[LON-CAPA-cvs] cvs: loncom(version_2_11_X) /lonnet/perl lonnet.pm
raeburn
raeburn at source.lon-capa.org
Sun Apr 19 18:42:57 EDT 2015
raeburn Sun Apr 19 22:42:57 2015 EDT
Modified files: (Branch: version_2_11_X)
/loncom/lonnet/perl lonnet.pm
Log:
- For 2.11
Backport 1.1281.
Index: loncom/lonnet/perl/lonnet.pm
diff -u loncom/lonnet/perl/lonnet.pm:1.1172.2.64 loncom/lonnet/perl/lonnet.pm:1.1172.2.65
--- loncom/lonnet/perl/lonnet.pm:1.1172.2.64 Thu Apr 9 18:24:44 2015
+++ loncom/lonnet/perl/lonnet.pm Sun Apr 19 22:42:56 2015
@@ -1,7 +1,7 @@
# The LearningOnline Network
# TCP networking package
#
-# $Id: lonnet.pm,v 1.1172.2.64 2015/04/09 18:24:44 raeburn Exp $
+# $Id: lonnet.pm,v 1.1172.2.65 2015/04/19 22:42:56 raeburn Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -6699,7 +6699,7 @@
# ------------------------------------------------- Check for a user privilege
sub allowed {
- my ($priv,$uri,$symb,$role)=@_;
+ my ($priv,$uri,$symb,$role,$clientip,$noblockcheck)=@_;
my $ver_orguri=$uri;
$uri=&deversion($uri);
my $orguri=$uri;
@@ -6894,11 +6894,16 @@
if ($match) {
if ($env{'user.priv.'.$env{'request.role'}.'./'}
=~/\Q$priv\E\&([^\:]*)/) {
- my @blockers = &has_comm_blocking($priv,$symb,$uri);
- if (@blockers > 0) {
- $thisallowed = 'B';
+ my $value = $1;
+ if ($noblockcheck) {
+ $thisallowed.=$value;
} else {
- $thisallowed.=$1;
+ my @blockers = &has_comm_blocking($priv,$symb,$uri);
+ if (@blockers > 0) {
+ $thisallowed = 'B';
+ } else {
+ $thisallowed.=$value;
+ }
}
}
} else {
@@ -6910,11 +6915,15 @@
$refuri=&declutter($refuri);
my ($match) = &is_on_map($refuri);
if ($match) {
- my @blockers = &has_comm_blocking($priv,$symb,$refuri);
- if (@blockers > 0) {
- $thisallowed = 'B';
- } else {
+ if ($noblockcheck) {
$thisallowed='F';
+ } else {
+ my @blockers = &has_comm_blocking($priv,$symb,$refuri);
+ if (@blockers > 0) {
+ $thisallowed = 'B';
+ } else {
+ $thisallowed='F';
+ }
}
}
}
@@ -6969,11 +6978,15 @@
=~/\Q$priv\E\&([^\:]*)/) {
my $value = $1;
if ($priv eq 'bre') {
- my @blockers = &has_comm_blocking($priv,$symb,$uri);
- if (@blockers > 0) {
- $thisallowed = 'B';
- } else {
+ if ($noblockcheck) {
$thisallowed.=$value;
+ } else {
+ my @blockers = &has_comm_blocking($priv,$symb,$uri);
+ if (@blockers > 0) {
+ $thisallowed = 'B';
+ } else {
+ $thisallowed.=$value;
+ }
}
} else {
$thisallowed.=$value;
@@ -7007,11 +7020,15 @@
=~/\Q$priv\E\&([^\:]*)/) {
my $value = $1;
if ($priv eq 'bre') {
- my @blockers = &has_comm_blocking($priv,$symb,$refuri);
- if (@blockers > 0) {
- $thisallowed = 'B';
- } else {
+ if ($noblockcheck) {
$thisallowed.=$value;
+ } else {
+ my @blockers = &has_comm_blocking($priv,$symb,$refuri);
+ if (@blockers > 0) {
+ $thisallowed = 'B';
+ } else {
+ $thisallowed.=$value;
+ }
}
} else {
$thisallowed.=$value;
@@ -7331,7 +7348,7 @@
if ($mapsymb) {
if (ref($navmap)) {
my $mapres = $navmap->getBySymb($mapsymb);
- @to_test = $mapres->retrieveResources($mapres);
+ @to_test = $mapres->retrieveResources($mapres,undef,0,0,0,1);
foreach my $res (@to_test) {
my $symb = $res->symb();
next if ($symb eq $mapsymb);
@@ -12836,13 +12853,29 @@
=item *
-allowed($priv,$uri,$symb,$role) : check for a user privilege; returns codes for allowed actions
+allowed($priv,$uri,$symb,$role,$clientip,$noblockcheck) : check for a user privilege;
+returns codes for allowed actions.
+
+The first argument is required, all others are optional.
+
+$priv is the privilege being checked.
+$uri contains additional information about what is being checked for access (e.g.,
+URL, course ID etc.).
+$symb is the unique resource instance identifier in a course; if needed,
+but not provided, it will be retrieved via a call to &symbread().
+$role is the role for which a priv is being checked (only used if priv is evb).
+$clientip is the user's IP address (only used when checking for access to portfolio
+files).
+$noblockcheck, if true, skips calls to &has_comm_blocking() for the bre priv. This
+prevents recursive calls to &allowed.
+
F: full access
U,I,K: authentication modes (cxx only)
'': forbidden
1: user needs to choose course
2: browse allowed
A: passphrase authentication needed
+ B: access temporarily blocked because of a blocking event in a course.
=item *
More information about the LON-CAPA-cvs
mailing list