Return to lonacc.pm CVS log

Up to [LON-CAPA] / loncom / auth

Diff for /loncom/auth/lonacc.pm between versions 1.159.2.8.2.10 and 1.192

version 1.159.2.8.2.10, 2021/02/10 11:22:41	version 1.192, 2021/07/19 15:48:26
Line 102 use Apache::loncommon();	Line 102 use Apache::loncommon();
use Apache::lonlocal;	use Apache::lonlocal;
use Apache::restrictedaccess();	use Apache::restrictedaccess();
use Apache::blockedaccess();	use Apache::blockedaccess();
	use Apache::lonprotected();
use Fcntl qw(:flock);	use Fcntl qw(:flock);
use LONCAPA qw(:DEFAULT :match);	use LONCAPA qw(:DEFAULT :match);

Line 202 sub get_posted_cgi {	Line 203 sub get_posted_cgi {
$fname='';	$fname='';
$fmime='';	$fmime='';
}	}
	if ($i<$#lines && $lines[$i+1]=~/^Content\-Type\:\s*([\w\-\/]+)/i) {
	# TODO: something with $1 !
	$i++;
	}
	if ($i<$#lines && $lines[$i+1]=~/^Content\-transfer\-encoding\:\s*([\w\-\/]+)/i) {
	# TODO: something with $1 !
	$i++;
	}
$i++;	$i++;
}	}
} else {	} else {
Line 296 sub sso_login {	Line 305 sub sso_login {
my $query = $r->args;	my $query = $r->args;
my %form;	my %form;
if ($query) {	if ($query) {
my @items = ('role','symb','iptoken');	my @items = ('role','symb','iptoken','origurl');
&Apache::loncommon::get_unprocessed_cgi($query,\@items);	&Apache::loncommon::get_unprocessed_cgi($query,\@items);
foreach my $item (@items) {	foreach my $item (@items) {
if (defined($env{'form.'.$item})) {	if (defined($env{'form.'.$item})) {
Line 340 sub sso_login {	Line 349 sub sso_login {
my $lowest_load;	my $lowest_load;
($otherserver,undef,undef,undef,$lowest_load) = &Apache::lonnet::choose_server($domain);	($otherserver,undef,undef,undef,$lowest_load) = &Apache::lonnet::choose_server($domain);
if ($lowest_load > 100) {	if ($lowest_load > 100) {
$otherserver = &Apache::lonnet::spareserver($lowest_load,$lowest_load,1,$domain);	$otherserver = &Apache::lonnet::spareserver($r,$lowest_load,$lowest_load,1,$domain);
}	}
if ($otherserver ne '') {	if ($otherserver ne '') {
my @hosts = &Apache::lonnet::current_machine_ids();	my @hosts = &Apache::lonnet::current_machine_ids();
Line 358 sub sso_login {	Line 367 sub sso_login {
foreach my $item (keys(%form)) {	foreach my $item (keys(%form)) {
$env{'form.'.$item} = $form{$item};	$env{'form.'.$item} = $form{$item};
}	}
unless ($form{'symb'}) {	unless (($form{'symb'}) \|\| ($form{'origurl'})) {
unless (($r->uri eq '/adm/roles') \|\| ($r->uri eq '/adm/sso')) {	unless (($r->uri eq '/adm/roles') \|\| ($r->uri eq '/adm/sso')) {
$env{'form.origurl'} = $r->uri;	$env{'form.origurl'} = $r->uri;
}	}
Line 377 sub sso_login {	Line 386 sub sso_login {
} else {	} else {
