--- loncom/auth/lonacc.pm	2006/08/04 21:31:53	1.91
+++ loncom/auth/lonacc.pm	2006/08/08 17:20:15	1.92
@@ -1,7 +1,7 @@
 # The LearningOnline Network
 # Cookie Based Access Handler
 #
-# $Id: lonacc.pm,v 1.91 2006/08/04 21:31:53 albertel Exp $
+# $Id: lonacc.pm,v 1.92 2006/08/08 17:20:15 albertel Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -172,147 +172,132 @@ sub handler {
 	$r->set_handlers('PerlResponseHandler'=>
 			 [\&Apache::switchserver::handler]);
     }
-
-    if ($handle ne '') {
-        if ((-e "$lonidsdir/$handle.id") && ($handle ne '')) {
+    
+    if ($handle eq '') {
+	$r->log_reason("Cookie $handle not valid", $r->filename); 
+    } elsif ((-e "$lonidsdir/$handle.id") && ($handle ne '')) {
 
 # ------------------------------------------------------ Initialize Environment
 
-            &Apache::lonnet::transfer_profile_to_env($lonidsdir,$handle);
+	&Apache::lonnet::transfer_profile_to_env($lonidsdir,$handle);
 
 # --------------------------------------------------------- Initialize Language
 
-	    &Apache::lonlocal::get_language_handle($r);
+	&Apache::lonlocal::get_language_handle($r);
+
+    }
 
+# -------------------------------------------------- Should be a valid user now
+    if ($env{'user.name'} ne '' && $env{'user.domain'} ne '') {
 # -------------------------------------------------------------- Resource State
 
-            if ($requrl=~/^\/+(res|uploaded)\//) {
-               $env{'request.state'} = "published";
-	    } else {
-	       $env{'request.state'} = 'unknown';
-            }
-            $env{'request.filename'} = $r->filename;
-            $env{'request.noversionuri'} = &Apache::lonnet::deversion($requrl);
+	if ($requrl=~/^\/+(res|uploaded)\//) {
+	    $env{'request.state'} = "published";
+	} else {
+	    $env{'request.state'} = 'unknown';
+	}
+	$env{'request.filename'} = $r->filename;
+	$env{'request.noversionuri'} = &Apache::lonnet::deversion($requrl);
 # -------------------------------------------------------- Load POST parameters
 
-	    &Apache::lonacc::get_posted_cgi($r);
+	&Apache::lonacc::get_posted_cgi($r);
 
