--- loncom/auth/lonroles.pm 2003/07/05 10:07:11 1.63 +++ loncom/auth/lonroles.pm 2005/11/11 18:47:09 1.134 @@ -1,7 +1,7 @@ # The LearningOnline Network with CAPA # User Roles Screen # -# $Id: lonroles.pm,v 1.63 2003/07/05 10:07:11 www Exp $ +# $Id: lonroles.pm,v 1.134 2005/11/11 18:47:09 www Exp $ # # Copyright Michigan State University Board of Trustees # @@ -25,51 +25,52 @@ # # http://www.lon-capa.org/ # -# (Directory Indexer -# (Login Screen -# YEAR=1999 -# 5/21/99,5/22,5/25,5/26,5/31,6/2,6/10,7/12,7/14 Gerd Kortemeyer) -# 11/23 Gerd Kortemeyer) -# YEAR=2000 -# 1/14,03/06,06/01,07/22,07/24,07/25, -# 09/04,09/06,09/28,09/29,09/30,10/2,10/5,10/26,10/28, -# 12/08,12/28, -# YEAR=2001 -# 01/15/01 Gerd Kortemeyer -# 03/02,05/03,05/25,05/30,06/01,07/06,08/06 Gerd Kortemeyer -# 12/29 Gerd Kortemeyer -# ### package Apache::lonroles; use strict; -use Apache::lonnet(); +use Apache::lonnet; use Apache::lonuserstate(); use Apache::Constants qw(:common); use Apache::File(); use Apache::lonmenu; use Apache::loncommon; +use Apache::lonhtmlcommon; use Apache::lonannounce; +use Apache::lonlocal; +use GDBM_File; sub redirect_user { - my ($r,$title,$url,$msg) = @_; + my ($r,$title,$url,$msg,$launch_nav) = @_; $msg = $title if (! defined($msg)); - $r->content_type('text/html'); + &Apache::loncommon::content_type($r,'text/html'); &Apache::loncommon::no_cache($r); $r->send_http_header; my $swinfo=&Apache::lonmenu::rawconfig(); + my $navwindow; + if ($launch_nav eq 'on') { + $navwindow.=&Apache::lonnavmaps::launch_win('now',undef,undef, + ($url eq '/adm/whatsnew')); + } else { + $navwindow.=&Apache::lonnavmaps::close(); + } my $bodytag=&Apache::loncommon::bodytag('Switching Role'); - $r->print (<print(<$title $bodytag - +$navwindow

