--- loncom/lonnet/perl/lonnet.pm 2004/04/29 07:57:47 1.491
+++ loncom/lonnet/perl/lonnet.pm 2004/05/08 23:55:34 1.497
@@ -1,7 +1,7 @@
# The LearningOnline Network
# TCP networking package
#
-# $Id: lonnet.pm,v 1.491 2004/04/29 07:57:47 albertel Exp $
+# $Id: lonnet.pm,v 1.497 2004/05/08 23:55:34 www Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -658,7 +658,7 @@ sub assign_access_key {
# the first time around
# ready to assign
$logentry=$1.'; '.$logentry;
- if (&put('accesskey',{$ckey=>$uname.':'.$udom.'#'.$logentry},
+ if (&put('accesskeys',{$ckey=>$uname.':'.$udom.'#'.$logentry},
$cdom,$cnum) eq 'ok') {
# key now belongs to user
my $envkey='key.'.$cdom.'_'.$cnum;
@@ -755,8 +755,8 @@ sub validate_access_key {
$ENV{'course.'.$ENV{'request.course.id'}.'.domain'} unless (defined($cdom));
$cnum=
$ENV{'course.'.$ENV{'request.course.id'}.'.num'} unless (defined($cnum));
- $udom=$ENV{'user.name'} unless (defined($udom));
- $uname=$ENV{'user.domain'} unless (defined($uname));
+ $udom=$ENV{'user.domain'} unless (defined($udom));
+ $uname=$ENV{'user.name'} unless (defined($uname));
my %existing=&get('accesskeys',[$ckey],$cdom,$cnum);
return ($existing{$ckey}=~/^\Q$uname\E\:\Q$udom\E\#/);
}
@@ -1165,23 +1165,21 @@ sub externalssi {
return $response->content;
}
-# ------- Add a token to a remote URI's query string to vouch for access rights
+# -------------------------------- Allow a /uploaded/ URI to be vouched for
+
+sub allowuploaded {
+ my ($srcurl,$url)=@_;
+ $url=&clutter(&declutter($url));
+ my $dir=$url;
+ $dir=~s/\/[^\/]+$//;
+ my %httpref=();
+ my $httpurl=&hreflocation('',$url);
+ $httpref{'httpref.'.$httpurl}=$srcurl;
+ &Apache::lonnet::appenv(%httpref);
+}
sub tokenwrapper {
- my $uri=shift;
- $uri=~s/^http\:\/\/([^\/]+)//;
- $uri=~s/^\///;
- $ENV{'user.environment'}=~/\/([^\/]+)\.id/;
- my $token=$1;
-# if ($uri=~/^uploaded\/([^\/]+)\/([^\/]+)\/([^\/]+)(\?\.*)*$/) {
- if ($uri=~m|^uploaded/([^/]+)/([^/]+)/(.+)(\?\.*)*$|) {
- &appenv('userfile.'.$1.'/'.$2.'/'.$3 => $ENV{'request.course.id'});
- return 'http://'.$hostname{ &homeserver($2,$1)}.'/'.$uri.
- (($uri=~/\?/)?'&':'?').'token='.$token.
- '&tokenissued='.$perlvar{'lonHostID'};
- } else {
- return '/adm/notfound.html';
- }
+ &FIXME_blow_up;
}
# --------- File operations in /home/httpd/html/userfiles/$domain/1/2/3/$course
@@ -1270,7 +1268,8 @@ sub process_coursefile {
# output: url of file in userspace
sub userfileupload {
- my ($formname,$coursedoc)=@_;
+ my ($formname,$coursedoc,$subdir)=@_;
+ if (!defined($subdir)) { $subdir='unknown'; }
my $fname=$ENV{'form.'.$formname.'.filename'};
# Replace Windows backslashes by forward slashes
$fname=~s/\\/\//g;
@@ -1287,6 +1286,7 @@ sub userfileupload {
my $docuname='';
my $docudom='';
my $docuhome='';
+ $fname="$subdir/$fname";
if ($coursedoc) {
$docuname=$ENV{'course.'.$ENV{'request.course.id'}.'.num'};
$docudom=$ENV{'course.'.$ENV{'request.course.id'}.'.domain'};
@@ -1309,6 +1309,12 @@ sub finishuserfileupload {
my ($docuname,$docudom,$docuhome,$formname,$fname)=@_;
my $path=$docudom.'/'.$docuname.'/';
my $filepath=$perlvar{'lonDocRoot'};
+ my ($fnamepath,$file);
+ $file=$fname;
+ if ($fname=~m|/|) {
+ ($fnamepath,$file) = ($fname =~ m|^(.*)/([^/]+)$|);
+ $path.=$fnamepath.'/';
+ }
my @parts=split(/\//,$filepath.'/userfiles/'.$path);
my $count;
for ($count=4;$count<=$#parts;$count++) {
@@ -1319,25 +1325,31 @@ sub finishuserfileupload {
}
# Save the file
{
- open(my $fh,'>'.$filepath.'/'.$fname);
+ &Apache::lonnet::logthis("Saving to $filepath $file");
+ open(my $fh,'>'.$filepath.'/'.$file);
print $fh $ENV{'form.'.$formname};
close($fh);
}
# Notify homeserver to grep it
#
- my $fetchresult= &reply('fetchuserfile:'.$docudom.'/'.$docuname.'/'.$fname,
- $docuhome);
+ my $fetchresult= &reply('fetchuserfile:'.$path.$file,$docuhome);
if ($fetchresult eq 'ok') {
#
# Return the URL to it
- return '/uploaded/'.$path.$fname;
+ return '/uploaded/'.$path.$file;
} else {
- &logthis('Failed to transfer '.$docudom.'/'.$docuname.'/'.$fname.
- ' to host '.$docuhome.': '.$fetchresult);
+ &logthis('Failed to transfer '.$path.$file.' to host '.$docuhome.
+ ': '.$fetchresult);
return '/adm/notfound.html';
}
}
+sub removeuploadedurl {
+ my ($url)=@_;
+ my (undef,undef,$udom,$uname,$fname)=split('/',$url,5);
+ return &Apache::lonnet::removeuserfile($uname,$udom,$fname);
+}
+
sub removeuserfile {
my ($docuname,$docudom,$fname)=@_;
my $home=&homeserver($docuname,$docudom);
@@ -1804,7 +1816,7 @@ sub hash2str {
sub hashref2str {
my ($hashref)=@_;
my $result='__HASH_REF__';
- foreach (keys(%$hashref)) {
+ foreach (sort(keys(%$hashref))) {
if (ref($_) eq 'ARRAY') {
$result.=&arrayref2str($_).'=';
} elsif (ref($_) eq 'HASH') {
@@ -2688,10 +2700,15 @@ sub allowed {
# URI is an uploaded document for this course
- if (($priv eq 'bre') &&
- ($uri=~/^uploaded\/$ENV{'course.'.$ENV{'request.course.id'}.'.domain'}\/$ENV{'course.'.$ENV{'request.course.id'}.'.num'}/)) {
- return 'F';
+ if (($priv eq 'bre') && ($uri=~m|^uploaded/|)) {
+ my $refuri=$ENV{'httpref.'.$orguri};
+ if ($refuri) {
+ if ($refuri =~ m|^/adm/|) {
+ $thisallowed='F';
+ }
+ }
}
+
# Full access at system, domain or course-wide level? Exit.
if ($thisallowed=~/F/) {