[LON-CAPA-cvs] cvs: loncom /auth blockedaccess.pm lonacc.pm /interface loncommon.pm /lonnet/perl lonnet.pm
raeburn
raeburn at source.lon-capa.org
Thu Oct 1 06:16:34 EDT 2020
raeburn Thu Oct 1 10:16:34 2020 EDT
Modified files:
/loncom/auth blockedaccess.pm lonacc.pm
/loncom/interface loncommon.pm
/loncom/lonnet/perl lonnet.pm
Log:
- Bug 6518 Content blocking during quiz/exam.
- For resources not in a course directly, but instead referenced by resources
which are, symb to check to determine whether access should be blocked and
why is symb of resource containing the dependency.
- No $env{'request.enc'} in effect for dependent files.
-------------- next part --------------
Index: loncom/auth/blockedaccess.pm
diff -u loncom/auth/blockedaccess.pm:1.5 loncom/auth/blockedaccess.pm:1.6
--- loncom/auth/blockedaccess.pm:1.5 Mon Sep 28 00:10:27 2020
+++ loncom/auth/blockedaccess.pm Thu Oct 1 10:16:33 2020
@@ -1,7 +1,7 @@
# The LearningOnline Network
# Information about blocking status for Portfolio files
#
-# $Id: blockedaccess.pm,v 1.5 2020/09/28 00:10:27 raeburn Exp $
+# $Id: blockedaccess.pm,v 1.6 2020/10/01 10:16:33 raeburn Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -42,6 +42,7 @@
return OK if $r->header_only;
&Apache::lonlocal::get_language_handle($r);
+ my $ver_origurl = $r->uri;
my $origurl = &Apache::lonnet::deversion($r->uri);
my ($blocked,$blocktext);
@@ -55,8 +56,16 @@
my $cnum = $env{'course.'.$env{'request.course.id'}.'.num'};
my $cdom = $env{'course.'.$env{'request.course.id'}.'.domain'};
my $symb = $env{'request.symb'};
+ my $url = $origurl;
+ # If no symb, and url is on not map, check for referrer
+ unless (($symb) || &Apache::lonnet::is_on_map($url) || ($origurl eq '/adm/blockedaccess')) {
+ my $refuri = $env{'httpref.'.$origurl} || $env{'httpref.'.$ver_origurl};
+ if ($refuri) {
+ $url = $refuri;
+ }
+ }
($blocked,$blocktext) =
- &Apache::loncommon::blocking_status('docs',$cnum,$cdom,$origurl,1,$symb,'blockedaccess');
+ &Apache::loncommon::blocking_status('docs',$cnum,$cdom,$url,1,$symb,'blockedaccess');
}
}
if ($blocked) {
Index: loncom/auth/lonacc.pm
diff -u loncom/auth/lonacc.pm:1.180 loncom/auth/lonacc.pm:1.181
--- loncom/auth/lonacc.pm:1.180 Wed Sep 30 19:25:16 2020
+++ loncom/auth/lonacc.pm Thu Oct 1 10:16:33 2020
@@ -1,7 +1,7 @@
# The LearningOnline Network
# Cookie Based Access Handler
#
-# $Id: lonacc.pm,v 1.180 2020/09/30 19:25:16 raeburn Exp $
+# $Id: lonacc.pm,v 1.181 2020/10/01 10:16:33 raeburn Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -644,6 +644,9 @@
my $query = $r->args;
foreach my $pair (split(/&/,$query)) {
my ($name, $value) = split(/=/,$pair);
+ $name = &unescape($name);
+ $value =~ tr/+/ /;
+ $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C",hex($1))/eg;
if ($name eq 'symb') {
$poss_symb = &Apache::lonnet::symbclean($value);
last;
Index: loncom/interface/loncommon.pm
diff -u loncom/interface/loncommon.pm:1.1347 loncom/interface/loncommon.pm:1.1348
--- loncom/interface/loncommon.pm:1.1347 Mon Sep 28 00:10:28 2020
+++ loncom/interface/loncommon.pm Thu Oct 1 10:16:33 2020
@@ -1,7 +1,7 @@
# The LearningOnline Network with CAPA
# a pile of common routines
#
-# $Id: loncommon.pm,v 1.1347 2020/09/28 00:10:28 raeburn Exp $
+# $Id: loncommon.pm,v 1.1348 2020/10/01 10:16:33 raeburn Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -5316,12 +5316,13 @@
my $now = time;
my %commblocks = &Apache::lonnet::get_comm_blocks($cdom,$cnum);
if ($activity eq 'docs') {