$msg

+Continue ENDREDIR @@ -81,56 +82,118 @@ sub handler { my $r = shift; my $now=time; - my $then=$ENV{'user.login.time'}; + my $then=$env{'user.login.time'}; my $envkey; - + my %dcroles = (); + my $numdc = &check_fordc(\%dcroles,$then); # ================================================================== Roles Init - - if ($ENV{'form.selectrole'}) { - if ($ENV{'request.course.id'}) { - my %temp=('logout_'.$ENV{'request.course.id'} => time); + if ($env{'form.selectrole'}) { + if ($env{'form.newrole'}) { + $env{'form.'.$env{'form.newrole'}}=1; + } + if ($env{'request.course.id'}) { + my %temp=('logout_'.$env{'request.course.id'} => time); &Apache::lonnet::put('email_status',\%temp); - } + &Apache::lonnet::delenv('user.state.'.$env{'request.course.id'}); + } &Apache::lonnet::appenv("request.course.id" => '', "request.course.fn" => '', "request.course.uri" => '', "request.course.sec" => '', "request.role" => 'cm', - "request.role.adv" => $ENV{'user.adv'}, - "request.role.domain" => $ENV{'user.domain'}); - foreach $envkey (keys %ENV) { + "request.role.adv" => $env{'user.adv'}, + "request.role.domain" => $env{'user.domain'}); + +# Check if user is a DC trying to enter a course and needs privs to be created + if ($numdc > 0) { + foreach my $envkey (keys %env) { + if ($envkey =~ m-^form\.cc\./(\w+)/(\w+)$-) { + if ($dcroles{$1}) { + my $cckey = 'user.role.cc./'.$1.'/'.$2; + &check_privs($cckey,$then,$now); + } + last; + } + } + } + + foreach $envkey (keys %env) { next if ($envkey!~/^user\.role\./); - my (undef,undef,$role,@pwhere)=split(/\./,$envkey); - my $where=join('.',@pwhere); - my $trolecode=$role.'.'.$where; - if ($ENV{'form.'.$trolecode}) { - my ($tstart,$tend)=split(/\./,$ENV{$envkey}); - my $tstatus='is'; - if ($tstart) { - if ($tstart>$then) { - $tstatus='future'; - } - } - if ($tend) { - if ($tend<$then) { $tstatus='expired'; } - if ($tend<$now) { $tstatus='will_not'; } - } + my ($where,$trolecode,$role,$tstatus,$tend,$tstart); + &role_status($envkey,$then,$now,\$role,\$where,\$trolecode,\$tstatus,\$tstart,\$tend); + if ($env{'form.'.$trolecode}) { if ($tstatus eq 'is') { $where=~s/^\///; my ($cdom,$cnum,$csec)=split(/\//,$where); +# store role if recent_role list being kept + if ($env{'environment.recentroles'}) { + &Apache::lonhtmlcommon::store_recent('roles', + $trolecode,' '); + } + + # check for keyed access if (($role eq 'st') && - ($ENV{'course.'.$cdom.'_'.$cnum.'.keyaccess'} eq 'yes')) { - unless (&Apache::lonnet::validate_access_key( - $ENV{'environment.key.'.$cdom.'_'.$cnum}, - $cdom,$cnum)) { + ($env{'course.'.$cdom.'_'.$cnum.'.keyaccess'} eq 'yes')) { +# who is key authority? + my $authdom=$cdom; + my $authnum=$cnum; + if ($env{'course.'.$cdom.'_'.$cnum.'.keyauth'}) { + ($authnum,$authdom)= + split(/\W/,$env{'course.'.$cdom.'_'.$cnum.'.keyauth'}); + } +# check with key authority + unless (&Apache::lonnet::validate_access_key( + $env{'environment.key.'.$cdom.'_'.$cnum}, + $authdom,$authnum)) { # there is no valid key - if ($ENV{'form.newkey'}) { + if ($env{'form.newkey'}) { # student attempts to register a new key + &Apache::loncommon::content_type($r,'text/html'); + &Apache::loncommon::no_cache($r); + $r->send_http_header; + my $swinfo=&Apache::lonmenu::rawconfig(); + my $bodytag=&Apache::loncommon::bodytag + ('Verifying Access Key to Unlock this Course'); + my $buttontext=&mt('Enter Course'); + my $message=&mt('Successfully registered key'); + my $assignresult= + &Apache::lonnet::assign_access_key( + $env{'form.newkey'}, + $authdom,$authnum, + $cdom,$cnum, + $env{'user.domain'}, + $env{'user.name'}, + 'Assigned from '.$ENV{'REMOTE_ADDR'}.' at '.localtime().' for '. + $trolecode); + unless ($assignresult eq 'ok') { + $assignresult=~s/^error\:\s*//; + $message=&mt($assignresult). + '
'. + &mt('Logout').''; + $buttontext=&mt('Re-Enter Key'); + } + $r->print(<Verifying Course Access Key + + +$bodytag + +
+ + +$message
+ +
+ +ENDENTEREDKEY + return OK; } else { # print form to enter a new key - $r->content_type('text/html'); + &Apache::loncommon::content_type($r,'text/html'); &Apache::loncommon::no_cache($r); $r->send_http_header; my $swinfo=&Apache::lonmenu::rawconfig(); @@ -145,8 +208,9 @@ $bodytag $swinfo
- - + + +
@@ -155,32 +219,40 @@ ENDENTERKEY } } } - my $tadv=0; - if (($trolecode!~/^st/) && - ($trolecode!~/^ta/) && - ($trolecode!~/^cm/)) { $tadv=1; } + &Apache::lonnet::log($env{'user.domain'}, + $env{'user.name'}, + $env{'user.home'}, + "Role ".$trolecode); + &Apache::lonnet::appenv( - 'request.role' => $trolecode, - 'request.role.adv' => $tadv, + 'request.role' => $trolecode, 'request.role.domain' => $cdom, 'request.course.sec' => $csec); - my $msg='Entering course ...'; + my $tadv=0; + my $msg=&mt('Entering course ...'); - if (($cnum) && ($role ne 'ca')) { + if (($cnum) && ($role ne 'ca') && ($role ne 'aa')) { my ($furl,$ferr)= &Apache::lonuserstate::readmap($cdom.'/'.$cnum); - if (($ENV{'form.orgurl'}) && - ($ENV{'form.orgurl'}!~/^\/adm\/flip/)) { - $r->internal_redirect($ENV{'form.orgurl'}); + if (($env{'form.orgurl'}) && + ($env{'form.orgurl'}!~/^\/adm\/flip/)) { + my $dest=$env{'form.orgurl'}; + if (&Apache::lonnet::allowed('adv') eq 'F') { $tadv=1; } + &Apache::lonnet::appenv('request.role.adv'=>$tadv); + $r->internal_redirect($dest); return OK; } else { - unless ($ENV{'request.course.id'}) { + unless ($env{'request.course.id'}) { &Apache::lonnet::appenv( "request.course.id" => $cdom.'_'.$cnum); $furl='/adm/roles?tryagain=1'; $msg= - '

Could not initialize course at this time.

Please try again.

'; + '

'. + &mt('Could not initialize course at this time.'). + '

'.&mt('Please try again.').'

