loncom/auth/lonroles.pm - view

File: [LON-CAPA] / loncom / auth / lonroles.pm
Revision 1.169: download - view: text, annotated - select for diffs
Fri Oct 20 22:05:55 2006 UTC (17 years, 8 months ago) by albertel
Branches: MAIN
CVS tags: HEAD

- $furl could have the symb arg and other complicators, just let the pageflip sug figure out where we should be

1: # The LearningOnline Network with CAPA 2: # User Roles Screen 3: # 4: # $Id: lonroles.pm,v 1.169 2006/10/20 22:05:55 albertel Exp $ 5: # 6: # Copyright Michigan State University Board of Trustees 7: # 8: # This file is part of the LearningOnline Network with CAPA (LON-CAPA). 9: # 10: # LON-CAPA is free software; you can redistribute it and/or modify 11: # it under the terms of the GNU General Public License as published by 12: # the Free Software Foundation; either version 2 of the License, or 13: # (at your option) any later version. 14: # 15: # LON-CAPA is distributed in the hope that it will be useful, 16: # but WITHOUT ANY WARRANTY; without even the implied warranty of 17: # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 18: # GNU General Public License for more details. 19: # 20: # You should have received a copy of the GNU General Public License 21: # along with LON-CAPA; if not, write to the Free Software 22: # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 23: # 24: # /home/httpd/html/adm/gpl.txt 25: # 26: # http://www.lon-capa.org/ 27: # 28: ### 29: 30: package Apache::lonroles; 31: 32: use strict; 33: use Apache::lonnet; 34: use Apache::lonuserstate(); 35: use Apache::Constants qw(:common); 36: use Apache::File(); 37: use Apache::lonmenu; 38: use Apache::loncommon; 39: use Apache::lonhtmlcommon; 40: use Apache::lonannounce; 41: use Apache::lonlocal; 42: use Apache::lonpageflip(); 43: use Apache::lonnavdisplay(); 44: use GDBM_File; 45: use LONCAPA; 46: 47: 48: sub redirect_user { 49: my ($r,$title,$url,$msg,$launch_nav) = @_; 50: $msg = $title if (! defined($msg)); 51: &Apache::loncommon::content_type($r,'text/html'); 52: &Apache::loncommon::no_cache($r); 53: $r->send_http_header; 54: my $swinfo=&Apache::lonmenu::rawconfig(); 55: my $navwindow; 56: if ($launch_nav eq 'on') { 57: $navwindow.=&Apache::lonnavdisplay::launch_win('now',undef,undef, 58: ($url =~ m-^/adm/whatsnew-)); 59: } else { 60: $navwindow.=&Apache::lonnavmaps::close(); 61: } 62: my $start_page = &Apache::loncommon::start_page('Switching Role',undef, 63: {'redirect' => [1,$url],}); 64: my $end_page = &Apache::loncommon::end_page(); 65: 66: # Note to style police: 67: # This must only replace the spaces, nothing else, or it bombs elsewhere. 68: $url=~s/ /\%20/g; 69: $r->print(<<ENDREDIR); 70: $start_page 71: <script type="text/javascript"> 72: $swinfo 73: </script> 74: $navwindow 75: <h1>$msg</h1> 76: $end_page 77: ENDREDIR 78: return; 79: } 80: 81: sub error_page { 82: my ($r,$error,$dest)=@_; 83: &Apache::loncommon::content_type($r,'text/html'); 84: &Apache::loncommon::no_cache($r); 85: $r->send_http_header; 86: return OK if $r->header_only; 87: $r->print(&Apache::loncommon::start_page('Problems during Course Initialization'). 88: '<script type="text/javascript">'. 89: &Apache::lonmenu::rawconfig().'</script>'. 90: '<p>'.&mt('The following problems occurred:'). 91: $error. 92: '</p><br /><a href="'.$dest.'">'.&mt('Continue').'</a>'. 93: &Apache::loncommon::end_page()); 94: } 95: 96: sub handler { 97: 98: my $r = shift; 99: 100: my $now=time; 101: my $then=$env{'user.login.time'}; 102: my $envkey; 103: my %dcroles = (); 104: my $numdc = &check_fordc(\%dcroles,$then); 105: &Apache::loncommon::get_unprocessed_cgi($ENV{'QUERY_STRING'}); 106: 107: # ================================================================== Roles Init 108: if ($env{'form.selectrole'}) { 109: if ($env{'form.newrole'}) { 110: $env{'form.'.$env{'form.newrole'}}=1; 111: } 112: if ($env{'request.course.id'}) { 113: my %temp=('logout_'.$env{'request.course.id'} => time); 114: &Apache::lonnet::put('email_status',\%temp); 115: &Apache::lonnet::delenv('user.state.'.$env{'request.course.id'}); 116: } 117: &Apache::lonnet::appenv("request.course.id" => '', 118: "request.course.fn" => '', 119: "request.course.uri" => '', 120: "request.course.sec" => '', 121: "request.role" => 'cm', 122: "request.role.adv" => $env{'user.adv'}, 123: "request.role.domain" => $env{'user.domain'}); 124: 125: # Check if user is a DC trying to enter a course and needs privs to be created 126: if ($numdc > 0) { 127: foreach my $envkey (keys %env) { 128: if (my ($domain,$coursenum) = 129: ($envkey =~ m-^form\.cc\./(\w+)/(\w+)$-)) { 130: if ($dcroles{$domain}) { 131: &check_privs($domain,$coursenum,$then,$now); 132: } 133: last; 134: } 135: } 136: } 137: 138: foreach $envkey (keys %env) { 139: next if ($envkey!~/^user\.role\./); 140: my ($where,$trolecode,$role,$tstatus,$tend,$tstart); 141: &role_status($envkey,$then,$now,\$role,\$where,\$trolecode,\$tstatus,\$tstart,\$tend); 142: if ($env{'form.'.