Annotation of loncom/lonnet/perl/lonnet.pm, revision 1.21
1.1 albertel 1: # The LearningOnline Network
2: # TCP networking package
1.12 www 3: #
4: # Functions for use by content handlers:
5: #
6: # plaintext(short) : plain text explanation of short term
1.21 ! www 7: # allowed(short,url) : returns codes for allowed actions F,R,S,C
! 8: # definerole(rolename,sys,dom,cou) : define a custom role rolename
! 9: # set priviledges in format of lonTabs/roles.tab for
! 10: # system, domain and course level,
! 11: # assignrole(udom,uname,url,role,end,start) : give a role to a user for the
! 12: # level given by url. Optional start and end dates
! 13: # (leave empty string or zero for "no date")
! 14: # assigncustomrole (udom,uname,url,rdom,rnam,rolename,end,start) : give a
! 15: # custom role to a user for the level given by url.
! 16: # Specify name and domain of role author, and role name
! 17: # revokerole (udom,uname,url,role) : Revoke a role for url
! 18: # revokecustomrole (udom,uname,url,rdom,rnam,rolename) : Revoke a custom role
1.12 www 19: # appendenv(hash) : adds hash to session environment
20: # store(hash) : stores hash permanently for this url
21: # restore : returns hash for this url
22: # eget(namesp,array) : returns hash with keys from array filled in from namesp
23: # get(namesp,array) : returns hash with keys from array filled in from namesp
24: # put(namesp,hash) : stores hash in namesp
1.15 www 25: # dump(namesp) : dumps the complete namespace into a hash
26: # ssi(url) : does a complete request cycle on url to localhost
1.17 www 27: # repcopy(filename) : replicate file
28: # dirlist(url) : gets a directory listing
1.12 www 29: #
1.1 albertel 30: # 6/1/99,6/2,6/10,6/11,6/12,6/14,6/26,6/28,6/29,6/30,
1.5 www 31: # 7/1,7/2,7/9,7/10,7/12,7/14,7/15,7/19,
1.8 www 32: # 11/8,11/16,11/18,11/22,11/23,12/22,
1.12 www 33: # 01/06,01/13,02/24,02/28,02/29,
34: # 03/01,03/02,03/06,03/07,03/13,
1.15 www 35: # 04/05,05/29,05/31,06/01,
36: # 06/05,06/26 Gerd Kortemeyer
37: # 06/26 Ben Tyszka
1.21 ! www 38: # 06/30,07/15,07/17,07/18,07/20,07/21,07/22 Gerd Kortemeyer
1.1 albertel 39:
40: package Apache::lonnet;
41:
42: use strict;
43: use Apache::File;
1.8 www 44: use LWP::UserAgent();
1.15 www 45: use HTTP::Headers;
1.11 www 46: use vars
47: qw(%perlvar %hostname %homecache %spareid %hostdom %libserv %pr %prp $readit);
1.1 albertel 48: use IO::Socket;
1.8 www 49: use Apache::Constants qw(:common :http);
1.1 albertel 50:
51: # --------------------------------------------------------------------- Logging
52:
53: sub logthis {
54: my $message=shift;
55: my $execdir=$perlvar{'lonDaemons'};
56: my $now=time;
57: my $local=localtime($now);
58: my $fh=Apache::File->new(">>$execdir/logs/lonnet.log");
59: print $fh "$local ($$): $message\n";
60: return 1;
61: }
62:
63: sub logperm {
64: my $message=shift;
65: my $execdir=$perlvar{'lonDaemons'};
66: my $now=time;
67: my $local=localtime($now);
68: my $fh=Apache::File->new(">>$execdir/logs/lonnet.perm.log");
69: print $fh "$now:$message:$local\n";
70: return 1;
71: }
72:
73: # -------------------------------------------------- Non-critical communication
74: sub subreply {
75: my ($cmd,$server)=@_;
76: my $peerfile="$perlvar{'lonSockDir'}/$server";
77: my $client=IO::Socket::UNIX->new(Peer =>"$peerfile",
78: Type => SOCK_STREAM,
79: Timeout => 10)
80: or return "con_lost";
81: print $client "$cmd\n";
82: my $answer=<$client>;
1.9 www 83: if (!$answer) { $answer="con_lost"; }
1.1 albertel 84: chomp($answer);
85: return $answer;
86: }
87:
88: sub reply {
89: my ($cmd,$server)=@_;
90: my $answer=subreply($cmd,$server);
91: if ($answer eq 'con_lost') { $answer=subreply($cmd,$server); }
1.12 www 92: if (($answer=~/^error:/) || ($answer=~/^refused/) ||
93: ($answer=~/^rejected/)) {
94: &logthis("<font color=blue>WARNING:".
