--- loncom/auth/lonacc.pm	2006/06/02 19:38:21	1.78
+++ loncom/auth/lonacc.pm	2006/08/04 21:31:53	1.91
@@ -1,7 +1,7 @@
 # The LearningOnline Network
 # Cookie Based Access Handler
 #
-# $Id: lonacc.pm,v 1.78 2006/06/02 19:38:21 albertel Exp $
+# $Id: lonacc.pm,v 1.91 2006/08/04 21:31:53 albertel Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -35,8 +35,10 @@ use Apache::File;
 use Apache::lonnet;
 use Apache::loncommon();
 use Apache::lonlocal;
+use Apache::restrictedaccess();
 use CGI::Cookie();
 use Fcntl qw(:flock);
+use LONCAPA;
 
 sub cleanup {
     my ($r)=@_;
@@ -135,7 +137,6 @@ sub get_posted_cgi {
     $r->headers_in->unset('Content-length');
 }
 
-
 sub handler {
     my $r = shift;
     my $requrl=$r->uri;
@@ -197,13 +198,17 @@ sub handler {
 	    &Apache::lonacc::get_posted_cgi($r);
 
 # ---------------------------------------------------------------- Check access
-
+            my $now = time;
             if ($requrl!~/^\/adm|public|prtspool\//) {
 		my $access=&Apache::lonnet::allowed('bre',$requrl);
                 if ($access eq '1') {
 		   $env{'user.error.msg'}="$requrl:bre:0:0:Choose Course";
 	           return HTTP_NOT_ACCEPTABLE; 
                 }
+		if ($access eq 'A') {
+		    &Apache::restrictedaccess::setup_handler($r);
+		    return OK;
+                }
                 if (($access ne '2') && ($access ne 'F')) {
 		   $env{'user.error.msg'}="$requrl:bre:1:1:Access Denied";
 	           return HTTP_NOT_ACCEPTABLE; 
@@ -219,8 +224,9 @@ sub handler {
 	    }
 	    if ($env{'user.name'} eq 'public' && 
 		$env{'user.domain'} eq 'public' &&
-		$requrl !~ m{^/+(res|public)/} &&
-		$requrl !~ m{^/+adm/(help|logout|randomlabel\.png)}) {
+		$requrl !~ m{^/+(res|public|uploaded)/} &&
+		$requrl !~ m{^/adm/[^/]+/[^/]+/aboutme/portfolio$} &&
+		$requrl !~ m{^/+adm/(help|logout|restrictedaccess|randomlabel\.png)}) {
 		$env{'request.querystring'}=$r->args;
 		$env{'request.firsturl'}=$requrl;
 		return FORBIDDEN;
@@ -288,7 +294,7 @@ sub handler {
         } else { 
             $r->log_reason("Cookie $handle not valid", $r->filename); 
         }
-    }
+	}
 
 # -------------------------------------------- See if this is a public resource
     if ($requrl=~m|^/public/|
@@ -308,8 +314,21 @@ sub handler {
         return OK;
     }
     if ($requrl=~m|^/+adm/+help/+|) {
-	return OK;
+ 	return OK;
     }
+# ------------------------------------ See if this is a viewable portfolio file
+    if (&Apache::lonnet::is_portfolio_url($requrl)) {
+	my $access=&Apache::lonnet::allowed('bre',$requrl);
+	if ($access eq 'A') {
+	    &Apache::restrictedaccess::setup_handler($r);
+	    return OK;
+	}
+	if (($access ne '2') && ($access ne 'F')) {
+	    $env{'user.error.msg'}="$requrl:bre:1:1:Access Denied";
+	    return HTTP_NOT_ACCEPTABLE;
+	}
+    }
+
 # -------------------------------------------------------------- Not authorized
     $requrl=~/\.(\w+)$/;
 #    if ((&Apache::loncommon::fileembstyle($1) eq 'ssi') ||