loncom/auth/lonroles.pm - view

File: [LON-CAPA] / loncom / auth / lonroles.pm
Revision 1.149: download - view: text, annotated - select for diffs
Tue May 30 12:45:24 2006 UTC (18 years, 1 month ago) by www
Branches: MAIN
CVS tags: HEAD

&Apache::lonnet::unescape -> &unescape
&Apache::lonnet::escape -> &escape

1: # The LearningOnline Network with CAPA 2: # User Roles Screen 3: # 4: # $Id: lonroles.pm,v 1.149 2006/05/30 12:45:24 www Exp $ 5: # 6: # Copyright Michigan State University Board of Trustees 7: # 8: # This file is part of the LearningOnline Network with CAPA (LON-CAPA). 9: # 10: # LON-CAPA is free software; you can redistribute it and/or modify 11: # it under the terms of the GNU General Public License as published by 12: # the Free Software Foundation; either version 2 of the License, or 13: # (at your option) any later version. 14: # 15: # LON-CAPA is distributed in the hope that it will be useful, 16: # but WITHOUT ANY WARRANTY; without even the implied warranty of 17: # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 18: # GNU General Public License for more details. 19: # 20: # You should have received a copy of the GNU General Public License 21: # along with LON-CAPA; if not, write to the Free Software 22: # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 23: # 24: # /home/httpd/html/adm/gpl.txt 25: # 26: # http://www.lon-capa.org/ 27: # 28: ### 29: 30: package Apache::lonroles; 31: 32: use strict; 33: use Apache::lonnet; 34: use Apache::lonuserstate(); 35: use Apache::Constants qw(:common); 36: use Apache::File(); 37: use Apache::lonmenu; 38: use Apache::loncommon; 39: use Apache::lonhtmlcommon; 40: use Apache::lonannounce; 41: use Apache::lonlocal; 42: use GDBM_File; 43: use lib '/home/httpd/lib/perl/'; 44: use LONCAPA; 45: 46: 47: sub redirect_user { 48: my ($r,$title,$url,$msg,$launch_nav) = @_; 49: $msg = $title if (! defined($msg)); 50: &Apache::loncommon::content_type($r,'text/html'); 51: &Apache::loncommon::no_cache($r); 52: $r->send_http_header; 53: my $swinfo=&Apache::lonmenu::rawconfig(); 54: my $navwindow; 55: if ($launch_nav eq 'on') { 56: $navwindow.=&Apache::lonnavmaps::launch_win('now',undef,undef, 57: ($url =~ m-^/adm/whatsnew-)); 58: } else { 59: $navwindow.=&Apache::lonnavmaps::close(); 60: } 61: my $start_page = &Apache::loncommon::start_page('Switching Role',undef, 62: {'redirect' => [1,$url],}); 63: my $end_page = &Apache::loncommon::end_page(); 64: 65: # Note to style police: 66: # This must only replace the spaces, nothing else, or it bombs elsewhere. 67: $url=~s/ /\%20/g; 68: $r->print(<<ENDREDIR); 69: $start_page 70: <script type="text/javascript"> 71: $swinfo 72: </script> 73: $navwindow 74: <h1>$msg</h1> 75: $end_page 76: ENDREDIR 77: return; 78: } 79: 80: sub handler { 81: 82: my $r = shift; 83: 84: my $now=time; 85: my $then=$env{'user.login.time'}; 86: my $envkey; 87: my %dcroles = (); 88: my $numdc = &check_fordc(\%dcroles,$then); 89: &Apache::loncommon::get_unprocessed_cgi($ENV{'QUERY_STRING'}); 90: 91: # ================================================================== Roles Init 92: if ($env{'form.selectrole'}) { 93: if ($env{'form.newrole'}) { 94: $env{'form.'.$env{'form.newrole'}}=1; 95: } 96: if ($env{'request.course.id'}) { 97: my %temp=('logout_'.$env{'request.course.id'} => time); 98: &Apache::lonnet::put('email_status',\%temp); 99: &Apache::lonnet::delenv('user.state.'.$env{'request.course.id'}); 100: } 101: &Apache::lonnet::appenv("request.course.id" => '', 102: "request.course.fn" => '', 103: "request.course.uri" => '', 104: "request.course.sec" => '', 105: "request.role" => 'cm', 106: "request.role.adv" => $env{'user.adv'}, 107: "request.role.domain" => $env{'user.domain'}); 108: 109: # Check if user is a DC trying to enter a course and needs privs to be created 110: if ($numdc > 0) { 111: foreach my $envkey (keys %env) { 112: if (my ($domain,$coursenum) = 113: ($envkey =~ m-^form\.cc\./(\w+)/(\w+)$-)) { 114: if ($dcroles{$domain}) { 115: &check_privs($domain,$coursenum,$then,$now); 116: } 117: last; 118: } 119: } 120: } 121: 122: foreach $envkey (keys %env) { 123: next if ($envkey!~/^user\.role\./); 124: my ($where,$trolecode,$role,$tstatus,$tend,$tstart); 125: &role_status($envkey,$then,$now,\$role,\$where,\$trolecode,\$tstatus,\$tstart,\$tend); 126: if ($env{'form.'.$trolecode}) { 127: if ($tstatus eq 'is') { 128: $where=~s/^\///; 129: my ($cdom,$cnum,$csec)=split(/\//,$where); 130: # check for course groups 131: my %coursegroups = &Apache::lonnet::get_active_groups( 132: $env{'user.domain'},$env{'user.name'},$cdom, $cnum); 133: my $cgrps = join(':',keys(%coursegroups)); 134: 135: # store role if recent_role list being kept 136: if ($env{'environment.recentroles'}) { 137: &Apache::lonhtmlcommon::store_recent('roles', 138: $trolecode,' '); 139: } 140: 141: 142: # check for keyed access 143: if (($role eq 'st') && 144: ($env{'course.'