1: # The LearningOnline Network with CAPA
2: # User Roles Screen
3: #
4: # $Id: lonroles.pm,v 1.148 2006/05/15 17:45:46 albertel Exp $
5: #
6: # Copyright Michigan State University Board of Trustees
7: #
8: # This file is part of the LearningOnline Network with CAPA (LON-CAPA).
9: #
10: # LON-CAPA is free software; you can redistribute it and/or modify
11: # it under the terms of the GNU General Public License as published by
12: # the Free Software Foundation; either version 2 of the License, or
13: # (at your option) any later version.
14: #
15: # LON-CAPA is distributed in the hope that it will be useful,
16: # but WITHOUT ANY WARRANTY; without even the implied warranty of
17: # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18: # GNU General Public License for more details.
19: #
20: # You should have received a copy of the GNU General Public License
21: # along with LON-CAPA; if not, write to the Free Software
22: # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
23: #
24: # /home/httpd/html/adm/gpl.txt
25: #
26: # http://www.lon-capa.org/
27: #
28: ###
29:
30: package Apache::lonroles;
31:
32: use strict;
33: use Apache::lonnet;
34: use Apache::lonuserstate();
35: use Apache::Constants qw(:common);
36: use Apache::File();
37: use Apache::lonmenu;
38: use Apache::loncommon;
39: use Apache::lonhtmlcommon;
40: use Apache::lonannounce;
41: use Apache::lonlocal;
42: use GDBM_File;
43:
44: sub redirect_user {
45: my ($r,$title,$url,$msg,$launch_nav) = @_;
46: $msg = $title if (! defined($msg));
47: &Apache::loncommon::content_type($r,'text/html');
48: &Apache::loncommon::no_cache($r);
49: $r->send_http_header;
50: my $swinfo=&Apache::lonmenu::rawconfig();
51: my $navwindow;
52: if ($launch_nav eq 'on') {
53: $navwindow.=&Apache::lonnavmaps::launch_win('now',undef,undef,
54: ($url =~ m-^/adm/whatsnew-));
55: } else {
56: $navwindow.=&Apache::lonnavmaps::close();
57: }
58: my $start_page = &Apache::loncommon::start_page('Switching Role',undef,
59: {'redirect' => [1,$url],});
60: my $end_page = &Apache::loncommon::end_page();
61:
62: # Note to style police:
63: # This must only replace the spaces, nothing else, or it bombs elsewhere.
64: $url=~s/ /\%20/g;
65: $r->print(<<ENDREDIR);
66: $start_page
67: <script type="text/javascript">
68: $swinfo
69: </script>
70: $navwindow
71: <h1>$msg</h1>
72: $end_page
73: ENDREDIR
74: return;
75: }
76:
77: sub handler {
78:
79: my $r = shift;
80:
81: my $now=time;
82: my $then=$env{'user.login.time'};
83: my $envkey;
84: my %dcroles = ();
85: my $numdc = &check_fordc(\%dcroles,$then);
86: &Apache::loncommon::get_unprocessed_cgi($ENV{'QUERY_STRING'});
87:
88: # ================================================================== Roles Init
89: if ($env{'form.selectrole'}) {
90: if ($env{'form.newrole'}) {
91: $env{'form.'.$env{'form.newrole'}}=1;
92: }
93: if ($env{'request.course.id'}) {
94: my %temp=('logout_'.$env{'request.course.id'} => time);
95: &Apache::lonnet::put('email_status',\%temp);
96: &Apache::lonnet::delenv('user.state.'.$env{'request.course.id'});
97: }
98: &Apache::lonnet::appenv("request.course.id" => '',
99: "request.course.fn" => '',
100: "request.course.uri" => '',
101: "request.course.sec" => '',
102: "request.role" => 'cm',
103: "request.role.adv" => $env{'user.adv'},
104: "request.role.domain" => $env{'user.domain'});
105:
106: # Check if user is a DC trying to enter a course and needs privs to be created
107: if ($numdc > 0) {
108: foreach my $envkey (keys %env) {
109: if (my ($domain,$coursenum) =
110: ($envkey =~ m-^form\.cc\./(\w+)/(\w+)$-)) {
111: if ($dcroles{$domain}) {
112: &check_privs($domain,$coursenum,$then,$now);
113: }
114: last;
115: }
116: }
117: }
118:
119: foreach $envkey (keys %env) {
120: next if ($envkey!~/^user\.role\./);
121: my ($where,$trolecode,$role,$tstatus,$tend,$tstart);
122: &role_status($envkey,$then,$now,\$role,\$where,\$trolecode,\$tstatus,\$tstart,\$tend);
123: if ($env{'form.'.$trolecode}) {
124: if ($tstatus eq 'is') {
125: $where=~s/^\///;
126: my ($cdom,$cnum,$csec)=split(/\//,$where);
127: # check for course groups
128: my %coursegroups = &Apache::lonnet::get_active_groups(
129: $env{'user.domain'},$env{'user.name'},$cdom, $cnum);
130: my $cgrps = join(':',keys(%coursegroups));
131:
132: # store role if recent_role list being kept
133: if ($env{'environment.recentroles'}) {
134: &Apache::lonhtmlcommon::store_recent('roles',
135: $trolecode,' ');
136: }
137:
138:
139: # check for keyed access
140: if (($role eq 'st') &&
141: ($env{'course.'.$cdom.'_'.$cnum.'.keyaccess'} eq 'yes')) {
142: # who is key authority?