95: " $cmd to $server returned $answer</font>");
96: }
1.1 albertel 97: return $answer;
98: }
99:
100: # ----------------------------------------------------------- Send USR1 to lonc
101:
102: sub reconlonc {
103: my $peerfile=shift;
104: &logthis("Trying to reconnect for $peerfile");
105: my $loncfile="$perlvar{'lonDaemons'}/logs/lonc.pid";
106: if (my $fh=Apache::File->new("$loncfile")) {
107: my $loncpid=<$fh>;
108: chomp($loncpid);
109: if (kill 0 => $loncpid) {
110: &logthis("lonc at pid $loncpid responding, sending USR1");
111: kill USR1 => $loncpid;
112: sleep 1;
113: if (-e "$peerfile") { return; }
114: &logthis("$peerfile still not there, give it another try");
115: sleep 5;
116: if (-e "$peerfile") { return; }
1.12 www 117: &logthis(
118: "<font color=blue>WARNING: $peerfile still not there, giving up</font>");
1.1 albertel 119: } else {
1.12 www 120: &logthis(
121: "<font color=blue>WARNING:".
122: " lonc at pid $loncpid not responding, giving up</font>");
1.1 albertel 123: }
124: } else {
1.12 www 125: &logthis('<font color=blue>WARNING: lonc not running, giving up</font>');
1.1 albertel 126: }
127: }
128:
129: # ------------------------------------------------------ Critical communication
1.12 www 130:
1.1 albertel 131: sub critical {
132: my ($cmd,$server)=@_;
133: my $answer=reply($cmd,$server);
134: if ($answer eq 'con_lost') {
135: my $pingreply=reply('ping',$server);
136: &reconlonc("$perlvar{'lonSockDir'}/$server");
137: my $pongreply=reply('pong',$server);
138: &logthis("Ping/Pong for $server: $pingreply/$pongreply");
139: $answer=reply($cmd,$server);
140: if ($answer eq 'con_lost') {
141: my $now=time;
142: my $middlename=$cmd;
1.5 www 143: $middlename=substr($middlename,0,16);
1.1 albertel 144: $middlename=~s/\W//g;
145: my $dfilename=
146: "$perlvar{'lonSockDir'}/delayed/$now.$middlename.$server";
147: {
148: my $dfh;
149: if ($dfh=Apache::File->new(">$dfilename")) {
1.7 www 150: print $dfh "$cmd\n";
1.1 albertel 151: }
152: }
153: sleep 2;
154: my $wcmd='';
155: {
156: my $dfh;
157: if ($dfh=Apache::File->new("$dfilename")) {
158: $wcmd=<$dfh>;
159: }
160: }
161: chomp($wcmd);
1.7 www 162: if ($wcmd eq $cmd) {
1.12 www 163: &logthis("<font color=blue>WARNING: ".