.$cdom.'_'.$cnum.'.keyaccess'} eq 'yes')) { 145: # who is key authority? 146: my $authdom=$cdom; 147: my $authnum=$cnum; 148: if ($env{'course.'.$cdom.'_'.$cnum.'.keyauth'}) { 149: ($authnum,$authdom)= 150: split(/\W/,$env{'course.'.$cdom.'_'.$cnum.'.keyauth'}); 151: } 152: # check with key authority 153: unless (&Apache::lonnet::validate_access_key( 154: $env{'environment.key.'.$cdom.'_'.$cnum}, 155: $authdom,$authnum)) { 156: # there is no valid key 157: if ($env{'form.newkey'}) { 158: # student attempts to register a new key 159: &Apache::loncommon::content_type($r,'text/html'); 160: &Apache::loncommon::no_cache($r); 161: $r->send_http_header; 162: my $swinfo=&Apache::lonmenu::rawconfig(); 163: my $start_page=&Apache::loncommon::start_page 164: ('Verifying Access Key to Unlock this Course'); 165: my $end_page=&Apache::loncommon::end_page(); 166: my $buttontext=&mt('Enter Course'); 167: my $message=&mt('Successfully registered key'); 168: my $assignresult= 169: &Apache::lonnet::assign_access_key( 170: $env{'form.newkey'}, 171: $authdom,$authnum, 172: $cdom,$cnum, 173: $env{'user.domain'}, 174: $env{'user.name'}, 175: 'Assigned from '.$ENV{'REMOTE_ADDR'}.' at '.localtime().' for '. 176: $trolecode); 177: unless ($assignresult eq 'ok') { 178: $assignresult=~s/^error\:\s*//; 179: $message=&mt($assignresult). 180: '<br /><a href="/adm/logout">'. 181: &mt('Logout').'</a>'; 182: $buttontext=&mt('Re-Enter Key'); 183: } 184: $r->print(<<ENDENTEREDKEY); 185: $start_page 186: <script> 187: $swinfo 188: </script> 189: <form method="post"> 190: <input type="hidden" name="selectrole" value="1" /> 191: <input type="hidden" name="$trolecode" value="1" /> 192: <font size="+2">$message</font><br /> 193: <input type="submit" value="$buttontext" /> 194: </form> 195: $end_page 196: ENDENTEREDKEY 197: return OK; 198: } else { 199: # print form to enter a new key 200: &Apache::loncommon::content_type($r,'text/html'); 201: &Apache::loncommon::no_cache($r); 202: $r->send_http_header; 203: my $swinfo=&Apache::lonmenu::rawconfig(); 204: my $start_page=&Apache::loncommon::start_page 205: ('Enter Access Key to Unlock this Course'); 206: my $end_page=&Apache::loncommon::end_page(); 207: $r->print(<<ENDENTERKEY); 208: $start_page 209: <script> 210: $swinfo 211: </script> 212: <form method="post"> 213: <input type="hidden" name="selectrole" value="1" /> 214: <input type="hidden" name="$trolecode" value="1" /> 215: <input type="text" size="20" name="newkey" value="$env{'form.newkey'}" /> 216: <input type="submit" value="Enter key" /> 217: </form> 218: $end_page 219: ENDENTERKEY 220: return OK; 221: } 222: } 223: } 224: &Apache::lonnet::log($env{'user.domain'}, 225: $env{'user.name'}, 226: $env{'user.home'}, 227: "Role ".$trolecode); 228: 229: &Apache::lonnet::appenv( 230: 'request.role' => $trolecode, 231: 'request.role.domain' => $cdom, 232: 'request.course.sec' => $csec, 233: 'request.course.groups' => $cgrps); 234: my $tadv=0; 235: my $msg=&mt('Entering course ...'); 236: 237: if (($cnum) && ($role ne 'ca') && ($role ne 'aa')) { 238: my ($furl,$ferr)= 239: &Apache::lonuserstate::readmap($cdom.'/'.$cnum); 240: if (($env{'form.orgurl'}) && 241: ($env{'form.orgurl'}!~/^\/adm\/flip/)) { 242: my $dest=$env{'form.orgurl'}; 243: if (&Apache::lonnet::allowed('adv') eq 'F') { $tadv=1; } 244: &Apache::lonnet::appenv('request.role.adv'=>$tadv); 245: $r->internal_redirect($dest); 246: return OK; 247: } else { 248: unless ($env{'request.course.id'}) { 249: &Apache::lonnet::appenv( 250: "request.course.id" => $cdom.'_'.$cnum); 251: $furl='/adm/roles?tryagain=1'; 252: $msg= 253: '<h1><font color="red">'. 254: &mt('Could not initialize course at this time.'). 255: '</font></h1><h3>'.&mt('Please try again.').'</h3>'.$ferr; 256: } 257: if (&Apache::lonnet::allowed('adv') eq 'F') { $tadv=1; } 258: &Apache::lonnet::appenv('request.role.adv'=>$tadv); 259: 260: # Check to see if the user is a CC entering a course 261: # for the first time 262: my (undef, undef, $role, $courseid) = split(/\./, $envkey); 263: if (substr($courseid, 0, 1) eq '/') { 264: $courseid = substr($courseid, 1); 265: } 266: $courseid =~ s/\//_/; 267: if ($role eq 'cc' && $env{'course.' . $courseid . 268: '.course.helper.not.run'}) { 269: $furl = "/adm/helper/course.initialization.helper"; 270: # Send the user to the course they selected 271: } elsif ($env{'request.course.id'}) { 272: if (&Apache::lonnet::allowed('whn', 273: $env{'request.course.id'}) 274: || &Apache::lonnet::allowed('whn', 275: $env{'request.course.id'}.'/' 276: .