--- loncom/homework/grades.pm 2003/06/18 18:59:20 1.101 +++ loncom/homework/grades.pm 2003/07/14 16:11:19 1.115 @@ -1,7 +1,7 @@ # The LearningOnline Network with CAPA # The LON-CAPA Grading handler # -# $Id: grades.pm,v 1.101 2003/06/18 18:59:20 albertel Exp $ +# $Id: grades.pm,v 1.115 2003/07/14 16:11:19 ng Exp $ # # Copyright Michigan State University Board of Trustees # @@ -41,6 +41,7 @@ use Apache::style; use Apache::lonxml; use Apache::lonnet; use Apache::loncommon; +use Apache::lonhtmlcommon; use Apache::lonnavmaps; use Apache::lonhomework; use Apache::loncoursedata; @@ -49,6 +50,7 @@ use Apache::Constants qw(:common); use String::Similarity; my %oldessays=(); +my %perm=(); # ----- These first few routines are general use routines.---- # @@ -128,60 +130,67 @@ sub getclasslist { my (undef,undef,$end,$start,$id,$section,$fullname,$status)= @{$classlist->{$_}}; # filter students according to status selected - if ($filterlist && $ENV{'form.status'} ne 'Any') { - if ($ENV{'form.status'} ne $status) { + if ($filterlist && $ENV{'form.Status'} ne 'Any') { + if ($ENV{'form.Status'} ne $status) { delete ($classlist->{$_}); next; } } $section = ($section ne '' ? $section : 'no'); - if ($getsec eq 'all' || $getsec eq $section) { - $sections{$section}++; - $fullnames{$_}=$fullname; - } else { - delete($classlist->{$_}); - } + if (&canview($section)) { + if ($getsec eq 'all' || $getsec eq $section) { + $sections{$section}++; + $fullnames{$_}=$fullname; + } else { + delete($classlist->{$_}); + } + } else { + delete($classlist->{$_}); + } } my %seen = (); my @sections = sort(keys(%sections)); return ($classlist,\@sections,\%fullnames); } -#find user domain -sub finduser { - my ($name) = @_; - my $domain = ''; - if ( $Apache::grades::viewgrades eq 'F' ) { - my %classlist=&Apache::lonnet::dump('classlist', - $ENV{'course.'.$ENV{'request.course.id'}.'.domain'}, - $ENV{'course.'.$ENV{'request.course.id'}.'.num'}); - my (@fields) = grep /^$name:/, keys %classlist; - ($name, $domain) = split(/:/,$fields[0]); - return ($name,$domain); - } else { - return ($ENV{'user.name'},$ENV{'user.domain'}); +sub canmodify { + my ($sec)=@_; + if ($perm{'mgr'}) { + if (!defined($perm{'mgr_section'})) { + # can modify whole class + return 1; + } else { + if ($sec eq $perm{'mgr_section'}) { + #can modify the requested section + return 1; + } else { + # can't modify the request section + return 0; + } + } } + #can't modify + return 0; } -#--- Prompts a user to enter a username. -sub moreinfo { - my ($request,$reason) = @_; - $request->print("Unable to process request: $reason"); - if ( $Apache::grades::viewgrades eq 'F' ) { - $request->print('
'."\n"); - if ($ENV{'form.url'}) { - $request->print(''."\n"); - } - if ($ENV{'form.symb'}) { - $request->print(''."\n"); - } - $request->print(''."\n"); - $request->print("Student:".''."
\n"); - $request->print("Domain:".''."
\n"); - $request->print(''."
