--- loncom/publisher/londiff.pm 2011/10/29 19:11:46 1.30
+++ loncom/publisher/londiff.pm 2012/04/18 20:14:35 1.35
@@ -1,7 +1,7 @@
# The LearningOnline Network with CAPA
# Handler to show differences between file versions
#
-# $Id: londiff.pm,v 1.30 2011/10/29 19:11:46 raeburn Exp $
+# $Id: londiff.pm,v 1.35 2012/04/18 20:14:35 raeburn Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -77,28 +77,55 @@ sub handler {
&Apache::loncommon::get_unprocessed_cgi($ENV{'QUERY_STRING'},
['filename','versiontwo',
'versionone','filetwo']);
-# Get the files
+# Check permissions
+ my $allowed=0;
my $cuname=$env{'user.name'};
my $cudom=$env{'user.domain'};
- if ($env{'form.filename'}=~/^\/res\//) {
- ($cudom,$cuname,$env{'form.filename'})=
- ($env{'form.filename'}=~m{^/res/($LONCAPA::domain_re)/($LONCAPA::username_re)(/.*)$});
+ if ($env{'form.filename'}=~ m{^/res/}) {
+ if (&Apache::lonnet::allowed('bre',$env{'form.filename'})) {
+ if ($env{'request.course.id'}) {
+ if (&Apache::lonnet::allowed('mdc',$env{'request.course.id'})) {
+ $allowed = 1;
+ }
+ } else {
+ $allowed = 1;
+ }
+ } elsif (&Apache::lonnet::allowed('bro',$env{'form.filename'})) {
+ $allowed = 1;
+ }
+ if ($allowed) {
+ ($cudom,$cuname,$env{'form.filename'})=
+ ($env{'form.filename'}=~m{^/res/($LONCAPA::domain_re)/($LONCAPA::username_re)(/.*)$});
+
+ if (($env{'form.versionone'} eq 'priv') || ($env{'form.versiontwo'} eq 'priv')) {
+ my ($cstrname,$cstrdom) =
+ &Apache::loncacc::constructaccess("/priv/$cudom/$cuname".$env{'form.filename'});
+ unless (($cstrname eq $cuname) && ($cstrdom eq $cudom)) {
+ $allowed = 0;
+ }
+ }
+ }
} else {
- unless (($cuname,$cudom)=
- &Apache::loncacc::constructaccess($env{'form.filename'},
- $r->dir_config('lonDefDomain'))) {
- $r->log_reason($cuname.':'.$cudom.
+ ($cuname,$cudom)=
+ &Apache::loncacc::constructaccess($env{'form.filename'});
+ if ($cuname ne '' && $cudom ne '') {
+ $allowed = 1;
+ } else {
+ $r->log_reason($env{'user.name'}.':'.$env{'user.domain'}.
' trying to get diffs file '.$env{'form.filename'}.
- ' - not authorized',
- $r->filename);
- return HTTP_NOT_ACCEPTABLE;
+ ' - not authorized',
+ $r->filename);
}
}
-
- my $efn=$env{'form.filename'};
+ unless ($allowed) {
+ return HTTP_NOT_ACCEPTABLE;
+ }
+
+# Get the files
+ my $efn=$env{'form.filename'};
$efn=~s{^/priv/$LONCAPA::domain_re/$LONCAPA::username_re}{};
my @f1=();
@@ -114,15 +141,19 @@ sub handler {
' '.$efn.'');
if (($cuname ne $env{'user.name'}) || ($cudom ne $env{'user.domain'})) {
- $r->print(''
- .&mt('Co-Author [_1]'
- ,&Apache::loncommon::plainname($cuname,$cudom)
- .' ('.$cuname.':'.$cudom.')')
- .'
'
- );
+ my $nameshown = &Apache::loncommon::plainname($cuname,$cudom).
+ ' ('.$cuname.':'.$cudom.')';
+ $r->print('');
+ if ($env{'request.role'} =~ /^ca\./) {
+ $r->print(&mt('Co-Author in Construction Space for: [_1]',$nameshown));
+ } elsif ($env{'request.role'} =~ /^aa\./) {
+ $r->print(&mt('Assistant Author in Construction Space for: [_1]',$nameshown));
+ } else {
+ $r->print(&mt('Resource Author is: [_1]',$nameshown));
+ }
+ $r->print('
');
}
-
if (&Apache::loncommon::fileembstyle(($efn=~/\.(\w+)$/)) eq 'ssi'
|| $efn =~ /\.meta$/) {
$r->print('');
@@ -160,8 +191,7 @@ sub handler {
@f2=&get_split_file($fn,'local');
$r->print(''.&mt('Construction Space Version').'');
} else {
- my $fn=
- '/home/httpd/html/res/'.$cudom.'/'.$cuname.'/';
+ my $fn=$r->dir_config('lonDocRoot')."/res/$cudom/$cuname/";
if ($env{'form.versiontwo'}) {
my ($main,$suffix,$is_meta)=
&Apache::lonretrieve::get_file_info($efn);
@@ -203,7 +233,6 @@ sub handler {
} else {
$r->print(''.&mt('Binary File').'
');
}
- $r->print(''.&mt('Close This Window').'');
$r->print(&Apache::loncommon::end_page());
return OK;
}