[LON-CAPA-cvs] cvs: rat / lonpage.pm loncom/interface lonmenu.pm lonsource.pm
raeburn
raeburn at source.lon-capa.org
Mon Feb 17 18:04:24 EST 2020
raeburn Mon Feb 17 23:04:24 2020 EDT
Modified files:
/loncom/interface lonmenu.pm lonsource.pm
/rat lonpage.pm
Log:
- "View Source" icon/link shown for section-specific roles with vxc priv.
Index: loncom/interface/lonmenu.pm
diff -u loncom/interface/lonmenu.pm:1.500 loncom/interface/lonmenu.pm:1.501
--- loncom/interface/lonmenu.pm:1.500 Sat Jan 18 04:37:10 2020
+++ loncom/interface/lonmenu.pm Mon Feb 17 23:04:18 2020
@@ -1,7 +1,7 @@
# The LearningOnline Network with CAPA
# Routines to control the menu
#
-# $Id: lonmenu.pm,v 1.500 2020/01/18 04:37:10 raeburn Exp $
+# $Id: lonmenu.pm,v 1.501 2020/02/17 23:04:18 raeburn Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -1365,17 +1365,20 @@
if ((($cfile eq '') || (!$editbutton)) &&
($resurl =~ /$LONCAPA::assess_re/)) {
my $showurl = &Apache::lonnet::clutter($resurl);
+ my $crs_sec = $env{'request.course.id'} . (($env{'request.course.sec'} ne '')
+ ? "/$env{'request.course.sec'}"
+ : '');
if ((&Apache::lonnet::allowed('cre','/')) &&
(&Apache::lonnet::metadata($resurl,'sourceavail') eq 'open')) {
$viewsrcbutton = 1;
- } elsif (&Apache::lonnet::allowed('vxc',$env{'request.course.id'})) {
+ } elsif (&Apache::lonnet::allowed('vxc',$crs_sec)) {
if ($showurl =~ m{^\Q/res/$cdom/\E($match_username)/}) {
my $auname = $1;
if (($env{'request.course.adhocsrcaccess'} ne '') &&
(grep(/^\Q$auname\E$/,split(/,/,$env{'request.course.adhocsrcaccess'})))) {
$viewsrcbutton = 1;
} elsif ((&Apache::lonnet::metadata($resurl,'sourceavail') eq 'open') &&
- (&Apache::lonnet::allowed('bre','/'))) {
+ (&Apache::lonnet::allowed('bre',$crs_sec))) {
$viewsrcbutton = 1;
}
}
Index: loncom/interface/lonsource.pm
diff -u loncom/interface/lonsource.pm:1.39 loncom/interface/lonsource.pm:1.40
--- loncom/interface/lonsource.pm:1.39 Mon Feb 3 19:02:18 2020
+++ loncom/interface/lonsource.pm Mon Feb 17 23:04:18 2020
@@ -1,7 +1,7 @@
# The LearningOnline Network with CAPA
# Source Code handler
#
-# $Id: lonsource.pm,v 1.39 2020/02/03 19:02:18 raeburn Exp $
+# $Id: lonsource.pm,v 1.40 2020/02/17 23:04:18 raeburn Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -354,14 +354,14 @@
if ($viewonly) {
my $canview;
- $filename =~ s/\.\.//g;
- $filename =~ s/\~//g;
- $filename =~ s/\/+/\//g;
- if (($env{'request.course.id'}) && (&Apache::lonnet::is_on_map($filename))) {
- if ((&Apache::lonnet::metadata(&Apache::lonenc::check_decrypt($filename),'sourceavail') eq 'open') &&
- (&Apache::lonnet::allowed('cre','/'))) {
- $canview = 1;
- } elsif (&Apache::lonnet::allowed('vxc',$env{'request.course.id'})) {
+ if ((&Apache::lonnet::metadata($filename,'sourceavail') eq 'open') &&