\n"); - $request->print('
'); +sub canview { + my ($sec)=@_; + if ($perm{'vgr'}) { + if (!defined($perm{'vgr_section'})) { + # can modify whole class + return 1; + } else { + if ($sec eq $perm{'vgr_section'}) { + #can modify the requested section + return 1; + } else { + # can't modify the request section + return 0; + } + } } - return ''; + #can't modify + return 0; } #--- Retrieve the grade status of a student for all the parts @@ -359,28 +368,47 @@ sub listStudents { $request->print(< - function checkSelect(checkBox) { - var ctr=0; - var sense=""; - if (checkBox.length > 1) { - for (var i=0; i 1) { + for (var i=0; i 1) { + for (var i=0; i LISTJAVASCRIPT @@ -397,6 +425,10 @@ LISTJAVASCRIPT if ($ENV{'form.handgrade'} eq 'yes') { $gradeTable.=' handgrade only'."\n"; } + + my $saveStatus = $ENV{'form.Status'} eq '' ? 'Active' : $ENV{'form.Status'}; + $ENV{'form.Status'} = $saveStatus; + $gradeTable.=' last sub only'."\n". ' last sub & parts info'."\n". ' all details'."\n". @@ -409,58 +441,82 @@ LISTJAVASCRIPT ''."\n". ''."\n". ''."\n". - 'To '.lc($viewgrade).' a submission, click on the check box next to the student\'s name. Then '."\n". + ''."\n"; + + $gradeTable.='Student Status: '. + &Apache::lonhtmlcommon::StatusOptions($saveStatus,undef,1,'javascript:reLoadList(this.form);').'
'; + + $gradeTable.='To '.lc($viewgrade).' a submission, click on the check box next to the student\'s name. Then '."\n". 'click on the '.$viewgrade.' button. To view the submissions for a group of students, click'."\n". ' on the check boxes for the group of students.
'."\n". - ''."\n". - ''."\n"; + $gradeTable.=''."\n"; - - my (undef,undef,$fullname) = &getclasslist($getsec,$ENV{'form.showgrading'} eq 'yes' ? '1' : '0'); - + + my (undef, undef, $fullname) = &getclasslist($getsec,'1'); $gradeTable.='
'. - ''. - ''. - ''; - foreach (sort(@$partlist)) { - $gradeTable.=''; + '
 Select  Fullname  Username  Domain  Part '.(split(/_/))[0].' Status 
'; + my $loop = 0; + while ($loop < 2) { + $gradeTable.=''; + if ($ENV{'form.showgrading'} eq 'yes' && $submitonly ne 'all') { + foreach (sort(@$partlist)) { + $gradeTable.=''; + } + } + $loop++; } $gradeTable.=''."\n"; my $ctr = 0; foreach my $student (sort {lc($$fullname{$a}) cmp lc($$fullname{$b}) } keys %$fullname) { my ($uname,$udom) = split(/:/,$student); - my (%status) =&student_gradeStatus($url,$symb,$udom,$uname,$partlist); - my $statusflg = ''; - foreach (keys(%status)) { - $statusflg = 1 if ($status{$_} ne 'nothing'); - my ($foo,$partid,$foo1) = split(/\./,$_); - if ($status{'resource.'.$partid.'.submitted_by'} ne '') { - $statusflg = ''; - $gradeTable.=''; + my %status = (); + if ($ENV{'form.showgrading'} eq 'yes' && $submitonly ne 'all') { + (%status) =&student_gradeStatus($url,$symb,$udom,$uname,$partlist); + my $statusflg = ''; + foreach (keys(%status)) { + $statusflg = 1 if ($status{$_} ne 'nothing'); + my ($foo,$partid,$foo1) = split(/\./,$_); + if ($status{'resource.'.$partid.'.submitted_by'} ne '') { + $statusflg = ''; + $gradeTable.=''; + } } + next if ($statusflg eq '' && $submitonly eq 'yes'); } - next if ($statusflg eq '' && $submitonly eq 'yes'); $ctr++; - if ( $Apache::grades::viewgrades eq 'F' ) { - $gradeTable.=''. - ''."\n". - ''."\n". - ''."\n". - ''."\n"; - - foreach (sort keys(%status)) { - next if (/^resource.*?submitted_by$/); - $gradeTable.=''."\n"; + if ( $perm{'vgr'} eq 'F' ) { + $gradeTable.='' if ($ctr%2 ==1); + $gradeTable.=''."\n". + ''."\n"; + + if ($ENV{'form.showgrading'} eq 'yes' && $submitonly ne 'all') { + foreach (sort keys(%status)) { + next if (/^resource.*?submitted_by$/); + $gradeTable.=''."\n"; + } } - $gradeTable.=''."\n"; + $gradeTable.=''."\n" if ($ctr%2 ==0); } } + if ($ctr%2 ==1) { + $gradeTable.=''; + if ($ENV{'form.showgrading'} eq 'yes' && $submitonly ne 'all') { + foreach (@$partlist) { + $gradeTable.=''; + } + } + $gradeTable.=''; + } + $gradeTable.='
 Select  Fullname '. + '(Username)  Part '.(split(/_/))[0].' Status 
 '.$$fullname{$student}.'  '.$uname.'  '.$udom.'  '.$status{$_}.' 