143: my $authdom=$cdom;
144: my $authnum=$cnum;
145: if ($env{'course.'.$cdom.'_'.$cnum.'.keyauth'}) {
146: ($authnum,$authdom)=
147: split(/\W/,$env{'course.'.$cdom.'_'.$cnum.'.keyauth'});
148: }
149: # check with key authority
150: unless (&Apache::lonnet::validate_access_key(
151: $env{'environment.key.'.$cdom.'_'.$cnum},
152: $authdom,$authnum)) {
153: # there is no valid key
154: if ($env{'form.newkey'}) {
155: # student attempts to register a new key
156: &Apache::loncommon::content_type($r,'text/html');
157: &Apache::loncommon::no_cache($r);
158: $r->send_http_header;
159: my $swinfo=&Apache::lonmenu::rawconfig();
160: my $start_page=&Apache::loncommon::start_page
161: ('Verifying Access Key to Unlock this Course');
162: my $end_page=&Apache::loncommon::end_page();
163: my $buttontext=&mt('Enter Course');
164: my $message=&mt('Successfully registered key');
165: my $assignresult=
166: &Apache::lonnet::assign_access_key(
167: $env{'form.newkey'},
168: $authdom,$authnum,
169: $cdom,$cnum,
170: $env{'user.domain'},
171: $env{'user.name'},
172: 'Assigned from '.$ENV{'REMOTE_ADDR'}.' at '.localtime().' for '.
173: $trolecode);
174: unless ($assignresult eq 'ok') {
175: $assignresult=~s/^error\:\s*//;
176: $message=&mt($assignresult).
177: '<br /><a href="/adm/logout">'.
178: &mt('Logout').'</a>';
179: $buttontext=&mt('Re-Enter Key');
180: }
181: $r->print(<<ENDENTEREDKEY);
182: $start_page
183: <script>
184: $swinfo
185: </script>
186: <form method="post">
187: <input type="hidden" name="selectrole" value="1" />
188: <input type="hidden" name="$trolecode" value="1" />
189: <font size="+2">$message</font><br />
190: <input type="submit" value="$buttontext" />
191: </form>
192: $end_page
193: ENDENTEREDKEY
194: return OK;
195: } else {
196: # print form to enter a new key
197: &Apache::loncommon::content_type($r,'text/html');
198: &Apache::loncommon::no_cache($r);
199: $r->send_http_header;
200: my $swinfo=&Apache::lonmenu::rawconfig();
201: my $start_page=&Apache::loncommon::start_page
202: ('Enter Access Key to Unlock this Course');
203: my $end_page=&Apache::loncommon::end_page();
204: $r->print(<<ENDENTERKEY);
205: $start_page
206: <script>
207: $swinfo
208: </script>
209: <form method="post">
210: <input type="hidden" name="selectrole" value="1" />
211: <input type="hidden" name="$trolecode" value="1" />
212: <input type="text" size="20" name="newkey" value="$env{'form.newkey'}" />
213: <input type="submit" value="Enter key" />
214: </form>
215: $end_page
216: ENDENTERKEY
217: return OK;
218: }
219: }
220: }
221: &Apache::lonnet::log($env{'user.domain'},
222: $env{'user.name'},
223: $env{'user.home'},
224: "Role ".$trolecode);
225:
226: &Apache::lonnet::appenv(
227: 'request.role' => $trolecode,
228: 'request.role.domain' => $cdom,
229: 'request.course.sec' => $csec,
230: 'request.course.groups' => $cgrps);
231: my $tadv=0;
232: my $msg=&mt('Entering course ...');
233:
234: if (($cnum) && ($role ne 'ca') && ($role ne 'aa')) {
235: my ($furl,$ferr)=
236: &Apache::lonuserstate::readmap($cdom.'/'.$cnum);
237: if (($env{'form.orgurl'}) &&
238: ($env{'form.orgurl'}!~/^\/adm\/flip/)) {
239: my $dest=$env{'form.orgurl'};
240: if (&Apache::lonnet::allowed('adv') eq 'F') { $tadv=1; }
241: &Apache::lonnet::appenv('request.role.adv'=>$tadv);
242: $r->internal_redirect($dest);
243: return OK;
244: } else {
245: unless ($env{'request.course.id'}) {
246: &Apache::lonnet::appenv(
247: "request.course.id" => $cdom.'_'.$cnum);
248: $furl='/adm/roles?tryagain=1';
249: $msg=
250: '<h1><font color="red">'.
251: &mt('Could not initialize course at this time.').
252: '</font></h1><h3>'.&mt('Please try again.').'</h3>'.$ferr;
253: }
254: if (&Apache::lonnet::allowed('adv') eq 'F') { $tadv=1; }
255: &Apache::lonnet::appenv('request.role.adv'=>$tadv);
256:
257: # Check to see if the user is a CC entering a course
258: # for the first time
259: my (undef, undef, $role, $courseid) = split(/\./, $envkey);
260: if (substr($courseid, 0, 1) eq '/') {
261: $courseid = substr($courseid, 1);
262: }
263: $courseid =~ s/\//_/;
264: if ($role eq 'cc' && $env{'course.' . $courseid .
