply {
my $queryid=shift;	my ($queryid,$sleep,$loopmax) = @_;;
	if (($sleep eq '') \|\| ($sleep !~ /^\d+\.?\d*$/)) {
	$sleep = 0.2;
	}
	if (($loopmax eq '') \|\| ($loopmax =~ /\D/)) {
	$loopmax = 100;
	}
my $replyfile=LONCAPA::tempdir().$queryid;	my $replyfile=LONCAPA::tempdir().$queryid;
my $reply='';	my $reply='';
for (1..100) {	for (1..$loopmax) {
sleep 2;	sleep($sleep);
if (-e $replyfile.'.end') {	if (-e $replyfile.'.end') {
if (open(my $fh,$replyfile)) {	if (open(my $fh,$replyfile)) {
$reply = join('',<$fh>);	$reply = join('',<$fh>);
Line 7416 sub auto_validate_instcode {	Line 8514 sub auto_validate_instcode {
}	}
$response=&unescape(&reply('autovalidateinstcode:'.$cdom.':'.	$response=&unescape(&reply('autovalidateinstcode:'.$cdom.':'.
&escape($instcode).':'.&escape($owner),$homeserver));	&escape($instcode).':'.&escape($owner),$homeserver));
my ($outcome,$description) = map { &unescape($_); } split('&',$response,2);	my ($outcome,$description,$defaultcredits) = map { &unescape($_); } split('&',$response,3);
return ($outcome,$description);	return ($outcome,$description,$defaultcredits);
}	}

sub auto_create_password {	sub auto_create_password {
Line 7659 sub auto_courserequest_checks {	Line 8757 sub auto_courserequest_checks {
}	}

sub auto_courserequest_validation {	sub auto_courserequest_validation {
my ($dom,$owner,$crstype,$inststatuslist,$instcode,$instseclist) = @_;	my ($dom,$owner,$crstype,$inststatuslist,$instcode,$instseclist,$custominfo) = @_;
my ($homeserver,$response);	my ($homeserver,$response);
if ($dom =~ /^$match_domain$/) {	if ($dom =~ /^$match_domain$/) {
$homeserver = &domain($dom,'primary');	$homeserver = &domain($dom,'primary');
}	}
unless ($homeserver eq 'no_host') {	unless ($homeserver eq 'no_host') {
	my $customdata;
	if (ref($custominfo) eq 'HASH') {
	$customdata = &freeze_escape($custominfo);
	}
$response=&unescape(&reply('autocrsreqvalidation:'.$dom.':'.&escape($owner).	$response=&unescape(&reply('autocrsreqvalidation:'.$dom.':'.&escape($owner).
':'.&escape($crstype).':'.&escape($inststatuslist).	':'.&escape($crstype).':'.&escape($inststatuslist).
':'.&escape($instcode).':'.&escape($instseclist),	':'.&escape($instcode).':'.&escape($instseclist).':'.
$homeserver));	$customdata,$homeserver));
}	}
return $response;	return $response;
}	}
Line 7688 sub auto_validate_class_sec {	Line 8789 sub auto_validate_class_sec {
return $response;	return $response;
}	}

	sub auto_crsreq_update {
	my ($cdom,$cnum,$crstype,$action,$ownername,$ownerdomain,$fullname,$title,
	$code,$accessstart,$accessend,$inbound) = @_;
	my ($homeserver,%crsreqresponse);
	if ($cdom =~ /^$match_domain$/) {
	$homeserver = &domain($cdom,'primary');
	}
	unless (($homeserver eq 'no_host') \|\| ($homeserver eq '')) {
	my $info;
	if (ref($inbound) eq 'HASH') {
	$info = &freeze_escape($inbound);
	}
	my $response=&reply('autocrsrequpdate:'.$cdom.':'.$cnum.':'.&escape($crstype).
	':'.&escape($action).':'.&escape($ownername).':'.
	&escape($ownerdomain).':'.&escape($fullname).':'.
	&escape($title).':'.&escape($code).':'.
	&escape($accessstart).':'.&escape($accessend).':'.$info,
	$homeserver);
	unless ($response =~ /(con_lost\|error\|no_such_host\|refused)/) {
	my @items = split(/&/,$response);
	foreach my $item (@items) {
	my ($key,$value) = split('=',$item);
	$crsreqresponse{&unescape($key)} = &thaw_unescape($value);
	}
	}
	}
	return \%crsreqresponse;
	}

	sub auto_export_grades {
	my ($cdom,$cnum,$inforef,$gradesref) = @_;
	my ($homeserver,%exportresponse);
	if ($cdom =~ /^$match_domain$/) {
	$homeserver = &domain($cdom,'primary');
	}
	unless (($homeserver eq 'no_host') \|\| ($homeserver eq '')) {
	my $info;
	if (ref($inforef) eq 'HASH') {
	$info = &freeze_escape($inforef);
	}
	if (ref($gradesref) eq 'HASH') {
	my $grades = &freeze_escape($gradesref);
	my $response=&reply('encrypt:autoexportgrades:'.$cdom.':'.$cnum.':'.
	$info.':'.$grades,$homeserver);
	unless ($response =~ /(con_lost\|error\|no_such_host\|refused\|unknown_command)/) {
	my @items = split(/&/,$response);
	foreach my $item (@items) {
	my ($key,$value) = split('=',$item);
	$exportresponse{&unescape($key)} = &thaw_unescape($value);
	}
	}
	}
	}
	return \%exportresponse;
	}

	sub check_instcode_cloning {
	my ($codedefaults,$code_order,$cloner,$clonefromcode,$clonetocode) = @_;
	unless ((ref($codedefaults) eq 'HASH') && (ref($code_order) eq 'ARRAY')) {
	return;
	}
	my $canclone;
	if (@{$code_order} > 0) {
	my $instcoderegexp ='^';
	my @clonecodes = split(/\&/,$cloner);
	foreach my $item (@{$code_order}) {
	if (grep(/^\Q$item\E=/,@clonecodes)) {
	foreach my $pair (@clonecodes) {
	my ($key,$val) = split(/\=/,$pair,2);
	$val = &unescape($val);
	if ($key eq $item) {
	$instcoderegexp .= '('.$val.')';
	last;
	}
	}
	} else {
	$instcoderegexp .= $codedefaults->{$item};
	}
	}
	$instcoderegexp .= '$';
	my (@from,@to);
	eval {
	(@from) = ($clonefromcode =~ /$instcoderegexp/);
	(@to) = ($clonetocode =~ /$instcoderegexp/);
	};
	if ((@from > 0) && (@to > 0)) {
	my @diffs = &Apache::loncommon::compare_arrays(\@from,\@to);
	if (!@diffs) {
	$canclone = 1;
	}
	}
	}
	return $canclone;
	}

	sub default_instcode_cloning {
	my ($clonedom,$domdefclone,$clonefromcode,$clonetocode,$codedefaultsref,$codeorderref) = @_;
	my (%codedefaults,@code_order,$canclone);
	if ((ref($codedefaultsref) eq 'HASH') && (ref($codeorderref) eq 'ARRAY')) {
	%codedefaults = %{$codedefaultsref};
	@code_order = @{$codeorderref};
	} elsif ($clonedom) {
	&auto_instcode_defaults($clonedom,\%codedefaults,\@code_order);
	}
	if (($domdefclone) && (@code_order)) {
	my @clonecodes = split(/\+/,$domdefclone);
	my $instcoderegexp ='^';
	foreach my $item (@code_order) {
	if (grep(/^\Q$item\E$/,@clonecodes)) {
	$instcoderegexp .= '('.$codedefaults{$item}.')';
	} else {
	$instcoderegexp .= $codedefaults{$item};
	}
	}
	$instcoderegexp .= '$';
	my (@from,@to);
	eval {
	(@from) = ($clonefromcode =~ /$instcoderegexp/);
	(@to) = ($clonetocode =~ /$instcoderegexp/);
	};
	if ((@from > 0) && (@to > 0)) {
	my @diffs = &Apache::loncommon::compare_arrays(\@from,\@to);
	if (!@diffs) {
	$canclone = 1;
	}
	}
	}
	return $canclone;
	}

# ------------------------------------------------------- Course Group routines	# ------------------------------------------------------- Course Group routines

sub get_coursegroups {	sub get_coursegroups {
Line 7835 sub plaintext {	Line 9066 sub plaintext {
my %rolenames = (	my %rolenames = (
Course => 'std',	Course => 'std',
Community => 'alt1',	Community => 'alt1',
	Placement => 'std',
);	);
if ($cid ne '') {	if ($cid ne '') {
if ($env{'course.'.$cid.'.'.$short.'.plaintext'} ne '') {	if ($env{'course.'.$cid.'.'.$short.'.plaintext'} ne '') {
Line 8039 sub assignrole {	Line 9271 sub assignrole {
# log new user role if status is ok	# log new user role if status is ok
if ($answer eq 'ok') {	if ($answer eq 'ok') {
&userrolelog($role,$uname,$udom,$url,$start,$end);	&userrolelog($role,$uname,$udom,$url,$start,$end);
# for course roles, perform group memberships changes triggered by role change.
unless ($role =~ /^gr/) {
&Apache::longroup::group_changes($udom,$uname,$url,$role,$origend,
$origstart,$selfenroll,$context);
}
if (($role eq 'cc') \|\| ($role eq 'in') \|\|	if (($role eq 'cc') \|\| ($role eq 'in') \|\|
($role eq 'ep') \|\| ($role eq 'ad') \|\|	($role eq 'ep') \|\| ($role eq 'ad') \|\|
($role eq 'ta') \|\| ($role eq 'st') \|\|	($role eq 'ta') \|\| ($role eq 'st') \|\|
($role=~/^cr/) \|\| ($role eq 'gr') \|\|	($role=~/^cr/) \|\| ($role eq 'gr') \|\|
($role eq 'co')) {	($role eq 'co')) {
	# for course roles, perform group memberships changes triggered by role change.
	unless ($role =~ /^gr/) {
	&Apache::longroup::group_changes($udom,$uname,$url,$role,$origend,
	$origstart,$selfenroll,$context);
	}
&courserolelog($role,$uname,$udom,$url,$origstart,$origend,$delflag,	&courserolelog($role,$uname,$udom,$url,$origstart,$origend,$delflag,
$selfenroll,$context);	$selfenroll,$context);
} elsif (($role eq 'li') \|\| ($role eq 'dg') \|\| ($role eq 'sc') \|\|	} elsif (($role eq 'li') \|\| ($role eq 'dg') \|\| ($role eq 'sc') \|\|
($role eq 'au') \|\| ($role eq 'dc')) {	($role eq 'au') \|\| ($role eq 'dc') \|\| ($role eq 'dh') \|\|
	($role eq 'da')) {
&domainrolelog($role,$uname,$udom,$url,$origstart,$origend,$delflag,	&domainrolelog($role,$uname,$udom,$url,$origstart,$origend,$delflag,
$context);	$context);
} elsif (($role eq 'ca') \|\| ($role eq 'aa')) {	} elsif (($role eq 'ca') \|\| ($role eq 'aa')) {
Line 8247 sub modifyuser {	Line 9480 sub modifyuser {
'current user id "'.$uidhash{$uname}.'".';	'current user id "'.$uidhash{$uname}.'".';
}	}
} else {	} else {
&idput($udom,($uname => $uid));	&idput($udom,{$uname => $uid},$uhome,'ids');
}	}
}	}
# -------------------------------------------------------------- Add names, etc	# -------------------------------------------------------------- Add names, etc
Line 8357 sub modifyuser {	Line 9590 sub modifyuser {
sub modifystudent {	sub modifystudent {
my ($udom,$uname,$uid,$umode,$upass,$first,$middle,$last,$gene,$usec,	my ($udom,$uname,$uid,$umode,$upass,$first,$middle,$last,$gene,$usec,
$end,$start,$forceid,$desiredhome,$email,$type,$locktype,$cid,	$end,$start,$forceid,$desiredhome,$email,$type,$locktype,$cid,
$selfenroll,$context,$inststatus)=@_;	$selfenroll,$context,$inststatus,$credits,$instsec)=@_;
if (!$cid) {	if (!$cid) {
unless ($cid=$env{'request.course.id'}) {	unless ($cid=$env{'request.course.id'}) {
return 'not_in_class';	return 'not_in_class';
Line 8369 sub modifystudent {	Line 9602 sub modifystudent {
$desiredhome,$email,$inststatus);	$desiredhome,$email,$inststatus);
unless ($reply eq 'ok') { return $reply; }	unless ($reply eq 'ok') { return $reply; }
# This will cause &modify_student_enrollment to get the uid from the	# This will cause &modify_student_enrollment to get the uid from the
# students environment	# student's environment
$uid = undef if (!$forceid);	$uid = undef if (!$forceid);
$reply = &modify_student_enrollment($udom,$uname,$uid,$first,$middle,$last,	$reply = &modify_student_enrollment($udom,$uname,$uid,$first,$middle,$last,
$gene,$usec,$end,$start,$type,$locktype,$cid,$selfenroll,$context);	$gene,$usec,$end,$start,$type,$locktype,
	$cid,$selfenroll,$context,$credits,$instsec);
return $reply;	return $reply;
}	}