# need to login them in, so generate the need data that	# need to login them in, so generate the need data that
# migrate expects to do login	# migrate expects to do login
my $ip = &Apache::lonnet::get_requestor_ip($r);	my $ip = &Apache::lonnet::get_requestor_ip($r);
my %info=('ip' => $ip,	my %info=('ip' => $ip,
'domain' => $domain,	'domain' => $domain,
'username' => $user,	'username' => $user,
'server' => $r->dir_config('lonHostID'),	'server' => $r->dir_config('lonHostID'),
'sso.login' => 1	'sso.login' => 1
);	);
foreach my $item ('role','symb','iptoken') {	foreach my $item ('role','symb','iptoken','origurl') {
if (exists($form{$item})) {	if (exists($form{$item})) {
$info{$item} = $form{$item};	$info{$item} = $form{$item};
}	}
}	}
unless ($info{'symb'}) {	unless (($info{'symb'}) \|\| ($info{'origurl'})) {
unless (($r->uri eq '/adm/roles') \|\| ($r->uri eq '/adm/sso')) {	unless (($r->uri eq '/adm/roles') \|\| ($r->uri eq '/adm/sso')) {
$info{'origurl'} = $r->uri;	$info{'origurl'} = $r->uri;
}	}
Line 528 sub handler {	Line 537 sub handler {
}	}
} elsif ($env{'request.course.id'} &&	} elsif ($env{'request.course.id'} &&
(($requrl =~ m{^/adm/$match_domain/$match_username/aboutme$}) \|\|	(($requrl =~ m{^/adm/$match_domain/$match_username/aboutme$}) \|\|
($requrl =~ m{^/public/$cdom/$cnum/syllabus$}))) {	($requrl eq "/public/$cdom/$cnum/syllabus") \|\|
	($requrl =~ m{^/adm/$cdom/$cnum/\d+/ext\.tool$}))) {
my $query = $r->args;	my $query = $r->args;
if ($query) {	if ($query) {
foreach my $pair (split(/&/,$query)) {	foreach my $pair (split(/&/,$query)) {
Line 549 sub handler {	Line 559 sub handler {
my $hostname = $r->hostname();	my $hostname = $r->hostname();
my $lonhost = &Apache::lonnet::host_from_dns($hostname);	my $lonhost = &Apache::lonnet::host_from_dns($hostname);
if ($lonhost) {	if ($lonhost) {
my $actual = &Apache::lonnet::absolute_url($hostname);	my $actual = &Apache::lonnet::absolute_url($hostname,1,1);
my $exphostname = &Apache::lonnet::hostname($lonhost);	my $exphostname = &Apache::lonnet::hostname($lonhost);
my $expected = $Apache::lonnet::protocol{$lonhost}.'://'.$hostname;	my $expected = $Apache::lonnet::protocol{$lonhost}.'://'.$hostname;
unless ($actual eq $expected) {	unless ($actual eq $expected) {
Line 582 sub handler {	Line 592 sub handler {
if (($found_server) && ($balancer_cookie =~ /^\Q$env{'user.domain'}\E_\Q$env{'user.name'}\E_/)) {	if (($found_server) && ($balancer_cookie =~ /^\Q$env{'user.domain'}\E_\Q$env{'user.name'}\E_/)) {
$otherserver = $found_server;	$otherserver = $found_server;
}	}
unless ($requrl eq '/adm/switchserver') {	unless ($requrl eq '/adm/switchserver') {
$r->set_handlers('PerlResponseHandler'=>	$r->set_handlers('PerlResponseHandler'=>
[\&Apache::switchserver::handler]);	[\&Apache::switchserver::handler]);
}	}
Line 604 sub handler {	Line 614 sub handler {
return OK;	return OK;
}	}
}	}

