--- loncom/interface/loncommon.pm 2017/03/15 03:39:49 1.1075.2.125 +++ loncom/interface/loncommon.pm 2017/11/16 15:06:35 1.1075.2.127.2.4 @@ -1,7 +1,7 @@ # The LearningOnline Network with CAPA # a pile of common routines # -# $Id: loncommon.pm,v 1.1075.2.125 2017/03/15 03:39:49 raeburn Exp $ +# $Id: loncommon.pm,v 1.1075.2.127.2.4 2017/11/16 15:06:35 raeburn Exp $ # # Copyright Michigan State University Board of Trustees # @@ -80,6 +80,8 @@ use JSON::DWIW; use LWP::UserAgent; use Crypt::DES; use DynaLoader; # for Crypt::DES version +use File::Copy(); +use File::Path(); # ---------------------------------------------- Designs use vars qw(%defaultdesign); @@ -4992,6 +4994,87 @@ sub check_ip_acc { return $allowed; } +sub check_slotip_acc { + my ($acc,$clientip)=@_; + &Apache::lonxml::debug("acc is $acc"); + if (!defined($acc) || $acc =~ /^\s*$/ || $acc =~/^\s*no\s*$/i) { + return 1; + } + my $allowed; + my $ip=$ENV{'REMOTE_ADDR'} || $clientip || $env{'request.host'}; + + my $name; + my %access = ( + allowfrom => 1, + denyfrom => 0, + ); + my @allows; + my @denies; + foreach my $item (split(',',$acc)) { + $item =~ s/^\s*//; + $item =~ s/\s*$//; + my $pattern; + if ($item =~ /^\!(.+)$/) { + push(@denies,$1); + } else { + push(@allows,$item); + } + } + my $numdenies = scalar(@denies); + my $numallows = scalar(@allows); + my $count = 0; + foreach my $pattern (@denies,@allows) { + $count ++; + my $acctype = 'allowfrom'; + if ($count <= $numdenies) { + $acctype = 'denyfrom'; + } + if ($pattern =~ /\*$/) { + #35.8.* + $pattern=~s/\*//; + if ($ip =~ /^\Q$pattern\E/) { $allowed=$access{$acctype}; } + } elsif ($pattern =~ /(\d+\.\d+\.\d+)\.\[(\d+)-(\d+)\]$/) { + #35.8.3.[34-56] + my $low=$2; + my $high=$3; + $pattern=$1; + if ($ip =~ /^\Q$pattern\E/) { + my $last=(split(/\./,$ip))[3]; + if ($last <=$high && $last >=$low) { $allowed=$access{$acctype}; } + } + } elsif ($pattern =~ /^\*/) { + #*.msu.edu + $pattern=~s/\*//; + if (!defined($name)) { + use Socket; + my $netaddr=inet_aton($ip); + ($name)=gethostbyaddr($netaddr,AF_INET); + } + if ($name =~ /\Q$pattern\E$/i) { $allowed=$access{$acctype}; } + } elsif ($pattern =~ /\d+\.\d+\.\d+\.\d+/) { + #127.0.0.1 + if ($ip =~ /^\Q$pattern\E/) { $allowed=$access{$acctype}; } + } else { + #some.name.com + if (!defined($name)) { + use Socket; + my $netaddr=inet_aton($ip); + ($name)=gethostbyaddr($netaddr,AF_INET); + } + if ($name =~ /\Q$pattern\E$/i) { $allowed=$access{$acctype}; } + } + if ($allowed =~ /^(0|1)$/) { last; } + } + if ($allowed eq '') { + if ($numdenies && !$numallows) { + $allowed = 1; + } else { + $allowed = 0; + } + } + return $allowed; +} + ############################################### =pod @@ -7897,6 +7980,7 @@ OFFLOAD '; } + $result .= ''."\n"; return $result.''; } @@ -9574,7 +9658,7 @@ sub get_secgrprole_info { } sub user_picker { - my ($dom,$srch,$forcenewuser,$caller,$cancreate,$usertype,$context,$fixeddom) = @_; + my ($dom,$srch,$forcenewuser,$caller,$cancreate,$usertype,$context,$fixeddom,$noinstd) = @_; my $currdom = $dom; my @alldoms = &Apache::lonnet::all_domains(); if (@alldoms == 1) { @@ -9639,10 +9723,12 @@ sub user_picker { &html_escape(\%html_lt); &js_escape(\%js_lt); my $domform; + my $allow_blank = 1; if ($fixeddom) { - $domform = &select_dom_form($currdom,'srchdomain',1,1,undef,[$currdom]); + $allow_blank = 0; + $domform = &select_dom_form($currdom,'srchdomain',$allow_blank,1,undef,[$currdom]); } else { - $domform = &select_dom_form($currdom,'srchdomain',1,1); + $domform = &select_dom_form($currdom,'srchdomain',$allow_blank,1); } my $srchinsel = '