[BACK]Return to loncacc.pm CVS log [TXT] [DIR] Up to [LON-CAPA] / loncom / auth

Diff for /loncom/auth/loncacc.pm between versions 1.35 and 1.45

version 1.35, 2004/08/23 18:57:16 version 1.45, 2007/02/01 07:13:59
Line 26 Line 26
 #  #
 # http://www.lon-capa.org/  # http://www.lon-capa.org/
 #  #
 # YEAR=2000  
 # 6/15,16/11,22/11,  
 # YEAR=2001  
 # 01/06,01/11,6/1,9/25,9/28,11/22,12/25,12/26,  
 # 01/06/01,05/04,05/05,05/09 Gerd Kortemeyer  
 # YEAR=2002  
 # 1/4 Gerd Kortemeyer  
 ###  
   
 package Apache::loncacc;  package Apache::loncacc;
   
 use strict;  use strict;
 use Apache::Constants qw(:common :http :methods REDIRECT);  use Apache::Constants qw(:common :http :methods REDIRECT);
 use Apache::File;  
 use CGI::Cookie();  use CGI::Cookie();
 use Fcntl qw(:flock);  use Fcntl qw(:flock);
 use Apache::lonlocal;  use Apache::lonlocal;
 use Apache::lonnet();  use Apache::lonnet;
   use Apache::lonacc;
   use LONCAPA qw(:DEFAULT :match);
   
 sub constructaccess {  sub constructaccess {
     my ($url,$ownerdomain)=@_;      my ($url,$ownerdomain)=@_;
     my ($ownername)=($url=~/\/(?:\~|priv\/|home\/)(\w+)\//);      my ($ownername)=($url=~/\/(?:\~|priv\/|home\/)($match_username)\//);
     unless (($ownername) && ($ownerdomain)) { return ''; }      unless (($ownername) && ($ownerdomain)) { return ''; }
     # We do not allow editing of previous versions of files.      # We do not allow editing of previous versions of files.
     if ($url=~/\.(\d+)\.(\w+)$/) { return ''; }      if ($url=~/\.(\d+)\.(\w+)$/) { return ''; }
     my @possibledomains = &Apache::lonnet::current_machine_domains();      my @possibledomains = &Apache::lonnet::current_machine_domains();
     if ($ownername eq $ENV{'user.name'}) {      if ($ownername eq $env{'user.name'}) {
  foreach my $domain (@possibledomains) {   foreach my $domain (@possibledomains) {
     if ($domain eq $ENV{'user.domain'}) {      if ($domain eq $env{'user.domain'}) {
  return ($ownername,$domain);   return ($ownername,$domain);
     }      }
  }   }
     }      }
           
     foreach my $domain (@possibledomains) {      foreach my $domain (@possibledomains) {
  my $capriv='user.priv.ca./'.$domain.'/'.$ownername.'./';   if (exists($env{'user.priv.ca./'.$domain.'/'.$ownername.'./'}) ||
  foreach (keys %ENV) {      exists($env{'user.priv.aa./'.$domain.'/'.$ownername.'./'}) ) {
     if ($_ eq $capriv) {      return ($ownername,$domain);
  return ($ownername,$domain);  
     }  
  }   }
     }      }
     return '';      return '';
Line 75  sub constructaccess { Line 65  sub constructaccess {
 sub handler {  sub handler {
     my $r = shift;      my $r = shift;
     my $requrl=$r->uri;      my $requrl=$r->uri;
     $ENV{'request.editurl'}=$requrl;      $env{'request.editurl'}=$requrl;
     my %cookies=CGI::Cookie->parse($r->header_in('Cookie'));      my %cookies=CGI::Cookie->parse($r->header_in('Cookie'));
     my $lonid=$cookies{'lonID'};      my $lonid=$cookies{'lonID'};
     my $cookie;      my $cookie;
     &Apache::lonnet::logthis("Wha? cookie");  
     if ($lonid) {      if ($lonid) {
  &Apache::lonnet::logthis("Valid cookie");        my $handle=&LONCAPA::clean_handle($lonid->value);
  my $handle=$lonid->value;  
         $handle=~s/\W//g;  
         my $lonidsdir=$r->dir_config('lonIDsDir');          my $lonidsdir=$r->dir_config('lonIDsDir');
         if ((-e "$lonidsdir/$handle.id") && ($handle ne '')) {          if ((-e "$lonidsdir/$handle.id") && ($handle ne '')) {
   
Line 97  sub handler { Line 84  sub handler {
   
 # -------------------------------------------------------------- Resource State  # -------------------------------------------------------------- Resource State
   
             $ENV{'request.state'}    = "construct";              $env{'request.state'}    = "construct";
             $ENV{'request.filename'} = $r->filename;              $env{'request.filename'} = $r->filename;
   
             unless (&constructaccess($requrl,$r->dir_config('lonDefDomain'))) {              unless (&constructaccess($requrl,$r->dir_config('lonDefDomain'))) {
                 $r->log_reason("Unauthorized $requrl", $r->filename);                   $r->log_reason("Unauthorized $requrl", $r->filename); 
         return HTTP_NOT_ACCEPTABLE;          return HTTP_NOT_ACCEPTABLE;
             }              }
 # Construction space needs Remote to work  
             if ($ENV{'environment.remote'} eq 'off') {  
         $r->content_type('text/html');  
                 $r->header_out(Location =>   
                     'http://'.$r->server->server_hostname.  
                     '/adm/remote?action=launch&url='.  
                     &Apache::lonnet::escape($requrl));  
                 return REDIRECT;  
             }  
   
 # -------------------------------------------------------- Load POST parameters  # -------------------------------------------------------- Load POST parameters
   
     &Apache::loncommon::get_posted_cgi($r);      &Apache::lonacc::get_posted_cgi($r);
   
             return OK;               return OK; 
         } else {           } else { 
     &Apache::lonnet::logthis("Invalid cookie");  
             $r->log_reason("Cookie $handle not valid", $r->filename)               $r->log_reason("Cookie $handle not valid", $r->filename) 
         };          };
     }      }
   
 # ----------------------------------------------- Store where they wanted to go  # ----------------------------------------------- Store where they wanted to go
   
     $ENV{'request.firsturl'}=$requrl;      $env{'request.firsturl'}=$requrl;
     return FORBIDDEN;      return FORBIDDEN;
 }  }
   
Removed from v.1.35  
changed lines
  Added in v.1.45

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>