From 10df8657c1c138c0d0ab1d4796c552fcec0c299b Mon Sep 17 00:00:00 2001 From: David Mudrak Date: Fri, 4 Nov 2011 09:33:58 +0100 Subject: [PATCH] MDL-29977 MNet does not allow to start a remote session when masquerading as another user --- auth/mnet/auth.php | 4 ++++ blocks/mnet_hosts/block_mnet_hosts.php | 7 +++++++ lang/en/mnet.php | 1 + 3 files changed, 12 insertions(+) diff --git a/auth/mnet/auth.php b/auth/mnet/auth.php index b4e733c9140..f6938f36bb2 100644 --- a/auth/mnet/auth.php +++ b/auth/mnet/auth.php @@ -132,6 +132,10 @@ class auth_plugin_mnet extends auth_plugin_base { global $CFG, $USER, $DB; require_once $CFG->dirroot . '/mnet/xmlrpc/client.php'; + if (session_is_loggedinas()) { + print_error('notpermittedtojumpas', 'mnet'); + } + // check remote login permissions if (! has_capability('moodle/site:mnetlogintoremote', get_system_context()) or is_mnet_remote_user($USER) diff --git a/blocks/mnet_hosts/block_mnet_hosts.php b/blocks/mnet_hosts/block_mnet_hosts.php index 1af74ac71f3..3c6916bf09c 100644 --- a/blocks/mnet_hosts/block_mnet_hosts.php +++ b/blocks/mnet_hosts/block_mnet_hosts.php @@ -25,6 +25,13 @@ class block_mnet_hosts extends block_list { return false; } + if (session_is_loggedinas()) { + $this->content = new stdClass(); + $this->content->footer = html_writer::tag('span', + get_string('notpermittedtojumpas', 'mnet')); + return $this->content; + } + // according to start_jump_session, // remote users can't on-jump // so don't show this block to them diff --git a/lang/en/mnet.php b/lang/en/mnet.php index cae5f9c08b0..bb9b4764c50 100644 --- a/lang/en/mnet.php +++ b/lang/en/mnet.php @@ -159,6 +159,7 @@ $string['notinxmlrpcserver'] = 'Attempt to access the MNet remote client, not du $string['notmoodleapplication'] = 'WARNING: This is not a Moodle application, so some of the inspection methods may not work properly.'; $string['notPEM'] = 'This key is not in PEM format. It will not work.'; $string['notpermittedtojump'] = 'You do not have permission to begin a remote session from this Moodle server.'; +$string['notpermittedtojumpas'] = 'You can\'t begin a remote session while you are logged in as another user.'; $string['notpermittedtoland'] = 'You do not have permission to begin a remote session.'; $string['off'] = 'Off'; $string['on'] = 'On';