[LON-CAPA-cvs] cvs: loncom /auth lonacc.pm
raeburn
raeburn at source.lon-capa.org
Thu Dec 6 17:00:31 EST 2012
raeburn Thu Dec 6 22:00:31 2012 EDT
Modified files:
/loncom/auth lonacc.pm
Log:
- Supplemental Content area can contain Syllabus and/or Personal Information pages.
- Do not append symb (if either item is also used in Main content area), if
accessed via Supplemental Content.
Index: loncom/auth/lonacc.pm
diff -u loncom/auth/lonacc.pm:1.140 loncom/auth/lonacc.pm:1.141
--- loncom/auth/lonacc.pm:1.140 Tue Dec 4 16:00:42 2012
+++ loncom/auth/lonacc.pm Thu Dec 6 22:00:31 2012
@@ -1,7 +1,7 @@
# The LearningOnline Network
# Cookie Based Access Handler
#
-# $Id: lonacc.pm,v 1.140 2012/12/04 16:00:42 raeburn Exp $
+# $Id: lonacc.pm,v 1.141 2012/12/06 22:00:31 raeburn Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -105,7 +105,7 @@
use Apache::restrictedaccess();
use Apache::blockedaccess();
use Fcntl qw(:flock);
-use LONCAPA;
+use LONCAPA qw(:DEFAULT :match);
sub cleanup {
my ($r)=@_;
@@ -415,6 +415,11 @@
if ($env{'user.name'} ne '' && $env{'user.domain'} ne '') {
# -------------------------------------------------------------- Resource State
+ my ($cdom,$cnum);
+ if ($env{'request.course.id'}) {
+ $cdom = $env{'course.'.$env{'request.course.id'}.'.domain'};
+ $cnum = $env{'course.'.$env{'request.course.id'}.'.num'};
+ }
if ($requrl=~/^\/+(res|uploaded)\//) {
$env{'request.state'} = "published";
} else {
@@ -422,6 +427,7 @@
}
$env{'request.filename'} = $r->filename;
$env{'request.noversionuri'} = &Apache::lonnet::deversion($requrl);
+ my $suppext;
if ($requrl =~ m{^/adm/wrapper/ext/}) {
my $query = $r->args;
if ($query) {
@@ -431,12 +437,31 @@
unless ($name eq 'symb') {
$preserved .= $pair.'&';
}
+ if (($env{'request.course.id'}) && ($name eq 'folderpath')) {
+ if ($value =~ /^supplemental/) {
+ $suppext = 1;
+ }
+ }
}
$preserved =~ s/\&$//;
if ($preserved) {
$env{'request.external.querystring'} = $preserved;
}
}
+ } elsif ($env{'request.course.id'} &&
+ (($requrl =~ m{^/adm/$match_domain/$match_username/aboutme$}) ||
+ ($requrl =~ m{^/public/$cdom/$cnum/syllabus$}))) {
+ my $query = $r->args;
+ if ($query) {
+ foreach my $pair (split(/&/,$query)) {
+ my ($name, $value) = split(/=/,$pair);
+ if ($name eq 'folderpath') {
+ if ($value =~ /^supplemental/) {
+ $suppext = 1;
+ }
+ }
+ }
+ }
}
# -------------------------------------------------------- Load POST parameters
@@ -543,7 +568,7 @@
# ------------------------------------- This is serious stuff, get symb and log
my $symb;
if ($query) {
- &Apache::loncommon::get_unprocessed_cgi($query,['symb']);
+ &Apache::loncommon::get_unprocessed_cgi($query,['symb','folderpath']);
}
if ($env{'form.symb'}) {
$symb=&Apache::lonnet::symbclean($env{'form.symb'});
@@ -571,19 +596,21 @@
if ($requrl=~m{^(/adm/.*/aboutme)/portfolio$}) {
$requrl = $1;
}
- $symb=&Apache::lonnet::symbread($requrl);
- if (&Apache::lonnet::is_on_map($requrl) && $symb &&
- !&Apache::lonnet::symbverify($symb,$requrl)) {
- $r->log_reason('Invalid symb for '.$requrl.': '.$symb);
- $env{'user.error.msg'}=
- "$requrl:bre:1:1:Invalid Access";
- return HTTP_NOT_ACCEPTABLE;
- }
- if ($symb) {
- my ($map,$mid,$murl)=
- &Apache::lonnet::decode_symb($symb);
- &Apache::lonnet::symblist($map,$murl =>[$murl,$mid],
- 'last_known' =>[$murl,$mid]);
+ unless ($suppext) {
+ $symb=&Apache::lonnet::symbread($requrl);
+ if (&Apache::lonnet::is_on_map($requrl) && $symb &&
+ !&Apache::lonnet::symbverify($symb,$requrl)) {
+ $r->log_reason('Invalid symb for '.$requrl.': '.$symb);
+ $env{'user.error.msg'}=
+ "$requrl:bre:1:1:Invalid Access";
+ return HTTP_NOT_ACCEPTABLE;
+ }
+ if ($symb) {
+ my ($map,$mid,$murl)=
+ &Apache::lonnet::decode_symb($symb);
+ &Apache::lonnet::symblist($map,$murl =>[$murl,$mid],
+ 'last_known' =>[$murl,$mid]);
+ }
}
}
$env{'request.symb'}=$symb;
@@ -592,8 +619,6 @@
# ------------------------------------------------------- This is other content
&Apache::lonnet::courseacclog($requrl);
}
- my $cdom = $env{'course.'.$env{'request.course.id'}.'.domain'};;
- my $cnum = $env{'course.'.$env{'request.course.id'}.'.num'};;
if ($requrl =~ m{^/+uploaded/\Q$cdom\E/\Q$cnum\E/(docs|supplemental)/.+\.html?$}) {
if (&Apache::lonnet::allowed('mdc',$env{'request.course.id'})) {
if ($query) {
More information about the LON-CAPA-cvs
mailing list