[prev in list] [next in list] [prev in thread] [next in thread]
List: lon-capa-cvs
Subject: [LON-CAPA-cvs] cvs: rat / lonuserstate.pm loncom/auth lonauth.pm switchserver.pm loncom/interface lo
From: raeburn via LON-CAPA-cvs <lon-capa-cvs () mail ! lon-capa ! org>
Date: 2021-08-10 15:28:14
Message-ID: cvsraeburn1628609294 () cvsserver
[Download RAW message or body]
This is a MIME encoded message
raeburn Tue Aug 10 15:28:14 2021 EDT
Modified files:
/loncom/auth lonauth.pm switchserver.pm
/loncom/interface lontiny.pm
/rat lonuserstate.pm
Log:
- Bug 6907
- Deep-linking when user has an existing LON-CAPA session, need to support
case where role change is not needed, but course session update needed to
enforce link protection (lti-based or key-based access control).
["raeburn-20210810152814.txt" (text/plain)]
Index: loncom/auth/lonauth.pm
diff -u loncom/auth/lonauth.pm:1.165 loncom/auth/lonauth.pm:1.166
--- loncom/auth/lonauth.pm:1.165 Mon Aug 9 15:36:28 2021
+++ loncom/auth/lonauth.pm Tue Aug 10 15:28:13 2021
@@ -1,7 +1,7 @@
# The LearningOnline Network
# User Authentication Module
#
-# $Id: lonauth.pm,v 1.165 2021/08/09 15:36:28 raeburn Exp $
+# $Id: lonauth.pm,v 1.166 2021/08/10 15:28:13 raeburn Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -386,18 +386,17 @@
&Apache::lonnet::transfer_profile_to_env($lonidsdir,$handle);
&Apache::loncommon::content_type($r,'text/html');
$r->send_http_header;
- my $start_page =
+ my $start_page =
&Apache::loncommon::start_page('Already logged in');
my $end_page =
&Apache::loncommon::end_page();
my $dest = '/adm/roles';
if ($env{'form.firsturl'} ne '') {
$dest = $env{'form.firsturl'};
- if (($env{'form.firsturl'} =~ m{^/tiny/$match_domain/\w+$}) &&
- ($env{'request.course.id'})) {
+ if (($dest =~ m{^/tiny/$match_domain/\w+$}) && \
($env{'request.course.id'})) {
my $cnum = $env{'course.'.$env{'request.course.id'}.'.num'};
my $cdom = $env{'course.'.$env{'request.course.id'}.'.domain'};
- my $symb = \
&Apache::loncommon::symb_from_tinyurl($env{'form.firsturl'},$cnum,$cdom); + \
my $symb = &Apache::loncommon::symb_from_tinyurl($dest,$cnum,$cdom); if ($symb) {
my $buffer;
if ($r->header_in('Content-length') > 0) {
@@ -801,11 +800,24 @@
'user.linkproturi' => $uri};
}
} elsif ($form{'linkkey'}) {
- $extra_env = {'user.deeplinkkey' => $form{'linkkey'},
+ $extra_env = {'user.deeplinkkey' => $form{'linkkey'},
'user.keyedlinkuri' => $form{'firsturl'}};
}
if ($form{'firsturl'} =~ m{^/tiny/$match_domain/\w+$}) {
&set_deeplink_login(%form);
+ if ($form{'linkprot'}) {
+ if (ref($extra_env) eq 'HASH') {
+ %{$extra_env} = ( %{$extra_env}, 'request.linkprot' => \
$form{'linkprot'} ); + } else {
+ $extra_env = {'request.linkprot' => $form{'linkprot'}};
+ }
+ } elsif ($form{'linkkey'}) {
+ if (ref($extra_env) eq 'HASH') {
+ %{$extra_env} = ( %{$extra_env}, 'request.linkkey' => \
$form{'linkkey'} ); + } else {
+ $extra_env = {'request.linkkey' => $form{'linkkey'}};
+ }
+ }
if ($env{'request.deeplink.login'}) {
if (ref($extra_env) eq 'HASH') {
%{$extra_env} = ( %{$extra_env}, 'request.deeplink.login' => \
$form{'firsturl'} ); @@ -826,24 +838,36 @@
my $cdom = $1;
my ($cnum,$symb) = \
&Apache::loncommon::symb_from_tinyurl($form{'firsturl'},'',$cdom); if ($symb) {
- my $disallow;
- my $deeplink = &Apache::lonnet::EXT("resource.0.deeplink",$symb);
- if ($deeplink ne '') {
- my ($state,$others,$listed,$scope,$protect) = split(/,/,$deeplink);
- if (($protect ne 'none') && ($protect ne '')) {
- my ($acctype,$item) = split(/:/,$protect);
- if (($acctype eq 'ltic') || ($acctype eq 'ltid')) {
- unless ($form{'linkprot'} eq $protect) {
- $disallow = 1;
- }
- } elsif ($acctype eq 'key') {
- unless ($form{'linkkey'} eq $item) {
- $disallow = 1;
+ if ($env{'request.course.id'} eq $cdom.'_'.$cnum) {
+ my ($disallow,$deeplink);
+ if ($symb =~ /\.(page|sequence)$/) {
+ my $mapname = \
&Apache::lonnet::deversion((&Apache::lonnet::decode_symb($symb))[2]); + \
my $navmap = Apache::lonnavmaps::navmap->new(); + if \
(ref($navmap)) { + $deeplink = \
$navmap->get_mapparam(undef,$mapname,'0.deeplink'); + }
+ } else {
+ $deeplink = &Apache::lonnet::EXT('resource.0.deeplink',$symb);
+ }
+ if ($deeplink ne '') {
+ my ($state,$others,$listed,$scope,$protect) = \
split(/,/,$deeplink); + if (($protect ne 'none') && ($protect ne \
'')) { + my ($acctype,$item) = split(/:/,$protect);
+ if ($acctype =~ /lti(c|d)$/) {
+ unless ($form{'linkprot'} eq \
$item.$1.':'.$env{'request.deeplink.login'}) { + \
$disallow = 1; + }
+ } elsif ($acctype eq 'key') {
+ unless ($form{'linkkey'} eq $item) {
+ $disallow = 1;
+ }
}
}
}
- }
- unless ($disallow) {
+ unless ($disallow) {
+ $env{'request.deeplink.login'} = $form{'firsturl'};
+ }
+ } else {
$env{'request.deeplink.login'} = $form{'firsturl'};
}
}
Index: loncom/auth/switchserver.pm
diff -u loncom/auth/switchserver.pm:1.56 loncom/auth/switchserver.pm:1.57
--- loncom/auth/switchserver.pm:1.56 Sun Jun 27 17:25:47 2021
+++ loncom/auth/switchserver.pm Tue Aug 10 15:28:13 2021
@@ -1,7 +1,7 @@
# The LearningOnline Network
# Switch Servers Handler
#
-# $Id: switchserver.pm,v 1.56 2021/06/27 17:25:47 raeburn Exp $
+# $Id: switchserver.pm,v 1.57 2021/08/10 15:28:13 raeburn Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -314,12 +314,11 @@
}
if ($env{'request.linkprot'}) {
$info{'linkprot'} = $env{'request.linkprot'};
+ } elsif ($env{'request.linkkey'}) {
+ $info{'linkkey'} = $env{'request.linkkey'};
}
if ($env{'request.deeplink.login'}) {
$info{'deeplink.login'} = $env{'request.deeplink.login'};
- if ($env{'request.linkkey'}) {
- $info{'linkkey'} = $env{'request.linkkey'};
- }
}
if ($env{'request.lti.login'}) {
$info{'lti.login'} = $env{'request.lti.login'};