'.$ferr; } + if (&Apache::lonnet::allowed('adv') eq 'F') { $tadv=1; } + &Apache::lonnet::appenv('request.role.adv'=>$tadv); # Check to see if the user is a CC entering a course # for the first time @@ -189,29 +261,42 @@ ENDENTERKEY $courseid = substr($courseid, 1); } $courseid =~ s/\//_/; - if ($role eq 'cc' && $ENV{'course.' . $courseid . + if ($role eq 'cc' && $env{'course.' . $courseid . '.course.helper.not.run'}) { $furl = "/adm/helper/course.initialization.helper"; + # Send the user to the course they selected + } elsif (($env{'request.course.fn'}) + && ($role eq 'cc' && ($env{'environment.course_init_display'} ne 'firstres'))) { + $msg = &mt('Entering course ....'); + &redirect_user($r,&mt('New in course'), + '/adm/whatsnew',$msg, + $env{'environment.remotenavmap'}); + return OK; } - # - # Send the user to the course they selected - &redirect_user($r,'Entering Course', - $furl,$msg); - return OK; + &redirect_user($r,&mt('Entering Course'), + $furl,$msg, + $env{'environment.remotenavmap'}); + return OK; } } # # Send the user to the construction space they selected - if ($role =~ /^(au|ca)$/) { + if ($role =~ /^(au|ca|aa)$/) { my $redirect_url = '/priv/'; if ($role eq 'au') { - $redirect_url.=$ENV{'user.name'}; + $redirect_url.=$env{'user.name'}; } else { $where =~ /\/(.*)$/; $redirect_url .= $1; } $redirect_url .= '/'; - &redirect_user($r,'Entering Construction Space', + &redirect_user($r,&mt('Entering Construction Space'), + $redirect_url); + return OK; + } + if ($role eq 'dc') { + my $redirect_url = '/adm/menu/'; + &redirect_user($r,&mt('Loading Domain Coordinator Menu'), $redirect_url); return OK; } @@ -223,15 +308,15 @@ ENDENTERKEY # =============================================================== No Roles Init - $r->content_type('text/html'); + &Apache::loncommon::content_type($r,'text/html'); &Apache::loncommon::no_cache($r); $r->send_http_header; return OK if $r->header_only; my $swinfo=&Apache::lonmenu::rawconfig(); my $bodytag=&Apache::loncommon::bodytag('User Roles'); - my $helptag=&Apache::loncommon::help_open_topic - ("General_Intro","Click here for help"); + my $standby=&mt('Role selected. Please stand by.'); + my $helptag='
'.&Apache::loncommon::help_open_menu('','General Intro','General_Intro','User Roles',1,undef,undef,undef,undef,,&mt("Click here for help")).'
'; $r->print(< @@ -242,142 +327,162 @@ $helptag
ENDHEADER # ------------------------------------------ Get Error Message from Environment - my ($fn,$priv,$nochoose,$error,$msg)=split(/:/,$ENV{'user.error.msg'}); - if ($ENV{'user.error.msg'}) { + my ($fn,$priv,$nochoose,$error,$msg)=split(/:/,$env{'user.error.msg'}); + if ($env{'user.error.msg'}) { $r->log_reason( - "$msg for $ENV{'user.name'} domain $ENV{'user.domain'} access $priv",$fn); + "$msg for $env{'user.name'} domain $env{'user.domain'} access $priv",$fn); } # ------------------------------------------------- Can this user re-init, etc? - my $advanced=$ENV{'user.adv'}; + my $advanced=$env{'user.adv'}; &Apache::loncommon::get_unprocessed_cgi($ENV{'QUERY_STRING'},['tryagain']); - my $tryagain=$ENV{'form.tryagain'}; + my $tryagain=$env{'form.tryagain'}; # -------------------------------------------------------- Generate Page Output # --------------------------------------------------------------- Error Header? if ($error) { $r->print("

LON-CAPA Access Control

"); - $r->print("
Access  : ".
+        $r->print("
Access  : ".
                   Apache::lonnet::plaintext($priv)."\n");
-        $r->print("Resource: $fn\n");
-        $r->print("Action  : $msg\n

"); + $r->print("Resource: ".&Apache::lonenc::check_encrypt($fn)."\n"); + $r->print("Action : $msg\n

"); + my $url=$fn; + my $last; + if (tie(my %hash,'GDBM_File',$env{'request.course.fn'}.'_symb.db', + &GDBM_READER(),0640)) { + $last=$hash{'last_known'}; + untie(%hash); + } + if ($last) { $fn.='?symb='.&Apache::lonnet::escape($last); } + + &Apache::londocs::changewarning($r,undef,'You have modified your course recently, [_1] may fix this access problem.', + &Apache::lonenc::check_encrypt($fn)); } else { - if ($ENV{'user.error.msg'}) { + if ($env{'user.error.msg'}) { $r->print( - '

You need to choose another user role or '. - 'enter a specific course for this function

'); + '

'. + &mt('You need to choose another user role or enter a specific course for this function').'

'); } } # -------------------------------------------------------- Choice or no choice? if ($nochoose) { if ($advanced) { - $r->print("

Assigned User Roles

\n"); + $r->print("

".&mt('Assigned User Roles')."

\n"); } else { - $r->print("

Sorry ...

\nThis resource might be part of"); - if ($ENV{'request.course.id'}) { - $r->print(' another'); + $r->print("

".&mt('Sorry ...')."

