[LON-CAPA-cvs] cvs: loncom /homework inputtags.pm lonhomework.pm structuretags.pm
albertel
lon-capa-cvs@mail.lon-capa.org
Mon, 13 Oct 2003 21:09:47 -0000
albertel Mon Oct 13 17:09:47 2003 EDT
Modified files:
/loncom/homework inputtags.pm lonhomework.pm structuretags.pm
Log:
- BUG#2273, IP access control doesn't work, now does supports
- explict IP 1.2.3.4
- wildcard IP 35.8.3.*, 35.8.*, 35.*
- ranged IP 35.8.3.[1-135]
- explict name mileva.lite.msu.edu
- wildcard name *.msu.edu
Index: loncom/homework/inputtags.pm
diff -u loncom/homework/inputtags.pm:1.120 loncom/homework/inputtags.pm:1.121
--- loncom/homework/inputtags.pm:1.120 Wed Oct 8 14:25:18 2003
+++ loncom/homework/inputtags.pm Mon Oct 13 17:09:47 2003
@@ -1,7 +1,7 @@
# The LearningOnline Network with CAPA
# input definitons
#
-# $Id: inputtags.pm,v 1.120 2003/10/08 18:25:18 albertel Exp $
+# $Id: inputtags.pm,v 1.121 2003/10/13 21:09:47 albertel Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -621,7 +621,8 @@
my $status = $Apache::inputtags::status['-1'];
&Apache::lonxml::debug("gradestatus has :$status:");
- if ( $status ne 'CLOSED' && $status ne 'UNAVAILABLE') {
+ if ( $status ne 'CLOSED' && $status ne 'UNAVAILABLE' &&
+ $status ne 'INVALID_ACCESS') {
my $award = $Apache::lonhomework::history{"resource.$id.award"};
my $solved = $Apache::lonhomework::history{"resource.$id.solved"};
my $previous = $Apache::lonhomework::history{"resource.$id.previous"};
Index: loncom/homework/lonhomework.pm
diff -u loncom/homework/lonhomework.pm:1.151 loncom/homework/lonhomework.pm:1.152
--- loncom/homework/lonhomework.pm:1.151 Sun Sep 21 17:40:06 2003
+++ loncom/homework/lonhomework.pm Mon Oct 13 17:09:47 2003
@@ -1,7 +1,7 @@
# The LearningOnline Network with CAPA
# The LON-CAPA Homework handler
#
-# $Id: lonhomework.pm,v 1.151 2003/09/21 21:40:06 www Exp $
+# $Id: lonhomework.pm,v 1.152 2003/10/13 21:09:47 albertel Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -147,6 +147,51 @@
$Apache::lonxml::browse='';
+sub check_ip_acc {
+ my ($acc)=@_;
+ if (!defined($acc)) { return 1; }
+ my $allowed=0;
+ my $ip=$ENV{'REMOTE_ADDR'};
+ my $name;
+ foreach my $pattern (split(',',$acc)) {
+ if ($pattern =~ /\*$/) {
+ #35.8.*
+ $pattern=~s/\*//;
+ if ($ip =~ /^\Q$pattern\E/) { $allowed=1; }
+ } elsif ($pattern =~ /(\d+\.\d+\.\d+)\.\[(\d+)-(\d+)\]$/) {
+ #35.8.3.[34-56]
+ my $low=$2;
+ my $high=$3;
+ $pattern=$1;
+ if ($ip =~ /^\Q$pattern\E/) {
+ my $last=(split(/\./,$ip))[3];
+ if ($last <=$high && $last >=$low) { $allowed=1; }
+ }
+ } elsif ($pattern =~ /^\*/) {
+ #*.msu.edu
+ $pattern=~s/\*//;
+ if (!defined($name)) {
+ use Socket;
+ my $netaddr=inet_aton($ip);
+ ($name)=gethostbyaddr($netaddr,AF_INET);
+ }
+ if ($name =~ /\Q$pattern\E$/i) { $allowed=1; }
+ } elsif ($pattern =~ /\d+\.\d+\.\d+\.\d+/) {
+ #127.0.0.1
+ if ($ip =~ /^\Q$pattern\E/) { $allowed=1; }
+ } else {
+ #some.name.com
+ if (!defined($name)) {
+ use Socket;
+ my $netaddr=inet_aton($ip);
+ ($name)=gethostbyaddr($netaddr,AF_INET);
+ }
+ if ($name =~ /\Q$pattern\E$/i) { $allowed=1; }
+ }
+ if ($allowed) { last; }
+ }
+ return $allowed;
