--- loncom/auth/lonroles.pm 2005/11/15 21:39:28 1.136 +++ loncom/auth/lonroles.pm 2012/08/03 17:35:39 1.269.2.1 @@ -1,7 +1,7 @@ # The LearningOnline Network with CAPA # User Roles Screen # -# $Id: lonroles.pm,v 1.136 2005/11/15 21:39:28 raeburn Exp $ +# $Id: lonroles.pm,v 1.269.2.1 2012/08/03 17:35:39 raeburn Exp $ # # Copyright Michigan State University Board of Trustees # @@ -27,6 +27,102 @@ # ### +=pod + +=head1 NAME + +Apache::lonroles - User Roles Screen + +=head1 SYNOPSIS + +Invoked by /etc/httpd/conf/srm.conf: + + + PerlAccessHandler Apache::lonacc + SetHandler perl-script + PerlHandler Apache::lonroles + ErrorDocument 403 /adm/login + ErrorDocument 500 /adm/errorhandler + + +=head1 OVERVIEW + +=head2 Choosing Roles + +C is a handler that allows a user to switch roles in +mid-session. LON-CAPA attempts to work with "No Role Specified", the +default role that a user has before selecting a role, as widely as +possible, but certain handlers for example need specification which +course they should act on, etc. Both in this scenario, and when the +handler determines via C's C<&allowed> function that a certain +action is not allowed, C is used as error handler. This +allows the user to select another role which may have permission to do +what they were trying to do. + +=begin latex + +\begin{figure} +\begin{center} +\includegraphics[width=0.45\paperwidth,keepaspectratio]{Sample_Roles_Screen} + \caption{\label{Sample_Roles_Screen}Sample Roles Screen} +\end{center} +\end{figure} + +=end latex + +=head2 Role Initialization + +The privileges for a user are established at login time and stored in the session environment. As a consequence, a new role does not become active till the next login. Handlers are able to query for privileges using C's C<&allowed> function. When a user first logs in, their role is the "common" role, which means that they have the sum of all of their privileges. During a session it might become necessary to choose a particular role, which as a consequence also limits the user to only the privileges in that particular role. + +=head1 INTRODUCTION + +This module enables a user to select what role he wishes to +operate under (instructor, student, teaching assistant, course +coordinator, etc). These roles are pre-established by the actions +of upper-level users. + +This is part of the LearningOnline Network with CAPA project +described at http://www.lon-capa.org. + +=head1 HANDLER SUBROUTINE + +This routine is called by Apache and mod_perl. + +=over 4 + +=item * + +Roles Initialization (yes/no) + +=item * + +Get Error Message from Environment + +=item * + +Who is this? + +=item * + +Generate Page Output + +=item * + +Choice or no choice + +=item * + +Table + +=item * + +Privileges + +=back + +=cut + + package Apache::lonroles; use strict; @@ -39,79 +135,208 @@ use Apache::loncommon; use Apache::lonhtmlcommon; use Apache::lonannounce; use Apache::lonlocal; +use Apache::lonpageflip(); +use Apache::lonnavdisplay(); +use Apache::loncoursequeueadmin; use GDBM_File; +use LONCAPA qw(:DEFAULT :match); +use HTML::Entities; + sub redirect_user { - my ($r,$title,$url,$msg,$launch_nav) = @_; + my ($r,$title,$url,$msg) = @_; $msg = $title if (! defined($msg)); &Apache::loncommon::content_type($r,'text/html'); &Apache::loncommon::no_cache($r); $r->send_http_header; my $swinfo=&Apache::lonmenu::rawconfig(); - my $navwindow; - if ($launch_nav eq 'on') { - $navwindow.=&Apache::lonnavmaps::launch_win('now',undef,undef, - ($url eq '/adm/whatsnew')); - } else { - $navwindow.=&Apache::lonnavmaps::close(); - } - my $bodytag=&Apache::loncommon::bodytag('Switching Role'); + + # Breadcrumbs + my $brcrum = [{'href' => $url, + 'text' => 'Switching Role'},]; + my $start_page = &Apache::loncommon::start_page('Switching Role',undef, + {'redirect' => [1,$url], + 'bread_crumbs' => $brcrum,}); + my $end_page = &Apache::loncommon::end_page(); + # Note to style police: # This must only replace the spaces, nothing else, or it bombs elsewhere. $url=~s/ /\%20/g; $r->print(<$title - - - -$bodytag +$start_page -$navwindow -