 '.$$fullname{$student}.' '."\n". + '('.$uname.') '.$status{$_}.' 
   
'. '
'; + 'No submissions found for this resource for any students. ('.$num_students. + ' checked for submissions
'; } } elsif ($ctr == 1) { $gradeTable =~ s/type=checkbox/type=checkbox checked/; @@ -1050,11 +1107,18 @@ sub submission { (my $url=$ENV{'form.url'})=~s-^http://($ENV{'SERVER_NAME'}|$ENV{'HTTP_HOST'})--; my ($uname,$udom) = ($ENV{'form.student'},$ENV{'form.userdom'}); - ($uname,$udom) = &finduser($uname) if $udom eq ''; + my $usec = &Apache::lonnet::getsection($udom,$uname,$ENV{'request.course.id'}); $ENV{'form.fullname'} = &get_fullname ($uname,$udom) if $ENV{'form.fullname'} eq ''; my $symb=($ENV{'form.symb'} ne '' ? $ENV{'form.symb'} : (&Apache::lonnet::symbread($url))); if ($symb eq '') { $request->print("Unable to handle ambiguous references:$url:."); return ''; } + + if (!&canview($usec)) { + $request->print('Unable to view requested student.('.$uname.$udom.$usec.$ENV{'request.course.id'}.')'); + $request->print(&show_grading_menu_form($symb,$url)); + return; + } + my $last = ($ENV{'form.lastSub'} eq 'last' ? 'last' : ''); # header info @@ -1249,7 +1313,7 @@ KEYWORDS } else { for my $part (sort keys(%$handgrade)) { foreach (@$string) { - my ($partid,$respid) = /^resource\.(\d+)\.(\d+)\.submission/; + my ($partid,$respid) = /^resource\.(\w+)\.(\w+)\.submission/; if ($part eq ($partid.'_'.$respid)) { my ($ressub,$subval) = split(/:/,$_,2); # Similarity check @@ -1288,7 +1352,7 @@ KEYWORDS } # return if view submission with no grading option - if ($ENV{'form.showgrading'} eq '') { + if ($ENV{'form.showgrading'} eq '' || (!&canmodify($usec))) { $request->print(''."\n"); $request->print(&show_grading_menu_form($symb,$url)) if (($ENV{'form.command'} eq 'submission') || @@ -1307,7 +1371,7 @@ KEYWORDS my $lastone = pop @col_fullnames; $msgfor .= ', '.(join ', ',@col_fullnames).' and '.$lastone.'.'; } - $msgfor =~ s/\'/\\'/g; #' stupid emacs + $msgfor =~ s/\'/\\'/g; #' stupid emacs - no! javascript $result.=''."\n". ' '. @@ -1432,6 +1496,11 @@ sub processHandGrade { $ctr++; next; } + if ($errorflag eq 'not_allowed') { + $request->print("Not allowed to modify grades for $uname:$udom"); + $ctr++; + next; + } my $includemsg = $ENV{'form.includemsg'.$ctr}; my ($subject,$message,$msgstatus) = ('','',''); if ($includemsg =~ /savemsg|newmsg\Q$ctr\E/) { @@ -1451,12 +1520,16 @@ sub processHandGrade { if ($ENV{'form.collaborator'.$ctr}) { my (@collaborators) = split(/:/,$ENV{'form.collaborator'.$ctr}); foreach (@collaborators) { - &saveHandGrade($request,$url,$symb,$_,$udom,$ctr, - $ENV{'form.unamedom'.$ctr}); - if ($message ne '') { - $msgstatus = &Apache::lonmsg::user_normal_msg ($_,$udom, - $ENV{'form.msgsub'}, - $message); + my ($errorflag,$pts,$wgt) = &saveHandGrade($request,$url,$symb,$_,$udom,$ctr,$ENV{'form.unamedom'.