loncom/auth/lonuploadedacc.pm - view

File: [LON-CAPA] / loncom / auth / lonuploadedacc.pm
Revision 1.17: download - view: text, annotated - select for diffs
Wed Feb 8 18:01:32 2017 UTC (7 years, 3 months ago) by raeburn
Branches: MAIN
CVS tags: version_2_12_X, version_2_11_X, version_2_11_4_uiuc, version_2_11_4_msu, version_2_11_4, version_2_11_3_uiuc, version_2_11_3_msu, version_2_11_3, version_2_11_2_uiuc, version_2_11_2_msu, version_2_11_2_educog, version_2_11_2, HEAD

- Use 'public' instead of public:public for $r->user if no real user could
  be extracted from form.token, for consistency with checkauthen.pm

1: # The LearningOnline Network 2: # Access Handler for User Files 3: # 4: # $Id: lonuploadedacc.pm,v 1.17 2017/02/08 18:01:32 raeburn Exp $ 5: # 6: # Copyright Michigan State University Board of Trustees 7: # 8: # This file is part of the LearningOnline Network with CAPA (LON-CAPA). 9: # 10: # LON-CAPA is free software; you can redistribute it and/or modify 11: # it under the terms of the GNU General Public License as published by 12: # the Free Software Foundation; either version 2 of the License, or 13: # (at your option) any later version. 14: # 15: # LON-CAPA is distributed in the hope that it will be useful, 16: # but WITHOUT ANY WARRANTY; without even the implied warranty of 17: # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 18: # GNU General Public License for more details. 19: # 20: # You should have received a copy of the GNU General Public License 21: # along with LON-CAPA; if not, write to the Free Software 22: # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 23: # 24: # /home/httpd/html/adm/gpl.txt 25: # 26: # http://www.lon-capa.org/ 27: # 28: 29: 30: 31: package Apache::lonuploadedacc; 32: 33: 34: use strict; 35: use Apache::Constants qw(:common :http); 36: use Apache::lonnet; 37: use LONCAPA qw(:match); 38: 39: sub handler { 40: my $r = shift; 41: my $args=$r->args; 42: &Apache::loncommon::get_unprocessed_cgi($args,['token','tokenissued']); 43: my (undef,undef,$udom,$uname,$ufile)=split(/\//,$r->uri,5); 44: $ufile=~s/^[\~\.]+//; 45: my $remoteserver=$env{'form.tokenissued'}; 46: my $reply=&Apache::lonnet::reply('tokenauthuserfile:'. 47: $udom.'/'.$uname.'/'.$ufile.':'.$env{'form.token'}, 48: $remoteserver); 49: if ($reply eq 'ok') { 50: if (($r->user() eq '') && ($env{'form.token'} ne '')) { 51: my ($cuname,$cudom) = 52: ($env{'form.token'} =~ /^($match_username)_\d+_($match_domain)_/); 53: if ($cuname ne '') { 54: if ($cudom eq $r->dir_config('lonDefDomain')) { 55: $r->user($cuname); 56: } else { 57: $r->user($cuname.':'.$cudom); 58: } 59: } else { 60: $r->user('public'); 61: } 62: } else { 63: $r->user('public'); 64: } 65: return OK; 66: } elsif ($reply eq 'con_lost' || $reply eq 'no_such_host') { 67: &Apache::lonnet::logthis("Server unavailable for userfile access $uname at $udom for $ufile with $remoteserver token $env{'form.token'}: $reply"); 68: return HTTP_SERVICE_UNAVAILABLE; 69: } else { 70: &Apache::lonnet::logthis("Refused userfile access $uname at $udom for $ufile with $remoteserver token $env{'form.token'}: $reply"); 71: return FORBIDDEN; 72: } 73: } 74: 75: sub skip_phase { 76: return OK; 77: } 78: 79: 1; 80: __END__ 81: 82: 83: 84: =head1 NAME 85: 86: Apache::lonuploadedacc 87: 88: =head1 SYNOPSIS 89: 90: The way this is supposed to work: 91: 92: User A has client machine C 93: User A is logged into LON-CAPA server S 94: needs file from user B 95: homeserver for user B is H 96: 97: This is part of the LearningOnline Network with CAPA project 98: described at http://www.lon-capa.org. 99: 100: =head1 HANDLER SUBROUTINE 101: 102: This handler runs on H 103: To access a userfile: 104: Server S generates a token and puts it into the query string of URL for H 105: Client box C asks H for file with token issued by C 106: H now must ask S if token is valid, uses S's lond-command tokenauthuserfile 107: 108: =cut 109: 110: 111: