--- loncom/publisher/loncfile.pm	2009/05/26 18:01:39	1.100
+++ loncom/publisher/loncfile.pm	2011/10/30 19:27:27	1.112
@@ -9,7 +9,7 @@
 #  and displays a page showing the results of the action.
 #
 #
-# $Id: loncfile.pm,v 1.100 2009/05/26 18:01:39 bisitz Exp $
+# $Id: loncfile.pm,v 1.112 2011/10/30 19:27:27 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -161,21 +161,23 @@ sub URLToPath {
     $Url=~ s/\/+/\//g;
     $Url=~ s/^https?\:\/\/[^\/]+//;
     $Url=~ s/^\///;
-    $Url=~ s/(\~|priv\/)($match_username)\//\/home\/$2\/public_html\//;
+    $Url='/home/httpd/html/'.$Url;
     &Debug($r, "Returning $Url \n");
     return $Url;
 }
 
 sub url {
     my $fn=shift;
-    $fn=~s/^\/home\/($match_username)\/public\_html/\/priv\/$1/;
+    $fn=~s/^\/home\/httpd\/html//;
+    $fn=~s/\/\.\//\//g;
     $fn=&HTML::Entities::encode($fn,'<>"&');
     return $fn;
 }
 
 sub display {
     my $fn=shift;
-    $fn=~s-^/home/($match_username)/public_html-/priv/$1-;
+    $fn=~s/^\/home\/httpd\/html//;
+    $fn=~s/\/\.\//\//g;
     return '<span class="LC_filename">'.$fn.'</span>';
 }
 
@@ -186,9 +188,9 @@ sub display {
 
 sub obsolete_unpub {
     my ($user,$domain,$construct)=@_;
+    my $londocroot = $Apache::lonnet::perlvar{'lonDocRoot'};
     my $published=$construct;
-    $published=~
-	s/^\/home\/$user\/public\_html\//\/home\/httpd\/html\/res\/$domain\/$user\//;
+    $published=~s{^\Q$londocroot/priv/\E}{$londocroot/res/};
     if (-e $published) {
 	if (&Apache::lonnet::metadata($published,'obsolete')) {
 	    return 1;
@@ -269,9 +271,9 @@ sub exists {
     my ($user, $domain, $construct, $creating) = @_;
     $creating ||= 'file';
 
+    my $londocroot = $Apache::lonnet::perlvar{'lonDocRoot'};
     my $published=$construct;
-    $published=~
-	s{^/home/$user/public_html/}{/home/httpd/html/res/$domain/$user/};
+    $published=~s{^\Q$londocroot/priv/\E}{$londocroot/res/};
     my ($type,$result);
     if ( -d $construct ) {
 	return ('error','<p><span class="LC_error">'.&mt('Error: destination for operation is an existing directory.').'</span></p>');
@@ -345,9 +347,10 @@ sub checksuffix {
 }
 
 sub cleanDest {
-    my ($request,$dest,$subdir,$fn,$uname)=@_;
+    my ($request,$dest,$subdir,$fn,$uname,$udom)=@_;
     #remove bad characters
     my $foundbad=0;
+    my $error='';
     if ($subdir && $dest =~/\./) {
 	$foundbad=1;
 	$dest=~s/\.//g;
@@ -359,18 +362,18 @@ sub cleanDest {
     }
     if ($dest=~m|/|) {
 	my ($newpath)=($dest=~m|(.*)/|);
-	$newpath=&relativeDest($fn,$newpath,$uname);
+	($newpath,$error)=&relativeDest($fn,$newpath,$uname,$udom);
 	if (! -d "$newpath") {
 	    $request->print('<p><span class="LC_warning">'
                            .&mt("You have requested to create file in directory [_1] which doesn't exist. The requested directory path has been removed from the requested file name."
-                               ,'<span class="LC_filename">'.&display($newpath).'</span>')
+                               ,&display($newpath))
                            .'</span></p>');
 	    $dest=~s|.*/||;
 	}
     }
     if ($dest =~ /\.(\d+)\.(\w+)$/){
 	$request->print('<p><span class="LC_warning">'
-			.&mt('Bad filename [_1]','<span class="LC_filename">'.&display($dest).'</span>')
+			.&mt('Bad filename [_1]',&display($dest))
                         .'<br />'
                         .&mt('[_1](name).(number).(extension)[_2] not allowed.','<tt>','</tt>')
                         .'<br />'
@@ -384,14 +387,15 @@ sub cleanDest {
                         .'</span></p>'
         );
     }
-    return $dest;
+    return ($dest,$error);
 }
 
