[LON-CAPA-cvs] cvs: loncom /interface lonmenu.pm
raeburn
raeburn at source.lon-capa.org
Mon Sep 26 00:27:44 EDT 2011
raeburn Mon Sep 26 04:27:44 2011 EDT
Modified files:
/loncom/interface lonmenu.pm
Log:
- Bug 6510.
- If course role selected with role switcher does not have privileges to
view current page, prompt user to cancel or proceed, but indicate the
main menu page will be loaded instead.
-------------- next part --------------
Index: loncom/interface/lonmenu.pm
diff -u loncom/interface/lonmenu.pm:1.349 loncom/interface/lonmenu.pm:1.350
--- loncom/interface/lonmenu.pm:1.349 Fri May 27 18:39:20 2011
+++ loncom/interface/lonmenu.pm Mon Sep 26 04:27:44 2011
@@ -1,7 +1,7 @@
# The LearningOnline Network with CAPA
# Routines to control the menu
#
-# $Id: lonmenu.pm,v 1.349 2011/05/27 18:39:20 raeburn Exp $
+# $Id: lonmenu.pm,v 1.350 2011/09/26 04:27:44 raeburn Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -1314,7 +1314,7 @@
my ($cdom,$cnum) = @_;
my $crstype = &Apache::loncommon::course_type();
my $now = time;
- my (%courseroles,%seccount);
+ my (%courseroles,%seccount,%courseprivs);
my $is_cc;
my $role_selector;
my $ccrole;
@@ -1322,7 +1322,17 @@
$ccrole = 'co';
} else {
$ccrole = 'cc';
- }
+ }
+ my $priv;
+ my $destinationurl = $ENV{'REQUEST_URI'};
+ my $reqprivs = &required_privs();
+ if (ref($reqprivs) eq 'HASH') {
+ my $destination = $destinationurl;
+ $destination =~ s/(\?.*)$//;
+ if (exists($reqprivs->{$destination})) {
+ $priv = $reqprivs->{$destination};
+ }
+ }
if ($env{'user.role.'.$ccrole.'./'.$cdom.'/'.$cnum}) {
my ($start,$end) = split(/\./,$env{'user.role.'.$ccrole.'./'.$cdom.'/'.$cnum});
@@ -1335,7 +1345,7 @@
}
}
if ($is_cc) {
- &get_all_courseroles($cdom,$cnum,\%courseroles,\%seccount);
+ &get_all_courseroles($cdom,$cnum,\%courseroles,\%seccount,\%courseprivs,$priv);
} else {
my %gotnosection;
foreach my $item (keys(%env)) {
@@ -1351,6 +1361,18 @@
$gotnosection{$role} = 1;
}
}
+ if ($priv ne '') {
+ my $cnumsec = $cnum;
+ if ($sec ne '') {
+ $cnumsec .= "/$sec";
+ }
+ $courseprivs{"$role./$cdom/$cnumsec./"} =
+ $env{"user.priv.$role./$cdom/$cnumsec./"};
+ $courseprivs{"$role./$cdom/$cnumsec./$cdom/"} =
+ $env{"user.priv.$role./$cdom/$cnumsec./$cdom/"};
+ $courseprivs{"$role./$cdom/$cnumsec./$cdom/$cnumsec"} =
+ $env{"user.priv.$role./$cdom/$cnumsec./$cdom/$cnumsec"};
+ }
if (ref($courseroles{$role}) eq 'ARRAY') {
if ($sec ne '') {
if (!grep(/^\Q$sec\E$/,@{$courseroles{$role}})) {
@@ -1376,7 +1398,7 @@
}
my @roles_order = ($ccrole,'in','ta','ep','ad','st');
if (keys(%courseroles) > 1) {
- $role_selector = &jump_to_role($cdom,$cnum,\%seccount,\%courseroles);
+ $role_selector = &jump_to_role($cdom,$cnum,\%seccount,\%courseroles,\%courseprivs,$priv);
$role_selector .= '<form name="rolechooser" method="post" action="/adm/roles">
<select name="switchrole" onchange="javascript:adhocRole('."'switchrole'".')">';
$role_selector .= '<option value="">'.$switchtext.'</option>';
@@ -1392,7 +1414,7 @@
}
$role_selector .= '</select>'."\n".
'<input type="hidden" name="destinationurl" value="'.
- &HTML::Entities::encode($ENV{'REQUEST_URI'}).'" />'."\n".
+ &HTML::Entities::encode($destinationurl).'" />'."\n".
'<input type="hidden" name="gotorole" value="1" />'."\n".
'<input type="hidden" name="selectrole" value="" />'."\n".
'<input type="hidden" name="switch" value="1" />'."\n".