\n". + &mt('This resource might be part of')); + if ($env{'request.course.id'}) { + $r->print(&mt(' another')); } else { - $r->print(' a certain'); + $r->print(&mt(' a certain')); } - $r->print(' course.'); + $r->print(&mt(' course.').''); return OK; } } else { if ($advanced) { - $r->print("Your home server is ". + $r->print(&mt("Your home server is "). $Apache::lonnet::hostname{&Apache::lonnet::homeserver - ($ENV{'user.name'},$ENV{'user.domain'})}. + ($env{'user.name'},$env{'user.domain'})}. "
\n"); - $r->print("Author and Co-Author roles may not be available on ". - "servers other than your home server."); - } else { - $r->print("

Select a Course to Enter

\n"); + $r->print(&mt( + "Author and Co-Author roles are not available on servers other than their respective home servers.")); } if (($ENV{'REDIRECT_QUERY_STRING'}) && ($fn)) { $fn.='?'.$ENV{'REDIRECT_QUERY_STRING'}; } - $r->print('
'); - $r->print(''); - $r->print(''); + $r->print(''); + $r->print(''); + $r->print(''); + $r->print(''); } - if ($ENV{'user.adv'}) { + if ($env{'user.adv'}) { $r->print( - '
Show all roles: print(' checked'); } - $r->print('>'); + '
'); } -# ----------------------------------------------------------------------- Table - $r->print('
'); - unless ($nochoose) { $r->print(''); } - $r->print(''. - ''."\n"); - foreach $envkey (sort keys %ENV) { + my (%roletext,%sortrole,%roleclass); + my $countactive=0; + my $inrole=0; + my $possiblerole=''; + foreach $envkey (sort keys %env) { my $button = 1; my $switchserver=''; + my $roletext; + my $sortkey; if ($envkey=~/^user\.role\./) { - my (undef,undef,$role,@pwhere)=split(/\./,$envkey); + my ($role,$where,$trolecode,$tstart,$tend,$tremark,$tstatus,$tpstart,$tpend,$tfont); + &role_status($envkey,$then,$now,\$role,\$where,\$trolecode,\$tstatus,\$tstart,\$tend); next if (!defined($role) || $role eq ''); - my $where=join('.',@pwhere); - my $trolecode=$role.'.'.$where; - my ($tstart,$tend)=split(/\./,$ENV{$envkey}); - my $tremark=''; - my $tstatus='is'; - my $tpstart=' '; - my $tpend=' '; - my $tfont='#000000'; + $tremark=''; + $tpstart=' '; + $tpend=' '; + $tfont='#000000'; if ($tstart) { - if ($tstart>$then) { - $tstatus='future'; - if ($tstart<$now) { $tstatus='will'; } - } - $tpstart=localtime($tstart); + $tpstart=&Apache::lonlocal::locallocaltime($tstart); } if ($tend) { - if ($tend<$then) { - $tstatus='expired'; - } elsif ($tend<$now) { - $tstatus='will_not'; - } - $tpend=localtime($tend); + $tpend=&Apache::lonlocal::locallocaltime($tend); } - if ($ENV{'request.role'} eq $trolecode) { + if ($env{'request.role'} eq $trolecode) { $tstatus='selected'; } my $tbg; if (($tstatus eq 'is') || ($tstatus eq 'selected') || - ($ENV{'form.showall'})) { + ($env{'form.showall'})) { if ($tstatus eq 'is') { $tbg='#77FF77'; $tfont='#003300'; + $possiblerole=$trolecode; + $countactive++; } elsif ($tstatus eq 'future') { $tbg='#FFFF77'; $button=0; } elsif ($tstatus eq 'will') { $tbg='#FFAA77'; - $tremark.='Active at next login. '; + $tremark.=&mt('Active at next login. '); } elsif ($tstatus eq 'expired') { $tbg='#FF7777'; $tfont='#330000'; $button=0; } elsif ($tstatus eq 'will_not') { $tbg='#AAFF77'; - $tremark.='Expired after logout. '; + $tremark.=&mt('Expired after logout. '); } elsif ($tstatus eq 'selected') { $tbg='#11CC55'; $tfont='#002200'; - $tremark.='Currently selected. '; + $inrole=1; + $countactive++; + $tremark.=&mt('Currently selected. '); } my $trole; if ($role =~ /^cr\//) { my ($rdummy,$rdomain,$rauthor,$rrole)=split(/\//,$role); - $tremark.='
Defined by '.$rauthor.' at '.$rdomain.'.'; + if ($tremark) { $tremark.='
'; } + $tremark.=&mt('Defined by ').$rauthor. + &mt(' at ').$rdomain.'.'; $trole=$rrole; } else { $trole=Apache::lonnet::plaintext($role); @@ -387,128 +492,202 @@ ENDHEADER my ($tdom,$trest,$tsection)= split(/\//,Apache::lonnet::declutter($where)); # First, Co-Authorship roles - if ($role eq 'ca') { + if (($role eq 'ca') || ($role eq 'aa')) { my $home = &Apache::lonnet::homeserver($trest,$tdom); - if ($home ne $r->dir_config('lonHostID')) { + my $allowed=0; + my @ids=&Apache::lonnet::current_machine_ids(); + foreach my $id (@ids) { if ($id eq $home) { $allowed=1; } } + if (!$allowed) { $button=0; - $switchserver=&Apache::lonnet::escape('http://'. - $Apache::lonnet::hostname{$home}. - '/adm/login?domain='.$ENV{'user.domain'}. - '&username='.$ENV{'user.name'}. - '&firsturl=/priv/'.$trest); + $switchserver='otherserver='.$home.'&role='.$trolecode; } #next if ($home eq 'no_host'); $home = $Apache::lonnet::hostname{$home}; $ttype='Construction Space'; - $twhere='User: '.$trest.'