$trolecode}) { 143: if ($tstatus eq 'is') { 144: $where=~s/^\///; 145: my ($cdom,$cnum,$csec)=split(/\//,$where); 146: # check for course groups 147: my %coursegroups = &Apache::lonnet::get_active_groups( 148: $env{'user.domain'},$env{'user.name'},$cdom, $cnum); 149: my $cgrps = join(':',keys(%coursegroups)); 150: 151: # store role if recent_role list being kept 152: if ($env{'environment.recentroles'}) { 153: my %frozen_roles = 154: &Apache::lonhtmlcommon::get_recent_frozen('roles',$env{'environment.recentrolesn'}); 155: &Apache::lonhtmlcommon::store_recent('roles', 156: $trolecode,' ',$frozen_roles{$trolecode}); 157: } 158: 159: 160: # check for keyed access 161: if (($role eq 'st') && 162: ($env{'course.'.$cdom.'_'.$cnum.'.keyaccess'} eq 'yes')) { 163: # who is key authority? 164: my $authdom=$cdom; 165: my $authnum=$cnum; 166: if ($env{'course.'.$cdom.'_'.$cnum.'.keyauth'}) { 167: ($authnum,$authdom)= 168: split(/\W/,$env{'course.'.$cdom.'_'.$cnum.'.keyauth'}); 169: } 170: # check with key authority 171: unless (&Apache::lonnet::validate_access_key( 172: $env{'environment.key.'.$cdom.'_'.$cnum}, 173: $authdom,$authnum)) { 174: # there is no valid key 175: if ($env{'form.newkey'}) { 176: # student attempts to register a new key 177: &Apache::loncommon::content_type($r,'text/html'); 178: &Apache::loncommon::no_cache($r); 179: $r->send_http_header; 180: my $swinfo=&Apache::lonmenu::rawconfig(); 181: my $start_page=&Apache::loncommon::start_page 182: ('Verifying Access Key to Unlock this Course'); 183: my $end_page=&Apache::loncommon::end_page(); 184: my $buttontext=&mt('Enter Course'); 185: my $message=&mt('Successfully registered key'); 186: my $assignresult= 187: &Apache::lonnet::assign_access_key( 188: $env{'form.newkey'}, 189: $authdom,$authnum, 190: $cdom,$cnum, 191: $env{'user.domain'}, 192: $env{'user.name'}, 193: 'Assigned from '.$ENV{'REMOTE_ADDR'}.' at '.localtime().' for '. 194: $trolecode); 195: unless ($assignresult eq 'ok') { 196: $assignresult=~s/^error\:\s*//; 197: $message=&mt($assignresult). 198: '<br /><a href="/adm/logout">'. 199: &mt('Logout').'</a>'; 200: $buttontext=&mt('Re-Enter Key'); 201: } 202: $r->print(<<ENDENTEREDKEY); 203: $start_page 204: <script> 205: $swinfo 206: </script> 207: <form method="post"> 208: <input type="hidden" name="selectrole" value="1" /> 209: <input type="hidden" name="$trolecode" value="1" /> 210: <font size="+2">$message</font><br /> 211: <input type="submit" value="$buttontext" /> 212: </form> 213: $end_page 214: ENDENTEREDKEY 215: return OK; 216: } else { 217: # print form to enter a new key 218: &Apache::loncommon::content_type($r,'text/html'); 219: &Apache::loncommon::no_cache($r); 220: $r->send_http_header; 221: my $swinfo=&Apache::lonmenu::rawconfig(); 222: my $start_page=&Apache::loncommon::start_page 223: ('Enter Access Key to Unlock this Course'); 224: my $end_page=&Apache::loncommon::end_page(); 225: $r->print(<<ENDENTERKEY); 226: $start_page 227: <script> 228: $swinfo 229: </script> 230: <form method="post"> 231: <input type="hidden" name="selectrole" value="1" /> 232: <input type="hidden" name="$trolecode" value="1" /> 233: <input type="text" size="20" name="newkey" value="$env{'form.newkey'}" /> 234: <input type="submit" value="Enter key" /> 235: </form> 236: $end_page 237: ENDENTERKEY 238: return OK; 239: } 240: } 241: } 242: &Apache::lonnet::log($env{'user.domain'}, 243: $env{'user.name'}, 244: $env{'user.home'}, 245: "Role ".$trolecode); 246: 247: &Apache::lonnet::appenv( 248: 'request.role' => $trolecode, 249: 'request.role.domain' => $cdom, 250: 'request.course.sec' => $csec, 251: 'request.course.groups' => $cgrps); 252: my $tadv=0; 253: 254: if (($cnum) && ($role ne 'ca') && ($role ne 'aa')) { 255: my $msg; 256: my ($furl,$ferr)= 257: &Apache::lonuserstate::readmap($cdom.'/'.$cnum); 258: if (($env{'form.orgurl'}) && 259: ($env{'form.orgurl'}!~/^\/adm\/flip/)) { 260: my $dest=$env{'form.orgurl'}; 261: if (&Apache::lonnet::allowed('adv') eq 'F') { $tadv=1; } 262: &Apache::lonnet::appenv('request.role.adv'=>$tadv); 263: if (($ferr) && ($tadv)) { 264: &error_page($r,$ferr,$dest); 265: } else { 266: $r->internal_redirect($dest); 267: } 268: return OK; 269: } else { 270: if (!$env{'request.course.id'}) { 271: &Apache::lonnet::appenv( 272: "request.course.id" => $cdom.'_'.$cnum); 273: $furl='/adm/roles?tryagain=1'; 274: $msg= 275: '<h1><span class="LC_error">'. 276: &mt('Could not initialize [_1] at this time.', 277: $env{'course.'.$cdom.'_'.$cnum.'.description'}). 278: '</span></h1><h3>'.&mt('Please try again.').'</h3>'.$ferr; 279: } 280: if (&Apache::lonnet::allowed('adv') eq 'F') { $tadv=1; } 281: &Apache::lonnet::appenv('request.role.adv'=>$tadv); 282: 283: if (($ferr) && ($tadv)) { 284: &error_page($r,$ferr,$furl); 285: } else { 286: # Check to see if the user is a CC entering a course 287: # for the first time 288: my (undef, undef, $role, $courseid) = split(/\./, $envkey); 289: if (substr($courseid, 0, 1) eq '/') { 290: $courseid = substr($courseid, 1); 291: } 292: $courseid =~ s/\//_/; 293: if ($role eq 'cc' && $env{'course.' . $courseid . 