File:
[LON-CAPA] /
loncom /
publisher /
lonunauthorized.pm
Revision
1.18:
download - view:
text,
annotated -
select for diffs
Sun Jun 19 04:27:58 2016 UTC (7 years, 11 months ago) by
raeburn
Branches:
MAIN
CVS tags:
HEAD
- Course Editor has "Standard Problem" item (Grading tab) for creation
of new problem in user's Authoring Space, or in a Course "Authoring" Space.
- Course Editor has "Import from Course Resources" item (Import tab) to
import published content from Course "Authoring" Space.
- Course "Authoring" Space
- default.rights -- course-only access
- quota is shared with content uploaded directly to course
- content only browsable in course context
- metadata not included in searchable meatdata MySQL table
CVs: ----------------------------------------------------------------------
1: # The LearningOnline Network
2: # Unauthorized to access construction space
3: #
4: # $Id: lonunauthorized.pm,v 1.18 2016/06/19 04:27:58 raeburn Exp $
5: #
6: # Copyright Michigan State University Board of Trustees
7: #
8: # This file is part of the LearningOnline Network with CAPA (LON-CAPA).
9: #
10: # LON-CAPA is free software; you can redistribute it and/or modify
11: # it under the terms of the GNU General Public License as published by
12: # the Free Software Foundation; either version 2 of the License, or
13: # (at your option) any later version.
14: #
15: # LON-CAPA is distributed in the hope that it will be useful,
16: # but WITHOUT ANY WARRANTY; without even the implied warranty of
17: # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18: # GNU General Public License for more details.
19: #
20: # You should have received a copy of the GNU General Public License
21: # along with LON-CAPA; if not, write to the Free Software
22: # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
23: #
24: # /home/httpd/html/adm/gpl.txt
25: #
26: # http://www.lon-capa.org/
27: #
28:
29: package Apache::lonunauthorized;
30:
31: use strict;
32: use Apache::Constants qw(:common);
33: use Apache::loncommon;
34: use Apache::lonnet;
35: use Apache::lonlocal;
36: use LONCAPA();
37: use HTML::Entities();
38:
39: sub handler {
40: my $r = shift;
41: &Apache::loncommon::content_type($r,'text/html');
42: $r->send_http_header;
43: return OK if $r->header_only;
44:
45: # ------------------------------------------------------------ Print the screen
46: # Figure out who the user is and what they wanted to access
47:
48: my ($ownername,$ownerdomain,$ownerhome);
49: if ($env{'request.editurl'} ne '') {
50: ($ownername,$ownerdomain,$ownerhome) =
51: &Apache::lonnet::constructaccess($env{'request.editurl'});
52: }
53:
54: # Breadcrumbs
55: &Apache::lonhtmlcommon::clear_breadcrumbs();
56: if ($env{'request.role'} =~ /^(au|ca|aa)/) {
57: &Apache::lonhtmlcommon::add_breadcrumb({
58: 'text' => 'Authoring Space',
59: 'href' => &Apache::loncommon::authorspace($env{'request.editurl'}),
60: });
61: } elsif (($env{'request.course.id'}) &&
62: (&Apache::lonnet::allowed('mdc',$env{'request.course.id'}))) {
63: &Apache::lonhtmlcommon::add_breadcrumb({
64: 'text' => 'Course Contents',
65: 'href' => '/adm/coursedocs',
66: });
67: }
68:
69: # print header
70: $r->print(&Apache::loncommon::start_page("Failed Access to Authoring Space",
71: undef,
72: {'domain' => $ownerdomain,}).
73: &Apache::lonhtmlcommon::breadcrumbs());
74: # figure out what went wrong
75:
76: if ($ownerdomain) {
77: if ($ownerhome eq 'no_host') {
78: $r->print('<p class="LC_error">'.
79: &mt('Unable to determine home server for this resource: [_1]',
80: '<span class="LC_filename">'.$env{'request.editurl'}.'</span>').
81: '</p>');
82: } else {
83: my @hosts = &Apache::lonnet::current_machine_ids();
84: if (!grep(/^\Q$ownerhome\E$/,@hosts)) {
85: my $switchlink = '/adm/switchserver?otherserver='.$ownerhome.
