loncom/auth/lonacc.pm - diff

Return to lonacc.pm CVS log

Up to [LON-CAPA] / loncom / auth

Diff for /loncom/auth/lonacc.pm between versions 1.159.2.15 and 1.159.2.18

version 1.159.2.15, 2020/10/23 21:33:46	version 1.159.2.18, 2021/01/04 03:47:01
Line 369 sub sso_login {	Line 369 sub sso_login {
} else {	} else {
# need to login them in, so generate the need data that	# need to login them in, so generate the need data that
# migrate expects to do login	# migrate expects to do login
my $ip = $r->get_remote_host();	my $ip = &Apache::lonnet::get_requestor_ip($r);
my %info=('ip' => $ip,	my %info=('ip' => $ip,
'domain' => $domain,	'domain' => $domain,
'username' => $user,	'username' => $user,
Line 589 sub handler {	Line 589 sub handler {

# ---------------------------------------------------------------- Check access	# ---------------------------------------------------------------- Check access
my $now = time;	my $now = time;
my $check_symb;	my ($check_symb,$check_access,$check_block,$access,$poss_symb);
if ($requrl !~ m{^/(?:adm\|public\|(?:prt\|zip)spool)/}	if ($requrl !~ m{^/(?:adm\|public\|(?:prt\|zip)spool)/}
\|\| $requrl =~ /^\/adm\/.*\/(smppg\|bulletinboard)(\?\|$ )/x) {	\|\| $requrl =~ /^\/adm\/.*\/(smppg\|bulletinboard)(\?\|$ )/x) {
my ($access,$poss_symb);	$check_access = 1;
if (($env{'request.course.id'}) && (!$suppext)) {	}
$requrl=~/\.(\w+)$/;	if ((!$check_access) && ($env{'request.course.id'})) {
if ((&Apache::loncommon::fileembstyle($1) eq 'ssi') \|\|	if (($requrl eq '/adm/viewclasslist') \|\|
($requrl=~/^\/adm\/.*\/(aboutme\|smppg\|bulletinboard)(\?\|$ )/x) \|\|	($requrl =~ m{^(/adm/wrapper\|)\Q/uploaded/$cdom/$cnum/docs/\E}) \|\|
($requrl=~/^\/adm\/wrapper\//) \|\|	($requrl =~ m{^/adm/.*/aboutme$}) \|\|
($requrl=~m\|^/adm/coursedocs/showdoc/\|) \|\|	($requrl=~m{^/adm/coursedocs/showdoc/})) {
($requrl=~m\|\.problem/smpedit$\|) \|\|	$check_block = 1;
($requrl=~/^\/public\/.*\/syllabus$/) \|\|	}
($requrl=~/^\/adm\/(viewclasslist\|navmaps)$/) \|\|	}
($requrl=~/^\/adm\/.*\/aboutme\/portfolio(\?\|$)/)) {	if (($env{'request.course.id'}) && (!$suppext)) {
$check_symb = 1;	$requrl=~/\.(\w+)$/;
}	if ((&Apache::loncommon::fileembstyle($1) eq 'ssi') \|\|
	($requrl=~/^\/adm\/.*\/(aboutme\|smppg\|bulletinboard)(\?\|$ )/x) \|\|
	($requrl=~/^\/adm\/wrapper\//) \|\|
	($requrl=~m\|^/adm/coursedocs/showdoc/\|) \|\|
	($requrl=~m\|\.problem/smpedit$\|) \|\|
	($requrl=~/^\/public\/.*\/syllabus$/) \|\|
	($requrl=~/^\/adm\/(viewclasslist\|navmaps)$/) \|\|
	($requrl=~/^\/adm\/.*\/aboutme\/portfolio(\?\|$)/)) {
	$check_symb = 1;
}	}
	}
	if (($check_access) \|\| ($check_block)) {
if ($check_symb) {	if ($check_symb) {
if ($env{'form.symb'}) {	if ($env{'form.symb'}) {
$poss_symb=&Apache::lonnet::symbclean($env{'form.symb'});	$poss_symb=&Apache::lonnet::symbclean($env{'form.symb'});
Line 625 sub handler {	Line 635 sub handler {
if ($poss_symb) {	if ($poss_symb) {