 # ---------------------------------------------------------------- Check access
-            my $now = time;
-            if ($requrl!~/^\/adm|public|prtspool\//) {
-		my $access=&Apache::lonnet::allowed('bre',$requrl);
-                if ($access eq '1') {
-		   $env{'user.error.msg'}="$requrl:bre:0:0:Choose Course";
-	           return HTTP_NOT_ACCEPTABLE; 
-                }
-		if ($access eq 'A') {
-		    &Apache::restrictedaccess::setup_handler($r);
-		    return OK;
-                }
-                if (($access ne '2') && ($access ne 'F')) {
-		   $env{'user.error.msg'}="$requrl:bre:1:1:Access Denied";
-	           return HTTP_NOT_ACCEPTABLE; 
-                }
-            }
-	    if ($requrl =~ m|^/prtspool/|) {
-		my $start='/prtspool/'.$env{'user.name'}.'_'.
-		    $env{'user.domain'};
-		if ($requrl !~ /^\Q$start\E/) {
-		    $env{'user.error.msg'}="$requrl:bre:1:1:Access Denied";
-		    return HTTP_NOT_ACCEPTABLE;
-		}
+	my $now = time;
+	if ($requrl!~/^\/adm|public|prtspool\//) {
+	    my $access=&Apache::lonnet::allowed('bre',$requrl);
+	    if ($access eq '1') {
+		$env{'user.error.msg'}="$requrl:bre:0:0:Choose Course";
+		return HTTP_NOT_ACCEPTABLE; 
+	    }
+	    if ($access eq 'A') {
+		&Apache::restrictedaccess::setup_handler($r);
+		return OK;
+	    }
+	    if (($access ne '2') && ($access ne 'F')) {
+		$env{'user.error.msg'}="$requrl:bre:1:1:Access Denied";
+		return HTTP_NOT_ACCEPTABLE; 
 	    }
-	    if ($env{'user.name'} eq 'public' && 
-		$env{'user.domain'} eq 'public' &&
-		$requrl !~ m{^/+(res|public|uploaded)/} &&
-		$requrl !~ m{^/adm/[^/]+/[^/]+/aboutme/portfolio$} &&
-		$requrl !~ m{^/+adm/(help|logout|restrictedaccess|randomlabel\.png)}) {
-		$env{'request.querystring'}=$r->args;
-		$env{'request.firsturl'}=$requrl;
-		return FORBIDDEN;
+	}
+	if ($requrl =~ m|^/prtspool/|) {
+	    my $start='/prtspool/'.$env{'user.name'}.'_'.
+		$env{'user.domain'};
+	    if ($requrl !~ /^\Q$start\E/) {
+		$env{'user.error.msg'}="$requrl:bre:1:1:Access Denied";
+		return HTTP_NOT_ACCEPTABLE;
 	    }
+	}
+	if ($env{'user.name'} eq 'public' && 
+	    $env{'user.domain'} eq 'public' &&
+	    $requrl !~ m{^/+(res|public|uploaded)/} &&
+	    $requrl !~ m{^/adm/[^/]+/[^/]+/aboutme/portfolio$ }x &&
+	    $requrl !~ m{^/+adm/(help|logout|restrictedaccess|randomlabel\.png)}) {
+	    $env{'request.querystring'}=$r->args;
+	    $env{'request.firsturl'}=$requrl;
+	    return FORBIDDEN;
+	}
 # ------------------------------------------------------------- This is allowed
-          if ($env{'request.course.id'}) {
+	if ($env{'request.course.id'}) {
 	    &Apache::lonnet::countacc($requrl);
-            $requrl=~/\.(\w+)$/;
-            if ((&Apache::loncommon::fileembstyle($1) eq 'ssi') ||
- ($requrl=~/^\/adm\/.*\/(aboutme|navmaps|smppg|bulletinboard)(\?|$)/) ||
- ($requrl=~/^\/adm\/wrapper\//) ||
- ($requrl=~m|^/adm/coursedocs/showdoc/|) ||
- ($requrl=~m|\.problem/smpedit$|) ||
- ($requrl=~/^\/public\/.*\/syllabus$/)) {
+	    $requrl=~/\.(\w+)$/;
+	    if ((&Apache::loncommon::fileembstyle($1) eq 'ssi') ||
+		($requrl=~/^\/adm\/.*\/(aboutme|navmaps|smppg|bulletinboard)(\?|$ )/x) ||
+		($requrl=~/^\/adm\/wrapper\//) ||
+		($requrl=~m|^/adm/coursedocs/showdoc/|) ||
+		($requrl=~m|\.problem/smpedit$|) ||
+		($requrl=~/^\/public\/.*\/syllabus$/)) {
 # ------------------------------------- This is serious stuff, get symb and log
 		my $query=$r->args;
-                my $symb;
-                if ($query) {
+		my $symb;
+		if ($query) {
 		    &Apache::loncommon::get_unprocessed_cgi($query,['symb']);
-                }
-                if ($env{'form.symb'}) {
+		}
+		if ($env{'form.symb'}) {
 		    $symb=&Apache::lonnet::symbclean($env{'form.symb'});