$env{'request.course.sec'}) 277: ) { 278: my $startpage = &courseloadpage($courseid); 279: unless ($startpage eq 'firstres') { 280: $msg = &mt('Entering course ....'); 281: &redirect_user($r,&mt('New in course'), 282: '/adm/whatsnew?refpage=start',$msg, 283: $env{'environment.remotenavmap'}); 284: return OK; 285: } 286: } 287: } 288: &redirect_user($r,&mt('Entering Course'), 289: $furl,$msg, 290: $env{'environment.remotenavmap'}); 291: return OK; 292: } 293: } 294: # 295: # Send the user to the construction space they selected 296: if ($role =~ /^(au|ca|aa)$/) { 297: my $redirect_url = '/priv/'; 298: if ($role eq 'au') { 299: $redirect_url.=$env{'user.name'}; 300: } else { 301: $where =~ /\/(.*)$/; 302: $redirect_url .= $1; 303: } 304: $redirect_url .= '/'; 305: &redirect_user($r,&mt('Entering Construction Space'), 306: $redirect_url); 307: return OK; 308: } 309: if ($role eq 'dc') { 310: my $redirect_url = '/adm/menu/'; 311: &redirect_user($r,&mt('Loading Domain Coordinator Menu'), 312: $redirect_url); 313: return OK; 314: } 315: } 316: } 317: } 318: } 319: 320: 321: # =============================================================== No Roles Init 322: 323: &Apache::loncommon::content_type($r,'text/html'); 324: &Apache::loncommon::no_cache($r); 325: $r->send_http_header; 326: return OK if $r->header_only; 327: 328: my $swinfo=&Apache::lonmenu::rawconfig(); 329: my $start_page=&Apache::loncommon::start_page('User Roles'); 330: my $standby=&mt('Role selected. Please stand by.'); 331: $standby=~s/\n/\\n/g; 332: my $helptag='<table><tr><td>'.&Apache::loncommon::help_open_menu('','General Intro','General_Intro','User Roles',1,undef,undef,undef,undef,,&mt("Click here for help")).'</td></td></tr></table>'; 333: $r->print(<<ENDHEADER); 334: $start_page 335: $helptag<br /> 336: <script> 337: $swinfo 338: window.focus(); 339: 340: active=true; 341: 342: function enterrole (thisform,rolecode,buttonname) { 343: if (active) { 344: active=false; 345: document.title='$standby'; 346: window.status='$standby'; 347: thisform.newrole.value=rolecode; 348: thisform.submit(); 349: } else { 350: alert('$standby'); 351: } 352: } 353: </script> 354: ENDHEADER 355: 356: # ------------------------------------------ Get Error Message from Environment 357: 358: my ($fn,$priv,$nochoose,$error,$msg)=split(/:/,$env{'user.error.msg'}); 359: if ($env{'user.error.msg'}) { 360: $r->log_reason( 361: "$msg for $env{'user.name'} domain $env{'user.domain'} access $priv",$fn); 362: } 363: 364: # ------------------------------------------------- Can this user re-init, etc? 365: 366: my $advanced=$env{'user.adv'}; 367: &Apache::loncommon::get_unprocessed_cgi($ENV{'QUERY_STRING'},['tryagain']); 368: my $tryagain=$env{'form.tryagain'}; 369: 370: # -------------------------------------------------------- Generate Page Output 371: # --------------------------------------------------------------- Error Header? 372: if ($error) { 373: $r->print("<h1>LON-CAPA Access Control</h1>"); 374: $r->print("<hr /><pre>Access : ". 375: Apache::lonnet::plaintext($priv)."\n"); 376: $r->print("Resource: ".&Apache::lonenc::check_encrypt($fn)."\n"); 377: $r->print("Action : $msg\n</pre><hr />"); 378: my $url=$fn; 379: my $last; 380: if (tie(my %hash,'GDBM_File',$env{'request.course.fn'}.'_symb.db', 381: &GDBM_READER(),0640)) { 382: $last=$hash{'last_known'}; 383: untie(%hash); 384: } 385: if ($last) { $fn.='?symb='.&escape($last); } 386: 387: &Apache::londocs::changewarning($r,undef,'You have modified your course recently, [_1] may fix this access problem.', 388: &Apache::lonenc::check_encrypt($fn)); 389: } else { 390: if ($env{'user.error.msg'}) { 391: $r->print( 392: '<h3><font color="red">'. 393: &mt('You need to choose another user role or enter a specific course for this function').'</font></h3>'); 394: } 395: } 396: # -------------------------------------------------------- Choice or no choice? 397: if ($nochoose) { 398: if ($advanced) { 399: $r->print("<h2>".&mt('Assigned User Roles')."</h2>\n"); 400: } else { 401: $r->print("<h2>".&mt('Sorry ...')."</h2>\n". 402: &mt('This resource might be part of')); 403: if ($env{'request.course.id'}) { 404: $r->print(&mt(' another')); 405: } else { 406: $r->print(&mt(' a certain')); 407: } 408: $r->print(&mt(' course.'). 409: &Apache::loncommon::end_page()); 410: return OK; 411: } 412: } else { 413: if ($advanced) { 414: $r->print(&mt("Your home server is "). 415: $Apache::lonnet::hostname{&Apache::lonnet::homeserver 416: ($env{'user.name'},$env{'user.domain'})}. 417: "<br />\n"); 418: $r->print(&mt( 419: "Author and Co-Author roles are not available on servers other than their respective home servers.")); 420: } 421: if (($ENV{'REDIRECT_QUERY_STRING'}) && ($fn)) { 422: $fn.='?'.$ENV{'REDIRECT_QUERY_STRING'}; 423: } 424: $r->print('<form method="post" name="rolechoice" action="'.(($fn)?$fn:$r->uri).'">'); 425: $r->print('<input type="hidden" name="orgurl" value="'.