Index: loncom/interface/lontiny.pm
diff -u loncom/interface/lontiny.pm:1.6 loncom/interface/lontiny.pm:1.7
--- loncom/interface/lontiny.pm:1.6 Sun Jan 27 15:44:18 2019
+++ loncom/interface/lontiny.pm Tue Aug 10 15:28:14 2021
@@ -2,7 +2,7 @@
# Extract domain, courseID, and symb from a shortened URL,
# and switch role to a role in designated course.
#
-# $Id: lontiny.pm,v 1.6 2019/01/27 15:44:18 raeburn Exp $
+# $Id: lontiny.pm,v 1.7 2021/08/10 15:28:14 raeburn Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -67,6 +67,8 @@
if ($cnum =~ /^$match_courseid$/) {
my $chome = &Apache::lonnet::homeserver($cnum,$cdom);
if ($chome ne 'no_host') {
+ # Check for ltoken or linkkey
+ my $newlauncher = \
&launch_check($r->uri,$symb,$cnum,$cdom);
if ($env{'request.course.id'} eq $cdom.'_'.$cnum) {
my ($map,$resid,$url) = \
&Apache::lonnet::decode_symb($symb); if (&Apache::lonnet::is_on_map($url)) {
@@ -96,24 +98,28 @@
}
my $update;
# Check if course needs to be re-initialized
- my $loncaparev = $r->dir_config('lonVersion');
- my ($result,@reinit) = \
&Apache::loncommon::needs_coursereinit($loncaparev);
- if ($result eq 'update') {
+ if ($newlauncher) {
$update = 1;
- } elsif (!-e $env{'request.course.fn'}.'.db') {
- $update = 1;
- } elsif (!$env{'request.role.adv'}) {
- my $navmap = \
Apache::lonnavmaps::navmap->new();
- if (ref($navmap)) {
- my $res = $navmap->getBySymb($symb);
- if (ref($res)) {
- my ($enc_in_bighash,$enc_in_parm);
- $enc_in_bighash = $res->encrypted();
- if \
(&Apache::lonnet::EXT('resource.0.encrypturl',$symb) =~ /^yes$/i) {
- $enc_in_parm = 1;
- }
- if ($enc_in_bighash ne $enc_in_parm) \
{
- $update = 1;
+ } else {
+ my $loncaparev = \
$r->dir_config('lonVersion'); + my \
($result,@reinit) = &Apache::loncommon::needs_coursereinit($loncaparev); + \
if ($result eq 'update') { + $update = 1;
+ } elsif (!-e \
$env{'request.course.fn'}.'.db') { + \
$update = 1; + } elsif \
(!$env{'request.role.adv'}) { + my $navmap \
= Apache::lonnavmaps::navmap->new(); + if \
(ref($navmap)) { + my $res = \
$navmap->getBySymb($symb); + if \
(ref($res)) { + my \
($enc_in_bighash,$enc_in_parm); + \
$enc_in_bighash = $res->encrypted(); + \
if (&Apache::lonnet::EXT('resource.0.encrypturl',$symb) =~ /^yes$/i) { + \
$enc_in_parm = 1; + }
+ if ($enc_in_bighash ne \
$enc_in_parm) { + $update = 1;
+ }
}
}
}
@@ -236,6 +242,118 @@
}
}
+sub launch_check {
+ my ($linkuri,$symb,$cnum,$cdom) = @_;
+ &Apache::loncommon::get_unprocessed_cgi($ENV{'QUERY_STRING'},['ltoken','linkkey']);
+ my ($linkprotector,$linkproturi,$linkkey,$newlauncher);
+ if ($env{'form.ltoken'}) {
+ my %link_info = &Apache::lonnet::tmpget($env{'form.ltoken'});
+ &Apache::lonnet::tmpdel($env{'form.ltoken'});
+ delete($env{'form.ltoken'});
+ if ($link_info{'linkprot'}) {
+ ($linkprotector,$linkproturi) = split(/:/,$link_info{'linkprot'},2);
+ if ($env{'user.linkprotector'}) {
+ my @protectors = split(/,/,$env{'user.linkprotector'});
+ unless (grep(/^\Q$linkprotector\E$/,@protectors)) {
+ push(@protectors,$linkprotector);
+ @protectors = sort { $a <=> $b } @protectors;
