[LON-CAPA-cvs] cvs: rat / lonpage.pm loncom/auth lonroles.pm roles.tab rolesplain.tab loncom/interface lonmenu.pm lonsource.pm
raeburn
raeburn at source.lon-capa.org
Fri Sep 29 15:18:19 EDT 2017
raeburn Fri Sep 29 19:18:19 2017 EDT
Modified files:
/loncom/interface lonsource.pm lonmenu.pm
/loncom/auth lonroles.pm roles.tab rolesplain.tab
/rat lonpage.pm
Log:
- In course context the Functions menu will include a "View source" item/icon
for a published assessment item, if the user does not have rights to edit,
and either of the following are true:
(a) user has a cre priv, and content has source set to "open",
(b) user has vxc priv (View XML of assessments in course where
course owner/co-owner is author/co-author of content).
- vxc priv is assignable to custom role, including ad hoc custom roles
which can be made available to users with domain helpdesk role.
-------------- next part --------------
Index: loncom/interface/lonsource.pm
diff -u loncom/interface/lonsource.pm:1.36 loncom/interface/lonsource.pm:1.37
--- loncom/interface/lonsource.pm:1.36 Mon Sep 18 16:58:08 2017
+++ loncom/interface/lonsource.pm Fri Sep 29 19:18:10 2017
@@ -1,7 +1,7 @@
# The LearningOnline Network with CAPA
# Source Code handler
#
-# $Id: lonsource.pm,v 1.36 2017/09/18 16:58:08 raeburn Exp $
+# $Id: lonsource.pm,v 1.37 2017/09/29 19:18:10 raeburn Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -37,6 +37,7 @@
use Apache::lonsequence();
use Apache::Constants qw(:common :http);
use Apache::lonmeta;
+use Apache::lonenc();
use Apache::File;
use Apache::lonlocal;
use HTML::Entities;
@@ -196,16 +197,27 @@
}
sub print_item {
- my ($r,$filename,$listname) = @_;
- my $file_output =
- &includemeta(&Apache::lonnet::getfile($Apache::lonnet::perlvar{'lonDocRoot'}.$filename),
- $filename);
+ my ($r,$filename,$listname,$context) = @_;
+ my $file_output;
+ if ($context eq 'view') {
+ $file_output =
+ &Apache::lonnet::getfile($Apache::lonnet::perlvar{'lonDocRoot'}.$filename);
+ } else {
+ $file_output =
+ &includemeta(&Apache::lonnet::getfile($Apache::lonnet::perlvar{'lonDocRoot'}.$filename),
+ $filename);
+ }
$r->print(&Apache::loncommon::start_page('View Source Code',undef,
{'only_body' => 1}));
if ($file_output ne '') {
my $access_to_cstr;
my $lonhost = $r->dir_config('lonHostID');
- if (&Apache::lonnet::is_library($lonhost)) {
+ if ($context eq 'view') {
+ $r->print('<form name="view" action="" target="_parent" method="post"><span class="LC_info">'.
+ &mt('Source code is displayed below.').
+ '</span>'.(' ' x4).'<input type="button" name="close" onclick="window.close();"'.
