--- loncom/auth/lonacc.pm 2009/07/23 17:40:29 1.126 +++ loncom/auth/lonacc.pm 2011/11/18 22:41:02 1.130.6.1 @@ -1,7 +1,7 @@ # The LearningOnline Network # Cookie Based Access Handler # -# $Id: lonacc.pm,v 1.126 2009/07/23 17:40:29 raeburn Exp $ +# $Id: lonacc.pm,v 1.130.6.1 2011/11/18 22:41:02 raeburn Exp $ # # Copyright Michigan State University Board of Trustees # @@ -281,13 +281,11 @@ sub sso_login { my $query = $r->args; my %form; if ($query) { - foreach my $pair (split(/&/,$query)) { - my ($name, $value) = split(/=/,$pair); - $name = &unescape($name); - if (($name eq 'role') || ($name eq 'symb')) { - $value =~ tr/+/ /; - $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C",hex($1))/eg; - $form{$name} = $value; + my @items = ('role','symb'); + &Apache::loncommon::get_unprocessed_cgi($query,\@items); + foreach my $item (@items) { + if (defined($env{'form.'.$item})) { + $form{$item} = $env{'form.'.$item}; } } } @@ -299,7 +297,7 @@ sub sso_login { if ($r->dir_config("lonBalancer") eq 'yes') { # login but immeaditly go to switch server to find us a new # machine - &Apache::lonauth::success($r,$user,$domain,$home,'noredirect','',\%form); + &Apache::lonauth::success($r,$user,$domain,$home,'noredirect'); $env{'request.sso.login'} = 1; if (defined($r->dir_config("lonSSOReloginServer"))) { $env{'request.sso.reloginserver'} = @@ -413,6 +411,22 @@ sub handler { } $env{'request.filename'} = $r->filename; $env{'request.noversionuri'} = &Apache::lonnet::deversion($requrl); + if ($requrl =~ m{^/adm/wrapper/ext/}) { + my $query = $r->args; + if ($query) { + my $preserved; + foreach my $pair (split(/&/,$query)) { + my ($name, $value) = split(/=/,$pair); + unless (($name eq 'symb') || ($name eq 'wrapperdisplay')) { + $preserved .= $pair.'&'; + } + } + $preserved =~ s/\&$//; + if ($preserved) { + $env{'request.external.querystring'} = $preserved; + } + } + } # -------------------------------------------------------- Load POST parameters &Apache::lonacc::get_posted_cgi($r); @@ -435,8 +449,16 @@ sub handler { return OK; } if (($access ne '2') && ($access ne 'F')) { - $env{'user.error.msg'}="$requrl:bre:1:1:Access Denied"; - return HTTP_NOT_ACCEPTABLE; + if ($requrl =~ m{^/res/}) { + $access = &Apache::lonnet::allowed('bro',$requrl); + if ($access ne 'F') { + $env{'user.error.msg'}="$requrl:bre:1:1:Access Denied"; + return HTTP_NOT_ACCEPTABLE; + } + } else { + $env{'user.error.msg'}="$requrl:bre:1:1:Access Denied"; + return HTTP_NOT_ACCEPTABLE; + } } } if ($requrl =~ m|^/prtspool/|) { @@ -459,6 +481,7 @@ sub handler { $env{'user.domain'} eq 'public' && $requrl !~ m{^/+(res|public|uploaded)/} && $requrl !~ m{^/adm/[^/]+/[^/]+/aboutme/portfolio$ }x && + $requrl !~ m{^/adm/blockingstatus/.*$} && $requrl !~ m{^/+adm/(help|logout|restrictedaccess|randomlabel\.png)}) { $env{'request.querystring'}=$r->args; $env{'request.firsturl'}=$requrl; @@ -466,7 +489,14 @@ sub handler { } # ------------------------------------------------------------- This is allowed if ($env{'request.course.id'}) { - &Apache::lonnet::countacc($requrl); + my $skiplogging; + if ((!&Apache::loncommon::needs_gci_custom()) && + ($env{'course.'.$env{'request.course.id'}.'.internal.courseowner'} ne $env{'user.name'}.':'.$env{'user.domain'})) { + $skiplogging = 1; + } + unless ($skiplogging) { + &Apache::lonnet::countacc($requrl); + } $requrl=~/\.(\w+)$/; my $query=$r->args; if ((&Apache::loncommon::fileembstyle($1) eq 'ssi') || @@ -517,10 +547,14 @@ sub handler { } } $env{'request.symb'}=$symb; - &Apache::lonnet::courseacclog($symb); + unless ($skiplogging) { + &Apache::lonnet::courseacclog($symb); + } } else { # ------------------------------------------------------- This is other content - &Apache::lonnet::courseacclog($requrl); + unless ($skiplogging) { + &Apache::lonnet::courseacclog($requrl); + } } my $cdom = $env{'course.'.$env{'request.course.id'}.'.domain'};; my $cnum = $env{'course.'.$env{'request.course.id'}.'.num'};;