Domain: '.$tdom.'
'. - ' Server: '.$home; - $ENV{'course.'.$tdom.'_'.$trest.'.description'}='ca'; + $twhere=&mt('User').': '.$trest.'
'.&mt('Domain'). + ': '.$tdom.'
'. + ' '.&mt('Server').': '.$home; + $env{'course.'.$tdom.'_'.$trest.'.description'}='ca'; + $tremark.=&Apache::lonhtmlcommon::authorbombs('/res/'.$tdom.'/'.$trest.'/'); + $sortkey=$role."$trest:$tdom"; } elsif ($role eq 'au') { # Authors my $home = &Apache::lonnet::homeserver - ($ENV{'user.name'},$ENV{'user.domain'}); - if ($home ne $r->dir_config('lonHostID')) { + ($env{'user.name'},$env{'user.domain'}); + my $allowed=0; + my @ids=&Apache::lonnet::current_machine_ids(); + foreach my $id (@ids) { if ($id eq $home) { $allowed=1; } } + if (!$allowed) { $button=0; $switchserver=&Apache::lonnet::escape('http://'. $Apache::lonnet::hostname{$home}. - '/adm/login?domain='.$ENV{'user.domain'}. - '&username='.$ENV{'user.name'}. - '&firsturl=/priv/'.$ENV{'user.name'}); + '/adm/login?domain='.$env{'user.domain'}. + '&username='.$env{'user.name'}. + '&firsturl=/priv/'.$env{'user.name'}.'/'); } #next if ($home eq 'no_host'); $home = $Apache::lonnet::hostname{$home}; $ttype='Construction Space'; - $twhere='Domain: '.$tdom.'
Server: '.$home; - $ENV{'course.'.$tdom.'_'.$trest.'.description'}='ca'; + $twhere=&mt('Domain').': '.$tdom.'
'.&mt('Server'). + ': '.$home; + $env{'course.'.$tdom.'_'.$trest.'.description'}='ca'; + $tremark.=&Apache::lonhtmlcommon::authorbombs('/res/'.$tdom.'/'.$env{'user.name'}.'/'); + $sortkey=$role; } elsif ($trest) { $ttype='Course'; - if ($tsection) { - $ttype.='
Section/Group: '.$tsection; - } my $tcourseid=$tdom.'_'.$trest; - if ($ENV{'course.'.$tcourseid.'.description'}) { - $twhere=$ENV{'course.'.$tcourseid.'.description'}; - unless ($twhere eq 'Currently not available') { + if ($env{'course.'.$tcourseid.'.description'}) { + $twhere=$env{'course.'.$tcourseid.'.description'}; + $sortkey=$role."\0".$tdom."\0".$twhere."\0".$envkey; + unless ($twhere eq &mt('Currently not available')) { $twhere.=' '. - &Apache::loncommon::syllabuswrapper('Syllabus',$trest,$tdom,$tfont). + &Apache::loncommon::syllabuswrapper(&mt('Syllabus'),$trest,$tdom,$tfont). ''; } } else { - my %newhash=Apache::lonnet::coursedescription - ($tcourseid); + my %newhash=&Apache::lonnet::coursedescription($tcourseid); if (%newhash) { + $sortkey=$role."\0".$tdom."\0".$newhash{'description'}. + "\0".$envkey; $twhere=$newhash{'description'}. ' '. - &Apache::loncommon::syllabuswrapper('Syllabus',$trest,$tdom,$tfont). + &Apache::loncommon::syllabuswrapper(&mt('Syllabus'),$trest,$tdom,$tfont). ''; } else { - $twhere='Currently not available'; - $ENV{'course.'.$tcourseid.'.description'}=$twhere; + $twhere=&mt('Currently not available'); + $env{'course.'.$tcourseid.'.description'}=$twhere; + $sortkey=$role."\0".$tdom."\0".$twhere."\0".$envkey; } } - if ($role ne 'st') { $twhere.="
Domain:".$tdom; } + if ($tsection) { + $twhere.='
'.&mt('Section/Group').': '.$tsection; + } + + if ($role ne 'st') { $twhere.="
".&mt('Domain').":".$tdom; } } elsif ($tdom) { $ttype='Domain'; $twhere=$tdom; + $sortkey=$role.$twhere; } else { $ttype='System'; - $twhere='system wide'; + $twhere=&mt('system wide'); + $sortkey=$role.$twhere; } - $r->print(''); - unless ($nochoose) { - if (!$button) { - if ($switchserver) { - $r->print(''); - } else { - $r->print(''); - } - } elsif ($tstatus eq 'is') { - $r->print(''); - } elsif ($tryagain) { - $r->print - (''); - } elsif ($advanced) { - $r->print - (''); - } else { - $r->print(''); + $roletext.=&build_roletext($trolecode,$tdom,$trest,$tstatus,$tryagain,$advanced,$tremark,$tbg,$tfont,$trole,$ttype,$twhere,$tpstart,$tpend,$nochoose,$button,$switchserver); + $roletext{$envkey}=$roletext; + if (!$sortkey) {$sortkey=$twhere."\0".$envkey;} + $sortrole{$sortkey}=$envkey; + $roleclass{$envkey}=$ttype; + } + } + } +# No active roles + if ($countactive==0) { + if ($inrole) { + $r->print('

