--- loncom/auth/lonroles.pm 2008/03/12 02:47:34 1.186
+++ loncom/auth/lonroles.pm 2008/05/14 22:26:48 1.190
@@ -1,7 +1,7 @@
# The LearningOnline Network with CAPA
# User Roles Screen
#
-# $Id: lonroles.pm,v 1.186 2008/03/12 02:47:34 raeburn Exp $
+# $Id: lonroles.pm,v 1.190 2008/05/14 22:26:48 www Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -106,6 +106,10 @@ sub handler {
# ================================================================== Roles Init
if ($env{'form.selectrole'}) {
+
+ my $locknum=&Apache::lonnet::get_locks();
+ if ($locknum) { return 409; }
+
if ($env{'form.newrole'}) {
$env{'form.'.$env{'form.newrole'}}=1;
}
@@ -133,6 +137,18 @@ sub handler {
# Is this an ad-hoc CC-role?
if (my ($domain,$coursenum) =
($envkey =~ m-^form\.cc\./($match_domain)/($match_courseid)$-)) {
+ # See if that is even allowed
+ my %crsenv=&Apache::lonnet::get('environment',['internal.courseowner'],$domain,$coursenum);
+ # First find course owner
+ my ($owneruser,$ownerdomain)=split(/\:/,$crsenv{'internal.courseowner'});
+ # Check if course owner blocked cc-access
+ if (($owneruser) && ($ownerdomain)) {
+ my %blocked=&Apache::lonnet::get('environment',['domcoord.cc'],$ownerdomain,$owneruser);
+ if ($blocked{'domcoord.cc'} eq 'blocked') {
+ $env{'user.error.msg'}=':::1:Course owner '.$owneruser.' in domain '.$ownerdomain.' blocked domain coordinator access';
+ last;
+ }
+ }
if ($dcroles{$domain}) {
&check_privs($domain,$coursenum,$then,$now,'cc');
}
@@ -141,6 +157,13 @@ sub handler {
# Is this a recent ad-hoc CA-role?
if (my ($domain,$user) =
($envkey =~ m-^form\.ca\./($match_domain)/($match_username)$-)) {
+ # See if still allowed
+ my %blocked=&Apache::lonnet::get('environment',['domcoord.author'],$domain,$user);
+ if ($blocked{'domcoord.author'} eq 'blocked') {
+ delete($env{$envkey});
+ $env{'user.error.msg'}=':::1:User '.$user.' in domain '.$domain.' blocked domain coordinator access';
+ last;
+ }
if (($dcroles{$domain}) && (&is_author_homeserver($user,$domain))) {
&check_privs($domain,$user,$then,$now,'ca');
} else {
@@ -151,9 +174,15 @@ sub handler {
# Is this a new ad-hoc CA-role?
if (my ($domain) =
($envkey =~ m-^form\.adhocca\./($match_domain)$-)) {
+ my $user=$env{'form.adhoccauname.'.$domain};
+ if (!$user) { $user=$env{'form.adhoccaunamerecent.'.$domain} };
+ # See if that is even allowed
+ my %blocked=&Apache::lonnet::get('environment',['domcoord.author'],$domain,$user);
+ if ($blocked{'domcoord.author'} eq 'blocked') {
+ $env{'user.error.msg'}=':::1:User '.$user.' in domain '.$domain.' blocked domain coordinator access';
+ last;
+ }
if ($dcroles{$domain}) {
- my $user=$env{'form.adhoccauname.'.$domain};
- if (!$user) { $user=$env{'form.adhoccaunamerecent.'.$domain} };
if (($user) && ($user=~/$match_username/) && (&is_author_homeserver($user,$domain))) {
&check_privs($domain,$user,$then,$now,'ca');
$env{'form.ca./'.$domain.'/'.$user}=1;
@@ -447,16 +476,16 @@ ENDHEADER
# -------------------------------------------------------- Generate Page Output
# --------------------------------------------------------------- Error Header?
if ($error) {
- $r->print("LON-CAPA Access Control
");
+ $r->print("".&mt('LON-CAPA Access Control')."
");
$r->print("
");
if ($priv ne '') {
- $r->print("Access : ".&Apache::lonnet::plaintext($priv)."\n");
+ $r->print(&mt('Access : ').&Apache::lonnet::plaintext($priv)."\n");
}
if ($fn ne '') {
- $r->print("Resource: ".&Apache::lonenc::check_encrypt($fn)."\n");
+ $r->print(&mt('Resource: ').&Apache::lonenc::check_encrypt($fn)."\n");
}
if ($msg ne '') {
- $r->print("Action : $msg\n");
+ $r->print(&mt('Action : ').$msg."\n");
}
$r->print("
");
my $url=$fn;