loncom/auth/lonacc.pm - diff

Return to lonacc.pm CVS log

Up to [LON-CAPA] / loncom / auth

Diff for /loncom/auth/lonacc.pm between versions 1.138 and 1.143

version 1.138, 2012/05/30 20:29:49	version 1.143, 2013/02/05 21:32:45
Line 105 use Apache::lonlocal;	Line 105 use Apache::lonlocal;
use Apache::restrictedaccess();	use Apache::restrictedaccess();
use Apache::blockedaccess();	use Apache::blockedaccess();
use Fcntl qw(:flock);	use Fcntl qw(:flock);
use LONCAPA;	use LONCAPA qw(:DEFAULT :match);

sub cleanup {	sub cleanup {
my ($r)=@_;	my ($r)=@_;
Line 156 sub get_posted_cgi {	Line 156 sub get_posted_cgi {
for ($i=0;$i<=$#lines;$i++) {	for ($i=0;$i<=$#lines;$i++) {
if ($lines[$i]=~/^--\Q$contentsep\E/) {	if ($lines[$i]=~/^--\Q$contentsep\E/) {
if ($name) {	if ($name) {
$value=~s/[\r\n]+$//;	chomp($value);
	if (($r->uri eq '/adm/portfolio') &&
	($name eq 'uploaddoc')) {
	if (length($value) == 1) {
	$value=~s/[\r\n]$//;
	}
	}
if (ref($fields) eq 'ARRAY') {	if (ref($fields) eq 'ARRAY') {
next if (!grep(/^\Q$name\E$/,@{$fields}));	next if (!grep(/^\Q$name\E$/,@{$fields}));
}	}
Line 269 sub sso_login {	Line 275 sub sso_login {
my ($r,$handle) = @_;	my ($r,$handle) = @_;

my $lonidsdir=$r->dir_config('lonIDsDir');	my $lonidsdir=$r->dir_config('lonIDsDir');
if (!($r->user	if (($r->user eq '') \|\|
&& (!defined($env{'user.name'}) && !defined($env{'user.domain'}))	(defined($env{'user.name'}) && (defined($env{'user.domain'}))
&& ($handle eq ''))) {	&& ($handle ne ''))) {
# not an SSO case or already logged in	# not an SSO case or already logged in
return undef;	return undef;
}	}
Line 390 sub handler {	Line 396 sub handler {
}	}

my ($is_balancer,$otherserver);	my ($is_balancer,$otherserver);

if ($handle eq '') {	if ($handle eq '') {
$r->log_reason("Cookie $handle not valid", $r->filename);	unless (($requrl eq '/adm/switchserver') && (!$r->is_initial_req())) {
	$r->log_reason("Cookie $handle not valid", $r->filename);
	}
} elsif ($handle ne '') {	} elsif ($handle ne '') {

# ------------------------------------------------------ Initialize Environment	# ------------------------------------------------------ Initialize Environment
Line 409 sub handler {	Line 417 sub handler {
if ($env{'user.name'} ne '' && $env{'user.domain'} ne '') {	if ($env{'user.name'} ne '' && $env{'user.domain'} ne '') {
# -------------------------------------------------------------- Resource State	# -------------------------------------------------------------- Resource State

	my ($cdom,$cnum);
	if ($env{'request.course.id'}) {
	$cdom = $env{'course.'.$env{'request.course.id'}.'.domain'};
	$cnum = $env{'course.'.$env{'request.course.id'}.'.num'};
	}
if ($requrl=~/^\/+(res\|uploaded)\//) {	if ($requrl=~/^\/+(res\|uploaded)\//) {
$env{'request.state'} = "published";	$env{'request.state'} = "published";
} else {	} else {
Line 416 sub handler {	Line 429 sub handler {
}	}
$env{'request.filename'} = $r->filename;	$env{'request.filename'} = $r->filename;
$env{'request.noversionuri'} = &Apache::lonnet::deversion($requrl);	$env{'request.noversionuri'} = &Apache::lonnet::deversion($requrl);
	my $suppext;
if ($requrl =~ m{^/adm/wrapper/ext/}) {	if ($requrl =~ m{^/adm/wrapper/ext/}) {
my $query = $r->args;	my $query = $r->args;
if ($query) {	if ($query) {
Line 425 sub handler {	Line 439 sub handler {
unless ($name eq 'symb') {	unless ($name eq 'symb') {
$preserved .= $pair.'&';	$preserved .= $pair.'&';
}	}
	if (($env{'request.course.id'}) && ($name eq 'folderpath')) {
	if ($value =~ /^supplemental/) {
	$suppext = 1;
	}
	}
}	}
$preserved =~ s/\&$//;	$preserved =~ s/\&$//;
if ($preserved) {	if ($preserved) {
$env{'request.external.querystring'} = $preserved;	$env{'request.external.querystring'} = $preserved;
}	}
}	}
	} elsif ($env{'request.course.id'} &&
	(($requrl =~ m{^/adm/$match_domain/$match_username/aboutme$}) \|\|
	($requrl =~ m{^/public/$cdom/$cnum/syllabus$}))) {
	my $query = $r->args;
	if ($query) {
	foreach my $pair (split(/&/,$query)) {
	my ($name, $value) = split(/=/,$pair);
	if ($name eq 'folderpath') {
	if ($value =~ /^supplemental/) {
	$suppext = 1;
	}
	}
	}
	}
}	}
# -------------------------------------------------------- Load POST parameters	# -------------------------------------------------------- Load POST parameters