'.&mt('Currently no additional roles or courses').'

'); + } else { + $r->print('

'.&mt('Currently no active roles or courses').'

'); + } + $r->print(''); + return OK; +# Is there only one choice? + } elsif (($countactive==1) && ($env{'request.role'} eq 'cm')) { + $r->print('

'.&mt('Please stand by.').'

'. + ''); + $r->print("\n"); + $r->rflush(); + $r->print(''); + $r->print(''); + return OK; + } +# More than one possible role +# ----------------------------------------------------------------------- Table + unless (($advanced) || ($nochoose)) { + $r->print("

".&mt('Select a Course to Enter')."

\n"); + } + $r->print('
 User RoleExtentStartEndRemark
Switch Server  
'); + unless ($nochoose) { $r->print(''); } + $r->print(''."\n"); + my $doheaders=-1; + foreach my $type ('Domain','Construction Space','Course','System') { + my $haverole=0; + foreach my $which (sort {uc($a) cmp uc($b)} (keys(%sortrole))) { + if ($roleclass{$sortrole{$which}} =~ /^\Q$type\E/) { + $haverole=1; + } + } + if ($haverole) { $doheaders++; } + } + + if ($env{'environment.recentroles'}) { + my %recent_roles = + &Apache::lonhtmlcommon::get_recent('roles',$env{'environment.recentrolesn'}); + my $output=''; + foreach (sort(keys(%recent_roles))) { + if (defined($roletext{'user.role.'.$_})) { + $output.=$roletext{'user.role.'.$_}; + if ($_ =~ m-dc\./(\w+)/- && $dcroles{$1}) { + $output .= &allcourses_row($1); + } + } elsif ($numdc > 0) { + unless ($_ =~/^error\:/) { + $output.=&display_cc_role('user.role.'.$_); + } + } + } + if ($output) { + $r->print(""); + $r->print($output); + $r->print(""); + $doheaders ++; + } + } + + if ($numdc > 0) { + $r->print(&coursepick_jscript()); + $r->print(&Apache::loncommon::coursebrowser_javascript()); + } + foreach my $type ('Construction Space','Domain','Course','System') { + my $output; + foreach my $which (sort {uc($a) cmp uc($b)} (keys(%sortrole))) { + if ($roleclass{$sortrole{$which}} =~ /^\Q$type\E/) { + $output.=$roletext{$sortrole{$which}}; + if ($sortrole{$which} =~ m-dc\./(\w+)/-) { + if ($dcroles{$1}) { + $output .= &allcourses_row($1); } } - $tremark.=&Apache::lonannounce::showday(time,1, - &Apache::lonannounce::readcalendar($tdom.'_'.$trest)); - - $r->print(''."\n"); } - } + } + if ($output) { + if ($doheaders > 0) { + $r->print("". + ""); + } + $r->print($output); + } } my $tremark=''; my $tfont='#003300'; - if ($ENV{'request.role'} eq 'cm') { + if ($env{'request.role'} eq 'cm') { $r->print(''); - $tremark='Currently selected.'; + $tremark=&mt('Currently selected. '); $tfont='#002200'; } else { $r->print(''); } unless ($nochoose) { - if ($ENV{'request.role'} ne 'cm') { - $r->print(''); + if ($env{'request.role'} ne 'cm') { + $r->print(''); } else { $r->print(''); } } - $r->print(''."\n"); @@ -517,24 +696,24 @@ ENDHEADER $r->print("\n"); } # ------------------------------------------------------------ Privileges Info - if (($advanced) && (($ENV{'user.error.msg'}) || ($error))) { - $r->print('

Current Privileges

'); + if (($advanced) && (($env{'user.error.msg'}) || ($error))) { + $r->print('