+ &Apache::lonnet::appenv({'user.linkprotector' => \
join(',',@protectors)}); + }
+ } else {
+ &Apache::lonnet::appenv({'user.linkprotector' => $linkprotector });
+ }
+ if ($env{'user.linkproturi'}) {
+ my @proturis = split(/,/,$env{'user.linkproturi'});
+ unless(grep(/^\Q$linkproturi\E$/,@proturis)) {
+ push(@proturis,$linkproturi);
+ @proturis = sort(@proturis);
+ &Apache::lonnet::appenv({'user.linkproturi' => \
join(',',@proturis)}); + }
+ } else {
+ &Apache::lonnet::appenv({'user.linkproturi' => $linkproturi});
+ }
+ }
+ } elsif ($env{'form.linkkey'}) {
+ $linkkey = $env{'form.linkkey'};
+ my $keyedlinkuri = $linkuri;
+ if ($env{'user.deeplinkkey'}) {
+ my @linkkeys = split(/,/,$env{'user.deeplinkkey'});
+ unless (grep(/^\Q$linkkey\E$/,@linkkeys)) {
+ push(@linkkeys,$linkkey);
+ &Apache::lonnet::appenv({'user.deeplinkkey' => \
join(',',sort(@linkkeys))}); + }
+ } else {
+ &Apache::lonnet::appenv({'user.deeplinkkey' => $linkkey});
+ }
+ if ($env{'user.keyedlinkuri'}) {
+ my @keyeduris = split(/,/,$env{'user.keyedlinkuri'});
+ unless (grep(/^\Q$keyedlinkuri\E$/,@keyeduris)) {
+ push(@keyeduris,$keyedlinkuri);
+ &Apache::lonnet::appenv({'user.keyedlinkuri' => \
join(',',sort(@keyeduris))}); + }
+ } else {
+ &Apache::lonnet::appenv({'user.keyedlinkuri' => $keyedlinkuri});
+ }
+ delete($env{'form.linkkey'});
+ }
+ if ($env{'request.course.id'} eq $cdom.'_'.$cnum) {
+ my $currdeeplinklogin = $env{'request.deeplink.login'};
+ if ($linkprotector || $linkkey) {
+ my $deeplink;
+ if ($symb =~ /\.(page|sequence)$/) {
+ my $mapname = \
&Apache::lonnet::deversion((&Apache::lonnet::decode_symb($symb))[2]); + \
my $navmap = Apache::lonnavmaps::navmap->new(); + if (ref($navmap)) {
+ $deeplink = $navmap->get_mapparam(undef,$mapname,'0.deeplink');
+ }
+ } else {
+ $deeplink = &Apache::lonnet::EXT('resource.0.deeplink',$symb);
+ }
+ if ($deeplink ne '') {
+ my $disallow;
+ my ($state,$others,$listed,$scope,$protect) = split(/,/,$deeplink);
+ if (($protect ne 'none') && ($protect ne '')) {
+ my ($acctype,$item) = split(/:/,$protect);
+ if ($acctype =~ /lti(c|d)$/) {
+ unless ($linkprotector.':'.$linkproturi eq \
$item.$1.':'.$linkuri) { + $disallow = 1;
+ }
+ } elsif ($acctype eq 'key') {
+ unless ($linkkey eq $item) {
+ $disallow = 1;
+ }
+ }
+ }
+ if ($disallow) {
+ if ($currdeeplinklogin eq $linkuri) {
+ &Apache::lonnet::delenv('request.deeplink.login');
+ }
+ } else {
+ unless ($currdeeplinklogin eq $linkuri) {
+ if ($linkprotector) {
+ &Apache::lonnet::appenv({'request.linkprot' => \
$linkprotector.':'.$linkproturi}); + } elsif ($linkkey) {
+ &Apache::lonnet::appenv({'request.linkkey' => \
$linkkey}); + }
+ $newlauncher = 1;
+ }
+ &Apache::lonnet::appenv({'request.deeplink.login' => $linkuri});
+ }
+ }
+ } else {
+ &Apache::lonnet::appenv({'request.deeplink.login' => $linkuri});
+ }
+ } else {
+ &Apache::lonnet::appenv({'request.deeplink.login' => $linkuri});
+ if ($linkprotector) {
+ &Apache::lonnet::appenv({'request.linkprot' => \
$linkprotector.':'.$linkproturi}); + } elsif ($linkkey) {
+ &Apache::lonnet::appenv({'request.linkkey' => $linkkey});