Line 537 sub handler {	Line 570 sub handler {
# ------------------------------------- This is serious stuff, get symb and log	# ------------------------------------- This is serious stuff, get symb and log
my $symb;	my $symb;
if ($query) {	if ($query) {
&Apache::loncommon::get_unprocessed_cgi($query,['symb']);	&Apache::loncommon::get_unprocessed_cgi($query,['symb','folderpath']);
}	}
if ($env{'form.symb'}) {	if ($env{'form.symb'}) {
$symb=&Apache::lonnet::symbclean($env{'form.symb'});	$symb=&Apache::lonnet::symbclean($env{'form.symb'});
Line 565 sub handler {	Line 598 sub handler {
if ($requrl=~m{^(/adm/.*/aboutme)/portfolio$}) {	if ($requrl=~m{^(/adm/.*/aboutme)/portfolio$}) {
$requrl = $1;	$requrl = $1;
}	}
$symb=&Apache::lonnet::symbread($requrl);	unless ($suppext) {
if (&Apache::lonnet::is_on_map($requrl) && $symb &&	$symb=&Apache::lonnet::symbread($requrl);
!&Apache::lonnet::symbverify($symb,$requrl)) {	if (&Apache::lonnet::is_on_map($requrl) && $symb &&
$r->log_reason('Invalid symb for '.$requrl.': '.$symb);	!&Apache::lonnet::symbverify($symb,$requrl)) {
$env{'user.error.msg'}=	$r->log_reason('Invalid symb for '.$requrl.': '.$symb);
"$requrl:bre:1:1:Invalid Access";	$env{'user.error.msg'}=
return HTTP_NOT_ACCEPTABLE;	"$requrl:bre:1:1:Invalid Access";
}	return HTTP_NOT_ACCEPTABLE;
if ($symb) {	}
my ($map,$mid,$murl)=	if ($symb) {
&Apache::lonnet::decode_symb($symb);	my ($map,$mid,$murl)=
&Apache::lonnet::symblist($map,$murl =>[$murl,$mid],	&Apache::lonnet::decode_symb($symb);
'last_known' =>[$murl,$mid]);	&Apache::lonnet::symblist($map,$murl =>[$murl,$mid],
	'last_known' =>[$murl,$mid]);
	}
}	}
}	}
$env{'request.symb'}=$symb;	$env{'request.symb'}=$symb;
Line 586 sub handler {	Line 621 sub handler {
# ------------------------------------------------------- This is other content	# ------------------------------------------------------- This is other content
&Apache::lonnet::courseacclog($requrl);	&Apache::lonnet::courseacclog($requrl);
}	}
my $cdom = $env{'course.'.$env{'request.course.id'}.'.domain'};;	if ($requrl =~ m{^/+uploaded/\Q$cdom\E/\Q$cnum\E/(docs\|supplemental)/.+\.html?$}) {
my $cnum = $env{'course.'.$env{'request.course.id'}.'.num'};;
if ($requrl =~ m{^/+uploaded/\Q$cdom\E/\Q$cnum\E/docs/.+\.html?$}) {
if (&Apache::lonnet::allowed('mdc',$env{'request.course.id'})) {	if (&Apache::lonnet::allowed('mdc',$env{'request.course.id'})) {
if ($query) {	if ($query) {
&Apache::loncommon::get_unprocessed_cgi($query,['forceedit']);	&Apache::loncommon::get_unprocessed_cgi($query,['forceedit']);

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>

Removed from v.1.138
changed lines
	Added in v.1.143