$fn.'" />'); 426: $r->print('<input type="hidden" name="selectrole" value="1" />'); 427: $r->print('<input type="hidden" name="newrole" value="" />'); 428: } 429: if ($env{'user.adv'}) { 430: $r->print( 431: '<br /><label>'.&mt('Show all roles').': <input type="checkbox" name="showall"'); 432: if ($env{'form.showall'}) { $r->print(' checked="checked" '); } 433: $r->print(' /></label><input type="submit" value="'.&mt('Display').'" />'); 434: } 435: 436: my (%roletext,%sortrole,%roleclass); 437: my $countactive=0; 438: my $inrole=0; 439: my $possiblerole=''; 440: foreach $envkey (sort keys %env) { 441: my $button = 1; 442: my $switchserver=''; 443: my $roletext; 444: my $sortkey; 445: if ($envkey=~/^user\.role\./) { 446: my ($role,$where,$trolecode,$tstart,$tend,$tremark,$tstatus,$tpstart,$tpend,$tfont); 447: &role_status($envkey,$then,$now,\$role,\$where,\$trolecode,\$tstatus,\$tstart,\$tend); 448: next if (!defined($role) || $role eq '' || $role =~ /^gr/); 449: $tremark=''; 450: $tpstart=' '; 451: $tpend=' '; 452: $tfont='#000000'; 453: if ($tstart) { 454: $tpstart=&Apache::lonlocal::locallocaltime($tstart); 455: } 456: if ($tend) { 457: $tpend=&Apache::lonlocal::locallocaltime($tend); 458: } 459: if ($env{'request.role'} eq $trolecode) { 460: $tstatus='selected'; 461: } 462: my $tbg; 463: if (($tstatus eq 'is') || ($tstatus eq 'selected') || 464: ($env{'form.showall'})) { 465: if ($tstatus eq 'is') { 466: $tbg='#77FF77'; 467: $tfont='#003300'; 468: $possiblerole=$trolecode; 469: $countactive++; 470: } elsif ($tstatus eq 'future') { 471: $tbg='#FFFF77'; 472: $button=0; 473: } elsif ($tstatus eq 'will') { 474: $tbg='#FFAA77'; 475: $tremark.=&mt('Active at next login. '); 476: } elsif ($tstatus eq 'expired') { 477: $tbg='#FF7777'; 478: $tfont='#330000'; 479: $button=0; 480: } elsif ($tstatus eq 'will_not') { 481: $tbg='#AAFF77'; 482: $tremark.=&mt('Expired after logout. '); 483: } elsif ($tstatus eq 'selected') { 484: $tbg='#11CC55'; 485: $tfont='#002200'; 486: $inrole=1; 487: $countactive++; 488: $tremark.=&mt('Currently selected. '); 489: } 490: my $trole; 491: if ($role =~ /^cr\//) { 492: my ($rdummy,$rdomain,$rauthor,$rrole)=split(/\//,$role); 493: if ($tremark) { $tremark.='<br />'; } 494: $tremark.=&mt('Defined by ').$rauthor. 495: &mt(' at ').$rdomain.'.'; 496: $trole=$rrole; 497: } else { 498: $trole=Apache::lonnet::plaintext($role); 499: } 500: my $ttype; 501: my $twhere; 502: my ($tdom,$trest,$tsection)= 503: split(/\//,Apache::lonnet::declutter($where)); 504: # First, Co-Authorship roles 505: if (($role eq 'ca') || ($role eq 'aa')) { 506: my $home = &Apache::lonnet::homeserver($trest,$tdom); 507: my $allowed=0; 508: my @ids=&Apache::lonnet::current_machine_ids(); 509: foreach my $id (@ids) { if ($id eq $home) { $allowed=1; } } 510: if (!$allowed) { 511: $button=0; 512: $switchserver='otherserver='.$home.'&role='.$trolecode; 513: } 514: #next if ($home eq 'no_host'); 515: $home = $Apache::lonnet::hostname{$home}; 516: $ttype='Construction Space'; 517: $twhere=&mt('User').': '.$trest.'<br />'.&mt('Domain'). 518: ': '.$tdom.'<br />'. 519: ' '.&mt('Server').': '.$home; 520: $env{'course.'.$tdom.'_'.$trest.'.description'}='ca'; 521: $tremark.=&Apache::lonhtmlcommon::authorbombs('/res/'.$tdom.'/'.$trest.'/'); 522: $sortkey=$role."$trest:$tdom"; 523: } elsif ($role eq 'au') { 524: # Authors 525: my $home = &Apache::lonnet::homeserver 526: ($env{'user.name'},$env{'user.domain'}); 527: my $allowed=0; 528: my @ids=&Apache::lonnet::current_machine_ids(); 529: foreach my $id (@ids) { if ($id eq $home) { $allowed=1; } } 530: if (!$allowed) { 531: $button=0; 532: $switchserver='otherserver='.$home.'&role='.$trolecode; 533: } 534: #next if ($home eq 'no_host'); 535: $home = $Apache::lonnet::hostname{$home}; 536: $ttype='Construction Space'; 537: $twhere=&mt('Domain').': '.$tdom.'<br />'.&mt('Server'). 538: ': '.$home; 539: $env{'course.'.$tdom.'_'.$trest.'.description'}='ca'; 540: $tremark.=&Apache::lonhtmlcommon::authorbombs('/res/'.$tdom.'/'.$env{'user.name'}.'/'); 541: $sortkey=$role; 542: } elsif ($trest) { 543: $ttype='Course'; 544: my $tcourseid=$tdom.'_'.$trest; 545: if ($env{'course.'.$tcourseid.'.description'}) { 546: $twhere=$env{'course.'.$tcourseid.'.description'}; 547: $sortkey=$role."\0".$tdom."\0".$twhere."\0".$envkey; 548: unless ($twhere eq &mt('Currently not available')) { 549: $twhere.=' <font size="-2">'. 550: &Apache::loncommon::syllabuswrapper(&mt('Syllabus'),$trest,$tdom,$tfont). 551: '</font>'; 552: } 553: } else { 554: my %newhash=&Apache::lonnet::coursedescription($tcourseid); 555: if (%newhash) { 556: $sortkey=$role."\0".$tdom."\0".$newhash{'description'}. 557: "\0".$envkey; 558: $twhere=$newhash{'description'}. 559: ' <font size="-2">'. 560: &Apache::loncommon::syllabuswrapper(&mt('Syllabus'),$trest,$tdom,$tfont). 561: '</font>'; 562: } else { 563: $twhere=&mt('Currently not available'); 564: $env{'course.'