#!/bin/sh
#------------------------------------------------------------------------------
# /usr/local/htdocs/sec-lib.cgi - provide functions to control access
#
# Copyright (c) 2003-2010 Marcus Herleb, info(at)herleb(dot).de
# Copyright (c) 2011-2024 The Eisfair Team, team(at)eisfair(dot)org
#
# Creation: 2001-05-20 tg
# Last Update: $Id$
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version..
#------------------------------------------------------------------------------
if [ -z "$SEC_REALM" -o -z "$SEC_ACTION" ]
then
echo 'Content-Type: text/html; charset=iso-8859-1'
echo 'Cache-control: no-store' # HTTP/1.1 (or no-cache?)
echo 'Pragma: no-cache' # HTTP/1.0
echo "Expires: `date -Ru`" # Expires now!
echo
echo ''
echo ''
echo 'Error'
echo ''
echo '
Error
'
echo '
There was an error calling the security-lib. Please consult the'
echo 'EISFAIR support team!!! Maybe you have called the sec-lib.cgi directly?'
echo 'This must not be done!'
# Exit the CGI-Script
exit 1
fi
if [ -n "$REMOTE_USER" ]
then
rights="`grep ^$REMOTE_USER= /etc/httpd/rights | sed 's/^[^=]*=//'`"
# Hey, these sh** [] don't want to match [ ^] or [ $] so I have to use this crap
if ! echo $rights | grep -q '^all$' &&
! echo $rights | grep -q '\( \|^\)'$SEC_REALM':all\( \|$\)' &&
! echo $rights | grep -q '\( \|^\)'$SEC_REALM'[^ ]*[:,]'$SEC_ACTION'\( \|,\|$\)'
then
echo 'Content-Type: text/html; charset=iso-8859-1'
echo 'Cache-control: no-store' # HTTP/1.1 (or no-cache?)
echo 'Pragma: no-cache' # HTTP/1.0
echo "Expires: `date -Ru`" # Expires now!
echo
echo '
'
echo ''
echo 'Accesss denied!'
echo ''
echo '
Access denied!
'
echo '
If you think, this is an error, contact your system administrator'
echo 'and give him the following informations: '
echo '