--- loncom/auth/loncacc.pm 2009/04/11 21:42:58 1.49 +++ loncom/auth/loncacc.pm 2011/02/24 23:42:18 1.52 @@ -2,7 +2,7 @@ # Cookie Based Access Handler for Construction Area # (lonacc: 5/21/99,5/22,5/29,5/31 Gerd Kortemeyer) # -# $Id: loncacc.pm,v 1.49 2009/04/11 21:42:58 raeburn Exp $ +# $Id: loncacc.pm,v 1.52 2011/02/24 23:42:18 raeburn Exp $ # # Copyright Michigan State University Board of Trustees # @@ -119,16 +119,25 @@ sub constructaccess { } my $then=$env{'user.login.time'}; + my $update==$env{'user.updateroles.time'}; + if (!$update) { + $update = $then; + } my %dcroles = (); - if (&is_active_dc($ownerdomain,$then)) { + if (&is_active_dc($ownerdomain,$update)) { my %blocked=&Apache::lonnet::get('environment',['domcoord.author'], $ownerdomain,$ownername); unless ($blocked{'domcoord.author'} eq 'blocked') { if (grep(/^$ownerdomain$/,@possibledomains)) { if ($setpriv) { + my $refresh=$env{'user.refresh.time'}; + if (!$refresh) { + $refresh = $update; + } my $now = time; &Apache::lonnet::check_adhoc_privs($ownerdomain,$ownername, - $then,$now,'ca'); + $update,$refresh,$now,'ca', + 'constructaccess'); } return($ownername,$ownerdomain); } @@ -138,15 +147,15 @@ sub constructaccess { } sub is_active_dc { - my ($ownerdomain,$then) = @_; + my ($ownerdomain,$update) = @_; my $livedc; if ($env{'user.adv'}) { my $domrole = $env{'user.role.dc./'.$ownerdomain.'/'}; if ($domrole) { my ($tstart,$tend)=split(/\./,$domrole); $livedc = 1; - if ($tstart && $tstart>$then) { undef($livedc); } - if ($tend && $tend <$then) { undef($livedc); } + if ($tstart && $tstart>$update) { undef($livedc); } + if ($tend && $tend <$update) { undef($livedc); } } } return $livedc; @@ -174,7 +183,7 @@ sub handler { $env{'request.state'} = "construct"; $env{'request.filename'} = $r->filename; - unless (&constructaccess($requrl,$r->dir_config('lonDefDomain')),'setpriv') { + unless (&constructaccess($requrl,$r->dir_config('lonDefDomain'),'setpriv')) { $r->log_reason("Unauthorized $requrl", $r->filename); return HTTP_NOT_ACCEPTABLE; }