$ctr}); + if ($errorflag eq 'not_allowed') { + $request->print("Not allowed to modify grades for $_:$udom"); + next; + } else { + if ($message ne '') { + $msgstatus = &Apache::lonmsg::user_normal_msg ($_,$udom, + $ENV{'form.msgsub'}, + $message); + } } } } @@ -1589,6 +1662,9 @@ sub processHandGrade { #---- Save the score and award for each student, if changed sub saveHandGrade { my ($request,$url,$symb,$stuname,$domain,$newflg,$submitter) = @_; + my $usec = &Apache::lonnet::getsection($domain,$stuname, + $ENV{'request.course.id'}); + if (!&canmodify($usec)) { return('not_allowed'); } my %record = &Apache::lonnet::restore($symb,$ENV{'request.course.id'},$domain,$stuname); my %newrecord = (); my ($pts,$wgt) = ('',''); @@ -1646,8 +1722,8 @@ sub viewgrades_js { var textbox = eval("document.classgrade.TEXTVAL_"+partid); if (point == "textval") { var point = eval("document.classgrade.TEXTVAL_"+partid+".value"); - if (isNaN(point) || point < 0) { - alert("A number equal or greater than 0 is expected. Entered value = "+point); + if (isNaN(point) || parseFloat(point) < 0) { + alert("A number equal or greater than 0 is expected. Entered value = "+parseFloat(point)); var resetbox = false; for (var i=0; i weight) { - var resp = confirm("You entered a value ("+point+ + if (parseFloat(point) > parseFloat(weight)) { + var resp = confirm("You entered a value ("+parseFloat(point)+ ") greater than the weight for the part. Accept?"); if (resp == false) { textbox.value = ""; @@ -1670,7 +1746,7 @@ sub viewgrades_js { } for (var i=0; i weight) { - var resp = confirm("You entered a value ("+point+ + if (parseFloat(point) > parseFloat(weight)) { + var resp = confirm("You entered a value ("+parseFloat(point)+ ") greater than the weight of the part. Accept?"); if (resp == false) { textbox.value = ""; @@ -1881,9 +1957,9 @@ sub viewgrades { $result.=''.''.''."\n". ''; $result.='    '; - $result.=''."\n"; + 'onClick="javascript:resetEntry('.$ctsparts.');" TARGET=_self>'; +# $result.='    '."\n"; #table listing all the students in a section/class #header of table @@ -1897,7 +1973,7 @@ sub viewgrades { } $result.= '
'."\n". ''. - ''."\n"; + ''."\n"; my (@parts) = sort(&getpartlist($url)); foreach my $part (@parts) { my $display=&Apache::lonnet::metadata($url,$part.'.display'); @@ -1931,7 +2007,7 @@ sub viewgrades { 'onClick="javascript:submit();" TARGET=_self />'."\n"; if (scalar(%$fullname) eq 0) { my $colspan=3+scalar(@parts); - $result='There are no students in section "'.$ENV{'form.section'}.'" with enrollment status "'.$ENV{'form.status'}.'" to modify or grade.'; + $result='There are no students in section "'.$ENV{'form.section'}.'" with enrollment status "'.$ENV{'form.Status'}.'" to modify or grade.'; } $result.=&show_grading_menu_form($symb,$url); return $result; @@ -1945,8 +2021,8 @@ sub viewstudentgrade { my %record=&Apache::lonnet::restore($symb,$courseid,$udom,$uname); my $result=''."\n"; + '\')"; TARGET=_self>'.$fullname.' '. + '('.$uname.($ENV{'user.domain'} eq $udom ? '' : ':'.