--- loncom/lonnet/perl/lonnet.pm	2006/07/21 18:52:35	1.765
+++ loncom/lonnet/perl/lonnet.pm	2006/08/04 19:42:59	1.768
@@ -1,7 +1,7 @@
 # The LearningOnline Network
 # TCP networking package
 #
-# $Id: lonnet.pm,v 1.765 2006/07/21 18:52:35 albertel Exp $
+# $Id: lonnet.pm,v 1.768 2006/08/04 19:42:59 albertel Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -3220,31 +3220,29 @@ sub tmpdel {
 # -------------------------------------------------- portfolio access checking
 
 sub portfolio_access {
-    my ($r,$requrl) = @_;
-    my $access=&allowed('bre',$requrl);
-    if ($access eq '2' || $access eq 'F') {
-       return 'ok';
-    }
+    my ($requrl) = @_;
     my (undef,$udom,$unum,$file_name,$group) = &parse_portfolio_url($requrl);
     my $result = &get_portfolio_access($udom,$unum,$file_name,$group);
     if ($result eq 'ok') {
-       return 'ok';
+       return 'F';
     } elsif ($result =~ /^[^:]+:guest_/) {
-       &Apache::lonacc::passphrase_access_checker($r,$result,$requrl);
-       return 'ok';
+       return 'A';
     }
-    return undef;
+    return '';
 }
 
 sub get_portfolio_access {
-    my ($udom,$unum,$file_name,$group) = @_;
- 
-    my $current_perms = &get_portfile_permissions($udom,$unum);
-    my %access_controls = &get_access_controls($current_perms,$group,
-					       $file_name);
+    my ($udom,$unum,$file_name,$group,$access_hash) = @_;
+
+    if (!ref($access_hash)) {
+	my $current_perms = &get_portfile_permissions($udom,$unum);
+	my %access_controls = &get_access_controls($current_perms,$group,
+						   $file_name);
+	$access_hash = $access_controls{$file_name};
+    }
+
     my ($public,$guest,@domains,@users,@courses,@groups);
     my $now = time;
-    my $access_hash = $access_controls{$file_name};
     if (ref($access_hash) eq 'HASH') {
         foreach my $key (keys(%{$access_hash})) {
             my ($num,$scope,$end,$start) = ($key =~ /^([^:]+):([a-z]+)_(\d*)_?(\d*)$/);
@@ -3602,6 +3600,13 @@ sub allowed {
         }
     }
 
+    if ($priv eq 'bre'
+	&& $thisallowed ne 'F' 
+	&& $thisallowed ne '2'
+	&& &is_portfolio_url($uri)) {
+	$thisallowed = &portfolio_access($uri);
+    }
+    
 # Full access at system, domain or course-wide level? Exit.
 
     if ($thisallowed=~/F/) {
@@ -3752,7 +3757,11 @@ sub allowed {
 #
 
     unless ($env{'request.course.id'}) {
-       return '1';
+	if ($thisallowed eq 'A') {
+	    return 'A';
+	} else {
+	    return '1';
+	}
     }
 
 #
@@ -3815,6 +3824,9 @@ sub allowed {
       }
    }
 
+    if ($thisallowed eq 'A') {
+	return 'A';
+    }
    return 'F';
 }
 
@@ -5872,7 +5884,7 @@ sub metadata {
         my %metathesekeys=();
         unless ($filename=~/\.meta$/) { $filename.='.meta'; }
 	my $metastring;
-	if ($uri !~ m -^(uploaded|editupload)/-) {
+	if ($uri !~ m -^(editupload)/-) {
 	    my $file=&filelocation('',&clutter($filename));
 	    #push(@{$metaentry{$uri.'.file'}},$file);
 	    $metastring=&getfile($file);
@@ -7508,6 +7520,7 @@ actions
  '': forbidden
  1: user needs to choose course
  2: browse allowed
+ A: passphrase authentication needed
 
 =item *
 
@@ -8235,15 +8248,6 @@ Internal notes:
  
  Locks on files (resulting from submission of portfolio file to a homework problem stored in array of arrays.
 
-parse_access_controls():
-
-Parses XML of an access control record
-Args
-1. Text string (XML) of access comtrol record
-
-Returns:
-1. Hash of access control settings. 
-
 modify_access_controls():
 
 Modifies access controls for a portfolio file