version 1.226, 2004/08/10 11:30:24
|
version 1.228, 2004/08/10 22:55:31
|
Line 1812 sub remove_user_file_handler {
|
Line 1812 sub remove_user_file_handler {
|
my ($fname) = split(/:/, $tail); # Get rid of any tailing :'s lonc may have sent. |
my ($fname) = split(/:/, $tail); # Get rid of any tailing :'s lonc may have sent. |
|
|
my ($udom,$uname,$ufile) = ($fname =~ m|^([^/]+)/([^/]+)/(.+)$|); |
my ($udom,$uname,$ufile) = ($fname =~ m|^([^/]+)/([^/]+)/(.+)$|); |
&logthis("$udom - $uname - $ufile"); |
|
if ($ufile =~m|/\.\./|) { |
if ($ufile =~m|/\.\./|) { |
# any files paths with /../ in them refuse |
# any files paths with /../ in them refuse |
# to deal with |
# to deal with |
Line 1839 sub remove_user_file_handler {
|
Line 1838 sub remove_user_file_handler {
|
} |
} |
®ister_handler("removeuserfile", \&remove_user_file_handler, 0,1,0); |
®ister_handler("removeuserfile", \&remove_user_file_handler, 0,1,0); |
|
|
|
|
|
# |
|
# Authenticate access to a user file by checking the user's |
|
# session token(?) |
|
# |
|
# Parameters: |
|
# cmd - The request keyword that dispatched to tus. |
|
# tail - The tail of the request (colon separated parameters). |
|
# client - Filehandle open on the client. |
|
# Return: |
|
# 1. |
|
|
|
sub token_auth_user_file_handler { |
|
my ($cmd, $tail, $client) = @_; |
|
|
|
my ($fname, $session) = split(/:/, $tail); |
|
|
|
chomp($session); |
|
my $reply='non_auth'; |
|
if (open(ENVIN,$perlvar{'lonIDsDir'}.'/'. |
|
$session.'.id')) { |
|
while (my $line=<ENVIN>) { |
|
if ($line=~ m|userfile\.\Q$fname\E\=|) { $reply='ok'; } |
|
} |
|
close(ENVIN); |
|
&Reply($client, $reply); |
|
} else { |
|
&Failure($client, "invalid_token\n", "$cmd:$tail"); |
|
} |
|
return 1; |
|
|
|
} |
|
|
|
®ister_handler("tokenauthuserfile", \&token_auth_user_file_handler, 0,1,0); |
#--------------------------------------------------------------- |
#--------------------------------------------------------------- |
# |
# |
# Getting, decoding and dispatching requests: |
# Getting, decoding and dispatching requests: |
Line 1954 sub process_request {
|
Line 1987 sub process_request {
|
|
|
|
|
|
|
# ------------------------------------------ authenticate access to a user file |
|
|
|
if ($userinput =~ /^tokenauthuserfile/) { # Client only |
|
if(isClient) { |
|
my ($cmd,$fname,$session)=split(/:/,$userinput); |
|
chomp($session); |
|
my $reply='non_auth'; |
|
if (open(ENVIN,$perlvar{'lonIDsDir'}.'/'. |
|
$session.'.id')) { |
|
while (my $line=<ENVIN>) { |
|
if ($line=~ m|userfile\.\Q$fname\E\=|) { $reply='ok'; } |
|
} |
|
close(ENVIN); |
|
print $client $reply."\n"; |
|
} else { |
|
print $client "invalid_token\n"; |
|
} |
|
} else { |
|
Reply($client, "refused\n", $userinput); |
|
|
|
} |
|
# ----------------------------------------------------------------- unsubscribe |
# ----------------------------------------------------------------- unsubscribe |
} elsif ($userinput =~ /^unsub/) { |
if ($userinput =~ /^unsub/) { |
if(isClient) { |
if(isClient) { |
my ($cmd,$fname)=split(/:/,$userinput); |
my ($cmd,$fname)=split(/:/,$userinput); |
if (-e $fname) { |
if (-e $fname) { |