Return to lonacc.pm CVS log

Up to [LON-CAPA] / loncom / auth

Diff for /loncom/auth/lonacc.pm between versions 1.182 and 1.186

version 1.182, 2020/10/06 17:26:15	version 1.186, 2021/01/02 19:31:11
Line 386 sub sso_login {	Line 386 sub sso_login {
} else {	} else {
# need to login them in, so generate the need data that	# need to login them in, so generate the need data that
# migrate expects to do login	# migrate expects to do login
my $ip = $r->get_remote_host();	my $ip = &Apache::lonnet::get_requestor_ip($r);
my %info=('ip' => $ip,	my %info=('ip' => $ip,
'domain' => $domain,	'domain' => $domain,
'username' => $user,	'username' => $user,
Line 582 sub handler {	Line 582 sub handler {
if ($env{'user.noloadbalance'} eq $r->dir_config('lonHostID')) {	if ($env{'user.noloadbalance'} eq $r->dir_config('lonHostID')) {
$checkexempt = 1;	$checkexempt = 1;
}	}
unless ($checkexempt) {	unless (($checkexempt) \|\| (($requrl eq '/adm/switchserver') && (!$r->is_initial_req()))) {
($is_balancer,$otherserver) =	($is_balancer,$otherserver) =
&Apache::lonnet::check_loadbalancing($env{'user.name'},	&Apache::lonnet::check_loadbalancing($env{'user.name'},
$env{'user.domain'});	$env{'user.domain'});
if ($is_balancer) {	if ($is_balancer) {
unless (($requrl eq '/adm/switchserver') && (!$r->is_initial_req())) {	# Check if browser sent a LON-CAPA load balancer cookie (and this is a balancer)
# Check if browser sent a LON-CAPA load balancer cookie (and this is a balancer)	my ($found_server,$balancer_cookie) = &Apache::lonnet::check_for_balancer_cookie($r);
my ($found_server,$balancer_cookie) = &Apache::lonnet::check_for_balancer_cookie($r);	if (($found_server) && ($balancer_cookie =~ /^\Q$env{'user.domain'}\E_\Q$env{'user.name'}\E_/)) {
if (($found_server) && ($balancer_cookie =~ /^\Q$env{'user.domain'}\E_\Q$env{'user.name'}\E_/)) {	$otherserver = $found_server;
$otherserver = $found_server;	}
}	unless ($requrl eq '/adm/switchserver') {
	$r->set_handlers('PerlResponseHandler'=>
	[\&Apache::switchserver::handler]);
}	}
}
}
if ($is_balancer) {
unless (($requrl eq '/adm/switchserver') && (!$r->is_initial_req())) {
$r->set_handlers('PerlResponseHandler'=>
[\&Apache::switchserver::handler]);
if ($otherserver ne '') {	if ($otherserver ne '') {
$env{'form.otherserver'} = $otherserver;	$env{'form.otherserver'} = $otherserver;
}	}
}	unless (($env{'form.origurl'}) \|\| ($r->uri eq '/adm/roles') \|\|
unless (($env{'form.origurl'}) \|\| ($r->uri eq '/adm/roles') \|\|	($r->uri eq '/adm/switchserver') \|\| ($r->uri eq '/adm/sso')) {
($r->uri eq '/adm/switchserver') \|\| ($r->uri eq '/adm/sso')) {	$env{'form.origurl'} = $r->uri;
$env{'form.origurl'} = $r->uri;	}
}	}
}	}
if ($requrl=~m{^/+tiny/+$match_domain/+\w+$}) {	if ($requrl=~m{^/+tiny/+$match_domain/+\w+$}) {
Line 620 sub handler {	Line 616 sub handler {
}	}
# ---------------------------------------------------------------- Check access	# ---------------------------------------------------------------- Check access
my $now = time;	my $now = time;
my $check_symb;	my ($check_symb,$check_access,$check_block,$access,$poss_symb);
if ($requrl !~ m{^/(?:adm\|public\|(?:prt\|zip)spool)/}	if ($requrl !~ m{^/(?:adm\|public\|(?:prt\|zip)spool)/}
\|\| $requrl =~ /^\/adm\/.*\/(smppg\|bulletinboard)(\?\|$ )/x) {	\|\| $requrl =~ /^\/adm\/.*\/(smppg\|bulletinboard)(\?\|$ )/x) {
my ($access,$poss_symb);	$check_access = 1;
if (($env{'request.course.id'}) && (!$suppext)) {	}
$requrl=~/\.(\w+)$/;	if ((!$check_access) && ($env{'request.course.id'})) {
if ((&Apache::loncommon::fileembstyle($1) eq 'ssi') \|\|	if (($requrl eq '/adm/viewclasslist') \|\|
($requrl=~/^\/adm\/.*\/(aboutme\|smppg\|bulletinboard)(\?\|$ )/x) \|\|	($requrl =~ m{^(/adm/wrapper\|)\Q/uploaded/$cdom/$cnum/docs/\E}) \|\|
($requrl=~/^\/adm\/wrapper\//) \|\|	($requrl =~ m{^/adm/.*/aboutme$}) \|\|
($requrl=~m\|^/adm/coursedocs/showdoc/\|) \|\|	($requrl=~m{^/adm/coursedocs/showdoc/}) \|\|
($requrl=~m\|\.problem/smpedit$\|) \|\|	($requrl=~m{^(/adm/wrapper\|)/adm/$cdom/$cnum/\d+/ext\.tool$})) {
($requrl=~/^\/public\/.*\/syllabus$/) \|\|	$check_block = 1;
($requrl=~/^\/adm\/(viewclasslist\|navmaps)$/) \|\|	}
($requrl=~/^\/adm\/.*\/aboutme\/portfolio(\?\|$)/) \|\|	}
($requrl=~m{^/adm/$cdom/$cnum/\d+/ext\.tool$})) {	if (($env{'request.course.id'}) && (!$suppext)) {