164: "Connection buffer $dfilename: $cmd</font>");
1.1 albertel 165: &logperm("D:$server:$cmd");
166: return 'con_delayed';
167: } else {
1.12 www 168: &logthis("<font color=red>CRITICAL:"
169: ." Critical connection failed: $server $cmd</font>");
1.1 albertel 170: &logperm("F:$server:$cmd");
171: return 'con_failed';
172: }
173: }
174: }
175: return $answer;
176: }
177:
1.5 www 178: # ---------------------------------------------------------- Append Environment
179:
180: sub appenv {
1.6 www 181: my %newenv=@_;
182: my @oldenv;
183: {
184: my $fh;
185: unless ($fh=Apache::File->new("$ENV{'user.environment'}")) {
1.5 www 186: return 'error';
1.6 www 187: }
188: @oldenv=<$fh>;
189: }
190: for (my $i=0; $i<=$#oldenv; $i++) {
191: chomp($oldenv[$i]);
1.9 www 192: if ($oldenv[$i] ne '') {
193: my ($name,$value)=split(/=/,$oldenv[$i]);
194: $newenv{$name}=$value;
195: }
1.6 www 196: }
197: {
198: my $fh;
199: unless ($fh=Apache::File->new(">$ENV{'user.environment'}")) {
200: return 'error';
201: }
202: my $newname;
203: foreach $newname (keys %newenv) {
204: print $fh "$newname=$newenv{$newname}\n";
205: }
1.5 www 206: }
207: return 'ok';
208: }
1.1 albertel 209:
210: # ------------------------------ Find server with least workload from spare.tab
1.11 www 211:
1.1 albertel 212: sub spareserver {
213: my $tryserver;
214: my $spareserver='';
215: my $lowestserver=100;
216: foreach $tryserver (keys %spareid) {
217: my $answer=reply('load',$tryserver);
218: if (($answer =~ /\d/) && ($answer<$lowestserver)) {
219: $spareserver="http://$hostname{$tryserver}";
220: $lowestserver=$answer;
221: }
222: }
223: return $spareserver;
224: }
225:
226: # --------- Try to authenticate user from domain's lib servers (first this one)
1.11 www 227:
1.1 albertel 228: sub authenticate {
229: my ($uname,$upass,$udom)=@_;
1.12 www 230: $upass=escape($upass);
1.1 albertel 231: if (($perlvar{'lonRole'} eq 'library') &&
232: ($udom eq $perlvar{'lonDefDomain'})) {
1.3 www 233: my $answer=reply("encrypt:auth:$udom:$uname:$upass",$perlvar{'lonHostID'});
1.2 www 234: if ($answer =~ /authorized/) {
1.9 www 235: if ($answer eq 'authorized') {
236: &logthis("User $uname at $udom authorized by local server");
237: return $perlvar{'lonHostID'};
238: }
239: if ($answer eq 'non_authorized') {
240: &logthis("User $uname at $udom rejected by local server");
241: return 'no_host';
242: }
1.2 www 243: }
1.1 albertel 244: }
245:
246: my $tryserver;
247: foreach $tryserver (keys %libserv) {
248: if ($hostdom{$tryserver} eq $udom) {
1.10 www 249: my $answer=reply("encrypt:auth:$udom:$uname:$upass",$tryserver);
1.1 albertel 250: if ($answer =~ /authorized/) {
1.9 www 251: if ($answer eq 'authorized') {
252: &logthis("User $uname at $udom authorized by $tryserver");
253: return $tryserver;
254: }
255: if ($answer eq 'non_authorized') {
256: &logthis("User $uname at $udom rejected by $tryserver");
257: return 'no_host';
258: }
1.1 albertel 259: }
260: }
1.9 www 261: }
262: &logthis("User $uname at $udom could not be authenticated");
1.1 albertel 263: return 'no_host';
264: }
265:
266: # ---------------------- Find the homebase for a user from domain's lib servers
1.11 www 267:
1.1 albertel 268: sub homeserver {
269: my ($uname,$udom)=@_;
270:
271: my $index="$uname:$udom";
272: if ($homecache{$index}) { return "$homecache{$index}"; }
273:
274: my $tryserver;
275: foreach $tryserver (keys %libserv) {
276: if ($hostdom{$tryserver} eq $udom) {
277: my $answer=reply("home:$udom:$uname",$tryserver);
