[LON-CAPA-cvs] cvs: loncom / loncapa_apache.conf /auth lonacc.pm
albertel
lon-capa-cvs@mail.lon-capa.org
Wed, 06 Nov 2002 22:43:28 -0000
albertel Wed Nov 6 17:43:28 2002 EDT
Modified files:
/loncom/auth lonacc.pm
/loncom loncapa_apache.conf
Log:
- fixes BUG#300
- now log all print accesses
- now force restrictions on acces to files in prtspool
Index: loncom/auth/lonacc.pm
diff -u loncom/auth/lonacc.pm:1.36 loncom/auth/lonacc.pm:1.37
--- loncom/auth/lonacc.pm:1.36 Fri Oct 25 09:59:40 2002
+++ loncom/auth/lonacc.pm Wed Nov 6 17:43:27 2002
@@ -1,7 +1,7 @@
# The LearningOnline Network
# Cookie Based Access Handler
#
-# $Id: lonacc.pm,v 1.36 2002/10/25 13:59:40 www Exp $
+# $Id: lonacc.pm,v 1.37 2002/11/06 22:43:27 albertel Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -90,7 +90,6 @@
my $buffer;
$r->read($buffer,$r->header_in('Content-length'));
-
unless ($buffer=~/^(\-+\w+)\s+Content\-Disposition\:\s*form\-data/si) {
my @pairs=split(/&/,$buffer);
my $pair;
@@ -155,7 +154,7 @@
# ---------------------------------------------------------------- Check access
- if ($requrl!~/^\/adm|public\//) {
+ if ($requrl!~/^\/adm|public|prtspool\//) {
my $access=&Apache::lonnet::allowed('bre',$requrl);
if ($access eq '1') {
$ENV{'user.error.msg'}="$requrl:bre:0:0:Choose Course";
@@ -166,6 +165,14 @@
return HTTP_NOT_ACCEPTABLE;
}
}
+ if ($requrl =~ m|^/prtspool/|) {
+ my $start='/prtspool/'.$ENV{'user.name'}.'_'.
+ $ENV{'user.domain'};
+ if ($requrl !~ /^\Q$start\E/) {
+ $ENV{'user.error.msg'}="$requrl:bre:1:1:Access Denied";
+ return HTTP_NOT_ACCEPTABLE;
+ }
+ }
# ------------------------------------------------------------- This is allowed
if ($ENV{'request.course.id'}) {
&Apache::lonnet::countacc($requrl);
@@ -207,8 +214,8 @@
}
# -------------------------------------------- See if this is a public resource
- if (($requrl=~/^\/public\//) ||
- (&Apache::lonnet::metadata($requrl,'copyright') eq 'public')) {
+ if ($requrl=~m|^/public/|
+ || (&Apache::lonnet::metadata($requrl,'copyright') eq 'public')) {
&Apache::lonnet::logthis('Granting public access: '.$requrl);
$ENV{'user.name'}='public';
$ENV{'user.domain'}='public';
@@ -220,7 +227,8 @@
# -------------------------------------------------------------- Not authorized
$requrl=~/\.(\w+)$/;
if ((&Apache::loncommon::fileembstyle($1) eq 'ssi') ||
- ($requrl=~/^\/adm\/(roles|logout)/)) {
+ ($requrl=~/^\/adm\/(roles|logout)/) ||
+ ($requrl=~m|^/prtspool/|)) {
# -------------------------- Store where they wanted to go and get login screen
$ENV{'request.firsturl'}=$requrl;
return FORBIDDEN;
Index: loncom/loncapa_apache.conf
diff -u loncom/loncapa_apache.conf:1.22 loncom/loncapa_apache.conf:1.23
--- loncom/loncapa_apache.conf:1.22 Wed Oct 23 16:55:15 2002
+++ loncom/loncapa_apache.conf Wed Nov 6 17:43:27 2002
@@ -1,7 +1,7 @@
##
## loncapa_apache.conf -- Apache HTTP LON-CAPA configuration file
##
-## $Id: loncapa_apache.conf,v 1.22 2002/10/23 20:55:15 www Exp $
+## $Id: loncapa_apache.conf,v 1.23 2002/11/06 22:43:27 albertel Exp $
##
## 1/11/2002 - Scott Harrison
## 2/19/2002 - Scott Harrison
@@ -119,6 +119,13 @@
AllowOverride None
</LocationMatch>
+<LocationMatch "/prtspool">
+PerlAccessHandler Apache::lonacc
+ErrorDocument 403 /adm/login
+ErrorDocument 404 /adm/notfound.html
+ErrorDocument 406 /adm/roles
+ErrorDocument 500 /adm/errorhandler
+</LocationMatch>
# ------------------------------------------------------------------------- RAT
<LocationMatch "^/\~.*\.sequence$">