+ ' value="'.&mt('Close Window').'" /></form><hr />');
+ } elsif (&Apache::lonnet::is_library($lonhost)) {
my @possdoms = &Apache::lonnet::current_machine_domains();
foreach my $dom (@possdoms) {
if ($env{"user.role.au./$dom/"}) {
@@ -332,29 +344,61 @@
sub handler {
my $r=shift;
&Apache::loncommon::get_unprocessed_cgi($ENV{'QUERY_STRING'},
- ['filename','listname']);
+ ['filename','listname','viewonly']);
my $filename = $env{'form.filename'};
+ my $shownfilename = $filename;
+ $shownfilename =~ s/(`)/'/g;
+ $shownfilename =~ s/\$/\(\$\)/g;
my $listname = $env{'form.listname'};
+ my $viewonly = $env{'form.viewonly'};
- my $source = &Apache::lonnet::metadata($filename,'sourceavail');
- if ($source ne 'open') {
- $env{'user.error.msg'}="$filename:cre:1:1:Source code not available";
+ if ($viewonly) {
+ my $canview;
+ $filename =~ s/\.\.//g;
+ $filename =~ s/\~//g;
+ $filename =~ s/\/+/\//g;
+ if (($env{'request.course.id'}) && (&Apache::lonnet::is_on_map($filename))) {
+ if ((&Apache::lonnet::metadata(&Apache::lonenc::check_decrypt($filename)) eq 'open') &&
+ (&Apache::lonnet::allowed('cre','/'))) {
+ $canview = 1;
+ } elsif (&Apache::lonnet::allowed('vxc',$env{'request.course.id'})) {
+ my $cdom = $env{'course.'.$env{'request.course.id'}.'.domain'};
+ &Apache::lonenc::check_decrypt(\$filename);
+ if (($env{'request.role.domain'} eq $cdom) && ($filename =~ /$LONCAPA::assess_re/)) {
+ my ($auname) = ($filename =~ m{^\Q/res/$cdom/\E($match_username)/});
+ if (($env{'request.course.adhocsrcaccess'} ne '') &&
+ (grep(/^\Q$auname\E$/,split(/,/,$env{'request.course.adhocsrcaccess'})))) {
+ $canview = 1;
+ }
+ }
+ }
+ }
+ unless ($canview) {
+ $env{'user.error.msg'}="$shownfilename:cre:1:1:Source code not available";
+ return HTTP_NOT_ACCEPTABLE;
+ }
+ } elsif (&Apache::lonnet::metadata($filename,'sourceavail') ne 'open') {
+ $env{'user.error.msg'}="$shownfilename:cre:1:1:Source code not available";
return HTTP_NOT_ACCEPTABLE;
}
unless (&Apache::lonnet::allowed('bre',$filename)) {
- $env{'user.error.msg'}="$filename:bre:1:1:Access to resource denied";
+ $env{'user.error.msg'}="$shownfilename:bre:1:1:Access to resource denied";
return HTTP_NOT_ACCEPTABLE;
}
- unless (&Apache::lonnet::allowed('cre','/')) {
- $env{'user.error.msg'}="$filename:cre:1:1:Access to source code denied";
- return HTTP_NOT_ACCEPTABLE;
+ unless ($viewonly) {
+ unless (&Apache::lonnet::allowed('cre','/')) {
+ $env{'user.error.msg'}="$shownfilename:cre:1:1:Access to source code denied";
+ return HTTP_NOT_ACCEPTABLE;
+ }
}
my $newpath = $env{'form.newpath'};
&Apache::loncommon::content_type($r,'text/html');
$r->send_http_header;
- if ($env{'form.action'} eq 'stage2') {
+ if ($viewonly) {
+ &print_item($r,$filename,$listname,'view');
+ } elsif ($env{'form.action'} eq 'stage2') {
&stage_2($r,$filename,$listname);
} elsif($env{'form.action'} eq 'copy_stage') {