$msg

-Continue - - +

$msg

+$end_page ENDREDIR return; } +sub error_page { + my ($r,$error,$dest)=@_; + &Apache::loncommon::content_type($r,'text/html'); + &Apache::loncommon::no_cache($r); + $r->send_http_header; + return OK if $r->header_only; + # Breadcrumbs + my $brcrum = [{'href' => $dest, + 'text' => 'Problems during Course Initialization'},]; + $r->print(&Apache::loncommon::start_page('Problems during Course Initialization', + undef, + {'bread_crumbs' => $brcrum,}) + ); + $r->print( + ''. + '

'.&mt('The following problems occurred:'). + '
'. + $error. + '


'.&mt('Continue').'' + ); + $r->print(&Apache::loncommon::end_page()); +} + sub handler { my $r = shift; my $now=time; my $then=$env{'user.login.time'}; + my $refresh=$env{'user.refresh.time'}; + my $update=$env{'user.update.time'}; + if (!$refresh) { + $refresh = $then; + } + if (!$update) { + $update = $then; + } + +# -------------------------------------------------------- Check for new roles + my $updateresult; + if ($env{'form.doupdate'}) { + my $show_course=&Apache::loncommon::show_course(); + my $checkingtxt; + if ($show_course) { + $checkingtxt = &mt('Checking for new courses ...'); + } else { + $checkingtxt = &mt('Checking for new roles ...'); + } + $updateresult = ''.$checkingtxt.''; + $updateresult .= &update_session_roles(); + &Apache::lonnet::appenv({'user.update.time' => $now}); + $update = $now; + } + my $envkey; my %dcroles = (); - my $numdc = &check_fordc(\%dcroles,$then); + my $numdc = &check_fordc(\%dcroles,$update,$then); + &Apache::loncommon::get_unprocessed_cgi($ENV{'QUERY_STRING'}); + my $loncaparev = $Apache::lonnet::perlvar{'lonVersion'}; # ================================================================== Roles Init if ($env{'form.selectrole'}) { + + my $locknum=&Apache::lonnet::get_locks(); + if ($locknum) { return 409; } + if ($env{'form.newrole'}) { $env{'form.'.$env{'form.newrole'}}=1; } if ($env{'request.course.id'}) { + # Check if user is CC trying to select a course role + if ($env{'form.switchrole'}) { + my $switch_is_active; + if (defined($env{'user.role.'.$env{'form.switchrole'}})) { + my ($start,$end) = split(/\./,$env{'user.role.'.$env{'form.switchrole'}}); + if (!$end || $end > $now) { + if (!$start || $start < $update) { + $switch_is_active = 1; + } + } + } + unless ($switch_is_active) { + &adhoc_course_role($refresh,$update,$then); + } + } my %temp=('logout_'.$env{'request.course.id'} => time); &Apache::lonnet::put('email_status',\%temp); &Apache::lonnet::delenv('user.state.'.$env{'request.course.id'}); } - &Apache::lonnet::appenv("request.course.id" => '', - "request.course.fn" => '', - "request.course.uri" => '', - "request.course.sec" => '', - "request.role" => 'cm', - "request.role.adv" => $env{'user.adv'}, - "request.role.domain" => $env{'user.domain'}); - -# Check if user is a DC trying to enter a course and needs privs to be created + &Apache::lonnet::appenv({"request.course.id" => '', + "request.course.fn" => '', + "request.course.uri" => '', + "request.course.sec" => '', + "request.course.tied" => '', + "request.role" => 'cm', + "request.role.adv" => $env{'user.adv'}, + "request.role.domain" => $env{'user.domain'}}); +# Check if user is a DC trying to enter a course or author space and needs privs to be created if ($numdc > 0) { foreach my $envkey (keys %env) { - if ($envkey =~ m-^form\.cc\./(\w+)/(\w+)$-) { - if ($dcroles{$1}) { - my $cckey = 'user.role.cc./'.$1.'/'.