Annotation of loncom/auth/restrictedaccess.pm, revision 1.1
1.1 ! raeburn 1: # The LearningOnline Network
! 2: # Passphrase Entry and Validation for Portfolio files
! 3: #
! 4: # Copyright Michigan State University Board of Trustees
! 5: #
! 6: # This file is part of the LearningOnline Network with CAPA (LON-CAPA).
! 7: #
! 8: # LON-CAPA is free software; you can redistribute it and/or modify
! 9: # it under the terms of the GNU General Public License as published by
! 10: # the Free Software Foundation; either version 2 of the License, or
! 11: # (at your option) any later version.
! 12: #
! 13: # LON-CAPA is distributed in the hope that it will be useful,
! 14: # but WITHOUT ANY WARRANTY; without even the implied warranty of
! 15: # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
! 16: # GNU General Public License for more details.
! 17: #
! 18: # You should have received a copy of the GNU General Public License
! 19: # along with LON-CAPA; if not, write to the Free Software
! 20: # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
! 21: #
! 22: # /home/httpd/html/adm/gpl.txt
! 23: #
! 24: # http://www.lon-capa.org/
! 25: #
! 26:
! 27: package Apache::restrictedaccess;
! 28:
! 29: use strict;
! 30: use lib '/home/httpd/lib/perl/';
! 31: use Apache::Constants qw(:common :http REDIRECT);
! 32: use CGI::Cookie();
! 33: use Apache::File ();
! 34: use Apache::lonnet;
! 35: use Apache::loncommon();
! 36: use Apache::lonauth();
! 37: use Apache::lonlocal;
! 38: use Apache::lonacc;
! 39: use Fcntl qw(:flock);
! 40: use LONCAPA;
! 41:
! 42: sub handler {
! 43: my $r = shift;
! 44:
! 45: &Apache::loncommon::get_unprocessed_cgi
! 46: ($ENV{'QUERY_STRING'}.'&'.$env{'request.querystring'},
! 47: ['origurl']);
! 48:
! 49: &Apache::lonacc::get_posted_cgi($r);
! 50: my $origurl = &unescape($env{'form.origurl'});
! 51: my $msg;
! 52: if (exists($env{'form.pass1'})) {
! 53: my ($result,$end) = &check_pass($r,$origurl);
! 54: if ($result eq 'ok') {
! 55: my $cookie_check = &print_redirect($r,$end,$origurl);
! 56: if ($cookie_check eq 'ok') {
! 57: $env{'request.state'} = "published";
! 58: $env{'request.filename'} = $origurl;
! 59: $r->header_out(Location => 'http://'.$ENV{'HTTP_HOST'}.$origurl);
! 60: return REDIRECT;
! 61: } else {
! 62: &print_entryform($r,$origurl,$cookie_check);
! 63: }
! 64: } else {
! 65: $msg = "Invalid passphrase";
! 66: &print_entryform($r,$origurl,$msg);
! 67: }
! 68: } else {
! 69: &print_entryform($r,$origurl);
! 70: }
! 71: return OK;
! 72: }
! 73:
! 74: sub print_entryform {
! 75: my ($r,$origurl,$msg) = @_;
! 76: &Apache::lonlocal::get_language_handle($r);
! 77: &Apache::loncommon::content_type($r,'text/html');
! 78: $r->send_http_header;
! 79: return OK if $r->header_only;
! 80:
! 81: $r->print(&Apache::loncommon::start_page('Passphrase protected file'));
! 82: $r->print('<script type="text/javascript">
! 83: function verify() {
! 84: if (document.passform.pass1.value == "") {
! 85: alert("You must enter a passphrase");
! 86: return;
! 87: }
! 88: if (document.passform.pass1.value != document.passform.pass2.value) {
! 89: alert("Passphrases do not match");
! 90: return;
! 91: }
! 92: document.passform.submit();
! 93: }
! 94: </script>');
! 95: $r->print('<b>'.$msg.'</b>');
! 96: $r->print('<div align="center"><form name="passform" method="post" '.
! 97: 'action="/adm/restrictedaccess">');
! 98: $r->print('<br /><br /><br />');
! 99: $r->print(&Apache::loncommon::start_data_table());
! 100: $r->print(&Apache::loncommon::start_data_table_row());
! 101: $r->print('<td><nobr>'.&mt('Passphrase: ').'</nobr></td>'.
! 102: '<td><input type="password" size="20" name="pass1"></td>');
! 103: $r->print(&Apache::loncommon::end_data_table_row());
! 104: $r->print(&Apache::loncommon::start_data_table_row());
! 105: $r->print('<td><nobr>'.&mt('Confirm passphrase: ').'</nobr></td>');
! 106: $r->print('<td><input type="password" size="20" name="pass2" /></td>');
! 107: $r->print(&Apache::loncommon::end_data_table_row());
! 108: $r->print(&Apache::loncommon::start_data_table_row());
! 109: $r->print('<td align="center" colspan="2"><br />'.
! 110: '<input type="button" name="sendpass" value="'.
! 111: &mt('Submit passphrase').'" onClick="verify()" /></td>');
! 112: $r->print(&Apache::loncommon::end_data_table_row());
! 113: $r->print(&Apache::loncommon::end_data_table());
! 114: $r->print('<input type="hidden" name="origurl" value="'.
! 115: &escape($origurl).'" /></form></div>');
! 116: $r->print(&Apache::loncommon::end_page());
! 117: }
! 118:
! 119: sub print_redirect {
! 120: my ($r,$end,$requrl) = @_;
! 121: my %cookies=CGI::Cookie->parse($r->header_in('Cookie'));
! 122: my $lonid=$cookies{'lonID'};
! 123: my $lonidsdir=$r->dir_config('lonIDsDir');
! 124: my $cookie;
! 125: if ($lonid) {
! 126: $cookie=$lonid->value;
! 127: $cookie=~s/\W//g;
! 128: }
! 129: if ($cookie) {
! 130: my $envkey = 'user.passphrase_access_'.$requrl;
! 131: open(my $idf,">>$lonidsdir/$cookie.id");
! 132: if (!flock($idf,LOCK_EX)) {
! 133: &Apache::lonnet::logthis("<font color=blue>WARNING: ".
! 134: 'Could not obtain exclusive lock in restrictedaccess: '.$!);
! 135: close($idf);
! 136: return 'error: '.$!;
! 137: } else {
! 138: print $idf (&escape($envkey).'='.&escape($end)."\n");
! 139: close($idf);
! 140: return 'ok';
! 141: }
! 142: } else {
! 143: return 'error: no cookie set';
! 144: }
! 145: }
! 146:
! 147: sub check_pass {
! 148: my ($r,$origurl) = @_;
! 149: my $password = $env{'form.pass1'};
! 150: my ($udom,$unum,$group,$file_name,$result,$end);
! 151: if ($origurl =~ m-/+uploaded/([^/]+)/([^/]+)/portfolio(/.+)$-) {
! 152: $udom = $1;
! 153: $unum = $2;
! 154: $file_name = $3;
! 155: } elsif ($origurl =~ m-/+uploaded/([^/]+)/([^/]+)/groups/([^/]+)/portfolio/(.+)$-) {
! 156: $udom = $1;
! 157: $unum = $2;
! 158: $group = $3;
! 159: $file_name = $3.'/'.$4;
! 160: }
! 161: my $curr_perms = &Apache::lonnet::get_portfile_permissions($udom,$unum);
! 162: my %acc_controls = &Apache::lonnet::get_access_controls($curr_perms,
! 163: $group,$file_name);
! 164: my $access_hash = $acc_controls{$file_name};
! 165: foreach my $key (sort(keys(%{$access_hash}))) {
! 166: if ($key =~ /^[^:]+:guest_(\d+)/) {
! 167: $end = $1;
! 168: my $content = $$access_hash{$key};
! 169: my $passwd = $content->{'password'};
! 170: if ($password eq $passwd) {
! 171: $result = 'ok';
! 172: } else {
! 173: $result = 'fail';
! 174: }
! 175: last;
! 176: }
! 177: }
! 178: return ($result,$end);
! 179: }
! 180:
! 181: 1;
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/back.gif){kind=icon}
Return to restrictedaccess.pm CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [LON-CAPA] / loncom / auth