.$tcourseid.'.description'}=$twhere; 565: $sortkey=$role."\0".$tdom."\0".$twhere."\0".$envkey; 566: } 567: } 568: if ($tsection) { 569: $twhere.='<br />'.&mt('Section/Group').': '.$tsection; 570: } 571: 572: if ($role ne 'st') { $twhere.="<br />".&mt('Domain').":".$tdom; } 573: } elsif ($tdom) { 574: $ttype='Domain'; 575: $twhere=$tdom; 576: $sortkey=$role.$twhere; 577: } else { 578: $ttype='System'; 579: $twhere=&mt('system wide'); 580: $sortkey=$role.$twhere; 581: } 582: 583: $roletext.=&build_roletext($trolecode,$tdom,$trest,$tstatus,$tryagain,$advanced,$tremark,$tbg,$tfont,$trole,$ttype,$twhere,$tpstart,$tpend,$nochoose,$button,$switchserver); 584: $roletext{$envkey}=$roletext; 585: if (!$sortkey) {$sortkey=$twhere."\0".$envkey;} 586: $sortrole{$sortkey}=$envkey; 587: $roleclass{$envkey}=$ttype; 588: } 589: } 590: } 591: # No active roles 592: if ($countactive==0) { 593: if ($inrole) { 594: $r->print('<h2>'.&mt('Currently no additional roles or courses').'</h2>'); 595: } else { 596: $r->print('<h2>'.&mt('Currently no active roles or courses').'</h2>'); 597: } 598: $r->print('</form>'.&Apache::loncommon::end_page()); 599: return OK; 600: # Is there only one choice? 601: } elsif (($countactive==1) && ($env{'request.role'} eq 'cm')) { 602: $r->print('<h3>'.&mt('Please stand by.').'</h3>'. 603: '<input type="hidden" name="'.$possiblerole.'" value="1" />'); 604: $r->print("</form>\n"); 605: $r->rflush(); 606: $r->print('<script>document.forms.rolechoice.submit();</script>'); 607: $r->print(&Apache::loncommon::end_page()); 608: return OK; 609: } 610: # More than one possible role 611: # ----------------------------------------------------------------------- Table 612: unless (($advanced) || ($nochoose)) { 613: $r->print("<h2>".&mt('Select a Course to Enter')."</h2>\n"); 614: } 615: $r->print('<br /><table><tr>'); 616: unless ($nochoose) { $r->print('<th> </th>'); } 617: $r->print('<th>'.&mt('User Role').'</th><th>'.&mt('Extent'). 618: '</th><th>'.&mt('Start').'</th><th>'.&mt('End').'</th></tr>'."\n"); 619: my $doheaders=-1; 620: foreach my $type ('Domain','Construction Space','Course','System') { 621: my $haverole=0; 622: foreach my $which (sort {uc($a) cmp uc($b)} (keys(%sortrole))) { 623: if ($roleclass{$sortrole{$which}} =~ /^\Q$type\E/) { 624: $haverole=1; 625: } 626: } 627: if ($haverole) { $doheaders++; } 628: } 629: 630: if ($env{'environment.recentroles'}) { 631: my %recent_roles = 632: &Apache::lonhtmlcommon::get_recent('roles',$env{'environment.recentrolesn'}); 633: my $output=''; 634: foreach (sort(keys(%recent_roles))) { 635: if (defined($roletext{'user.role.'.$_})) { 636: $output.=$roletext{'user.role.'.$_}; 637: if ($_ =~ m-dc\./(\w+)/- && $dcroles{$1}) { 638: $output .= &allcourses_row($1,'recent'); 639: } 640: } elsif ($numdc > 0) { 641: unless ($_ =~/^error\:/) { 642: $output.=&display_cc_role('user.role.'.$_); 643: } 644: } 645: } 646: if ($output) { 647: $r->print("<tr><td align='center' colspan='5'><font face='arial'>". 648: &mt('Recent Roles')."</font></td>"); 649: $r->print($output); 650: $r->print("</tr>"); 651: $doheaders ++; 652: } 653: } 654: 655: if ($numdc > 0) { 656: $r->print(&coursepick_jscript()); 657: $r->print(&Apache::loncommon::coursebrowser_javascript()); 658: } 659: foreach my $type ('Construction Space','Domain','Course','System') { 660: my $output; 661: foreach my $which (sort {uc($a) cmp uc($b)} (keys(%sortrole))) { 662: if ($roleclass{$sortrole{$which}} =~ /^\Q$type\E/) { 663: $output.=$roletext{$sortrole{$which}}; 664: if ($sortrole{$which} =~ m-dc\./(\w+)/-) { 665: if ($dcroles{$1}) { 666: $output .= &allcourses_row($1,''); 667: } 668: } 669: } 670: } 671: if ($output) { 672: if ($doheaders > 0) { 673: $r->print("<tr>". 674: "<td align='center' colspan='5'><font face='arial'>".&mt($type)."</font></td></tr>"); 675: } 676: $r->print($output); 677: } 678: } 679: my $tremark=''; 680: my $tfont='#003300'; 681: if ($env{'request.role'} eq 'cm') { 682: $r->print('<tr bgcolor="#11CC55">'); 683: $tremark=&mt('Currently selected. '); 684: $tfont='#002200'; 685: } else { 686: $r->print('<tr bgcolor="#77FF77">'); 687: } 688: unless ($nochoose) { 689: if ($env{'request.role'} ne 'cm') { 690: $r->print('<td><input type="submit" value="'. 691: &mt('Select').'" name="cm"></td>'); 692: } else { 693: $r->print('<td> </td>'); 694: } 695: } 696: $r->print('<td colspan="3"><font color="'.$tfont.'">'.&mt('No role specified'). 697: '</font></td><td><font color="'.$tfont.'">'.$tremark. 698: ' </font></td></tr>'."\n"); 699: 700: $r->print('</table>'); 701: unless ($nochoose) { 702: $r->print("</form>\n"); 703: } 704: # ------------------------------------------------------------ Privileges Info 705: if (($advanced) && (($env{'user.error.msg'}) || ($error))) { 706: $r->print('<hr /><h2>Current Privileges</h2>'); 707: 708: foreach $envkey (sort keys %env) { 709: if ($envkey=~/^user\.priv\.