278: if ($answer eq 'found') {
279: $homecache{$index}=$tryserver;
280: return $tryserver;
281: }
282: }
283: }
284: return 'no_host';
285: }
286:
287: # ----------------------------- Subscribe to a resource, return URL if possible
1.11 www 288:
1.1 albertel 289: sub subscribe {
290: my $fname=shift;
291: my $author=$fname;
292: $author=~s/\/home\/httpd\/html\/res\/([^\/]*)\/([^\/]*).*/$1\/$2/;
293: my ($udom,$uname)=split(/\//,$author);
294: my $home=homeserver($uname,$udom);
295: if (($home eq 'no_host') || ($home eq $perlvar{'lonHostID'})) {
296: return 'not_found';
297: }
298: my $answer=reply("sub:$fname",$home);
299: return $answer;
300: }
301:
1.8 www 302: # -------------------------------------------------------------- Replicate file
303:
304: sub repcopy {
305: my $filename=shift;
306: my $transname="$filename.in.transfer";
1.17 www 307: if ((-e $filename) || (-e $transname)) { return OK; }
1.8 www 308: my $remoteurl=subscribe($filename);
309: if ($remoteurl eq 'con_lost') {
310: &logthis("Subscribe returned con_lost: $filename");
311: return HTTP_SERVICE_UNAVAILABLE;
312: } elsif ($remoteurl eq 'not_found') {
313: &logthis("Subscribe returned not_found: $filename");
314: return HTTP_NOT_FOUND;
1.20 www 315: } elsif ($remoteurl eq 'rejected') {
316: &logthis("Subscribe returned rejected: $filename");
1.8 www 317: return FORBIDDEN;
1.20 www 318: } elsif ($remoteurl eq 'directory') {
319: return OK;
1.8 www 320: } else {
321: my @parts=split(/\//,$filename);
322: my $path="/$parts[1]/$parts[2]/$parts[3]/$parts[4]";
323: if ($path ne "$perlvar{'lonDocRoot'}/res") {
324: &logthis("Malconfiguration for replication: $filename");
325: return HTTP_BAD_REQUEST;
326: }
327: my $count;
328: for ($count=5;$count<$#parts;$count++) {
329: $path.="/$parts[$count]";
330: if ((-e $path)!=1) {
331: mkdir($path,0777);
332: }
333: }
334: my $ua=new LWP::UserAgent;
335: my $request=new HTTP::Request('GET',"$remoteurl");
336: my $response=$ua->request($request,$transname);
337: if ($response->is_error()) {
338: unlink($transname);
339: my $message=$response->status_line;
1.12 www 340: &logthis("<font color=blue>WARNING:"
341: ." LWP get: $message: $filename</font>");
1.8 www 342: return HTTP_SERVICE_UNAVAILABLE;
343: } else {
1.16 www 344: if ($remoteurl!~/\.meta$/) {
345: my $mrequest=new HTTP::Request('GET',$remoteurl.'.meta');
346: my $mresponse=$ua->request($mrequest,$filename.'.meta');
347: if ($mresponse->is_error()) {
348: unlink($filename.'.meta');
349: &logthis(
350: "<font color=yellow>INFO: No metadata: $filename</font>");
351: }
352: }
1.8 www 353: rename($transname,$filename);
354: return OK;
355: }
356: }
357: }
358:
1.15 www 359: # --------------------------------------------------------- Server Side Include
360:
361: sub ssi {
362:
363: my $fn=shift;
364:
365: my $ua=new LWP::UserAgent;
366: my $request=new HTTP::Request('GET',"http://".$ENV{'HTTP_HOST'}.$fn);
367: $request->header(Cookie => $ENV{'HTTP_COOKIE'});
368: my $response=$ua->request($request);
369:
370: return $response->content;
371: }
372:
1.14 www 373: # ------------------------------------------------------------------------- Log
374:
375: sub log {
376: my ($dom,$nam,$hom,$what)=@_;
377: return reply("log:$dom:$nam:$what",$hom);
378: }
379:
1.9 www 380: # ----------------------------------------------------------------------- Store
381:
382: sub store {
383: my %storehash=shift;
1.12 www 384: my $namevalue='';
385: map {
386: $namevalue.=escape($_).'='.escape($storehash{$_}).'&';