$2; - &check_privs($cckey,$then,$now); +# Is this an ad-hoc Coordinator role? + if (my ($ccrole,$domain,$coursenum) = + ($envkey =~ m-^form\.(cc|co)\./($match_domain)/($match_courseid)$-)) { + if ($dcroles{$domain}) { + &Apache::lonnet::check_adhoc_privs($domain,$coursenum, + $update,$refresh,$now,$ccrole); + } + last; + } +# Is this an ad-hoc CA-role? + if (my ($domain,$user) = + ($envkey =~ m-^form\.ca\./($match_domain)/($match_username)$-)) { + if (($domain eq $env{'user.domain'}) && ($user eq $env{'user.name'})) { + delete($env{$envkey}); + $env{'form.au./'.$domain.'/'} = 1; + my ($server_status,$home) = &check_author_homeserver($user,$domain); + if ($server_status eq 'switchserver') { + my $trolecode = 'au./'.$domain.'/'; + my $switchserver = '/adm/switchserver?otherserver='.$home.'&role='.$trolecode; + $r->internal_redirect($switchserver); + } + last; + } + if (my ($castart,$caend) = ($env{'user.role.ca./'.$domain.'/'.$user} =~ /^(\d*)\.(\d*)$/)) { + if (((($castart) && ($castart < $now)) || !$castart) && + ((!$caend) || (($caend) && ($caend > $now)))) { + my ($server_status,$home) = &check_author_homeserver($user,$domain); + if ($server_status eq 'switchserver') { + my $trolecode = 'ca./'.$domain.'/'.$user; + my $switchserver = '/adm/switchserver?otherserver='.$home.'&role='.$trolecode; + $r->internal_redirect($switchserver); + } + last; + } + } + # Check if author blocked ca-access + my %blocked=&Apache::lonnet::get('environment',['domcoord.author'],$domain,$user); + if ($blocked{'domcoord.author'} eq 'blocked') { + delete($env{$envkey}); + $env{'user.error.msg'}=':::1:User '.$user.' in domain '.$domain.' blocked domain coordinator access'; + last; + } + if ($dcroles{$domain}) { + my ($server_status,$home) = &check_author_homeserver($user,$domain); + if (($server_status eq 'ok') || ($server_status eq 'switchserver')) { + &Apache::lonnet::check_adhoc_privs($domain,$user,$update, + $refresh,$now,'ca'); + if ($server_status eq 'switchserver') { + my $trolecode = 'ca./'.$domain.'/'.$user; + my $switchserver = '/adm/switchserver?' + .'otherserver='.$home.'&role='.$trolecode; + $r->internal_redirect($switchserver); + } + } else { + delete($env{$envkey}); + } + } else { + delete($env{$envkey}); } last; } @@ -121,15 +346,59 @@ sub handler { foreach $envkey (keys %env) { next if ($envkey!~/^user\.role\./); my ($where,$trolecode,$role,$tstatus,$tend,$tstart); - &role_status($envkey,$then,$now,\$role,\$where,\$trolecode,\$tstatus,\$tstart,\$tend); + &Apache::lonnet::role_status($envkey,$update,$refresh,$now,\$role,\$where, + \$trolecode,\$tstatus,\$tstart,\$tend); if ($env{'form.'.$trolecode}) { if ($tstatus eq 'is') { $where=~s/^\///; my ($cdom,$cnum,$csec)=split(/\//,$where); + if (($cnum) && ($role ne 'ca') && ($role ne 'aa')) { + my $home = $env{'course.'.$cdom.'_'.$cnum.'.home'}; + my @ids = &Apache::lonnet::current_machine_ids(); + unless ($loncaparev eq '' && $home && grep(/^\Q$home\E$/,@ids)) { + my %curr_reqd_hash = &Apache::lonnet::userenvironment($cdom,$cnum,'internal.releaserequired'); + if ($curr_reqd_hash{'internal.releaserequired'} ne '') { + my ($switchserver,$switchwarning) = + &check_release_required($loncaparev,$cdom.'_'.$cnum,$trolecode,$curr_reqd_hash{'internal.releaserequired'}); + if ($switchwarning ne '' || $switchserver ne '') { + &Apache::loncommon::content_type($r,'text/html'); + &Apache::loncommon::no_cache($r); + $r->send_http_header; + my $end_page=&Apache::loncommon::end_page(); + $r->print(&Apache::loncommon::start_page('Selected course unavailable on this server'). + '