86: '&origurl='.&HTML::Entities::encode($env{'request.editurl'},'<>&"');
87: $r->print('<p class="LC_warning">'.
88: &mt('The Authoring Space for this resource is located on a different server: [_1]',
89: '<b><tt>'.&Apache::lonnet::hostname($ownerhome).'</b></tt>').
90: '</p>'.
91: '<p class="LC_error"><a href="'.$switchlink.'">'.
92: &mt('Switch Server').'</a>'.
93: '</p>');
94: } else {
95: $r->print('<p class="LC_error">'.
96: &mt('You do not have authoring privileges for this resource').' '.
97: '<span class="LC_filename">'.$env{'request.editurl'}.'</span>'.
98: '</p>');
99: }
100: }
101: } elsif (!$env{'request.editurl'}) {
102: if ($ENV{'REDIRECT_URL'} =~ m{^/adm/([^/]+)}) {
103: my $action = $1;
104: my ($option,$filename,$filename1,$filename2,$decompress,
105: $qualifiedfilename);
106: if ($ENV{'REDIRECT_QUERY_STRING'} ne '') {
107: foreach my $pair (split(/&/,$ENV{'REDIRECT_QUERY_STRING'})) {
108: my ($name,$value) = split(/=/,$pair);
109: if ($name eq 'filename') {
110: if (($action eq 'publish') || ($action eq 'cfile')) {
111: $filename = &LONCAPA::unescape($value);
112: } else {
113: $filename = $value;
114: }
115: } elsif ($name eq 'filename1') {
116: $filename1 = $value;
117: } elsif ($name eq 'filename2') {
118: $filename2 = $value;
119: } elsif ($name eq 'decompress') {
120: $decompress = $value;
121: $option = 'decompress';
122: } elsif ($name eq 'qualifiedfilename') {
123: $qualifiedfilename = $value;
124: } elsif ($name eq 'versionone') {
125: if ($value eq 'priv') {
126: $option = 'cstr';
127: }
128: } elsif ($name eq 'versiontwo') {
129: if ($value eq 'priv') {
130: $option = 'cstr';
131: }
132: } elsif ($name eq 'filetwo') {
133: $option = $value;
134: }
135: }
136: if (($action eq 'upload') || ($action eq 'testbank')) {
137: if (($filename1 ne '') && ($filename ne '')) {
138: $filename = $filename1.$filename2;
139: }
140: } elsif ($action eq 'cfile') {
141: if ($decompress ne '') {
142: $filename = $decompress;
143: } elsif ($qualifiedfilename ne '') {
144: $filename = $qualifiedfilename;
145: }
146: }
147: my %deniedactions = &get_denied_action_text();
148: my $warning;
149: if ($option eq 'decompress') {
150: $warning = $deniedactions{$option};
151: } else {
152: $warning = $deniedactions{$action};
153: }
154: if ($warning) {
155: if (($action eq 'diff') && ($option ne 'cstr')) {
156: $r->print('<p class="LC_error">'.
157: $deniedactions{$action}.'</p><p class="LC_warning">'.
158: &mt('You do not have privileges to view the published resource').' '.
159: '<span class="LC_filename">'.$filename.'</span>'.
160: '</p>');
161: } else {
162: if (($action eq 'diff') && ($option eq 'cstr')) {
163: $filename =~ s{^/res/}{/priv/};
164: }
165: $r->print('<p class="LC_error">'.
166: $deniedactions{$action}.'</p><p class="LC_warning">'.
167: &mt('You do not have authoring privileges for this resource').' '.
168: '<span class="LC_filename">'.$filename.'</span>'.
169: '</p>');
170: }
171: } else {
172: $r->print('<p class="LC_error">'.
173: &mt('You are not permitted to take this action.').
174: '</p>');
175: }
176: }
177: } elsif ($r->uri =~ m{priv/.+\.\d+\.[^.]+$}) {
178: $r->print('<p class="LC_error">'.
179: &mt('There is a problem with the filename').' '.
180: '<span class="LC_filename">'.$r->uri.'</span></p>'.
181: '<p class="LC_warning">'.
182: &mt('You may be attempting to edit a versioned file (files in Authoring Space may not include a version number before the extension).').
