Diff for /loncom/auth/lonauth.pm between versions 1.60 and 1.61

version 1.60, 2003/11/21 22:10:25 version 1.61, 2004/01/13 16:29:40
Line 344  ENDFAILED Line 344  ENDFAILED
  failed($r,'Username, password and domain need to be specified.');   failed($r,'Username, password and domain need to be specified.');
         return OK;          return OK;
     }      }
   
   # split user logging in and "su"-user
   
       ($FORM{'uname'},$FORM{'suname'})=split(/\:/,$FORM{'uname'});
     $FORM{'uname'} =~ s/\W//g;      $FORM{'uname'} =~ s/\W//g;
       $FORM{'suname'} =~ s/\W//g;
     $FORM{'udom'}  =~ s/\W//g;      $FORM{'udom'}  =~ s/\W//g;
   
     my $role   = $r->dir_config('lonRole');      my $role   = $r->dir_config('lonRole');
Line 401  ENDFAILED Line 406  ENDFAILED
  ($firsturl=~/^\/adm\/(logout|remote)/)) {   ($firsturl=~/^\/adm\/(logout|remote)/)) {
  $firsturl='/adm/roles';   $firsturl='/adm/roles';
     }      }
   # --------------------------------- Are we attempting to login as somebody else?
     success($r,$FORM{'uname'},$FORM{'udom'},$authhost,$firsturl);      if ($FORM{'suname'}) {
   # ------------ see if the original user has enough privileges to pull this stunt
    if (&Apache::lonnet::privileged($FORM{'uname'},$FORM{'udom'})) {
   # ---------------------------------------------------- see if the su-user exists
       unless (&Apache::lonnet::homeserver($FORM{'suname'},$FORM{'udom'})
    eq 'no_host') {
    &Apache::lonnet::logthis(&Apache::lonnet::homeserver($FORM{'suname'},$FORM{'udom'}));
   # ------------------------------ see if the su-user is not too highly privileged
    unless (&Apache::lonnet::privileged($FORM{'suname'},$FORM{'udom'})) {
   # -------------------------------------------------------- actually switch users
       &Apache::lonnet::logperm('User '.$FORM{'uname'}.' at '.$FORM{'udom'}.
    ' logging in as '.$FORM{'suname'});
       $FORM{'uname'}=$FORM{'suname'};
    } else {
       &Apache::lonnet::logthis('Attempted switch user to privileged user');
    }
       }
    } else {
       &Apache::lonnet::logthis('Non-privileged user attempting switch user');
    }
       }
       &success($r,$FORM{'uname'},$FORM{'udom'},$authhost,$firsturl);
     return OK;      return OK;
 }  }
   

Removed from v.1.60  
changed lines
  Added in v.1.61


FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>