$check_symb = 1;	$requrl=~/\.(\w+)$/;
}	if ((&Apache::loncommon::fileembstyle($1) eq 'ssi') \|\|
	($requrl=~/^\/adm\/.*\/(aboutme\|smppg\|bulletinboard)(\?\|$ )/x) \|\|
	($requrl=~/^\/adm\/wrapper\//) \|\|
	($requrl=~m\|^/adm/coursedocs/showdoc/\|) \|\|
	($requrl=~m\|\.problem/smpedit$\|) \|\|
	($requrl=~/^\/public\/.*\/syllabus$/) \|\|
	($requrl=~/^\/adm\/(viewclasslist\|navmaps)$/) \|\|
	($requrl=~/^\/adm\/.*\/aboutme\/portfolio(\?\|$)/) \|\|
	($requrl=~m{^/adm/$cdom/$cnum/\d+/ext\.tool$})) {
	$check_symb = 1;
}	}
	}
	if (($check_access) \|\| ($check_block)) {
if ($check_symb) {	if ($check_symb) {
if ($env{'form.symb'}) {	if ($env{'form.symb'}) {
$poss_symb=&Apache::lonnet::symbclean($env{'form.symb'});	$poss_symb=&Apache::lonnet::symbclean($env{'form.symb'});
Line 657 sub handler {	Line 664 sub handler {
if ($poss_symb) {	if ($poss_symb) {
my ($possmap,$resid,$url)=&Apache::lonnet::decode_symb($poss_symb);	my ($possmap,$resid,$url)=&Apache::lonnet::decode_symb($poss_symb);
$url = &Apache::lonnet::clutter($url);	$url = &Apache::lonnet::clutter($url);
unless (($url eq $requrl) && (&Apache::lonnet::is_on_map($possmap))) {	my $toplevelmap = $env{'course.'.$env{'request.course.id'}.'.url'};
	unless (($url eq $requrl) && (($possmap eq $toplevelmap) \|\|
	(&Apache::lonnet::is_on_map($possmap)))) {
undef($poss_symb);	undef($poss_symb);
}	}
if ($poss_symb) {	if ($poss_symb) {
Line 675 sub handler {	Line 684 sub handler {
} else {	} else {
$access=&Apache::lonnet::allowed('bre',$requrl);	$access=&Apache::lonnet::allowed('bre',$requrl);
}	}
	}
	if ($check_block) {
	if ($access eq 'B') {
	if ($poss_symb) {
	if (&Apache::lonnet::symbverify($poss_symb,$requrl)) {
	$env{'request.symb'} = $poss_symb;
	}
	}
	&Apache::blockedaccess::setup_handler($r);
	return OK;
	}
	} elsif ($check_access) {
if ($handle eq '') {	if ($handle eq '') {
unless ($access eq 'F') {	unless ($access eq 'F') {
if ($requrl =~ m{^/res/$match_domain/$match_username/}) {	if ($requrl =~ m{^/res/$match_domain/$match_username/}) {
Line 692 sub handler {	Line 713 sub handler {
}	}
if ($access eq 'B') {	if ($access eq 'B') {
if ($poss_symb) {	if ($poss_symb) {
if ($requrl=~m{^(/adm/.*/aboutme)/portfolio$}) {
$requrl = $1;
}
if (&Apache::lonnet::symbverify($poss_symb,$requrl)) {	if (&Apache::lonnet::symbverify($poss_symb,$requrl)) {
$env{'request.symb'} = $poss_symb;	$env{'request.symb'} = $poss_symb;
}	}
Line 722 sub handler {	Line 740 sub handler {
}	}
}	}
} elsif (($handle =~ /^publicuser_\d+$/) && (&Apache::lonnet::is_portfolio_url($requrl))) {	} elsif (($handle =~ /^publicuser_\d+$/) && (&Apache::lonnet::is_portfolio_url($requrl))) {
my $clientip = $r->get_remote_host();	my $clientip = &Apache::lonnet::get_requestor_ip($r);
if (&Apache::lonnet::allowed('bre',$requrl,undef,undef,$clientip) ne 'F') {	if (&Apache::lonnet::allowed('bre',$requrl,undef,undef,$clientip) ne 'F') {
$env{'user.error.msg'}="$requrl:bre:1:1:Access Denied";	$env{'user.error.msg'}="$requrl:bre:1:1:Access Denied";
return HTTP_NOT_ACCEPTABLE;	return HTTP_NOT_ACCEPTABLE;
Line 912 sub handler {	Line 930 sub handler {
}	}
# ------------------------------------ See if this is a viewable portfolio file	# ------------------------------------ See if this is a viewable portfolio file
if (&Apache::lonnet::is_portfolio_url($requrl)) {	if (&Apache::lonnet::is_portfolio_url($requrl)) {
my $clientip = $r->get_remote_host();	my $clientip = &Apache::lonnet::get_requestor_ip($r);
my $access=&Apache::lonnet::allowed('bre',$requrl,undef,undef,$clientip);	my $access=&Apache::lonnet::allowed('bre',$requrl,undef,undef,$clientip);
if ($access eq 'A') {	if ($access eq 'A') {
&Apache::restrictedaccess::setup_handler($r);	&Apache::restrictedaccess::setup_handler($r);

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>

500 Internal Server Error

Internal Server Error

The server encountered an internal error or misconfiguration and was unable to complete your request.

Please contact the server administrator at root@localhost to inform them of the time this error occurred, and the actions you performed just before this error.

More information about this error may be available in the server error log.

Removed from v.1.182
changed lines
	Added in v.1.186