sub modify_student_enrollment {	sub modify_student_enrollment {
my ($udom,$uname,$uid,$first,$middle,$last,$gene,$usec,$end,$start,$type,$locktype,$cid,$selfenroll,$context) = @_;	my ($udom,$uname,$uid,$first,$middle,$last,$gene,$usec,$end,$start,$type,
	$locktype,$cid,$selfenroll,$context,$credits,$instsec) = @_;
my ($cdom,$cnum,$chome);	my ($cdom,$cnum,$chome);
if (!$cid) {	if (!$cid) {
unless ($cid=$env{'request.course.id'}) {	unless ($cid=$env{'request.course.id'}) {
Line 8424 sub modify_student_enrollment {	Line 9659 sub modify_student_enrollment {
my %old_entry = &Apache::lonnet::get('classlist',[$user],$cdom,$cnum);	my %old_entry = &Apache::lonnet::get('classlist',[$user],$cdom,$cnum);
my $reply=cput('classlist',	my $reply=cput('classlist',
{$user =>	{$user =>
join(':',$end,$start,$uid,$usec,$fullname,$type,$locktype) },	join(':',$end,$start,$uid,$usec,$fullname,$type,$locktype,$credits,$instsec) },
$cdom,$cnum);	$cdom,$cnum);
if (($reply eq 'ok') \|\| ($reply eq 'delayed')) {	if (($reply eq 'ok') \|\| ($reply eq 'delayed')) {
&devalidate_getsection_cache($udom,$uname,$cid);	&devalidate_getsection_cache($udom,$uname,$cid);
Line 8653 sub is_course {	Line 9888 sub is_course {
my %courses = &courseiddump($cdom, '.', 1, '.', '.', $cnum, undef, undef,	my %courses = &courseiddump($cdom, '.', 1, '.', '.', $cnum, undef, undef,
'.');	'.');

return unless exists($courses{$cdom.'_'.$cnum});	return unless(exists($courses{$cdom.'_'.$cnum}));
return wantarray ? ($cdom, $cnum) : $cdom.'_'.$cnum;	return wantarray ? ($cdom, $cnum) : $cdom.'_'.$cnum;
}	}

Line 8678 sub store_userdata {	Line 9913 sub store_userdata {
$namevalue.=&escape($key).'='.&freeze_escape($$storehash{$key}).'&';	$namevalue.=&escape($key).'='.&freeze_escape($$storehash{$key}).'&';
}	}
$namevalue=~s/\&$//;	$namevalue=~s/\&$//;
	unless ($namespace eq 'courserequests') {
	$datakey = &escape($datakey);
	}
$result = &reply("store:$udom:$uname:$namespace:$datakey:".	$result = &reply("store:$udom:$uname:$namespace:$datakey:".
$namevalue,$uhome);	$namevalue,$uhome);
}	}
Line 8849 sub files_not_in_path {	Line 10087 sub files_not_in_path {
return (@return_files);	return (@return_files);
}	}

	#------------------------------Submitted/Handedback Portfolio Files Versioning

	sub portfiles_versioning {
	my ($symb,$domain,$stu_name,$portfiles,$versioned_portfiles) = @_;
	my $portfolio_root = '/userfiles/portfolio';
	return unless ((ref($portfiles) eq 'ARRAY') && (ref($versioned_portfiles) eq 'ARRAY'));
	foreach my $file (@{$portfiles}) {
	&unmark_as_readonly($domain,$stu_name,[$symb,$env{'request.course.id'}],$file);
	my ($directory,$answer_file) =($file =~ /^(.?)([^\/])$/);
	my ($answer_name,$answer_ver,$answer_ext) = &file_name_version_ext($answer_file);
	my $getpropath = 1;
	my ($dir_list,$listerror) = &dirlist($portfolio_root.$directory,$domain,
	$stu_name,$getpropath);
	my $version = &get_next_version($answer_name,$answer_ext,$dir_list);
	my $new_answer =
	&version_selected_portfile($domain,$stu_name,$directory,$answer_file,$version);
	if ($new_answer ne 'problem getting file') {
	push(@{$versioned_portfiles}, $directory.$new_answer);
	&mark_as_readonly($domain,$stu_name,[$directory.$new_answer],
	[$symb,$env{'request.course.id'},'graded']);
	}
	}
	}

	sub get_next_version {
	my ($answer_name, $answer_ext, $dir_list) = @_;
	my $version;
	if (ref($dir_list) eq 'ARRAY') {
	foreach my $row (@{$dir_list}) {
	my ($file) = split(/\&/,$row,2);
	my ($file_name,$file_version,$file_ext) =
	&file_name_version_ext($file);
	if (($file_name eq $answer_name) &&
	($file_ext eq $answer_ext)) {
	# gets here if filename and extension match,
	# regardless of version
	if ($file_version ne '') {
	# a versioned file is found so save it for later
	if ($file_version > $version) {
	$version = $file_version;
	}
	}
	}
	}
	}
	$version ++;
	return($version);
	}

	sub version_selected_portfile {
	my ($domain,$stu_name,$directory,$file_name,$version) = @_;
	my ($answer_name,$answer_ver,$answer_ext) =
	&file_name_version_ext($file_name);
	my $new_answer;
	$env{'form.copy'} =
	&getfile("/uploaded/$domain/$stu_name/portfolio$directory$file_name");
	if($env{'form.copy'} eq '-1') {
	$new_answer = 'problem getting file';
	} else {
	$new_answer = $answer_name.'.'.$version.'.'.$answer_ext;
	my $copy_result =
	&finishuserfileupload($stu_name,$domain,'copy',
	'/portfolio'.$directory.$new_answer);
	}
	undef($env{'form.copy'});
	return ($new_answer);
	}

	sub file_name_version_ext {
	my ($file)=@_;
	my @file_parts = split(/\./, $file);
	my ($name,$version,$ext);
	if (@file_parts > 1) {
	$ext=pop(@file_parts);
	if (@file_parts > 1 && $file_parts[-1] =~ /^\d+$/) {
	$version=pop(@file_parts);
	}
	$name=join('.',@file_parts);
	} else {
	$name=join('.',@file_parts);
	}
	return($name,$version,$ext);
	}

#----------------------------------------------Get portfolio file permissions	#----------------------------------------------Get portfolio file permissions

sub get_portfile_permissions {	sub get_portfile_permissions {
Line 8945 sub modify_access_controls {	Line 10267 sub modify_access_controls {
my $tries = 0;	my $tries = 0;
my $gotlock = &newput('file_permissions',$lockhash,$domain,$user);	my $gotlock = &newput('file_permissions',$lockhash,$domain,$user);

while (($gotlock ne 'ok') && $tries <3) {	while (($gotlock ne 'ok') && $tries < 10) {
$tries ++;	$tries ++;
sleep 1;	sleep(0.1);
$gotlock = &newput('file_permissions',$lockhash,$domain,$user);	$gotlock = &newput('file_permissions',$lockhash,$domain,$user);
}	}
if ($gotlock eq 'ok') {	if ($gotlock eq 'ok') {
Line 8993 sub modify_access_controls {	Line 10315 sub modify_access_controls {
}	}

sub make_public_indefinitely {	sub make_public_indefinitely {
my ($requrl) = @_;	my (@requrl) = @_;
	return &automated_portfile_access('public',\@requrl);
	}

	sub automated_portfile_access {
	my ($accesstype,$addsref,$delsref,$info) = @_;
	unless (($accesstype eq 'public') \|\| ($accesstype eq 'ip')) {
	return 'invalid';
	}
	my %urls;
	if (ref($addsref) eq 'ARRAY') {
	foreach my $requrl (@{$addsref}) {
	if (&is_portfolio_url($requrl)) {
	unless (exists($urls{$requrl})) {
	$urls{$requrl} = 'add';
	}
	}
	}
	}
	if (ref($delsref) eq 'ARRAY') {
	foreach my $requrl (@{$delsref}) {
	if (&is_portfolio_url($requrl)) {
	unless (exists($urls{$requrl})) {
	$urls{$requrl} = 'delete';
	}
	}
	}
	}
	unless (keys(%urls)) {
	return 'invalid';
	}
	my $ip;
	if ($accesstype eq 'ip') {
	if (ref($info) eq 'HASH') {
	if ($info->{'ip'} ne '') {
	$ip = $info->{'ip'};
	}
	}
	if ($ip eq '') {
	return 'invalid';
	}
	}
	my $errors;
my $now = time;	my $now = time;
my $action = 'activate';	my %current_perms;
my $aclnum = 0;	foreach my $requrl (sort(keys(%urls))) {
if (&is_portfolio_url($requrl)) {	my $action;
	if ($urls{$requrl} eq 'add') {
	$action = 'activate';
	} else {
	$action = 'none';
	}
	my $aclnum = 0;
my (undef,$udom,$unum,$file_name,$group) =	my (undef,$udom,$unum,$file_name,$group) =
&parse_portfolio_url($requrl);	&parse_portfolio_url($requrl);
my $current_perms = &get_portfile_permissions($udom,$unum);	unless (exists($current_perms{$unum.':'.$udom})) {
my %access_controls = &get_access_controls($current_perms,	$current_perms{$unum.':'.$udom} = &get_portfile_permissions($udom,$unum);
	}
	my %access_controls = &get_access_controls($current_perms{$unum.':'.$udom},
$group,$file_name);	$group,$file_name);
foreach my $key (keys(%{$access_controls{$file_name}})) {	foreach my $key (keys(%{$access_controls{$file_name}})) {
my ($num,$scope,$end,$start) =	my ($num,$scope,$end,$start) =
($key =~ /^([^:]+):([a-z]+)_(\d)_?(\d)$/);	($key =~ /^([^:]+):([a-z]+)_(\d)_?(\d)$/);
if ($scope eq 'public') {	if ($scope eq $accesstype) {
if ($start <= $now && $end == 0) {	if (($start <= $now) && ($end == 0)) {
$action = 'none';	if ($accesstype eq 'ip') {
} else {	if (ref($access_controls{$file_name}{$key}) eq 'HASH') {
	if (ref($access_controls{$file_name}{$key}{'ip'}) eq 'ARRAY') {
	if (grep(/^\Q$ip\E$/,@{$access_controls{$file_name}{$key}{'ip'}})) {
	if ($urls{$requrl} eq 'add') {
	$action = 'none';
	last;
	} else {
	$action = 'delete';
	$aclnum = $num;
	last;
	}
	}
	}
	}
	} elsif ($accesstype eq 'public') {
	if ($urls{$requrl} eq 'add') {
	$action = 'none';
	last;
	} else {
	$action = 'delete';
	$aclnum = $num;
	last;
	}
	}
	} elsif ($accesstype eq 'public') {
$action = 'update';	$action = 'update';
$aclnum = $num;	$aclnum = $num;
	last;
}	}
last;
}	}
}	}
if ($action eq 'none') {	if ($action eq 'none') {
return 'ok';	next;
} else {	} else {
my %changes;	my %changes;
my $newend = 0;	my $newend = 0;
my $newstart = $now;	my $newstart = $now;
my $newkey = $aclnum.':public_'.$newend.'_'.$newstart;	my $newkey = $aclnum.':'.$accesstype.'_'.$newend.'_'.$newstart;
$changes{$action}{$newkey} = {	$changes{$action}{$newkey} = {
type => 'public',	type => $accesstype,
time => {	time => {
start => $newstart,	start => $newstart,
end => $newend,	end => $newend,
},	},
};	};
	if ($accesstype eq 'ip') {
	$changes{$action}{$newkey}{'ip'} = [$ip];
	}
my ($outcome,$deloutcome,$new_values,$translation) =	my ($outcome,$deloutcome,$new_values,$translation) =
&modify_access_controls($file_name,\%changes,$udom,$unum);	&modify_access_controls($file_name,\%changes,$udom,$unum);
return $outcome;	unless ($outcome eq 'ok') {
	$errors .= $outcome.' ';
	}
}	}
	}
	if ($errors) {
	$errors =~ s/\s$//;
	return $errors;
} else {	} else {
return 'invalid';	return 'ok';
}	}
}	}