387: } keys %storehash;
388: $namevalue=~s/\&$//;
389: return reply("store:$ENV{'user.domain'}:$ENV{'user.name'}:"
390: ."$ENV{'user.class'}:$ENV{'request.filename'}:$namevalue",
391: "$ENV{'user.home'}");
1.9 www 392: }
393:
394: # --------------------------------------------------------------------- Restore
395:
396: sub restore {
1.12 www 397: my $answer=reply("restore:$ENV{'user.domain'}:$ENV{'user.name'}:"
398: ."$ENV{'user.class'}:$ENV{'request.filename'}",
399: "$ENV{'user.home'}");
400: my %returnhash=();
401: map {
402: my ($name,$value)=split(/\=/,$_);
403: $returnhash{&unescape($name)}=&unescape($value);
404: } split(/\&/,$answer);
1.13 www 405: return %returnhash;
1.9 www 406: }
1.1 albertel 407:
1.11 www 408: # -------------------------------------------------------- Get user priviledges
409:
410: sub rolesinit {
411: my ($domain,$username,$authhost)=@_;
412: my $rolesdump=reply("dump:$domain:$username:roles",$authhost);
1.12 www 413: if (($rolesdump eq 'con_lost') || ($rolesdump eq '')) { return ''; }
1.11 www 414: my %allroles=();
415: my %thesepriv=();
416: my $now=time;
1.21 ! www 417: my $userroles="user.login.time=$now\n";
1.11 www 418: my $thesestr;
419:
420: if ($rolesdump ne '') {
421: map {
1.21 ! www 422: if ($_!~/^rolesdef\&/) {
1.11 www 423: my ($area,$role)=split(/=/,$_);
1.21 ! www 424: $area=~s/\_\w\w$//;
1.11 www 425: my ($trole,$tend,$tstart)=split(/_/,$role);
1.21 ! www 426: $userroles.='user.role.'.$trole.'.'.$area.'='.
! 427: $tstart.'.'.$tend."\n";
1.11 www 428: if ($tend!=0) {
429: if ($tend<$now) {
430: $trole='';
431: }
432: }
433: if ($tstart!=0) {
434: if ($tstart>$now) {
435: $trole='';
436: }
437: }
438: if (($area ne '') && ($trole ne '')) {
1.12 www 439: my ($tdummy,$tdomain,$trest)=split(/\//,$area);
440: if ($trole =~ /^cr\//) {
441: my ($rdummy,$rdomain,$rauthor,$rrole)=split(/\//,$trole);
442: my $homsvr=homeserver($rauthor,$rdomain);
443: if ($hostname{$homsvr} ne '') {
444: my $roledef=
1.21 ! www 445: reply("get:$rdomain:$rauthor:roles:rolesdef_$rrole",
1.12 www 446: $homsvr);
447: if (($roledef ne 'con_lost') && ($roledef ne '')) {
448: my ($syspriv,$dompriv,$coursepriv)=
1.21 ! www 449: split(/\_/,unescape($roledef));
1.12 www 450: $allroles{'/'}.=':'.$syspriv;
451: if ($tdomain ne '') {
452: $allroles{'/'.$tdomain.'/'}.=':'.$dompriv;
453: if ($trest ne '') {
454: $allroles{$area}.=':'.$coursepriv;
455: }
456: }
457: }
1.11 www 458: }
1.12 www 459: } else {
460: $allroles{'/'}.=':'.$pr{$trole.':s'};
461: if ($tdomain ne '') {
462: $allroles{'/'.$tdomain.'/'}.=':'.$pr{$trole.':d'};
463: if ($trest ne '') {
464: $allroles{$area}.=':'.$pr{$trole.':c'};
465: }
466: }
1.11 www 467: }
1.12 www 468: }
469: }
1.11 www 470: } split(/&/,$rolesdump);
471: map {
472: %thesepriv=();
473: map {
474: if ($_ ne '') {
475: my ($priviledge,$restrictions)=split(/&/,$_);
476: if ($restrictions eq '') {
477: $thesepriv{$priviledge}='F';
478: } else {
479: if ($thesepriv{$priviledge} ne 'F') {
480: $thesepriv{$priviledge}.=$restrictions;
481: }
482: }
483: }
484: } split(/:/,$allroles{$_});
485: $thesestr='';
486: map { $thesestr.=':'.$_.'&'.$thesepriv{$_}; } keys %thesepriv;
487: $userroles.='user.priv.'.$_.'='.$thesestr."\n";
488: } keys %allroles;
489: }
490: return $userroles;
491: }
492:
1.12 www 493: # --------------------------------------------------------------- get interface
494:
495: sub get {
496: my ($namespace,@storearr)=@_;
497: my $items='';
498: map {
499: $items.=escape($_).'&';
