version 1.87, 2006/07/17 19:49:14
|
version 1.88, 2006/07/21 16:07:48
|
Line 139 sub get_posted_cgi {
|
Line 139 sub get_posted_cgi {
|
|
|
sub portfolio_access { |
sub portfolio_access { |
my ($r,$requrl) = @_; |
my ($r,$requrl) = @_; |
|
my $access=&Apache::lonnet::allowed('bre',$requrl); |
|
if ($access eq '2' || $access eq 'F') { |
|
return OK; |
|
} |
my (undef,$udom,$unum,$file_name,$group) = &parse_portfolio_url($requrl); |
my (undef,$udom,$unum,$file_name,$group) = &parse_portfolio_url($requrl); |
my $result = &get_portfolio_access($udom,$unum,$file_name,$group); |
my $result = &get_portfolio_access($udom,$unum,$file_name,$group); |
|
&Apache::lonnet::logthis("got pa of $result"); |
if ($result eq 'ok') { |
if ($result eq 'ok') { |
return OK; |
return OK; |
} elsif ($result =~ /^[^:]+:guest_/) { |
} elsif ($result =~ /^[^:]+:guest_/) { |
|
&Apache::lonnet::logthis("doign pac $result"); |
&passphrase_access_checker($r,$result,$requrl); |
&passphrase_access_checker($r,$result,$requrl); |
return OK; |
return OK; |
} |
} |
return FORBIDDEN; |
return undef; |
} |
} |
|
|
sub get_portfolio_access { |
sub get_portfolio_access { |
Line 193 sub get_portfolio_access {
|
Line 199 sub get_portfolio_access {
|
} else { |
} else { |
if (@domains > 0) { |
if (@domains > 0) { |
foreach my $domkey (@domains) { |
foreach my $domkey (@domains) { |
my %content = &Apache::lonnet::parse_access_controls($$access_hash{$domkey}); |
if (ref($access_hash->{$domkey}{'dom'}) eq 'ARRAY') { |
if (ref($content{'dom'}) eq 'ARRAY') { |
if (grep(/^\Q$env{'user.domain'}\E$/,@{$access_hash->{$domkey}{'dom'}})) { |
if (grep(/^\Q$env{'user.domain'}\E$/,@{$content{'dom'}})) { |
|
return 'ok'; |
return 'ok'; |
} |
} |
} |
} |
Line 203 sub get_portfolio_access {
|
Line 208 sub get_portfolio_access {
|
} |
} |
if (@users > 0) { |
if (@users > 0) { |
foreach my $userkey (@users) { |
foreach my $userkey (@users) { |
my %content = &Apache::lonnet::parse_access_controls($$access_hash{$userkey}); |
if (exists($access_hash->{$userkey}{'users'}{$env{'user.name'}.':'.$env{'user.domain'}})) { |
if (exists($content{'users'}{$env{'user.name'}.':'.$env{'user.domain'}})) { |
|
return 'ok'; |
return 'ok'; |
} |
} |
} |
} |
Line 243 sub get_portfolio_access {
|
Line 247 sub get_portfolio_access {
|
return; |
return; |
} |
} |
foreach my $key (@courses_and_groups) { |
foreach my $key (@courses_and_groups) { |
my %content = &Apache::lonnet::parse_access_controls($$access_hash{$key}); |
my %content = %{$$access_hash{$key}}; |
my $cnum = $content{'number'}; |
my $cnum = $content{'number'}; |
my $cdom = $content{'domain'}; |
my $cdom = $content{'domain'}; |
my $cid = $cdom.'_'.$cnum; |
my $cid = $cdom.'_'.$cnum; |
Line 427 sub handler {
|
Line 431 sub handler {
|
# ---------------------------------------------------------------- Check access |
# ---------------------------------------------------------------- Check access |
my $now = time; |
my $now = time; |
if (&is_portfolio_url($requrl)) { |
if (&is_portfolio_url($requrl)) { |
return &portfolio_access($r,$requrl); |
my $result = &portfolio_access($r,$requrl); |
|
if (defined($result)) { return $result; } |
} |
} |
if ($requrl!~/^\/adm|public|prtspool\//) { |
if ($requrl!~/^\/adm|public|prtspool\//) { |
my $access=&Apache::lonnet::allowed('bre',$requrl); |
my $access=&Apache::lonnet::allowed('bre',$requrl); |
Line 519 sub handler {
|
Line 524 sub handler {
|
} else { |
} else { |
$r->log_reason("Cookie $handle not valid", $r->filename); |
$r->log_reason("Cookie $handle not valid", $r->filename); |
} |
} |
} |
} |
|
|
# -------------------------------------------- See if this is a public resource |
# -------------------------------------------- See if this is a public resource |
if ($requrl=~m|^/public/| |
if ($requrl=~m|^/public/| |
Line 543 sub handler {
|
Line 548 sub handler {
|
} |
} |
# ------------------------------------- See if this is a viewable portfolio file |
# ------------------------------------- See if this is a viewable portfolio file |
if (&is_portfolio_url($requrl)) { |
if (&is_portfolio_url($requrl)) { |
return &portfolio_access($r,$requrl); |
my $result = &portfolio_access($r,$requrl); |
|
if (defined($result)) { return $result; } |
} |
} |
|
|
# -------------------------------------------------------------- Not authorized |
# -------------------------------------------------------------- Not authorized |