loncom/auth/loncacc.pm - diff

Return to loncacc.pm CVS log

Up to [LON-CAPA] / loncom / auth

Diff for /loncom/auth/loncacc.pm between versions 1.31 and 1.39

version 1.31, 2003/09/20 17:44:22	version 1.39, 2005/06/19 00:41:32
Line 26	Line 26
#	#
# http://www.lon-capa.org/	# http://www.lon-capa.org/
#	#
# YEAR=2000
# 6/15,16/11,22/11,
# YEAR=2001
# 01/06,01/11,6/1,9/25,9/28,11/22,12/25,12/26,
# 01/06/01,05/04,05/05,05/09 Gerd Kortemeyer
# YEAR=2002
# 1/4 Gerd Kortemeyer
###

package Apache::loncacc;	package Apache::loncacc;

Line 43 use Apache::File;	Line 35 use Apache::File;
use CGI::Cookie();	use CGI::Cookie();
use Fcntl qw(:flock);	use Fcntl qw(:flock);
use Apache::lonlocal;	use Apache::lonlocal;
	use Apache::lonnet;


sub constructaccess {	sub constructaccess {
my ($url,$ownerdomain)=@_;	my ($url,$ownerdomain)=@_;
my ($ownername)=($url=~/\/(?:\~\|priv\/\|home\/)(\w+)/);	my ($ownername)=($url=~/\/(?:\~\|priv\/\|home\/)(\w+)\//);
unless (($ownername) && ($ownerdomain)) { return ''; }	unless (($ownername) && ($ownerdomain)) { return ''; }
# We do not allow editing of previous versions of files.	# We do not allow editing of previous versions of files.
if ($url=~/\.(\d+)\.(\w+)$/) { return ''; }	if ($url=~/\.(\d+)\.(\w+)$/) { return ''; }
if (($ownername eq $ENV{'user.name'}) &&	my @possibledomains = &Apache::lonnet::current_machine_domains();
($ownerdomain eq $ENV{'user.domain'})) {	if ($ownername eq $env{'user.name'}) {
return ($ownername,$ownerdomain);	foreach my $domain (@possibledomains) {
	if ($domain eq $env{'user.domain'}) {
	return ($ownername,$domain);
	}
	}
}	}

my $capriv='user.priv.ca./'.	foreach my $domain (@possibledomains) {
$ownerdomain.'/'.$ownername.'./';	my $capriv='user.priv.ca./'.$domain.'/'.$ownername.'./';
foreach (keys %ENV) {	foreach (keys %env) {
if ($_ eq $capriv) {	if ($_ eq $capriv) {
return ($ownername,$ownerdomain);	return ($ownername,$domain);
}	}
	}
	my $aapriv='user.priv.aa./'.$domain.'/'.$ownername.'./';
	foreach (keys %env) {
	if ($_ eq $aapriv) {
	return ($ownername,$domain);
	}
	}
}	}
return '';	return '';
}	}
Line 68 sub constructaccess {	Line 73 sub constructaccess {
sub handler {	sub handler {
my $r = shift;	my $r = shift;
my $requrl=$r->uri;	my $requrl=$r->uri;
$ENV{'request.editurl'}=$requrl;	$env{'request.editurl'}=$requrl;
my %cookies=CGI::Cookie->parse($r->header_in('Cookie'));	my %cookies=CGI::Cookie->parse($r->header_in('Cookie'));
my $lonid=$cookies{'lonID'};	my $lonid=$cookies{'lonID'};
my $cookie;	my $cookie;
Line 88 sub handler {	Line 93 sub handler {

# -------------------------------------------------------------- Resource State	# -------------------------------------------------------------- Resource State

$ENV{'request.state'} = "construct";	$env{'request.state'} = "construct";
$ENV{'request.filename'} = $r->filename;	$env{'request.filename'} = $r->filename;

unless (&constructaccess($requrl,$r->dir_config('lonDefDomain'))) {	unless (&constructaccess($requrl,$r->dir_config('lonDefDomain'))) {
$r->log_reason("Unauthorized $requrl", $r->filename);	$r->log_reason("Unauthorized $requrl", $r->filename);
return HTTP_NOT_ACCEPTABLE;	return HTTP_NOT_ACCEPTABLE;
}	}
# Construction space needs Remote to work
if ($ENV{'environment.remote'} eq 'off') {
$r->content_type('text/html');
$r->header_out(Location =>
'http://'.$r->server->server_hostname.
'/adm/remote?action=launch&url='.
&Apache::lonnet::escape($requrl));
return REDIRECT;
}

# -------------------------------------------------------- Load POST parameters	# -------------------------------------------------------- Load POST parameters

Line 117 sub handler {	Line 113 sub handler {

# ----------------------------------------------- Store where they wanted to go	# ----------------------------------------------- Store where they wanted to go

$ENV{'request.firsturl'}=$requrl;	$env{'request.firsturl'}=$requrl;
return FORBIDDEN;	return FORBIDDEN;
}	}

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>

Removed from v.1.31
changed lines
	Added in v.1.39