loncom/auth/lonacc.pm - diff

Return to lonacc.pm CVS log

Up to [LON-CAPA] / loncom / auth

Diff for /loncom/auth/lonacc.pm between versions 1.82 and 1.88

version 1.82, 2006/06/30 02:58:38	version 1.88, 2006/07/21 16:07:48
Line 35 use Apache::File;	Line 35 use Apache::File;
use Apache::lonnet;	use Apache::lonnet;
use Apache::loncommon();	use Apache::loncommon();
use Apache::lonlocal;	use Apache::lonlocal;
	use Apache::restrictedaccess();
use CGI::Cookie();	use CGI::Cookie();
use Fcntl qw(:flock);	use Fcntl qw(:flock);
	use LONCAPA;

sub cleanup {	sub cleanup {
my ($r)=@_;	my ($r)=@_;
Line 136 sub get_posted_cgi {	Line 138 sub get_posted_cgi {
}	}

sub portfolio_access {	sub portfolio_access {
	my ($r,$requrl) = @_;
	my $access=&Apache::lonnet::allowed('bre',$requrl);
	if ($access eq '2' \|\| $access eq 'F') {
	return OK;
	}
	my (undef,$udom,$unum,$file_name,$group) = &parse_portfolio_url($requrl);
	my $result = &get_portfolio_access($udom,$unum,$file_name,$group);
	&Apache::lonnet::logthis("got pa of $result");
	if ($result eq 'ok') {
	return OK;
	} elsif ($result =~ /^[^:]+:guest_/) {
	&Apache::lonnet::logthis("doign pac $result");
	&passphrase_access_checker($r,$result,$requrl);
	return OK;
	}
	return undef;
	}

	sub get_portfolio_access {
my ($udom,$unum,$file_name,$group) = @_;	my ($udom,$unum,$file_name,$group) = @_;

my $current_perms = &Apache::lonnet::get_portfile_permissions($udom,$unum);	my $current_perms = &Apache::lonnet::get_portfile_permissions($udom,$unum);
my %access_controls = &Apache::lonnet::get_access_controls(	my %access_controls = &Apache::lonnet::get_access_controls(
$current_perms,$group,$file_name);	$current_perms,$group,$file_name);
Line 172 sub portfolio_access {	Line 194 sub portfolio_access {
}	}
if ($env{'user.name'} eq 'public' && $env{'user.domain'} eq 'public') {	if ($env{'user.name'} eq 'public' && $env{'user.domain'} eq 'public') {
if ($guest) {	if ($guest) {
return 'guest:'.$guest;	return $guest;
}	}
} else {	} else {
if (@domains > 0) {	if (@domains > 0) {
foreach my $domkey (@domains) {	foreach my $domkey (@domains) {
my %content = &Apache::lonnet::parse_access_controls($$access_hash{$domkey});	if (ref($access_hash->{$domkey}{'dom'}) eq 'ARRAY') {
if (ref($content{'dom'}) eq 'ARRAY') {	if (grep(/^\Q$env{'user.domain'}\E$/,@{$access_hash->{$domkey}{'dom'}})) {
if (grep(/^\Q$env{'user.domain'}\E$/,@{$content{'dom'}})) {
return 'ok';	return 'ok';
}	}
}	}
Line 187 sub portfolio_access {	Line 208 sub portfolio_access {
}	}
if (@users > 0) {	if (@users > 0) {
foreach my $userkey (@users) {	foreach my $userkey (@users) {
my %content = &Apache::lonnet::parse_access_controls($$access_hash{$userkey});	if (exists($access_hash->{$userkey}{'users'}{$env{'user.name'}.':'.$env{'user.domain'}})) {
if (exists($content{'users'}{$env{'user.name'}.':'.$env{'user.domain'}})) {
return 'ok';	return 'ok';
}	}
}	}
Line 227 sub portfolio_access {	Line 247 sub portfolio_access {
return;	return;
}	}
foreach my $key (@courses_and_groups) {	foreach my $key (@courses_and_groups) {
my %content = &Apache::lonnet::parse_access_controls($$access_hash{$key});	my %content = %{$$access_hash{$key}};
my $cnum = $content{'number'};	my $cnum = $content{'number'};
my $cdom = $content{'domain'};	my $cdom = $content{'domain'};
my $cid = $cdom.'_'.$cnum;	my $cid = $cdom.'_'.$cnum;
Line 247 sub portfolio_access {	Line 267 sub portfolio_access {
return 'ok';	return 'ok';
} else {	} else {
if (grep/^$sec$/,@sections) {	if (grep/^$sec$/,@sections) {
return 'ok'	return 'ok';
}	}
}	}
}	}
Line 272 sub portfolio_access {	Line 292 sub portfolio_access {
}	}
}	}
if ($guest) {	if ($guest) {
return 'guest:'.$guest;	return $guest;
}	}
}	}
}	}
return;	return;
}	}

