2 ;; This script is written with the expectation that it is an embedded
3 ;; newlisp executable invked via .cgi links from within the
6 ;; Its (main-args 0) has a final path component X.cgi that links to
7 ;; this file as a packnl embedding that will use that X part of its
8 ;; name to determine th actual script. That lookup will also use the
9 ;; "role base" as declared in "roles.txt"
11 (write-line 2 (string (date-value) " " (main-args)))
12 (unless (ends-with (main-args 0) ".cgi")
13 (if (exists file? (list (main-args 1)
14 (string (main-args 1) ".lsp")))
16 (write-line 2 (string "Unknown command " (main-args 1))))
20 ;; This script is executed in (protected) subdirectory www
23 ;; Needs an HTTP_AUTHORIZATION environment variable
24 (when (empty? (setf AUTH (env "HTTP_AUTHORIZATION")))
25 (write-line 1 (read-file "tmpl/unauthorized.http"))
28 ;; Must find that value in .htpasswd
29 (unless (ref (6 AUTH) (parse (read-file ".htpasswd") "\n"))
30 (write-line 1 (read-file "tmpl/unauthorized.http"))
33 (define (role-script ROLE)
34 (let ((CMD (and (regex "([^/]*).cgi$" (main-args 0) 0) $1)))
35 (if (= "." ROLE) (string CMD ".lsp")
36 (format "%s/%s.lsp" ROLE CMD))))
39 ROLES (map (fn (x) (parse x ":")) (parse (read-file "roles.txt") "\n"))
40 REMOTE_USER (and (regex "([^:]+):" (base64-dec (6 AUTH)) 0) $1)
41 ROLE (or (lookup REMOTE_USER ROLES) "child")
42 SCRIPT (role-script ROLE)
44 (env "REMOTE_USER" REMOTE_USER)
47 (unless (file? SCRIPT)
48 (write 1 "\nBroken.\n")