# ---------------------------------------------------------------- Check access	# ---------------------------------------------------------------- Check access
my $now = time;	my $now = time;
my ($check_symb,$check_access,$check_block,$access,$poss_symb);	my ($check_symb,$check_access,$check_block,$access,$poss_symb);
Line 664 sub handler {	Line 673 sub handler {
if ((!$env{'request.role.adv'}) && ($env{'acc.randomout'}) &&	if ((!$env{'request.role.adv'}) && ($env{'acc.randomout'}) &&
($env{'acc.randomout'}=~/\&\Q$poss_symb\E\&/)) {	($env{'acc.randomout'}=~/\&\Q$poss_symb\E\&/)) {
undef($poss_symb);	undef($poss_symb);
	} elsif ((!$env{'request.role.adv'}) && ($env{'acc.deeplinkout'}) &&
	($env{'acc.deeplinkout'}=~/\&\Q$poss_symb\E\&/)) {
	undef($poss_symb);
}	}
}	}
}	}
Line 673 sub handler {	Line 685 sub handler {
$access=&Apache::lonnet::allowed('bre',$requrl,'','','','',1);	$access=&Apache::lonnet::allowed('bre',$requrl,'','','','',1);
}	}
} else {	} else {
$access=&Apache::lonnet::allowed('bre',$requrl);	my $nodeeplinkcheck;
	if (($check_access) && ($requrl =~ /\.(sequence\|page)$/)) {
	unless ($env{'form.navmap'}) {
	if ($r->args ne '') {
	&Apache::loncommon::get_unprocessed_cgi($r->args,['navmap']);
	unless ($env{'form.navmap'}) {
	$nodeeplinkcheck = 1;
	}
	}
	}
	}
	$access=&Apache::lonnet::allowed('bre',$requrl,'','','','','',$nodeeplinkcheck)
}	}
}	}
if ($check_block) {	if ($check_block) {
Line 711 sub handler {	Line 734 sub handler {
&Apache::blockedaccess::setup_handler($r);	&Apache::blockedaccess::setup_handler($r);
return OK;	return OK;
}	}
	if ($access eq 'D') {
	&Apache::lonprotected::setup_handler($r);
	return OK;
	}
if (($access ne '2') && ($access ne 'F')) {	if (($access ne '2') && ($access ne 'F')) {
if ($requrl =~ m{^/res/}) {	if ($requrl =~ m{^/res/}) {
$access = &Apache::lonnet::allowed('bro',$requrl);	$access = &Apache::lonnet::allowed('bro',$requrl);
Line 727 sub handler {	Line 754 sub handler {
}	}
}	}
} elsif (($handle =~ /^publicuser_\d+$/) && (&Apache::lonnet::is_portfolio_url($requrl))) {	} elsif (($handle =~ /^publicuser_\d+$/) && (&Apache::lonnet::is_portfolio_url($requrl))) {
my $clientip = &Apache::lonnet::get_requestor_ip($r);	my $clientip = &Apache::lonnet::get_requestor_ip($r);
if (&Apache::lonnet::allowed('bre',$requrl,undef,undef,$clientip) ne 'F') {	if (&Apache::lonnet::allowed('bre',$requrl,undef,undef,$clientip) ne 'F') {
$env{'user.error.msg'}="$requrl:bre:1:1:Access Denied";	$env{'user.error.msg'}="$requrl:bre:1:1:Access Denied";
return HTTP_NOT_ACCEPTABLE;	return HTTP_NOT_ACCEPTABLE;
Line 796 sub handler {	Line 823 sub handler {
my ($map,$mid,$murl)=&Apache::lonnet::decode_symb($symb);	my ($map,$mid,$murl)=&Apache::lonnet::decode_symb($symb);
if ($map =~ /\.page$/) {	if ($map =~ /\.page$/) {
my $mapsymb = &Apache::lonnet::symbread($map);	my $mapsymb = &Apache::lonnet::symbread($map);
($map,$mid,$murl)=&Apache::lonnet::decode_symb($mapsymb);	($map,$mid,$murl)=&Apache::lonnet::decode_symb($mapsymb);
}	}
&Apache::lonnet::symblist($map,$murl => [$murl,$mid],	&Apache::lonnet::symblist($map,$murl => [$murl,$mid],
'last_known' =>[$murl,$mid]);	'last_known' =>[$murl,$mid]);
Line 862 sub handler {	Line 889 sub handler {
}	}
if ($invalidsymb) {	if ($invalidsymb) {
if ($requrl eq '/adm/navmaps') {	if ($requrl eq '/adm/navmaps') {
undef(symb);	undef($symb);
} else {	} else {
$r->log_reason('Invalid symb for '.$requrl.': '.$symb);	$r->log_reason('Invalid symb for '.$requrl.': '.$symb);
$env{'user.error.msg'}=	$env{'user.error.msg'}=
Line 882 sub handler {	Line 909 sub handler {
my $mapsymb = &Apache::lonnet::symbread($map);	my $mapsymb = &Apache::lonnet::symbread($map);
($map,$mid,$murl)=&Apache::lonnet::decode_symb($mapsymb);	($map,$mid,$murl)=&Apache::lonnet::decode_symb($mapsymb);
}	}
&Apache::lonnet::symblist($map,$murl =>[$murl,$mid],	&Apache::lonnet::symblist($map,$murl =>[$murl,$mid],
'last_known' =>[$murl,$mid]);	'last_known' =>[$murl,$mid]);
}	}
}	}
}	}
Line 936 sub handler {	Line 963 sub handler {
# ------------------------------------ See if this is a viewable portfolio file	# ------------------------------------ See if this is a viewable portfolio file
if (&Apache::lonnet::is_portfolio_url($requrl)) {	if (&Apache::lonnet::is_portfolio_url($requrl)) {
my $clientip = &Apache::lonnet::get_requestor_ip($r);	my $clientip = &Apache::lonnet::get_requestor_ip($r);
my $access=&Apache::lonnet::allowed('bre',$requrl,undef,undef,$clientip);	my $access=&Apache::lonnet::allowed('bre',$requrl,undef,undef,$clientip);
if ($access eq 'A') {	if ($access eq 'A') {
&Apache::restrictedaccess::setup_handler($r);	&Apache::restrictedaccess::setup_handler($r);
return OK;	return OK;

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>

500 Internal Server Error

Internal Server Error

The server encountered an internal error or misconfiguration and was unable to complete your request.

Please contact the server administrator at root@localhost to inform them of the time this error occurred, and the actions you performed just before this error.

More information about this error may be available in the server error log.

Removed from v.1.159.2.8.2.10
changed lines
	Added in v.1.192