[LON-CAPA-cvs] cvs: loncom(version_2_11_X) /auth lonacc.pm
raeburn
raeburn at source.lon-capa.org
Sun Aug 7 16:49:38 EDT 2016
raeburn Sun Aug 7 20:49:38 2016 EDT
Modified files: (Branch: version_2_11_X)
/loncom/auth lonacc.pm
Log:
- For 2.11
- Backport 1.160
Index: loncom/auth/lonacc.pm
diff -u loncom/auth/lonacc.pm:1.159.2.2 loncom/auth/lonacc.pm:1.159.2.3
--- loncom/auth/lonacc.pm:1.159.2.2 Fri Aug 5 20:27:18 2016
+++ loncom/auth/lonacc.pm Sun Aug 7 20:49:37 2016
@@ -1,7 +1,7 @@
# The LearningOnline Network
# Cookie Based Access Handler
#
-# $Id: lonacc.pm,v 1.159.2.2 2016/08/05 20:27:18 raeburn Exp $
+# $Id: lonacc.pm,v 1.159.2.3 2016/08/07 20:49:37 raeburn Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -605,6 +605,12 @@
return HTTP_NOT_ACCEPTABLE;
}
}
+ } elsif (($handle =~ /^publicuser_\d+$/) && (&Apache::lonnet::is_portfolio_url($requrl))) {
+ my $clientip = $r->get_remote_host();
+ if (&Apache::lonnet::allowed('bre',$requrl,undef,undef,$clientip) ne 'F') {
+ $env{'user.error.msg'}="$requrl:bre:1:1:Access Denied";
+ return HTTP_NOT_ACCEPTABLE;
+ }
} else {
$env{'user.error.msg'}="$requrl:bre:1:1:Access Denied";
return HTTP_NOT_ACCEPTABLE;
@@ -743,7 +749,8 @@
}
# ------------------------------------ See if this is a viewable portfolio file
if (&Apache::lonnet::is_portfolio_url($requrl)) {
- my $access=&Apache::lonnet::allowed('bre',$requrl);
+ my $clientip = $r->get_remote_host();
+ my $access=&Apache::lonnet::allowed('bre',$requrl,undef,undef,$clientip);
if ($access eq 'A') {
&Apache::restrictedaccess::setup_handler($r);
return OK;
More information about the LON-CAPA-cvs
mailing list