--- loncom/auth/lonroles.pm 2000/07/25 15:40:11 1.4
+++ loncom/auth/lonroles.pm 2010/09/02 17:06:38 1.259
@@ -1,184 +1,1895 @@
# The LearningOnline Network with CAPA
# User Roles Screen
-# (Directory Indexer
-# (Login Screen
-# 5/21/99,5/22,5/25,5/26,5/31,6/2,6/10,7/12,7/14 Gerd Kortemeyer)
-# 11/23 Gerd Kortemeyer)
-# 1/14,03/06,06/01,07/22,07/24,07/25 Gerd Kortemeyer
#
+# $Id: lonroles.pm,v 1.259 2010/09/02 17:06:38 raeburn Exp $
+#
+# Copyright Michigan State University Board of Trustees
+#
+# This file is part of the LearningOnline Network with CAPA (LON-CAPA).
+#
+# LON-CAPA is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# LON-CAPA is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with LON-CAPA; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+#
+# /home/httpd/html/adm/gpl.txt
+#
+# http://www.lon-capa.org/
+#
+###
+
+=pod
+
+=head1 NAME
+
+Apache::lonroles - User Roles Screen
+
+=head1 SYNOPSIS
+
+Invoked by /etc/httpd/conf/srm.conf:
+
+
+ PerlAccessHandler Apache::lonacc
+ SetHandler perl-script
+ PerlHandler Apache::lonroles
+ ErrorDocument 403 /adm/login
+ ErrorDocument 500 /adm/errorhandler
+
+
+=head1 OVERVIEW
+
+=head2 Choosing Roles
+
+C is a handler that allows a user to switch roles in
+mid-session. LON-CAPA attempts to work with "No Role Specified", the
+default role that a user has before selecting a role, as widely as
+possible, but certain handlers for example need specification which
+course they should act on, etc. Both in this scenario, and when the
+handler determines via C's C<&allowed> function that a certain
+action is not allowed, C is used as error handler. This
+allows the user to select another role which may have permission to do
+what they were trying to do.
+
+=begin latex
+
+\begin{figure}
+\begin{center}
+\includegraphics[width=0.45\paperwidth,keepaspectratio]{Sample_Roles_Screen}
+ \caption{\label{Sample_Roles_Screen}Sample Roles Screen}
+\end{center}
+\end{figure}
+
+=end latex
+
+=head2 Role Initialization
+
+The privileges for a user are established at login time and stored in the session environment. As a consequence, a new role does not become active till the next login. Handlers are able to query for privileges using C's C<&allowed> function. When a user first logs in, their role is the "common" role, which means that they have the sum of all of their privileges. During a session it might become necessary to choose a particular role, which as a consequence also limits the user to only the privileges in that particular role.
+
+=head1 INTRODUCTION
+
+This module enables a user to select what role he wishes to
+operate under (instructor, student, teaching assistant, course
+coordinator, etc). These roles are pre-established by the actions
+of upper-level users.
+
+This is part of the LearningOnline Network with CAPA project
+described at http://www.lon-capa.org.
+
+=head1 HANDLER SUBROUTINE
+
+This routine is called by Apache and mod_perl.
+
+=over 4
+
+=item *
+
+Roles Initialization (yes/no)
+
+=item *
+
+Get Error Message from Environment
+
+=item *
+
+Who is this?
+
+=item *
+
+Generate Page Output
+
+=item *
+
+Choice or no choice
+
+=item *
+
+Table
+
+=item *
+
+Privileges
+
+=back
+
+=cut
+
+
package Apache::lonroles;
use strict;
-use Apache::lonnet();
+use Apache::lonnet;
+use Apache::lonuserstate();
use Apache::Constants qw(:common);
use Apache::File();
+use Apache::lonmenu;
+use Apache::loncommon;
+use Apache::lonhtmlcommon;
+use Apache::lonannounce;
+use Apache::lonlocal;
+use Apache::lonpageflip();
+use Apache::lonnavdisplay();
+use Apache::loncoursequeueadmin;
+use GDBM_File;
+use LONCAPA qw(:DEFAULT :match);
+use HTML::Entities;
+
+
+sub redirect_user {
+ my ($r,$title,$url,$msg) = @_;
+ $msg = $title if (! defined($msg));
+ &Apache::loncommon::content_type($r,'text/html');
+ &Apache::loncommon::no_cache($r);
+ $r->send_http_header;
+
+ # Breadcrumbs
+ my $brcrum = [{'href' => $url,
+ 'text' => 'Switching Role'},];
+ my $start_page = &Apache::loncommon::start_page('Switching Role',undef,
+ {'redirect' => [1,$url],
+ 'bread_crumbs' => $brcrum,});
+ my $end_page = &Apache::loncommon::end_page();
+
+# Note to style police:
+# This must only replace the spaces, nothing else, or it bombs elsewhere.