©_stage($r,$filename,$listname,$newpath);
Index: loncom/interface/lonmenu.pm
diff -u loncom/interface/lonmenu.pm:1.479 loncom/interface/lonmenu.pm:1.480
--- loncom/interface/lonmenu.pm:1.479 Sun Sep 10 00:11:27 2017
+++ loncom/interface/lonmenu.pm Fri Sep 29 19:18:10 2017
@@ -1,7 +1,7 @@
# The LearningOnline Network with CAPA
# Routines to control the menu
#
-# $Id: lonmenu.pm,v 1.479 2017/09/10 00:11:27 raeburn Exp $
+# $Id: lonmenu.pm,v 1.480 2017/09/29 19:18:10 raeburn Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -1114,8 +1114,9 @@
}
my $editbutton = '';
+ my $viewsrcbutton = '';
#
-# Determine whether or not to display 'Edit' icon/button
+# Determine whether or not to display 'Edit' or 'View Source' icon/button
#
if ($resurl =~ m{^/?adm/($match_domain)/($match_username)/aboutme$}) {
my $file=&Apache::lonnet::declutter($env{'request.filename'});
@@ -1199,6 +1200,26 @@
$forceedit,$forceview,$forcereg,
$hostname);
}
+ if ((($cfile eq '') || (!$editbutton)) &&
+ ($resurl =~ /$LONCAPA::assess_re/)) {
+ my $showurl = &Apache::lonnet::clutter($resurl);
+ if ((&Apache::lonnet::allowed('cre','/')) &&
+ (&Apache::lonnet::metadata($resurl,'sourceavail') eq 'open')) {
+ $viewsrcbutton = 1;
+ } elsif (&Apache::lonnet::allowed('vxc',$env{'request.course.id'})) {
+ if ($showurl =~ m{^\Q/res/$cdom/\E($match_username)/}) {
+ my $auname = $1;
+ if (($env{'request.course.adhocsrcaccess'} ne '') &&
+ (grep(/^\Q$auname\E$/,split(/,/,$env{'request.course.adhocsrcaccess'})))) {
+ $viewsrcbutton = 1;
+ }
+ }
+ }
+ if ($viewsrcbutton) {
+ &switch('','',6,1,'pcstr.png','View Source','resource[_2]','open_source()',
+ 'View source code');
+ }
+ }
}
}
}
@@ -1276,7 +1297,7 @@
&advtools_crumbs(@inlineremote);
return $editbutton;
} elsif ($env{'request.registered'}) {
- return $editbutton;
+ return $editbutton || $viewsrcbutton;
} else {
if (ref($bread_crumbs) eq 'ARRAY') {
if (@inlineremote > 0) {
@@ -2083,6 +2104,12 @@
newWin.focus();
}
+function open_source() {
+ var url = escape(window.location.pathname);
+ sourcewin=window.open('/adm/source?inhibitmenu=yes&viewonly=1&filename='+url,'LONsource',
+ 'height=500,width=600,resizable=yes,location=no,menubar=no,toolbar=no,scrollbars=yes');
+}
+
(function (\$) {
\$(document).ready(function () {
\$.single=function(a){return function(b){a[0]=b;return a}}(\$([1]));
Index: loncom/auth/lonroles.pm
diff -u loncom/auth/lonroles.pm:1.333 loncom/auth/lonroles.pm:1.334
--- loncom/auth/lonroles.pm:1.333 Tue Aug 8 20:10:55 2017
+++ loncom/auth/lonroles.pm Fri Sep 29 19:18:14 2017
@@ -1,7 +1,7 @@
# The LearningOnline Network with CAPA
# User Roles Screen
#
-# $Id: lonroles.pm,v 1.333 2017/08/08 20:10:55 raeburn Exp $
+# $Id: lonroles.pm,v 1.334 2017/09/29 19:18:14 raeburn Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -584,6 +584,25 @@
{$env{'user.name'}.':'.$env{'user.domain'}.