- my ($blocked,$nosymbcache);
+ my ($blocked,$nosymbcache,$noenccheck);
if (($caller eq 'blockedaccess') || ($caller eq 'blockingstatus')) {
$blocked = 1;
$nosymbcache = 1;
+ $noenccheck = 1;
}
- @blockers = &Apache::lonnet::has_comm_blocking('bre',$symb,$url,$nosymbcache,$blocked,\%commblocks);
+ @blockers = &Apache::lonnet::has_comm_blocking('bre',$symb,$url,$nosymbcache,$noenccheck,$blocked,\%commblocks);
foreach my $block (@blockers) {
if ($block =~ /^firstaccess____(.+)$/) {
my $item = $1;
Index: loncom/lonnet/perl/lonnet.pm
diff -u loncom/lonnet/perl/lonnet.pm:1.1425 loncom/lonnet/perl/lonnet.pm:1.1426
--- loncom/lonnet/perl/lonnet.pm:1.1425 Mon Sep 28 13:08:57 2020
+++ loncom/lonnet/perl/lonnet.pm Thu Oct 1 10:16:34 2020
@@ -1,7 +1,7 @@
# The LearningOnline Network
# TCP networking package
#
-# $Id: lonnet.pm,v 1.1425 2020/09/28 13:08:57 raeburn Exp $
+# $Id: lonnet.pm,v 1.1426 2020/10/01 10:16:34 raeburn Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -8290,7 +8290,7 @@
} elsif ($noblockcheck) {
$thisallowed='F';
} else {
- my @blockers = &has_comm_blocking($priv,$symb,$refuri,$ignorecache);
+ my @blockers = &has_comm_blocking($priv,'',$refuri,'',1);
if (@blockers > 0) {
$thisallowed = 'B';
} else {
@@ -8408,7 +8408,7 @@
} elsif ($noblockcheck) {
$thisallowed.=$value;
} else {
- my @blockers = &has_comm_blocking($priv,'',$refuri,$ignorecache);
+ my @blockers = &has_comm_blocking($priv,'',$refuri,'',1);
if (@blockers > 0) {
$thisallowed = 'B';
} else {
@@ -8829,7 +8829,7 @@
}
sub has_comm_blocking {
- my ($priv,$symb,$uri,$nosymbcache,$blocked,$blocks) = @_;
+ my ($priv,$symb,$uri,$nosymbcache,$noenccheck,$blocked,$blocks) = @_;
my @blockers;
return unless ($env{'request.course.id'});
return unless ($priv eq 'bre');
@@ -8839,7 +8839,7 @@
return unless (keys(%cachedblockers) > 0);
my (%possibles, at symbs);
if (!$symb) {
- $symb = &symbread($uri,1,1,'',\%possibles,$nosymbcache);
+ $symb = &symbread($uri,1,1,1,\%possibles,$nosymbcache,$noenccheck);
}
if ($symb) {
@symbs = ($symb);
@@ -13310,7 +13310,7 @@
sub symbread {
my ($thisfn,$donotrecurse,$ignorecachednull,$checkforblock,$possibles,
- $nocache)=@_;
+ $nocache,$noenccheck)=@_;
my $cache_str='request.symbread.cached.'.$thisfn;
if (defined($env{$cache_str}) && !$nocache) {
unless (ref($possibles) eq 'HASH') {
@@ -13362,7 +13362,7 @@
untie(%hash);
}
if ($syval) {
- my @blockers = &has_comm_blocking('bre',$syval,$thisfn,$nocache);
+ my @blockers = &has_comm_blocking('bre',$syval,$thisfn,$nocache,$noenccheck);
if (@blockers) {
$syval='';
}
@@ -13405,7 +13405,7 @@
}
if ($checkforblock) {
unless ($bighash{'randomout_'.$ids} || $env{'request.role.adv'}) {
- my @blockers = &has_comm_blocking('bre',$syval,$bighash{'src_'.$ids});
+ my @blockers = &has_comm_blocking('bre',$syval,$bighash{'src_'.$ids},'',$noenccheck);
if (@blockers) {
$syval = '';
untie(%bighash);
@@ -13431,9 +13431,9 @@
my $poss_syval=&encode_symb($bighash{'map_id_'.$mapid},
$resid,$thisfn);
next if ($bighash{'randomout_'.$id} && !$env{'request.role.adv'});
- next unless ($bighash{'encrypted_'.$id} eq $env{'request.enc'});
+ next unless (($noenccheck) || ($bighash{'encrypted_'.$id} eq $env{'request.enc'}));
if ($checkforblock) {
- my @blockers = &has_comm_blocking('bre',$poss_syval,$file);
+ my @blockers = &has_comm_blocking('bre',$poss_syval,$file,'',$noenccheck);
if (@blockers > 0) {
$syval = '';
} else {
More information about the LON-CAPA-cvs
mailing list