--- loncom/auth/lonroles.pm 2008/05/14 19:18:37 1.189 +++ loncom/auth/lonroles.pm 2008/05/14 22:26:48 1.190 @@ -1,7 +1,7 @@ # The LearningOnline Network with CAPA # User Roles Screen # -# $Id: lonroles.pm,v 1.189 2008/05/14 19:18:37 www Exp $ +# $Id: lonroles.pm,v 1.190 2008/05/14 22:26:48 www Exp $ # # Copyright Michigan State University Board of Trustees # @@ -138,7 +138,17 @@ sub handler { if (my ($domain,$coursenum) = ($envkey =~ m-^form\.cc\./($match_domain)/($match_courseid)$-)) { # See if that is even allowed - + my %crsenv=&Apache::lonnet::get('environment',['internal.courseowner'],$domain,$coursenum); + # First find course owner + my ($owneruser,$ownerdomain)=split(/\:/,$crsenv{'internal.courseowner'}); + # Check if course owner blocked cc-access + if (($owneruser) && ($ownerdomain)) { + my %blocked=&Apache::lonnet::get('environment',['domcoord.cc'],$ownerdomain,$owneruser); + if ($blocked{'domcoord.cc'} eq 'blocked') { + $env{'user.error.msg'}=':::1:Course owner '.$owneruser.' in domain '.$ownerdomain.' blocked domain coordinator access'; + last; + } + } if ($dcroles{$domain}) { &check_privs($domain,$coursenum,$then,$now,'cc'); } @@ -147,6 +157,13 @@ sub handler { # Is this a recent ad-hoc CA-role? if (my ($domain,$user) = ($envkey =~ m-^form\.ca\./($match_domain)/($match_username)$-)) { + # See if still allowed + my %blocked=&Apache::lonnet::get('environment',['domcoord.author'],$domain,$user); + if ($blocked{'domcoord.author'} eq 'blocked') { + delete($env{$envkey}); + $env{'user.error.msg'}=':::1:User '.$user.' in domain '.$domain.' blocked domain coordinator access'; + last; + } if (($dcroles{$domain}) && (&is_author_homeserver($user,$domain))) { &check_privs($domain,$user,$then,$now,'ca'); } else {