+ $url=~s/ /\%20/g;
+ $r->print(<$msg
+$end_page
+ENDREDIR
+ return;
+}
+
+sub error_page {
+ my ($r,$error,$dest)=@_;
+ &Apache::loncommon::content_type($r,'text/html');
+ &Apache::loncommon::no_cache($r);
+ $r->send_http_header;
+ return OK if $r->header_only;
+ # Breadcrumbs
+ my $brcrum = [{'href' => $dest,
+ 'text' => 'Problems during Course Initialization'},];
+ $r->print(&Apache::loncommon::start_page('Problems during Course Initialization',
+ undef,
+ {'bread_crumbs' => $brcrum,})
+ );
+ $r->print(
+ ''.
+ '
');
+sub gather_roles {
+ my ($then,$refresh,$now,$reinit,$nochoose,$roletext,$sortrole,$roleclass,$futureroles,$timezones,$loncaparev) = @_;
+ my ($countactive,$countfuture,$inrole,$possiblerole) = (0,0,0,'');
+ my $advanced = $env{'user.adv'};
+ my $tryagain = $env{'form.tryagain'};
+ my @ids = &Apache::lonnet::current_machine_ids();
+ foreach my $envkey (sort(keys(%env))) {
+ my $button = 1;
+ my $switchserver='';
+ my $switchwarning;
+ my ($role_text,$role_text_end,$sortkey);
+ if ($envkey=~/^user\.role\./) {
+ my ($role,$where,$trolecode,$tstart,$tend,$tremark,$tstatus,$tpstart,$tpend);
+ &Apache::lonnet::role_status($envkey,$then,$refresh,$now,\$role,\$where,
+ \$trolecode,\$tstatus,\$tstart,\$tend);
+ next if (!defined($role) || $role eq '' || $role =~ /^gr/);
+ $tremark='';
+ $tpstart=' ';
+ $tpend=' ';
+ if ($env{'request.role'} eq $trolecode) {
+ $tstatus='selected';
+ }
+ my $tbg;
+ if (($tstatus eq 'is')
+ || ($tstatus eq 'selected')
+ || ($tstatus eq 'future')
+ || ($env{'form.showall'})) {
+ my $timezone = &role_timezone($where,$timezones);
+ if ($tstart) {
+ $tpstart=&Apache::lonlocal::locallocaltime($tstart,$timezone);
+ }
+ if ($tend) {
+ $tpend=&Apache::lonlocal::locallocaltime($tend,$timezone);
+ }
+ if ($tstatus eq 'is') {
+ $tbg='LC_roles_is';
+ $possiblerole=$trolecode;
+ $countactive++;
+ } elsif ($tstatus eq 'future') {
+ $tbg='LC_roles_future';
+ $button=0;
+ $futureroles->{$trolecode} = $tstart.':'.$tend;
+ $countfuture ++;
+ } elsif ($tstatus eq 'expired') {
+ $tbg='LC_roles_expired';
+ $button=0;
+ } elsif ($tstatus eq 'will_not') {
+ $tbg='LC_roles_will_not';
+ $tremark.=&mt('Expired after logout.').' ';
+ } elsif ($tstatus eq 'selected') {
+ $tbg='LC_roles_selected';
+ $inrole=1;
+ $countactive++;
+ $tremark.=&mt('Currently selected.').' ';
+ }
+ my $trole;
+ if ($role =~ /^cr\//) {
+ my ($rdummy,$rdomain,$rauthor,$rrole)=split(/\//,$role);
+ if ($tremark) { $tremark.=' '; }
+ $tremark.=&mt('Customrole defined by [_1].',$rauthor.':'.$rdomain);
+ }
+ $trole=Apache::lonnet::plaintext($role);
+ my $ttype;
+ my $twhere;
+ my ($tdom,$trest,$tsection)=
+ split(/\//,Apache::lonnet::declutter($where));
+ # First, Co-Authorship roles
+ if (($role eq 'ca') || ($role eq 'aa')) {
+ my $home = &Apache::lonnet::homeserver($trest,$tdom);
+ my $allowed=0;
+ foreach my $id (@ids) { if ($id eq $home) { $allowed=1; } }
+ if (!$allowed) {
+ $button=0;
+ $switchserver='otherserver='.$home.'&role='.$trolecode;
+ }
+ #next if ($home eq 'no_host');
+ $home = &Apache::lonnet::hostname($home);
+ $ttype='Construction Space';
+ $twhere=&mt('User').': '.$trest.' '.&mt('Domain').
