loncom/auth/lonacc.pm - diff

Return to lonacc.pm CVS log

Up to [LON-CAPA] / loncom / auth

Diff for /loncom/auth/lonacc.pm between versions 1.67 and 1.78

-version 1.67, 2005/07/07 05:53:35
+version 1.78, 2006/06/02 19:38:21
  Line 38  use Apache::lonlocal;
  use CGI::Cookie();
  use Fcntl qw(:flock);
+ sub cleanup {
+     my ($r)=@_;
+     if (! $r->is_initial_req()) { return DECLINED; }
+     &Apache::lonnet::save_cache();
+     return OK;
+ }
+ sub goodbye {
+     my ($r)=@_;
+     &Apache::lonnet::goodbye();
+     return DONE;
+ }
+ ###############################################
+ sub get_posted_cgi {
+     my ($r) = @_;
+     my $buffer;
+     if ($r->header_in('Content-length')) {
+ 	$r->read($buffer,$r->header_in('Content-length'),0);
+     }
+     unless ($buffer=~/^(\-+\w+)\s+Content\-Disposition\:\s*form\-data/si) {
+ 	my @pairs=split(/&/,$buffer);
+ 	my $pair;
+ 	foreach $pair (@pairs) {
+ 	    my ($name,$value) = split(/=/,$pair);
+ 	    $value =~ tr/+/ /;
+ 	    $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C",hex($1))/eg;
+ 	    $name  =~ tr/+/ /;
+ 	    $name  =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C",hex($1))/eg;
+ 	    &Apache::loncommon::add_to_env("form.$name",$value);
+ 	}
+     } else {
+ 	my $contentsep=$1;
+ 	my @lines = split (/\n/,$buffer);
+ 	my $name='';
+ 	my $value='';
+ 	my $fname='';
+ 	my $fmime='';
+ 	my $i;
+ 	for ($i=0;$i<=$#lines;$i++) {
+ 	    if ($lines[$i]=~/^$contentsep/) {
+ 		if ($name) {
+ 		    chomp($value);
+ 		    if ($fname) {
+ 			$env{"form.$name.filename"}=$fname;
+ 			$env{"form.$name.mimetype"}=$fmime;
+ 		    } else {
+ 			$value=~s/\s+$//s;
+ 		    }
+ 		    &Apache::loncommon::add_to_env("form.$name",$value);
+ 		}
+ 		if ($i<$#lines) {
+ 		    $i++;
+ 		    $lines[$i]=~
+ 		/Content\-Disposition\:\s*form\-data\;\s*name\=\"([^\"]+)\"/i;
+ 		    $name=$1;
+ 		    $value='';
+ 		    if ($lines[$i]=~/filename\=\"([^\"]+)\"/i) {
+ 			$fname=$1;
+ 			if
+                             ($lines[$i+1]=~/Content\-Type\:\s*([\w\-\/]+)/i) {
+ 				$fmime=$1;
+ 				$i++;
+ 			    } else {
+ 				$fmime='';
+ 			    }
+ 		    } else {
+ 			$fname='';
+ 			$fmime='';
+ 		    }
+ 		    $i++;
+ 		}
+ 	    } else {
+ 		$value.=$lines[$i]."\n";
+ 	    }
+ 	}
+     }
+ #
+ # Digested POSTed values
+ #
+ # Remember the way this was originally done (GET or POST)
+ #
+     $env{'request.method'}=$ENV{'REQUEST_METHOD'};
+ #
+ # There may also be stuff in the query string
+ # Tell subsequent handlers that this was GET, not POST, so they can access query string.
+ # Also, unset POSTed content length to cover all tracks.
+ #
+     $r->method_number(M_GET);
+     $r->method('GET');
+     $r->headers_in->unset('Content-length');
+ }
  sub handler {
      my $r = shift;
      my $requrl=$r->uri;
      my %cookies=CGI::Cookie->parse($r->header_in('Cookie'));
      my $lonid=$cookies{'lonID'};
      my $cookie;
+     my $lonidsdir=$r->dir_config('lonIDsDir');
+     my $handle;
      if ($lonid) {
- 	my $handle=$lonid->value;
+ 	$handle=$lonid->value;
          $handle=~s/\W//g;
-         my $lonidsdir=$r->dir_config('lonIDsDir');
+     }
+     my ($sso_login);
+     if ($r->user
+ 	&& (!$lonid || !-e "$lonidsdir/$handle.id" || $handle eq '') ) {
+ 	$sso_login = 1;
+ 	my $domain = $r->dir_config('lonDefDomain');
+ 	my $home=&Apache::lonnet::homeserver($r->user,$domain);
+ 	if ($home !~ /(con_lost|no_such_host)/) {
+ 	    $handle=&Apache::lonauth::success($r,$r->user,$domain,
+ 					     $home,'noredirect');
+ 	    $r->header_out('Set-cookie',"lonID=$handle; path=/");
+ 	}
+     }
+     if ($sso_login) {
+ 	&Apache::lonnet::appenv('request.sso.login' => 1);
+     }
+     if ($r->dir_config("lonBalancer") eq 'yes') {
+ 	$r->set_handlers('PerlResponseHandler'=>
+ 			 [\&Apache::switchserver::handler]);
+     }
+     if ($handle ne '') {
