[LON-CAPA-cvs] cvs: loncom /homework grades.pm

albertel lon-capa-cvs@mail.lon-capa.org
Fri, 20 Jun 2003 21:28:18 -0000 

albertel		Fri Jun 20 17:28:18 2003 EDT

  Modified files:              
    /loncom/homework	grades.pm 
  Log:
  - BUG#1862
  
  
Index: loncom/homework/grades.pm
diff -u loncom/homework/grades.pm:1.103 loncom/homework/grades.pm:1.104
--- loncom/homework/grades.pm:1.103	Fri Jun 20 16:13:18 2003
+++ loncom/homework/grades.pm	Fri Jun 20 17:28:18 2003
@@ -1,7 +1,7 @@
 # The LearningOnline Network with CAPA
 # The LON-CAPA Grading handler
 #
-# $Id: grades.pm,v 1.103 2003/06/20 20:13:18 albertel Exp $
+# $Id: grades.pm,v 1.104 2003/06/20 21:28:18 albertel Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -131,7 +131,6 @@
 	# filter students according to status selected
 	if ($filterlist && $ENV{'form.status'} ne 'Any') {
 	    if ($ENV{'form.status'} ne $status) {
-Apache->request->print("<p>removed</p>");
 		delete ($classlist->{$_});
 		next;
 	    }
@@ -455,7 +454,7 @@
 	next if ($statusflg eq '' && $submitonly eq 'yes');
 
 	$ctr++;
-	if ( $Apache::grades::viewgrades eq 'F' ) {
+	if ( $perm{'vgr'} eq 'F' ) {
 	    $gradeTable.='<tr bgcolor="#ffffe6">'.
 		'<td align="center"><input type=checkbox name="stuinfo" value="'.
 		$student.':'.$$fullname{$student}.'"></td>'."\n".
@@ -1059,11 +1058,18 @@
 
     (my $url=$ENV{'form.url'})=~s-^http://($ENV{'SERVER_NAME'}|$ENV{'HTTP_HOST'})--;
     my ($uname,$udom)     = ($ENV{'form.student'},$ENV{'form.userdom'});
-
+    my $usec = &Apache::lonnet::getsection($udom,$uname,$ENV{'request.course.id'});
     $ENV{'form.fullname'} = &get_fullname ($uname,$udom) if $ENV{'form.fullname'} eq '';
 
     my $symb=($ENV{'form.symb'} ne '' ? $ENV{'form.symb'} : (&Apache::lonnet::symbread($url)));
     if ($symb eq '') { $request->print("Unable to handle ambiguous references:$url:."); return ''; }
+
+    if (!&canview($usec)) {
+	$request->print('<font color="red">Unable to view requested student.('.$uname.$udom.$usec.$ENV{'request.course.id'}.')</font>');
+	$request->print(&show_grading_menu_form($symb,$url));
+	return;
+    }
+
     my $last = ($ENV{'form.lastSub'} eq 'last' ? 'last' : '');
 
     # header info
@@ -1297,7 +1303,7 @@
     }
     
     # return if view submission with no grading option
-    if ($ENV{'form.showgrading'} eq '') {
+    if ($ENV{'form.showgrading'} eq '' || (!&canmodify($usec))) {
 	$request->print('</td></tr></table></td></tr></table></form>'."\n");
 	$request->print(&show_grading_menu_form($symb,$url)) 
 	    if (($ENV{'form.command'} eq 'submission') || 
@@ -1441,6 +1447,11 @@
 		$ctr++;
 		next;
 	    }
+	    if ($errorflag eq 'not_allowed') {
+		$request->print("<font color=\"red\">Not allowed to modify grades for $uname:$udom</font>");
+		$ctr++;
+		next;
+	    }
 	    my $includemsg = $ENV{'form.includemsg'.$ctr};
 	    my ($subject,$message,$msgstatus) = ('','','');
 	    if ($includemsg =~ /savemsg|newmsg\Q$ctr\E/) {
@@ -1460,12 +1471,16 @@
 	    if ($ENV{'form.collaborator'.$ctr}) {
 		my (@collaborators) = split(/:/,$ENV{'form.collaborator'.$ctr});
 		foreach (@collaborators) {
-		    &saveHandGrade($request,$url,$symb,$_,$udom,$ctr,
-				   $ENV{'form.unamedom'.$ctr});
-		    if ($message ne '') {
-			$msgstatus = &Apache::lonmsg::user_normal_msg ($_,$udom,
-								       $ENV{'form.msgsub'},
-								       $message);
+		    my ($errorflag,$pts,$wgt) = &saveHandGrade($request,$url,$symb,$_,$udom,$ctr,$ENV{'form.unamedom'.$ctr});
+		    if ($errorflag eq 'not_allowed') {
+			$request->print("<font color=\"red\">Not allowed to modify grades for $_:$udom</font>");
+			next;
+		    } else {
+			if ($message ne '') {
+			    $msgstatus = &Apache::lonmsg::user_normal_msg ($_,$udom,
+									   $ENV{'form.msgsub'},
+									   $message);
+			}
 		    }
 		}
 	    }
@@ -1598,6 +1613,9 @@
 #---- Save the score and award for each student, if changed
 sub saveHandGrade {
     my ($request,$url,$symb,$stuname,$domain,$newflg,$submitter) = @_;
+    my $usec = &Apache::lonnet::getsection($domain,$stuname,
+					   $ENV{'request.course.id'});
+    if (!&canmodify($usec)) { return('not_allowed'); }
     my %record     = &Apache::lonnet::restore($symb,$ENV{'request.course.id'},$domain,$stuname);
     my %newrecord  = ();
     my ($pts,$wgt) = ('','');
@@ -3477,24 +3495,25 @@
 		delete($perm{'mgr'});
 	    }
 	}
-#	$Apache::lonxml::debug=1;
-#	&Apache::lonxml::debug("command is $command");
+	#delete($perm{'mgr'});
+	#$Apache::lonxml::debug=1;
+	#&Apache::lonxml::debug("command is $command");
 
-	if ($command eq 'submission') {
+	if ($command eq 'submission' && $perm{'vgr'}) {
 	    ($ENV{'form.student'} eq '' ? &listStudents($request) : &submission($request,0,0));
 	} elsif ($command eq 'pickStudentPage' && $perm{'vgr'}) {
 	    &pickStudentPage($request);
 	} elsif ($command eq 'displayPage' && $perm{'vgr'}) {
 	    &displayPage($request);
-	} elsif ($command eq 'gradeByPage') {
+	} elsif ($command eq 'gradeByPage' && $perm{'mgr'}) {
 	    &updateGradeByPage($request);
-	} elsif ($command eq 'processGroup') {
+	} elsif ($command eq 'processGroup' && $perm{'vgr'}) {
 	    &processGroup($request);
-	} elsif ($command eq 'gradingmenu') {
+	} elsif ($command eq 'gradingmenu' && $perm{'vgr'}) {
 	    $request->print(&gradingmenu($request));
-	} elsif ($command eq 'viewgrades') {
+	} elsif ($command eq 'viewgrades' && $perm{'vgr'}) {
 	    $request->print(&viewgrades($request));
-	} elsif ($command eq 'handgrade') {
+	} elsif ($command eq 'handgrade' && $perm{'mgr'}) {
 	    $request->print(&processHandGrade($request));
 	} elsif ($command eq 'editgrades') {
 	    $request->print(&editgrades($request));