+ (&Apache::lonnet::allowed('cre','/'))) {
+ $canview = 1;
+ } elsif (($env{'request.course.id'}) && (&Apache::lonnet::is_on_map($filename))) {
+ my $crs_sec = $env{'request.course.id'} . (($env{'request.course.sec'} ne '')
+ ? "/$env{'request.course.sec'}"
+ : '');
+ if (&Apache::lonnet::allowed('vxc',$crs_sec)) {
my $cdom = $env{'course.'.$env{'request.course.id'}.'.domain'};
&Apache::lonenc::check_decrypt(\$filename);
if (($env{'request.role.domain'} eq $cdom) && ($filename =~ /$LONCAPA::assess_re/)) {
@@ -371,7 +371,7 @@
$canview = 1;
} elsif ((&Apache::lonnet::metadata($filename,'sourceavail') eq 'open') &&
($filename =~ m{^\Q/res/$cdom/}) &&
- (&Apache::lonnet::allowed('bre','/'))) {
+ (&Apache::lonnet::allowed('bre',$crs_sec))) {
$canview = 1;
}
}
@@ -389,11 +389,9 @@
$env{'user.error.msg'}="$shownfilename:bre:1:1:Access to resource denied";
return HTTP_NOT_ACCEPTABLE;
}
- unless ($viewonly) {
- unless (&Apache::lonnet::allowed('cre','/')) {
- $env{'user.error.msg'}="$shownfilename:cre:1:1:Access to source code denied";
- return HTTP_NOT_ACCEPTABLE;
- }
+ unless (($viewonly) || (&Apache::lonnet::allowed('cre','/'))) {
+ $env{'user.error.msg'}="$shownfilename:cre:1:1:Access to source code denied";
+ return HTTP_NOT_ACCEPTABLE;
}
my $newpath = $env{'form.newpath'};
Index: rat/lonpage.pm
diff -u rat/lonpage.pm:1.130 rat/lonpage.pm:1.131
--- rat/lonpage.pm:1.130 Mon Feb 17 16:12:35 2020
+++ rat/lonpage.pm Mon Feb 17 23:04:24 2020
@@ -1,7 +1,7 @@
# The LearningOnline Network with CAPA
# Page Handler
#
-# $Id: lonpage.pm,v 1.130 2020/02/17 16:12:35 raeburn Exp $
+# $Id: lonpage.pm,v 1.131 2020/02/17 23:04:24 raeburn Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -898,6 +898,10 @@
return;
}
}
+ my $crs_sec = $env{'request.course.id'} . (($env{'request.course.sec'} ne '')
+ ? "/$env{'request.course.sec'}"
+ : '');
+
if ($hash->{'encrypted_'.$rid}) {
$symb=&Apache::lonenc::encrypted($symb);
$esrc=&Apache::lonenc::encrypted($esrc);
@@ -985,14 +989,14 @@
if ((&Apache::lonnet::allowed('cre','/')) &&
(&Apache::lonnet::metadata($url,'sourceavail') eq 'open')) {
$viewsrcbutton = 1;
- } elsif (&Apache::lonnet::allowed('vxc',$env{'request.course.id'})) {
+ } elsif (&Apache::lonnet::allowed('vxc',$crs_sec)) {
if ($url =~ m{^\Q/res/$cdom/\E($LONCAPA::match_username)/}) {
my $auname = $1;
if (($env{'request.course.adhocsrcaccess'} ne '') &&
(grep(/^\Q$auname\E$/,split(/,/,$env{'request.course.adhocsrcaccess'})))) {
$viewsrcbutton = 1;
} elsif ((&Apache::lonnet::metadata($url,'sourceavail') eq 'open') &&
- (&Apache::lonnet::allowed('bre','/'))) {
+ (&Apache::lonnet::allowed('bre',$crs_sec))) {
$viewsrcbutton = 1;
}
}
More information about the LON-CAPA-cvs
mailing list