--- loncom/homework/grades.pm 2003/06/20 17:25:48 1.102 +++ loncom/homework/grades.pm 2003/06/20 20:13:18 1.103 @@ -1,7 +1,7 @@ # The LearningOnline Network with CAPA # The LON-CAPA Grading handler # -# $Id: grades.pm,v 1.102 2003/06/20 17:25:48 albertel Exp $ +# $Id: grades.pm,v 1.103 2003/06/20 20:13:18 albertel Exp $ # # Copyright Michigan State University Board of Trustees # @@ -49,6 +49,7 @@ use Apache::Constants qw(:common); use String::Similarity; my %oldessays=(); +my %perm=(); # ----- These first few routines are general use routines.---- # @@ -130,23 +131,68 @@ sub getclasslist { # filter students according to status selected if ($filterlist && $ENV{'form.status'} ne 'Any') { if ($ENV{'form.status'} ne $status) { +Apache->request->print("

removed

"); delete ($classlist->{$_}); next; } } $section = ($section ne '' ? $section : 'no'); - if ($getsec eq 'all' || $getsec eq $section) { - $sections{$section}++; - $fullnames{$_}=$fullname; - } else { - delete($classlist->{$_}); - } + if (&canview($section)) { + if ($getsec eq 'all' || $getsec eq $section) { + $sections{$section}++; + $fullnames{$_}=$fullname; + } else { + delete($classlist->{$_}); + } + } else { + delete($classlist->{$_}); + } } my %seen = (); my @sections = sort(keys(%sections)); return ($classlist,\@sections,\%fullnames); } +sub canmodify { + my ($sec)=@_; + if ($perm{'mgr'}) { + if (!defined($perm{'mgr_section'})) { + # can modify whole class + return 1; + } else { + if ($sec eq $perm{'mgr_section'}) { + #can modify the requested section + return 1; + } else { + # can't modify the request section + return 0; + } + } + } + #can't modify + return 0; +} + +sub canview { + my ($sec)=@_; + if ($perm{'vgr'}) { + if (!defined($perm{'vgr_section'})) { + # can modify whole class + return 1; + } else { + if ($sec eq $perm{'vgr_section'}) { + #can modify the requested section + return 1; + } else { + # can't modify the request section + return 0; + } + } + } + #can't modify + return 0; +} + #--- Retrieve the grade status of a student for all the parts sub student_gradeStatus { my ($url,$symb,$udom,$uname,$partlist) = @_; @@ -2486,6 +2532,7 @@ LISTJAVASCRIPT ' all details'."\n"; $result.=''."\n". + ''."\n". ''."\n". ''."\n". ''."\n". @@ -2593,9 +2640,14 @@ sub displayPage { my $cnum = $ENV{"course.$ENV{'request.course.id'}.num"}; my $getsec = $ENV{'form.section'} eq '' ? 'all' : $ENV{'form.section'}; my $pageTitle = $ENV{'form.page'}; - my (undef,undef,$fullname) = &getclasslist($getsec,'1'); + my ($classlist,undef,$fullname) = &getclasslist($getsec,'1'); my ($uname,$udom) = split(/:/,$ENV{'form.student'}); - + my $usec=$classlist->{$ENV{'form.student'}}[5]; + if (!&canview($usec)) { + $request->print('Unable to view requested student.('.$ENV{'form.student'}.')'); + $request->print(&show_grading_menu_form($symb,$url)); + return; + } my $result='

 '.$ENV{'form.title'}.'

'; $result.='

 Student: '.$$fullname{$ENV{'form.student'}}. ' ('.$uname.($udom eq $cdom ? '':':'.$udom).')

