[BACK]Return to publiccheck.pm CVS log [TXT] [DIR] Up to [LON-CAPA] / loncom / auth
File:  [LON-CAPA] / loncom / auth / publiccheck.pm
Revision 1.5: download - view: text, annotated - select for diffs
Mon Jul 10 03:58:45 2006 UTC (17 years, 10 months ago) by raeburn
Branches: MAIN
CVS tags: HEAD
Mechanism for user to provide passphrase, and for the server to validate it when user attempts to access a passphrase-protected portfolio file.

    1: # The LearningOnline Network
    2: # Cookie Based Access Handler
    3: #
    4: # $Id: publiccheck.pm,v 1.5 2006/07/10 03:58:45 raeburn Exp $
    5: #
    6: # Copyright Michigan State University Board of Trustees
    7: #
    8: # This file is part of the LearningOnline Network with CAPA (LON-CAPA).
    9: #
   10: # LON-CAPA is free software; you can redistribute it and/or modify
   11: # it under the terms of the GNU General Public License as published by
   12: # the Free Software Foundation; either version 2 of the License, or
   13: # (at your option) any later version.
   14: #
   15: # LON-CAPA is distributed in the hope that it will be useful,
   16: # but WITHOUT ANY WARRANTY; without even the implied warranty of
   17: # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
   18: # GNU General Public License for more details.
   19: #
   20: # You should have received a copy of the GNU General Public License
   21: # along with LON-CAPA; if not, write to the Free Software
   22: # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
   23: #
   24: # /home/httpd/html/adm/gpl.txt
   25: #
   26: # http://www.lon-capa.org/
   27: #
   28: ###
   29: 
   30: package Apache::publiccheck;
   31: 
   32: use strict;
   33: use Apache::Constants qw(:common :http :methods);
   34: use Apache::lonnet;
   35: use Apache::loncommon();
   36: use Apache::lonlocal;
   37: use CGI::Cookie();
   38: use Fcntl qw(:flock);
   39: use Apache::lonacc();
   40: 
   41: sub handler {
   42:     my $r = shift;
   43:     my $requrl=$r->uri;
   44:     my %cookies=CGI::Cookie->parse($r->header_in('Cookie'));
   45:     my $lonid=$cookies{'lonID'};
   46:     if ($lonid) {
   47: 	my $handle=$lonid->value;
   48:         $handle=~s/\W//g;
   49:         my $lonidsdir=$r->dir_config('lonIDsDir');
   50:         if ((-e "$lonidsdir/$handle.id") && ($handle ne '')) {
   51: 	    &Apache::lonnet::transfer_profile_to_env($lonidsdir,$handle);
   52: 	    if ($env{'user.name'} ne 'public'
   53: 		&& $env{'user.domain'} ne 'public') {
   54: 		return OK;
   55: 	    }
   56: 	}
   57:     }
   58:     if ($requrl=~m|^/public/|
   59: 	|| $requrl=~m|^/adm/help/.*\.hlp$|
   60: 	|| (&Apache::lonnet::metadata($requrl,'copyright') eq 'public')) {
   61:         &process_public($r,$requrl);
   62:         return OK;
   63:     } elsif ($requrl =~ m|/+uploaded/([^/]+)/([^/]+)/portfolio(/.+)$|) {
   64:         my $access = &process_portfolio($1,$2,$3);
   65:         if ($access) {
   66:             &process_public($r,$requrl,$access);
   67:             return OK;
   68:         } 
   69:     } elsif ($requrl =~ m|/+uploaded/([^/]+)/([^/]+)/groups/([^/]+)/portfolio/(.+)$|) {
   70:         my $access = &process_portfolio($1,$2,$3.'/'.$4,$3);
   71:         if ($access) {
   72:             &process_public($r,$requrl,$access);
   73:             return OK;
   74:         }
   75:     } elsif ($requrl eq '/adm/restrictedaccess') {
   76:         &process_public($r,$requrl);
   77:     } 
   78:     return DECLINED;
   79: }
   80: 
   81: sub process_public {
   82:     my ($r,$requrl,$access) = @_;
   83:     &Apache::lonnet::logthis('Granting public access: '.$requrl);
   84:     if ($env{'user.name'} ne 'public' && $env{'user.domain'} ne 'public') {
   85:         my $cookie=&Apache::lonauth::success($r,'public','public','public');
   86:         my $lonidsdir=$r->dir_config('lonIDsDir');
   87:         &Apache::lonnet::transfer_profile_to_env($lonidsdir,$cookie);
   88:         if ($access eq 'guest') {
   89:             $r->err_headers_out('Set-cookie',"lonID=$cookie; path=/");
   90:         } else {
   91:             $r->header_out('Set-cookie',"lonID=$cookie; path=/");
   92:         }
   93:     }
   94:     &Apache::lonacc::get_posted_cgi($r);
   95:     $env{'request.state'} = "published";
   96:     $env{'request.publicaccess'} = 1;
   97:     $env{'request.filename'} = $r->filename;
   98:     return;
   99: }
  100: 
  101: sub process_portfolio {
  102:     my ($udom,$unum,$file_name,$group) = @_;
  103:     my $current_perms = &Apache::lonnet::get_portfile_permissions($udom,$unum);
  104:     my %access_controls = &Apache::lonnet::get_access_controls($current_perms,$group,$file_name);
  105:     my $access = '';
  106:     my $now = time;
  107:     foreach my $key (keys(%{$access_controls{$file_name}})) {
  108:         my ($num,$scope,$end,$start) = ($key =~ /^([^:]+):([a-z]+)_(\d*)_?(\d*)$/);
  109:         if ($start > $now) {
  110:             next;
  111:         }
  112:         if ($end && $end<$now) {
  113:             next;
  114:         }
  115:         if ($scope eq 'public') {
  116:             $access = 'public';
  117:             last;
  118:         }
  119:         if ($scope eq 'guest') {
  120:             $access = 'guest';
  121:         }
  122:     }
  123:     return $access;
  124: }
  125: 
  126: 1;
  127: 
  128: __END__
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>