$env{'request.role'}\./) { 710: my $where=$envkey; 711: $where=~s/^user\.priv\.$env{'request.role'}\.//; 712: my $ttype; 713: my $twhere; 714: my ($tdom,$trest,$tsec)= 715: split(/\//,Apache::lonnet::declutter($where)); 716: if ($trest) { 717: if ($env{'course.'.$tdom.'_'.$trest.'.description'} eq 'ca') { 718: $ttype='Construction Space'; 719: $twhere='User: '.$trest.', Domain: '.$tdom; 720: } else { 721: $ttype='Course'; 722: $twhere=$env{'course.'.$tdom.'_'.$trest.'.description'}; 723: if ($tsec) { 724: $twhere.=' (Section/Group: '.$tsec.')'; 725: } 726: } 727: } elsif ($tdom) { 728: $ttype='Domain'; 729: $twhere=$tdom; 730: } else { 731: $ttype='System'; 732: $twhere='/'; 733: } 734: $r->print("\n<h3>".$ttype.': '.$twhere.'</h3><ul>'); 735: foreach (sort split(/:/,$env{$envkey})) { 736: if ($_) { 737: my ($prv,$restr)=split(/\&/,$_); 738: my $trestr=''; 739: if ($restr ne 'F') { 740: my $i; 741: $trestr.=' ('; 742: for ($i=0;$i<length($restr);$i++) { 743: $trestr.= 744: Apache::lonnet::plaintext(substr($restr,$i,1)); 745: if ($i<length($restr)-1) { $trestr.=', '; } 746: } 747: $trestr.=')'; 748: } 749: $r->print('<li>'. 750: Apache::lonnet::plaintext($prv).$trestr. 751: '</li>'); 752: } 753: } 754: $r->print('</ul>'); 755: } 756: } 757: } 758: $r->print(&Apache::lonnet::getannounce()); 759: if ($advanced) { 760: $r->print('<p><small><i>This is LON-CAPA '. 761: $r->dir_config('lonVersion').'</i><br />'. 762: '<a href="/adm/logout">'.&mt('Logout').'</a></small></p>'); 763: } 764: $r->print(&Apache::loncommon::end_page()); 765: return OK; 766: } 767: 768: sub role_status { 769: my ($rolekey,$then,$now,$role,$where,$trolecode,$tstatus,$tstart,$tend) = @_; 770: my @pwhere = (); 771: if (exists($env{$rolekey}) && $env{$rolekey} ne '') { 772: (undef,undef,$$role,@pwhere)=split(/\./,$rolekey); 773: unless (!defined($$role) || $$role eq '') { 774: $$where=join('.',@pwhere); 775: $$trolecode=$$role.'.'.$$where; 776: ($$tstart,$$tend)=split(/\./,$env{$rolekey}); 777: $$tstatus='is'; 778: if ($$tstart && $$tstart>$then) { 779: $$tstatus='future'; 780: if ($$tstart<$now) { $$tstatus='will'; } 781: } 782: if ($$tend) { 783: if ($$tend<$then) { 784: $$tstatus='expired'; 785: } elsif ($$tend<$now) { 786: $$tstatus='will_not'; 787: } 788: } 789: } 790: } 791: } 792: 793: sub build_roletext { 794: my ($trolecode,$tdom,$trest,$tstatus,$tryagain,$advanced,$tremark,$tbg,$tfont,$trole,$ttype,$twhere,$tpstart,$tpend,$nochoose,$button,$switchserver) = @_; 795: my $roletext='<tr bgcolor="'.$tbg.'">'; 796: my $is_dc=($trolecode =~ m/^dc\./); 797: my $rowspan=($is_dc) ? '' 798: : ' rowspan="2" '; 799: 800: unless ($nochoose) { 801: my $buttonname=$trolecode; 802: $buttonname=~s/\W//g; 803: if (!$button) { 804: if ($switchserver) { 805: $roletext.='<td'.$rowspan.'><a href="/adm/switchserver?'. 806: $switchserver.'">'.&mt('Switch Server').'</a></td>'; 807: } else { 808: $roletext.=('<td> </td>'); 809: } 810: } elsif ($tstatus eq 'is') { 811: $roletext.='<td'.$rowspan.'><input name="'.$buttonname.'" type="button" value="'. 812: &mt('Select').'" onClick="javascript:enterrole(this.form,\''. 813: $trolecode."','".$buttonname.'\');"></td>'; 814: } elsif ($tryagain) { 815: $roletext.= 816: '<td'.$rowspan.'><input name="'.$buttonname.'" type="button" value="'. 817: &mt('Try Selecting Again').'" onClick="javascript:enterrole(this.form,\''. 818: $trolecode."','".$buttonname.'\');"></td>'; 819: } elsif ($advanced) { 820: $roletext.= 821: '<td'.$rowspan.'><input name="'.$buttonname.'" type="button" value="'. 822: &mt('Re-Initialize').'" onClick="javascript:enterrole(this.form,\''. 823: $trolecode."','".$buttonname.'\');"></td>'; 824: } else { 825: $roletext.='<td'.$rowspan.'> </td>'; 826: } 827: } 828: $tremark.=&Apache::lonannounce::showday(time,1, 829: &Apache::lonannounce::readcalendar($tdom.'_'.$trest)); 830: 831: $roletext.='<td><font color="'.$tfont.'">'.$trole. 832: '</font></td><td><font color="'.$tfont.'">'.$twhere. 833: '</font></td><td><font color="'.$tfont.'">'.$tpstart. 834: '</font></td><td><font color="'.$tfont.'">'.$tpend. 835: '</font></td></tr>'; 836: if (!$is_dc) { 837: $roletext.='<tr bgcolor="'.$tbg.'"><td colspan="4"><font color="'.$tfont.'">'.$tremark. 838: ' </font></td></tr><tr><td colspan="5" height="3"></td></tr>'."\n"; 839: } 840: return $roletext; 841: } 842: 843: sub check_privs { 844: my ($cdom,$cnum,$then,$now) = @_; 845: my $cckey = 'user.role.cc./'.$cdom.'/'.$cnum; 846: if ($env{$cckey}) { 847: my ($role,$where,$trolecode,$tstart,$tend,$tremark,$tstatus,$tpstart,$tpend,$tfont); 848: &role_status($cckey,$then,$now,\$role,\$where,\$trolecode,\$tstatus,\$tstart,\$tend); 849: unless (($tstatus eq 'is') || ($tstatus eq 'will_not')) { 850: &set_privileges($cdom,$cnum); 851: } 852: } else { 853: &set_privileges($cdom,$cnum); 854: } 855: } 856: 857: sub check_fordc { 858: my ($dcroles,$then) = @_; 859: my $numdc = 0; 860: if ($env{'user.adv'}) { 861: foreach my $envkey (sort keys %env) { 862: if ($envkey=~/^user\.role\.dc\.