1: # The LearningOnline Network
2: # Passphrase Entry and Validation for Portfolio files
3: #
4: # Copyright Michigan State University Board of Trustees
5: #
6: # This file is part of the LearningOnline Network with CAPA (LON-CAPA).
7: #
8: # LON-CAPA is free software; you can redistribute it and/or modify
9: # it under the terms of the GNU General Public License as published by
10: # the Free Software Foundation; either version 2 of the License, or
11: # (at your option) any later version.
12: #
13: # LON-CAPA is distributed in the hope that it will be useful,
14: # but WITHOUT ANY WARRANTY; without even the implied warranty of
15: # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16: # GNU General Public License for more details.
17: #
18: # You should have received a copy of the GNU General Public License
19: # along with LON-CAPA; if not, write to the Free Software
20: # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
21: #
22: # /home/httpd/html/adm/gpl.txt
23: #
24: # http://www.lon-capa.org/
25: #
26:
27: package Apache::restrictedaccess;
28:
29: use strict;
30: use lib '/home/httpd/lib/perl/';
31: use Apache::Constants qw(:common :http REDIRECT);
32: use CGI::Cookie();
33: use Apache::File ();
34: use Apache::lonnet;
35: use Apache::loncommon();
36: use Apache::lonauth();
37: use Apache::lonlocal;
38: use Apache::lonacc;
39: use Fcntl qw(:flock);
40: use LONCAPA;
41:
42: sub handler {
43: my $r = shift;
44:
45: &Apache::loncommon::get_unprocessed_cgi
46: ($ENV{'QUERY_STRING'}.'&'.$env{'request.querystring'},
47: ['origurl']);
48:
49: &Apache::lonacc::get_posted_cgi($r);
50: my $origurl = &unescape($env{'form.origurl'});
51: my $msg;
52: if (exists($env{'form.pass1'})) {
53: my ($result,$end) = &check_pass($r,$origurl);
54: if ($result eq 'ok') {
55: my $cookie_check = &print_redirect($r,$end,$origurl);
56: if ($cookie_check eq 'ok') {
57: $env{'request.state'} = "published";
58: $env{'request.filename'} = $origurl;
59: $r->header_out(Location => 'http://'.$ENV{'HTTP_HOST'}.$origurl);
60: return REDIRECT;
61: } else {
62: &print_entryform($r,$origurl,$cookie_check);
63: }
64: } else {
65: $msg = "Invalid passphrase";
66: &print_entryform($r,$origurl,$msg);
67: }
68: } else {
69: &print_entryform($r,$origurl);
70: }
71: return OK;
72: }
73:
74: sub print_entryform {
75: my ($r,$origurl,$msg) = @_;
76: &Apache::lonlocal::get_language_handle($r);
77: &Apache::loncommon::content_type($r,'text/html');
78: $r->send_http_header;
79: return OK if $r->header_only;
80:
81: $r->print(&Apache::loncommon::start_page('Passphrase protected file'));
82: $r->print('<script type="text/javascript">
83: function verify() {
84: if (document.passform.pass1.value == "") {
85: alert("You must enter a passphrase");
86: return;
87: }
88: if (document.passform.pass1.value != document.passform.pass2.value) {
89: alert("Passphrases do not match");
90: return;
91: }
92: document.passform.submit();
93: }
94: </script>');
95: $r->print('<b>'.$msg.'</b>');
96: $r->print('<div align="center"><form name="passform" method="post" '.
97: 'action="/adm/restrictedaccess">');
98: $r->print('<br /><br /><br />');
99: $r->print(&Apache::loncommon::start_data_table());
100: $r->print(&Apache::loncommon::start_data_table_row());
101: $r->print('<td><nobr>'.&mt('Passphrase: ').'</nobr></td>'.
102: '<td><input type="password" size="20" name="pass1"></td>');
103: $r->print(&Apache::loncommon::end_data_table_row());
104: $r->print(&Apache::loncommon::start_data_table_row());
105: $r->print('<td><nobr>'.&mt('Confirm passphrase: ').'</nobr></td>');
106: $r->print('<td><input type="password" size="20" name="pass2" /></td>');
107: $r->print(&Apache::loncommon::end_data_table_row());
108: $r->print(&Apache::loncommon::start_data_table_row());
109: $r->print('<td align="center" colspan="2"><br />'.
110: '<input type="button" name="sendpass" value="'.
111: &mt('Submit passphrase').'" onClick="verify()" /></td>');
112: $r->print(&Apache::loncommon::end_data_table_row());
113: $r->print(&Apache::loncommon::end_data_table());
114: $r->print('<input type="hidden" name="origurl" value="'.
115: &escape($origurl).'" /></form></div>');
116: $r->print(&Apache::loncommon::end_page());
117: }
118:
119: sub print_redirect {
120: my ($r,$end,$requrl) = @_;
121: my %cookies=CGI::Cookie->parse($r->header_in('Cookie'));
122: my $lonid=$cookies{'lonID'};
123: my $lonidsdir=$r->dir_config('lonIDsDir');
124: my $cookie;
125: if ($lonid) {
126: $cookie=$lonid->value;
127: $cookie=~s/\W//g;
128: }
129: if ($cookie) {
130: my $envkey = 'user.passphrase_access_'.$requrl;
131: open(my $idf,">>$lonidsdir/$cookie.id");
132: if (!flock($idf,LOCK_EX)) {
133: &Apache::lonnet::logthis("<font color=blue>WARNING: ".
134: 'Could not obtain exclusive lock in restrictedaccess: '.$!);
135: close($idf);
136: return 'error: '.$!;
137: } else {
138: print $idf (&escape($envkey).'='.&escape($end)."\n");
139: close($idf);
140: return 'ok';
141: }
142: } else {
143: return 'error: no cookie set';
144: }
145: }
146:
147: sub check_pass {
148: my ($r,$origurl) = @_;
149: my $password = $env{'form.pass1'};
150: my ($udom,$unum,$group,$file_name,$result,$end);
151: if ($origurl =~ m-/+uploaded/([^/]+)/([^/]+)/portfolio(/.+)$-) {
152: $udom = $1;
153: $unum = $2;
154: $file_name = $3;
155: } elsif ($origurl =~ m-/+uploaded/([^/]+)/([^/]+)/groups/([^/]+)/portfolio/(.+)$-) {
156: $udom = $1;
157: $unum = $2;
158: $group = $3;
159: $file_name = $3.'/'.$4;
160: }
161: my $curr_perms = &Apache::lonnet::get_portfile_permissions($udom,$unum);
162: my %acc_controls = &Apache::lonnet::get_access_controls($curr_perms,
163: $group,$file_name);
164: my $access_hash = $acc_controls{$file_name};
165: foreach my $key (sort(keys(%{$access_hash}))) {
166: if ($key =~ /^[^:]+:guest_(\d+)/) {
167: $end = $1;
168: my $content = $$access_hash{$key};
169: my $passwd = $content->{'password'};
170: if ($password eq $passwd) {
171: $result = 'ok';
172: } else {
173: $result = 'fail';
174: }
175: last;
176: }
177: }
178: return ($result,$end);
179: }
180:
181: 1;
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>