 sub relativeDest {
-    my ($fn,$newfilename,$uname)=@_;
+    my ($fn,$newfilename,$uname,$udom)=@_;
+    my $error = '';
     if ($newfilename=~/^\//) {
 # absolute, simply add path
-	$newfilename='/home/'.$uname.'/public_html/';
+	$newfilename='/home/httpd/html/res/'.$udom.'/'.$uname.'/';
     } else {
 	my $dir=$fn;
 	$dir=~s/\/[^\/]+$//;
@@ -401,7 +405,12 @@ sub relativeDest {
     while ($newfilename=~m:/\.\./:) {
 	$newfilename=~ s:/[^/]+/\.\./:/:g; #remove dir/..
     }
-    return $newfilename;
+    my ($authorname,$authordom)=&Apache::loncacc::constructaccess($newfilename);
+    unless (($authorname) && ($authordom)) {
+       my $otherdir = &display($newfilename);
+       $error = &mt('Access denied to [_1]',$otherdir);
+    }
+    return ($newfilename,$error);
 }
 
 =pod
@@ -552,8 +561,9 @@ sub Rename1 {
             $request->print('<input type="hidden" name="newfilename" value="'
                            .$newfilename.'" />'
                            .'<p>'
-                           .&mt($action.' [_1] to [_2]?'
-                               ,&display($fn),&display($newfilename))
+                           .&mt($action.' [_1] to [_2]?',
+                                &display($fn),
+                                &display($newfilename))
                            .'</p>'
         );
 	    &CloseForm1($request, $fn);
@@ -563,8 +573,8 @@ sub Rename1 {
 	}
     } else {
         $request->print('<p class="LC_error">'
-                       .&mt('No such file: [_1]'
-                           ,'<span class="LC_filename">'.&display($fn).'</span>')
+                       .&mt('No such file: [_1]',
+                            &display($fn))
                        .'</p></form>'
         );
 	return;
@@ -625,15 +635,15 @@ sub Delete1 {
 	    }
         }
         $request->print('<p>'
-                       .&mt('Delete [_1]?'
-                           ,'<span class="LC_filename">'.&display($fn).'</span>')
+                       .&mt('Delete [_1]?',
+                            &display($fn))
                        .'</p>'
         );
 	&CloseForm1($request, $fn);
     } else {
         $request->print('<p class="LC_error">'
-                       .&mt('No such file: [_1]'
-                           ,'<span class="LC_filename">'.&display($fn).'</span>')
+                       .&mt('No such file: [_1]',
+                            &display($fn))
                        .'</p></form>'
         );
     }
@@ -689,19 +699,20 @@ sub Copy1 {
 	    $request->print('<br /><a href="'.&url($fn).'">'.&mt('Cancel').'</a>');
 	    return;
 	}
-        $request->print('<input type="hidden" name="newfilename" value="'
-                       .$newfilename.'" />'
-                       .'<p>'
-                       .&mt('Copy [_1] to [_2]?'
-                           ,'<span class="LC_filename">'.&display($fn).'</span>'
-                           ,'<span class="LC_filename">'.&display($newfilename).'</span>')
-                       .'</p>'
+    $request->print(
+        '<input type="hidden" name="newfilename"'
+       .' value="'.$newfilename.'" />'
+       .'<p>'
+       .&mt('Copy [_1] to [_2]?',
+            &display($fn),
+            &display($newfilename))
+       .'</p>'
         );
 	&CloseForm1($request, $fn);
     } else {
         $request->print('<p class="LC_error">'
-                       .&mt('No such file: [_1]'
-                           ,'<span class="LC_filename">'.&display($fn).'</span>')
+                       .&mt('No such file: [_1]',
+                            &display($fn))
                        .'</p></form>'
         );
     }
@@ -754,16 +765,15 @@ sub NewDir1 {
     if ($type eq 'error') {
 	$request->print('</form>');
     } else {
-	if ($mode eq 'testbank') {
-	    $request->print('<input type="hidden" name="callingmode" value="testbank" />');
-	} elsif ($mode eq 'imsimport') {
-	    $request->print('<input type="hidden" name="callingmode" value="imsimport" />');
+	if (($mode eq 'testbank') || ($mode eq 'imsimport')) {
+	    $request->print('<input type="hidden" name="callingmode" value="'.$mode.'" />'."\n".
+                            '<input type="hidden" name="inhibitmenu" value="yes" />');
 	}
         $request->print('<input type="hidden" name="newfilename" value="'
                        .$newfilename.'" />'
                        .'<p>'
-                       .&mt('Make new directory [_1]?'
-                           ,'<span class="LC_filename">'.&display($newfilename).'</span>')
+                       .&mt('Make new directory [_1]?',
+                            &display($newfilename))
                        .'</p>'
         );
 	&CloseForm1($request, $fn);
@@ -776,15 +786,15 @@ sub Decompress1 {
     if( -e $fn) {
    	$request->print('<input type="hidden" name="newfilename" value="'.$fn.'" />');
    	$request->print('<p>'
-                   .&mt('Decompress [_1]?'
-                       ,'<span class="LC_filename">'.&display($fn).'</span>')
+                   .&mt('Decompress [_1]?',
+                        &display($fn))
                    .'</p>'
     );
    	&CloseForm1($request, $fn);
     } else {
         $request->print('<p class="LC_error">'
-                       .&mt('No such file: [_1]'
-                           ,'<span class="LC_filename">'.&display($fn).'</span>')
+                       .&mt('No such file: [_1]',
+                            &display($fn))
                        .'</p></form>'
         );
     }
@@ -855,7 +865,7 @@ sub NewFile1 {
             $extension = $1;
         }
 