265: '.course.helper.not.run'}) {
266: $furl = "/adm/helper/course.initialization.helper";
267: # Send the user to the course they selected
268: } elsif ($env{'request.course.id'}) {
269: if (&Apache::lonnet::allowed('whn',
270: $env{'request.course.id'})
271: || &Apache::lonnet::allowed('whn',
272: $env{'request.course.id'}.'/'
273: .$env{'request.course.sec'})
274: ) {
275: my $startpage = &courseloadpage($courseid);
276: unless ($startpage eq 'firstres') {
277: $msg = &mt('Entering course ....');
278: &redirect_user($r,&mt('New in course'),
279: '/adm/whatsnew?refpage=start',$msg,
280: $env{'environment.remotenavmap'});
281: return OK;
282: }
283: }
284: }
285: &redirect_user($r,&mt('Entering Course'),
286: $furl,$msg,
287: $env{'environment.remotenavmap'});
288: return OK;
289: }
290: }
291: #
292: # Send the user to the construction space they selected
293: if ($role =~ /^(au|ca|aa)$/) {
294: my $redirect_url = '/priv/';
295: if ($role eq 'au') {
296: $redirect_url.=$env{'user.name'};
297: } else {
298: $where =~ /\/(.*)$/;
299: $redirect_url .= $1;
300: }
301: $redirect_url .= '/';
302: &redirect_user($r,&mt('Entering Construction Space'),
303: $redirect_url);
304: return OK;
305: }
306: if ($role eq 'dc') {
307: my $redirect_url = '/adm/menu/';
308: &redirect_user($r,&mt('Loading Domain Coordinator Menu'),
309: $redirect_url);
310: return OK;
311: }
312: }
313: }
314: }
315: }
316:
317:
318: # =============================================================== No Roles Init
319:
320: &Apache::loncommon::content_type($r,'text/html');
321: &Apache::loncommon::no_cache($r);
322: $r->send_http_header;
323: return OK if $r->header_only;
324:
325: my $swinfo=&Apache::lonmenu::rawconfig();
326: my $start_page=&Apache::loncommon::start_page('User Roles');
327: my $standby=&mt('Role selected. Please stand by.');
328: $standby=~s/\n/\\n/g;
329: my $helptag='<table><tr><td>'.&Apache::loncommon::help_open_menu('','General Intro','General_Intro','User Roles',1,undef,undef,undef,undef,,&mt("Click here for help")).'</td></td></tr></table>';
330: $r->print(<<ENDHEADER);
331: $start_page
332: $helptag<br />
333: <script>
334: $swinfo
335: window.focus();
336:
337: active=true;
338:
339: function enterrole (thisform,rolecode,buttonname) {
340: if (active) {
341: active=false;
342: document.title='$standby';
343: window.status='$standby';
344: thisform.newrole.value=rolecode;
345: thisform.submit();
346: } else {
347: alert('$standby');
348: }
349: }
350: </script>
351: ENDHEADER
352:
353: # ------------------------------------------ Get Error Message from Environment
354:
355: my ($fn,$priv,$nochoose,$error,$msg)=split(/:/,$env{'user.error.msg'});
356: if ($env{'user.error.msg'}) {
357: $r->log_reason(
358: "$msg for $env{'user.name'} domain $env{'user.domain'} access $priv",$fn);
359: }
360:
361: # ------------------------------------------------- Can this user re-init, etc?
362:
363: my $advanced=$env{'user.adv'};
364: &Apache::loncommon::get_unprocessed_cgi($ENV{'QUERY_STRING'},['tryagain']);
365: my $tryagain=$env{'form.tryagain'};
366:
367: # -------------------------------------------------------- Generate Page Output
368: # --------------------------------------------------------------- Error Header?
369: if ($error) {
370: $r->print("<h1>LON-CAPA Access Control</h1>");
371: $r->print("<!-- LONCAPAACCESSCONTROLERRORSCREEN --><hr /><pre>Access : ".
372: Apache::lonnet::plaintext($priv)."\n");
373: $r->print("Resource: ".&Apache::lonenc::check_encrypt($fn)."\n");
374: $r->print("Action : $msg\n</pre><hr />");
375: my $url=$fn;
376: my $last;
377: if (tie(my %hash,'GDBM_File',$env{'request.course.fn'}.'_symb.db',
378: &GDBM_READER(),0640)) {
379: $last=$hash{'last_known'};
380: untie(%hash);
381: }
382: if ($last) { $fn.='?symb='.&Apache::lonnet::escape($last); }
383:
384: &Apache::londocs::changewarning($r,undef,'You have modified your course recently, [_1] may fix this access problem.',
385: &Apache::lonenc::check_encrypt($fn));
386: } else {
387: if ($env{'user.error.msg'}) {
388: $r->print(
389: '<h3><font color="red">'.
390: &mt('You need to choose another user role or enter a specific course for this function').'</font></h3>');
391: }
392: }
393: # -------------------------------------------------------- Choice or no choice?
394: if ($nochoose) {
395: if ($advanced) {
396: $r->print("<h2>".&mt('Assigned User Roles')."</h2>\n");
397: } else {
398: $r->print("<h2>".&mt('Sorry ...')."</h2>\n".
399: &mt('This resource might be part of'));
400: if ($env{'request.course.id'}) {
401: $r->print(&mt(' another'));
402: } else {
403: $r->print(&mt(' a certain'));
404: }
405: $r->print(&mt(' course.').
406: &Apache::loncommon::end_page());
407: return OK;
408: }
409: } else {
410: if ($advanced) {
411: $r->print(&mt("Your home server is ").
412: $Apache::lonnet::hostname{&Apache::lonnet::homeserver
413: ($env{'user.name'},$env{'user.domain'})}.