+ ': '.$tdom.' '.
+ ' '.&mt('Server').': '.$home;
+ $env{'course.'.$tdom.'_'.$trest.'.description'}='ca';
+ $tremark.=&Apache::lonhtmlcommon::authorbombs('/res/'.$tdom.'/'.$trest.'/');
+ $sortkey=$role."$trest:$tdom";
+ } elsif ($role eq 'au') {
+ # Authors
+ my $home = &Apache::lonnet::homeserver
+ ($env{'user.name'},$env{'user.domain'});
+ my $allowed=0;
+ foreach my $id (@ids) { if ($id eq $home) { $allowed=1; } }
+ if (!$allowed) {
+ $button=0;
+ $switchserver='otherserver='.$home.'&role='.$trolecode;
+ }
+ #next if ($home eq 'no_host');
+ $home = &Apache::lonnet::hostname($home);
+ $ttype='Construction Space';
+ $twhere=&mt('Domain').': '.$tdom.' '.&mt('Server').
+ ': '.$home;
+ $env{'course.'.$tdom.'_'.$trest.'.description'}='ca';
+ $tremark.=&Apache::lonhtmlcommon::authorbombs('/res/'.$tdom.'/'.$env{'user.name'}.'/');
+ $sortkey=$role;
+ } elsif ($trest) {
+ my $tcourseid=$tdom.'_'.$trest;
+ $ttype = &Apache::loncommon::course_type($tcourseid);
+ $trole = &Apache::lonnet::plaintext($role,$ttype,$tcourseid);
+ if ($env{'course.'.$tcourseid.'.description'}) {
+ my $home=$env{'course.'.$tcourseid.'.home'};
+ $twhere=$env{'course.'.$tcourseid.'.description'};
+ $sortkey=$role."\0".$tdom."\0".$twhere."\0".$envkey;
+ $twhere = &HTML::Entities::encode($twhere,'"<>&');
+ unless ($twhere eq &mt('Currently not available')) {
+ $twhere.=' '.
+ &Apache::loncommon::syllabuswrapper(&mt('Syllabus'),$trest,$tdom).
+ '';
+ unless ($home && grep(/^\Q$home\E$/,@ids) && $loncaparev eq '') {
+ my $required = $env{'course.'.$tcourseid.'.internal.releaserequired'};
+ if ($required ne '') {
+ ($switchserver,$switchwarning) =
+ &check_release_required($loncaparev,$tcourseid,$trolecode,$required);
+ if ($switchserver || $switchwarning) {
+ $button = 0;
+ }
+ }
+ }
+ }
+ } else {
+ my %newhash=&Apache::lonnet::coursedescription($tcourseid);
+ if (%newhash) {
+ $sortkey=$role."\0".$tdom."\0".$newhash{'description'}.
+ "\0".$envkey;
+ $twhere=&HTML::Entities::encode($newhash{'description'},'"<>&').
+ ' '.
+ &Apache::loncommon::syllabuswrapper(&mt('Syllabus'),$trest,$tdom).
+ '';
+ $ttype = $newhash{'type'};
+ $trole = &Apache::lonnet::plaintext($role,$ttype,$tcourseid);
+ my $home = $newhash{'home'};
+ unless ($home && grep(/^\Q$home\E$/,@ids) && $loncaparev eq '') {
+ my $required = $newhash{'internal.releaserequired'};
+ if ($required ne '') {
+ ($switchserver,$switchwarning) =
+ &check_release_required($loncaparev,$tcourseid,$trolecode,$required);
+ if ($switchserver || $switchwarning) {
+ $button = 0;
+ }
+ }
+ }
+ } else {
+ $twhere=&mt('Currently not available');
+ $env{'course.'.$tcourseid.'.description'}=$twhere;
+ $sortkey=$role."\0".$tdom."\0".$twhere."\0".$envkey;
+ $ttype = 'Unavailable';
+ }
+ }
+ if ($tsection) {
+ $twhere.=' '.&mt('Section').': '.$tsection;
+ }
+ if ($role ne 'st') { $twhere.=" ".&mt('Domain').":".$tdom; }