':'.$csec.':'.$role => $now},$cdom,$cnum);
}
+ if (($env{"environment.internal.$cdom.$cnum.$role.adhoc"}) &&
+ (&Apache::lonnet::allowed('vxc',$cdom.'_'.$cnum))) {
+ my $owner = $env{'course.'.$cdom.'_'.$cnum.'.internal.courseowner'};
+ my @coowners = split(/,/,$env{'course.'.$env{'request.course.id'}.'.internal.co-owners'});
+ my %auaccess;
+ foreach my $user ($owner, at coowners) {
+ my ($cpname,$cpdom) = split(/:/,$user);
+ my %auroles = &Apache::lonnet::get_my_roles($cpname,$cpdom,'userroles',undef,['au','ca','aa'],[$cdom]);
+ foreach my $key (keys(%auroles)) {
+ my ($auname,$audom,$aurole) = split(/:/,$key);
+ if ($aurole eq 'au') {
+ $auaccess{$cpname} = 1;
+ } else {
+ $auaccess{$auname} = 1;
+ }
+ }
+ }
+ &Apache::lonnet::appenv({'request.course.adhocsrcaccess' => join(',',sort(keys(%auaccess))) });
+ }
my ($feeds,$syllabus_time);
&Apache::lonrss::advertisefeeds($cnum,$cdom,undef,\$feeds);
&Apache::lonnet::appenv({'request.course.feeds' => $feeds});
Index: loncom/auth/roles.tab
diff -u loncom/auth/roles.tab:1.70 loncom/auth/roles.tab:1.71
--- loncom/auth/roles.tab:1.70 Sat Jan 28 03:48:52 2017
+++ loncom/auth/roles.tab Fri Sep 29 19:18:14 2017
@@ -14,7 +14,7 @@
ep:c bre&R:mgr&R:mqg&R:dcm:evb:las:pav:pfo
cr:s adv&SR:bre&S:bro&S
cr:d sma
-cr:c bre&R:vgr&SCR:mgr&SCR:mqg&SCR:mgq&SCR:gan&SCR:dcm&SC:vcb&SC:evb&SC:srm&SC:dff&SC:pch:plc:dch&S:pac:rin&S:las&SR:opa&SR:vpa&SR:mdc&SR:cst&IK:vcl&C:pav&C:pfo&C:whn&C:vsa&C:vcg&C:cev&C
+cr:c bre&R:vgr&SCR:mgr&SCR:mqg&SCR:mgq&SCR:gan&SCR:dcm&SC:vcb&SC:evb&SC:srm&SC:dff&SC:pch:plc:dch&S:pac:rin&S:las&SR:opa&SR:vpa&SR:mdc&SR:cst&IK:vcl&C:pav&C:pfo&C:whn&C:vsa&C:vcg&C:cev&C:vxc&SC
st:d sma&L
st:c bre&RXL:pch&CL:plc&CL:pac&CL
ad:s adv
Index: loncom/auth/rolesplain.tab
diff -u loncom/auth/rolesplain.tab:1.51 loncom/auth/rolesplain.tab:1.52
--- loncom/auth/rolesplain.tab:1.51 Sat Jan 28 03:48:52 2017
+++ loncom/auth/rolesplain.tab Fri Sep 29 19:18:14 2017
@@ -65,6 +65,7 @@
vsa:View student activity
vcl:View class list
cev:View-only access to course editing tools:View-only access to community editing tools
+vxc:View XML of assessments in course where course owner/co-owner is author/co-author of content
mgr:Modify grades
mqg:Grade items in grading queue
mgq:Modify grade queue
Index: rat/lonpage.pm
diff -u rat/lonpage.pm:1.124 rat/lonpage.pm:1.125
--- rat/lonpage.pm:1.124 Mon Sep 11 12:30:55 2017
+++ rat/lonpage.pm Fri Sep 29 19:18:18 2017
@@ -1,7 +1,7 @@
# The LearningOnline Network with CAPA
# Page Handler
#
-# $Id: lonpage.pm,v 1.124 2017/09/11 12:30:55 raeburn Exp $
+# $Id: lonpage.pm,v 1.125 2017/09/29 19:18:18 raeburn Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -42,6 +42,7 @@
use Apache::lonmenu;
use Apache::lonhomework;
use Apache::lonparmset;
+use Apache::lonenc();
use HTML::TokeParser;
use GDBM_File;
use Apache::lonsequence;
@@ -947,24 +948,61 @@
'</a>';
}
}