183: '</p>');
184: } else {
185: $r->print('<p class="LC_error">'.
186: &mt('You are not permitted to take this action.').
187: '</p>');
188: }
189: } elsif ($env{'request.editurl'} =~ m{priv/.+\.\d+\.[^.]+$}) {
190: $r->print('<p class="LC_error">'.
191: &mt('There is a problem with the filename').' '.
192: '<span class="LC_filename">'.$env{'request.editurl'}.'</span></p>'.
193: '<p class="LC_warning">'.
194: &mt('You may be attempting to edit a versioned file (files in Authoring Space may not include a version number before the extension).').
195: '</p>');
196: } else {
197: $r->print('<p class="LC_error">'
198: .&mt('You do not have authoring privileges for this resource').' '
199: .'<span class="LC_filename">'.$env{'request.editurl'}.'</span>'
200: .'</p>');
201: my ($realownerdom,$realownername) =
202: ($env{'request.editurl'}=~m{^/priv/($LONCAPA::domain_re)/($LONCAPA::username_re)});
203: my $realownerhome=
204: &Apache::lonnet::homeserver($realownername,$realownerdom);
205: unless ($realownerhome eq 'no_host') {
206: if (&Apache::lonnet::is_course($realownerdom,$realownername)) {
207: my $ccrole = 'cc';
208: my %crsenv = &Apache::lonnet::coursedescription("$realownerdom/$realownername",{one_time => 1});
209: my $cdesc = $crsenv{'description'};
210: my $crstype = $crsenv{'type'};
211: if ($crstype eq 'Community') {
212: $ccrole = 'co';
213: }
214: my $rolename = $crsenv{$ccrole.'.plaintext'};
215: if ($rolename eq '') {
216: $rolename = &Apache::lonnet::plaintext($ccrole,$crstype,$realownerdom.'_'.$realownername,1);
217: }
218: my $allowed = &Apache::lonnet::allowed('mdc',$realownerdom.'_'.$realownername);
219: if (!$allowed) {
220: my %roleshash = &Apache::lonnet::get_my_roles('','','userroles',['active'],
221: [$ccrole],[$realownerdom]);
222: if (exists($roleshash{$realownername.':'.$realownerdom.':'.$ccrole})) {
223: $r->print(&mt('[_1]Switch role[_2] for access',
224: '<a href="/adm/roles?selectrole=1&'.
225: &HTML::Entities::encode($ccrole."./$realownerdom/$realownername".'=1','<>&"').
226: '&orgurl='.&HTML::Entities::encode($env{'request.editurl'},'<>&"').
227: '">','<a/>'));
228: } else {
229: if ($crstype eq 'Community') {
230: $r->print('<p>'
231: .&mt('Contact a [_1] in the community ([_2]) for access.',$rolename,$cdesc)
232: .'</p>');
233: } else {
234: $r->print('<p>'
235: .&mt('Contact a [_1] in the course ([_2]) for access.',$rolename,$cdesc)
236: .'</p>');
237: }
238: }
239: }
240: } else {
241: my $plainname=&Apache::loncommon::plainname($realownername,$realownerdom);
242: my $user=$realownername.':'.$realownerdom;
243: my $userlink=&Apache::loncommon::aboutmewrapper(
244: $plainname.' ('.$user.')'
245: ,$realownername
246: ,$realownerdom);
247: $r->print('<p>'
248: .&mt('Contact [_1] for access.',$userlink)
249: .'</p>');
250: }
251: }
252: }
253: $r->print(&Apache::loncommon::end_page());
254: return OK;
255: }
256:
257: sub get_denied_action_text {
258: my %deniedtext =
259: &Apache::lonlocal::texthash(
260: cfile => 'Copying, moving, renaming or creating file not allowed.',
261: publish => 'Publishing not allowed.',
262: upload => 'Uploading file not allowed.',
263: testbank => 'Uploading testbank file not allowed',
264: retrieve => 'Retrieving version information not allowed.',
265: cleanup => 'Clean up of file not allowed.',
266: diff => 'Display of differences between file versions disallowed.',
267: decompress => 'Decompression of archive file disallowed.',
268: );
269: return %deniedtext;
270: }
271:
272: 1;
273: __END__
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>