[LON-CAPA-cvs] cvs: loncom /auth lonacc.pm
raeburn
raeburn@source.lon-capa.org
Wed, 17 Mar 2010 00:06:14 -0000
raeburn Wed Mar 17 00:06:14 2010 EDT
Modified files:
/loncom/auth lonacc.pm
Log:
- Bug 6236.
Authorization (AuthzHandler) for a Community when editing a simple problem:
/res/lib/templates/simpleproblem.problem/smpedit
(mdc priv in lonsimpleproblemedit::handler() laer checks editing rights).
Index: loncom/auth/lonacc.pm
diff -u loncom/auth/lonacc.pm:1.131 loncom/auth/lonacc.pm:1.132
--- loncom/auth/lonacc.pm:1.131 Wed Mar 3 21:33:10 2010
+++ loncom/auth/lonacc.pm Wed Mar 17 00:06:14 2010
@@ -1,7 +1,7 @@
# The LearningOnline Network
# Cookie Based Access Handler
#
-# $Id: lonacc.pm,v 1.131 2010/03/03 21:33:10 droeschl Exp $
+# $Id: lonacc.pm,v 1.132 2010/03/17 00:06:14 raeburn Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -452,8 +452,16 @@
if ($requrl =~ m{^/res/}) {
$access = &Apache::lonnet::allowed('bro',$requrl);
if ($access ne 'F') {
- $env{'user.error.msg'}="$requrl:bre:1:1:Access Denied";
- return HTTP_NOT_ACCEPTABLE;
+ if ($requrl eq '/res/lib/templates/simpleproblem.problem/smpedit') {
+ $access = &Apache::lonnet::allowed('bre','/res/lib/templates/simpleproblem.problem');
+ if ($access ne 'F') {
+ $env{'user.error.msg'}="$requrl:bre:1:1:Access Denied";
+ return HTTP_NOT_ACCEPTABLE;
+ }
+ } else {
+ $env{'user.error.msg'}="$requrl:bre:1:1:Access Denied";
+ return HTTP_NOT_ACCEPTABLE;
+ }
}
} else {
$env{'user.error.msg'}="$requrl:bre:1:1:Access Denied";