--- loncom/auth/loncacc.pm	2005/06/19 00:41:32	1.39
+++ loncom/auth/loncacc.pm	2008/11/12 20:01:09	1.47
@@ -2,7 +2,7 @@
 # Cookie Based Access Handler for Construction Area
 # (lonacc: 5/21/99,5/22,5/29,5/31 Gerd Kortemeyer)
 #
-# $Id: loncacc.pm,v 1.39 2005/06/19 00:41:32 www Exp $
+# $Id: loncacc.pm,v 1.47 2008/11/12 20:01:09 jms Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -27,98 +27,7 @@
 # http://www.lon-capa.org/
 #
 
-package Apache::loncacc;
-
-use strict;
-use Apache::Constants qw(:common :http :methods REDIRECT);
-use Apache::File;
-use CGI::Cookie();
-use Fcntl qw(:flock);
-use Apache::lonlocal;
-use Apache::lonnet;
-
-
-sub constructaccess {
-    my ($url,$ownerdomain)=@_;
-    my ($ownername)=($url=~/\/(?:\~|priv\/|home\/)(\w+)\//);
-    unless (($ownername) && ($ownerdomain)) { return ''; }
-    # We do not allow editing of previous versions of files.
-    if ($url=~/\.(\d+)\.(\w+)$/) { return ''; }
-    my @possibledomains = &Apache::lonnet::current_machine_domains();
-    if ($ownername eq $env{'user.name'}) {
-	foreach my $domain (@possibledomains) {
-	    if ($domain eq $env{'user.domain'}) {
-		return ($ownername,$domain);
-	    }
-	}
-    }
-    
-    foreach my $domain (@possibledomains) {
-	my $capriv='user.priv.ca./'.$domain.'/'.$ownername.'./';
-	foreach (keys %env) {
-	    if ($_ eq $capriv) {
-		return ($ownername,$domain);
-	    }
-	}
-	my $aapriv='user.priv.aa./'.$domain.'/'.$ownername.'./';
-	foreach (keys %env) {
-	    if ($_ eq $aapriv) {
-		return ($ownername,$domain);
-	    }
-	}
-    }
-    return '';
-}
-
-sub handler {
-    my $r = shift;
-    my $requrl=$r->uri;
-    $env{'request.editurl'}=$requrl;
-    my %cookies=CGI::Cookie->parse($r->header_in('Cookie'));
-    my $lonid=$cookies{'lonID'};
-    my $cookie;
-    if ($lonid) {
-	my $handle=$lonid->value;
-        $handle=~s/\W//g;
-        my $lonidsdir=$r->dir_config('lonIDsDir');
-        if ((-e "$lonidsdir/$handle.id") && ($handle ne '')) {
-
-# ------------------------------------------------------ Initialize Environment
-
-            &Apache::lonnet::transfer_profile_to_env($lonidsdir,$handle);
-
-# --------------------------------------------------------- Initialize Language
- 
- 	    &Apache::lonlocal::get_language_handle($r);
-
-# -------------------------------------------------------------- Resource State
-
-            $env{'request.state'}    = "construct";
-            $env{'request.filename'} = $r->filename;
-
-            unless (&constructaccess($requrl,$r->dir_config('lonDefDomain'))) {
-                $r->log_reason("Unauthorized $requrl", $r->filename); 
-	        return HTTP_NOT_ACCEPTABLE;
-            }
-
-# -------------------------------------------------------- Load POST parameters
-
-	    &Apache::loncommon::get_posted_cgi($r);
-
-            return OK; 
-        } else { 
-            $r->log_reason("Cookie $handle not valid", $r->filename) 
-        };
-    }
-
-# ----------------------------------------------- Store where they wanted to go
-
-    $env{'request.firsturl'}=$requrl;
-    return FORBIDDEN;
-}
-
-1;
-__END__
+=pod
 
 =head1 NAME
 
@@ -177,6 +86,86 @@ two element list ($ownername,$ownerdomai
 =cut
 
 
+package Apache::loncacc;
+
+use strict;
+use Apache::Constants qw(:common :http :methods REDIRECT);
+use Fcntl qw(:flock);
+use Apache::lonlocal;
+use Apache::lonnet;
+use Apache::lonacc;
+use LONCAPA qw(:DEFAULT :match);
+
+sub constructaccess {
+    my ($url,$ownerdomain)=@_;
+    my ($ownername)=($url=~/\/(?:\~|priv\/|home\/)($match_username)\//);
+    unless (($ownername) && ($ownerdomain)) { return ''; }
+    # We do not allow editing of previous versions of files.
+    if ($url=~/\.(\d+)\.(\w+)$/) { return ''; }
+    my @possibledomains = &Apache::lonnet::current_machine_domains();
+    if ($ownername eq $env{'user.name'}) {
+	foreach my $domain (@possibledomains) {
+	    if ($domain eq $env{'user.domain'}) {
+		return ($ownername,$domain);
+	    }
+	}
+    }
+    
+    foreach my $domain (@possibledomains) {
+	if (exists($env{'user.priv.ca./'.$domain.'/'.$ownername.'./'}) ||
+	    exists($env{'user.priv.aa./'.$domain.'/'.$ownername.'./'}) ) {
+	    return ($ownername,$domain);
+	}
+    }
+    return '';
+}
+
+sub handler {
+    my $r = shift;
+    my $requrl=$r->uri;
+    $env{'request.editurl'}=$requrl;
+
+    my $handle =  &Apache::lonnet::check_for_valid_session($r);
+    if ($handle ne '') {
+
+# ------------------------------------------------------ Initialize Environment
+        my $lonidsdir=$r->dir_config('lonIDsDir');
+	&Apache::lonnet::transfer_profile_to_env($lonidsdir,$handle);
+
+# --------------------------------------------------------- Initialize Language
+ 
+	&Apache::lonlocal::get_language_handle($r);
+
+# -------------------------------------------------------------- Resource State
+
+	$env{'request.state'}    = "construct";
+	$env{'request.filename'} = $r->filename;
+
+	unless (&constructaccess($requrl,$r->dir_config('lonDefDomain'))) {
+	    $r->log_reason("Unauthorized $requrl", $r->filename); 
+	    return HTTP_NOT_ACCEPTABLE;
+	}
+
+# -------------------------------------------------------- Load POST parameters
+
+	&Apache::lonacc::get_posted_cgi($r);
+
+	return OK; 
+    } else { 
+	$r->log_reason("Cookie $handle not valid", $r->filename) 
+    }
+
+# ----------------------------------------------- Store where they wanted to go
+
+    $env{'request.firsturl'}=$requrl;
+    return FORBIDDEN;
+}
+
+1;
+__END__
+
+
+