\/(\w+)\/$/) { 863: my $dcdom = $1; 864: my $livedc = 1; 865: my ($tstart,$tend)=split(/\./,$env{$envkey}); 866: if ($tstart && $tstart>$then) { $livedc = 0; } 867: if ($tend && $tend <$then) { $livedc = 0; } 868: if ($livedc) { 869: $$dcroles{$dcdom} = $envkey; 870: $numdc++; 871: } 872: } 873: } 874: } 875: return $numdc; 876: } 877: 878: sub courselink { 879: my ($dcdom,$rowtype) = @_; 880: my $courseform=&Apache::loncommon::selectcourse_link 881: ('rolechoice','dccourse'.$rowtype.'_'.$dcdom,'dcdomain'.$rowtype.'_'.$dcdom,'coursedesc'.$rowtype.'_'.$dcdom,$dcdom); 882: my $hiddenitems = '<input type="hidden" name="dcdomain'.$rowtype.'_'.$dcdom.'" value="'.$dcdom.'" />'. 883: '<input type="hidden" name="origdom'.$rowtype.'_'.$dcdom.'" value="'.$dcdom.'" />'. 884: '<input type="hidden" name="dccourse'.$rowtype.'_'.$dcdom.'" value="" />'. 885: '<input type="hidden" name="coursedesc'.$rowtype.'_'.$dcdom.'" value="" />'; 886: return $courseform.$hiddenitems; 887: } 888: 889: sub coursepick_jscript { 890: my $verify_script = <<"END"; 891: <script> 892: function verifyCoursePick(caller) { 893: var numbutton = getIndex(caller) 894: var pickedCourse = document.rolechoice.elements[numbutton+4].value 895: var pickedDomain = document.rolechoice.elements[numbutton+2].value 896: if (document.rolechoice.elements[numbutton+2].value == document.rolechoice.elements[numbutton+3].value) { 897: if (pickedCourse != '') { 898: if (numbutton != -1) { 899: var courseTarget = "cc./"+pickedDomain+"/"+pickedCourse 900: document.rolechoice.elements[numbutton+1].name = courseTarget 901: document.rolechoice.submit() 902: } 903: } 904: else { 905: alert("Please use the 'Select Course' link to open a separate pick course window where you may select the course you wish to enter."); 906: } 907: } 908: else { 909: alert("You can only use this screen to select courses in the current domain") 910: } 911: } 912: function getIndex(caller) { 913: for (var i=0;i<document.rolechoice.elements.length;i++) { 914: if (document.rolechoice.elements[i] == caller) { 915: return i; 916: } 917: } 918: return -1; 919: } 920: </script> 921: END 922: return $verify_script; 923: } 924: 925: sub processpick { 926: my $process_pick = <<"END"; 927: <script> 928: function process_pick(dom) { 929: var pickedCourse=opener.document.rolechoice.$env{'form.cnumelement'}.value; 930: var pickedDomain=opener.document.rolechoice.$env{'form.cdomelement'}.value; 931: var okDomain = 0; 932: 933: if (pickedDomain == dom) { 934: if (pickedCourse != '') { 935: var courseTarget = "cc./"+pickedDomain+"/"+pickedCourse 936: opener.document.title='Role selected. Please stand by.'; 937: opener.status='Role selected. Please stand by.'; 938: opener.document.rolechoice.newrole.value=courseTarget 939: opener.document.rolechoice.submit() 940: } 941: } else { 942: alert("You may only use this screen to select courses in the current domain: "+dom+"\\nPlease return to the roles page window and click the 'Select Course' link for domain: "+pickedDomain+",\\n if you are a Domain Coordinator in that domain, and wish to become a Course Coordinator in a course in the domain"); 943: } 944: } 945: 946: </script> 947: END 948: return $process_pick; 949: } 950: 951: sub display_cc_role { 952: my $rolekey = shift; 953: my $roletext; 954: my $advanced = $env{'user.adv'}; 955: my $tryagain = $env{'form.tryagain'}; 956: unless ($rolekey =~/^error\:/) { 957: if ($rolekey =~ m-^user\.role.cc\./(\w+)/(\w+)$-) { 958: my $tcourseid = $1.'_'.$2; 959: my $trolecode = 'cc./'.$1.'/'.$2; 960: my $trole = Apache::lonnet::plaintext('cc'); 961: my $twhere; 962: my $tbg='#77FF77'; 963: my $tfont='#003300'; 964: my %newhash=&Apache::lonnet::coursedescription($tcourseid); 965: if (%newhash) { 966: $twhere=$newhash{'description'}. 967: ' <font size="-2">'. 968: &Apache::loncommon::syllabuswrapper(&mt('Syllabus'),$2,$1,$tfont). 969: '</font>'; 970: } else { 971: $twhere=&mt('Currently not available'); 972: $env{'course.'.$tcourseid.'.description'}=$twhere; 973: } 974: $twhere.="<br />".&mt('Domain').":".$1; 975: $roletext = &build_roletext($trolecode,$1,$2,'is',$tryagain,$advanced,'',$tbg,$tfont,$trole,&mt('Course'),$twhere,'','','',1,''); 976: } 977: } 978: return $roletext; 979: } 980: 981: sub allcourses_row { 982: my ($dcdom,$rowtype) = @_; 983: my $ccrole = Apache::lonnet::plaintext('cc'); 984: my $selectlink = &courselink($dcdom,$rowtype); 985: my $output = '<tr bgcolor="#77FF77">'. 986: '<td colspan="5">'. 987: '<font color="#002200">'.$ccrole.'</font>'. 988: ' <b>'.