'); + if ($switchwarning) { + $r->print($switchwarning.'
'); + if (&Apache::loncommon::show_course()) { + $r->print(&mt('Display courses')); + } else { + $r->print(&mt('Display roles')); + } + $r->print(''); + } elsif ($switchserver) { + $r->print(&mt('This course requires a newer version of LON-CAPA than is installed on this server.'). + '
'. + ''. + &mt('Switch Server'). + ''); + } + $r->print('

'.&Apache::loncommon::end_page()); + return OK; + } + } + } + } +# check for course groups + my %coursegroups = &Apache::lonnet::get_active_groups( + $env{'user.domain'},$env{'user.name'},$cdom, $cnum); + my $cgrps = join(':',keys(%coursegroups)); + # store role if recent_role list being kept if ($env{'environment.recentroles'}) { + my %frozen_roles = + &Apache::lonhtmlcommon::get_recent_frozen('roles',$env{'environment.recentrolesn'}); &Apache::lonhtmlcommon::store_recent('roles', - $trolecode,' '); + $trolecode,' ',$frozen_roles{$trolecode}); } @@ -141,7 +410,7 @@ sub handler { my $authnum=$cnum; if ($env{'course.'.$cdom.'_'.$cnum.'.keyauth'}) { ($authnum,$authdom)= - split(/\W/,$env{'course.'.$cdom.'_'.$cnum.'.keyauth'}); + split(/:/,$env{'course.'.$cdom.'_'.$cnum.'.keyauth'}); } # check with key authority unless (&Apache::lonnet::validate_access_key( @@ -154,8 +423,9 @@ sub handler { &Apache::loncommon::no_cache($r); $r->send_http_header; my $swinfo=&Apache::lonmenu::rawconfig(); - my $bodytag=&Apache::loncommon::bodytag + my $start_page=&Apache::loncommon::start_page ('Verifying Access Key to Unlock this Course'); + my $end_page=&Apache::loncommon::end_page(); my $buttontext=&mt('Enter Course'); my $message=&mt('Successfully registered key'); my $assignresult= @@ -165,8 +435,11 @@ sub handler { $cdom,$cnum, $env{'user.domain'}, $env{'user.name'}, - 'Assigned from '.$ENV{'REMOTE_ADDR'}.' at '.localtime().' for '. - $trolecode); + &mt('Assigned from [_1] at [_2] for [_3]' + ,$ENV{'REMOTE_ADDR'} + ,&Apache::lonlocal::locallocaltime() + ,$trolecode) + ); unless ($assignresult eq 'ok') { $assignresult=~s/^error\:\s*//; $message=&mt($assignresult). @@ -175,20 +448,19 @@ sub handler { $buttontext=&mt('Re-Enter Key'); } $r->print(<Verifying Course Access Key - - -$bodytag - -
+ -$message
+$message
- +$end_page ENDENTEREDKEY return OK; } else { @@ -197,23 +469,23 @@ ENDENTEREDKEY &Apache::loncommon::no_cache($r); $r->send_http_header; my $swinfo=&Apache::lonmenu::rawconfig(); - my $bodytag=&Apache::loncommon::bodytag + my $start_page=&Apache::loncommon::start_page ('Enter Access Key to Unlock this Course'); + my $end_page=&Apache::loncommon::end_page(); $r->print(<Entering Course Access Key - - -$bodytag - -
+
- +$end_page ENDENTERKEY return OK; } @@ -225,57 +497,110 @@ ENDENTERKEY "Role ".$trolecode); &Apache::lonnet::appenv( - 'request.role' => $trolecode, - 'request.role.domain' => $cdom, - 'request.course.sec' => $csec); + {'request.role' => $trolecode, + 'request.role.domain' => $cdom, + 'request.course.sec' => $csec, + 'request.course.groups' => $cgrps}); my $tadv=0; - my $msg=&mt('Entering course ...'); if (($cnum) && ($role ne 'ca') && ($role ne 'aa')) { + my $msg; my ($furl,$ferr)= &Apache::lonuserstate::readmap($cdom.'/'.$cnum); if (($env{'form.orgurl'}) && ($env{'form.orgurl'}!~/^\/adm\/flip/)) { my $dest=$env{'form.orgurl'}; + if ($env{'form.symb'}) { + if ($dest =~ /\?/) { + $dest .= '&'; + } else { + $dest .= '?' + } + $dest .= 'symb='.$env{'form.symb'}; + } if (&Apache::lonnet::allowed('adv') eq 'F') { $tadv=1; } - &Apache::lonnet::appenv('request.role.adv'=>$tadv); - $r->internal_redirect($dest); + &Apache::lonnet::appenv({'request.role.adv'=>$tadv}); + if (($ferr) && ($tadv)) { + &error_page($r,$ferr,$dest); + } else { + if ($dest =~ m{^/adm/coursedocs\?folderpath}) { + if ($env{'request.course.id'} eq $cdom.'_'.$cnum) { + my $chome = &Apache::lonnet::homeserver($cnum,$cdom); + &Apache::loncommon::update_content_constraints($cdom,$cnum,$chome, + $cdom.'_'.$cnum); + } + } + $r->internal_redirect($dest); + } return OK; } else { - unless ($env{'request.course.id'}) { + if (!$env{'request.course.id'}) { &Apache::lonnet::appenv( - "request.course.id" => $cdom.'_'.$cnum); + {"request.course.id" => $cdom.'_'.$cnum}); $furl='/adm/roles?tryagain=1'; - $msg= - '

