version 1.86, 2006/07/14 21:38:26
|
version 1.87, 2006/07/17 19:49:14
|
Line 138 sub get_posted_cgi {
|
Line 138 sub get_posted_cgi {
|
} |
} |
|
|
sub portfolio_access { |
sub portfolio_access { |
|
my ($r,$requrl) = @_; |
|
my (undef,$udom,$unum,$file_name,$group) = &parse_portfolio_url($requrl); |
|
my $result = &get_portfolio_access($udom,$unum,$file_name,$group); |
|
if ($result eq 'ok') { |
|
return OK; |
|
} elsif ($result =~ /^[^:]+:guest_/) { |
|
&passphrase_access_checker($r,$result,$requrl); |
|
return OK; |
|
} |
|
return FORBIDDEN; |
|
} |
|
|
|
sub get_portfolio_access { |
my ($udom,$unum,$file_name,$group) = @_; |
my ($udom,$unum,$file_name,$group) = @_; |
|
|
my $current_perms = &Apache::lonnet::get_portfile_permissions($udom,$unum); |
my $current_perms = &Apache::lonnet::get_portfile_permissions($udom,$unum); |
my %access_controls = &Apache::lonnet::get_access_controls( |
my %access_controls = &Apache::lonnet::get_access_controls( |
$current_perms,$group,$file_name); |
$current_perms,$group,$file_name); |
Line 322 sub course_group_datechecker {
|
Line 336 sub course_group_datechecker {
|
return; |
return; |
} |
} |
|
|
|
sub parse_portfolio_url { |
|
my ($url) = @_; |
|
|
|
my ($type,$udom,$unum,$group,$file_name); |
|
|
|
if ($url =~ m-/+uploaded/([^/]+)/([^/]+)/portfolio(/.+)$-) { |
|
$type = 1; |
|
$udom = $1; |
|
$unum = $2; |
|
$file_name = $3; |
|
} elsif ($url =~ m-/+uploaded/([^/]+)/([^/]+)/groups/([^/]+)/portfolio/(.+)$-) { |
|
$type = 2; |
|
$udom = $1; |
|
$unum = $2; |
|
$group = $3; |
|
$file_name = $3.'/'.$4; |
|
} |
|
if (wantarray) { |
|
return ($type,$udom,$unum,$file_name,$group); |
|
} |
|
return $type; |
|
} |
|
|
|
sub is_portfolio_url { |
|
my ($url) = @_; |
|
return scalar(&parse_portfolio_url($url)); |
|
} |
|
|
sub handler { |
sub handler { |
my $r = shift; |
my $r = shift; |
my $requrl=$r->uri; |
my $requrl=$r->uri; |
Line 384 sub handler {
|
Line 426 sub handler {
|
|
|
# ---------------------------------------------------------------- Check access |
# ---------------------------------------------------------------- Check access |
my $now = time; |
my $now = time; |
if ($requrl =~ m|/+uploaded/([^/]+)/([^/]+)/portfolio(/.+)$|) { |
if (&is_portfolio_url($requrl)) { |
my $result = &portfolio_access($1,$2,$3); |
return &portfolio_access($r,$requrl); |
if ($result eq 'ok') { |
} |
return OK; |
|
} elsif ($result =~ /^[^:]+:guest_/) { |
|
&passphrase_access_checker($r,$result,$requrl); |
|
return OK; |
|
} |
|
} elsif ($requrl =~ m|/+uploaded/([^/]+)/([^/]+)/groups/([^/]+)/portfolio/(.+)$|) { |
|
my $result = &portfolio_access($1,$2,$3.'/'.$4,$3); |
|
if ($result eq 'ok') { |
|
return OK; |
|
} elsif ($result =~ /^[^:]+:guest_/) { |
|
&passphrase_access_checker($r,$result,$requrl); |
|
return OK; |
|
} |
|
} |
|
if ($requrl!~/^\/adm|public|prtspool\//) { |
if ($requrl!~/^\/adm|public|prtspool\//) { |
my $access=&Apache::lonnet::allowed('bre',$requrl); |
my $access=&Apache::lonnet::allowed('bre',$requrl); |
if ($access eq '1') { |
if ($access eq '1') { |
Line 514 sub handler {
|
Line 542 sub handler {
|
return OK; |
return OK; |
} |
} |
# ------------------------------------- See if this is a viewable portfolio file |
# ------------------------------------- See if this is a viewable portfolio file |
if ($requrl =~ m|/+uploaded/([^/]+)/([^/]+)/portfolio(/.+)$|) { |
if (&is_portfolio_url($requrl)) { |
my $result = &portfolio_access($1,$2,$3); |
return &portfolio_access($r,$requrl); |
if ($result eq 'ok') { |
|
return OK; |
|
} elsif ($result =~ /^[^:]+:guest_/) { |
|
&passphrase_access_checker($r,$result,$requrl); |
|
return OK; |
|
} |
|
} elsif ($requrl =~ m|/+uploaded/([^/]+)/([^/]+)/groups/([^/]+)/portfolio/(.+)$|) { |
|
my $result = &portfolio_access($1,$2,$3.'/'.$4,$3); |
|
if ($result eq 'ok') { |
|
return OK; |
|
} elsif ($result =~ /^[^:]+:guest_/) { |
|
&passphrase_access_checker($r,$result,$requrl); |
|
return OK; |
|
} |
|
} |
} |
|
|
# -------------------------------------------------------------- Not authorized |
# -------------------------------------------------------------- Not authorized |
$requrl=~/\.(\w+)$/; |
$requrl=~/\.(\w+)$/; |
# if ((&Apache::loncommon::fileembstyle($1) eq 'ssi') || |
# if ((&Apache::loncommon::fileembstyle($1) eq 'ssi') || |