loncom/auth/lonacc.pm - diff

Return to lonacc.pm CVS log

Up to [LON-CAPA] / loncom / auth

Diff for /loncom/auth/lonacc.pm between versions 1.122 and 1.134

version 1.122, 2008/11/29 10:34:30	version 1.134, 2010/03/29 13:31:01
Line 242 sub upload_size_allowed {	Line 242 sub upload_size_allowed {
&Apache::loncommon::add_to_env("form.$item",$savesize);	&Apache::loncommon::add_to_env("form.$item",$savesize);
my $maxsize= &Apache::lonnet::EXT("resource.$ident.maxfilesize");	my $maxsize= &Apache::lonnet::EXT("resource.$ident.maxfilesize");
if (!$maxsize) {	if (!$maxsize) {
$maxsize = 100.0;	$maxsize = 10.0; # FIXME This should become a domain configuration.
}	}
if ($size > $maxsize) {	if ($size > $maxsize) {
my $warn = 'HWFILETOOBIG'.$ident;	my $warn = 'HWFILETOOBIG'.$ident;
Line 278 sub sso_login {	Line 278 sub sso_login {

my ($user) = ($r->user =~ m/([a-zA-Z0-9_\-@.]*)/);	my ($user) = ($r->user =~ m/([a-zA-Z0-9_\-@.]*)/);

	my $query = $r->args;
	my %form;
	if ($query) {
	my @items = ('role','symb');
	&Apache::loncommon::get_unprocessed_cgi($query,\@items);
	foreach my $item (@items) {
	if (defined($env{'form.'.$item})) {
	$form{$item} = $env{'form.'.$item};
	}
	}
	}

my $domain = $r->dir_config('lonDefDomain');	my $domain = $r->dir_config('lonDefDomain');
my $home=&Apache::lonnet::homeserver($user,$domain);	my $home=&Apache::lonnet::homeserver($user,$domain);
if ($home !~ /(con_lost\|no_host\|no_such_host)/) {	if ($home !~ /(con_lost\|no_host\|no_such_host)/) {
Line 302 sub sso_login {	Line 314 sub sso_login {
'server' => $r->dir_config('lonHostID'),	'server' => $r->dir_config('lonHostID'),
'sso.login' => 1	'sso.login' => 1
);	);
	foreach my $item ('role','symb') {
	if (exists($form{$item})) {
	$info{$item} = $form{$item};
	}
	}
if ($r->dir_config("ssodirecturl") == 1) {	if ($r->dir_config("ssodirecturl") == 1) {
$info{'origurl'} = $r->uri;	$info{'origurl'} = $r->uri;
}	}
Line 352 sub handler {	Line 369 sub handler {
return OK;	return OK;
}	}

	if ($requrl =~ m{^/res/adm/pages/[^/]+\.(gif\|png)$}) {
	return OK;
	}

my $handle = &Apache::lonnet::check_for_valid_session($r);	my $handle = &Apache::lonnet::check_for_valid_session($r);

my $result = &sso_login($r,$handle);	my $result = &sso_login($r,$handle);
Line 390 sub handler {	Line 411 sub handler {
}	}
$env{'request.filename'} = $r->filename;	$env{'request.filename'} = $r->filename;
$env{'request.noversionuri'} = &Apache::lonnet::deversion($requrl);	$env{'request.noversionuri'} = &Apache::lonnet::deversion($requrl);
	if ($requrl =~ m{^/adm/wrapper/ext/}) {
	my $query = $r->args;
	if ($query) {
	my $preserved;
	foreach my $pair (split(/&/,$query)) {
	my ($name, $value) = split(/=/,$pair);
	unless ($name eq 'symb') {
	$preserved .= $pair.'&';
	}
	}
	$preserved =~ s/\&$//;
	if ($preserved) {
	$env{'request.external.querystring'} = $preserved;
	}
	}
	}
# -------------------------------------------------------- Load POST parameters	# -------------------------------------------------------- Load POST parameters