414: "<br />\n");
415: $r->print(&mt(
416: "Author and Co-Author roles are not available on servers other than their respective home servers."));
417: }
418: if (($ENV{'REDIRECT_QUERY_STRING'}) && ($fn)) {
419: $fn.='?'.$ENV{'REDIRECT_QUERY_STRING'};
420: }
421: $r->print('<form method="post" name="rolechoice" action="'.(($fn)?$fn:$r->uri).'">');
422: $r->print('<input type="hidden" name="orgurl" value="'.$fn.'" />');
423: $r->print('<input type="hidden" name="selectrole" value="1" />');
424: $r->print('<input type="hidden" name="newrole" value="" />');
425: }
426: if ($env{'user.adv'}) {
427: $r->print(
428: '<br /><label>'.&mt('Show all roles').': <input type="checkbox" name="showall"');
429: if ($env{'form.showall'}) { $r->print(' checked="checked" '); }
430: $r->print(' /></label><input type="submit" value="'.&mt('Display').'" />');
431: }
432:
433: my (%roletext,%sortrole,%roleclass);
434: my $countactive=0;
435: my $inrole=0;
436: my $possiblerole='';
437: foreach $envkey (sort keys %env) {
438: my $button = 1;
439: my $switchserver='';
440: my $roletext;
441: my $sortkey;
442: if ($envkey=~/^user\.role\./) {
443: my ($role,$where,$trolecode,$tstart,$tend,$tremark,$tstatus,$tpstart,$tpend,$tfont);
444: &role_status($envkey,$then,$now,\$role,\$where,\$trolecode,\$tstatus,\$tstart,\$tend);
445: next if (!defined($role) || $role eq '' || $role =~ /^gr/);
446: $tremark='';
447: $tpstart=' ';
448: $tpend=' ';
449: $tfont='#000000';
450: if ($tstart) {
451: $tpstart=&Apache::lonlocal::locallocaltime($tstart);
452: }
453: if ($tend) {
454: $tpend=&Apache::lonlocal::locallocaltime($tend);
455: }
456: if ($env{'request.role'} eq $trolecode) {
457: $tstatus='selected';
458: }
459: my $tbg;
460: if (($tstatus eq 'is') || ($tstatus eq 'selected') ||
461: ($env{'form.showall'})) {
462: if ($tstatus eq 'is') {
463: $tbg='#77FF77';
464: $tfont='#003300';
465: $possiblerole=$trolecode;
466: $countactive++;
467: } elsif ($tstatus eq 'future') {
468: $tbg='#FFFF77';
469: $button=0;
470: } elsif ($tstatus eq 'will') {
471: $tbg='#FFAA77';
472: $tremark.=&mt('Active at next login. ');
473: } elsif ($tstatus eq 'expired') {
474: $tbg='#FF7777';
475: $tfont='#330000';
476: $button=0;
477: } elsif ($tstatus eq 'will_not') {
478: $tbg='#AAFF77';
479: $tremark.=&mt('Expired after logout. ');
480: } elsif ($tstatus eq 'selected') {
481: $tbg='#11CC55';
482: $tfont='#002200';
483: $inrole=1;
484: $countactive++;
485: $tremark.=&mt('Currently selected. ');
486: }
487: my $trole;
488: if ($role =~ /^cr\//) {
489: my ($rdummy,$rdomain,$rauthor,$rrole)=split(/\//,$role);
490: if ($tremark) { $tremark.='<br />'; }
491: $tremark.=&mt('Defined by ').$rauthor.
492: &mt(' at ').$rdomain.'.';
493: $trole=$rrole;
494: } else {
495: $trole=Apache::lonnet::plaintext($role);
496: }
497: my $ttype;
498: my $twhere;
499: my ($tdom,$trest,$tsection)=
500: split(/\//,Apache::lonnet::declutter($where));
501: # First, Co-Authorship roles
502: if (($role eq 'ca') || ($role eq 'aa')) {
503: my $home = &Apache::lonnet::homeserver($trest,$tdom);
504: my $allowed=0;
505: my @ids=&Apache::lonnet::current_machine_ids();
506: foreach my $id (@ids) { if ($id eq $home) { $allowed=1; } }
507: if (!$allowed) {
508: $button=0;
509: $switchserver='otherserver='.$home.'&role='.$trolecode;
510: }
511: #next if ($home eq 'no_host');
512: $home = $Apache::lonnet::hostname{$home};
513: $ttype='Construction Space';
514: $twhere=&mt('User').': '.$trest.'<br />'.&mt('Domain').
515: ': '.$tdom.'<br />'.
516: ' '.&mt('Server').': '.$home;
517: $env{'course.'.$tdom.'_'.$trest.'.description'}='ca';
518: $tremark.=&Apache::lonhtmlcommon::authorbombs('/res/'.$tdom.'/'.$trest.'/');
519: $sortkey=$role."$trest:$tdom";
520: } elsif ($role eq 'au') {
521: # Authors
522: my $home = &Apache::lonnet::homeserver
523: ($env{'user.name'},$env{'user.domain'});
524: my $allowed=0;
525: my @ids=&Apache::lonnet::current_machine_ids();
526: foreach my $id (@ids) { if ($id eq $home) { $allowed=1; } }
527: if (!$allowed) {
528: $button=0;
529: $switchserver='otherserver='.$home.'&role='.$trolecode;
530: }
531: #next if ($home eq 'no_host');
532: $home = $Apache::lonnet::hostname{$home};
533: $ttype='Construction Space';
534: $twhere=&mt('Domain').': '.$tdom.'<br />'.&mt('Server').
535: ': '.$home;
536: $env{'course.'.$tdom.'_'.$trest.'.description'}='ca';
537: $tremark.=&Apache::lonhtmlcommon::authorbombs('/res/'.$tdom.'/'.$env{'user.name'}.'/');
538: $sortkey=$role;
539: } elsif ($trest) {
540: $ttype='Course';
541: my $tcourseid=$tdom.'_'.$trest;
542: if ($env{'course.'.$tcourseid.'.description'}) {
543: $twhere=$env{'course.'.$tcourseid.'.description'};
544: $sortkey=$role."\0".$tdom."\0".$twhere."\0".$envkey;
545: unless ($twhere eq &mt('Currently not available')) {
546: $twhere.=' <font size="-2">'.
547: &Apache::loncommon::syllabuswrapper(&mt('Syllabus'),$trest,$tdom,$tfont).
548: '</font>';
549: }
550: } else {
551: my %newhash=&Apache::lonnet::coursedescription($tcourseid);
552: if (%newhash) {
553: $sortkey=$role."\0".$tdom."\0".$newhash{'description'}.
554: "\0".$envkey;
555: $twhere=$newhash{'description'}.
556: ' <font size="-2">'.
557: &Apache::loncommon::syllabuswrapper(&mt('Syllabus'),$trest,$tdom,$tfont).
