--- loncom/lonnet/perl/lonnet.pm 2012/10/31 12:54:23 1.1193 +++ loncom/lonnet/perl/lonnet.pm 2012/11/08 18:37:52 1.1194 @@ -1,7 +1,7 @@ # The LearningOnline Network # TCP networking package # -# $Id: lonnet.pm,v 1.1193 2012/10/31 12:54:23 raeburn Exp $ +# $Id: lonnet.pm,v 1.1194 2012/11/08 18:37:52 raeburn Exp $ # # Copyright Michigan State University Board of Trustees # @@ -2663,19 +2663,110 @@ sub allowuploaded { # sub can_edit_resource { - my ($file,$cnum,$cdom) = @_; - my ($cfile,$home,$switchserver,$uploaded); + my ($file,$cnum,$cdom,$resurl,$symb,$group) = @_; + my ($cfile,$home,$switchserver,$forceedit,$forceview,$uploaded,$incourse); +# +# For aboutme pages user can only edit his/her own. +# + if ($resurl =~ m{^/adm/($match_domain)/($match_username)/aboutme$}) { + my ($sdom,$sname) = ($1,$2); + if (($sdom eq $env{'user.domain'}) && ($sname eq $env{'user.name'})) { + $home = $env{'user.home'}; + $cfile = $resurl; + if ($env{'form.forceedit'}) { + $forceview = 1; + } else { + $forceedit = 1; + } + return ($cfile,$home,$switchserver,$forceedit,$forceview); + } else { + return; + } + } + + if ($env{'request.course.id'}) { + my $crsedit = &Apache::lonnet::allowed('mdc',$env{'request.course.id'}); + if ($group ne '') { +# if this is a group homepage or group bulletin board, check group privs + my $allowed = 0; + if ($resurl =~ m{^/adm/$cdom/$cnum/$group/smppg$}) { + if ((&Apache::lonnet::allowed('mdg',$env{'request.course.id'}. + ($env{'request.course.sec'}?'/'.$env{'request.course.sec'}:''))) || + (&allowed('mgh',$env{'request.course.id'}.'/'.$group)) || $crsedit) { + $allowed = 1; + } + } elsif ($resurl =~ m{^/adm/$cdom/$cnum/\d+/bulletinboard$}) { + unless ((&allowed(&Apache::lonnet::allowed('mdg',$env{'request.course.id'}.($env{'request.course.sec'}?'/'.$env{'request.course.sec'}:'')))) || + (&allowed('cgb',$env{'request.course.id'}.$group)) || $crsedit) { + $allowed = 1; + } + } + if ($allowed) { + $home=&homeserver($cnum,$cdom); + if ($env{'form.forceedit'}) { + $forceview = 1; + } else { + $forceedit = 1; + } + $cfile = $resurl; + } else { + return; + } + } else { +# +# No edit allowed where CC has switched to student role. +# + unless ($crsedit) { + return; + } + } + } + if ($file ne '') { if (($cnum =~ /$match_courseid/) && ($cdom =~ /$match_domain/)) { - $uploaded = &is_course_upload($file,$cnum,$cdom); - if ($uploaded) { - $home=&homeserver($cnum,$cdom); + if (&is_course_upload($file,$cnum,$cdom)) { + $uploaded = 1; + $incourse = 1; if ($file =~/\.(htm|html|css|js|txt)$/) { $cfile = &hreflocation('',$file); + $forceedit = 1; + } + } elsif ($resurl =~ m{^/public/$cdom/$cnum/syllabus}) { + $incourse = 1; + if ($env{'form.forceedit'}) { + $forceview = 1; + } else { + $forceedit = 1; + } + $cfile = $resurl; + } elsif (($resurl ne '') && (&is_on_map($resurl))) { + if ($resurl =~ m{^/adm/$match_domain/$match_username/\d+/smppg|bulletinboard$}) { + $incourse = 1; + if ($env{'form.forceedit'}) { + $forceview = 1; + } else { + $forceedit = 1; + } + $cfile = $resurl; + } elsif (($resurl eq '/res/lib/templates/simpleproblem.problem')) { + $incourse = 1; + $cfile = $resurl.'/smpedit'; + } elsif ($resurl =~ /ext/) { + $incourse = 1; + # is external + } + } elsif ($resurl eq '/res/lib/templates/simpleproblem.problem/smpedit') { + my $template = '/res/lib/templates/simpleproblem.problem'; + if (&is_on_map($template)) { + $incourse = 1; + $forceview = 1; + $cfile = $template; } } } - unless ($uploaded) { + if ($uploaded || $incourse) { + $home=&homeserver($cnum,$cdom); + } else { $file=~s{^(priv/$match_domain/$match_username)}{/$1}; $file=~s{^($match_domain/$match_username)}{/priv/$1}; # Check that the user has permission to edit this resource @@ -2686,14 +2777,15 @@ sub can_edit_resource { $cfile=$file; } } - if (($cfile ne '') && (($home ne '') && ($home ne 'no_host'))) { + if (($cfile ne '') && (!$incourse || $uploaded) && + (($home ne '') && ($home ne 'no_host'))) { my @ids=¤t_machine_ids(); unless (grep(/^\Q$home\E$/,@ids)) { $switchserver=1; } } } - return ($cfile,$home,$switchserver,$uploaded); + return ($cfile,$home,$switchserver,$forceedit,$forceview); } sub is_course_upload { @@ -2707,6 +2799,31 @@ sub is_course_upload { return; } +sub in_course { + my ($udom,$uname,$cdom,$cnum,$type) = @_; + $type ||= 'any'; + if (!defined($cdom) || !defined($cnum)) { + my $cid = $env{'request.course.id'}; + $cdom = $env{'course.'.$cid.'.domain'}; + $cnum = $env{'course.'.$cid.'.num'}; + } + my $typesref; + if ($type eq 'all') { + $typesref = ['active','previous','future']; + } elsif ($type eq 'previous' || $type eq 'future') { + $typesref = [$type]; + } + my %roles = &get_my_roles($uname,$udom,'userroles', + $typesref,undef,[$cdom]); + my ($tmp) = keys(%roles); + return 0 if ($tmp =~ /^(con_lost|error|no_such_host)/i); + my @course_roles = grep(/^\Q$cnum\E:\Q$cdom\E:/, keys(%roles)); + if (@course_roles > 0) { + return 1; + } + return 0; +} + # --------- File operations in /home/httpd/html/userfiles/$domain/1/2/3/$course # input: action, courseID, current domain, intended # path to file, source of file, instruction to parse file for objects,