+ } elsif ($tdom) {
+ $ttype='Domain';
+ $twhere=$tdom;
+ $sortkey=$role.$twhere;
+ } else {
+ $ttype='System';
+ $twhere=&mt('system wide');
+ $sortkey=$role.$twhere;
+ }
+ ($role_text,$role_text_end) =
+ &build_roletext($trolecode,$tdom,$trest,$tstatus,$tryagain,
+ $advanced,$tremark,$tbg,$trole,$twhere,$tpstart,
+ $tpend,$nochoose,$button,$switchserver,$reinit,$switchwarning);
+ $roletext->{$envkey}=[$role_text,$role_text_end];
+ if (!$sortkey) {$sortkey=$twhere."\0".$envkey;}
+ $sortrole->{$sortkey}=$envkey;
+ $roleclass->{$envkey}=$ttype;
+ }
+ }
+ }
+ return ($countactive,$countfuture,$inrole,$possiblerole);
+}
- foreach $envkey (sort keys %ENV) {
- if ($envkey=~/^user\.priv\./) {
- my ($dum1,$dum2,@pwhere)=split(/\./,$envkey);
- my $where=join('.',@pwhere);
- my $ttype;
- my $twhere;
- my ($tres,$tdom,@trest)=split(/\//,$where);
- if ($where=~/\.course$/) {
- $ttype='Course';
- $twhere=$tdom.'/'.join('/',@trest);
- } elsif ($tdom) {
- $ttype='Domain';
- $twhere=$tdom;
+sub role_timezone {
+ my ($where,$timezones) = @_;
+ my $timezone;
+ if (ref($timezones) eq 'HASH') {
+ if ($where =~ m{^/($match_domain)/($match_courseid)}) {
+ my $cdom = $1;
+ my $cnum = $2;
+ if ($cdom && $cnum) {
+ if (!exists($timezones->{$cdom.'_'.$cnum})) {
+ my $tz;
+ if ($env{'course.'.$cdom.'_'.$cnum.'.description'}) {
+ $tz = $env{'course.'.$cdom.'_'.$cnum.'.timezone'};
+ } else {
+ my %timehash =
+ &Apache::lonnet::get('environment',['timezone'],$cdom,$cnum);
+ $tz = $timehash{'timezone'};
+ }
+ if ($tz eq '') {
+ if (!exists($timezones->{$cdom})) {
+ my %domdefaults =
+ &Apache::lonnet::get_domain_defaults($cdom);
+ if ($domdefaults{'timezone_def'} eq '') {
+ $timezones->{$cdom} = 'local';
+ } else {
+ $timezones->{$cdom} = $domdefaults{'timezone_def'};
+ }
+ }
+ $timezones->{$cdom.'_'.$cnum} = $timezones->{$cdom};
+ } else {
+ $timezones->{$cdom.'_'.$cnum} =
+ &Apache::lonlocal::gettimezone($tz);
+ }
+ }
+ $timezone = $timezones->{$cdom.'_'.$cnum};
+ }
+ } else {
+ my ($tdom) = ($where =~ m{^/($match_domain)});
+ if ($tdom) {
+ if (!exists($timezones->{$tdom})) {
+ my %domdefaults = &Apache::lonnet::get_domain_defaults($tdom);
+ if ($domdefaults{'timezone_def'} eq '') {
+ $timezones->{$tdom} = 'local';
+ } else {
+ $timezones->{$tdom} = $domdefaults{'timezone_def'};
+ }
+ }
+ $timezone = $timezones->{$tdom};
+ }
+ }
+ if ($timezone eq 'local') {
+ $timezone = undef;
+ }
+ }
+ return $timezone;
+}
+
+sub roletable_headers {
+ my ($r,$roleclass,$sortrole,$nochoose) = @_;
+ my $doheaders;
+ if ((ref($sortrole) eq 'HASH') && (ref($roleclass) eq 'HASH')) {
+ $r->print(' '
+ .&Apache::loncommon::start_data_table()
+ .&Apache::loncommon::start_data_table_header_row()
+ );
+ if (!$nochoose) { $r->print('
'); }
+ $r->print('
'.&mt('User Role').'
'
+ .'
'.&mt('Extent').'
'
+ .'
'.&mt('Start').'
'
+ .'
'.&mt('End').'