'. - &mt('Could not initialize course at this time.'). - '

'.&mt('Please try again.').'

'.$ferr; + $msg='

' + .&mt('Could not initialize [_1] at this time.', + $env{'course.'.$cdom.'_'.$cnum.'.description'}) + .'

' + .'

'.&mt('Please try again.').'

' + .'

'.$ferr.'

'; } if (&Apache::lonnet::allowed('adv') eq 'F') { $tadv=1; } - &Apache::lonnet::appenv('request.role.adv'=>$tadv); + &Apache::lonnet::appenv({'request.role.adv'=>$tadv}); - # Check to see if the user is a CC entering a course - # for the first time - my (undef, undef, $role, $courseid) = split(/\./, $envkey); - if (substr($courseid, 0, 1) eq '/') { - $courseid = substr($courseid, 1); - } - $courseid =~ s/\//_/; - if ($role eq 'cc' && $env{'course.' . $courseid . - '.course.helper.not.run'}) { - $furl = "/adm/helper/course.initialization.helper"; - # Send the user to the course they selected - } elsif (($env{'request.course.fn'}) - && ($role eq 'cc' && ($env{'environment.course_init_display'} ne 'firstres'))) { - $msg = &mt('Entering course ....'); - &redirect_user($r,&mt('New in course'), - '/adm/whatsnew',$msg, - $env{'environment.remotenavmap'}); - return OK; + if (($ferr) && ($tadv)) { + &error_page($r,$ferr,$furl); + } else { + # Check to see if the user is a CC entering a course + # for the first time + my (undef, undef, $role, $courseid) = split(/\./, $envkey); + if (substr($courseid, 0, 1) eq '/') { + $courseid = substr($courseid, 1); + } + $courseid =~ s/\//_/; + if ((($role eq 'cc') || ($role eq 'co')) + && ($env{'course.' . $courseid .'.course.helper.not.run'})) { + $furl = "/adm/helper/course.initialization.helper"; + # Send the user to the course they selected + } elsif ($env{'request.course.id'}) { + if ($env{'form.destinationurl'}) { + my $dest = $env{'form.destinationurl'}; + if ($env{'form.destsymb'} ne '') { + my $esc_symb = &HTML::Entities::encode($env{'form.destsymb'},'"<>&'); + $dest .= '?symb='.$esc_symb; + } + &redirect_user($r, &mt('Entering [_1]', + $env{'course.'.$courseid.'.description'}), + $dest, $msg); + return OK; + } + if (&Apache::lonnet::allowed('whn', + $env{'request.course.id'}) + || &Apache::lonnet::allowed('whn', + $env{'request.course.id'}.'/' + .$env{'request.course.sec'}) + ) { + my $startpage = &courseloadpage($courseid); + unless ($startpage eq 'firstres') { + $msg = &mt('Entering [_1] ...', + $env{'course.'