Added pluggable URL and content handlers.

2007-12-14 22:08:09 +00:00 · 2007-12-14 22:08:09 +00:00 · 1fc11fbda8
commit 1fc11fbda8
parent fb33859cc6
19 changed files with 1101 additions and 411 deletions
--- a/lib/WebGUI/URL/Uploads.pm
+++ b/lib/WebGUI/URL/Uploads.pm
@ -0,0 +1,85 @@
+package WebGUI::URL::Uploads;
+
+=head1 LEGAL
+
+ -------------------------------------------------------------------
+  WebGUI is Copyright 2001-2007 Plain Black Corporation.
+ -------------------------------------------------------------------
+  Please read the legal notices (docs/legal.txt) and the license
+  (docs/license.txt) that came with this distribution before using
+  this software.
+ -------------------------------------------------------------------
+  http://www.plainblack.com                     info@plainblack.com
+ -------------------------------------------------------------------
+
+=cut
+
+use strict;
+use Apache2::Const -compile => qw(OK DECLINED NOT_FOUND AUTH_REQUIRED);
+use WebGUI::Session;
+
+=head1 NAME
+
+Package WebGUI::URL::Uploads;
+
+=head1 DESCRIPTION
+
+A URL handler that handles privileges for uploaded files.
+
+=head1 SYNOPSIS
+
+ use WebGUI::URL::Uploads;
+ my $status = WebGUI::URL::Uploads::handler($r, $s, $config);
+
+=head1 SUBROUTINES
+
+These subroutines are available from this package:
+
+=cut
+
+#-------------------------------------------------------------------
+
+=head2 handler ( request, server, config ) 
+
+The Apache request handler for this package.
+
+=cut
+
+sub handler {
+    my ($request, $server, $config) = @_;
+    $request->push_handlers(PerlAccessHandler => sub { 
+	    if (-e $request->filename) {
+		    my $path = $request->filename;
+		    $path =~ s/^(\/.*\/).*$/$1/;
+	    	if (-e $path.".wgaccess") {
+			    my $fileContents;
+			    open(my $FILE, "<" ,$path.".wgaccess");
+			    while (my $line = <$FILE>) {
+				    $fileContents .= $line;
+			    }
+			    close($FILE);
+			    my @privs = split("\n", $fileContents);
+			    unless ($privs[1] eq "7" || $privs[1] eq "1") {
+				    my $session = WebGUI::Session->open($server->dir_config('WebguiRoot'), $config->getFilename, $request, $server);
+				    my $hasPrivs = ($session->var->get("userId") eq $privs[0] || $session->user->isInGroup($privs[1]) || $session->user->isInGroup($privs[2]));
+				    $session->close();
+				    if ($hasPrivs) {
+					    return Apache2::Const::OK;
+				    }    
+                    else {
+					    return Apache2::Const::AUTH_REQUIRED;
+				    }
+			    }
+		    }
+		    return Apache2::Const::OK;
+	    } 
+        else {
+		    return Apache2::Const::NOT_FOUND;
+	    }
+    } );
+    return Apache2::Const::DECLINED;
+}
+
+
+1;
+