	sub passphrase_access_checker {
	my ($r,$guestkey,$requrl) = @_;
	my ($num,$scope,$end,$start) = ($guestkey =~ /^([^:]+):([a-z]+)_(\d)_?(\d)$/);
	if ($scope eq 'guest') {
	if (exists($env{'user.passphrase_access_'.$requrl})) {
	if (($env{'user.passphrase_access_'.$requrl} == 0) \|\|
	($env{'user.passphrase_access_'.$requrl} > time)) {
	$env{'request.publicaccess'} = 1;
	return 'ok';
	}
	}
	}
	$r->set_handlers('PerlHandler'=> \&Apache::restrictedaccess::handler);
	$r->content_type('perl-script');
	return;
	}

sub course_group_datechecker {	sub course_group_datechecker {
my ($dates,$now,$status) = @_;	my ($dates,$now,$status) = @_;
my ($start,$end) = split(/\./,$dates);	my ($start,$end) = split(/\./,$dates);
Line 303 sub course_group_datechecker {	Line 340 sub course_group_datechecker {
return;	return;
}	}

	sub parse_portfolio_url {
	my ($url) = @_;

	my ($type,$udom,$unum,$group,$file_name);

	if ($url =~ m-/+uploaded/([^/]+)/([^/]+)/portfolio(/.+)$-) {
	$type = 1;
	$udom = $1;
	$unum = $2;
	$file_name = $3;
	} elsif ($url =~ m-/+uploaded/([^/]+)/([^/]+)/groups/([^/]+)/portfolio/(.+)$-) {
	$type = 2;
	$udom = $1;
	$unum = $2;
	$group = $3;
	$file_name = $3.'/'.$4;
	}
	if (wantarray) {
	return ($type,$udom,$unum,$file_name,$group);
	}
	return $type;
	}

	sub is_portfolio_url {
	my ($url) = @_;
	return scalar(&parse_portfolio_url($url));
	}

sub handler {	sub handler {
my $r = shift;	my $r = shift;
my $requrl=$r->uri;	my $requrl=$r->uri;
Line 365 sub handler {	Line 430 sub handler {

# ---------------------------------------------------------------- Check access	# ---------------------------------------------------------------- Check access
my $now = time;	my $now = time;
if ($requrl =~ m\|/+uploaded/([^/]+)/([^/]+)/portfolio(/.+)$\|) {	if (&is_portfolio_url($requrl)) {
my $result = &portfolio_access($1,$2,$3);	my $result = &portfolio_access($r,$requrl);
if ($result eq 'ok') {	if (defined($result)) { return $result; }
return OK;	}
} elsif ($result =~ /^guest:(\w+)$/) {
my $guestkey = $1;
#FIXME need to cause generation of an intermediate page
}
} elsif ($requrl =~ m\|/+uploaded/([^/]+)/([^/]+)/groups/([^/]+)/portfolio/(.+)$\|) {
my $result = &portfolio_access($1,$2,$3.'/'.$4,$3);
if ($result eq 'ok') {
return OK;
} elsif ($result =~ /^guest:(\w+)$/) {
my $guestkey = $1;
#FIXME need to cause generation of an intermediate page
}
}
if ($requrl!~/^\/adm\|public\|prtspool\//) {	if ($requrl!~/^\/adm\|public\|prtspool\//) {
my $access=&Apache::lonnet::allowed('bre',$requrl);	my $access=&Apache::lonnet::allowed('bre',$requrl);
if ($access eq '1') {	if ($access eq '1') {
Line 472 sub handler {	Line 524 sub handler {
} else {	} else {
$r->log_reason("Cookie $handle not valid", $r->filename);	$r->log_reason("Cookie $handle not valid", $r->filename);
}	}
}	}

# -------------------------------------------- See if this is a public resource	# -------------------------------------------- See if this is a public resource
if ($requrl=~m\|^/public/\|	if ($requrl=~m\|^/public/\|
Line 495 sub handler {	Line 547 sub handler {
return OK;	return OK;
}	}
# ------------------------------------- See if this is a viewable portfolio file	# ------------------------------------- See if this is a viewable portfolio file
if ($requrl =~ m\|/+uploaded/([^/]+)/([^/]+)/portfolio(/.+)$\|) {	if (&is_portfolio_url($requrl)) {
my $result = &portfolio_access($1,$2,$3);	my $result = &portfolio_access($r,$requrl);
if ($result eq 'ok') {	if (defined($result)) { return $result; }
return OK;
} elsif ($result =~ /^guest:(\w+)$/) {
my $guestkey = $1;
#FIXME need to cause generation of an intermediate page
}
} elsif ($requrl =~ m\|/+uploaded/([^/]+)/([^/]+)/groups/([^/]+)/portfolio/(.+)$\|) {
my $result = &portfolio_access($1,$2,$3.'/'.$4,$3);
if ($result eq 'ok') {
return OK;
} elsif ($result =~ /^guest:(\w+)$/) {
my $guestkey = $1;
#FIXME need to cause generation of an intermediate page
}
}	}

# -------------------------------------------------------------- Not authorized	# -------------------------------------------------------------- Not authorized
$requrl=~/\.(\w+)$/;	$requrl=~/\.(\w+)$/;
# if ((&Apache::loncommon::fileembstyle($1) eq 'ssi') \|\|	# if ((&Apache::loncommon::fileembstyle($1) eq 'ssi') \|\|

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>

Removed from v.1.82
changed lines
	Added in v.1.88