+ }
+ }
+ return $newlauncher;
+}
+
sub do_redirect {
my ($r,$destination) = @_;
my $windowname = 'loncapaclient';
Index: rat/lonuserstate.pm
diff -u rat/lonuserstate.pm:1.165 rat/lonuserstate.pm:1.166
--- rat/lonuserstate.pm:1.165 Fri Aug 6 01:27:04 2021
+++ rat/lonuserstate.pm Tue Aug 10 15:28:14 2021
@@ -1,7 +1,7 @@
# The LearningOnline Network with CAPA
# Construct and maintain state and binary representation of course for user
#
-# $Id: lonuserstate.pm,v 1.165 2021/08/06 01:27:04 raeburn Exp $
+# $Id: lonuserstate.pm,v 1.166 2021/08/10 15:28:14 raeburn Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -1616,47 +1616,64 @@
$deeplink = $hash{'deeplinkonly_'.$loginrid};
}
if ($deeplink) {
+ my $disallow;
my ($state,$others,$listed,$scope,$protect) = split(/,/,$deeplink);
- if ($others eq 'hide') {
- my @recfolders;
- if ($scope eq 'rec') {
- foreach my $key (keys(%hash)) {
- if ($key=~/^map_hierarchy_(\d+)$/) {
- my $mpc = $1;
- my @ids = split(/,/,$hash{$key});
- if (grep(/^$deeplink_login_pc$/,@ids)) {
- my $idx;
- foreach my $mapid (@ids) {
- if ($idx) {
- push(@recfolders,$mapid);
- } elsif ($mapid == $deeplink_login_pc) {
- push(@recfolders,$mapid);
- $idx = $mapid;
+ if (($protect ne 'none') && ($protect ne '')) {
+ my ($acctype,$item) = split(/:/,$protect);
+ if ($acctype =~ /lti(c|d)$/) {
+ unless ($env{'request.linkprot'} eq \
$item.$1.':'.$env{'request.deeplink.login'}) { + $disallow \
= 1; + }
+ } elsif ($acctype eq 'key') {
+ unless ($env{'request.linkkey'} eq $item) {
+ $disallow = 1;
+ }
+ }
+ }
+ if ($disallow) {
+ &Apache::lonnet::delenv('request.deeplink.login');
+ } else {
+ if ($others eq 'hide') {
+ my @recfolders;
+ if ($scope eq 'rec') {
+ foreach my $key (keys(%hash)) {
+ if ($key=~/^map_hierarchy_(\d+)$/) {
+ my $mpc = $1;
+ my @ids = split(/,/,$hash{$key});
+ if (grep(/^$deeplink_login_pc$/,@ids)) {
+ my $idx;
+ foreach my $mapid (@ids) {
+ if ($idx) {
+ push(@recfolders,$mapid);
+ } elsif ($mapid == $deeplink_login_pc) {
+ push(@recfolders,$mapid);
+ $idx = $mapid;
+ }
}
+ push(@recfolders,$mpc);
}
- push(@recfolders,$mpc);
}
}
}
- }
- foreach my $key (keys(%hash)) {
- if ($key=~/^src_(.+)$/) {
- my $rid = $1;
- next if ($rid eq '0.0');
- next if ($rid eq $loginrid);
- if ($scope ne 'res') {
- my $mapid = (split(/\./,$rid))[0];
- next if ($mapid eq $deeplink_login_pc);
- if ($scope eq 'rec') {
- next if (grep(/^$mapid$/,@recfolders));
+ foreach my $key (keys(%hash)) {
+ if ($key=~/^src_(.+)$/) {
+ my $rid = $1;
+ next if ($rid eq '0.0');
+ next if ($rid eq $loginrid);
+ if ($scope ne 'res') {
+ my $mapid = (split(/\./,$rid))[0];
+ next if ($mapid eq $deeplink_login_pc);
+ if ($scope eq 'rec') {
+ next if (grep(/^$mapid$/,@recfolders));
+ }
}
+ $deeplinkout{$rid} = 1;
}
- $deeplinkout{$rid} = 1;
}
}
}
+ &deeplinkouts();
}
- &deeplinkouts();
}
}
&mapcrumbs();
_______________________________________________
LON-CAPA-cvs mailing list
LON-CAPA-cvs@mail.lon-capa.org
http://mail.lon-capa.org/mailman/listinfo/lon-capa-cvs
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic