[LON-CAPA-cvs] cvs: loncom /interface lonmenu.pm

raeburn raeburn at source.lon-capa.org
Mon Sep 26 00:27:44 EDT 2011


raeburn		Mon Sep 26 04:27:44 2011 EDT

  Modified files:              
    /loncom/interface	lonmenu.pm 
  Log:
  - Bug 6510.
    - If course role selected with role switcher does not have privileges to 
      view current page, prompt user to cancel or proceed, but indicate the 
      main menu page will be loaded instead.
  
  
-------------- next part --------------
Index: loncom/interface/lonmenu.pm
diff -u loncom/interface/lonmenu.pm:1.349 loncom/interface/lonmenu.pm:1.350
--- loncom/interface/lonmenu.pm:1.349	Fri May 27 18:39:20 2011
+++ loncom/interface/lonmenu.pm	Mon Sep 26 04:27:44 2011
@@ -1,7 +1,7 @@
 # The LearningOnline Network with CAPA
 # Routines to control the menu
 #
-# $Id: lonmenu.pm,v 1.349 2011/05/27 18:39:20 raeburn Exp $
+# $Id: lonmenu.pm,v 1.350 2011/09/26 04:27:44 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -1314,7 +1314,7 @@
     my ($cdom,$cnum) = @_;
     my $crstype = &Apache::loncommon::course_type();
     my $now = time;
-    my (%courseroles,%seccount);
+    my (%courseroles,%seccount,%courseprivs);
     my $is_cc;
     my $role_selector;
     my $ccrole;
@@ -1322,7 +1322,17 @@
         $ccrole = 'co';
     } else {
         $ccrole = 'cc';
-    } 
+    }
+    my $priv;
+    my $destinationurl = $ENV{'REQUEST_URI'};
+    my $reqprivs = &required_privs();
+    if (ref($reqprivs) eq 'HASH') {
+        my $destination = $destinationurl;
+        $destination =~ s/(\?.*)$//;
+        if (exists($reqprivs->{$destination})) {
+            $priv = $reqprivs->{$destination};
+        }
+    }
     if ($env{'user.role.'.$ccrole.'./'.$cdom.'/'.$cnum}) {
         my ($start,$end) = split(/\./,$env{'user.role.'.$ccrole.'./'.$cdom.'/'.$cnum});
         
@@ -1335,7 +1345,7 @@
         }
     }
     if ($is_cc) {
-        &get_all_courseroles($cdom,$cnum,\%courseroles,\%seccount);
+        &get_all_courseroles($cdom,$cnum,\%courseroles,\%seccount,\%courseprivs,$priv);
     } else {
         my %gotnosection;
         foreach my $item (keys(%env)) {
@@ -1351,6 +1361,18 @@
                         $gotnosection{$role} = 1;
                     }
                 }
+                if ($priv ne '') {
+                    my $cnumsec = $cnum;
+                    if ($sec ne '') {
+                        $cnumsec .= "/$sec";
+                    }
+                    $courseprivs{"$role./$cdom/$cnumsec./"} =
+                        $env{"user.priv.$role./$cdom/$cnumsec./"};
+                    $courseprivs{"$role./$cdom/$cnumsec./$cdom/"} =
+                        $env{"user.priv.$role./$cdom/$cnumsec./$cdom/"};
+                    $courseprivs{"$role./$cdom/$cnumsec./$cdom/$cnumsec"} =
+                        $env{"user.priv.$role./$cdom/$cnumsec./$cdom/$cnumsec"};
+                }
                 if (ref($courseroles{$role}) eq 'ARRAY') {
                     if ($sec ne '') {
                         if (!grep(/^\Q$sec\E$/,@{$courseroles{$role}})) {
@@ -1376,7 +1398,7 @@
     }
     my @roles_order = ($ccrole,'in','ta','ep','ad','st');
     if (keys(%courseroles) > 1) {
-        $role_selector = &jump_to_role($cdom,$cnum,\%seccount,\%courseroles);
+        $role_selector = &jump_to_role($cdom,$cnum,\%seccount,\%courseroles,\%courseprivs,$priv);
         $role_selector .= '<form name="rolechooser" method="post" action="/adm/roles">
                           <select name="switchrole" onchange="javascript:adhocRole('."'switchrole'".')">';
         $role_selector .= '<option value="">'.$switchtext.'</option>';
@@ -1392,7 +1414,7 @@
         }
         $role_selector .= '</select>'."\n".
                '<input type="hidden" name="destinationurl" value="'.
-               &HTML::Entities::encode($ENV{'REQUEST_URI'}).'" />'."\n".
+               &HTML::Entities::encode($destinationurl).'" />'."\n".
                '<input type="hidden" name="gotorole" value="1" />'."\n".
                '<input type="hidden" name="selectrole" value="" />'."\n".
                '<input type="hidden" name="switch" value="1" />'."\n".
@@ -1402,8 +1424,9 @@
 }
 