294: '.course.helper.not.run'}) { 295: $furl = "/adm/helper/course.initialization.helper"; 296: # Send the user to the course they selected 297: } elsif ($env{'request.course.id'}) { 298: if (&Apache::lonnet::allowed('whn', 299: $env{'request.course.id'}) 300: || &Apache::lonnet::allowed('whn', 301: $env{'request.course.id'}.'/' 302: .$env{'request.course.sec'}) 303: ) { 304: my $startpage = &courseloadpage($courseid); 305: unless ($startpage eq 'firstres') { 306: $msg = &mt('Entering [_1] ....', 307: $env{'course.'.$courseid.'.description'}); 308: &redirect_user($r,&mt('New in course'), 309: '/adm/whatsnew?refpage=start',$msg, 310: $env{'environment.remotenavmap'}); 311: return OK; 312: } 313: } 314: } 315: # Are we allowed to look at the first resource? 316: if ($furl !~ m|^/adm/|) { 317: # Guess not ... 318: $furl=&Apache::lonpageflip::first_accessible_resource(); 319: } 320: $msg = &mt('Entering [_1] ...', 321: $env{'course.'.$courseid.'.description'}); 322: &redirect_user($r,&mt('Entering [_1]', 323: $env{'course.'.$courseid.'.description'}), 324: $furl,$msg, 325: $env{'environment.remotenavmap'}); 326: } 327: return OK; 328: } 329: } 330: # 331: # Send the user to the construction space they selected 332: if ($role =~ /^(au|ca|aa)$/) { 333: my $redirect_url = '/priv/'; 334: if ($role eq 'au') { 335: $redirect_url.=$env{'user.name'}; 336: } else { 337: $where =~ /\/(.*)$/; 338: $redirect_url .= $1; 339: } 340: $redirect_url .= '/'; 341: &redirect_user($r,&mt('Entering Construction Space'), 342: $redirect_url); 343: return OK; 344: } 345: if ($role eq 'dc') { 346: my $redirect_url = '/adm/menu/'; 347: &redirect_user($r,&mt('Loading Domain Coordinator Menu'), 348: $redirect_url); 349: return OK; 350: } 351: } 352: } 353: } 354: } 355: 356: 357: # =============================================================== No Roles Init 358: 359: &Apache::loncommon::content_type($r,'text/html'); 360: &Apache::loncommon::no_cache($r); 361: $r->send_http_header; 362: return OK if $r->header_only; 363: 364: my $swinfo=&Apache::lonmenu::rawconfig(); 365: my $start_page=&Apache::loncommon::start_page('User Roles'); 366: my $standby=&mt('Role selected. Please stand by.'); 367: $standby=~s/\n/\\n/g; 368: 369: $r->print(<<ENDHEADER); 370: $start_page 371: <br /> 372: <script> 373: $swinfo 374: window.focus(); 375: 376: active=true; 377: 378: function enterrole (thisform,rolecode,buttonname) { 379: if (active) { 380: active=false; 381: document.title='$standby'; 382: window.status='$standby'; 383: thisform.newrole.value=rolecode; 384: thisform.submit(); 385: } else { 386: alert('$standby'); 387: } 388: } 389: </script> 390: ENDHEADER 391: 392: # ------------------------------------------ Get Error Message from Environment 393: 394: my ($fn,$priv,$nochoose,$error,$msg)=split(/:/,$env{'user.error.msg'}); 395: if ($env{'user.error.msg'}) { 396: $r->log_reason( 397: "$msg for $env{'user.name'} domain $env{'user.domain'} access $priv",$fn); 398: } 399: 400: # ------------------------------------------------- Can this user re-init, etc? 401: 402: my $advanced=$env{'user.adv'}; 403: &Apache::loncommon::get_unprocessed_cgi($ENV{'QUERY_STRING'},['tryagain']); 404: my $tryagain=$env{'form.tryagain'}; 405: 406: # -------------------------------------------------------- Generate Page Output 407: # --------------------------------------------------------------- Error Header? 408: if ($error) { 409: $r->print("<h1>LON-CAPA Access Control</h1>"); 410: $r->print("<hr /><pre>Access : ". 411: Apache::lonnet::plaintext($priv)."\n"); 412: $r->print("Resource: ".&Apache::lonenc::check_encrypt($fn)."\n"); 413: $r->print("Action : $msg\n</pre><hr />"); 414: my $url=$fn; 415: my $last; 416: if (tie(my %hash,'GDBM_File',$env{'request.course.fn'}.'_symb.db', 417: &GDBM_READER(),0640)) { 418: $last=$hash{'last_known'}; 419: untie(%hash); 420: } 421: if ($last) { $fn.='?symb='.&escape($last); } 422: 423: &Apache::londocs::changewarning($r,undef,'You have modified your course recently, [_1] may fix this access problem.', 424: &Apache::lonenc::check_encrypt($fn)); 425: } else { 426: if ($env{'user.error.msg'}) { 427: $r->print( 428: '<h3><span class="LC_error">'. 429: &mt('You need to choose another user role or enter a specific course for this function').'</span></h3>'); 430: } 431: } 432: # -------------------------------------------------------- Choice or no choice? 433: if ($nochoose) { 434: $r->print("<h2>".&mt('Sorry ...')."</h2>\n". 435: &mt('This action is currently not authorized.'). 436: &Apache::loncommon::end_page()); 437: return OK; 438: } else { 439: if ($advanced) { 440: $r->print(&mt("Your home server is "). 441: $Apache::lonnet::hostname{&Apache::lonnet::homeserver 442: ($env{'user.name'},$env{'user.domain'})}. 443: "<br />\n"); 444: $r->print(&mt( 445: "Author and Co-Author roles are not available on servers other than their respective home servers.")); 446: } 447: if (($ENV{'REDIRECT_QUERY_STRING'}) && ($fn)) { 448: $fn.