loncom/auth/lonacc.pm - diff

Return to lonacc.pm CVS log

Up to [LON-CAPA] / loncom / auth

Diff for /loncom/auth/lonacc.pm between versions 1.115 and 1.119

-version 1.115, 2008/05/14 18:27:30
+version 1.119, 2008/11/18 19:14:34
  Line 27
  #
  ###
+ =head1 NAME
+ Apache::lonacc - Cookie Based Access Handler
+ =head1 SYNOPSIS
+ Invoked (for various locations) by /etc/httpd/conf/srm.conf:
+  PerlAccessHandler       Apache::lonacc
+ =head1 INTRODUCTION
+ This module enables cookie based authentication and is used
+ to control access for many different LON-CAPA URIs.
+ Whenever the client sends the cookie back to the server,
+ this cookie is handled by either lonacc.pm or loncacc.pm
+ (see srm.conf for what is invoked when).  If
+ the cookie is missing or invalid, the user is re-challenged
+ for login information.
+ This is part of the LearningOnline Network with CAPA project
+ described at http://www.lon-capa.org.
+ =head1 HANDLER SUBROUTINE
+ This routine is called by Apache and mod_perl.
+ =over 4
+ =item *
+ transfer profile into environment
+ =item *
+ load POST parameters
+ =item *
+ check access
+ =item *
+ if allowed, get symb, log, generate course statistics if applicable
+ =item *
+ otherwise return error
+ =item *
+ see if public resource
+ =item *
+ store attempted access
+ =back
+ =cut
  package Apache::lonacc;
  use strict;
- Line 90  sub get_posted_cgi {
+ Line 153  sub get_posted_cgi {
  	    if ($lines[$i]=~/^--\Q$contentsep\E/) {
  		if ($name) {
  		    chomp($value);
- 		    if ($fname) {
- 			$env{"form.$name.filename"}=$fname;
- 			$env{"form.$name.mimetype"}=$fmime;
- 		    } else {
- 			$value=~s/\s+$//s;
- 		    }
                      if (ref($fields) eq 'ARRAY') {
                          next if (!grep(/^\Q$name\E$/,@{$fields}));
                      }
- 		    &Apache::loncommon::add_to_env("form.$name",$value);
+                     if ($fname) {
+                         if ($env{'form.symb'} ne '') {
+                             my $size = (length($value))/(1024.0 * 1024.0);
+                             if (&upload_size_allowed($name,$size,$fname) eq 'ok') {
+                                 $env{"form.$name.filename"}=$fname;
+                                 $env{"form.$name.mimetype"}=$fmime;
+                                 &Apache::loncommon::add_to_env("form.$name",$value);
+                             }
+                         } else {
+                             $env{"form.$name.filename"}=$fname;
+                             $env{"form.$name.mimetype"}=$fmime;
+                             &Apache::loncommon::add_to_env("form.$name",$value);
+                         }
+                     } else {
+                         $value=~s/\s+$//s;
+                         &Apache::loncommon::add_to_env("form.$name",$value);
+                     }
  		}
  		if ($i<$#lines) {
  		    $i++;
- Line 145  sub get_posted_cgi {
+ Line 218  sub get_posted_cgi {
      $r->headers_in->unset('Content-length');
  }
+ #
+ # Perform size checks for file uploads to essayresponse items in course context.
+ #
+ # Add form.HWFILESIZE.$part_$id to %env with file size (MB)
+ # If file exceeds maximum allowed size, add form.HWFILETOOBIG.$part_$id to %env.
+ #
+ sub upload_size_allowed {
+     my ($name,$size,$fname) = @_;
+     if ($name =~ /^HWFILE(\w+)$/) {
+         my $ident = $1;
+         my $item = 'HWFILESIZE'.$ident;
+         &Apache::loncommon::add_to_env("form.$item",$size);
+         my $maxsize= &Apache::lonnet::EXT("resource.$ident.maxfilesize");
+         if (!$maxsize) {
+             $maxsize = 100.0;
+         }
+         if ($size > $maxsize) {
+             my $warn = 'HWFILETOOBIG'.$ident;
+             &Apache::loncommon::add_to_env("form.$warn",$fname);
+             return;
+         }
+     }
+     return 'ok';
+ }
  # handle the case of the single sign on user, at this point $r->user
  # will be set and valid now need to find the loncapa user info and possibly
  # balance them
  # returns OK if it was a SSO and user was handled
  #         undef if not SSO or no means to hanle the user
  sub sso_login {
      my ($r,$handle) = @_;
- Line 187  sub sso_login {
+ Line 287  sub sso_login {
  		      'server'    => $r->dir_config('lonHostID'),
  		      'sso.login' => 1
  		      );
+             if ($r->dir_config("ssodirecturl") == 1) {
+                 $info{'origurl'} = $r->uri;
+             }
              if (defined($r->dir_config("lonSSOReloginServer"))) {
                  $info{'sso.reloginserver'} =
                      $r->dir_config('lonSSOReloginServer');
- Line 239  sub handler {
+ Line 342  sub handler {
      my $result = &sso_login($r,$handle);
      if (defined($result)) {
- 	return $result
+ 	return $result;
      }
- Line 419  sub handler {
+ Line 522  sub handler {
 ;
  __END__
- =head1 NAME
- Apache::lonacc - Cookie Based Access Handler
- =head1 SYNOPSIS
- Invoked (for various locations) by /etc/httpd/conf/srm.conf:
-  PerlAccessHandler       Apache::lonacc
- =head1 INTRODUCTION
- This module enables cookie based authentication and is used
- to control access for many different LON-CAPA URIs.
- Whenever the client sends the cookie back to the server,
- this cookie is handled by either lonacc.pm or loncacc.pm
- (see srm.conf for what is invoked when).  If
- the cookie is missing or invalid, the user is re-challenged
- for login information.
- This is part of the LearningOnline Network with CAPA project
- described at http://www.lon-capa.org.
- =head1 HANDLER SUBROUTINE
- This routine is called by Apache and mod_perl.
- =over 4
- =item *
- transfer profile into environment
- =item *
- load POST parameters
- =item *
- check access
- =item *
- if allowed, get symb, log, generate course statistics if applicable
- =item *
- otherwise return error
- =item *
- see if public resource
- =item *
- store attempted access
- =back
- =cut

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>

Removed from v.1.115
changed lines
	Added in v.1.119