&Apache::lonacc::get_posted_cgi($r);	&Apache::lonacc::get_posted_cgi($r);
Line 412 sub handler {	Line 449 sub handler {
return OK;	return OK;
}	}
if (($access ne '2') && ($access ne 'F')) {	if (($access ne '2') && ($access ne 'F')) {
$env{'user.error.msg'}="$requrl:bre:1:1:Access Denied";	if ($requrl =~ m{^/res/}) {
return HTTP_NOT_ACCEPTABLE;	$access = &Apache::lonnet::allowed('bro',$requrl);
	if ($access ne 'F') {
	if ($requrl eq '/res/lib/templates/simpleproblem.problem/smpedit') {
	$access = &Apache::lonnet::allowed('bre','/res/lib/templates/simpleproblem.problem');
	if ($access ne 'F') {
	$env{'user.error.msg'}="$requrl:bre:1:1:Access Denied";
	return HTTP_NOT_ACCEPTABLE;
	}
	} else {
	$env{'user.error.msg'}="$requrl:bre:1:1:Access Denied";
	return HTTP_NOT_ACCEPTABLE;
	}
	}
	} else {
	$env{'user.error.msg'}="$requrl:bre:1:1:Access Denied";
	return HTTP_NOT_ACCEPTABLE;
	}
}	}
}	}
if ($requrl =~ m\|^/prtspool/\|) {	if ($requrl =~ m\|^/prtspool/\|) {
Line 436 sub handler {	Line 489 sub handler {
$env{'user.domain'} eq 'public' &&	$env{'user.domain'} eq 'public' &&
$requrl !~ m{^/+(res\|public\|uploaded)/} &&	$requrl !~ m{^/+(res\|public\|uploaded)/} &&
$requrl !~ m{^/adm/[^/]+/[^/]+/aboutme/portfolio$ }x &&	$requrl !~ m{^/adm/[^/]+/[^/]+/aboutme/portfolio$ }x &&
	$requrl !~ m{^/adm/blockingstatus/.*$} &&
$requrl !~ m{^/+adm/(help\|logout\|restrictedaccess\|randomlabel\.png)}) {	$requrl !~ m{^/+adm/(help\|logout\|restrictedaccess\|randomlabel\.png)}) {
$env{'request.querystring'}=$r->args;	$env{'request.querystring'}=$r->args;
$env{'request.firsturl'}=$requrl;	$env{'request.firsturl'}=$requrl;
Line 445 sub handler {	Line 499 sub handler {
if ($env{'request.course.id'}) {	if ($env{'request.course.id'}) {
&Apache::lonnet::countacc($requrl);	&Apache::lonnet::countacc($requrl);
$requrl=~/\.(\w+)$/;	$requrl=~/\.(\w+)$/;
	my $query=$r->args;
if ((&Apache::loncommon::fileembstyle($1) eq 'ssi') \|\|	if ((&Apache::loncommon::fileembstyle($1) eq 'ssi') \|\|
($requrl=~/^\/adm\/.*\/(aboutme\|navmaps\|smppg\|bulletinboard)(\?\|$ )/x) \|\|	($requrl=~/^\/adm\/.*\/(aboutme\|smppg\|bulletinboard)(\?\|$ )/x) \|\|
($requrl=~/^\/adm\/wrapper\//) \|\|	($requrl=~/^\/adm\/wrapper\//) \|\|
($requrl=~m\|^/adm/coursedocs/showdoc/\|) \|\|	($requrl=~m\|^/adm/coursedocs/showdoc/\|) \|\|
($requrl=~m\|\.problem/smpedit$\|) \|\|	($requrl=~m\|\.problem/smpedit$\|) \|\|
($requrl=~/^\/public\/.*\/syllabus$/)) {	($requrl=~/^\/public\/.*\/syllabus$/) \|\|
	($requrl=~/^\/adm\/(viewclasslist\|navmaps)$/) \|\|
	($requrl=~/^\/adm\/.*\/aboutme\/portfolio(\?\|$)/)) {
# ------------------------------------- This is serious stuff, get symb and log	# ------------------------------------- This is serious stuff, get symb and log
my $query=$r->args;
my $symb;	my $symb;
if ($query) {	if ($query) {
&Apache::loncommon::get_unprocessed_cgi($query,['symb']);	&Apache::loncommon::get_unprocessed_cgi($query,['symb']);
Line 466 sub handler {	Line 522 sub handler {
'last_known' =>[$murl,$mid]);	'last_known' =>[$murl,$mid]);
} elsif ((&Apache::lonnet::symbverify($symb,$requrl)) \|\|	} elsif ((&Apache::lonnet::symbverify($symb,$requrl)) \|\|
(($requrl=~m\|(.*)/smpedit$\|) &&	(($requrl=~m\|(.*)/smpedit$\|) &&
&Apache::lonnet::symbverify($symb,$1))) {	&Apache::lonnet::symbverify($symb,$1)) \|\|
	(($requrl=~m\|(.*/aboutme)/portfolio$\|) &&
	&Apache::lonnet::symbverify($symb,$1))) {
my ($map,$mid,$murl)=&Apache::lonnet::decode_symb($symb);	my ($map,$mid,$murl)=&Apache::lonnet::decode_symb($symb);
&Apache::lonnet::symblist($map,$murl => [$murl,$mid],	&Apache::lonnet::symblist($map,$murl => [$murl,$mid],
'last_known' =>[$murl,$mid]);	'last_known' =>[$murl,$mid]);
Line 478 sub handler {	Line 536 sub handler {
return HTTP_NOT_ACCEPTABLE;	return HTTP_NOT_ACCEPTABLE;
}	}
} else {	} else {
	if ($requrl=~m{^(/adm/.*/aboutme)/portfolio$}) {
	$requrl = $1;
	}
$symb=&Apache::lonnet::symbread($requrl);	$symb=&Apache::lonnet::symbread($requrl);
if (&Apache::lonnet::is_on_map($requrl) && $symb &&	if (&Apache::lonnet::is_on_map($requrl) && $symb &&
!&Apache::lonnet::symbverify($symb,$requrl)) {	!&Apache::lonnet::symbverify($symb,$requrl)) {
Line 499 sub handler {	Line 560 sub handler {
# ------------------------------------------------------- This is other content	# ------------------------------------------------------- This is other content
&Apache::lonnet::courseacclog($requrl);	&Apache::lonnet::courseacclog($requrl);
}	}
	my $cdom = $env{'course.'.$env{'request.course.id'}.'.domain'};;
	my $cnum = $env{'course.'.$env{'request.course.id'}.'.num'};;
	if ($requrl =~ m{^/+uploaded/\Q$cdom\E/\Q$cnum\E/docs/.+\.html?$}) {
	if (&Apache::lonnet::allowed('mdc',$env{'request.course.id'})) {
	if ($query) {
	&Apache::loncommon::get_unprocessed_cgi($query,['forceedit']);
	if ($env{'form.forceedit'}) {
	$env{'request.state'} = 'edit';
	}
	}
	}
	}
}	}
return OK;	return OK;
}	}

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>

Removed from v.1.122
changed lines
	Added in v.1.134