Current Privileges

'); - foreach $envkey (sort keys %ENV) { - if ($envkey=~/^user\.priv\.$ENV{'request.role'}\./) { + foreach $envkey (sort keys %env) { + if ($envkey=~/^user\.priv\.$env{'request.role'}\./) { my $where=$envkey; - $where=~s/^user\.priv\.$ENV{'request.role'}\.//; + $where=~s/^user\.priv\.$env{'request.role'}\.//; my $ttype; my $twhere; my ($tdom,$trest,$tsec)= split(/\//,Apache::lonnet::declutter($where)); if ($trest) { - if ($ENV{'course.'.$tdom.'_'.$trest.'.description'} eq 'ca') { + if ($env{'course.'.$tdom.'_'.$trest.'.description'} eq 'ca') { $ttype='Construction Space'; $twhere='User: '.$trest.', Domain: '.$tdom; } else { $ttype='Course'; - $twhere=$ENV{'course.'.$tdom.'_'.$trest.'.description'}; + $twhere=$env{'course.'.$tdom.'_'.$trest.'.description'}; if ($tsec) { $twhere.=' (Section/Group: '.$tsec.')'; } @@ -547,7 +726,7 @@ ENDHEADER $twhere='/'; } $r->print("\n

".$ttype.': '.$twhere.'

    '); - foreach (sort split(/:/,$ENV{$envkey})) { + foreach (sort split(/:/,$env{$envkey})) { if ($_) { my ($prv,$restr)=split(/\&/,$_); my $trestr=''; @@ -570,10 +749,284 @@ ENDHEADER } } } - + $r->print(&Apache::lonnet::getannounce()); + if ($advanced) { + $r->print('

    This is LON-CAPA '. + $r->dir_config('lonVersion').'
    '. + ''.&mt('Logout').'