'."\n"; @@ -2708,15 +2760,16 @@ sub displayPage { '','.submission'); } - - foreach my $partid (@{$parts}) { - $studentTable.=&gradeBox($request,$symbx,$uname,$udom,$question,$partid,\%record); - $studentTable.=''."\n"; - $question++; + if (&canmodify($usec)) { + foreach my $partid (@{$parts}) { + $studentTable.=&gradeBox($request,$symbx,$uname,$udom,$question,$partid,\%record); + $studentTable.=''."\n"; + $question++; + } } $studentTable.=''; - } + } $curRes = $iterator->next(); } @@ -2739,9 +2792,14 @@ sub updateGradeByPage { my $cnum = $ENV{"course.$ENV{'request.course.id'}.num"}; my $getsec = $ENV{'form.section'} eq '' ? 'all' : $ENV{'form.section'}; my $pageTitle = $ENV{'form.page'}; - my (undef,undef,$fullname) = &getclasslist($getsec,'1'); + my ($classlist,undef,$fullname) = &getclasslist($getsec,'1'); my ($uname,$udom) = split(/:/,$ENV{'form.student'}); - + my $usec=$classlist->{$ENV{'form.student'}}[5]; + if (!&canmodify($usec)) { + $request->print('Unable to modify requested student.('.$ENV{'form.student'}.''); + $request->print(&show_grading_menu_form($ENV{'form.symb'},$ENV{'form.url'})); + return; + } my $result='

 '.$ENV{'form.title'}.'

'; $result.='

 Student: '.$$fullname{$ENV{'form.student'}}. ' ('.$uname.($udom eq $cdom ? '':':'.$udom).')

'."\n"; @@ -3360,7 +3418,7 @@ GRADINGMENUJS sub handler { my $request=$_[0]; - undef(%Apache::grades::perm); + undef(%perm); if ($ENV{'browser.mathml'}) { $request->content_type('text/xml'); } else { @@ -3405,26 +3463,28 @@ sub handler { } } } else { - if (!($Apache::grades::perm{'vgr'}=&Apache::lonnet::allowed('vgr',$ENV{'request.course.id'}))) { - if ($Apache::grades::perm{'vgr'}=&Apache::lonnet::allowed('vgr',$ENV{'request.course.id'}.'/'.$ENV{'request.course.sec'})) { - $Apache::grades::perm{'vgr_section'}=$ENV{'request.course.sec'}; + if (!($perm{'vgr'}=&Apache::lonnet::allowed('vgr',$ENV{'request.course.id'}))) { + if ($perm{'vgr'}=&Apache::lonnet::allowed('vgr',$ENV{'request.course.id'}.'/'.$ENV{'request.course.sec'})) { + $perm{'vgr_section'}=$ENV{'request.course.sec'}; } else { - delete($Apache::grades::perm{'vgr'}); + delete($perm{'vgr'}); } } - if (!($Apache::grades::perm{'mgr'}=&Apache::lonnet::allowed('mgr',$ENV{'request.course.id'}))) { - if ($Apache::grades::perm{'mgr'}=&Apache::lonnet::allowed('mgr',$ENV{'request.course.id'}.'/'.$ENV{'request.course.sec'})) { - $Apache::grades::perm{'mgr_section'}=$ENV{'request.course.sec'}; + if (!($perm{'mgr'}=&Apache::lonnet::allowed('mgr',$ENV{'request.course.id'}))) { + if ($perm{'mgr'}=&Apache::lonnet::allowed('mgr',$ENV{'request.course.id'}.'/'.$ENV{'request.course.sec'})) { + $perm{'mgr_section'}=$ENV{'request.course.sec'}; } else { - delete($Apache::grades::perm{'mgr'}); + delete($perm{'mgr'}); } } +# $Apache::lonxml::debug=1; +# &Apache::lonxml::debug("command is $command"); if ($command eq 'submission') { ($ENV{'form.student'} eq '' ? &listStudents($request) : &submission($request,0,0)); - } elsif ($command eq 'pickStudentPage') { + } elsif ($command eq 'pickStudentPage' && $perm{'vgr'}) { &pickStudentPage($request); - } elsif ($command eq 'displayPage') { + } elsif ($command eq 'displayPage' && $perm{'vgr'}) { &displayPage($request); } elsif ($command eq 'gradeByPage') { &updateGradeByPage($request);