 sub get_all_courseroles {
-    my ($cdom,$cnum,$courseroles,$seccount) = @_;
-    unless ((ref($courseroles) eq 'HASH') && (ref($seccount) eq 'HASH')) {
+    my ($cdom,$cnum,$courseroles,$seccount,$courseprivs) = @_;
+    unless ((ref($courseroles) eq 'HASH') && (ref($seccount) eq 'HASH') ||
+            (ref($courseprivs) eq 'HASH')) {
         return;
     }
     my ($result,$cached) = 
@@ -1411,9 +1434,11 @@
     if (defined($cached)) {
         if (ref($result) eq 'HASH') {
             if ((ref($result->{'roles'}) eq 'HASH') && 
-                (ref($result->{'seccount'}) eq 'HASH')) {
+                (ref($result->{'seccount'}) eq 'HASH') && 
+                (ref($result->{'privs'}) eq 'HASH')) {
                 %{$courseroles} = %{$result->{'roles'}};
                 %{$seccount} = %{$result->{'seccount'}};
+                %{$courseprivs} = %{$result->{'privs'}};
                 return;
             }
         }
@@ -1441,23 +1466,34 @@
                 push(@{$courseroles->{$urole}},$usec);
             }
         }
+        my $area = '/'.$cdom.'/'.$cnum;
+        if ($usec ne '') {
+            $area .= '/'.$usec;
+        }
+        if ($role =~ /^cr\//) {
+            &Apache::lonnet::custom_roleprivs($courseprivs,$urole,$cdom,$cnum,$urole.'.'.$area,$area);
+        } else {
+            &Apache::lonnet::standard_roleprivs($courseprivs,$urole,$cdom,$urole.'.'.$area,$cnum,$area);
+        }
     }
     my %sections_count = &Apache::loncommon::get_sections($cdom,$cnum,['st']);
     @{$courseroles->{'st'}} = ();
+    &Apache::lonnet::standard_roleprivs($courseprivs,'st',$cdom,"st./$cdom/$cnum",$cnum,"/$cdom/$cnum");
     if (keys(%sections_count) > 0) {
         push(@{$courseroles->{'st'}},keys(%sections_count));
-        $seccount->{'st'} = scalar(keys(%sections_count)); 
+        $seccount->{'st'} = scalar(keys(%sections_count));
     }
     my $rolehash = {
                      'roles'    => $courseroles,
                      'seccount' => $seccount,
+                     'privs'    => $courseprivs,
                    };
     &Apache::lonnet::do_cache_new('getcourseroles',$cdom.'_'.$cnum,$rolehash);
     return;
 }
 
