File:
[LON-CAPA] /
loncom /
auth /
restrictedaccess.pm
Revision
1.8:
download - view:
text,
annotated -
select for diffs
Fri Feb 13 17:20:26 2009 UTC (15 years, 7 months ago) by
bisitz
Branches:
MAIN
CVS tags:
version_2_9_X,
version_2_9_99_0,
version_2_9_1,
version_2_9_0,
version_2_8_99_1,
version_2_8_99_0,
version_2_10_X,
version_2_10_1,
version_2_10_0_RC2,
version_2_10_0_RC1,
version_2_10_0,
loncapaMITrelate_1,
language_hyphenation_merge,
language_hyphenation,
bz6209-base,
bz6209,
bz5969,
bz2851,
PRINT_INCOMPLETE_base,
PRINT_INCOMPLETE,
HEAD,
GCI_3,
GCI_2,
BZ5971-printing-apage,
BZ5434-fox,
BZ4492-merge,
BZ4492-feature_horizontal_radioresponse,
BZ4492-feature_Support_horizontal_radioresponse,
BZ4492-Support_horizontal_radioresponse
Added missing CVS Ids for automatic version numbering to script header
(Irrespective if the script is still in use or not)
1: # The LearningOnline Network
2: # Passphrase Entry and Validation for Portfolio files
3: #
4: # $Id: restrictedaccess.pm,v 1.8 2009/02/13 17:20:26 bisitz Exp $
5: #
6: # Copyright Michigan State University Board of Trustees
7: #
8: # This file is part of the LearningOnline Network with CAPA (LON-CAPA).
9: #
10: # LON-CAPA is free software; you can redistribute it and/or modify
11: # it under the terms of the GNU General Public License as published by
12: # the Free Software Foundation; either version 2 of the License, or
13: # (at your option) any later version.
14: #
15: # LON-CAPA is distributed in the hope that it will be useful,
16: # but WITHOUT ANY WARRANTY; without even the implied warranty of
17: # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18: # GNU General Public License for more details.
19: #
20: # You should have received a copy of the GNU General Public License
21: # along with LON-CAPA; if not, write to the Free Software
22: # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
23: #
24: # /home/httpd/html/adm/gpl.txt
25: #
26: # http://www.lon-capa.org/
27: #
28:
29: package Apache::restrictedaccess;
30:
31: use strict;
32: use lib '/home/httpd/lib/perl/';
33: use Apache::Constants qw(:common :http REDIRECT);
34: use CGI::Cookie();
35: use Apache::lonnet;
36: use Apache::loncommon();
37: use Apache::lonauth();
38: use Apache::lonlocal;
39: use Apache::lonacc;
40: use Fcntl qw(:flock);
41: use LONCAPA;
42:
43: sub handler {
44: my $r = shift;
45:
46: my $origurl = &unescape($env{'form.origurl'});
47: if (!defined($origurl)) {
48: $origurl = $r->uri;
49: }
50: my $msg='';
51: if (exists($env{'form.pass1'})) {
52: my ($result,$end) = &check_pass($r,$origurl);
53: if ($result eq 'ok') {
54: &Apache::lonnet::allowuploaded('/adm/restrictedaccess',
55: $origurl);
56: $env{'request.state'} = "published";
57: $env{'request.filename'} = $origurl;
58: $r->header_out(Location => 'http://'.$ENV{'HTTP_HOST'}.$origurl);
59: return REDIRECT;
60: } else {
61: $msg = 'Invalid passphrase';
62: }
63: }
64:
65: &Apache::loncommon::content_type($r,'text/html');
66: $r->send_http_header;
67: return OK if $r->header_only;
68:
69: $r->print(&Apache::loncommon::start_page('Passphrase protected file'));
70: &print_entryform($r,$origurl,$msg);
71:
72: return OK;
73: }
74:
75: sub setup_handler {
76: my ($r) = @_;
77: $r->set_handlers('PerlHandler'=>
78: [\&Apache::restrictedaccess::handler]);
79: $r->handler('perl-script');
80: }
81:
82: sub print_entryform {
83: my ($r,$origurl,$msg) = @_;
84:
85: $r->print('<script type="text/javascript">
86: function verify() {
87: if (document.passform.pass1.value == "") {
88: alert("You must enter a passphrase");
89: return;
90: }
91: document.passform.submit();
92: }
93: </script>');
94: if ($msg ne '') {
95: $r->print('<span class="LC_error">'.$msg.'</span>');
96: }
97: $r->print('<div align="center"><form name="passform" method="post" '.
98: 'action="/adm/restrictedaccess">');
99: $r->print('<br /><br /><br />');
100: $r->print(&Apache::loncommon::start_data_table());
101: $r->print(&Apache::loncommon::start_data_table_row());
102: $r->print('<td><span class="LC_nobreak">'.&mt('Passphrase: ').'</span></td>'.
103: '<td><input type="password" size="20" name="pass1" /></td>');
104: $r->print(&Apache::loncommon::end_data_table_row());
105: $r->print(&Apache::loncommon::start_data_table_row());
106: $r->print('<td align="center" colspan="2"><br />'.
107: '<input type="button" name="sendpass" value="'.
108: &mt('Submit passphrase').'" onClick="verify()" /></td>');
109: $r->print(&Apache::loncommon::end_data_table_row());
110: $r->print(&Apache::loncommon::end_data_table());
111: $r->print('<input type="hidden" name="origurl" value="'.
112: &escape($origurl).'" /></form></div>');
113: $r->print(&Apache::loncommon::end_page());
114: }
115:
116: sub check_pass {
117: my ($r,$origurl) = @_;
118: my (undef,$udom,$unum,$file_name,$group) =
119: &Apache::lonnet::parse_portfolio_url($origurl);
120:
121: my $curr_perms = &Apache::lonnet::get_portfile_permissions($udom,$unum);
122: my %acc_controls = &Apache::lonnet::get_access_controls($curr_perms,
123: $group,$file_name);
124: my $access_hash = $acc_controls{$file_name};
125:
126: my ($result,$end);
127: foreach my $key (sort(keys(%{$access_hash}))) {
128: if ($key =~ /^[^:]+:guest_(\d+)/) {
129: $end = $1;
130: if ($env{'form.pass1'} eq $access_hash->{$key}{'password'}) {
131: $result = 'ok';
132: } else {
133: $result = 'fail';
134: }
135: last;
136: }
137: }
138: return ($result,$end);
139: }
140:
141: 1;
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>