|
version 1.1172.2.64, 2015/04/09 18:24:44
|
version 1.1172.2.65, 2015/04/19 22:42:56
|
|
Line 6699 sub customaccess {
|
Line 6699 sub customaccess {
|
| # ------------------------------------------------- Check for a user privilege |
# ------------------------------------------------- Check for a user privilege |
| |
|
| sub allowed { |
sub allowed { |
| my ($priv,$uri,$symb,$role)=@_; |
my ($priv,$uri,$symb,$role,$clientip,$noblockcheck)=@_; |
| my $ver_orguri=$uri; |
my $ver_orguri=$uri; |
| $uri=&deversion($uri); |
$uri=&deversion($uri); |
| my $orguri=$uri; |
my $orguri=$uri; |
|
Line 6894 sub allowed {
|
Line 6894 sub allowed {
|
| if ($match) { |
if ($match) { |
| if ($env{'user.priv.'.$env{'request.role'}.'./'} |
if ($env{'user.priv.'.$env{'request.role'}.'./'} |
| =~/\Q$priv\E\&([^\:]*)/) { |
=~/\Q$priv\E\&([^\:]*)/) { |
| my @blockers = &has_comm_blocking($priv,$symb,$uri); |
my $value = $1; |
| if (@blockers > 0) { |
if ($noblockcheck) { |
| $thisallowed = 'B'; |
$thisallowed.=$value; |
| } else { |
} else { |
| $thisallowed.=$1; |
my @blockers = &has_comm_blocking($priv,$symb,$uri); |
| |
if (@blockers > 0) { |
| |
$thisallowed = 'B'; |
| |
} else { |
| |
$thisallowed.=$value; |
| |
} |
| } |
} |
| } |
} |
| } else { |
} else { |
|
Line 6910 sub allowed {
|
Line 6915 sub allowed {
|
| $refuri=&declutter($refuri); |
$refuri=&declutter($refuri); |
| my ($match) = &is_on_map($refuri); |
my ($match) = &is_on_map($refuri); |
| if ($match) { |
if ($match) { |
| my @blockers = &has_comm_blocking($priv,$symb,$refuri); |
if ($noblockcheck) { |
| if (@blockers > 0) { |
|
| $thisallowed = 'B'; |
|
| } else { |
|
| $thisallowed='F'; |
$thisallowed='F'; |
| |
} else { |
| |
my @blockers = &has_comm_blocking($priv,$symb,$refuri); |
| |
if (@blockers > 0) { |
| |
$thisallowed = 'B'; |
| |
} else { |
| |
$thisallowed='F'; |
| |
} |
| } |
} |
| } |
} |
| } |
} |
|
Line 6969 sub allowed {
|
Line 6978 sub allowed {
|
| =~/\Q$priv\E\&([^\:]*)/) { |
=~/\Q$priv\E\&([^\:]*)/) { |
| my $value = $1; |
my $value = $1; |
| if ($priv eq 'bre') { |
if ($priv eq 'bre') { |
| my @blockers = &has_comm_blocking($priv,$symb,$uri); |
if ($noblockcheck) { |
| if (@blockers > 0) { |
|
| $thisallowed = 'B'; |
|
| } else { |
|
| $thisallowed.=$value; |
$thisallowed.=$value; |
| |
} else { |
| |
my @blockers = &has_comm_blocking($priv,$symb,$uri); |
| |
if (@blockers > 0) { |
| |
$thisallowed = 'B'; |
| |
} else { |
| |
$thisallowed.=$value; |
| |
} |
| } |
} |
| } else { |
} else { |
| $thisallowed.=$value; |
$thisallowed.=$value; |
|
Line 7007 sub allowed {
|
Line 7020 sub allowed {
|
| =~/\Q$priv\E\&([^\:]*)/) { |
=~/\Q$priv\E\&([^\:]*)/) { |
| my $value = $1; |
my $value = $1; |
| if ($priv eq 'bre') { |
if ($priv eq 'bre') { |
| my @blockers = &has_comm_blocking($priv,$symb,$refuri); |
if ($noblockcheck) { |
| if (@blockers > 0) { |
|
| $thisallowed = 'B'; |
|
| } else { |
|
| $thisallowed.=$value; |
$thisallowed.=$value; |
| |
} else { |
| |
my @blockers = &has_comm_blocking($priv,$symb,$refuri); |
| |
if (@blockers > 0) { |
| |
$thisallowed = 'B'; |
| |
} else { |
| |
$thisallowed.=$value; |
| |
} |
| } |
} |
| } else { |
} else { |
| $thisallowed.=$value; |
$thisallowed.=$value; |
|
Line 7331 sub has_comm_blocking {
|
Line 7348 sub has_comm_blocking {
|
| if ($mapsymb) { |
if ($mapsymb) { |
| if (ref($navmap)) { |
if (ref($navmap)) { |
| my $mapres = $navmap->getBySymb($mapsymb); |
my $mapres = $navmap->getBySymb($mapsymb); |
| @to_test = $mapres->retrieveResources($mapres); |
@to_test = $mapres->retrieveResources($mapres,undef,0,0,0,1); |
| foreach my $res (@to_test) { |
foreach my $res (@to_test) { |
| my $symb = $res->symb(); |
my $symb = $res->symb(); |
| next if ($symb eq $mapsymb); |
next if ($symb eq $mapsymb); |
|
Line 12836 escaped strings of the action recorded i
|
Line 12853 escaped strings of the action recorded i
|
| |
|
| =item * |
=item * |
| |
|
| allowed($priv,$uri,$symb,$role) : check for a user privilege; returns codes for allowed actions |
allowed($priv,$uri,$symb,$role,$clientip,$noblockcheck) : check for a user privilege; |
| |
returns codes for allowed actions. |
| |
|
| |
The first argument is required, all others are optional. |
| |
|
| |
$priv is the privilege being checked. |
| |
$uri contains additional information about what is being checked for access (e.g., |
| |
URL, course ID etc.). |
| |
$symb is the unique resource instance identifier in a course; if needed, |
| |
but not provided, it will be retrieved via a call to &symbread(). |
| |
$role is the role for which a priv is being checked (only used if priv is evb). |
| |
$clientip is the user's IP address (only used when checking for access to portfolio |
| |
files). |
| |
$noblockcheck, if true, skips calls to &has_comm_blocking() for the bre priv. This |
| |
prevents recursive calls to &allowed. |
| |
|
| F: full access |
F: full access |
| U,I,K: authentication modes (cxx only) |
U,I,K: authentication modes (cxx only) |
| '': forbidden |
'': forbidden |
| 1: user needs to choose course |
1: user needs to choose course |
| 2: browse allowed |
2: browse allowed |
| A: passphrase authentication needed |
A: passphrase authentication needed |
| |
B: access temporarily blocked because of a blocking event in a course. |
| |
|
| =item * |
=item * |
| |
|
![[BACK]](/icons/back.gif){kind=icon}
Return to lonnet.pm CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [LON-CAPA] / loncom / lonnet / perl