 sub jump_to_role {
-    my ($cdom,$cnum,$seccount,$courseroles) = @_;
+    my ($cdom,$cnum,$seccount,$courseroles,$courseprivs,$priv) = @_;
     my %lt = &Apache::lonlocal::texthash(
                 this => 'This role has section(s) associated with it.',
                 ente => 'Enter a specific section.',
@@ -1465,6 +1501,8 @@
                 avai => 'Available sections are:',
                 youe => 'You entered an invalid section choice:',
                 plst => 'Please try again',
+                role => 'The role you selected is not permitted to view the current page.',
+                swit => 'Switch role, but display Main Menu page instead?',
     );
     my $js;
     if (ref($courseroles) eq 'HASH') {
@@ -1487,6 +1525,37 @@
                    '    numsec['.$i.'] = "'.$seccount->{$items[$i]}.'";'."\n";
         }
     }
+    my $checkroles = 0;
+    if ($priv && ref($courseprivs) eq 'HASH') {
+        my (%disallowed,%allowed, at disallow);
+        foreach my $role (sort(keys(%{$courseprivs}))) {
+            my $trole;
+            if ($role =~ m{^(.+?)\Q./$cdom/$cnum\E}) {
+                $trole = $1;
+            }
+            if (($trole ne '') && ($trole ne 'cm')) {
+                if ($courseprivs->{$role} =~ /\Q:$priv\E($|:|\&\w+)/) {
+                    $allowed{$trole} = 1;
+                } else {
+                    $disallowed{$trole} = 1;
+                }
+            }
+        }
+        foreach my $trole (keys(%disallowed)) {
+            unless ($allowed{$trole}) {
+                push(@disallow,$trole);
+            }
+        }
+        if (@disallow > 0) {
+            $checkroles = 1;
+            $js .= "    var disallow = new Array('".join("','", at disallow)."');\n".
+                   "    var rolecheck = 1;\n";
+        }
+    }
+    if (!$checkroles) {
+        $js .=  "    var disallow = new Array();\n".
+                "    rolecheck = 0;\n";
+    }
     return <<"END";
 <script type="text/javascript">
 //<![CDATA[
@@ -1494,7 +1563,7 @@
     $js
     var newrole =  document.rolechooser.elements[roleitem].options[document.rolechooser.elements[roleitem].selectedIndex].value;
     if (newrole == '') {
-        return; 
+        return;
     } 
     var fullrole = newrole+'./$cdom/$cnum';
     var selidx = '';
@@ -1503,6 +1572,18 @@
             selidx = i;
         }
     }
+    if (rolecheck > 0) {
+        for (var i=0; i<disallow.length; i++) {
+            if (disallow[i] == newrole) {
+                if (confirm("$lt{'role'}\\n$lt{'swit'}")) {
+                    document.rolechooser.destinationurl.value = '/adm/menu';
+                } else {
+                    document.rolechooser.elements[roleitem].selectedIndex = 0;
+                    return;
+                }
+            }
+        }
+    }
     var secok = 1;
     var secchoice = '';
     if (selidx >= 0) {
@@ -1540,6 +1621,7 @@
         return;
     }
     if (fullrole == "$env{'request.role'}") {
+        document.rolechooser.elements[roleitem].selectedIndex = 0;
         return;
     }
     itemid = retrieveIndex('gotorole');
@@ -1565,6 +1647,22 @@
 END
 }
 
+sub required_privs {
+    my $privs =  {
+             '/adm/parmset'      => 'opa',
+             '/adm/courseprefs'  => 'opa',
+             '/adm/whatsnew'     => 'whn',
+             '/adm/populate'     => 'cst',
+             '/adm/trackstudent' => 'vsa',
+             '/adm/statistics'   => 'vgr',
+           };
+    unless ($env{'course.'.$env{'request.course.id'}.'.grading'} eq 'spreadsheet') {
+        $privs->{'/adm/classcalc'}   => 'vgr',
+        $privs->{'/adm/assesscalc'}  => 'vgr',
+        $privs->{'/adm/studentcalc'} => 'vgr';
+    }
+    return $privs;
+}
 
 # ================================================================ Main Program
 


More information about the LON-CAPA-cvs mailing list