+}
# JB, 9/24/2002: Any changes in this function may require a change
# in lonnavmaps::resource::getDateStatus.
sub check_access {
@@ -168,6 +213,15 @@
&Apache::lonxml::debug("checking for part :$id:");
&Apache::lonxml::debug("time:".time);
+
+ my $allowed=&check_ip_acc(&Apache::lonnet::EXT("resource.$id.acc"));
+ if (!$allowed) {
+ &Apache::lonnet::logthis("Early exit");
+ $status='INVALID_ACCESS';
+ $date=&mt("may be open from a different computer.");
+ return($status,$date);
+ }
+
foreach $temp ("opendate","duedate","answerdate") {
$lastdate = $date;
$date = &Apache::lonnet::EXT("resource.$id.$temp");
Index: loncom/homework/structuretags.pm
diff -u loncom/homework/structuretags.pm:1.215 loncom/homework/structuretags.pm:1.216
--- loncom/homework/structuretags.pm:1.215 Thu Oct 9 17:49:24 2003
+++ loncom/homework/structuretags.pm Mon Oct 13 17:09:47 2003
@@ -1,7 +1,7 @@
# The LearningOnline Network with CAPA
# definition of tags that give a structure to a document
#
-# $Id: structuretags.pm,v 1.215 2003/10/09 21:49:24 albertel Exp $
+# $Id: structuretags.pm,v 1.216 2003/10/13 21:09:47 albertel Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -400,7 +400,8 @@
if (( $status eq 'CLOSED' ) ||
( $status eq 'UNCHECKEDOUT') ||
( $status eq 'BANNED') ||
- ( $status eq 'UNAVAILABLE')) {
+ ( $status eq 'UNAVAILABLE') ||
+ ( $status eq 'INVALID_ACCESS')) {
my $bodytext=&Apache::lonxml::get_all_text("/problem",$parser);
if ( $target eq "web" ) {
$result.= $head_tag_start.'</head>';
@@ -410,7 +411,7 @@
} else {
$result.='<h1>'.&mt('Not open to be viewed').'</h1>';
}
- if ($status eq 'CLOSED') {
+ if ($status eq 'CLOSED' || $status eq 'INVALID_ACCESS') {
$msg.='The problem '.$accessmsg;
} elsif ($status eq 'UNCHECKEDOUT') {
$msg.=&checkout_msg;
@@ -442,7 +443,8 @@
}
}
} elsif ($status eq 'SHOW_ANSWER' || $status eq 'CANNOT_ANSWER'
- || $status eq 'CLOSED' || $status eq 'UNAVALAILABLE') {
+ || $status eq 'CLOSED' || $status eq 'UNAVALAILABLE' ||
+ $status eq 'INVALID_ACCESS') {
$result.=$head_tag_start.
"<title>$name</title></head>\n$body_tag_start\n";
}
@@ -539,7 +541,7 @@
$result.="</form></body>\n";
}
} elsif ($status eq 'SHOW_ANSWER' || $status eq 'CANNOT_ANSWER' ||
- $status eq 'UNCHECKEDOUT' ) {
+ $status eq 'UNCHECKEDOUT' || $status eq 'INVALID_ACCESS') {
if ($target ne 'tex' &&
$ENV{'form.answer_output_mode'} ne 'tex') {
$result.="</body>\n";
@@ -955,7 +957,11 @@
my $expression='$external::datestatus="'.$status.'";';
$expression.='$external::gradestatus="'.$Apache::lonhomework::history{"resource.$id.solved"}.'";';
&Apache::run::run($expression,$safeeval);
- if ( $status eq 'CLOSED' ) {
+ if (( $status eq 'CLOSED' ) ||
+ ( $status eq 'UNCHECKEDOUT') ||
+ ( $status eq 'BANNED') ||
+ ( $status eq 'UNAVAILABLE') ||
+ ( $status eq 'INVALID_ACCESS')) {
my $bodytext=&Apache::lonxml::get_all_text("/part",$parser);
if ( $target eq "web" ) {
$result="<br />".&mt('Part is not open to be viewed. It')." $accessmsg<br />";