version 1.3, 2008/12/22 21:13:19
|
version 1.8, 2020/12/18 15:23:03
|
Line 34 use strict;
|
Line 34 use strict;
|
use Apache::Constants qw(:common :http :remotehost); |
use Apache::Constants qw(:common :http :remotehost); |
use Apache::lonnet; |
use Apache::lonnet; |
use LONCAPA::loncgi; |
use LONCAPA::loncgi; |
|
use LONCAPA::lonauthcgi; |
|
|
sub handler { |
sub handler { |
my $r = shift; |
my $r = shift; |
my $reqhost = $r->get_remote_host(REMOTE_NOLOOKUP); |
my $reqhost = &Apache::lonnet::get_requestor_ip($r,REMOTE_NOLOOKUP); |
my $page = 'serverstatus'; |
my $page = 'server-status'; |
if (($r->uri eq '/adm/domainstatus') || |
if (($r->uri eq '/adm/domainstatus') || |
($r->uri eq '/adm/test')) { |
($r->uri eq '/adm/test')) { |
if (&LONCAPA::loncgi::check_cookie_and_load_env($r)) { |
if (&LONCAPA::loncgi::check_cookie_and_load_env($r)) { |
Line 46 sub handler {
|
Line 47 sub handler {
|
return OK; |
return OK; |
} elsif ($r->uri eq '/adm/test') { |
} elsif ($r->uri eq '/adm/test') { |
$page = 'showenv'; |
$page = 'showenv'; |
if (&LONCAPA::loncgi::can_view($page)) { |
if (&LONCAPA::lonauthcgi::can_view($page)) { |
return OK; |
return OK; |
} elsif (&LONCAPA::loncgi::check_ipbased_access($page,$reqhost)) { |
} elsif (&LONCAPA::lonauthcgi::check_ipbased_access($page,$reqhost)) { |
return OK; |
return OK; |
} else { |
} else { |
$Apache::lonnet::env{'user.error.msg'} = |
$Apache::lonnet::env{'user.error.msg'} = |
Line 81 sub handler {
|
Line 82 sub handler {
|
} |
} |
} |
} |
} |
} |
} elsif (&LONCAPA::loncgi::check_ipbased_access($page,$reqhost)) { |
} |
|
if (&LONCAPA::lonauthcgi::check_ipbased_access($page,$reqhost)) { |
return OK; |
return OK; |
} else { |
} |
if (&LONCAPA::loncgi::check_cookie_and_load_env($r)) { |
if (&LONCAPA::loncgi::check_cookie_and_load_env($r)) { |
if (&LONCAPA::loncgi::can_view($page)) { |
if (&LONCAPA::lonauthcgi::can_view($page)) { |
return OK; |
return OK; |
} |
|
} |
} |
} |
} |
$r->log_reason("Invalid request for server status from $reqhost", |
$r->log_reason("Invalid request for server status from $reqhost", |
Line 160 The check for whether access is allowed
|
Line 161 The check for whether access is allowed
|
Access requires a valid session - checked using |
Access requires a valid session - checked using |
LONCAPA::loncgi::check_cookie_and_load_env(). |
LONCAPA::loncgi::check_cookie_and_load_env(). |
If so, access is allowed if one of the following is true: |
If so, access is allowed if one of the following is true: |
(i) Requestor has LON-CAPA superuser role, or |
(i) Requestor's role is LON-CAPA superuser role. |
(ii) Requestor's role is Domain Coordinator in one of the domains |
(ii) Requestor has a Domain Coordinator role in the domain of the |
hosted on this server |
requestor ($env{'user.domain'}), regardless of requestor's role. |
(iii) Domain configurations for domains hosted on this server include |
(iii) Domain configurations for the domain of the current user include |
the requestor as one of the named users (username:domain) with access |
the requestor as one of the named users (username:domain) with access |
to the page. |
to the page. |
(iv) IP address of requestor is listed in domain configuration list |
(iv) IP address of requestor is listed in domain configuration list |
of allowed machines for any of the domains hosted on this server |
of allowed IPs for the domain of the current user. |
|
|
=cut |
=cut |
|
|