500: } @storearr;
501: $items=~s/\&$//;
502: my $rep=reply("get:$ENV{'user.domain'}:$ENV{'user.name'}:$namespace:$items",
503: $ENV{'user.home'});
1.15 www 504: my @pairs=split(/\&/,$rep);
505: my %returnhash=();
506: map {
507: my ($key,$value)=split(/=/,$_);
508: $returnhash{unespace($key)}=unescape($value);
509: } @pairs;
510: return %returnhash;
511: }
512:
513: # -------------------------------------------------------------- dump interface
514:
515: sub dump {
516: my $namespace=shift;
517: my $rep=reply("dump:$ENV{'user.domain'}:$ENV{'user.name'}:$namespace",
518: $ENV{'user.home'});
1.12 www 519: my @pairs=split(/\&/,$rep);
520: my %returnhash=();
521: map {
522: my ($key,$value)=split(/=/,$_);
523: $returnhash{unespace($key)}=unescape($value);
524: } @pairs;
525: return %returnhash;
526: }
527:
528: # --------------------------------------------------------------- put interface
529:
530: sub put {
531: my ($namespace,%storehash)=@_;
532: my $items='';
533: map {
534: $items.=escape($_).'='.escape($storehash{$_}).'&';
535: } keys %storehash;
536: $items=~s/\&$//;
537: return reply("put:$ENV{'user.domain'}:$ENV{'user.name'}:$namespace:$items",
538: $ENV{'user.home'});
539: }
540:
541: # -------------------------------------------------------------- eget interface
542:
543: sub eget {
544: my ($namespace,@storearr)=@_;
545: my $items='';
546: map {
547: $items.=escape($_).'&';
548: } @storearr;
549: $items=~s/\&$//;
550: my $rep=reply("eget:$ENV{'user.domain'}:$ENV{'user.name'}:$namespace:$items",
551: $ENV{'user.home'});
552: my @pairs=split(/\&/,$rep);
553: my %returnhash=();
554: map {
555: my ($key,$value)=split(/=/,$_);
556: $returnhash{unespace($key)}=unescape($value);
557: } @pairs;
558: return %returnhash;
559: }
560:
561: # ------------------------------------------------- Check for a user priviledge
562:
563: sub allowed {
564: my ($priv,$uri)=@_;
565: $uri=~s/^\/res//;
566: $uri=~s/^\///;
1.14 www 567: if ($uri=~/^adm\//) {
568: return 'F';
569: }
1.12 www 570: my $thisallowed='';
571: if ($ENV{'user.priv./'}=~/$priv\&([^\:]*)/) {
572: $thisallowed.=$1;
573: }
574: if ($ENV{'user.priv./'.(split(/\//,$uri))[0].'/'}=~/$priv\&([^\:]*)/) {
575: $thisallowed.=$1;
576: }
577: if ($ENV{'user.priv./'.$uri}=~/$priv\&([^\:]*)/) {
578: $thisallowed.=$1;
579: }
580: return $thisallowed;
581: }
582:
583: # ----------------------------------------------------------------- Define Role
584:
585: sub definerole {
586: if (allowed('mcr','/')) {
587: my ($rolename,$sysrole,$domrole,$courole)=@_;
1.21 ! www 588: map {
! 589: my ($crole,$cqual)=split(/\&/,$_);
! 590: if ($pr{'cr:s'}!~/$crole/) { return "refused:s:$crole"; }
! 591: if ($pr{'cr:s'}=~/$crole\&/) {
! 592: if ($pr{'cr:s'}!~/$crole\&\w*$cqual/) {
! 593: return "refused:s:$crole&$cqual";
! 594: }
! 595: }
! 596: } split('/',$sysrole);
! 597: map {
! 598: my ($crole,$cqual)=split(/\&/,$_);
! 599: if ($pr{'cr:d'}!~/$crole/) { return "refused:d:$crole"; }
! 600: if ($pr{'cr:d'}=~/$crole\&/) {
! 601: if ($pr{'cr:d'}!~/$crole\&\w*$cqual/) {
! 602: return "refused:d:$crole&$cqual";
! 603: }
! 604: }
! 605: } split('/',$domrole);
! 606: map {
! 607: my ($crole,$cqual)=split(/\&/,$_);
! 608: if ($pr{'cr:c'}!~/$crole/) { return "refused:c:$crole"; }
! 609: if ($pr{'cr:c'}=~/$crole\&/) {
! 610: if ($pr{'cr:c'}!~/$crole\&\w*$cqual/) {
! 611: return "refused:c:$crole&$cqual";
! 612: }
! 613: }
! 614: } split('/',$courole);
1.12 www 615: my $command="encrypt:rolesput:$ENV{'user.domain'}:$ENV{'user.name'}:".
