version 1.5, 2008/12/25 05:49:20
|
version 1.8, 2020/12/18 15:23:03
|
Line 38 use LONCAPA::lonauthcgi;
|
Line 38 use LONCAPA::lonauthcgi;
|
|
|
sub handler { |
sub handler { |
my $r = shift; |
my $r = shift; |
my $reqhost = $r->get_remote_host(REMOTE_NOLOOKUP); |
my $reqhost = &Apache::lonnet::get_requestor_ip($r,REMOTE_NOLOOKUP); |
my $page = 'server-status'; |
my $page = 'server-status'; |
if (($r->uri eq '/adm/domainstatus') || |
if (($r->uri eq '/adm/domainstatus') || |
($r->uri eq '/adm/test')) { |
($r->uri eq '/adm/test')) { |
Line 82 sub handler {
|
Line 82 sub handler {
|
} |
} |
} |
} |
} |
} |
} elsif (&LONCAPA::lonauthcgi::check_ipbased_access($page,$reqhost)) { |
} |
|
if (&LONCAPA::lonauthcgi::check_ipbased_access($page,$reqhost)) { |
return OK; |
return OK; |
} else { |
} |
if (&LONCAPA::loncgi::check_cookie_and_load_env($r)) { |
if (&LONCAPA::loncgi::check_cookie_and_load_env($r)) { |
if (&LONCAPA::lonauthcgi::can_view($page)) { |
if (&LONCAPA::lonauthcgi::can_view($page)) { |
return OK; |
return OK; |
} |
|
} |
} |
} |
} |
$r->log_reason("Invalid request for server status from $reqhost", |
$r->log_reason("Invalid request for server status from $reqhost", |
Line 161 The check for whether access is allowed
|
Line 161 The check for whether access is allowed
|
Access requires a valid session - checked using |
Access requires a valid session - checked using |
LONCAPA::loncgi::check_cookie_and_load_env(). |
LONCAPA::loncgi::check_cookie_and_load_env(). |
If so, access is allowed if one of the following is true: |
If so, access is allowed if one of the following is true: |
(i) Requestor has LON-CAPA superuser role, or |
(i) Requestor's role is LON-CAPA superuser role. |
(ii) Requestor's role is Domain Coordinator in one of the domains |
(ii) Requestor has a Domain Coordinator role in the domain of the |
hosted on this server |
requestor ($env{'user.domain'}), regardless of requestor's role. |
(iii) Domain configurations for domains hosted on this server include |
(iii) Domain configurations for the domain of the current user include |
the requestor as one of the named users (username:domain) with access |
the requestor as one of the named users (username:domain) with access |
to the page. |
to the page. |
(iv) IP address of requestor is listed in domain configuration list |
(iv) IP address of requestor is listed in domain configuration list |
of allowed machines for any of the domains hosted on this server |
of allowed IPs for the domain of the current user. |
|
|
=cut |
=cut |
|
|