X-Git-Url: https://git.rrq.au/?a=blobdiff_plain;f=manager%2Fbasic_login.lsp;h=38b7ac490b56a7ef827c6ac8f5e5b7808825c527;hb=2bfd9cd6757dcf0d92e88fd511d4ff20b4228f2e;hp=14117d45eb3856dfa90346aa0d34a90cccd349ff;hpb=cb0bad5aa28b439d25f978173798a4c17e91bdb8;p=rrq%2Fhourglass.git diff --git a/manager/basic_login.lsp b/manager/basic_login.lsp index 14117d4..38b7ac4 100644 --- a/manager/basic_login.lsp +++ b/manager/basic_login.lsp @@ -5,9 +5,11 @@ ;; ;; Its (main-args 0) has a final path component X.cgi that links to ;; this file as a packnl embedding that will use that X part of its -;; name to determine th actual script. That lookup will also use the -;; "role base" as declared in "roles.txt" +;; name to determine th actual script. +(load "siteconfig.lsp") + +(write-line 2 (string (date-value) " " (main-args))) (unless (ends-with (main-args 0) ".cgi") (if (exists file? (list (main-args 1) (string (main-args 1) ".lsp"))) @@ -15,12 +17,13 @@ (write-line 2 (string "Unknown command " (main-args 1)))) (exit 0)) + ;; This script is executed in (protected) subdirectory www (change-dir "..") ;; Needs an HTTP_AUTHORIZATION environment variable -(unless (setf AUTH (env "HTTP_AUTHORIZATION")) - (write-line 2 (read-file "tmpl/unauthorized.http")) +(when (empty? (setf AUTH (env "HTTP_AUTHORIZATION"))) + (write-line 1 (read-file "tmpl/unauthorized.http")) (exit 0)) ;; Must find that value in .htpasswd @@ -28,11 +31,14 @@ (write-line 1 (read-file "tmpl/unauthorized.http")) (exit 0)) +;; Determine actual script name respecting given role, if any. +(define (role-script (ROLE ".")) + (let ((CMD (and (regex "([^/]*).cgi$" (main-args 0) 0) $1))) + (if (= "." ROLE) (string CMD ".lsp") (format "%s/%s.lsp" ROLE CMD)))) + (setf - ROLES (map (fn (x) (parse x ":")) (parse (read-file "roles.txt") "\n")) REMOTE_USER (and (regex "([^:]+):" (base64-dec (6 AUTH)) 0) $1) - ROLE (or (lookup REMOTE_USER ROLSE) "child") - SCRIPT (format "%s/%s" ROLE (main-args 1)) + SCRIPT (role-script) ) (env "REMOTE_USER" REMOTE_USER) (env "ROLE" ROLE)