='?'.$ENV{'REDIRECT_QUERY_STRING'}; 449: } 450: $r->print('<form method="post" name="rolechoice" action="'.(($fn)?$fn:$r->uri).'">'); 451: $r->print('<input type="hidden" name="orgurl" value="'.$fn.'" />'); 452: $r->print('<input type="hidden" name="selectrole" value="1" />'); 453: $r->print('<input type="hidden" name="newrole" value="" />'); 454: } 455: if ($env{'user.adv'}) { 456: $r->print( 457: '<br /><label>'.&mt('Show all roles').': <input type="checkbox" name="showall"'); 458: if ($env{'form.showall'}) { $r->print(' checked="checked" '); } 459: $r->print(' /></label><input type="submit" value="'.&mt('Display').'" />'); 460: } 461: 462: my (%roletext,%sortrole,%roleclass); 463: my $countactive=0; 464: my $inrole=0; 465: my $possiblerole=''; 466: foreach $envkey (sort keys %env) { 467: my $button = 1; 468: my $switchserver=''; 469: my $roletext; 470: my $sortkey; 471: if ($envkey=~/^user\.role\./) { 472: my ($role,$where,$trolecode,$tstart,$tend,$tremark,$tstatus,$tpstart,$tpend,$tfont); 473: &role_status($envkey,$then,$now,\$role,\$where,\$trolecode,\$tstatus,\$tstart,\$tend); 474: next if (!defined($role) || $role eq '' || $role =~ /^gr/); 475: $tremark=''; 476: $tpstart=' '; 477: $tpend=' '; 478: $tfont='#000000'; 479: if ($tstart) { 480: $tpstart=&Apache::lonlocal::locallocaltime($tstart); 481: } 482: if ($tend) { 483: $tpend=&Apache::lonlocal::locallocaltime($tend); 484: } 485: if ($env{'request.role'} eq $trolecode) { 486: $tstatus='selected'; 487: } 488: my $tbg; 489: if (($tstatus eq 'is') 490: || ($tstatus eq 'selected') 491: || ($tstatus eq 'will') 492: || ($tstatus eq 'future') 493: || ($env{'form.showall'})) { 494: if ($tstatus eq 'is') { 495: $tbg='#77FF77'; 496: $tfont='#003300'; 497: $possiblerole=$trolecode; 498: $countactive++; 499: } elsif ($tstatus eq 'future') { 500: $tbg='#FFFF77'; 501: $button=0; 502: } elsif ($tstatus eq 'will') { 503: $tbg='#FFAA77'; 504: $tremark.=&mt('Active at next login. '); 505: } elsif ($tstatus eq 'expired') { 506: $tbg='#FF7777'; 507: $tfont='#330000'; 508: $button=0; 509: } elsif ($tstatus eq 'will_not') { 510: $tbg='#AAFF77'; 511: $tremark.=&mt('Expired after logout. '); 512: } elsif ($tstatus eq 'selected') { 513: $tbg='#11CC55'; 514: $tfont='#002200'; 515: $inrole=1; 516: $countactive++; 517: $tremark.=&mt('Currently selected. '); 518: } 519: my $trole; 520: if ($role =~ /^cr\//) { 521: my ($rdummy,$rdomain,$rauthor,$rrole)=split(/\//,$role); 522: if ($tremark) { $tremark.='<br />'; } 523: $tremark.=&mt('Defined by ').$rauthor. 524: &mt(' at ').$rdomain.'.'; 525: } 526: $trole=Apache::lonnet::plaintext($role); 527: my $ttype; 528: my $twhere; 529: my ($tdom,$trest,$tsection)= 530: split(/\//,Apache::lonnet::declutter($where)); 531: # First, Co-Authorship roles 532: if (($role eq 'ca') || ($role eq 'aa')) { 533: my $home = &Apache::lonnet::homeserver($trest,$tdom); 534: my $allowed=0; 535: my @ids=&Apache::lonnet::current_machine_ids(); 536: foreach my $id (@ids) { if ($id eq $home) { $allowed=1; } } 537: if (!$allowed) { 538: $button=0; 539: $switchserver='otherserver='.$home.'&role='.$trolecode; 540: } 541: #next if ($home eq 'no_host'); 542: $home = $Apache::lonnet::hostname{$home}; 543: $ttype='Construction Space'; 544: $twhere=&mt('User').': '.$trest.'<br />'.&mt('Domain'). 545: ': '.$tdom.'<br />'. 546: ' '.&mt('Server').': '.$home; 547: $env{'course.'.$tdom.'_'.$trest.'.description'}='ca'; 548: $tremark.=&Apache::lonhtmlcommon::authorbombs('/res/'.$tdom.'/'.$trest.'/'); 549: $sortkey=$role."$trest:$tdom"; 550: } elsif ($role eq 'au') { 551: # Authors 552: my $home = &Apache::lonnet::homeserver 553: ($env{'user.name'},$env{'user.domain'}); 554: my $allowed=0; 555: my @ids=&Apache::lonnet::current_machine_ids(); 556: foreach my $id (@ids) { if ($id eq $home) { $allowed=1; } } 557: if (!$allowed) { 558: $button=0; 559: $switchserver='otherserver='.$home.'&role='.$trolecode; 560: } 561: #next if ($home eq 'no_host'); 562: $home = $Apache::lonnet::hostname{$home}; 563: $ttype='Construction Space'; 564: $twhere=&mt('Domain').': '.$tdom.'<br />'.&mt('Server'). 565: ': '.$home; 566: $env{'course.'.$tdom.'_'.$trest.'.description'}='ca'; 567: $tremark.=&Apache::lonhtmlcommon::authorbombs('/res/'.$tdom.'/'.$env{'user.name'}.'/'); 568: $sortkey=$role; 569: } elsif ($trest) { 570: my $tcourseid=$tdom.'_'.$trest; 571: $ttype = &Apache::loncommon::course_type($tcourseid); 572: $trole = &Apache::lonnet::plaintext($role,$ttype); 573: if ($env{'course.'.$tcourseid.'.description'}) { 574: $twhere=$env{'course.'.$tcourseid.'.description'}; 575: $sortkey=$role."\0".$tdom."\0".$twhere."\0".$envkey; 576: unless ($twhere eq &mt('Currently not available')) { 577: $twhere.=' <font size="-2">'. 578: &Apache::loncommon::syllabuswrapper(&mt('Syllabus'),$trest,$tdom,$tfont). 579: '</font>'; 580: } 581: } else { 582: my %newhash=&Apache::lonnet::coursedescription($tcourseid); 583: if (%newhash) { 584: $sortkey=$role."\0".$tdom."\0".$newhash{'description'}. 585: "\0".$envkey; 586: $twhere=$newhash{'description'}. 587: ' <font size="-2">'. 588: &Apache::loncommon::syllabuswrapper(&mt('Syllabus'),$trest,$tdom,$tfont). 589: '</font>'; 590: $ttype = $newhash{'type'}; 591: $trole = &Apache::lonnet::plaintext($role,$ttype); 592: } else { 593: $twhere=&mt('Currently not available'); 594: $env{'course.'.$tcourseid.'.description'}=$twhere; 595: $sortkey=$role."\0".$tdom."\0".$twhere."\0".$envkey; 596: $ttype = 'Unavailable'; 597: } 598: } 599: if ($tsection) { 600: $twhere.='<br />'.&mt('Section/Group').': '.$tsection; 601: } 602: if ($role ne 'st') { $twhere.="<br />".&mt('Domain').":".$tdom; } 603: } elsif ($tdom) { 604: $ttype='Domain'; 605: $twhere=$tdom; 606: $sortkey=$role.$twhere; 607: } else { 608: $ttype='System'; 609: $twhere=&mt('system wide'); 610: $sortkey=$role.$twhere; 611: } 612: $roletext.=&build_roletext($trolecode,$tdom,$trest,$tstatus,$tryagain,$advanced,$tremark,$tbg,$tfont,$trole,$twhere,$tpstart,$tpend,$nochoose,$button,$switchserver); 613: $roletext{$envkey}=$roletext; 614: if (!$sortkey) {$sortkey=$twhere."\0".$envkey;} 615: $sortrole{$sortkey}=$envkey; 616: $roleclass{$envkey}=$ttype; 617: } 618: } 619: } 620: # No active roles 621: if ($countactive==0) { 622: if ($inrole) { 623: $r->print('<h2>'.&mt('Currently no additional roles or courses').'</h2>'); 624: } else { 625: $r->print('<h2>'.&mt('Currently no active roles or courses').'</h2>'); 626: } 627: $r->print('</form>'.&Apache::loncommon::end_page()); 628: return OK; 629: # Is there only one choice? 630: } elsif (($countactive==1) && ($env{'request.role'} eq 'cm')) { 631: $r->print('<h3>'.&mt('Please stand by.').'</h3>'. 632: '<input type="hidden" name="'.$possiblerole.'" value="1" />'); 633: $r->print("</form>\n"); 634: $r->rflush(); 635: $r->print('<script>document.forms.rolechoice.submit();</script>'); 636: $r->print(&Apache::loncommon::end_page()); 637: return OK; 638: } 639: # More than one possible role 640: # ----------------------------------------------------------------------- Table 641: unless (($advanced) || ($nochoose)) { 642: $r->print("<h2>".&mt('Select a Course/Group to Enter')."</h2>\n"); 643: } 644: $r->print('<br /><table><tr>'); 645: unless ($nochoose) { $r->print('<th> </th>'); } 646: $r->print('<th>'.&mt('User Role').'</th><th>'.&mt('Extent'). 647: '</th><th>'.&mt('Start').'</th><th>'.&mt('End').'</th></tr>'."\n"); 648: my $doheaders=-1; 649: foreach my $type ('Domain','Construction Space','Course','Group','Unavailable','System') { 650: my $haverole=0; 651: foreach my $which (sort {uc($a) cmp uc($b)} (keys(%sortrole))) { 652: if ($roleclass{$sortrole{$which}} =~ /^\Q$type\E/) { 653: $haverole=1; 654: } 655: } 656: if ($haverole) { $doheaders++; } 657: } 658: 659: if ($env{'environment.recentroles'}) { 660: my %recent_roles = 661: &Apache::lonhtmlcommon::get_recent('roles',$env{'environment.recentrolesn'}); 662: my $output=''; 663: foreach (sort(keys(%recent_roles))) { 664: if (defined($roletext{'user.role.'.$_})) { 665: $output.=$roletext{'user.role.'.$_}; 666: if ($_ =~ m-dc\./(\w+)/- && $dcroles{$1}) { 667: $output .= &allcourses_row($1,'recent'); 668: } 669: } elsif ($numdc > 0) { 670: unless ($_ =~/^error\:/) { 671: $output.=&display_cc_role('user.role.'.$_); 672: } 673: } 674: } 675: if ($output) { 676: $r->print("<tr><td align='center' colspan='5'><font face='arial'>". 677: &mt('Recent Roles')."</font></td>"); 678: $r->print($output); 679: $r->print("</tr>"); 680: $doheaders ++; 681: } 682: } 683: 684: if ($numdc > 0) { 685: $r->print(&coursepick_jscript()); 686: $r->print(&Apache::loncommon::coursebrowser_javascript()); 687: } 688: foreach my $type ('Construction Space','Domain','Course','Group','Unavailable','System') { 689: my $output; 690: foreach my $which (sort {uc($a) cmp uc($b)} (keys(%sortrole))) { 691: if ($roleclass{$sortrole{$which}} =~ /^\Q$type\E/) { 692: $output.=$roletext{$sortrole{$which}}; 693: if ($sortrole{$which} =~ m-dc\./(\w+)/-) { 694: if ($dcroles{$1}) { 695: $output .= &allcourses_row($1,''); 696: } 697: } 698: } 699: } 700: if ($output) { 701: if ($doheaders > 0) { 702: $r->print("<tr>". 703: "<td align='center' colspan='5'><font face='arial'>".&mt($type)."</font></td></tr>"); 704: } 705: $r->print($output); 706: } 707: } 708: my $tremark=''; 709: my $tfont='#003300'; 710: if ($env{'request.role'} eq 'cm') { 711: $r->print('<tr bgcolor="#11CC55">'); 712: $tremark=&mt('Currently selected. '); 713: $tfont='#002200'; 714: } else { 715: $r->print('<tr bgcolor="#77FF77">'); 716: } 717: unless ($nochoose) { 718: if ($env{'request.role'} ne 'cm') { 719: $r->print('<td><input type="submit" value="'. 720: &mt('Select').'" name="cm"></td>'); 721: } else { 722: $r->print('<td> </td>'); 723: } 724: } 725: $r->print('<td colspan="3"><font color="'.$tfont.'">'.&mt('No role specified'). 726: '</font></td><td><font color="'.$tfont.'">'.