[BACK]Return to publiccheck.pm CVS log [TXT] [DIR] Up to [LON-CAPA] / loncom / auth
File:  [LON-CAPA] / loncom / auth / publiccheck.pm
Revision 1.9: download - view: text, annotated - select for diffs
Fri Jul 21 19:42:12 2006 UTC (17 years, 9 months ago) by albertel
Branches: MAIN
CVS tags: version_2_1_99_2, HEAD
- lonnet::allowed() can now return a 'A' for 'pass phrase authentication needed'
- lonacc redirects to restricted access if A is returned

    1: # The LearningOnline Network
    2: # Cookie Based Access Handler
    3: #
    4: # $Id: publiccheck.pm,v 1.9 2006/07/21 19:42:12 albertel Exp $
    5: #
    6: # Copyright Michigan State University Board of Trustees
    7: #
    8: # This file is part of the LearningOnline Network with CAPA (LON-CAPA).
    9: #
   10: # LON-CAPA is free software; you can redistribute it and/or modify
   11: # it under the terms of the GNU General Public License as published by
   12: # the Free Software Foundation; either version 2 of the License, or
   13: # (at your option) any later version.
   14: #
   15: # LON-CAPA is distributed in the hope that it will be useful,
   16: # but WITHOUT ANY WARRANTY; without even the implied warranty of
   17: # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
   18: # GNU General Public License for more details.
   19: #
   20: # You should have received a copy of the GNU General Public License
   21: # along with LON-CAPA; if not, write to the Free Software
   22: # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
   23: #
   24: # /home/httpd/html/adm/gpl.txt
   25: #
   26: # http://www.lon-capa.org/
   27: #
   28: ###
   29: 
   30: package Apache::publiccheck;
   31: 
   32: use strict;
   33: use Apache::Constants qw(:common :http :methods);
   34: use Apache::lonnet;
   35: use Apache::loncommon();
   36: use Apache::lonlocal;
   37: use CGI::Cookie();
   38: use Fcntl qw(:flock);
   39: use Apache::lonacc();
   40: 
   41: sub handler {
   42:     my $r = shift;
   43: 
   44:     my $requrl=$r->uri;
   45:     my %cookies=CGI::Cookie->parse($r->header_in('Cookie'));
   46:     my $lonid=$cookies{'lonID'};
   47:     if ($lonid) {
   48: 	my $handle=$lonid->value;
   49:         $handle=~s/\W//g;
   50:         my $lonidsdir=$r->dir_config('lonIDsDir');
   51:         if ((-e "$lonidsdir/$handle.id") && ($handle ne '')) {
   52: 	    &Apache::lonnet::transfer_profile_to_env($lonidsdir,$handle);
   53: 	    if ($env{'user.name'} ne 'public'
   54: 		&& $env{'user.domain'} ne 'public') {
   55: 		return OK;
   56: 	    }
   57: 	}
   58:     }
   59:     if ($requrl=~m|^/public/|
   60: 	|| $requrl=~m|^/adm/help/.*\.hlp$|
   61: 	|| (&Apache::lonnet::metadata($requrl,'copyright') eq 'public')) {
   62:         &process_public($r,$requrl);
   63:         return OK;
   64:     } elsif (&Apache::lonnet::is_portfolio_url($requrl)) {
   65: 	my (undef,$udom,$unum,$file_name,$group) = 
   66: 	    &Apache::lonnet::parse_portfolio_url($requrl);
   67:         my $access = &process_portfolio($udom,$unum,$file_name,$group);
   68:         if ($access) {
   69:             &process_public($r,$requrl,$access);
   70:             return OK;
   71:         } 
   72:     } elsif ($requrl eq '/adm/restrictedaccess') {
   73:         &process_public($r,$requrl);
   74: 	return OK;
   75:     } 
   76:     return DECLINED;
   77: }
   78: 
   79: sub process_public {
   80:     my ($r,$requrl,$access) = @_;
   81:     &Apache::lonnet::logthis('Granting public access: '.$requrl);
   82:     if ($env{'user.name'} ne 'public' && $env{'user.domain'} ne 'public') {
   83:         my $cookie=&Apache::lonauth::success($r,'public','public','public');
   84:         my $lonidsdir=$r->dir_config('lonIDsDir');
   85:         &Apache::lonnet::transfer_profile_to_env($lonidsdir,$cookie);
   86: 	$r->err_header_out('Set-cookie',"lonID=$cookie; path=/");
   87:     }
   88:     &Apache::lonacc::get_posted_cgi($r);
   89:     $env{'request.state'} = "published";
   90:     $env{'request.publicaccess'} = 1;
   91:     $env{'request.filename'} = $r->filename;
   92:     return;
   93: }
   94: 
   95: sub process_portfolio {
   96:     my ($udom,$unum,$file_name,$group) = @_;
   97:     my $current_perms = &Apache::lonnet::get_portfile_permissions($udom,$unum);
   98:     my %access_controls = &Apache::lonnet::get_access_controls($current_perms,$group,$file_name);
   99:     my $access = '';
  100:     my $now = time;
  101:     foreach my $key (keys(%{$access_controls{$file_name}})) {
  102:         my ($num,$scope,$end,$start) = ($key =~ /^([^:]+):([a-z]+)_(\d*)_?(\d*)$/);
  103:         if ($start > $now) {
  104:             next;
  105:         }
  106:         if ($end && $end<$now) {
  107:             next;
  108:         }
  109:         if ($scope eq 'public') {
  110:             $access = 'public';
  111:             last;
  112:         }
  113:         if ($scope eq 'guest') {
  114:             $access = 'guest';
  115:         }
  116:     }
  117:     return $access;
  118: }
  119: 
  120: 1;
  121: 
  122: __END__
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>