loncom/auth/lonacc.pm - diff

Return to lonacc.pm CVS log

Up to [LON-CAPA] / loncom / auth

Diff for /loncom/auth/lonacc.pm between versions 1.117 and 1.121

-version 1.117, 2008/11/10 13:20:24
+version 1.121, 2008/11/25 14:19:07
  Line 27
  #
  ###
+ =head1 NAME
+ Apache::lonacc - Cookie Based Access Handler
+ =head1 SYNOPSIS
+ Invoked (for various locations) by /etc/httpd/conf/srm.conf:
+  PerlAccessHandler       Apache::lonacc
+ =head1 INTRODUCTION
+ This module enables cookie based authentication and is used
+ to control access for many different LON-CAPA URIs.
+ Whenever the client sends the cookie back to the server,
+ this cookie is handled by either lonacc.pm or loncacc.pm
+ (see srm.conf for what is invoked when).  If
+ the cookie is missing or invalid, the user is re-challenged
+ for login information.
+ This is part of the LearningOnline Network with CAPA project
+ described at http://www.lon-capa.org.
+ =head1 HANDLER SUBROUTINE
+ This routine is called by Apache and mod_perl.
+ =over 4
+ =item *
+ transfer profile into environment
+ =item *
+ load POST parameters
+ =item *
+ check access
+ =item *
+ if allowed, get symb, log, generate course statistics if applicable
+ =item *
+ otherwise return error
+ =item *
+ see if public resource
+ =item *
+ store attempted access
+ =back
+ =head1 NOTABLE SUBROUTINES
+ =over
+ =cut
  package Apache::lonacc;
  use strict;
- Line 90  sub get_posted_cgi {
+ Line 157  sub get_posted_cgi {
  	    if ($lines[$i]=~/^--\Q$contentsep\E/) {
  		if ($name) {
  		    chomp($value);
- 		    if ($fname) {
- 			$env{"form.$name.filename"}=$fname;
- 			$env{"form.$name.mimetype"}=$fmime;
- 		    } else {
- 			$value=~s/\s+$//s;
- 		    }
                      if (ref($fields) eq 'ARRAY') {
                          next if (!grep(/^\Q$name\E$/,@{$fields}));
                      }
- 		    &Apache::loncommon::add_to_env("form.$name",$value);
+                     if ($fname) {
+                         if ($env{'form.symb'} ne '') {
+                             my $size = (length($value))/(1024.0 * 1024.0);
+                             if (&upload_size_allowed($name,$size,$fname) eq 'ok') {
+                                 $env{"form.$name.filename"}=$fname;
+                                 $env{"form.$name.mimetype"}=$fmime;
+                                 &Apache::loncommon::add_to_env("form.$name",$value);
+                             }
+                         } else {
+                             $env{"form.$name.filename"}=$fname;
+                             $env{"form.$name.mimetype"}=$fmime;
+                             &Apache::loncommon::add_to_env("form.$name",$value);
+                         }
+                     } else {
+                         $value=~s/\s+$//s;
+                         &Apache::loncommon::add_to_env("form.$name",$value);
+                     }
  		}
  		if ($i<$#lines) {
  		    $i++;
- Line 145  sub get_posted_cgi {
+ Line 222  sub get_posted_cgi {
      $r->headers_in->unset('Content-length');
  }
- # handle the case of the single sign on user, at this point $r->user
+ =pod
- # will be set and valid now need to find the loncapa user info and possibly
- # balance them
+ =item upload_size_allowed()
- # returns OK if it was a SSO and user was handled
- #         undef if not SSO or no means to hanle the user
+ 	Perform size checks for file uploads to essayresponse items in course context.
+ 	Add form.HWFILESIZE.$part_$id to %env with file size (MB)
+ 	If file exceeds maximum allowed size, add form.HWFILETOOBIG.$part_$id to %env.
+ =cut
+ sub upload_size_allowed {
+     my ($name,$size,$fname) = @_;
+     if ($name =~ /^HWFILE(\w+)$/) {
+         my $ident = $1;
+         my $item = 'HWFILESIZE'.$ident;
+         &Apache::loncommon::add_to_env("form.$item",$size);
+         my $maxsize= &Apache::lonnet::EXT("resource.$ident.maxfilesize");
+         if (!$maxsize) {
+             $maxsize = 100.0;
+         }
+         if ($size > $maxsize) {
+             my $warn = 'HWFILETOOBIG'.$ident;
+             &Apache::loncommon::add_to_env("form.$warn",$fname);
+             return;
+         }
+     }
+     return 'ok';
+ }
+ =pod
+ =item sso_login()
+ 	handle the case of the single sign on user, at this point $r->user
+ 	will be set and valid now need to find the loncapa user info and possibly
+ 	balance them
+ 	returns OK if it was a SSO and user was handled
+         undef if not SSO or no means to hanle the user
+ =cut
  sub sso_login {
      my ($r,$handle) = @_;
- Line 424  sub handler {
+ Line 537  sub handler {
 ;
  __END__
- =head1 NAME
+ =pod
- Apache::lonacc - Cookie Based Access Handler
- =head1 SYNOPSIS
- Invoked (for various locations) by /etc/httpd/conf/srm.conf:
-  PerlAccessHandler       Apache::lonacc
- =head1 INTRODUCTION
- This module enables cookie based authentication and is used
- to control access for many different LON-CAPA URIs.
- Whenever the client sends the cookie back to the server,
- this cookie is handled by either lonacc.pm or loncacc.pm
- (see srm.conf for what is invoked when).  If
- the cookie is missing or invalid, the user is re-challenged
- for login information.
- This is part of the LearningOnline Network with CAPA project
- described at http://www.lon-capa.org.
- =head1 HANDLER SUBROUTINE
- This routine is called by Apache and mod_perl.
- =over 4
- =item *
- transfer profile into environment
- =item *
- load POST parameters
- =item *
- check access
- =item *
- if allowed, get symb, log, generate course statistics if applicable
- =item *
- otherwise return error
- =item *
- see if public resource
- =item *
- store attempted access
  =back
  =cut

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>

Removed from v.1.117
changed lines
	Added in v.1.121