.$courseid.'.description'}); + &redirect_user($r, &mt('New in course'), + '/adm/whatsnew?refpage=start', $msg); + return OK; + } + } + } +# Are we allowed to look at the first resource? + if ($furl !~ m|^/adm/|) { +# Guess not ... + $furl=&Apache::lonpageflip::first_accessible_resource(); + } + $msg = &mt('Entering [_1] ...', + $env{'course.'.$courseid.'.description'}); + &redirect_user($r, &mt('Entering [_1]', + $env{'course.'.$courseid.'.description'}), + $furl, $msg); } - &redirect_user($r,&mt('Entering Course'), - $furl,$msg, - $env{'environment.remotenavmap'}); return OK; } } @@ -284,10 +609,9 @@ ENDENTERKEY if ($role =~ /^(au|ca|aa)$/) { my $redirect_url = '/priv/'; if ($role eq 'au') { - $redirect_url.=$env{'user.name'}; + $redirect_url.=$env{'user.domain'}.'/'.$env{'user.name'}; } else { - $where =~ /\/(.*)$/; - $redirect_url .= $1; + $redirect_url .= $where; } $redirect_url .= '/'; &redirect_user($r,&mt('Entering Construction Space'), @@ -300,6 +624,12 @@ ENDENTERKEY $redirect_url); return OK; } + if ($role eq 'sc') { + my $redirect_url = '/adm/grades?command=scantronupload'; + &redirect_user($r,&mt('Loading Data Upload Page'), + $redirect_url); + return OK; + } } } } @@ -313,19 +643,30 @@ ENDENTERKEY $r->send_http_header; return OK if $r->header_only; + my $crumbtext = 'User Roles'; + my $pagetitle = 'My Roles'; + my $recent = &mt('Recent Roles'); + my $show_course=&Apache::loncommon::show_course(); + if ($show_course) { + $crumbtext = 'Courses'; + $pagetitle = 'My Courses'; + $recent = &mt('Recent Courses'); + } + my $brcrum =[{href=>"/adm/roles",text=>$crumbtext}]; my $swinfo=&Apache::lonmenu::rawconfig(); - my $bodytag=&Apache::loncommon::bodytag('User Roles'); + my $start_page=&Apache::loncommon::start_page($pagetitle,undef,{bread_crumbs=>$brcrum}); my $standby=&mt('Role selected. Please stand by.'); $standby=~s/\n/\\n/g; - my $helptag='
'.&Apache::loncommon::help_open_menu('','General Intro','General_Intro','User Roles',1,undef,undef,undef,undef,,&mt("Click here for help")).'
'; + my $noscript=''.&mt('Use of LON-CAPA requires Javascript to be enabled in your web browser.').'
'.&mt('As this is not the case, most functionality in the system will be unavailable.').'