- if (($env{'request.course.id'}) && (&Apache::lonnet::allowed('mdc',$env{'request.course.id'}))) {
+ if ($env{'request.course.id'}) {
my $cdom = $env{'course.'.$env{'request.course.id'}.'.domain'};
my $cnum = $env{'course.'.$env{'request.course.id'}.'.num'};
my $file=&Apache::lonnet::declutter($hash->{'src_'.$rid});
- my ($cfile,$home,$switchserver,$forceedit,$forceview) =
- &Apache::lonnet::can_edit_resource($file,$cnum,$cdom,$hash->{'src_'.$rid},$symb);
- if ($cfile ne '') {
- my $jscall = &Apache::lonhtmlcommon::jump_to_editres($cfile,$home,$switchserver,
- $forceedit,1,$symb,undef,
- &escape($env{'form.title'}),
- $hostname);
- if ($jscall) {
+ my $editbutton = '';
+ if (&Apache::lonnet::allowed('mdc',$env{'request.course.id'})) {
+ my ($cfile,$home,$switchserver,$forceedit,$forceview) =
+ &Apache::lonnet::can_edit_resource($file,$cnum,$cdom,$hash->{'src_'.$rid},$symb);
+ if ($cfile ne '') {
+ my $jscall = &Apache::lonhtmlcommon::jump_to_editres($cfile,$home,$switchserver,
+ $forceedit,1,$symb,undef,
+ &escape($env{'form.title'}),
+ $hostname);
+ if ($jscall) {
+ $editbutton = 1;
+ my $icon = 'pcstr.png';
+ my $label = &mt('Edit');
+ my $title = &mt('Edit this resource');
+ my $pic = '<img src="'.&Apache::loncommon::lonhttpdurl('/res/adm/pages/'.$icon).'"'.
+ ' class="LC_icon" alt="'.$label.'" title="'.$title.'" />';
+ $metainfo .= ' <a href="javascript:'.$jscall.';">'.$pic.'</a>';
+ }
+ }
+ }
+ if ((!$editbutton) && ($file=~/$LONCAPA::assess_re/)) {
+ my $url = &Apache::lonnet::clutter($file);
+ my $viewsrcbutton;
+ if ((&Apache::lonnet::allowed('cre','/')) &&
+ (&Apache::lonnet::metadata($url,'sourceavail') eq 'open')) {
+ $viewsrcbutton = 1;
+ } elsif (&Apache::lonnet::allowed('vxc',$env{'request.course.id'})) {
+ if ($url =~ m{^\Q/res/$cdom/\E($LONCAPA::match_username)/}) {
+ my $auname = $1;
+ if (($env{'request.course.adhocsrcaccess'} ne '') &&
+ (grep(/^\Q$auname\E$/,split(/,/,$env{'request.course.adhocsrcaccess'})))) {
+ $viewsrcbutton = 1;
+ }
+ }
+ }
+ if ($viewsrcbutton) {
my $icon = 'pcstr.png';
- my $label = &mt('Edit');
- my $title = &mt('Edit this resource');
+ my $label = &mt('View Source');
+ my $title = &mt('View source code');
+ my $jsrid = $rid;
+ $jsrid =~ s/\./_/g;
+ my $showurl = &escape(&Apache::lonenc::check_encrypt($url));
my $pic = '<img src="'.&Apache::loncommon::lonhttpdurl('/res/adm/pages/'.$icon).'"'.
' class="LC_icon" alt="'.$label.'" title="'.$title.'" />';
- $metainfo .= ' <a href="javascript:'.$jscall.';">'.$pic.'</a>';
+ $metainfo .= ' <a href="javascript:open_source_'.$jsrid.'();">'.$pic.'</a>'."\n".
+ '<script type="text/javascript">'."\n".
+ "function open_source_$jsrid() {\n".
+ " sourcewin=window.open('/adm/source?inhibitmenu=yes&viewonly=1&filename=$showurl','LONsource',".
+ "'height=500,width=600,resizable=yes,location=no,menubar=no,toolbar=no,scrollbars=yes');\n".
+ "}\n".
+ "</script>\n";
}
}
}
More information about the LON-CAPA-cvs
mailing list