$selectlink.'</b>'. 989: ' from '.&mt('Domain').' '.$dcdom. 990: '<tr><td colspan="5" height="3"></td></tr>'."\n"; 991: return $output; 992: } 993: 994: sub recent_filename { 995: my $area=shift; 996: return 'nohist_recent_'.&escape($area); 997: } 998: 999: sub set_privileges { 1000: my ($dcdom,$pickedcourse) = @_; 1001: my $area = '/'.$dcdom.'/'.$pickedcourse; 1002: my $role = 'cc'; 1003: my $spec = $role.'.'.$area; 1004: my $userroles = &Apache::lonnet::set_arearole($role,$area,'','',$dcdom,$env{'user.name'}); 1005: my %ccrole = (); 1006: &Apache::lonnet::standard_roleprivs(\%ccrole,$role,$dcdom,$spec,$pickedcourse,$area); 1007: my ($author,$adv)= &Apache::lonnet::set_userprivs(\$userroles,\%ccrole); 1008: my @newprivs = split/\n/,$userroles; 1009: my %newccroles = (); 1010: foreach (@newprivs) { 1011: my ($key,$val) = split/=/,$_; 1012: $newccroles{$key} = $val; 1013: } 1014: &Apache::lonnet::appenv(%newccroles); 1015: &Apache::lonnet::log($env{'user.domain'}, 1016: $env{'user.name'}, 1017: $env{'user.home'}, 1018: "Role ".$role); 1019: &Apache::lonnet::appenv( 1020: 'request.role' => $spec, 1021: 'request.role.domain' => $dcdom, 1022: 'request.course.sec' => ''); 1023: my $tadv=0; 1024: if (&Apache::lonnet::allowed('adv') eq 'F') { $tadv=1; } 1025: &Apache::lonnet::appenv('request.role.adv' => $tadv); 1026: } 1027: 1028: sub courseloadpage { 1029: my ($courseid) = @_; 1030: my $startpage; 1031: my %entry_settings = &Apache::lonnet::get('nohist_whatsnew', 1032: [$courseid.':courseinit']); 1033: my ($tmp) = %entry_settings; 1034: unless ($tmp =~ /^error: 2 /) { 1035: $startpage = $entry_settings{$courseid.':courseinit'}; 1036: } 1037: if ($startpage eq '') { 1038: if (exists($env{'environment.course_init_display'})) { 1039: $startpage = $env{'environment.course_init_display'}; 1040: } 1041: } 1042: return $startpage; 1043: } 1044: 1045: 1; 1046: __END__ 1047: 1048: =head1 NAME 1049: 1050: Apache::lonroles - User Roles Screen 1051: 1052: =head1 SYNOPSIS 1053: 1054: Invoked by /etc/httpd/conf/srm.conf: 1055: 1056: <Location /adm/roles> 1057: PerlAccessHandler Apache::lonacc 1058: SetHandler perl-script 1059: PerlHandler Apache::lonroles 1060: ErrorDocument 403 /adm/login 1061: ErrorDocument 500 /adm/errorhandler 1062: </Location> 1063: 1064: =head1 OVERVIEW 1065: 1066: =head2 Choosing Roles 1067: 1068: C<lonroles> is a handler that allows a user to switch roles in 1069: mid-session. LON-CAPA attempts to work with "No Role Specified", the 1070: default role that a user has before selecting a role, as widely as 1071: possible, but certain handlers for example need specification which 1072: course they should act on, etc. Both in this scenario, and when the 1073: handler determines via C<lonnet>'s C<&allowed> function that a certain 1074: action is not allowed, C<lonroles> is used as error handler. This 1075: allows the user to select another role which may have permission to do 1076: what they were trying to do. C<lonroles> can also be accessed via the 1077: B<CRS> button in the Remote Control. 1078: 1079: =begin latex 1080: 1081: \begin{figure} 1082: \begin{center} 1083: \includegraphics[width=0.45\paperwidth,keepaspectratio]{Sample_Roles_Screen} 1084: \caption{\label{Sample_Roles_Screen}Sample Roles Screen} 1085: \end{center} 1086: \end{figure} 1087: 1088: =end latex 1089: 1090: =head2 Role Initialization 1091: 1092: The privileges for a user are established at login time and stored in the session environment. As a consequence, a new role does not become active till the next login. Handlers are able to query for privileges using C<lonnet>'s C<&allowed> function. When a user first logs in, their role is the "common" role, which means that they have the sum of all of their privileges. During a session it might become necessary to choose a particular role, which as a consequence also limits the user to only the privileges in that particular role. 1093: 1094: =head1 INTRODUCTION 1095: 1096: This module enables a user to select what role he wishes to 1097: operate under (instructor, student, teaching assistant, course 1098: coordinator, etc). These roles are pre-established by the actions 1099: of upper-level users. 1100: 1101: This is part of the LearningOnline Network with CAPA project 1102: described at http://www.lon-capa.org. 1103: 1104: =head1 HANDLER SUBROUTINE 1105: 1106: This routine is called by Apache and mod_perl. 1107: 1108: =over 4 1109: 1110: =item * 1111: 1112: Roles Initialization (yes/no) 1113: 1114: =item * 1115: 1116: Get Error Message from Environment 1117: 1118: =item * 1119: 1120: Who is this? 1121: 1122: =item * 1123: 1124: Generate Page Output 1125: 1126: =item * 1127: 1128: Choice or no choice 1129: 1130: =item * 1131: 1132: Table 1133: 1134: =item * 1135: 1136: Privileges 1137: 1138: =back 1139: 1140: =cut