558: '</font>';
559: } else {
560: $twhere=&mt('Currently not available');
561: $env{'course.'.$tcourseid.'.description'}=$twhere;
562: $sortkey=$role."\0".$tdom."\0".$twhere."\0".$envkey;
563: }
564: }
565: if ($tsection) {
566: $twhere.='<br />'.&mt('Section/Group').': '.$tsection;
567: }
568:
569: if ($role ne 'st') { $twhere.="<br />".&mt('Domain').":".$tdom; }
570: } elsif ($tdom) {
571: $ttype='Domain';
572: $twhere=$tdom;
573: $sortkey=$role.$twhere;
574: } else {
575: $ttype='System';
576: $twhere=&mt('system wide');
577: $sortkey=$role.$twhere;
578: }
579:
580: $roletext.=&build_roletext($trolecode,$tdom,$trest,$tstatus,$tryagain,$advanced,$tremark,$tbg,$tfont,$trole,$ttype,$twhere,$tpstart,$tpend,$nochoose,$button,$switchserver);
581: $roletext{$envkey}=$roletext;
582: if (!$sortkey) {$sortkey=$twhere."\0".$envkey;}
583: $sortrole{$sortkey}=$envkey;
584: $roleclass{$envkey}=$ttype;
585: }
586: }
587: }
588: # No active roles
589: if ($countactive==0) {
590: if ($inrole) {
591: $r->print('<h2>'.&mt('Currently no additional roles or courses').'</h2>');
592: } else {
593: $r->print('<h2>'.&mt('Currently no active roles or courses').'</h2>');
594: }
595: $r->print('</form>'.&Apache::loncommon::end_page());
596: return OK;
597: # Is there only one choice?
598: } elsif (($countactive==1) && ($env{'request.role'} eq 'cm')) {
599: $r->print('<h3>'.&mt('Please stand by.').'</h3>'.
600: '<input type="hidden" name="'.$possiblerole.'" value="1" />');
601: $r->print("</form>\n");
602: $r->rflush();
603: $r->print('<script>document.forms.rolechoice.submit();</script>');
604: $r->print(&Apache::loncommon::end_page());
605: return OK;
606: }
607: # More than one possible role
608: # ----------------------------------------------------------------------- Table
609: unless (($advanced) || ($nochoose)) {
610: $r->print("<h2>".&mt('Select a Course to Enter')."</h2>\n");
611: }
612: $r->print('<br /><table><tr>');
613: unless ($nochoose) { $r->print('<th> </th>'); }
614: $r->print('<th>'.&mt('User Role').'</th><th>'.&mt('Extent').
615: '</th><th>'.&mt('Start').'</th><th>'.&mt('End').'</th></tr>'."\n");
616: my $doheaders=-1;
617: foreach my $type ('Domain','Construction Space','Course','System') {
618: my $haverole=0;
619: foreach my $which (sort {uc($a) cmp uc($b)} (keys(%sortrole))) {
620: if ($roleclass{$sortrole{$which}} =~ /^\Q$type\E/) {
621: $haverole=1;
622: }
623: }
624: if ($haverole) { $doheaders++; }
625: }
626:
627: if ($env{'environment.recentroles'}) {
628: my %recent_roles =
629: &Apache::lonhtmlcommon::get_recent('roles',$env{'environment.recentrolesn'});
630: my $output='';
631: foreach (sort(keys(%recent_roles))) {
632: if (defined($roletext{'user.role.'.$_})) {
633: $output.=$roletext{'user.role.'.$_};
634: if ($_ =~ m-dc\./(\w+)/- && $dcroles{$1}) {
635: $output .= &allcourses_row($1,'recent');
636: }
637: } elsif ($numdc > 0) {
638: unless ($_ =~/^error\:/) {
639: $output.=&display_cc_role('user.role.'.$_);
640: }
641: }
642: }
643: if ($output) {
644: $r->print("<tr><td align='center' colspan='5'><font face='arial'>".
645: &mt('Recent Roles')."</font></td>");
646: $r->print($output);
647: $r->print("</tr>");
648: $doheaders ++;
649: }
650: }
651:
652: if ($numdc > 0) {
653: $r->print(&coursepick_jscript());
654: $r->print(&Apache::loncommon::coursebrowser_javascript());
655: }
656: foreach my $type ('Construction Space','Domain','Course','System') {
657: my $output;
658: foreach my $which (sort {uc($a) cmp uc($b)} (keys(%sortrole))) {
659: if ($roleclass{$sortrole{$which}} =~ /^\Q$type\E/) {
660: $output.=$roletext{$sortrole{$which}};
661: if ($sortrole{$which} =~ m-dc\./(\w+)/-) {
662: if ($dcroles{$1}) {
663: $output .= &allcourses_row($1,'');
664: }
665: }
666: }
667: }
668: if ($output) {
669: if ($doheaders > 0) {
670: $r->print("<tr>".
671: "<td align='center' colspan='5'><font face='arial'>".&mt($type)."</font></td></tr>");
672: }
673: $r->print($output);
674: }
675: }
676: my $tremark='';
677: my $tfont='#003300';
678: if ($env{'request.role'} eq 'cm') {
679: $r->print('<tr bgcolor="#11CC55">');
680: $tremark=&mt('Currently selected. ');
681: $tfont='#002200';
682: } else {
683: $r->print('<tr bgcolor="#77FF77">');
684: }
685: unless ($nochoose) {
686: if ($env{'request.role'} ne 'cm') {
687: $r->print('<td><input type="submit" value="'.
688: &mt('Select').'" name="cm"></td>');
689: } else {
690: $r->print('<td> </td>');
691: }
692: }
693: $r->print('<td colspan="3"><font color="'.$tfont.'">'.&mt('No role specified').
694: '</font></td><td><font color="'.$tfont.'">'.$tremark.