616: "$ENV{'user.domain'}:$ENV{'user.name'}:".
1.21 ! www 617: "rolesdef_$rolename=".
! 618: escape($sysrole.'_'.$domrole.'_'.$courole);
1.12 www 619: return reply($command,$ENV{'user.home'});
620: } else {
621: return 'refused';
622: }
623: }
624:
625: # ------------------------------------------------------------------ Plain Text
626:
627: sub plaintext {
628: return $prp{$_};
629: }
630:
631: # ----------------------------------------------------------------- Assign Role
632:
633: sub assignrole {
1.21 ! www 634: my ($udom,$uname,$url,$role,$end,$start)=@_;
! 635: my $mrole;
! 636: if ($role =~ /^cr\//) {
! 637: unless ($url=~/\.course$/) { return 'invalid'; }
! 638: unless (allowed('ccr',$url)) { return 'refused'; }
! 639: $mrole='cr';
! 640: } else {
! 641: unless (($url=~/\.course$/) || ($url=~/\/$/)) { return 'invalid'; }
! 642: unless (allowed('c'+$role)) { return 'refused'; }
! 643: $mrole=$role;
! 644: }
! 645: my $command="encrypt:rolesput:$ENV{'user.domain'}:$ENV{'user.name'}:".
! 646: "$udom:$uname:$url".'_'."$mrole=$role";
! 647: if ($end) { $command.='_$end'; }
! 648: if ($start) {
! 649: if ($end) {
! 650: $command.='_$start';
! 651: } else {
! 652: $command.='_0_$start';
! 653: }
! 654: }
! 655: return &reply($command,&homeserver($uname,$udom));
! 656: }
! 657:
! 658: # ---------------------------------------------------------- Assign Custom Role
! 659:
! 660: sub assigncustomrole {
! 661: my ($udom,$uname,$url,$rdom,$rnam,$rolename,$end,$start)=@_;
! 662: return &assignrole($udom,$uname,$url,'cr/'.$rdom.'/'.$rnam.'/'.$rolename,
! 663: $end,$start);
! 664: }
! 665:
! 666: # ----------------------------------------------------------------- Revoke Role
! 667:
! 668: sub revokerole {
! 669: my ($udom,$uname,$url,$role)=@_;
! 670: my $now=time;
! 671: return &assignrole($udom,$uname,$url,$role,$now);
! 672: }
! 673:
! 674: # ---------------------------------------------------------- Revoke Custom Role
! 675:
! 676: sub revokecustomrole {
! 677: my ($udom,$uname,$url,$rdom,$rnam,$rolename)=@_;
! 678: my $now=time;
! 679: return &assigncustomrole($udom,$uname,$url,$rdom,$rnam,$rolename,$now);
1.17 www 680: }
681:
682: # ------------------------------------------------------------ Directory lister
683:
684: sub dirlist {
685: my $uri=shift;
1.18 www 686: $uri=~s/^\///;
687: $uri=~s/\/$//;
1.19 www 688: my ($res,$udom,$uname,@rest)=split(/\//,$uri);
689: if ($udom) {
690: if ($uname) {
691: my $listing=reply('ls:'.$perlvar{'lonDocRoot'}.'/'.$uri,
692: homeserver($uname,$udom));
693: return split(/:/,$listing);
694: } else {
695: my $tryserver;
696: my %allusers=();
697: foreach $tryserver (keys %libserv) {
698: if ($hostdom{$tryserver} eq $udom) {
699: my $listing=reply('ls:'.$perlvar{'lonDocRoot'}.'/res/'.$udom,
700: $tryserver);
701: if (($listing ne 'no_such_dir') && ($listing ne 'empty')
702: && ($listing ne 'con_lost')) {
703: map {
704: my ($entry,@stat)=split(/&/,$_);
705: $allusers{$entry}=1;
706: } split(/:/,$listing);
707: }
708: }
709: }
710: my $alluserstr='';
711: map {
712: $alluserstr.=$_.'&user:';
713: } sort keys %allusers;
714: $alluserstr=~s/:$//;
715: return split(/:/,$alluserstr);
716: }