my ($possmap,$resid,$url)=&Apache::lonnet::decode_symb($poss_symb);	my ($possmap,$resid,$url)=&Apache::lonnet::decode_symb($poss_symb);
$url = &Apache::lonnet::clutter($url);	$url = &Apache::lonnet::clutter($url);
unless (($url eq $requrl) && (&Apache::lonnet::is_on_map($possmap))) {	my $toplevelmap = $env{'course.'.$env{'request.course.id'}.'.url'};
	unless (($url eq $requrl) && (($possmap eq $toplevelmap) \|\|
	(&Apache::lonnet::is_on_map($possmap)))) {
undef($poss_symb);	undef($poss_symb);
}	}
if ($poss_symb) {	if ($poss_symb) {
Line 643 sub handler {	Line 655 sub handler {
} else {	} else {
$access=&Apache::lonnet::allowed('bre',$requrl);	$access=&Apache::lonnet::allowed('bre',$requrl);
}	}
	}
	if ($check_block) {
	if ($access eq 'B') {
	if ($poss_symb) {
	if (&Apache::lonnet::symbverify($poss_symb,$requrl)) {
	$env{'request.symb'} = $poss_symb;
	}
	}
	&Apache::blockedaccess::setup_handler($r);
	return OK;
	}
	} elsif ($check_access) {
if ($handle eq '') {	if ($handle eq '') {
unless ($access eq 'F') {	unless ($access eq 'F') {
if ($requrl =~ m{^/res/$match_domain/$match_username/}) {	if ($requrl =~ m{^/res/$match_domain/$match_username/}) {
Line 660 sub handler {	Line 684 sub handler {
}	}
if ($access eq 'B') {	if ($access eq 'B') {
if ($poss_symb) {	if ($poss_symb) {
if ($requrl=~m{^(/adm/.*/aboutme)/portfolio$}) {
$requrl = $1;
}
if (&Apache::lonnet::symbverify($poss_symb,$requrl)) {	if (&Apache::lonnet::symbverify($poss_symb,$requrl)) {
$env{'request.symb'} = $poss_symb;	$env{'request.symb'} = $poss_symb;
}	}
Line 686 sub handler {	Line 707 sub handler {
}	}
}	}
} elsif (($handle =~ /^publicuser_\d+$/) && (&Apache::lonnet::is_portfolio_url($requrl))) {	} elsif (($handle =~ /^publicuser_\d+$/) && (&Apache::lonnet::is_portfolio_url($requrl))) {
my $clientip = $r->get_remote_host();	my $clientip = &Apache::lonnet::get_requestor_ip($r);
if (&Apache::lonnet::allowed('bre',$requrl,undef,undef,$clientip) ne 'F') {	if (&Apache::lonnet::allowed('bre',$requrl,undef,undef,$clientip) ne 'F') {
$env{'user.error.msg'}="$requrl:bre:1:1:Access Denied";	$env{'user.error.msg'}="$requrl:bre:1:1:Access Denied";
return HTTP_NOT_ACCEPTABLE;	return HTTP_NOT_ACCEPTABLE;
Line 876 sub handler {	Line 897 sub handler {
}	}
# ------------------------------------ See if this is a viewable portfolio file	# ------------------------------------ See if this is a viewable portfolio file
if (&Apache::lonnet::is_portfolio_url($requrl)) {	if (&Apache::lonnet::is_portfolio_url($requrl)) {
my $clientip = $r->get_remote_host();	my $clientip = &Apache::lonnet::get_requestor_ip($r);
my $access=&Apache::lonnet::allowed('bre',$requrl,undef,undef,$clientip);	my $access=&Apache::lonnet::allowed('bre',$requrl,undef,undef,$clientip);
if ($access eq 'A') {	if ($access eq 'A') {
&Apache::restrictedaccess::setup_handler($r);	&Apache::restrictedaccess::setup_handler($r);

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>

Removed from v.1.159.2.15
changed lines
	Added in v.1.159.2.18