'; + $r->print(< - -LON-CAPA User Roles - -$bodytag -$helptag
- ENDHEADER @@ -358,15 +707,24 @@ ENDHEADER my $advanced=$env{'user.adv'}; &Apache::loncommon::get_unprocessed_cgi($ENV{'QUERY_STRING'},['tryagain']); my $tryagain=$env{'form.tryagain'}; + my $reinit=$env{'user.reinit'}; + delete $env{'user.reinit'}; # -------------------------------------------------------- Generate Page Output # --------------------------------------------------------------- Error Header? if ($error) { - $r->print("

LON-CAPA Access Control

"); - $r->print("
Access  : ".
-                  Apache::lonnet::plaintext($priv)."\n");
-        $r->print("Resource: ".&Apache::lonenc::check_encrypt($fn)."\n");
-        $r->print("Action  : $msg\n

"); + $r->print("

".&mt('LON-CAPA Access Control')."

"); + $r->print("
");
+	if ($priv ne '') {
+            $r->print(&mt('Access  : ').&Apache::lonnet::plaintext($priv)."\n");
+	}
+	if ($fn ne '') {
+            $r->print(&mt('Resource: ').&Apache::lonenc::check_encrypt($fn)."\n");
+	}
+	if ($msg ne '') {
+            $r->print(&mt('Action  : ').$msg."\n");
+	}
+	$r->print("

"); my $url=$fn; my $last; if (tie(my %hash,'GDBM_File',$env{'request.course.fn'}.'_symb.db', @@ -374,41 +732,31 @@ ENDHEADER $last=$hash{'last_known'}; untie(%hash); } - if ($last) { $fn.='?symb='.&Apache::lonnet::escape($last); } + if ($last) { $fn.='?symb='.&escape($last); } &Apache::londocs::changewarning($r,undef,'You have modified your course recently, [_1] may fix this access problem.', &Apache::lonenc::check_encrypt($fn)); } else { if ($env{'user.error.msg'}) { - $r->print( - '

'. - &mt('You need to choose another user role or enter a specific course for this function').'

'); - } + if ($reinit) { + $r->print( + '

'. + &mt('As your session file for the course or community has expired, you will need to re-select it.').'

'); + } else { + $r->print( + '

'. + &mt('You need to choose another user role or enter a specific course or community for this function.'). + '

'); + } + } } -# -------------------------------------------------------- Choice or no choice? if ($nochoose) { - if ($advanced) { - $r->print("

".&mt('Assigned User Roles')."

\n"); - } else { - $r->print("

".&mt('Sorry ...')."

\n". - &mt('This resource might be part of')); - if ($env{'request.course.id'}) { - $r->print(&mt(' another')); - } else { - $r->print(&mt(' a certain')); - } - $r->print(&mt(' course.').''); - return OK; - } + $r->print("

".&mt('Sorry ...')."

\n". + &mt('This action is currently not authorized.').''. + &Apache::loncommon::end_page()); + return OK; } else { - if ($advanced) { - $r->print(&mt("Your home server is "). - $Apache::lonnet::hostname{&Apache::lonnet::homeserver - ($env{'user.name'},$env{'user.domain'})}. - "
\n"); - $r->print(&mt( - "Author and Co-Author roles are not available on servers other than their respective home servers.")); - } + $r->print($updateresult); if (($ENV{'REDIRECT_QUERY_STRING'}) && ($fn)) { $fn.='?'.$ENV{'REDIRECT_QUERY_STRING'}; } @@ -417,77 +765,285 @@ ENDHEADER $r->print(''); $r->print(''); } + $r->rflush(); + + my (%roletext,%sortrole,%roleclass,%futureroles,%timezones); + my ($countactive,$countfuture,$inrole,$possiblerole) = + &gather_roles($update,$refresh,$now,$reinit,$nochoose,\%roletext,\%sortrole,\%roleclass, + \%futureroles,\%timezones,$loncaparev); + $refresh = $now; + &Apache::lonnet::appenv({'user.refresh.time' => $refresh}); + my $updatebutton = &mt('Check for role changes'); + my $show_course=&Apache::loncommon::show_course(); + if ($show_course) { + $updatebutton = &mt('Check for new courses'); + } + my $do_update; + unless (($env{'form.source'} eq 'login') || ($env{'form.doupdate'})) { + $do_update = ''. + ''; + } if ($env{'user.adv'}) { - $r->print( - '
'); + my $showall = '