|
version 1.8, 2011/10/17 17:23:25
|
version 1.9, 2011/10/21 20:00:30
|
|
Line 225 sub check_domain_ip {
|
Line 225 sub check_domain_ip {
|
| |
|
| Inputs: $page, the identifier of the page to be viewed, |
Inputs: $page, the identifier of the page to be viewed, |
| can be one of the keys in the hash from &serverstatus_titles() |
can be one of the keys in the hash from &serverstatus_titles() |
| |
$domain (optional), a specific domain for which the page is needed. |
| |
|
| Returns: 1 if access to the page is permitted. |
Returns: 1 if access to the page is permitted, or &-separated list of domains |
| |
for which access is allowed, if $page is domconf, and not superuser. |
| Access allowed if one of the following is true: |
Access allowed if one of the following is true: |
| (a) Requestor has LON-CAPA superuser role |
(a) Requestor has LON-CAPA superuser role |
| (b) Requestor's role is Domain Coordinator in one of the domains |
(b) Requestor's role is Domain Coordinator in requested domain |
| |
(if specified) or (if unspecified) in one of the domains |
| hosted on this server |
hosted on this server |
| (c) Domain configurations for domains hosted on this server include |
(c) The domain configuration for the particular domain (if specified), |
| the requestor as one of the named users (username:domain) with access |
or domain configurations for domains hosted on this server (if |
| to the page. |
specific domain not specified), include the requestor as one of |
| |
the named users (username:domain) with access to the page. |
| |
|
| In the case of requests for the 'showenv' page (/adm/test), the domains tested |
In the case of requests for the 'showenv' page (/adm/test), the domains tested |
| are not the domains hosted on the server, but instead are a single domain - |
are not the domains hosted on the server, but instead are a single domain - |
|
Line 246 Returns: 1 if access to the page is perm
|
Line 250 Returns: 1 if access to the page is perm
|
| ############################################# |
############################################# |
| ############################################# |
############################################# |
| sub can_view { |
sub can_view { |
| my ($page) = @_; |
my ($page,$domain) = @_; |
| my $allowed; |
my $allowed; |
| if ($Apache::lonnet::env{'request.role'} =~ m{^su\./}) { |
if ($Apache::lonnet::env{'request.role'} =~ m{^su\./}) { |
| $allowed = 1; |
$allowed = 1; |
|
Line 267 sub can_view {
|
Line 271 sub can_view {
|
| } |
} |
| } else { |
} else { |
| @poss_domains = &Apache::lonnet::current_machine_domains(); |
@poss_domains = &Apache::lonnet::current_machine_domains(); |
| |
if ($domain ne '') { |
| |
if (grep(/^\Q$domain\E$/,@poss_domains)) { |
| |
@poss_domains = ($domain); |
| |
} else { |
| |
undef(@poss_domains); |
| |
} |
| |
} |
| } |
} |
| unless ($allowed) { |
unless ($allowed) { |
| foreach my $dom (@poss_domains) { |
foreach my $dom (@poss_domains) { |
| my %domconfig = &Apache::lonnet::get_dom('configuration',['serverstatuses'], |
my %domconfig = &Apache::lonnet::get_dom('configuration',['serverstatuses'], |
| $dom); |
$dom); |
| if ($Apache::lonnet::env{'request.role'} eq "dc./$dom/") { |
if ($Apache::lonnet::env{'request.role'} eq "dc./$dom/") { |
| $allowed = 1; |
if ($page eq 'domconf') { |
| |
$allowed .= $dom.'&'; |
| |
} else { |
| |
$allowed = 1; |
| |
} |
| } elsif (ref($domconfig{'serverstatuses'}) eq 'HASH') { |
} elsif (ref($domconfig{'serverstatuses'}) eq 'HASH') { |
| if (ref($domconfig{'serverstatuses'}{$page}) eq 'HASH') { |
if (ref($domconfig{'serverstatuses'}{$page}) eq 'HASH') { |
| if ($domconfig{'serverstatuses'}{$page}{'namedusers'} ne '') { |
if ($domconfig{'serverstatuses'}{$page}{'namedusers'} ne '') { |
| my @okusers = split(/,/,$domconfig{'serverstatuses'}{$page}{'namedusers'}); |
my @okusers = split(/,/,$domconfig{'serverstatuses'}{$page}{'namedusers'}); |
| if (grep(/^\Q$Apache::lonnet::env{'user.name'}:$Apache::lonnet::env{'user.domain'}\E$/,@okusers)) { |
if (grep(/^\Q$Apache::lonnet::env{'user.name'}:$Apache::lonnet::env{'user.domain'}\E$/,@okusers)) { |
| $allowed = 1; |
if ($page eq 'domconf') { |
| |
$allowed .= $dom.'&'; |
| |
} else { |
| |
$allowed = 1; |
| |
} |
| |
} |
| |
unless ($page eq 'domconf') { |
| |
last if ($allowed); |
| } |
} |
| } |
} |
| } |
} |
| } |
} |
| last if $allowed; |
|
| } |
} |
| |
$allowed =~ s/\&$//; |
| } |
} |
| } |
} |
| return $allowed; |
return $allowed; |
|
Line 362 sub serverstatus_titles {
|
Line 384 sub serverstatus_titles {
|
| 'takeonline' => 'Online - restore Log-in page', |
'takeonline' => 'Online - restore Log-in page', |
| 'showenv' => 'Show user environment', |
'showenv' => 'Show user environment', |
| 'toggledebug' => 'Toggle debug messages', |
'toggledebug' => 'Toggle debug messages', |
| |
'ping' => 'Cause server to ping another server', |
| |
'domconf' => 'Text Display of Domain Configuration', |
| ); |
); |
| return \%titles; |
return \%titles; |
| } |
} |
![[BACK]](/icons/back.gif){kind=icon}
Return to lonauthcgi.pm CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [LON-CAPA] / loncom / cgi