-        my @okexts = qw(xml html xhtml htm xhtm problem page sequence rights sty library js css txt);
+        my @okexts = qw(xml html xhtml htm xhtm problem page sequence rights sty task library js css txt);
         if (($extension eq '') || (!grep(/^\Q$extension\E/,@okexts))) {
             my $validexts = '.'.join(', .',@okexts);
             $request->print('<p class="LC_warning">'.
@@ -935,8 +945,23 @@ sub phaseone {
   
     my $doingdir=0;
     if ($env{'form.action'} eq 'newdir') { $doingdir=1; }
-    my $newfilename=&cleanDest($r,$env{'form.newfilename'},$doingdir,$fn,$uname);
-    $newfilename=&relativeDest($fn,$newfilename,$uname);
+    my ($newfilename,$error) = 
+        &cleanDest($r,$env{'form.newfilename'},$doingdir,$fn,$uname,$udom);
+    unless ($error) {
+        ($newfilename,$error)=&relativeDest($fn,$newfilename,$uname,$udom);
+    }
+    if ($error) {
+        my $dirlist;
+        if ($fn=~m{^(.*/)[^/]+$}) {
+            $dirlist=$1;
+        } else {
+            $dirlist=$fn; 
+        }
+        $r->print('<div class="LC_error">'.$error.'</div>'.
+                  '<h3><a href="'.&url($dirlist).'">'.&mt('Return to Directory').
+                  '</a></h3>');
+        return;
+    }
     $r->print('<form action="/adm/cfile" method="post">'.
 	      '<input type="hidden" name="qualifiedfilename" value="'.$fn.'" />'.
 	      '<input type="hidden" name="phase" value="two" />'.
@@ -1069,10 +1094,11 @@ sub Rename2 {
 	    unlink $tmp2;
 	}
     } else {
-        $request->print('<p>'
-                       .&mt('No such file: [_1]'
-                           ,'<span class="LC_filename">'.&display($oldfile).'</span>')
-                       .'</p></form>'
+        $request->print(
+            '<p>'
+           .&mt('No such file: [_1]',
+                &display($oldfile))
+           .'</p></form>'
         );
 	return 0;
     }
@@ -1414,8 +1440,7 @@ sub handler {
     my $uname;
     my $udom;
 
-    ($uname,$udom)=
-	&Apache::loncacc::constructaccess($fn,$r->dir_config('lonDefDomain'));
+    ($uname,$udom)=&Apache::loncacc::constructaccess($fn);
     &Debug($r, 
 	   "loncfile::handler constructaccess uname = $uname domain = $udom");
     unless (($uname) && ($udom)) {
@@ -1450,7 +1475,7 @@ function writeDone() {
     &Apache::lonhtmlcommon::clear_breadcrumbs();
     &Apache::lonhtmlcommon::add_breadcrumb({
         'text'  => 'Construction Space',
-        'href'  => '', # FIXME Add link to /priv/[user]
+        'href'  => &Apache::loncommon::authorspace(),
     });
     &Apache::lonhtmlcommon::add_breadcrumb({
         'text'  => 'File Operation',
@@ -1469,7 +1494,7 @@ function writeDone() {
     $r->print('<h3>'.&mt('Location').': '.&display($fn).'</h3>');
   
     if (($uname ne $env{'user.name'}) || ($udom ne $env{'user.domain'})) {
-        $r->print('<p class="LC_warning">'
+        $r->print('<p class="LC_info">'
                  .&mt('Co-Author [_1]',$uname.':'.$udom)
                  .'</p>'
         );