'
+ .&Apache::loncommon::end_data_table_header_row()
+ );
+ $doheaders=-1;
+ my @roletypes = &roletypes();
+ foreach my $type (@roletypes) {
+ my $haverole=0;
+ foreach my $which (sort {uc($a) cmp uc($b)} (keys(%{$sortrole}))) {
+ if ($roleclass->{$sortrole->{$which}} =~ /^\Q$type\E/) {
+ $haverole=1;
+ }
+ }
+ if ($haverole) { $doheaders++; }
+ }
+ }
+ return $doheaders;
+}
+
+sub roletypes {
+ my @types = ('Domain','Construction Space','Course','Community','Unavailable','System');
+ return @types;
+}
+
+sub print_rolerows {
+ my ($r,$doheaders,$roleclass,$sortrole,$dcroles,$roletext) = @_;
+ if ((ref($roleclass) eq 'HASH') && (ref($sortrole) eq 'HASH')) {
+ my @types = &roletypes();
+ foreach my $type (@types) {
+ my $output;
+ foreach my $which (sort {uc($a) cmp uc($b)} (keys(%{$sortrole}))) {
+ if ($roleclass->{$sortrole->{$which}} =~ /^\Q$type\E/) {
+ if (ref($roletext) eq 'HASH') {
+ if (ref($roletext->{$sortrole->{$which}}) eq 'ARRAY') {
+ $output.= &Apache::loncommon::start_data_table_row().
+ $roletext->{$sortrole->{$which}}->[0].
+ &Apache::loncommon::end_data_table_row();
+ if ($roletext->{$sortrole->{$which}}->[1] ne '') {
+ $output .= &Apache::loncommon::continue_data_table_row().
+ $roletext->{$sortrole->{$which}}->[1].
+ &Apache::loncommon::end_data_table_row();
+ }
+ }
+ if ($sortrole->{$which} =~ m-dc\./($match_domain)/-) {
+ if (ref($dcroles) eq 'HASH') {
+ if ($dcroles->{$1}) {
+ $output .= &adhoc_roles_row($1,'');
+ }
+ }
+ }
+ }
+ }
+ }
+ if ($output) {
+ if ($doheaders > 0) {
+ $r->print(&Apache::loncommon::start_data_table_empty_row()
+ .'
'
+ .&mt($type)
+ .'
'
+ .&Apache::loncommon::end_data_table_empty_row()
+ );
+ }
+ $r->print($output);
+ }
+ }
+ }
+}
+
+sub findcourse_advice {
+ my ($r) = @_;
+ my $domdesc = &Apache::lonnet::domain($env{'user.domain'},'description');
+ my $esc_dom = &HTML::Entities::encode($env{'user.domain'},'"<>&');
+ if (&Apache::lonnet::auto_run(undef,$env{'user.domain'})) {
+ $r->print(&mt('If you were expecting to see an active role listed for a particular course in the [_1] domain, it may be missing for one of the following reasons:',$domdesc).'
+
+
'.&mt('The course has yet to be created.').'
+
'.&mt('Automatic enrollment of registered students has not been enabled for the course.').'
+
'.&mt('You are in a section of course for which automatic enrollment in the corresponding LON-CAPA course is not active.').'
+
'.&mt('The start date for automated enrollment has yet to be reached.').'
+
'.&mt('You registered for the course recently and there is a time lag between the time you register, and the time this information becomes available for the update of LON-CAPA course rosters.').'
+
');
+ } else {
+ $r->print(&mt('If you were expecting to see an active role listed for a particular course, that course may not have been created yet.').' ');
+ }
+ $r->print('
'.&mt('Self-Enrollment').'
'.
+ '
'.&mt('The [_1]Course/Community Catalog[_2] provides information about all [_3] classes for which LON-CAPA courses have been created, as well as any communities in the domain.','','',$domdesc).' ');
+ $r->print(&mt('You can search for courses and communities which permit self-enrollment, if you would like to enroll in one.').'
'.
+ &Apache::loncoursequeueadmin::queued_selfenrollment());
+ return;
+}
+
+sub requestcourse_advice {
+ my ($r) = @_;
+ my $domdesc = &Apache::lonnet::domain($env{'user.domain'},'description');
+ my $esc_dom = &HTML::Entities::encode($env{'user.domain'},'"<>&');
+ my (%can_request,%request_doms);
+ &Apache::lonnet::check_can_request($env{'user.domain'},\%can_request,\%request_doms);
+ if (keys(%request_doms) > 0) {
+ my ($types,$typename) = &Apache::loncommon::course_types();
+ if ((ref($types) eq 'ARRAY') && (ref($typename) eq 'HASH')) {
+ $r->print('
'.&mt('Request creation of a course or community').'
'.
+ '
'.&mt('You have rights to request the creation of courses and/or communities in the following domain(s):').'
');
+ my (@reqdoms,@reqtypes);
+ foreach my $type (sort(keys(%request_doms))) {
+ push(@reqtypes,$type);
+ if (ref($request_doms{$type}) eq 'ARRAY') {
+ my $domstr = join(', ',map { &Apache::lonnet::domain($_) } sort(@{$request_doms{$type}}));
+ $r->print(
+ '