loncom/auth/lonacc.pm - diff

Return to lonacc.pm CVS log

Up to [LON-CAPA] / loncom / auth

Diff for /loncom/auth/lonacc.pm between versions 1.142 and 1.148

version 1.142, 2013/01/30 16:23:47	version 1.148, 2013/12/13 01:41:08
Line 89 store attempted access	Line 89 store attempted access

=head1 NOTABLE SUBROUTINES	=head1 NOTABLE SUBROUTINES

=over

=cut	=cut


Line 103 use Apache::lonnet;	Line 101 use Apache::lonnet;
use Apache::loncommon();	use Apache::loncommon();
use Apache::lonlocal;	use Apache::lonlocal;
use Apache::restrictedaccess();	use Apache::restrictedaccess();
use Apache::blockedaccess();	use Apache::blockedaccess();
use Fcntl qw(:flock);	use Fcntl qw(:flock);
use LONCAPA qw(:DEFAULT :match);	use LONCAPA qw(:DEFAULT :match);

Line 230 sub get_posted_cgi {	Line 228 sub get_posted_cgi {

=pod	=pod

	=over

=item upload_size_allowed()	=item upload_size_allowed()

Perform size checks for file uploads to essayresponse items in course context.	Perform size checks for file uploads to essayresponse items in course context.
Line 264 sub upload_size_allowed {	Line 264 sub upload_size_allowed {
=item sso_login()	=item sso_login()

handle the case of the single sign on user, at this point $r->user	handle the case of the single sign on user, at this point $r->user
will be set and valid now need to find the loncapa user info and possibly	will be set and valia;d now need to find the loncapa user info, and possibly
balance them	balance them. If Apache >= 2.4, $r->user() will also have been set so
	$curruser is checked, and if null, this is an SSO case.
returns OK if it was a SSO and user was handled	returns OK if it was a SSO and user was handled
undef if not SSO or no means to hanle the user	undef if not SSO or no means to hanle the user

=cut	=cut

sub sso_login {	sub sso_login {
my ($r,$handle) = @_;	my ($r,$handle,$curruser) = @_;

my $lonidsdir=$r->dir_config('lonIDsDir');	my $lonidsdir=$r->dir_config('lonIDsDir');
if (!($r->user	if (($r->user eq '') \|\| ($curruser ne '') \|\|
&& (!defined($env{'user.name'}) && !defined($env{'user.domain'}))	(defined($env{'user.name'}) && (defined($env{'user.domain'}))
&& ($handle eq ''))) {	&& ($handle ne ''))) {
# not an SSO case or already logged in	# not an SSO case or already logged in
return undef;	return undef;
}	}
Line 287 sub sso_login {	Line 288 sub sso_login {
my $query = $r->args;	my $query = $r->args;
my %form;	my %form;
if ($query) {	if ($query) {
my @items = ('role','symb');	my @items = ('role','symb','iptoken');
&Apache::loncommon::get_unprocessed_cgi($query,\@items);	&Apache::loncommon::get_unprocessed_cgi($query,\@items);
foreach my $item (@items) {	foreach my $item (@items) {
if (defined($env{'form.'.$item})) {	if (defined($env{'form.'.$item})) {
Line 296 sub sso_login {	Line 297 sub sso_login {
}	}
}	}

	my %sessiondata;
	if ($form{'iptoken'}) {
	%sessiondata = &Apache::lonnet::tmpget($form{'iptoken'});
	my $delete = &Apache::lonnet::tmpdel($form{'token'});
	}

my $domain = $r->dir_config('lonSSOUserDomain');	my $domain = $r->dir_config('lonSSOUserDomain');
if ($domain eq '') {	if ($domain eq '') {
$domain = $r->dir_config('lonDefDomain');	$domain = $r->dir_config('lonDefDomain');
Line 303 sub sso_login {	Line 310 sub sso_login {
my $home=&Apache::lonnet::homeserver($user,$domain);	my $home=&Apache::lonnet::homeserver($user,$domain);
if ($home !~ /(con_lost\|no_host\|no_such_host)/) {	if ($home !~ /(con_lost\|no_host\|no_such_host)/) {
&Apache::lonnet::logthis(" SSO authorized user $user ");	&Apache::lonnet::logthis(" SSO authorized user $user ");
my ($is_balancer,$otherserver) =	my ($is_balancer,$otherserver,$hosthere);
&Apache::lonnet::check_loadbalancing($user,$domain);	if ($form{'iptoken'}) {
	if (($sessiondata{'domain'} eq $form{'udom'}) &&
	($sessiondata{'username'} eq $form{'uname'})) {
	$hosthere = 1;
	}
	}
	unless ($hosthere) {
	($is_balancer,$otherserver) =
	&Apache::lonnet::check_loadbalancing($user,$domain);
	}

if ($is_balancer) {	if ($is_balancer) {
# login but immediately go to switch server to find us a new	# login but immediately go to switch server to find us a new
# machine	# machine
Line 323 sub sso_login {	Line 340 sub sso_login {
} else {	} else {
# need to login them in, so generate the need data that	# need to login them in, so generate the need data that
# migrate expects to do login	# migrate expects to do login
my %info=('ip' => $r->connection->remote_ip(),	my $ip;
	my $c = $r->connection;
	eval {
	$ip = $c->remote_ip();
	};
	if ($@) {
	$ip = $c->client_ip();
	}
	my %info=('ip' => $ip,
'domain' => $domain,	'domain' => $domain,
'username' => $user,	'username' => $user,
'server' => $r->dir_config('lonHostID'),	'server' => $r->dir_config('lonHostID'),
Line 388 sub handler {	Line 413 sub handler {
return OK;	return OK;
}	}

my $handle = &Apache::lonnet::check_for_valid_session($r);	my $curruser;
	my $handle = &Apache::lonnet::check_for_valid_session($r,undef,\$curruser);

my $result = &sso_login($r,$handle);	my $result = &sso_login($r,$handle,$curruser);
if (defined($result)) {	if (defined($result)) {
return $result;	return $result;
}	}
Line 477 sub handler {	Line 503 sub handler {
$checkexempt = 1;	$checkexempt = 1;
}	}
}	}
	if ($env{'user.noloadbalance'} eq $r->dir_config('lonHostID')) {
	$checkexempt = 1;
	}
unless ($checkexempt) {	unless ($checkexempt) {
($is_balancer,$otherserver) =	($is_balancer,$otherserver) =
&Apache::lonnet::check_loadbalancing($env{'user.name'},	&Apache::lonnet::check_loadbalancing($env{'user.name'},
Line 629 sub handler {	Line 658 sub handler {
$env{'request.state'} = 'edit';	$env{'request.state'} = 'edit';
}	}
}	}
	}
	} elsif ($requrl =~ m{^/+uploaded/\Q$cdom\E/\Q$cnum\E/portfolio/syllabus/.+\.html?$}) {
	if (&Apache::lonnet::allowed('mdc',$env{'request.course.id'})) {
	if ($query) {
	&Apache::loncommon::get_unprocessed_cgi($query,['forceedit','editmode']);
	if (($env{'form.forceedit'}) \|\| ($env{'form.editmode'})) {
	$env{'request.state'} = 'edit';
	}
	}
}	}
}	}
}	}

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>

Removed from v.1.142
changed lines
	Added in v.1.148