Line 9240 sub dirlist {	Line 10645 sub dirlist {
foreach my $user (sort(keys(%allusers))) {	foreach my $user (sort(keys(%allusers))) {
push(@alluserslist,$user.'&user');	push(@alluserslist,$user.'&user');
}	}
return (\@alluserslist);
	if (!%listerror) {
	# no errors
	return (\@alluserslist);
	} elsif (scalar(keys(%servers)) == 1) {
	# one library server, one error
	my ($key) = keys(%listerror);
	return (\@alluserslist, $listerror{$key});
	} elsif ( grep { $_ eq 'con_lost' } values(%listerror) ) {
	# con_lost indicates that we might miss data from at least one
	# library server
	return (\@alluserslist, 'con_lost');
	} else {
	# multiple library servers and no con_lost -> data should be
	# complete.
	return (\@alluserslist);
	}

} else {	} else {
return ([],'missing username');	return ([],'missing username');
}	}
Line 9313 sub stat_file {	Line 10735 sub stat_file {
return ();	return ();
}	}

	# --------------------------------------------------------- recursedirs
	# Recursive function to traverse either a specific user's Authoring Space
	# or corresponding Published Resource Space, and populate the hash ref:
	# $dirhashref with URLs of all directories, and if $filehashref hash
	# ref arg is provided, the URLs of any files, excluding versioned, .meta,
	# or .rights files in resource space, and .meta, .save, .log, and .bak
	# files in Authoring Space.
	#
	# Inputs:
	#
	# $is_home - true if current server is home server for user's space
	# $context - either: priv, or res respectively for Authoring or Resource Space.
	# $docroot - Document root (i.e., /home/httpd/html
	# $toppath - Top level directory (i.e., /res/$dom/$uname or /priv/$dom/$uname
	# $relpath - Current path (relative to top level).
	# $dirhashref - reference to hash to populate with URLs of directories (Required)
	# $filehashref - reference to hash to populate with URLs of files (Optional)
	#
	# Returns: nothing
	#
	# Side Effects: populates $dirhashref, and $filehashref (if provided).
	#
	# Currently used by interface/londocs.pm to create linked select boxes for
	# directory and filename to import a Course "Author" resource into a course, and
	# also to create linked select boxes for Authoring Space and Directory to choose
	# save location for creation of a new "standard" problem from the Course Editor.
	#

	sub recursedirs {
	my ($is_home,$context,$docroot,$toppath,$relpath,$dirhashref,$filehashref) = @_;
	return unless (ref($dirhashref) eq 'HASH');
	my $currpath = $docroot.$toppath;
	if ($relpath) {
	$currpath .= "/$relpath";
	}
	my $savefile;
	if (ref($filehashref)) {
	$savefile = 1;
	}
	if ($is_home) {
	if (opendir(my $dirh,$currpath)) {
	foreach my $item (sort { lc($a) cmp lc($b) } grep(!/^\.+$/,readdir($dirh))) {
	next if ($item eq '');
	if (-d "$currpath/$item") {
	my $newpath;
	if ($relpath) {
	$newpath = "$relpath/$item";
	} else {
	$newpath = $item;
	}
	$dirhashref->{&Apache::lonlocal::js_escape($newpath)} = 1;
	&recursedirs($is_home,$context,$docroot,$toppath,$newpath,$dirhashref,$filehashref);
	} elsif ($savefile) {
	if ($context eq 'priv') {
	unless ($item =~ /\.(meta\|save\|log\|bak\|DS_Store)$/) {
	$filehashref->{&Apache::lonlocal::js_escape($relpath)}{$item} = 1;
	}
	} else {
	unless (($item =~ /\.meta$/) \|\| ($item =~ /\.\d+\.\w+$/) \|\| ($item =~ /\.rights$/)) {
	$filehashref->{&Apache::lonlocal::js_escape($relpath)}{$item} = 1;
	}
	}
	}
	}
	closedir($dirh);
	}
	} else {
	my ($dirlistref,$listerror) =
	&dirlist($toppath.$relpath);
	my @dir_lines;
	my $dirptr=16384;
	if (ref($dirlistref) eq 'ARRAY') {
	foreach my $dir_line (sort
	{
	my ($afile)=split('&',$a,2);
	my ($bfile)=split('&',$b,2);
	return (lc($afile) cmp lc($bfile));
	} (@{$dirlistref})) {
	my ($item,$dom,undef,$testdir,undef,undef,undef,undef,$size,undef,$mtime,undef,undef,undef,$obs,undef) =
	split(/\&/,$dir_line,16);
	$item =~ s/\s+$//;
	next if (($item =~ /^\.\.?$/) \|\| ($obs));
	if ($dirptr&$testdir) {
	my $newpath;
	if ($relpath) {
	$newpath = "$relpath/$item";
	} else {
	$relpath = '/';
	$newpath = $item;
	}
	$dirhashref->{&Apache::lonlocal::js_escape($newpath)} = 1;
	&recursedirs($is_home,$context,$docroot,$toppath,$newpath,$dirhashref,$filehashref);
	} elsif ($savefile) {
	if ($context eq 'priv') {
	unless ($item =~ /\.(meta\|save\|log\|bak\|DS_Store)$/) {
	$filehashref->{$relpath}{$item} = 1;
	}
	} else {
	unless (($item =~ /\.meta$/) \|\| ($item =~ /\.\d+\.\w+$/)) {
	$filehashref->{$relpath}{$item} = 1;
	}
	}
	}
	}
	}
	}
	return;
	}

# -------------------------------------------------------- Value of a Condition	# -------------------------------------------------------- Value of a Condition

# gets the value of a specific preevaluated condition	# gets the value of a specific preevaluated condition
Line 9457 sub get_userresdata {	Line 10988 sub get_userresdata {
}	}
#error 2 occurs when the .db doesn't exist	#error 2 occurs when the .db doesn't exist
if ($tmp!~/error: 2 /) {	if ($tmp!~/error: 2 /) {
&logthis("<font color=\"blue\">WARNING:".	if ((!defined($cached)) \|\| ($tmp ne 'con_lost')) {
" Trying to get resource data for ".	&logthis("<font color=\"blue\">WARNING:".
$uname." at ".$udom.": ".	" Trying to get resource data for ".
$tmp."</font>");	$uname." at ".$udom.": ".
	$tmp."</font>");
	}
} elsif ($tmp=~/error: 2 /) {	} elsif ($tmp=~/error: 2 /) {
#&EXT_cache_set($udom,$uname);	#&EXT_cache_set($udom,$uname);
&do_cache_new('userres',$hashid,undef,600);	&do_cache_new('userres',$hashid,undef,600);
Line 9474 sub get_userresdata {	Line 11007 sub get_userresdata {
# Parameters:	# Parameters:
# $name - Course/user name.	# $name - Course/user name.
# $domain - Name of the domain the user/course is registered on.	# $domain - Name of the domain the user/course is registered on.
# $type - Type of thing $name is (must be 'course' or 'user'	# $type - Type of thing $name is (must be 'course' or 'user')
	# $mapp - decluttered URL of enclosing map
	# $recursed - Ref to scalar -- set to 1, if nested maps have been recursed.
	# $recurseup - Ref to array of map URLs, starting with map containing
	# $mapp up through hierarchy of nested maps to top level map.
	# $courseid - CourseID (first part of param identifier).
	# $modifier - Middle part of param identifier.
	# $what - Last part of param identifier.
# @which - Array of names of resources desired.	# @which - Array of names of resources desired.
# Returns:	# Returns:
# The value of the first reasource in @which that is found in the	# The value of the first reasource in @which that is found in the
Line 9484 sub get_userresdata {	Line 11024 sub get_userresdata {
# 'user', an undefined reference is returned.	# 'user', an undefined reference is returned.
# If none of the resources are found, an undef is returned	# If none of the resources are found, an undef is returned
sub resdata {	sub resdata {
my ($name,$domain,$type,@which)=@_;	my ($name,$domain,$type,$mapp,$recursed,$recurseup,$courseid,
	$modifier,$what,@which)=@_;
my $result;	my $result;
if ($type eq 'course') {	if ($type eq 'course') {
$result=&get_courseresdata($name,$domain);	$result=&get_courseresdata($name,$domain);
Line 9493 sub resdata {	Line 11034 sub resdata {
}	}
if (!ref($result)) { return $result; }	if (!ref($result)) { return $result; }
foreach my $item (@which) {	foreach my $item (@which) {
if (defined($result->{$item->[0]})) {	if ($item->[1] eq 'course') {
	if ((ref($recurseup) eq 'ARRAY') && (ref($recursed) eq 'SCALAR')) {
	unless ($$recursed) {
	@{$recurseup} = &get_map_hierarchy($mapp,$courseid);
	$$recursed = 1;
	}
	foreach my $item (@${recurseup}) {
	my $norecursechk=$courseid.$modifier.$item.'___(all).'.$what;
	last if (defined($result->{$norecursechk}));
	my $recursechk=$courseid.$modifier.$item.'___(rec).'.$what;
	if (defined($result->{$recursechk})) { return [$result->{$recursechk},'map']; }
	}
	}
	}
	if (defined($result->{$item->[0]})) {
return [$result->{$item->[0]},$item->[1]];	return [$result->{$item->[0]},$item->[1]];
}	}
}	}
return undef;	return undef;
}	}

	sub get_domain_ltitools {
	my ($cdom) = @_;
	my %ltitools;
	my ($result,$cached)=&is_cached_new('ltitools',$cdom);
	if (defined($cached)) {
	if (ref($result) eq 'HASH') {
	%ltitools = %{$result};
	}
	} else {
	my %domconfig = &get_dom('configuration',['ltitools'],$cdom);
	if (ref($domconfig{'ltitools'}) eq 'HASH') {
	%ltitools = %{$domconfig{'ltitools'}};
	my %encdomconfig = &get_dom('encconfig',['ltitools'],$cdom);
	if (ref($encdomconfig{'ltitools'}) eq 'HASH') {
	foreach my $id (keys(%ltitools)) {
	if (ref($encdomconfig{'ltitools'}{$id}) eq 'HASH') {
	foreach my $item ('key','secret') {
	$ltitools{$id}{$item} = $encdomconfig{'ltitools'}{$id}{$item};
	}
	}
	}
	}
	}
	my $cachetime = 246060;
	&do_cache_new('ltitools',$cdom,\%ltitools,$cachetime);
	}
	return %ltitools;
	}

	sub get_numsuppfiles {
	my ($cnum,$cdom,$ignorecache)=@_;
	my $hashid=$cnum.':'.$cdom;
	my ($suppcount,$cached);
	unless ($ignorecache) {
	($suppcount,$cached) = &is_cached_new('suppcount',$hashid);
	}
	unless (defined($cached)) {
	my $chome=&homeserver($cnum,$cdom);
	unless ($chome eq 'no_host') {
	($suppcount,my $errors) = (0,0);
	my $suppmap = 'supplemental.sequence';
	($suppcount,$errors) =
	&Apache::loncommon::recurse_supplemental($cnum,$cdom,$suppmap,$suppcount,$errors);
	}
	&do_cache_new('suppcount',$hashid,$suppcount,600);
	}
	return $suppcount;
	}