$tremark. 727: ' </font></td></tr>'."\n"); 728: 729: $r->print('</table>'); 730: unless ($nochoose) { 731: $r->print("</form>\n"); 732: } 733: # ------------------------------------------------------------ Privileges Info 734: if (($advanced) && (($env{'user.error.msg'}) || ($error))) { 735: $r->print('<hr /><h2>Current Privileges</h2>'); 736: 737: foreach $envkey (sort keys %env) { 738: if ($envkey=~/^user\.priv\.$env{'request.role'}\./) { 739: my $where=$envkey; 740: $where=~s/^user\.priv\.$env{'request.role'}\.//; 741: my $ttype; 742: my $twhere; 743: my ($tdom,$trest,$tsec)= 744: split(/\//,Apache::lonnet::declutter($where)); 745: if ($trest) { 746: if ($env{'course.'.$tdom.'_'.$trest.'.description'} eq 'ca') { 747: $ttype='Construction Space'; 748: $twhere='User: '.$trest.', Domain: '.$tdom; 749: } else { 750: $ttype= 751: &Apache::loncommon::course_type($tdom.'_'.$trest); 752: $twhere=$env{'course.'.$tdom.'_'.$trest.'.description'}; 753: if ($tsec) { 754: $twhere.=' (Section: '.$tsec.')'; 755: } 756: } 757: } elsif ($tdom) { 758: $ttype='Domain'; 759: $twhere=$tdom; 760: } else { 761: $ttype='System'; 762: $twhere='/'; 763: } 764: $r->print("\n<h3>".$ttype.': '.$twhere.'</h3><ul>'); 765: foreach (sort split(/:/,$env{$envkey})) { 766: if ($_) { 767: my ($prv,$restr)=split(/\&/,$_); 768: my $trestr=''; 769: if ($restr ne 'F') { 770: my $i; 771: $trestr.=' ('; 772: for ($i=0;$i<length($restr);$i++) { 773: $trestr.= 774: Apache::lonnet::plaintext(substr($restr,$i,1)); 775: if ($i<length($restr)-1) { $trestr.=', '; } 776: } 777: $trestr.=')'; 778: } 779: $r->print('<li>'. 780: Apache::lonnet::plaintext($prv).$trestr. 781: '</li>'); 782: } 783: } 784: $r->print('</ul>'); 785: } 786: } 787: } 788: $r->print(&Apache::lonnet::getannounce()); 789: if ($advanced) { 790: $r->print('<p><small><i>This is LON-CAPA '. 791: $r->dir_config('lonVersion').'</i><br />'. 792: '<a href="/adm/logout">'.&mt('Logout').'</a></small></p>'); 793: } 794: $r->print(&Apache::loncommon::end_page()); 795: return OK; 796: } 797: 798: sub role_status { 799: my ($rolekey,$then,$now,$role,$where,$trolecode,$tstatus,$tstart,$tend) = @_; 800: my @pwhere = (); 801: if (exists($env{$rolekey}) && $env{$rolekey} ne '') { 802: (undef,undef,$$role,@pwhere)=split(/\./,$rolekey); 803: unless (!defined($$role) || $$role eq '') { 804: $$where=join('.',@pwhere); 805: $$trolecode=$$role.'.'.$$where; 806: ($$tstart,$$tend)=split(/\./,$env{$rolekey}); 807: $$tstatus='is'; 808: if ($$tstart && $$tstart>$then) { 809: $$tstatus='future'; 810: if ($$tstart<$now) { $$tstatus='will'; } 811: } 812: if ($$tend) { 813: if ($$tend<$then) { 814: $$tstatus='expired'; 815: } elsif ($$tend<$now) { 816: $$tstatus='will_not'; 817: } 818: } 819: } 820: } 821: } 822: 823: sub build_roletext { 824: my ($trolecode,$tdom,$trest,$tstatus,$tryagain,$advanced,$tremark,$tbg,$tfont,$trole,$twhere,$tpstart,$tpend,$nochoose,$button,$switchserver) = @_; 825: my $roletext='<tr bgcolor="'.$tbg.'">'; 826: my $is_dc=($trolecode =~ m/^dc\./); 827: my $rowspan=($is_dc) ? '' 828: : ' rowspan="2" '; 829: 830: unless ($nochoose) { 831: my $buttonname=$trolecode; 832: $buttonname=~s/\W//g; 833: if (!$button) { 834: if ($switchserver) { 835: $roletext.='<td'.$rowspan.'><a href="/adm/switchserver?'. 836: $switchserver.'">'.&mt('Switch Server').'</a></td>'; 837: } else { 838: $roletext.=('<td'.$rowspan.'> </td>'); 839: } 840: } elsif ($tstatus eq 'is') { 841: $roletext.='<td'.$rowspan.'><input name="'.$buttonname.'" type="button" value="'. 842: &mt('Select').'" onClick="javascript:enterrole(this.form,\''. 843: $trolecode."','".$buttonname.'\');"></td>'; 844: } elsif ($tryagain) { 845: $roletext.= 846: '<td'.$rowspan.'><input name="'.$buttonname.'" type="button" value="'. 847: &mt('Try Selecting Again').'" onClick="javascript:enterrole(this.form,\''. 848: $trolecode."','".$buttonname.'\');"></td>'; 849: } elsif ($advanced) { 850: $roletext.= 851: '<td'.$rowspan.'><input name="'.$buttonname.'" type="button" value="'. 852: &mt('Re-Initialize').'" onClick="javascript:enterrole(this.form,\''. 853: $trolecode."','".$buttonname.'\');"></td>'; 854: } else { 855: $roletext.='<td'.$rowspan.'> </td>'; 856: } 857: } 858: if ($trolecode !~ m/^(dc|ca|au|aa)\./) { 859: $tremark.=&Apache::lonannounce::showday(time,1, 860: &Apache::lonannounce::readcalendar($tdom.'_'.$trest)); 861: } 862: $roletext.='<td><font color="'.$tfont.'">'.$trole. 863: '</font></td><td><font color="'.$tfont.'">'.$twhere. 864: '</font></td><td><font color="'.$tfont.'">'.$tpstart. 865: '</font></td><td><font color="'.$tfont.'">'.$tpend. 866: '</font></td></tr>'; 867: if (!$is_dc) { 868: $roletext.='<tr bgcolor="'.$tbg.'"><td colspan="4"><font color="'.$tfont.'">'.$tremark. 869: ' </font></td></tr><tr><td colspan="5" height="3"></td></tr>'."\n"; 870: } 871: return $roletext; 872: } 873: 874: sub check_privs { 875: my ($cdom,$cnum,$then,$now) = @_; 876: my $cckey = 'user.role.cc./'.$cdom.'/'.