695: ' </font></td></tr>'."\n");
696:
697: $r->print('</table>');
698: unless ($nochoose) {
699: $r->print("</form>\n");
700: }
701: # ------------------------------------------------------------ Privileges Info
702: if (($advanced) && (($env{'user.error.msg'}) || ($error))) {
703: $r->print('<hr /><h2>Current Privileges</h2>');
704:
705: foreach $envkey (sort keys %env) {
706: if ($envkey=~/^user\.priv\.$env{'request.role'}\./) {
707: my $where=$envkey;
708: $where=~s/^user\.priv\.$env{'request.role'}\.//;
709: my $ttype;
710: my $twhere;
711: my ($tdom,$trest,$tsec)=
712: split(/\//,Apache::lonnet::declutter($where));
713: if ($trest) {
714: if ($env{'course.'.$tdom.'_'.$trest.'.description'} eq 'ca') {
715: $ttype='Construction Space';
716: $twhere='User: '.$trest.', Domain: '.$tdom;
717: } else {
718: $ttype='Course';
719: $twhere=$env{'course.'.$tdom.'_'.$trest.'.description'};
720: if ($tsec) {
721: $twhere.=' (Section/Group: '.$tsec.')';
722: }
723: }
724: } elsif ($tdom) {
725: $ttype='Domain';
726: $twhere=$tdom;
727: } else {
728: $ttype='System';
729: $twhere='/';
730: }
731: $r->print("\n<h3>".$ttype.': '.$twhere.'</h3><ul>');
732: foreach (sort split(/:/,$env{$envkey})) {
733: if ($_) {
734: my ($prv,$restr)=split(/\&/,$_);
735: my $trestr='';
736: if ($restr ne 'F') {
737: my $i;
738: $trestr.=' (';
739: for ($i=0;$i<length($restr);$i++) {
740: $trestr.=
741: Apache::lonnet::plaintext(substr($restr,$i,1));
742: if ($i<length($restr)-1) { $trestr.=', '; }
743: }
744: $trestr.=')';
745: }
746: $r->print('<li>'.
747: Apache::lonnet::plaintext($prv).$trestr.
748: '</li>');
749: }
750: }
751: $r->print('</ul>');
752: }
753: }
754: }
755: $r->print(&Apache::lonnet::getannounce());
756: if ($advanced) {
757: $r->print('<p><small><i>This is LON-CAPA '.
758: $r->dir_config('lonVersion').'</i><br />'.
759: '<a href="/adm/logout">'.&mt('Logout').'</a></small></p>');
760: }
761: $r->print(&Apache::loncommon::end_page());
762: return OK;
763: }
764:
765: sub role_status {
766: my ($rolekey,$then,$now,$role,$where,$trolecode,$tstatus,$tstart,$tend) = @_;
767: my @pwhere = ();
768: if (exists($env{$rolekey}) && $env{$rolekey} ne '') {
769: (undef,undef,$$role,@pwhere)=split(/\./,$rolekey);
770: unless (!defined($$role) || $$role eq '') {
771: $$where=join('.',@pwhere);
772: $$trolecode=$$role.'.'.$$where;
773: ($$tstart,$$tend)=split(/\./,$env{$rolekey});
774: $$tstatus='is';
775: if ($$tstart && $$tstart>$then) {
776: $$tstatus='future';
777: if ($$tstart<$now) { $$tstatus='will'; }
778: }
779: if ($$tend) {
780: if ($$tend<$then) {
781: $$tstatus='expired';
782: } elsif ($$tend<$now) {
783: $$tstatus='will_not';
784: }
785: }
786: }
787: }
788: }
789:
790: sub build_roletext {
791: my ($trolecode,$tdom,$trest,$tstatus,$tryagain,$advanced,$tremark,$tbg,$tfont,$trole,$ttype,$twhere,$tpstart,$tpend,$nochoose,$button,$switchserver) = @_;
792: my $roletext='<tr bgcolor="'.$tbg.'">';
793: my $is_dc=($trolecode =~ m/^dc\./);
794: my $rowspan=($is_dc) ? ''
795: : ' rowspan="2" ';
796:
797: unless ($nochoose) {
798: my $buttonname=$trolecode;
799: $buttonname=~s/\W//g;
800: if (!$button) {
801: if ($switchserver) {
802: $roletext.='<td'.$rowspan.'><a href="/adm/switchserver?'.
803: $switchserver.'">'.&mt('Switch Server').'</a></td>';
804: } else {
805: $roletext.=('<td> </td>');
806: }
807: } elsif ($tstatus eq 'is') {
808: $roletext.='<td'.$rowspan.'><input name="'.$buttonname.'" type="button" value="'.
809: &mt('Select').'" onClick="javascript:enterrole(this.form,\''.
810: $trolecode."','".$buttonname.'\');"></td>';
811: } elsif ($tryagain) {
812: $roletext.=
813: '<td'.$rowspan.'><input name="'.$buttonname.'" type="button" value="'.
814: &mt('Try Selecting Again').'" onClick="javascript:enterrole(this.form,\''.
815: $trolecode."','".$buttonname.'\');"></td>';
816: } elsif ($advanced) {
817: $roletext.=
818: '<td'.$rowspan.'><input name="'.$buttonname.'" type="button" value="'.
819: &mt('Re-Initialize').'" onClick="javascript:enterrole(this.form,\''.
820: $trolecode."','".$buttonname.'\');"></td>';
821: } else {
822: $roletext.='<td'.$rowspan.'> </td>';
823: }
824: }
825: $tremark.=&Apache::lonannounce::showday(time,1,
826: &Apache::lonannounce::readcalendar($tdom.'_'.$trest));
827:
828: $roletext.='<td><font color="'.$tfont.'">'.$trole.
829: '</font></td><td><font color="'.$tfont.'">'.$twhere.
830: '</font></td><td><font color="'.$tfont.'">'.$tpstart.
831: '</font></td><td><font color="'.$tfont.'">'.$tpend.
832: '</font></td></tr>';
833: if (!$is_dc) {
834: $roletext.='<tr bgcolor="'.$tbg.'"><td colspan="4"><font color="'.$tfont.'">'.$tremark.