-                    if ($requrl =~ m|^/adm/wrapper/|
+		    if ($requrl =~ m|^/adm/wrapper/|
 			|| $requrl =~ m|^/adm/coursedocs/showdoc/|) {
-                        my ($map,$mid,$murl)=&Apache::lonnet::decode_symb($symb);
-                        &Apache::lonnet::symblist($map,$murl => [$murl,$mid],
+			my ($map,$mid,$murl)=&Apache::lonnet::decode_symb($symb);
+			&Apache::lonnet::symblist($map,$murl => [$murl,$mid],
 						  'last_known' =>[$murl,$mid]);
-                    } elsif ((&Apache::lonnet::symbverify($symb,$requrl)) ||
+		    } elsif ((&Apache::lonnet::symbverify($symb,$requrl)) ||
 			     (($requrl=~m|(.*)/smpedit$|) &&
 			      &Apache::lonnet::symbverify($symb,$1))) {
-                      my ($map,$mid,$murl)=&Apache::lonnet::decode_symb($symb);
-		      &Apache::lonnet::symblist($map,$murl => [$murl,$mid],
-						'last_known' =>[$murl,$mid]);
+			my ($map,$mid,$murl)=&Apache::lonnet::decode_symb($symb);
+			&Apache::lonnet::symblist($map,$murl => [$murl,$mid],
+						  'last_known' =>[$murl,$mid]);
 		    } else {
 			$r->log_reason('Invalid symb for '.$requrl.': '.
-                                       $symb);
-		        $env{'user.error.msg'}=
-                                "$requrl:bre:1:1:Invalid Access";
-  	                return HTTP_NOT_ACCEPTABLE; 
-                    }
-                } else {
-	            $symb=&Apache::lonnet::symbread($requrl);
+				       $symb);
+			$env{'user.error.msg'}=
+			    "$requrl:bre:1:1:Invalid Access";
+			return HTTP_NOT_ACCEPTABLE; 
+		    }
+		} else {
+		    $symb=&Apache::lonnet::symbread($requrl);
 		    if (&Apache::lonnet::is_on_map($requrl) && $symb &&
 			!&Apache::lonnet::symbverify($symb,$requrl)) {
 			$r->log_reason('Invalid symb for '.$requrl.': '.$symb);
-		        $env{'user.error.msg'}=
-                                "$requrl:bre:1:1:Invalid Access";
-  	                return HTTP_NOT_ACCEPTABLE; 
+			$env{'user.error.msg'}=
+			    "$requrl:bre:1:1:Invalid Access";
+			return HTTP_NOT_ACCEPTABLE; 
 		    }
 		    if ($symb) {
 			my ($map,$mid,$murl)=
 			    &Apache::lonnet::decode_symb($symb);
 			&Apache::lonnet::symblist($map,$murl =>[$murl,$mid],
-						'last_known' =>[$murl,$mid]);
+						  'last_known' =>[$murl,$mid]);
 		    }
-                }
-                $env{'request.symb'}=$symb;
-                &Apache::lonnet::courseacclog($symb);
-            } else {
+		}
+		$env{'request.symb'}=$symb;
+		&Apache::lonnet::courseacclog($symb);
+	    } else {
 # ------------------------------------------------------- This is other content
-                &Apache::lonnet::courseacclog($requrl);    
-            }
-	  }
-            return OK; 
-        } else { 
-            $r->log_reason("Cookie $handle not valid", $r->filename); 
-        }
+		&Apache::lonnet::courseacclog($requrl);    
+	    }
 	}
-
-# -------------------------------------------- See if this is a public resource
-    if ($requrl=~m|^/public/|
-	|| (&Apache::lonnet::metadata($requrl,'copyright') eq 'public')) {
-        &Apache::lonnet::logthis('Granting public access: '.$requrl);
-        &Apache::lonlocal::get_language_handle($r);
-	my $cookie=
-	    &Apache::lonauth::success($r,'public','public','public');
-        my $lonidsdir=$r->dir_config('lonIDsDir');
-	&Apache::lonnet::transfer_profile_to_env($lonidsdir,$cookie);
-	&Apache::lonacc::get_posted_cgi($r);
-        $env{'request.state'} = "published";
-        $env{'request.publicaccess'} = 1;
-        $env{'request.filename'} = $r->filename;
-
-	$r->header_out('Set-cookie',"lonID=$cookie; path=/");
-        return OK;
+	return OK;
     }
+# -------------------------------------------- See if this is a public resource
     if ($requrl=~m|^/+adm/+help/+|) {
  	return OK;
     }