717: } else {
718: my $tryserver;
719: my %alldom=();
720: foreach $tryserver (keys %libserv) {
721: $alldom{$hostdom{$tryserver}}=1;
722: }
723: my $alldomstr='';
724: map {
725: $alldomstr.=$perlvar{'lonDocRoot'}.'/res/'.$_.'&domain:';
726: } sort keys %alldom;
727: $alldomstr=~s/:$//;
728: return split(/:/,$alldomstr);
729: }
1.12 www 730: }
731:
732: # -------------------------------------------------------- Escape Special Chars
733:
734: sub escape {
735: my $str=shift;
736: $str =~ s/(\W)/"%".unpack('H2',$1)/eg;
737: return $str;
738: }
739:
740: # ----------------------------------------------------- Un-Escape Special Chars
741:
742: sub unescape {
743: my $str=shift;
744: $str =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C",hex($1))/eg;
745: return $str;
746: }
1.11 www 747:
1.1 albertel 748: # ================================================================ Main Program
749:
750: sub BEGIN {
751: if ($readit ne 'done') {
752: # ------------------------------------------------------------ Read access.conf
753: {
754: my $config=Apache::File->new("/etc/httpd/conf/access.conf");
755:
756: while (my $configline=<$config>) {
757: if ($configline =~ /PerlSetVar/) {
758: my ($dummy,$varname,$varvalue)=split(/\s+/,$configline);
1.8 www 759: chomp($varvalue);
1.1 albertel 760: $perlvar{$varname}=$varvalue;
761: }
762: }
763: }
764:
765: # ------------------------------------------------------------- Read hosts file
766: {
767: my $config=Apache::File->new("$perlvar{'lonTabDir'}/hosts.tab");
768:
769: while (my $configline=<$config>) {
770: my ($id,$domain,$role,$name,$ip)=split(/:/,$configline);
771: $hostname{$id}=$name;
772: $hostdom{$id}=$domain;
773: if ($role eq 'library') { $libserv{$id}=$name; }
774: }
775: }
776:
777: # ------------------------------------------------------ Read spare server file
778: {
779: my $config=Apache::File->new("$perlvar{'lonTabDir'}/spare.tab");
780:
781: while (my $configline=<$config>) {
782: chomp($configline);
783: if (($configline) && ($configline ne $perlvar{'lonHostID'})) {
784: $spareid{$configline}=1;
785: }
786: }
787: }
1.11 www 788: # ------------------------------------------------------------ Read permissions
789: {
790: my $config=Apache::File->new("$perlvar{'lonTabDir'}/roles.tab");
791:
792: while (my $configline=<$config>) {
793: chomp($configline);
794: my ($role,$perm)=split(/ /,$configline);
795: if ($perm ne '') { $pr{$role}=$perm; }
796: }
797: }
798:
799: # -------------------------------------------- Read plain texts for permissions
800: {
801: my $config=Apache::File->new("$perlvar{'lonTabDir'}/rolesplain.tab");
802:
803: while (my $configline=<$config>) {
804: chomp($configline);
805: my ($short,$plain)=split(/:/,$configline);
806: if ($plain ne '') { $prp{$short}=$plain; }
807: }
808: }
809:
1.1 albertel 810: $readit='done';
1.12 www 811: &logthis('<font color=yellow>INFO: Read configuration</font>');
1.1 albertel 812: }
813: }
814: 1;
1.11 www 815:
1.1 albertel 816:
817:
818:
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/back.gif){kind=icon}
Return to lonnet.pm CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [LON-CAPA] / loncom / lonnet / perl