$cnum; 877: if ($env{$cckey}) { 878: my ($role,$where,$trolecode,$tstart,$tend,$tremark,$tstatus,$tpstart,$tpend,$tfont); 879: &role_status($cckey,$then,$now,\$role,\$where,\$trolecode,\$tstatus,\$tstart,\$tend); 880: unless (($tstatus eq 'is') || ($tstatus eq 'will_not')) { 881: &set_privileges($cdom,$cnum); 882: } 883: } else { 884: &set_privileges($cdom,$cnum); 885: } 886: } 887: 888: sub check_fordc { 889: my ($dcroles,$then) = @_; 890: my $numdc = 0; 891: if ($env{'user.adv'}) { 892: foreach my $envkey (sort keys %env) { 893: if ($envkey=~/^user\.role\.dc\.\/(\w+)\/$/) { 894: my $dcdom = $1; 895: my $livedc = 1; 896: my ($tstart,$tend)=split(/\./,$env{$envkey}); 897: if ($tstart && $tstart>$then) { $livedc = 0; } 898: if ($tend && $tend <$then) { $livedc = 0; } 899: if ($livedc) { 900: $$dcroles{$dcdom} = $envkey; 901: $numdc++; 902: } 903: } 904: } 905: } 906: return $numdc; 907: } 908: 909: sub courselink { 910: my ($dcdom,$rowtype,$selecttype) = @_; 911: my $courseform=&Apache::loncommon::selectcourse_link 912: ('rolechoice','dccourse'.$rowtype.'_'.$dcdom, 913: 'dcdomain'.$rowtype.'_'.$dcdom,'coursedesc'.$rowtype.'_'. 914: $dcdom,$dcdom,undef,$selecttype); 915: my $hiddenitems = '<input type="hidden" name="dcdomain'.$rowtype.'_'.$dcdom.'" value="'.$dcdom.'" />'. 916: '<input type="hidden" name="origdom'.$rowtype.'_'.$dcdom.'" value="'.$dcdom.'" />'. 917: '<input type="hidden" name="dccourse'.$rowtype.'_'.$dcdom.'" value="" />'. 918: '<input type="hidden" name="coursedesc'.$rowtype.'_'.$dcdom.'" value="" />'; 919: return $courseform.$hiddenitems; 920: } 921: 922: sub coursepick_jscript { 923: my $verify_script = <<"END"; 924: <script> 925: function verifyCoursePick(caller) { 926: var numbutton = getIndex(caller) 927: var pickedCourse = document.rolechoice.elements[numbutton+4].value 928: var pickedDomain = document.rolechoice.elements[numbutton+2].value 929: if (document.rolechoice.elements[numbutton+2].value == document.rolechoice.elements[numbutton+3].value) { 930: if (pickedCourse != '') { 931: if (numbutton != -1) { 932: var courseTarget = "cc./"+pickedDomain+"/"+pickedCourse 933: document.rolechoice.elements[numbutton+1].name = courseTarget 934: document.rolechoice.submit() 935: } 936: } 937: else { 938: alert("Please use the 'Select Course' link to open a separate pick course window where you may select the course you wish to enter."); 939: } 940: } 941: else { 942: alert("You can only use this screen to select courses in the current domain") 943: } 944: } 945: function getIndex(caller) { 946: for (var i=0;i<document.rolechoice.elements.length;i++) { 947: if (document.rolechoice.elements[i] == caller) { 948: return i; 949: } 950: } 951: return -1; 952: } 953: </script> 954: END 955: return $verify_script; 956: } 957: 958: sub processpick { 959: my $process_pick = <<"END"; 960: <script> 961: function process_pick(dom) { 962: var pickedCourse=opener.document.rolechoice.$env{'form.cnumelement'}.value; 963: var pickedDomain=opener.document.rolechoice.$env{'form.cdomelement'}.value; 964: var okDomain = 0; 965: 966: if (pickedDomain == dom) { 967: if (pickedCourse != '') { 968: var courseTarget = "cc./"+pickedDomain+"/"+pickedCourse 969: opener.document.title='Role selected. Please stand by.'; 970: opener.status='Role selected. Please stand by.'; 971: opener.document.rolechoice.newrole.value=courseTarget 972: opener.document.rolechoice.submit() 973: } 974: } else { 975: alert("You may only use this screen to select courses in the current domain: "+dom+"\\nPlease return to the roles page window and click the 'Select Course' link for domain: "+pickedDomain+",\\n if you are a Domain Coordinator in that domain, and wish to become a Course Coordinator in a course in the domain"); 976: } 977: } 978: 979: </script> 980: END 981: return $process_pick; 982: } 983: 984: sub display_cc_role { 985: my $rolekey = shift; 986: my $roletext; 987: my $advanced = $env{'user.adv'}; 988: my $tryagain = $env{'form.tryagain'}; 989: unless ($rolekey =~/^error\:/) { 990: if ($rolekey =~ m-^user\.role.cc\./(\w+)/(\w+)$-) { 991: my $tcourseid = $1.'_'.$2; 992: my $trolecode = 'cc./'.$1.'/'.$2; 993: my $twhere; 994: my $ttype; 995: my $tbg='#77FF77'; 996: my $tfont='#003300'; 997: my %newhash=&Apache::lonnet::coursedescription($tcourseid); 998: if (%newhash) { 999: $twhere=$newhash{'description'}. 1000: ' <font size="-2">'. 1001: &Apache::loncommon::syllabuswrapper(&mt('Syllabus'),$2,$1,$tfont). 1002: '</font>'; 1003: $ttype = $newhash{'type'}; 1004: } else { 1005: $twhere=&mt('Currently not available'); 1006: $env{'course.'.$tcourseid.'.description'}=$twhere; 1007: } 1008: my $trole = &Apache::lonnet::plaintext('cc',$ttype); 1009: $twhere.="<br />".&mt('Domain').":".$1; 1010: $roletext = &build_roletext($trolecode,$1,$2,'is',$tryagain,$advanced,'',$tbg,$tfont,$trole,$twhere,'','','',1,''); 1011: } 1012: } 1013: return ($roletext); 1014: } 1015: 1016: sub allcourses_row { 1017: my ($dcdom,$rowtype) = @_; 1018: my $output = '<tr bgcolor="#77FF77">'. 