@@ -1402,8 +1424,9 @@
}
sub get_all_courseroles {
- my ($cdom,$cnum,$courseroles,$seccount) = @_;
- unless ((ref($courseroles) eq 'HASH') && (ref($seccount) eq 'HASH')) {
+ my ($cdom,$cnum,$courseroles,$seccount,$courseprivs) = @_;
+ unless ((ref($courseroles) eq 'HASH') && (ref($seccount) eq 'HASH') ||
+ (ref($courseprivs) eq 'HASH')) {
return;
}
my ($result,$cached) =
@@ -1411,9 +1434,11 @@
if (defined($cached)) {
if (ref($result) eq 'HASH') {
if ((ref($result->{'roles'}) eq 'HASH') &&
- (ref($result->{'seccount'}) eq 'HASH')) {
+ (ref($result->{'seccount'}) eq 'HASH') &&
+ (ref($result->{'privs'}) eq 'HASH')) {
%{$courseroles} = %{$result->{'roles'}};
%{$seccount} = %{$result->{'seccount'}};
+ %{$courseprivs} = %{$result->{'privs'}};
return;
}
}
@@ -1441,23 +1466,34 @@
push(@{$courseroles->{$urole}},$usec);
}
}
+ my $area = '/'.$cdom.'/'.$cnum;
+ if ($usec ne '') {
+ $area .= '/'.$usec;
+ }
+ if ($role =~ /^cr\//) {
+ &Apache::lonnet::custom_roleprivs($courseprivs,$urole,$cdom,$cnum,$urole.'.'.$area,$area);
+ } else {
+ &Apache::lonnet::standard_roleprivs($courseprivs,$urole,$cdom,$urole.'.'.$area,$cnum,$area);
+ }
}
my %sections_count = &Apache::loncommon::get_sections($cdom,$cnum,['st']);
@{$courseroles->{'st'}} = ();
+ &Apache::lonnet::standard_roleprivs($courseprivs,'st',$cdom,"st./$cdom/$cnum",$cnum,"/$cdom/$cnum");
if (keys(%sections_count) > 0) {
push(@{$courseroles->{'st'}},keys(%sections_count));
- $seccount->{'st'} = scalar(keys(%sections_count));
+ $seccount->{'st'} = scalar(keys(%sections_count));
}
my $rolehash = {
'roles' => $courseroles,
'seccount' => $seccount,
+ 'privs' => $courseprivs,
};
&Apache::lonnet::do_cache_new('getcourseroles',$cdom.'_'.$cnum,$rolehash);
return;
}
sub jump_to_role {
- my ($cdom,$cnum,$seccount,$courseroles) = @_;
+ my ($cdom,$cnum,$seccount,$courseroles,$courseprivs,$priv) = @_;
my %lt = &Apache::lonlocal::texthash(
this => 'This role has section(s) associated with it.',
ente => 'Enter a specific section.',
@@ -1465,6 +1501,8 @@
avai => 'Available sections are:',
youe => 'You entered an invalid section choice:',
plst => 'Please try again',
+ role => 'The role you selected is not permitted to view the current page.',
+ swit => 'Switch role, but display Main Menu page instead?',
);
my $js;
if (ref($courseroles) eq 'HASH') {
@@ -1487,6 +1525,37 @@
' numsec['.$i.'] = "'.$seccount->{$items[$i]}.'";'."\n";
}
}
+ my $checkroles = 0;
+ if ($priv && ref($courseprivs) eq 'HASH') {
+ my (%disallowed,%allowed, at disallow);
+ foreach my $role (sort(keys(%{$courseprivs}))) {
+ my $trole;
+ if ($role =~ m{^(.+?)\Q./$cdom/$cnum\E}) {
+ $trole = $1;
+ }
+ if (($trole ne '') && ($trole ne 'cm')) {
+ if ($courseprivs->{$role} =~ /\Q:$priv\E($|:|\&\w+)/) {
+ $allowed{$trole} = 1;
+ } else {
+ $disallowed{$trole} = 1;
+ }
+ }
+ }
+ foreach my $trole (keys(%disallowed)) {
+ unless ($allowed{$trole}) {
+ push(@disallow,$trole);
+ }
+ }
+ if (@disallow > 0) {
+ $checkroles = 1;
+ $js .= " var disallow = new Array('".join("','", at disallow)."');\n".
+ " var rolecheck = 1;\n";
+ }
+ }
+ if (!$checkroles) {
+ $js .= " var disallow = new Array();\n".
+ " rolecheck = 0;\n";
+ }
return <<"END";
<script type="text/javascript">
//<![CDATA[
@@ -1494,7 +1563,7 @@
$js
var newrole = document.rolechooser.elements[roleitem].options[document.rolechooser.elements[roleitem].selectedIndex].value;
if (newrole == '') {
- return;
+ return;
}
var fullrole = newrole+'./$cdom/$cnum';
var selidx = '';
@@ -1503,6 +1572,18 @@
selidx = i;
}
}
+ if (rolecheck > 0) {
+ for (var i=0; i<disallow.length; i++) {
+ if (disallow[i] == newrole) {
+ if (confirm("$lt{'role'}\\n$lt{'swit'}")) {
+ document.rolechooser.destinationurl.value = '/adm/menu';
+ } else {
+ document.rolechooser.elements[roleitem].selectedIndex = 0;
+ return;
+ }
+ }
+ }
+ }
var secok = 1;
var secchoice = '';
if (selidx >= 0) {
@@ -1540,6 +1621,7 @@
return;
}
if (fullrole == "$env{'request.role'}") {
+ document.rolechooser.elements[roleitem].selectedIndex = 0;
return;
}
itemid = retrieveIndex('gotorole');
@@ -1565,6 +1647,22 @@
END
}
+sub required_privs {
+ my $privs = {
+ '/adm/parmset' => 'opa',
+ '/adm/courseprefs' => 'opa',
+ '/adm/whatsnew' => 'whn',
+ '/adm/populate' => 'cst',
+ '/adm/trackstudent' => 'vsa',
+ '/adm/statistics' => 'vgr',
+ };
+ unless ($env{'course.'.$env{'request.course.id'}.'.grading'} eq 'spreadsheet') {
+ $privs->{'/adm/classcalc'} => 'vgr',
+ $privs->{'/adm/assesscalc'} => 'vgr',
+ $privs->{'/adm/studentcalc'} => 'vgr';
+ }
+ return $privs;
+}
# ================================================================ Main Program
More information about the LON-CAPA-cvs
mailing list