835: ' </font></td></tr><tr><td colspan="5" height="3"></td></tr>'."\n";
836: }
837: return $roletext;
838: }
839:
840: sub check_privs {
841: my ($cdom,$cnum,$then,$now) = @_;
842: my $cckey = 'user.role.cc./'.$cdom.'/'.$cnum;
843: if ($env{$cckey}) {
844: my ($role,$where,$trolecode,$tstart,$tend,$tremark,$tstatus,$tpstart,$tpend,$tfont);
845: &role_status($cckey,$then,$now,\$role,\$where,\$trolecode,\$tstatus,\$tstart,\$tend);
846: unless (($tstatus eq 'is') || ($tstatus eq 'will_not')) {
847: &set_privileges($cdom,$cnum);
848: }
849: } else {
850: &set_privileges($cdom,$cnum);
851: }
852: }
853:
854: sub check_fordc {
855: my ($dcroles,$then) = @_;
856: my $numdc = 0;
857: if ($env{'user.adv'}) {
858: foreach my $envkey (sort keys %env) {
859: if ($envkey=~/^user\.role\.dc\.\/(\w+)\/$/) {
860: my $dcdom = $1;
861: my $livedc = 1;
862: my ($tstart,$tend)=split(/\./,$env{$envkey});
863: if ($tstart && $tstart>$then) { $livedc = 0; }
864: if ($tend && $tend <$then) { $livedc = 0; }
865: if ($livedc) {
866: $$dcroles{$dcdom} = $envkey;
867: $numdc++;
868: }
869: }
870: }
871: }
872: return $numdc;
873: }
874:
875: sub courselink {
876: my ($dcdom,$rowtype) = @_;
877: my $courseform=&Apache::loncommon::selectcourse_link
878: ('rolechoice','dccourse'.$rowtype.'_'.$dcdom,'dcdomain'.$rowtype.'_'.$dcdom,'coursedesc'.$rowtype.'_'.$dcdom,$dcdom);
879: my $hiddenitems = '<input type="hidden" name="dcdomain'.$rowtype.'_'.$dcdom.'" value="'.$dcdom.'" />'.
880: '<input type="hidden" name="origdom'.$rowtype.'_'.$dcdom.'" value="'.$dcdom.'" />'.
881: '<input type="hidden" name="dccourse'.$rowtype.'_'.$dcdom.'" value="" />'.
882: '<input type="hidden" name="coursedesc'.$rowtype.'_'.$dcdom.'" value="" />';
883: return $courseform.$hiddenitems;
884: }
885:
886: sub coursepick_jscript {
887: my $verify_script = <<"END";
888: <script>
889: function verifyCoursePick(caller) {
890: var numbutton = getIndex(caller)
891: var pickedCourse = document.rolechoice.elements[numbutton+4].value
892: var pickedDomain = document.rolechoice.elements[numbutton+2].value
893: if (document.rolechoice.elements[numbutton+2].value == document.rolechoice.elements[numbutton+3].value) {
894: if (pickedCourse != '') {
895: if (numbutton != -1) {
896: var courseTarget = "cc./"+pickedDomain+"/"+pickedCourse
897: document.rolechoice.elements[numbutton+1].name = courseTarget
898: document.rolechoice.submit()
899: }
900: }
901: else {
902: alert("Please use the 'Select Course' link to open a separate pick course window where you may select the course you wish to enter.");
903: }
904: }
905: else {
906: alert("You can only use this screen to select courses in the current domain")
907: }
908: }
909: function getIndex(caller) {
910: for (var i=0;i<document.rolechoice.elements.length;i++) {
911: if (document.rolechoice.elements[i] == caller) {
912: return i;
913: }
914: }
915: return -1;
916: }
917: </script>
918: END
919: return $verify_script;
920: }
921:
922: sub processpick {
923: my $process_pick = <<"END";
924: <script>
925: function process_pick(dom) {
926: var pickedCourse=opener.document.rolechoice.$env{'form.cnumelement'}.value;
927: var pickedDomain=opener.document.rolechoice.$env{'form.cdomelement'}.value;
928: var okDomain = 0;
929:
930: if (pickedDomain == dom) {
931: if (pickedCourse != '') {
932: var courseTarget = "cc./"+pickedDomain+"/"+pickedCourse
933: opener.document.title='Role selected. Please stand by.';
934: opener.status='Role selected. Please stand by.';
935: opener.document.rolechoice.newrole.value=courseTarget
936: opener.document.rolechoice.submit()
937: }
938: } else {
939: alert("You may only use this screen to select courses in the current domain: "+dom+"\\nPlease return to the roles page window and click the 'Select Course' link for domain: "+pickedDomain+",\\n if you are a Domain Coordinator in that domain, and wish to become a Course Coordinator in a course in the domain");
940: }
941: }
942:
943: </script>
944: END
945: return $process_pick;
946: }
947:
948: sub display_cc_role {
949: my $rolekey = shift;
950: my $roletext;
951: my $advanced = $env{'user.adv'};
952: my $tryagain = $env{'form.tryagain'};
953: unless ($rolekey =~/^error\:/) {
954: if ($rolekey =~ m-^user\.role.cc\./(\w+)/(\w+)$-) {
955: my $tcourseid = $1.'_'.$2;
956: my $trolecode = 'cc./'.$1.'/'.$2;
957: my $trole = Apache::lonnet::plaintext('cc');
958: my $twhere;
959: my $tbg='#77FF77';
960: my $tfont='#003300';
961: my %newhash=&Apache::lonnet::coursedescription($tcourseid);
962: if (%newhash) {
963: $twhere=$newhash{'description'}.
964: ' <font size="-2">'.
965: &Apache::loncommon::syllabuswrapper(&mt('Syllabus'),$2,$1,$tfont).
966: '</font>';
967: } else {
968: $twhere=&mt('Currently not available');
969: $env{'course.'.$tcourseid.'.description'}=$twhere;
970: }
971: $twhere.="<br />".&mt('Domain').":".$1;
972: $roletext = &build_roletext($trolecode,$1,$2,'is',$tryagain,$advanced,'',$tbg,$tfont,$trole,&mt('Course'),$twhere,'','','',1,'');
973: }
974: }
975: return $roletext;
976: }
977:
978: sub allcourses_row {
979: my ($dcdom,$rowtype) = @_;
980: my $ccrole = Apache::lonnet::plaintext('cc');
981: my $selectlink = &courselink($dcdom,$rowtype);
982: my $output = '<tr bgcolor="#77FF77">'.