1019: ' <td colspan="5">'; 1020: foreach my $type ('Course','Group') { 1021: my $selectlink = &courselink($dcdom,$rowtype,$type); 1022: my $ccrole = &Apache::lonnet::plaintext('cc',$type); 1023: $output.= '<font color="#002200">'.$ccrole.'</font>'. 1024: ' <b>'.$selectlink.'</b>'. 1025: ' from '.&mt('Domain').' '.$dcdom.'<br />'; 1026: } 1027: $output .= '</tr><tr><td colspan="5" height="3"></td></tr>'."\n"; 1028: return $output; 1029: } 1030: 1031: sub recent_filename { 1032: my $area=shift; 1033: return 'nohist_recent_'.&escape($area); 1034: } 1035: 1036: sub set_privileges { 1037: my ($dcdom,$pickedcourse) = @_; 1038: my $area = '/'.$dcdom.'/'.$pickedcourse; 1039: my $role = 'cc'; 1040: my $spec = $role.'.'.$area; 1041: my %userroles = &Apache::lonnet::set_arearole($role,$area,'','', 1042: $env{'user.domain'}, 1043: $env{'user.name'}); 1044: my %ccrole = (); 1045: &Apache::lonnet::standard_roleprivs(\%ccrole,$role,$dcdom,$spec,$pickedcourse,$area); 1046: my ($author,$adv)= &Apache::lonnet::set_userprivs(\%userroles,\%ccrole); 1047: &Apache::lonnet::appenv(%userroles); 1048: &Apache::lonnet::log($env{'user.domain'}, 1049: $env{'user.name'}, 1050: $env{'user.home'}, 1051: "Role ".$role); 1052: &Apache::lonnet::appenv( 1053: 'request.role' => $spec, 1054: 'request.role.domain' => $dcdom, 1055: 'request.course.sec' => ''); 1056: my $tadv=0; 1057: if (&Apache::lonnet::allowed('adv') eq 'F') { $tadv=1; } 1058: &Apache::lonnet::appenv('request.role.adv' => $tadv); 1059: } 1060: 1061: sub courseloadpage { 1062: my ($courseid) = @_; 1063: my $startpage; 1064: my %entry_settings = &Apache::lonnet::get('nohist_whatsnew', 1065: [$courseid.':courseinit']); 1066: my ($tmp) = %entry_settings; 1067: unless ($tmp =~ /^error: 2 /) { 1068: $startpage = $entry_settings{$courseid.':courseinit'}; 1069: } 1070: if ($startpage eq '') { 1071: if (exists($env{'environment.course_init_display'})) { 1072: $startpage = $env{'environment.course_init_display'}; 1073: } 1074: } 1075: return $startpage; 1076: } 1077: 1078: 1; 1079: __END__ 1080: 1081: =head1 NAME 1082: 1083: Apache::lonroles - User Roles Screen 1084: 1085: =head1 SYNOPSIS 1086: 1087: Invoked by /etc/httpd/conf/srm.conf: 1088: 1089: <Location /adm/roles> 1090: PerlAccessHandler Apache::lonacc 1091: SetHandler perl-script 1092: PerlHandler Apache::lonroles 1093: ErrorDocument 403 /adm/login 1094: ErrorDocument 500 /adm/errorhandler 1095: </Location> 1096: 1097: =head1 OVERVIEW 1098: 1099: =head2 Choosing Roles 1100: 1101: C<lonroles> is a handler that allows a user to switch roles in 1102: mid-session. LON-CAPA attempts to work with "No Role Specified", the 1103: default role that a user has before selecting a role, as widely as 1104: possible, but certain handlers for example need specification which 1105: course they should act on, etc. Both in this scenario, and when the 1106: handler determines via C<lonnet>'s C<&allowed> function that a certain 1107: action is not allowed, C<lonroles> is used as error handler. This 1108: allows the user to select another role which may have permission to do 1109: what they were trying to do. C<lonroles> can also be accessed via the 1110: B<CRS> button in the Remote Control. 1111: 1112: =begin latex 1113: 1114: \begin{figure} 1115: \begin{center} 1116: \includegraphics[width=0.45\paperwidth,keepaspectratio]{Sample_Roles_Screen} 1117: \caption{\label{Sample_Roles_Screen}Sample Roles Screen} 1118: \end{center} 1119: \end{figure} 1120: 1121: =end latex 1122: 1123: =head2 Role Initialization 1124: 1125: The privileges for a user are established at login time and stored in the session environment. As a consequence, a new role does not become active till the next login. Handlers are able to query for privileges using C<lonnet>'s C<&allowed> function. When a user first logs in, their role is the "common" role, which means that they have the sum of all of their privileges. During a session it might become necessary to choose a particular role, which as a consequence also limits the user to only the privileges in that particular role. 1126: 1127: =head1 INTRODUCTION 1128: 1129: This module enables a user to select what role he wishes to 1130: operate under (instructor, student, teaching assistant, course 1131: coordinator, etc). These roles are pre-established by the actions 1132: of upper-level users. 1133: 1134: This is part of the LearningOnline Network with CAPA project 1135: described at http://www.lon-capa.org. 1136: 1137: =head1 HANDLER SUBROUTINE 1138: 1139: This routine is called by Apache and mod_perl. 1140: 1141: =over 4 1142: 1143: =item * 1144: 1145: Roles Initialization (yes/no) 1146: 1147: =item * 1148: 1149: Get Error Message from Environment 1150: 1151: =item * 1152: 1153: Who is this? 1154: 1155: =item * 1156: 1157: Generate Page Output 1158: 1159: =item * 1160: 1161: Choice or no choice 1162: 1163: =item * 1164: 1165: Table 1166: 1167: =item * 1168: 1169: Privileges 1170: 1171: =back 1172: 1173: =cut