File Coverage

blib/lib/Apache/AuthzUserDir.pm

Criterion	Covered	Total	%
statement	4	6	66.6
branch			n/a
condition			n/a
subroutine	2	2	100.0
pod			n/a
total	6	8	75.0

line	stmt	sub	time	code
1				package Apache::AuthzUserDir;
2
3	1	1	10067	use strict;
	1		2
	1		35
4	1	1	1478	use Apache::Constants ':common';
	0
	0
5
6				$Apache::AuthzUserDir::VERSION = '0.92';
7
8				sub handler {
9				my $r = shift;
10				my $requires = $r->requires;
11				return OK unless $requires;
12
13				# get user's authentication credentials
14				my ($res, $sent_pw) = $r->get_basic_auth_pw;
15				return $res if $res != OK;
16
17				my $user = $r->connection->user;
18
19				unless($user and $sent_pw) {
20				$r->note_basic_auth_failure;
21				$r->log_reason("Both a username and password must be provided", $r->filename);
22				return AUTH_REQUIRED;
23				}
24
25				my($file,$userdir_user);
26				$file = $r->uri;
27
28				# validity checking - require something after /~ or DECLINE
29				unless ($file =~ (/\/\~.+/)) {
30				return DECLINED;
31				}
32
33				# user is everything after /~ until another slash is seen (or until the end
34				# of the string to accomodate sloppy http://foo.com/~user requests w/o
35				# trailing slash)
36
37				($userdir_user) = $file =~ /~([^\/]+)/;
38
39				for my $entry (@$requires) {
40				my($requirement, @rest) = split(/\s+/, $entry->{requirement});
41
42				if (lc $requirement eq 'valid-user') {
43				if ($userdir_user eq $user) {
44				return OK;
45				} else {
46				# Forbid a different user is trying to get in.
47				$r->log_reason("Apache::AuthzUserDir - declined $user access to $file");
48				return FORBIDDEN;
49				}
50				} else {
51				$r->log_reason("Apache::AuthzUserDir - unknown require $requirement");
52				}
53				}
54				$r->note_basic_auth_failure;
55				$r->log_reason("Apache::AuthzUserDir - user $user: not authorized", $r->uri);
56				return AUTH_REQUIRED;
57				}
58
59				1;
60				__END__