#	#
# EXT resource caching routines	# EXT resource caching routines
#	#

	{
	# Cache (5 seconds) of map hierarchy for speedup of navmaps display
	#
	# The course for which we cache
	my $cachedmapkey='';
	# The cached recursive maps for this course
	my %cachedmaps=();
	# When this was last done
	my $cachedmaptime='';

sub clear_EXT_cache_status {	sub clear_EXT_cache_status {
&delenv('cache.EXT.');	&delenv('cache.EXT.');
}	}
Line 9528 sub EXT_cache_set {	Line 11142 sub EXT_cache_set {
# --------------------------------------------------------- Value of a Variable	# --------------------------------------------------------- Value of a Variable
sub EXT {	sub EXT {

my ($varname,$symbparm,$udom,$uname,$usection,$recurse)=@_;	my ($varname,$symbparm,$udom,$uname,$usection,$recurse,$cid)=@_;
unless ($varname) { return ''; }	unless ($varname) { return ''; }
#get real user name/domain, courseid and symb	#get real user name/domain, courseid and symb
my $courseid;	my $courseid;
Line 9643 sub EXT {	Line 11257 sub EXT {
if (!$symbparm) { $symbparm=&symbread(); }	if (!$symbparm) { $symbparm=&symbread(); }
}	}

if ($space eq 'title') {	if ($qualifier eq '') {
if (!$symbparm) { $symbparm = $env{'request.filename'}; }	if ($space eq 'title') {
return &gettitle($symbparm);	if (!$symbparm) { $symbparm = $env{'request.filename'}; }
}	return &gettitle($symbparm);
	}

if ($space eq 'map') {	if ($space eq 'map') {
my ($map) = &decode_symb($symbparm);	my ($map) = &decode_symb($symbparm);
return &symbread($map);	return &symbread($map);
}	}
if ($space eq 'filename') {	if ($space eq 'maptitle') {
if ($symbparm) {	my ($map) = &decode_symb($symbparm);
return &clutter((&decode_symb($symbparm))[2]);	return &gettitle($map);
	}
	if ($space eq 'filename') {
	if ($symbparm) {
	return &clutter((&decode_symb($symbparm))[2]);
	}
	return &hreflocation('',$env{'request.filename'});
}	}
return &hreflocation('',$env{'request.filename'});
}

my ($section, $group, @groups);	if ((defined($courseid)) && ($courseid eq $env{'request.course.id'}) && $symbparm) {
my ($courselevelm,$courselevel);	if ($space eq 'visibleparts') {
if ($symbparm && defined($courseid) &&	my $navmap = Apache::lonnavmaps::navmap->new();
$courseid eq $env{'request.course.id'}) {	my $item;
	if (ref($navmap)) {
	my $res = $navmap->getBySymb($symbparm);
	my $parts = $res->parts();
	if (ref($parts) eq 'ARRAY') {
	$item = join(',',@{$parts});
	}
	undef($navmap);
	}
	return $item;
	}
	}
	}

	my ($section, $group, @groups, @recurseup, $recursed);
	my ($courselevelm,$courseleveli,$courselevel,$mapp);
	if (($courseid eq '') && ($cid)) {
	$courseid = $cid;
	}
	if (($symbparm && $courseid) &&
	(($courseid eq $env{'request.course.id'}) \|\| ($courseid eq $cid))) {

#print '<br>'.$space.' - '.$qualifier.' - '.$spacequalifierrest;	#print '<br>'.$space.' - '.$qualifier.' - '.$spacequalifierrest;

# ----------------------------------------------------- Cascading lookup scheme	# ----------------------------------------------------- Cascading lookup scheme
my $symbp=$symbparm;	my $symbp=$symbparm;
my $mapp=&deversion((&decode_symb($symbp))[0]);	$mapp=&deversion((&decode_symb($symbp))[0]);

my $symbparm=$symbp.'.'.$spacequalifierrest;	my $symbparm=$symbp.'.'.$spacequalifierrest;
	my $recurseparm=$mapp.'___(rec).'.$spacequalifierrest;
my $mapparm=$mapp.'___(all).'.$spacequalifierrest;	my $mapparm=$mapp.'___(all).'.$spacequalifierrest;

if (($env{'user.name'} eq $uname) &&	if (($env{'user.name'} eq $uname) &&
($env{'user.domain'} eq $udom)) {	($env{'user.domain'} eq $udom)) {
$section=$env{'request.course.sec'};	$section=$env{'request.course.sec'};
Line 9689 sub EXT {	Line 11327 sub EXT {

my $seclevel=$courseid.'.['.$section.'].'.$spacequalifierrest;	my $seclevel=$courseid.'.['.$section.'].'.$spacequalifierrest;
my $seclevelr=$courseid.'.['.$section.'].'.$symbparm;	my $seclevelr=$courseid.'.['.$section.'].'.$symbparm;
	my $secleveli=$courseid.'.['.$section.'].'.$recurseparm;
my $seclevelm=$courseid.'.['.$section.'].'.$mapparm;	my $seclevelm=$courseid.'.['.$section.'].'.$mapparm;

$courselevel=$courseid.'.'.$spacequalifierrest;	$courselevel=$courseid.'.'.$spacequalifierrest;
my $courselevelr=$courseid.'.'.$symbparm;	my $courselevelr=$courseid.'.'.$symbparm;
	$courseleveli=$courseid.'.'.$recurseparm;
$courselevelm=$courseid.'.'.$mapparm;	$courselevelm=$courseid.'.'.$mapparm;

# ----------------------------------------------------------- first, check user	# ----------------------------------------------------------- first, check user

my $userreply=&resdata($uname,$udom,'user',	my $userreply=&resdata($uname,$udom,'user',$mapp,\$recursed,
	\@recurseup,$courseid,'.',$spacequalifierrest,
([$courselevelr,'resource'],	([$courselevelr,'resource'],
[$courselevelm,'map' ],	[$courselevelm,'map' ],
	[$courseleveli,'map' ],
[$courselevel, 'course' ]));	[$courselevel, 'course' ]));
if (defined($userreply)) { return &get_reply($userreply); }	if (defined($userreply)) { return &get_reply($userreply); }

Line 9707 sub EXT {	Line 11349 sub EXT {
my $coursereply;	my $coursereply;
if (@groups > 0) {	if (@groups > 0) {
$coursereply = &check_group_parms($courseid,\@groups,$symbparm,	$coursereply = &check_group_parms($courseid,\@groups,$symbparm,
$mapparm,$spacequalifierrest);	$recurseparm,$mapparm,$spacequalifierrest,
if (defined($coursereply)) { return &get_reply($coursereply); }	$mapp,\$recursed,\@recurseup);
	if (defined($coursereply)) { return &get_reply($coursereply); }
}	}

$coursereply=&resdata($env{'course.'.$courseid.'.num'},	$coursereply=&resdata($env{'course.'.$courseid.'.num'},
$env{'course.'.$courseid.'.domain'},	$env{'course.'.$courseid.'.domain'},
'course',	'course',$mapp,\$recursed,\@recurseup,
	$courseid,'.['.$section.'].',$spacequalifierrest,
([$seclevelr, 'resource'],	([$seclevelr, 'resource'],
[$seclevelm, 'map' ],	[$seclevelm, 'map' ],
	[$secleveli, 'map' ],
[$seclevel, 'course' ],	[$seclevel, 'course' ],
[$courselevelr,'resource']));	[$courselevelr,'resource']));
if (defined($coursereply)) { return &get_reply($coursereply); }	if (defined($coursereply)) { return &get_reply($coursereply); }
Line 9732 sub EXT {	Line 11377 sub EXT {
if ($thisparm) { return &get_reply([$thisparm,'resource']); }	if ($thisparm) { return &get_reply([$thisparm,'resource']); }
}	}
# ------------------------------------------ fourth, look in resource metadata	# ------------------------------------------ fourth, look in resource metadata

$spacequalifierrest=~s/\./\_/;	my $what = $spacequalifierrest;
	$what=~s/\./\_/;
my $filename;	my $filename;
if (!$symbparm) { $symbparm=&symbread(); }	if (!$symbparm) { $symbparm=&symbread(); }
if ($symbparm) {	if ($symbparm) {
Line 9741 sub EXT {	Line 11387 sub EXT {
} else {	} else {
$filename=$env{'request.filename'};	$filename=$env{'request.filename'};
}	}
my $metadata=&metadata($filename,$spacequalifierrest);	my $metadata=&metadata($filename,$what);
if (defined($metadata)) { return &get_reply([$metadata,'resource']); }	if (defined($metadata)) { return &get_reply([$metadata,'resource']); }
$metadata=&metadata($filename,'parameter_'.$spacequalifierrest);	$metadata=&metadata($filename,'parameter_'.$what);
if (defined($metadata)) { return &get_reply([$metadata,'resource']); }	if (defined($metadata)) { return &get_reply([$metadata,'resource']); }

# ---------------------------------------------- fourth, look in rest of course	# ----------------------------------------------- fifth, look in rest of course
if ($symbparm && defined($courseid) &&	if ($symbparm && defined($courseid) &&
$courseid eq $env{'request.course.id'}) {	$courseid eq $env{'request.course.id'}) {
my $coursereply=&resdata($env{'course.'.$courseid.'.num'},	my $coursereply=&resdata($env{'course.'.$courseid.'.num'},
$env{'course.'.$courseid.'.domain'},	$env{'course.'.$courseid.'.domain'},
'course',	'course',$mapp,\$recursed,\@recurseup,
	$courseid,'.',$spacequalifierrest,
([$courselevelm,'map' ],	([$courselevelm,'map' ],
	[$courseleveli,'map' ],
[$courselevel, 'course']));	[$courselevel, 'course']));
if (defined($coursereply)) { return &get_reply($coursereply); }	if (defined($coursereply)) { return &get_reply($coursereply); }
}	}
Line 9809 sub get_reply {	Line 11457 sub get_reply {
}	}

sub check_group_parms {	sub check_group_parms {
my ($courseid,$groups,$symbparm,$mapparm,$what) = @_;	my ($courseid,$groups,$symbparm,$recurseparm,$mapparm,$what,$mapp,
my @groupitems = ();	$recursed,$recurseupref) = @_;
my $resultitem;	my @levels = ([$symbparm,'resource'],[$mapparm,'map'],[$recurseparm,'map'],
my @levels = ([$symbparm,'resource'],[$mapparm,'map'],[$what,'course']);	[$what,'course']);
	my $coursereply;
foreach my $group (@{$groups}) {	foreach my $group (@{$groups}) {
	my @groupitems = ();
foreach my $level (@levels) {	foreach my $level (@levels) {
my $item = $courseid.'.['.$group.'].'.$level->[0];	my $item = $courseid.'.['.$group.'].'.$level->[0];
push(@groupitems,[$item,$level->[1]]);	push(@groupitems,[$item,$level->[1]]);
}	}
	my $coursereply = &resdata($env{'course.'.$courseid.'.num'},
	$env{'course.'.$courseid.'.domain'},
	'course',$mapp,$recursed,$recurseupref,
	$courseid,'.['.$group.'].',$what,
	@groupitems);
	last if (defined($coursereply));
}	}
my $coursereply = &resdata($env{'course.'.$courseid.'.num'},
$env{'course.'.$courseid.'.domain'},
'course',@groupitems);
return $coursereply;	return $coursereply;
}	}

	sub get_map_hierarchy {
	my ($mapname,$courseid) = @_;
	my @recurseup = ();
	if ($mapname) {
	if (($cachedmapkey eq $courseid) &&
	(abs($cachedmaptime-time)<5)) {
	if (ref($cachedmaps{$mapname}) eq 'ARRAY') {
	return @{$cachedmaps{$mapname}};
	}
	}
	my $navmap = Apache::lonnavmaps::navmap->new();
	if (ref($navmap)) {
	@recurseup = $navmap->recurseup_maps($mapname);
	undef($navmap);
	$cachedmaps{$mapname} = \@recurseup;
	$cachedmaptime=time;
	$cachedmapkey=$courseid;
	}
	}
	return @recurseup;
	}

	}

sub sort_course_groups { # Sort groups based on defined rankings. Default is sort().	sub sort_course_groups { # Sort groups based on defined rankings. Default is sort().
my ($courseid,@groups) = @_;	my ($courseid,@groups) = @_;
@groups = sort(@groups);	@groups = sort(@groups);
Line 9909 sub metadata {	Line 11586 sub metadata {
# if it is a non metadata possible uri return quickly	# if it is a non metadata possible uri return quickly
if (($uri eq '') \|\|	if (($uri eq '') \|\|
(($uri =~ m\|^/*adm/\|) &&	(($uri =~ m\|^/*adm/\|) &&
($uri !~ m\|^adm/includes\|) && ($uri !~ m\|/bulletinboard$\|)) \|\|	($uri !~ m\|^adm/includes\|) && ($uri !~ m{/(smppg\|bulletinboard\|ext\.tool)$})) \|\|
($uri =~ m\|/$\|) \|\| ($uri =~ m\|/.meta$\|) \|\| ($uri =~ m{^/*uploaded/.+\.sequence$})) {	($uri =~ m\|/$\|) \|\| ($uri =~ m\|/.meta$\|) \|\| ($uri =~ m{^/*uploaded/.+\.sequence$})) {
return undef;	return undef;
}	}
if (($uri =~ /^priv/ \|\| $uri=~/home\/httpd\/html\/priv/)	if (($uri =~ /^priv/ \|\| $uri=~m{^home/httpd/html/priv})
&& &Apache::lonxml::get_state('target') =~ /^(\|meta)$/) {	&& &Apache::lonxml::get_state('target') =~ /^(\|meta)$/) {
return undef;	return undef;
}	}
Line 10174 sub metadata {	Line 11851 sub metadata {

$metaentry{':keys'} = join(',',keys(%metathesekeys));	$metaentry{':keys'} = join(',',keys(%metathesekeys));
&metadata_generate_part0(\%metathesekeys,\%metaentry,$uri);	&metadata_generate_part0(\%metathesekeys,\%metaentry,$uri);
$metaentry{':allpossiblekeys'}=join(',',keys %metathesekeys);	$metaentry{':allpossiblekeys'}=join(',',keys(%metathesekeys));
&do_cache_new('meta',$uri,\%metaentry,$cachetime);	&do_cache_new('meta',$uri,\%metaentry,$cachetime);
# this is the end of "was not already recently cached	# this is the end of "was not already recently cached
}	}
Line 10287 sub gettitle {	Line 11964 sub gettitle {
return $title;	return $title;
}	}

sub getdocspath {
my ($symb) = @_;
my $path;
if ($symb) {
my ($mapurl,$id,$resurl) = &decode_symb($symb);
if ($resurl=~/\.(sequence\|page)$/) {
$mapurl=$resurl;
} elsif ($resurl eq 'adm/navmaps') {
$mapurl=$env{'course.'.$env{'request.course.id'}.'.url'};
}
my $mapresobj;
my $navmap = Apache::lonnavmaps::navmap->new();
if (ref($navmap)) {
$mapresobj = $navmap->getResourceByUrl($mapurl);
}
$mapurl=~s{^.*/([^/]+)\.(\w+)$}{$1};
my $type=$2;
if (ref($mapresobj)) {
my $pcslist = $mapresobj->map_hierarchy();
if ($pcslist ne '') {
foreach my $pc (split(/,/,$pcslist)) {
next if ($pc <= 1);
my $res = $navmap->getByMapPc($pc);
if (ref($res)) {
my $thisurl = $res->src();
$thisurl=~s{^.*/([^/]+)\.\w+$}{$1};
my $thistitle = $res->title();
$path .= '&'.
&Apache::lonhtmlcommon::entity_encode($thisurl).'&'.
&Apache::lonhtmlcommon::entity_encode($thistitle).
':'.$res->randompick().
':'.$res->randomout().
':'.$res->encrypted().
':'.$res->randomorder();
}
}
}
$path =~ s/^\&//;
my $maptitle = $mapresobj->title();
if ($mapurl eq 'default') {
$maptitle = 'Main Course Documents';
}
$path .= ($path ne '')? '&' : ''.
&Apache::lonhtmlcommon::entity_encode($mapurl).'&'.
&Apache::lonhtmlcommon::entity_encode($maptitle).
':'.$mapresobj->randompick().
':'.$mapresobj->randomout().
':'.$mapresobj->encrypted().
':'.$mapresobj->randomorder();
} else {
my $maptitle = &gettitle($mapurl);
if ($mapurl eq 'default') {
$maptitle = 'Main Course Documents';
}
$path = &Apache::lonhtmlcommon::entity_encode($mapurl).'&'.
&Apache::lonhtmlcommon::entity_encode($maptitle).'::::';
}
unless ($mapurl eq 'default') {
$path = 'default&'.
&Apache::lonhtmlcommon::entity_encode('Main Course Documents').
'::::&'.$path;
}
}
return $path;
}

sub get_slot {	sub get_slot {
my ($which,$cnum,$cdom)=@_;	my ($which,$cnum,$cdom)=@_;
if (!$cnum \|\| !$cdom) {	if (!$cnum \|\| !$cdom) {
Line 10406 sub get_course_slots {	Line 12017 sub get_course_slots {
my %slots=&Apache::lonnet::dump('slots',$cdom,$cnum);	my %slots=&Apache::lonnet::dump('slots',$cdom,$cnum);
my ($tmp) = keys(%slots);	my ($tmp) = keys(%slots);
if ($tmp !~ /^(con_lost\|error\|no_such_host)/i) {	if ($tmp !~ /^(con_lost\|error\|no_such_host)/i) {
&Apache::lonnet::do_cache_new('allslots',$hashid,\%slots,600);	&do_cache_new('allslots',$hashid,\%slots,600);
return %slots;	return %slots;
}	}
}	}
Line 10500 sub symbverify {	Line 12111 sub symbverify {

if (tie(%bighash,'GDBM_File',$env{'request.course.fn'}.'.db',	if (tie(%bighash,'GDBM_File',$env{'request.course.fn'}.'.db',
&GDBM_READER(),0640)) {	&GDBM_READER(),0640)) {
	my $noclutter;
if (($thisurl =~ m{^/adm/wrapper/ext/}) \|\| ($thisurl =~ m{^ext/})) {	if (($thisurl =~ m{^/adm/wrapper/ext/}) \|\| ($thisurl =~ m{^ext/})) {
$thisurl =~ s/\?.+$//;	$thisurl =~ s/\?.+$//;
	if ($map =~ m{^uploaded/.+\.page$}) {
	$thisurl =~ s{^(/adm/wrapper\|)/ext/}{http://};
	$thisurl =~ s{^\Qhttp://https://\E}{https://};
	$noclutter = 1;
	}
	}
	my $ids;
	if ($noclutter) {
	$ids=$bighash{'ids_'.$thisurl};
	} else {
	$ids=$bighash{'ids_'.&clutter($thisurl)};
}	}
my $ids=$bighash{'ids_'.&clutter($thisurl)};
unless ($ids) {	unless ($ids) {
my $idkey = 'ids_'.($thisurl =~ m{^/}? '' : '/').$thisurl;	my $idkey = 'ids_'.($thisurl =~ m{^/}? '' : '/').$thisurl;
$ids=$bighash{$idkey};	$ids=$bighash{$idkey};
}	}
if ($ids) {	if ($ids) {
# ------------------------------------------------------------------- Has ID(s)	# ------------------------------------------------------------------- Has ID(s)
	if ($thisfn =~ m{^/adm/wrapper/ext/}) {
	$symb =~ s/\?.+$//;
	}
foreach my $id (split(/\,/,$ids)) {	foreach my $id (split(/\,/,$ids)) {
my ($mapid,$resid)=split(/\./,$id);	my ($mapid,$resid)=split(/\./,$id);
if ($thisfn =~ m{^/adm/wrapper/ext/}) {
$symb =~ s/\?.+$//;
}
if (	if (
&symbclean(&declutter($bighash{'map_id_'.$mapid}).'___'.$resid.'___'.$thisfn)	&symbclean(&declutter($bighash{'map_id_'.$mapid}).'___'.$resid.'___'.$thisfn)
eq $symb) {	eq $symb) {
Line 10525 sub symbverify {	Line 12147 sub symbverify {
($bighash{'encrypted_'.$id} eq $env{'request.enc'}) \|\|	($bighash{'encrypted_'.$id} eq $env{'request.enc'}) \|\|
($thisurl eq '/adm/navmaps')) {	($thisurl eq '/adm/navmaps')) {
$okay=1;	$okay=1;
	last;
}	}
}	}
}	}
Line 10599 sub deversion {	Line 12222 sub deversion {
# ------------------------------------------------------ Return symb list entry	# ------------------------------------------------------ Return symb list entry

sub symbread {	sub symbread {
my ($thisfn,$donotrecurse)=@_;	my ($thisfn,$donotrecurse,$ignorecachednull,$checkforblock,$possibles)=@_;
my $cache_str='request.symbread.cached.'.$thisfn;	my $cache_str='request.symbread.cached.'.$thisfn;
if (defined($env{$cache_str})) {	if (defined($env{$cache_str})) {
if (($thisfn) \|\| ($env{$cache_str} ne '')) {	if ($ignorecachednull) {
	return $env{$cache_str} unless ($env{$cache_str} eq '');
	} else {
return $env{$cache_str};	return $env{$cache_str};
}	}
}	}
Line 10667 sub symbread {	Line 12292 sub symbread {
my ($mapid,$resid)=split(/\./,$ids);	my ($mapid,$resid)=split(/\./,$ids);
$syval=&encode_symb($bighash{'map_id_'.$mapid},	$syval=&encode_symb($bighash{'map_id_'.$mapid},
$resid,$thisfn);	$resid,$thisfn);
} elsif (!$donotrecurse) {	if (ref($possibles) eq 'HASH') {
	$possibles->{$syval} = 1;
	}
	if ($checkforblock) {
	my @blockers = &has_comm_blocking('bre',$syval,$bighash{'src_'.$ids});
	if (@blockers) {
	$syval = '';
	return;
	}
	}
	} elsif ((!$donotrecurse) \|\| ($checkforblock) \|\| (ref($possibles) eq 'HASH')) {
# ------------------------------------------ There is more than one possibility	# ------------------------------------------ There is more than one possibility
my $realpossible=0;	my $realpossible=0;
foreach my $id (@possibilities) {	foreach my $id (@possibilities) {
my $file=$bighash{'src_'.$id};	my $file=$bighash{'src_'.$id};
if (&allowed('bre',$file)) {	my $canaccess;
my ($mapid,$resid)=split(/\./,$id);	if (($donotrecurse) \|\| ($checkforblock) \|\| (ref($possibles) eq 'HASH')) {
if ($bighash{'map_type_'.$mapid} ne 'page') {	$canaccess = 1;
$realpossible++;	} else {
$syval=&encode_symb($bighash{'map_id_'.$mapid},	$canaccess = &allowed('bre',$file);
$resid,$thisfn);	}
}	if ($canaccess) {
	my ($mapid,$resid)=split(/\./,$id);
	if ($bighash{'map_type_'.$mapid} ne 'page') {
	my $poss_syval=&encode_symb($bighash{'map_id_'.$mapid},
	$resid,$thisfn);
	if (ref($possibles) eq 'HASH') {
	$possibles->{$syval} = 1;
	}
	if ($checkforblock) {
	my @blockers = &has_comm_blocking('bre',$poss_syval,$file);
	unless (@blockers > 0) {
	$syval = $poss_syval;
	$realpossible++;
	}
	} else {
	$syval = $poss_syval;
	$realpossible++;
	}
	}
}	}
}	}
if ($realpossible!=1) { $syval=''; }	if ($realpossible!=1) { $syval=''; }
Line 10686 sub symbread {	Line 12339 sub symbread {
$syval='';	$syval='';
}	}
}	}
untie(%bighash)	untie(%bighash);
}	}
}	}
if ($syval) {	if ($syval) {
Line 11025 sub rndseed_CODE_64bit5 {	Line 12678 sub rndseed_CODE_64bit5 {
sub setup_random_from_rndseed {	sub setup_random_from_rndseed {
my ($rndseed)=@_;	my ($rndseed)=@_;
if ($rndseed =~/([,:])/) {	if ($rndseed =~/([,:])/) {
my ($num1,$num2)=split(/[,:]/,$rndseed);	my ($num1,$num2) = map { abs($_); } (split(/[,:]/,$rndseed));
&Math::Random::random_set_seed(abs($num1),abs($num2));	if ((!$num1) \|\| (!$num2) \|\| ($num1 > 2147483562) \|\| ($num2 > 2147483398)) {
	&Math::Random::random_set_seed_from_phrase($rndseed);
	} else {
	&Math::Random::random_set_seed($num1,$num2);
	}
} else {	} else {
&Math::Random::random_set_seed_from_phrase($rndseed);	&Math::Random::random_set_seed_from_phrase($rndseed);
}	}
Line 11205 sub repcopy_userfile {	Line 12862 sub repcopy_userfile {
}	}
# now the path exists for sure	# now the path exists for sure
# get a user agent	# get a user agent
my $ua=new LWP::UserAgent;
my $transferfile=$file.'.in.transfer';	my $transferfile=$file.'.in.transfer';
# FIXME: this should flock	# FIXME: this should flock
if (-e $transferfile) { return 'ok'; }	if (-e $transferfile) { return 'ok'; }
Line 11215 sub repcopy_userfile {	Line 12871 sub repcopy_userfile {
my $protocol = $protocol{$homeserver};	my $protocol = $protocol{$homeserver};
$protocol = 'http' if ($protocol ne 'https');	$protocol = 'http' if ($protocol ne 'https');
$request=new HTTP::Request('GET',$protocol.'://'.&hostname($homeserver).'/raw/'.$uri);	$request=new HTTP::Request('GET',$protocol.'://'.&hostname($homeserver).'/raw/'.$uri);
my $response=$ua->request($request,$transferfile);	my $response = &LONCAPA::LWPReq::makerequest($homeserver,$request,$transferfile,\%perlvar,'',0,1);
# did it work?	# did it work?
if ($response->is_error()) {	if ($response->is_error()) {
unlink($transferfile);	unlink($transferfile);
Line 11259 sub getuploaded {	Line 12915 sub getuploaded {
my $protocol = $protocol{$homeserver};	my $protocol = $protocol{$homeserver};
$protocol = 'http' if ($protocol ne 'https');	$protocol = 'http' if ($protocol ne 'https');
$uri = $protocol.'://'.&hostname($homeserver).'/raw/'.$uri;	$uri = $protocol.'://'.&hostname($homeserver).'/raw/'.$uri;
my $ua=new LWP::UserAgent;
my $request=new HTTP::Request($reqtype,$uri);	my $request=new HTTP::Request($reqtype,$uri);
my $response=$ua->request($request);	my $response=&LONCAPA::LWPReq::makerequest($homeserver,$request,'',\%perlvar,'',0,1);
$$rtncode = $response->code;	$$rtncode = $response->code;
if (! $response->is_success()) {	if (! $response->is_success()) {
return 'failed';	return 'failed';
Line 11417 sub default_login_domain {	Line 13072 sub default_login_domain {
sub declutter {	sub declutter {
my $thisfn=shift;	my $thisfn=shift;
if ($thisfn=~m\|^/enc/\|) { $thisfn=&Apache::lonenc::unencrypted($thisfn); }	if ($thisfn=~m\|^/enc/\|) { $thisfn=&Apache::lonenc::unencrypted($thisfn); }
$thisfn=~s/^\Q$perlvar{'lonDocRoot'}\E//;	unless ($thisfn=~m{^/home/httpd/html/priv/}) {
	$thisfn=~s{^/home/httpd/html}{};
	}
$thisfn=~s/^\///;	$thisfn=~s/^\///;
$thisfn=~s\|^adm/wrapper/\|\|;	$thisfn=~s\|^adm/wrapper/\|\|;
$thisfn=~s\|^adm/coursedocs/showdoc/\|\|;	$thisfn=~s\|^adm/coursedocs/showdoc/\|\|;
Line 11460 sub clutter {	Line 13117 sub clutter {
# &logthis("Got a blank emb style");	# &logthis("Got a blank emb style");
}	}
}	}
	} elsif ($thisfn =~ m{^/adm/$match_domain/$match_courseid/\d+/ext\.tool$}) {
	$thisfn='/adm/wrapper'.$thisfn;
}	}
return $thisfn;	return $thisfn;
}	}
Line 11522 sub goodbye {	Line 13181 sub goodbye {
}	}

sub get_dns {	sub get_dns {
my ($url,$func,$ignore_cache) = @_;	my ($url,$func,$ignore_cache,$nocache,$hashref) = @_;
if (!$ignore_cache) {	if (!$ignore_cache) {
my ($content,$cached)=	my ($content,$cached)=
&Apache::lonnet::is_cached_new('dns',$url);	&Apache::lonnet::is_cached_new('dns',$url);
if ($cached) {	if ($cached) {
&$func($content);	&$func($content,$hashref);
return;	return;
}	}
}	}
Line 11544 sub get_dns {	Line 13203 sub get_dns {
$alldns{$host} = $protocol;	$alldns{$host} = $protocol;
}	}
while (%alldns) {	while (%alldns) {
my ($dns) = keys(%alldns);	my ($dns) = sort { $b cmp $a } keys(%alldns);
my $ua=new LWP::UserAgent;
$ua->timeout(30);
my $request=new HTTP::Request('GET',"$alldns{$dns}://$dns$url");	my $request=new HTTP::Request('GET',"$alldns{$dns}://$dns$url");
my $response=$ua->request($request);	my $response = &LONCAPA::LWPReq::makerequest('',$request,'',\%perlvar,30,0);
delete($alldns{$dns});	delete($alldns{$dns});
next if ($response->is_error());	next if ($response->is_error());
my @content = split("\n",$response->content);	my @content = split("\n",$response->content);
&Apache::lonnet::do_cache_new('dns',$url,\@content,302460*60);	unless ($nocache) {
&$func(\@content);	&do_cache_new('dns',$url,\@content,302460*60);
	}
	&$func(\@content,$hashref);
return;	return;
}	}
close($config);	close($config);
Line 11561 sub get_dns {	Line 13220 sub get_dns {
&logthis("unable to contact DNS defaulting to on disk file dns_$which.tab\n");	&logthis("unable to contact DNS defaulting to on disk file dns_$which.tab\n");
open($config,"<$perlvar{'lonTabDir'}/dns_$which.tab");	open($config,"<$perlvar{'lonTabDir'}/dns_$which.tab");
my @content = <$config>;	my @content = <$config>;
&$func(\@content);	&$func(\@content,$hashref);
	return;
	}

	# ------------------------------------------------------Get DNS checksums file
	sub parse_dns_checksums_tab {
	my ($lines,$hashref) = @_;
	my $lonhost = $perlvar{'lonHostID'};
	my $machine_dom = &Apache::lonnet::host_domain($lonhost);
	my $loncaparev = &get_server_loncaparev($machine_dom);
	my $distro = (split(/\:/,&get_server_distarch($lonhost)))[0];
	my $webconfdir = '/etc/httpd/conf';
	if ($distro =~ /^(ubuntu\|debian)(\d+)$/) {
	$webconfdir = '/etc/apache2';
	} elsif ($distro =~ /^sles(\d+)$/) {
	if ($1 >= 10) {
	$webconfdir = '/etc/apache2';
	}
	} elsif ($distro =~ /^suse(\d+\.\d+)$/) {
	if ($1 >= 10.0) {
	$webconfdir = '/etc/apache2';
	}
	}
	my ($release,$timestamp) = split(/\-/,$loncaparev);
	my (%chksum,%revnum);
	if (ref($lines) eq 'ARRAY') {
	chomp(@{$lines});
	my $version = shift(@{$lines});
	if ($version eq $release) {
	foreach my $line (@{$lines}) {
	my ($file,$version,$shasum) = split(/,/,$line);
	if ($file =~ m{^/etc/httpd/conf}) {
	if ($webconfdir eq '/etc/apache2') {
	$file =~ s{^\Q/etc/httpd/conf/\E}{$webconfdir/};
	}
	}
	$chksum{$file} = $shasum;
	$revnum{$file} = $version;
	}
	if (ref($hashref) eq 'HASH') {
	%{$hashref} = (
	sums => \%chksum,
	versions => \%revnum,
	);
	}
	}
	}
return;	return;
}	}

	sub fetch_dns_checksums {
	my %checksums;
	my $machine_dom = &Apache::lonnet::host_domain($perlvar{'lonHostID'});
	my $loncaparev = &get_server_loncaparev($machine_dom,$perlvar{'lonHostID'});
	my ($release,$timestamp) = split(/\-/,$loncaparev);
	&get_dns("/adm/dns/checksums/$release",\&parse_dns_checksums_tab,1,1,
	\%checksums);
	return \%checksums;
	}

# ------------------------------------------------------------ Read domain file	# ------------------------------------------------------------ Read domain file
{	{
my $loaded;	my $loaded;
Line 11592 sub get_dns {	Line 13308 sub get_dns {
}	}

sub load_domain_tab {	sub load_domain_tab {
my ($ignore_cache) = @_;	my ($ignore_cache,$nocache) = @_;
&get_dns('/adm/dns/domain',\&parse_domain_tab,$ignore_cache);	&get_dns('/adm/dns/domain',\&parse_domain_tab,$ignore_cache,$nocache);
my $fh;	my $fh;
if (open($fh,"<".$perlvar{'lonTabDir'}.'/domain.tab')) {	if (open($fh,"<".$perlvar{'lonTabDir'}.'/domain.tab')) {
my @lines = <$fh>;	my @lines = <$fh>;
Line 11671 sub get_dns {	Line 13387 sub get_dns {
&purge_remembered();	&purge_remembered();
&reset_domain_info();	&reset_domain_info();
&reset_hosts_ip_info();	&reset_hosts_ip_info();
	undef(%internetdom);
undef(%name_to_host);	undef(%name_to_host);
undef(%hostname);	undef(%hostname);
undef(%hostdom);	undef(%hostdom);
Line 11679 sub get_dns {	Line 13396 sub get_dns {
}	}

sub load_hosts_tab {	sub load_hosts_tab {
my ($ignore_cache) = @_;	my ($ignore_cache,$nocache) = @_;
&get_dns('/adm/dns/hosts',\&parse_hosts_tab,$ignore_cache);	&get_dns('/adm/dns/hosts',\&parse_hosts_tab,$ignore_cache,$nocache);
open(my $config,"<$perlvar{'lonTabDir'}/hosts.tab");	open(my $config,"<$perlvar{'lonTabDir'}/hosts.tab");
my @config = <$config>;	my @config = <$config>;
&parse_hosts_tab(\@config);	&parse_hosts_tab(\@config);
Line 11702 sub get_dns {	Line 13419 sub get_dns {
}	}

sub all_names {	sub all_names {
&load_hosts_tab() if (!$loaded);	my ($ignore_cache,$nocache) = @_;
	&load_hosts_tab($ignore_cache,$nocache) if (!$loaded);

return %name_to_host;	return %name_to_host;
}	}
Line 11712 sub get_dns {	Line 13430 sub get_dns {
return %hostdom;	return %hostdom;
}	}

	sub all_host_intdom {
	&load_hosts_tab() if (!$loaded);
	return %internetdom;
	}

sub is_library {	sub is_library {
&load_hosts_tab() if (!$loaded);	&load_hosts_tab() if (!$loaded);

Line 11824 sub get_dns {	Line 13547 sub get_dns {
}	}

sub get_iphost {	sub get_iphost {
my ($ignore_cache) = @_;	my ($ignore_cache,$nocache) = @_;

if (!$ignore_cache) {	if (!$ignore_cache) {
if (%iphost) {	if (%iphost) {
Line 11848 sub get_dns {	Line 13571 sub get_dns {
%old_name_to_ip = %{$ip_info->[1]};	%old_name_to_ip = %{$ip_info->[1]};
}	}

my %name_to_host = &all_names();	my %name_to_host = &all_names($ignore_cache,$nocache);
foreach my $name (keys(%name_to_host)) {	foreach my $name (keys(%name_to_host)) {
my $ip;	my $ip;
if (!exists($name_to_ip{$name})) {	if (!exists($name_to_ip{$name})) {
Line 11873 sub get_dns {	Line 13596 sub get_dns {
}	}
push(@{$iphost{$ip}},@{$name_to_host{$name}});	push(@{$iphost{$ip}},@{$name_to_host{$name}});
}	}
&Apache::lonnet::do_cache_new('iphost','iphost',	unless ($nocache) {
[\%iphost,\%name_to_ip,\%lonid_to_ip],	&do_cache_new('iphost','iphost',
486060);	[\%iphost,\%name_to_ip,\%lonid_to_ip],
	486060);
	}

return %iphost;	return %iphost;
}	}
Line 11931 sub get_dns {	Line 13656 sub get_dns {
}	}
$seen{$prim_ip} = 1;	$seen{$prim_ip} = 1;
}	}
return &Apache::lonnet::do_cache_new('internetnames',$lonid,\@idns,126060);	return &do_cache_new('internetnames',$lonid,\@idns,126060);
}	}

}	}

sub all_loncaparevs {	sub all_loncaparevs {
return qw(1.1 1.2 1.3 2.0 2.1 2.2 2.3 2.4 2.5 2.6 2.7 2.8 2.9 2.10);	return qw(1.1 1.2 1.3 2.0 2.1 2.2 2.3 2.4 2.5 2.6 2.7 2.8 2.9 2.10 2.11);
	}

	# ---------------------------------------------------------- Read loncaparev table
	{
	sub load_loncaparevs {
	if (-e "$perlvar{'lonTabDir'}/loncaparevs.tab") {
	if (open(my $config,"<$perlvar{'lonTabDir'}/loncaparevs.tab")) {
	while (my $configline=<$config>) {
	chomp($configline);
	my ($hostid,$loncaparev)=split(/:/,$configline);
	$loncaparevs{$hostid}=$loncaparev;
	}
	close($config);
	}
	}
	}
	}

	# ---------------------------------------------------------- Read serverhostID table
	{
	sub load_serverhomeIDs {
	if (-e "$perlvar{'lonTabDir'}/serverhomeIDs.tab") {
	if (open(my $config,"<$perlvar{'lonTabDir'}/serverhomeIDs.tab")) {
	while (my $configline=<$config>) {
	chomp($configline);
	my ($name,$id)=split(/:/,$configline);
	$serverhomeIDs{$name}=$id;
	}
	close($config);
	}
	}
	}
}	}


BEGIN {	BEGIN {

# ----------------------------------- Read loncapa.conf and loncapa_apache.conf	# ----------------------------------- Read loncapa.conf and loncapa_apache.conf
Line 12016 BEGIN {	Line 13774 BEGIN {
}	}

# ---------------------------------------------------------- Read loncaparev table	# ---------------------------------------------------------- Read loncaparev table
{
if (-e "$perlvar{'lonTabDir'}/loncaparevs.tab") {	&load_loncaparevs();
if (open(my $config,"<$perlvar{'lonTabDir'}/loncaparevs.tab")) {
while (my $configline=<$config>) {
chomp($configline);
my ($hostid,$loncaparev)=split(/:/,$configline);
$loncaparevs{$hostid}=$loncaparev;
}
close($config);
}
}
}

# ---------------------------------------------------------- Read serverhostID table	# ---------------------------------------------------------- Read serverhostID table
{
if (-e "$perlvar{'lonTabDir'}/serverhomeIDs.tab") {
if (open(my $config,"<$perlvar{'lonTabDir'}/serverhomeIDs.tab")) {
while (my $configline=<$config>) {
chomp($configline);
my ($name,$id)=split(/:/,$configline);
$serverhomeIDs{$name}=$id;
}
close($config);
}
}
}

	&load_serverhomeIDs();

	# ---------------------------------------------------------- Read releaseslist XML
{	{
my $file = $Apache::lonnet::perlvar{'lonTabDir'}.'/releaseslist.xml';	my $file = $Apache::lonnet::perlvar{'lonTabDir'}.'/releaseslist.xml';
if (-e $file) {	if (-e $file) {
Line 12052 BEGIN {	Line 13791 BEGIN {
my $item = $token->[1];	my $item = $token->[1];
my $name = $token->[2]{'name'};	my $name = $token->[2]{'name'};
my $value = $token->[2]{'value'};	my $value = $token->[2]{'value'};
if ($item ne '' && $name ne '' && $value ne '') {	my $valuematch = $token->[2]{'valuematch'};
	my $namematch = $token->[2]{'namematch'};
	if ($item eq 'parameter') {
	if (($namematch ne '') \|\| (($name ne '') && ($value ne '' \|\| $valuematch ne ''))) {
	my $release = $parser->get_text();
	$release =~ s/(^\s\|\s$ )//gx;
	$needsrelease{$item.':'.$name.':'.$value.':'.$valuematch.':'.$namematch} = $release;
	}
	} elsif ($item ne '' && $name ne '') {
my $release = $parser->get_text();	my $release = $parser->get_text();
$release =~ s/(^\s\|\s$ )//gx;	$release =~ s/(^\s\|\s$ )//gx;
$needsrelease{$item.':'.$name.':'.$value} = $release;	$needsrelease{$item.':'.$name.':'.$value} = $release;
Line 12241 were new keys. I.E. 1:foo will become 1:	Line 13988 were new keys. I.E. 1:foo will become 1:

Calling convention:	Calling convention:

my %record=&Apache::lonnet::restore($symb,$courseid,$domain,$uname,$home);	my %record=&Apache::lonnet::restore($symb,$courseid,$domain,$uname);
&Apache::lonnet::cstore(\%newrecord,$symb,$courseid,$domain,$uname,$home);	&Apache::lonnet::cstore(\%newrecord,$symb,$courseid,$domain,$uname,$laststore);

For more detailed information, see lonnet specific documentation.	For more detailed information, see lonnet specific documentation.

Line 12325 the answer, and also caches if there is	Line 14072 the answer, and also caches if there is

=item *	=item *
X<idget()>	X<idget()>
B<idget($udom,@ids)>: find the usernames behind a list of IDs	B<idget($udom,$idsref,$namespace)>: find the usernames behind either
(IDs are a unique resource in a domain, there must be only 1 ID per	a list of student/employee IDs or clicker IDs
username, and only 1 username per ID in a specific domain) (returns	(student/employee IDs are a unique resource in a domain, there must be
hash: id=>name,id=>name)	only 1 ID per username, and only 1 username per ID in a specific domain).
	clickerIDs are not necessarily unique, as students might share clickers.
	(returns hash: id=>name,id=>name)

=item *	=item *
X<idrget()>	X<idrget()>
Line 12337 usernames (returns hash: name=>id,name=>	Line 14086 usernames (returns hash: name=>id,name=>

=item *	=item *
X<idput()>	X<idput()>
B<idput($udom,%ids)>: store away a list of names and associated IDs	B<idput($udom,$idsref,$uhome,$namespace)>: store away a list of
	names and associated student/employee IDs or clicker IDs.

	=item *
	X<iddel()>
	B<iddel($udom,$idshashref,$uhome,$namespace)>: delete unwanted
	student/employee ID or clicker ID username look-ups from domain.
	The homeserver ($uhome) and namespace ($namespace) are optional.
	If no $uhome is provided, it will be determined usig &homeserver()
	for each user. If no $namespace is provided, the default is ids.

	=item *
	X<updateclickers()>
	B<updateclickers($udom,$action,$idshashref,$uhome,$critical)>: update
	clicker ID-to-username look-ups in clickers.db on library server.
	Permitted actions are add or del (i.e., add or delete). The
	clickers.db contains clickerID as keys (escaped), and each corresponding
	value is an escaped comma-separated list of usernames (for whom the
	library server is the homeserver), who registered that particular ID.
	If $critical is true, the update will be sent via &critical, otherwise
	&reply() will be used.

=item *	=item *
X<rolesinit()>	X<rolesinit()>
Line 12378 escaped strings of the action recorded i	Line 14147 escaped strings of the action recorded i

=item *	=item *

allowed($priv,$uri,$symb,$role) : check for a user privilege; returns codes for allowed actions	allowed($priv,$uri,$symb,$role,$clientip,$noblockcheck) : check for a user privilege;
	returns codes for allowed actions.

	The first argument is required, all others are optional.

	$priv is the privilege being checked.
	$uri contains additional information about what is being checked for access (e.g.,
	URL, course ID etc.).
	$symb is the unique resource instance identifier in a course; if needed,
	but not provided, it will be retrieved via a call to &symbread().
	$role is the role for which a priv is being checked (only used if priv is evb).
	$clientip is the user's IP address (only used when checking for access to portfolio
	files).
	$noblockcheck, if true, skips calls to &has_comm_blocking() for the bre priv. This
	prevents recursive calls to &allowed.

F: full access	F: full access
U,I,K: authentication modes (cxx only)	U,I,K: authentication modes (cxx only)
'': forbidden	'': forbidden
1: user needs to choose course	1: user needs to choose course
2: browse allowed	2: browse allowed
A: passphrase authentication needed	A: passphrase authentication needed
	B: access temporarily blocked because of a blocking event in a course.

=item *	=item *

Line 12403 in which case the null string is returne	Line 14188 in which case the null string is returne

=item *	=item *

definerole($rolename,$sysrole,$domrole,$courole) : define role; define a custom	definerole($rolename,$sysrole,$domrole,$courole,$uname,$udom) : define role;
role rolename set privileges in format of lonTabs/roles.tab for system, domain,	define a custom role rolename set privileges in format of lonTabs/roles.tab
and course level	for system, domain, and course level. $uname and $udom are optional (current
	user's username and domain will be used when either of $uname or $udom are absent.

=item *	=item *

Line 12419 environment). If no custom name is defi	Line 14205 environment). If no custom name is defi

=item *	=item *

get_my_roles($uname,$udom,$context,$types,$roles,$roledoms,$withsec) :	get_my_roles($uname,$udom,$context,$types,$roles,$roledoms,$withsec,$hidepriv) :
All arguments are optional. Returns a hash of a roles, either for	All arguments are optional. Returns a hash of a roles, either for
co-author/assistant author roles for a user's Construction Space	co-author/assistant author roles for a user's Construction Space
(default), or if $context is 'userroles', roles for the user himself,	(default), or if $context is 'userroles', roles for the user himself,
Line 12442 Additional optional arguments are: $type	Line 14228 Additional optional arguments are: $type
to certain user status types -- previous (expired roles), active (currently	to certain user status types -- previous (expired roles), active (currently
available roles) or future (roles available in the future), and	available roles) or future (roles available in the future), and
$hideprivileged -- if true will not report course roles for users who	$hideprivileged -- if true will not report course roles for users who
have active Domain Coordinator or Super User roles.	have active Domain Coordinator role in course's domain or in additional
	domains (specified in 'Domains to check for privileged users' in course
	environment -- set via: Course Settings -> Classlists and staff listing).

	=item *

	privileged($username,$domain,$possdomains,$possroles) : returns 1 if user
	$username:$domain is a privileged user (e.g., Domain Coordinator or Super User)
	$possdomains and $possroles are optional array refs -- to domains to check and
	roles to check. If $possdomains is not specified, a dump will be done of the
	users' roles.db to check for a dc or su role in any domain. This can be
	time consuming if &privileged is called repeatedly (e.g., when displaying a
	classlist), so in such cases, supplying a $possdomains array is preferred, as
	this then allows &privileged_by_domain() to be used, which caches the identity
	of privileged users, eliminating the need for repeated calls to &dump().

	=item *

	privileged_by_domain($possdomains,$roles) : returns a hash of a hash of a hash,
	where the outer hash keys are domains specified in the $possdomains array ref,
	next inner hash keys are privileged roles specified in the $roles array ref,
	and the innermost hash contains key = value pairs for username:domain = end:start
	for active or future "privileged" users with that role in that domain. To avoid
	repeated dumps of domain roles -- via &get_domain_roles() -- contents of the
	innerhash are cached using priv_$role and $dom as the identifiers.

=back	=back

Line 12485 or when Autoupdate.pl is run by cron in	Line 14295 or when Autoupdate.pl is run by cron in
modifystudent	modifystudent

modify a student's enrollment and identification information.	modify a student's enrollment and identification information.
The course id is resolved based on the current users environment.	The course id is resolved based on the current user's environment.
This means the envoking user must be a course coordinator or otherwise	This means the invoking user must be a course coordinator or otherwise
associated with a course.	associated with a course.

This call is essentially a wrapper for lonnet::modifyuser and	This call is essentially a wrapper for lonnet::modifyuser and
Line 12536 Inputs:	Line 14346 Inputs:

=item B<$context> role change context (shown in User Management Logs display in a course)	=item B<$context> role change context (shown in User Management Logs display in a course)

=item B<$inststatus> institutional status of user - : separated string of escaped status types	=item B<$inststatus> institutional status of user - : separated string of escaped status types

	=item B<$credits> Number of credits student will earn from this class - only needs to be supplied if value needs to be different from default credits for class.

=back	=back

Line 12544 Inputs:	Line 14356 Inputs:

modify_student_enrollment	modify_student_enrollment

Change a students enrollment status in a class. The environment variable	Change a student's enrollment status in a class. The environment variable
'role.request.course' must be defined for this function to proceed.	'role.request.course' must be defined for this function to proceed.

Inputs:	Inputs:

=over 4	=over 4

=item $udom, students domain	=item $udom, student's domain

=item $uname, students name	=item $uname, student's name

=item $uid, students user id	=item $uid, student's user id

=item $first, students first name	=item $first, student's first name

=item $middle	=item $middle

Line 12581 Inputs:	Line 14393 Inputs:

=item $context	=item $context

	=item $credits, number of credits student will earn from this class

	=item $instsec, institutional course section code for student

=back	=back


Line 12637 If defined, the supplied username is use	Line 14453 If defined, the supplied username is use
resdata($name,$domain,$type,@which) : request for current parameter	resdata($name,$domain,$type,@which) : request for current parameter
setting for a specific $type, where $type is either 'course' or 'user',	setting for a specific $type, where $type is either 'course' or 'user',
@what should be a list of parameters to ask about. This routine caches	@what should be a list of parameters to ask about. This routine caches
answers for 5 minutes.	answers for 10 minutes.

=item *	=item *

Line 12646 data base, returning a hash that is keye	Line 14462 data base, returning a hash that is keye
values that are the resource value. I believe that the timestamps and	values that are the resource value. I believe that the timestamps and
versions are also returned.	versions are also returned.

	get_numsuppfiles($cnum,$cdom) : retrieve number of files in a course's
	supplemental content area. This routine caches the number of files for
	10 minutes.

=back	=back

=head2 Course Modification	=head2 Course Modification
Line 12705 resource. Expects the local filesystem p	Line 14525 resource. Expects the local filesystem p

=item *	=item *

EXT($varname,$symb,$udom,$uname) : evaluates and returns the value of	EXT($varname,$symb,$udom,$uname,$usection,$recurse,$cid) : evaluates
a vairety of different possible values, $varname should be a request	and returns the value of a variety of different possible values,
string, and the other parameters can be used to specify who and what	$varname should be a request string, and the other parameters can be
one is asking about.	used to specify who and what one is asking about. Ordinarily, $cid
	does not need to be specified, as it is retrived from
	$env{'request.course.id'}, but &Apache::lonnet::EXT() is called
	within lonuserstate::loadmap() when initializing a course, before
	$env{'request.course.id'} has been set, so it needs to be provided
	in that one case.

Possible values for $varname are environment.lastname (or other item	Possible values for $varname are environment.lastname (or other item
from the envirnment hash), user.name (or someother aspect about the	from the envirnment hash), user.name (or someother aspect about the
Line 12741 will be stored for query	Line 14566 will be stored for query

=item *	=item *

symbread($filename) : return symbolic list entry (filename argument optional);	symbread($filename,$donotrecurse,$ignorecachednull,$checkforblock,$possibles) :
	return symbolic list entry (all arguments optional).

	Args: filename is the filename (including path) for the file for which a symb
	is required; donotrecurse, if true will prevent calls to allowed() being made
	to check access status if more than one resource was found in the bighash
	(see rev. 1.249) to avoid an infinite loop if an ambiguous resource is part of
	a randompick); ignorecachednull, if true will prevent a symb of '' being
	returned if $env{$cache_str} is defined as ''; checkforblock if true will
	cause possible symbs to be checked to determine if they are subject to content
	blocking, if so they will not be included as possible symbs; possibles is a
	ref to a hash, which, as a side effect, will be populated with all possible
	symbs (content blocking not tested).

returns the data handle	returns the data handle

=item *	=item *
Line 12842 homeserver.	Line 14680 homeserver.

=item *	=item *

store($storehash,$symb,$namespace,$udom,$uname) : stores hash permanently	store($storehash,$symb,$namespace,$udom,$uname,$laststore) : stores hash
for this url; hashref needs to be given and should be a \%hashname; the	permanently for this url; hashref needs to be given and should be a \%hashname;
remaining args aren't required and if they aren't passed or are '' they will	the remaining args aren't required and if they aren't passed or are '' they will
be derived from the env	be derived from the env (with the exception of $laststore, which is an
	optional arg used when a user's submission is stored in grading).
	$laststore is $version=$timestamp, where $version is the most recent version
	number retrieved for the corresponding $symb in the $namespace db file, and
	$timestamp is the timestamp for that transaction (UNIX time).
	$laststore is currently only passed when cstore() is called by
	structuretags::finalize_storage().

=item *	=item *

cstore($storehash,$symb,$namespace,$udom,$uname) : same as store but	cstore($storehash,$symb,$namespace,$udom,$uname,$laststore) : same as store
uses critical subroutine	but uses critical subroutine

=item *	=item *

Line 12873 $range should be either an integer '100'	Line 14717 $range should be either an integer '100'

=item *	=item *

putstore($namespace,$symb,$version,$storehash,$udomain,$uname) :	putstore($namespace,$symb,$version,$storehash,$udomain,$uname,$tolog) :
replaces a &store() version of data with a replacement set of data	replaces a &store() version of data with a replacement set of data
for a particular resource in a namespace passed in the $storehash hash	for a particular resource in a namespace passed in the $storehash hash
reference	reference. If $tolog is true, the transaction is logged in the courselog
	with an action=PUTSTORE.

=item *	=item *

Line 12986 server ($udom and $uhome are optional)	Line 14831 server ($udom and $uhome are optional)

=item *	=item *

get_domain_defaults($target_domain) : returns hash with defaults for	get_domain_defaults($target_domain,$ignore_cache) : returns hash with defaults
authentication and language in the domain. Keys are: auth_def, auth_arg_def,	for: authentication, language, quotas, timezone, date locale, and portal URL in
lang_def; corresponsing values are authentication type (internal, krb4, krb5,	the target domain.
or localauth), initial password or a kerberos realm, language (e.g., en-us).
Values are retrieved from cache (if current), or from domain's configuration.db	May also include additional key => value pairs for the following groups:
(if available), or lastly from values in lonTabs/dns_domain,tab,
or lonTabs/domain.tab.	=over

	=item
	disk quotas (MB allocated by default to portfolios and authoring spaces).

	=over

	=item defaultquota, authorquota

	=back

	=item
	tools (availability of aboutme page, blog, webDAV access for authoring spaces,
	portfolio for users).

	=over

	=item
	aboutme, blog, webdav, portfolio

	=back

	=item
	requestcourses: ability to request courses, and how requests are processed.

	=over

	=item
	official, unofficial, community, textbook, placement

	=back

	=item
	inststatus: types of institutional affiliation, and order in which they are displayed.

	=over

	=item
	inststatustypes, inststatusorder, inststatusguest

	=back

	=item
	coursedefaults: can PDF forms can be created, default credits for courses, default quotas (MB)
	for course's uploaded content.

	=over

	=item
	canuse_pdfforms, officialcredits, unofficialcredits, textbookcredits, officialquota, unofficialquota,
	communityquota, textbookquota, placementquota

	=back

	=item
	usersessions: set options for hosting of your users in other domains, and hosting of users from other domains
	on your servers.

	=over

	=item
	remotesessions, hostedsessions

	=back

	=back

	In cases where a domain coordinator has never used the "Set Domain Configuration"
	utility to create a configuration.db file on a domain's primary library server
	only the following domain defaults: auth_def, auth_arg_def, lang_def
	-- corresponding values are authentication type (internal, krb4, krb5,
	or localauth), initial password or a kerberos realm, language (e.g., en-us) --
	will be available. Values are retrieved from cache (if current), unless the
	optional $ignore_cache arg is true, or from domain's configuration.db (if available),
	or lastly from values in lonTabs/dns_domain,tab, or lonTabs/domain.tab.

	Typical usage:

%domdefaults = &get_auth_defaults($target_domain);	%domdefaults = &get_domain_defaults($target_domain);

=back	=back

Line 13219 filelocation except for hrefs	Line 15140 filelocation except for hrefs

=item *	=item *

declutter() : declutters URLs (remove docroot, beginning slashes, 'res' etc)	declutter() : declutters URLs -- remove beginning slashes, 'res' etc.
	also removes beginning /home/httpd/html unless /priv/ follows it.

=back	=back

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>

Removed from v.1.1199
changed lines
	Added in v.1.1348