          if ((-e "$lonidsdir/$handle.id") && ($handle ne '')) {
  # ------------------------------------------------------ Initialize Environment
- Line 69  sub handler {
+ Line 194  sub handler {
              $env{'request.noversionuri'} = &Apache::lonnet::deversion($requrl);
  # -------------------------------------------------------- Load POST parameters
- 	    &Apache::loncommon::get_posted_cgi($r);
+ 	    &Apache::lonacc::get_posted_cgi($r);
  # ---------------------------------------------------------------- Check access
- Line 95  sub handler {
+ Line 220  sub handler {
  	    if ($env{'user.name'} eq 'public' &&
  		$env{'user.domain'} eq 'public' &&
  		$requrl !~ m{^/+(res|public)/} &&
- 		$requrl !~ m{^/+adm/(roles|logout|randomlabel\.png)}) {
+ 		$requrl !~ m{^/+adm/(help|logout|randomlabel\.png)}) {
  		$env{'request.querystring'}=$r->args;
  		$env{'request.firsturl'}=$requrl;
  		return FORBIDDEN;
- Line 107  sub handler {
+ Line 232  sub handler {
              if ((&Apache::loncommon::fileembstyle($1) eq 'ssi') ||
   ($requrl=~/^\/adm\/.*\/(aboutme|navmaps|smppg|bulletinboard)(\?|$)/) ||
   ($requrl=~/^\/adm\/wrapper\//) ||
+  ($requrl=~m|^/adm/coursedocs/showdoc/|) ||
   ($requrl=~m|\.problem/smpedit$|) ||
   ($requrl=~/^\/public\/.*\/syllabus$/)) {
  # ------------------------------------- This is serious stuff, get symb and log
- Line 117  sub handler {
+ Line 243  sub handler {
                  }
                  if ($env{'form.symb'}) {
  		    $symb=&Apache::lonnet::symbclean($env{'form.symb'});
-                     if ($requrl =~ m|^/adm/wrapper/|) {
+                     if ($requrl =~ m|^/adm/wrapper/|
+ 			|| $requrl =~ m|^/adm/coursedocs/showdoc/|) {
                          my ($map,$mid,$murl)=&Apache::lonnet::decode_symb($symb);
                          &Apache::lonnet::symblist($map,$murl => [$murl,$mid],
  						  'last_known' =>[$murl,$mid]);
- Line 125  sub handler {
+ Line 252  sub handler {
  			     (($requrl=~m|(.*)/smpedit$|) &&
  			      &Apache::lonnet::symbverify($symb,$1))) {
                        my ($map,$mid,$murl)=&Apache::lonnet::decode_symb($symb);
-                       &Apache::lonnet::symblist($map,$murl => [$murl,$mid],
+ 		      &Apache::lonnet::symblist($map,$murl => [$murl,$mid],
  						'last_known' =>[$murl,$mid]);
  		    } else {
  			$r->log_reason('Invalid symb for '.$requrl.': '.
- Line 159  sub handler {
+ Line 286  sub handler {
  	  }
              return OK;
          } else {
-             $r->log_reason("Cookie $handle not valid", $r->filename)
+             $r->log_reason("Cookie $handle not valid", $r->filename);
-         };
+         }
      }
  # -------------------------------------------- See if this is a public resource
      if ($requrl=~m|^/public/|
  	|| (&Apache::lonnet::metadata($requrl,'copyright') eq 'public')) {
          &Apache::lonnet::logthis('Granting public access: '.$requrl);
+         &Apache::lonlocal::get_language_handle($r);
  	my $cookie=
  	    &Apache::lonauth::success($r,'public','public','public');
          my $lonidsdir=$r->dir_config('lonIDsDir');
  	&Apache::lonnet::transfer_profile_to_env($lonidsdir,$cookie);
- 	&Apache::loncommon::get_posted_cgi($r);
+ 	&Apache::lonacc::get_posted_cgi($r);
          $env{'request.state'} = "published";
          $env{'request.publicaccess'} = 1;
          $env{'request.filename'} = $r->filename;
- Line 179  sub handler {
+ Line 307  sub handler {
  	$r->header_out('Set-cookie',"lonID=$cookie; path=/");
          return OK;
      }
+     if ($requrl=~m|^/+adm/+help/+|) {
+ 	return OK;
+     }
  # -------------------------------------------------------------- Not authorized
      $requrl=~/\.(\w+)$/;
  #    if ((&Apache::loncommon::fileembstyle($1) eq 'ssi') ||

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>

Removed from v.1.67
changed lines
	Added in v.1.78