loncom/auth/lonroles.pm - diff

Return to lonroles.pm CVS log

Up to [LON-CAPA] / loncom / auth

Diff for /loncom/auth/lonroles.pm between versions 1.347 and 1.351

version 1.347, 2021/04/19 23:07:33	version 1.351, 2021/07/19 14:26:40
Line 728 ENDCLOSE	Line 728 ENDCLOSE
$furl .= '&orgurl='.&HTML::Entities::encode($env{'form.orgurl'},'<>&"');	$furl .= '&orgurl='.&HTML::Entities::encode($env{'form.orgurl'},'<>&"');
}	}
if ($env{'form.symb'}) {	if ($env{'form.symb'}) {
$furl .= '&symb='.&HTML::Entities::encode($env{'form.symb'};	$furl .= '&symb='.&HTML::Entities::encode($env{'form.symb'},'<>&"');
}	}
}	}
if (($ferr) && ($tadv)) {	if (($ferr) && ($tadv)) {
Line 736 ENDCLOSE	Line 736 ENDCLOSE
} else {	} else {
if ($env{'request.course.id'} eq $cdom.'_'.$cnum) {	if ($env{'request.course.id'} eq $cdom.'_'.$cnum) {
if (($env{'form.orgurl'} ne '') && ($env{'form.symb'} ne '')) {	if (($env{'form.orgurl'} ne '') && ($env{'form.symb'} ne '')) {
unless (&Apache::lonnet::symbverify($env{'form.symb'},$env{'form.orgurl'}) {	unless (&Apache::lonnet::symbverify($env{'form.symb'},$env{'form.orgurl'})) {
$dest=$env{'form.orgurl'};	$dest=$env{'form.orgurl'};
}	}
}	}
Line 831 ENDCLOSE	Line 831 ENDCLOSE
if (($dest =~ m{^\Q/public/$cdom/$cnum/syllabus\E.*(\?\|\&)usehttp=1}) \|\|	if (($dest =~ m{^\Q/public/$cdom/$cnum/syllabus\E.*(\?\|\&)usehttp=1}) \|\|
($dest =~ m{^\Q/adm/wrapper/ext/\E(?!https:)})) {	($dest =~ m{^\Q/adm/wrapper/ext/\E(?!https:)})) {
if ($ENV{'SERVER_PORT'} == 443) {	if ($ENV{'SERVER_PORT'} == 443) {
unless (&Apache::lonnet::uses_sts()) {	my $hostname = $r->hostname();
my $hostname = $r->hostname();	unless ((&Apache::lonnet::uses_sts()) \|\|
	(&Apache::lonnet::waf_allssl($hostname))) {
if ($hostname ne '') {	if ($hostname ne '') {
$dest = 'http://'.$hostname.$dest;	$dest = 'http://'.$hostname.$dest;
}	}
Line 901 ENDCLOSE	Line 902 ENDCLOSE
}	}
}	}
# Are we allowed to look at the first resource?	# Are we allowed to look at the first resource?
my $access;	#
if ($furl =~ m{^(/adm/wrapper\|)/ext/}) {	# $furl returned by lonuserstate::readmap() has format:
# If it's an external resource,	# $url?symb=escaped($symb). If the resource has the
# strip off the symb argument and possible query	# encrypturl parameter in effect, the entire string
my ($exturl,$symb) = ($furl =~ m{^(.+)(?:\?\|\&)symb=(.+)$});	# $url?symb=escaped($symb) is encrypted as a string
# Unencode $symb	# beginning /enc/.
$symb = &unescape($symb);	#
# Then check for permission	my ($access,$unencfurl,$unencsymb);
$access = &Apache::lonnet::allowed('bre',$exturl,$symb);	if ($furl =~ m{^(.+)(?:\?\|\&)symb=([^&]+)(?:$\|&)}) {
# For other resources just check for permission	my ($poss_url,$poss_symb) = ($1,$2);
	$unencsymb = &unescape($poss_symb);
	$unencfurl = $poss_url;
	} elsif ($furl =~ m{^/enc/}) {
	my $unenc = &Apache::lonenc::unencrypted($furl);
	if ($unenc =~ m{^(.+)(?:\?\|\&)symb=([^&]+)(?:$\|&)}) {
	($unencfurl,$unencsymb) = ($1,$2);
	$unencsymb = &unescape($unencsymb);
	} else {
	$unencfurl = $unenc;
	}
} else {	} else {
$access = &Apache::lonnet::allowed('bre',$furl);	$unencfurl = $furl;
}	}
if (!$access) {	if ($unencsymb) {
	my $symb = &Apache::lonnet::symbclean($unencsymb);
	if (($symb ne '') && (&Apache::lonnet::symbverify($symb,$unencfurl))) {
	$access = &Apache::lonnet::allowed('bre',$unencfurl,$symb);
	} else {
	$access = &Apache::lonnet::allowed('bre',$unencfurl);
	}
	} else {
	$access = &Apache::lonnet::allowed('bre',$unencfurl);
	}
	if ((!$access) \|\| ($access eq 'B') \|\| ($access eq 'D')) {
$furl = &Apache::lonpageflip::first_accessible_resource();	$furl = &Apache::lonpageflip::first_accessible_resource();
} elsif ($access eq 'B') {	if ($furl eq '') {
$furl = '/adm/navmaps?showOnlyHomework=1';	$furl = '/adm/navmaps?showOnlyHomework=1';
	}
}	}
if ($env{'request.lti.login'}) {	if ($env{'request.lti.login'}) {
undef($msg);	undef($msg);

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>

Removed from v.1.347
changed lines
	Added in v.1.351