983: '<td colspan="5">'.
984: '<font color="#002200">'.$ccrole.'</font>'.
985: ' <b>'.$selectlink.'</b>'.
986: ' from '.&mt('Domain').' '.$dcdom.
987: '<tr><td colspan="5" height="3"></td></tr>'."\n";
988: return $output;
989: }
990:
991: sub recent_filename {
992: my $area=shift;
993: return 'nohist_recent_'.&Apache::lonnet::escape($area);
994: }
995:
996: sub set_privileges {
997: my ($dcdom,$pickedcourse) = @_;
998: my $area = '/'.$dcdom.'/'.$pickedcourse;
999: my $role = 'cc';
1000: my $spec = $role.'.'.$area;
1001: my $userroles = &Apache::lonnet::set_arearole($role,$area,'','',$dcdom,$env{'user.name'});
1002: my %ccrole = ();
1003: &Apache::lonnet::standard_roleprivs(\%ccrole,$role,$dcdom,$spec,$pickedcourse,$area);
1004: my ($author,$adv)= &Apache::lonnet::set_userprivs(\$userroles,\%ccrole);
1005: my @newprivs = split/\n/,$userroles;
1006: my %newccroles = ();
1007: foreach (@newprivs) {
1008: my ($key,$val) = split/=/,$_;
1009: $newccroles{$key} = $val;
1010: }
1011: &Apache::lonnet::appenv(%newccroles);
1012: &Apache::lonnet::log($env{'user.domain'},
1013: $env{'user.name'},
1014: $env{'user.home'},
1015: "Role ".$role);
1016: &Apache::lonnet::appenv(
1017: 'request.role' => $spec,
1018: 'request.role.domain' => $dcdom,
1019: 'request.course.sec' => '');
1020: my $tadv=0;
1021: if (&Apache::lonnet::allowed('adv') eq 'F') { $tadv=1; }
1022: &Apache::lonnet::appenv('request.role.adv' => $tadv);
1023: }
1024:
1025: sub courseloadpage {
1026: my ($courseid) = @_;
1027: my $startpage;
1028: my %entry_settings = &Apache::lonnet::get('nohist_whatsnew',
1029: [$courseid.':courseinit']);
1030: my ($tmp) = %entry_settings;
1031: unless ($tmp =~ /^error: 2 /) {
1032: $startpage = $entry_settings{$courseid.':courseinit'};
1033: }
1034: if ($startpage eq '') {
1035: if (exists($env{'environment.course_init_display'})) {
1036: $startpage = $env{'environment.course_init_display'};
1037: }
1038: }
1039: return $startpage;
1040: }
1041:
1042: 1;
1043: __END__
1044:
1045: =head1 NAME
1046:
1047: Apache::lonroles - User Roles Screen
1048:
1049: =head1 SYNOPSIS
1050:
1051: Invoked by /etc/httpd/conf/srm.conf:
1052:
1053: <Location /adm/roles>
1054: PerlAccessHandler Apache::lonacc
1055: SetHandler perl-script
1056: PerlHandler Apache::lonroles
1057: ErrorDocument 403 /adm/login
1058: ErrorDocument 500 /adm/errorhandler
1059: </Location>
1060:
1061: =head1 OVERVIEW
1062:
1063: =head2 Choosing Roles
1064:
1065: C<lonroles> is a handler that allows a user to switch roles in
1066: mid-session. LON-CAPA attempts to work with "No Role Specified", the
1067: default role that a user has before selecting a role, as widely as
1068: possible, but certain handlers for example need specification which
1069: course they should act on, etc. Both in this scenario, and when the
1070: handler determines via C<lonnet>'s C<&allowed> function that a certain
1071: action is not allowed, C<lonroles> is used as error handler. This
1072: allows the user to select another role which may have permission to do
1073: what they were trying to do. C<lonroles> can also be accessed via the
1074: B<CRS> button in the Remote Control.
1075:
1076: =begin latex
1077:
1078: \begin{figure}
1079: \begin{center}
1080: \includegraphics[width=0.45\paperwidth,keepaspectratio]{Sample_Roles_Screen}
1081: \caption{\label{Sample_Roles_Screen}Sample Roles Screen}
1082: \end{center}
1083: \end{figure}
1084:
1085: =end latex
1086:
1087: =head2 Role Initialization
1088:
1089: The privileges for a user are established at login time and stored in the session environment. As a consequence, a new role does not become active till the next login. Handlers are able to query for privileges using C<lonnet>'s C<&allowed> function. When a user first logs in, their role is the "common" role, which means that they have the sum of all of their privileges. During a session it might become necessary to choose a particular role, which as a consequence also limits the user to only the privileges in that particular role.
1090:
1091: =head1 INTRODUCTION
1092:
1093: This module enables a user to select what role he wishes to
1094: operate under (instructor, student, teaching assistant, course
1095: coordinator, etc). These roles are pre-established by the actions
1096: of upper-level users.
1097:
1098: This is part of the LearningOnline Network with CAPA project
1099: described at http://www.lon-capa.org.
1100:
1101: =head1 HANDLER SUBROUTINE
1102:
1103: This routine is called by Apache and mod_perl.
1104:
1105: =over 4
1106:
1107: =item *
1108:
1109: Roles Initialization (yes/no)
1110:
1111: =item *
1112:
1113: Get Error Message from Environment
1114:
1115: =item *
1116:
1117: Who is this?
1118:
1119: =item *
1120:
1121: Generate Page Output
1122:
1123: =item *
1124:
1125: Choice or no choice
1126:
1127: =item *
1128:
1129: Table
1130:
1131: =item *
1132:
1133: Privileges
1134:
1135: =back
1136:
1137: =cut
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>