    '); + } $r->print("\n"); return OK; -} +} + +sub role_status { + my ($rolekey,$then,$now,$role,$where,$trolecode,$tstatus,$tstart,$tend) = @_; + my @pwhere = (); + if (exists($env{$rolekey}) && $env{$rolekey} ne '') { + (undef,undef,$$role,@pwhere)=split(/\./,$rolekey); + unless (!defined($$role) || $$role eq '') { + $$where=join('.',@pwhere); + $$trolecode=$$role.'.'.$$where; + ($$tstart,$$tend)=split(/\./,$env{$rolekey}); + $$tstatus='is'; + if ($$tstart && $$tstart>$then) { + $$tstatus='future'; + if ($$tstart<$now) { $$tstatus='will'; } + } + if ($$tend) { + if ($$tend<$then) { + $$tstatus='expired'; + } elsif ($$tend<$now) { + $$tstatus='will_not'; + } + } + } + } +} + +sub build_roletext { + my ($trolecode,$tdom,$trest,$tstatus,$tryagain,$advanced,$tremark,$tbg,$tfont,$trole,$ttype,$twhere,$tpstart,$tpend,$nochoose,$button,$switchserver) = @_; + my $roletext='
'; + my $is_dc=($trolecode =~ m/^dc\./); + my $rowspan=($is_dc) ? '' + : ' rowspan="2" '; + + unless ($nochoose) { + my $buttonname=$trolecode; + $buttonname=~s/\W//g; + if (!$button) { + if ($switchserver) { + $roletext.=''.&mt('Switch Server').''; + } else { + $roletext.=(''); + } + } elsif ($tstatus eq 'is') { + $roletext.=''; + } elsif ($tryagain) { + $roletext.= + ''; + } elsif ($advanced) { + $roletext.= + ''; + } else { + $roletext.=' '; + } + } + $tremark.=&Apache::lonannounce::showday(time,1, + &Apache::lonannounce::readcalendar($tdom.'_'.$trest)); + + $roletext.=''; + if (!$is_dc) { + $roletext.=''."\n"; + } + return $roletext; +} + +sub check_privs { + my ($cckey,$then,$now) = @_; + if ($env{$cckey}) { + my ($role,$where,$trolecode,$tstart,$tend,$tremark,$tstatus,$tpstart,$tpend,$tfont); + &role_status($cckey,$then,$now,\$role,\$where,\$trolecode,\$tstatus,\$tstart,\$tend); + unless (($tstatus eq 'is') || ($tstatus eq 'will_not')) { + &set_privileges($1,$2); + } + } else { + &set_privileges($1,$2); + } +} + +sub check_fordc { + my ($dcroles,$then) = @_; + my $numdc = 0; + if ($env{'user.adv'}) { + foreach my $envkey (sort keys %env) { + if ($envkey=~/^user\.role\.dc\.\/(\w+)\/$/) { + my $dcdom = $1; + my $livedc = 1; + my ($tstart,$tend)=split(/\./,$env{$envkey}); + if ($tstart && $tstart>$then) { $livedc = 0; } + if ($tend && $tend <$then) { $livedc = 0; } + if ($livedc) { + $$dcroles{$dcdom} = $envkey; + $numdc++; + } + } + } + } + return $numdc; +} + +sub courselink { + my ($dcdom) = @_; + my $courseform=&Apache::loncommon::selectcourse_link + ('rolechoice','dccourse_'.$dcdom,'dcdomain_'.$dcdom,'coursedesc_'.$dcdom,$dcdom); + my $hiddenitems = ''. + ''. + ''. + ''; + return $courseform.$hiddenitems; +} + +sub coursepick_jscript { + my $verify_script = <<"END"; + +END + return $verify_script; +} + +sub processpick { + my $dcdom = shift; + my $process_pick = <<"END"; + +END + return $process_pick; +} + +sub display_cc_role { + my $rolekey = shift; + my $roletext; + my $advanced = $env{'user.adv'}; + my $tryagain = $env{'form.tryagain'}; + unless ($rolekey =~/^error\:/) { + if ($rolekey =~ m-^user\.role.cc\./(\w+)/(\w+)$-) { + my $tcourseid = $1.'_'.$2; + my $trolecode = 'cc./'.$1.'/'.$2; + my $trole = Apache::lonnet::plaintext('cc'); + my $twhere; + my $tbg='#77FF77'; + my $tfont='#003300'; + my %newhash=&Apache::lonnet::coursedescription($tcourseid); + if (%newhash) { + $twhere=$newhash{'description'}. + ' '. + &Apache::loncommon::syllabuswrapper(&mt('Syllabus'),$2,$1,$tfont). + ''; + } else { + $twhere=&mt('Currently not available'); + $env{'course.'.$tcourseid.'.description'}=$twhere; + } + $twhere.="
".&mt('Domain').":".$1; + $roletext = &build_roletext($trolecode,$1,$2,'is',$tryagain,$advanced,'',$tbg,$tfont,$trole,&mt('Course'),$twhere,'','','',1,''); + } + } + return $roletext; +} + +sub allcourses_row { + my $dcdom = shift; + my $ccrole = Apache::lonnet::plaintext('cc'); + my $selectlink = &courselink($dcdom); + my $output = ''. + ''. + ''. + ''."\n"; + return $output; +} + +sub recent_filename { + my $area=shift; + return 'nohist_recent_'.&Apache::lonnet::escape($area); +} + +sub set_privileges { + my ($dcdom,$pickedcourse) = @_; + my $area = '/'.$dcdom.'/'.$pickedcourse; + my $role = 'cc'; + my $spec = $role.'.'.$area; + my $userroles = &Apache::lonnet::set_arearole($role,$area,'','',$dcdom,$env{'user.name'}); + my %ccrole = (); + &Apache::lonnet::standard_roleprivs(\%ccrole,$role,$dcdom,$spec,$pickedcourse,$area); + my ($author,$adv)= &Apache::lonnet::set_userprivs(\$userroles,\%ccrole); + my @newprivs = split/\n/,$userroles; + my %newccroles = (); + foreach (@newprivs) { + my ($key,$val) = split/=/,$_; + $newccroles{$key} = $val; + } + &Apache::lonnet::appenv(%newccroles); + &Apache::lonnet::log($env{'user.domain'}, + $env{'user.name'}, + $env{'user.home'}, + "Role ".$role); + &Apache::lonnet::appenv( + 'request.role' => $role, + 'request.role.domain' => $dcdom, + 'request.course.sec' => ''); + my $tadv=0; + if (&Apache::lonnet::allowed('adv') eq 'F') { $tadv=1; } + &Apache::lonnet::appenv('request.role.adv' => $tadv); +} 1; __END__ @@ -594,6 +1047,36 @@ Invoked by /etc/httpd/conf/srm.conf: ErrorDocument 500 /adm/errorhandler +=head1 OVERVIEW + +=head2 Choosing Roles + +C is a handler that allows a user to switch roles in +mid-session. LON-CAPA attempts to work with "No Role Specified", the +default role that a user has before selecting a role, as widely as +possible, but certain handlers for example need specification which +course they should act on, etc. Both in this scenario, and when the +handler determines via C's C<&allowed> function that a certain +action is not allowed, C is used as error handler. This +allows the user to select another role which may have permission to do +what they were trying to do. C can also be accessed via the +B button in the Remote Control. + +=begin latex + +\begin{figure} +\begin{center} +\includegraphics[width=0.45\paperwidth,keepaspectratio]{Sample_Roles_Screen} + \caption{\label{Sample_Roles_Screen}Sample Roles Screen} +\end{center} +\end{figure} + +=end latex + +=head2 Role Initialization + +The privileges for a user are established at login time and stored in the session environment. As a consequence, a new role does not become active till the next login. Handlers are able to query for privileges using C's C<&allowed> function. When a user first logs in, their role is the "common" role, which means that they have the sum of all of their privileges. During a session it might become necessary to choose a particular role, which as a consequence also limits the user to only the privileges in that particular role. + =head1 INTRODUCTION This module enables a user to select what role he wishes to
 '.&mt('User Role').''.&mt('Extent'). + ''.&mt('Start').''.&mt('End').'
". + &mt('Recent Roles')."
'.$trole. - ''.$ttype. - ''.$twhere. - ''.$tpstart. - ''.$tpend. - ''.$tremark. - ' 
".&mt($type)."
 No role specified'. + $r->print(''.&mt('No role specified'). ''.$tremark. ' 
 '.$trole. + ''.$twhere. + ''.$tpstart. + ''.$tpend. + '
'.$tremark. + ' 
'. + ''.$ccrole.''. + ' '.$selectlink.''. + ' from '.&mt('Domain').' '.$dcdom. + '