$udom).')'."\n"; foreach my $apart (@$parts) { my ($part,$type) = &split_part_type($apart); my $score=$record{"resource.$part.$type"}; @@ -2053,10 +2129,15 @@ sub editgrades { my ($uname,$udom)=split(/_/,$user); my %newrecord; my $updateflag = 0; - $line .= ''; + my $usec=$classlist->{"$uname:$udom"}[5]; + if (!&canmodify($usec)) { + my $numcols=scalar(@partid)*(scalar(@parts)-1)*2; + $noupdate.=$line.""; + next; + } foreach (@partid) { my $old_aw = $ENV{'form.GD_'.$user.'_'.$_.'_awarded_s'}; my $old_part_pcr = $old_aw/($weight{$_} ne '0' ? $weight{$_}:1); @@ -2114,7 +2195,8 @@ sub editgrades { } } if ($noupdate) { - $result .= ''.$noupdate; + my $numcols=(scalar(@partid)*(scalar(@parts)-1)*2)+3; + $result .= ''.$noupdate; } $result .= '
FullnameUsernameDomainFullname (Username)
'. ''.$fullname.''. - ''.$uname.''.$udom.'
'.$uname.' '. $udom.' '. $$fullname{$usercolon}.' Not allowed to modify student
No Changes Occured For the Students Below
No Changes Occured For the Students Below
'."\n". &show_grading_menu_form ($symb,$url); @@ -2317,7 +2399,7 @@ CSVFORMJS $result.=''."\n"; my $upfile_select=&Apache::loncommon::upfile_select_html(); $result.=< +
@@ -2396,6 +2478,7 @@ sub csvuploadassign { $request->print('

Assigning Grades

'); my $courseid=$ENV{'request.course.id'}; my ($classlist) = &getclasslist('all',0); + my @notallowed; my @skipped; my $countdone=0; foreach my $grade (@gradedata) { @@ -2406,6 +2489,11 @@ sub csvuploadassign { push(@skipped,"$username:$domain"); next; } + my $usec=$classlist->{"$username:$domain"}[5]; + if (!&canmodify($usec)) { + push(@notallowed,"$username:$domain"); + next; + } my %grades; foreach my $dest (keys(%fields)) { if ($dest eq 'username' || $dest eq 'domain') { next; } @@ -2424,9 +2512,14 @@ sub csvuploadassign { } $request->print("
Stored $countdone students\n"); if (@skipped) { - $request->print('
Skipped Students
'); - foreach my $student (@skipped) { $request->print("
$student"); } + $request->print('Skipped Students

'); + foreach my $student (@skipped) { $request->print("$student
\n"); } + } + if (@notallowed) { + $request->print('

Students Not Allowed to Modify

'); + foreach my $student (@notallowed) { $request->print("$student
\n"); } } + $request->print("
\n"); $request->print(&show_grading_menu_form($symb,$url)); return ''; } @@ -2523,6 +2616,7 @@ LISTJAVASCRIPT ' all details'."\n"; $result.=''."\n". + ''."\n". ''."\n". ''."\n". ''."\n". @@ -2568,22 +2662,20 @@ sub getSymbMap { my ($request) = @_; my $navmap = Apache::lonnavmaps::navmap-> new($ENV{'request.course.fn'}.'.db', $ENV{'request.course.fn'}.'_parms.db',1, 1); - - my $res = $navmap->firstResource(); # temp resource to access constants $navmap->init(); # End navmap using boilerplate - my $iterator = $navmap->getIterator(undef, undef, undef, 1); + my $iterator = Apache::lonnavmaps::iterator->new($navmap, undef, undef, undef, undef, 1, undef, 1); my $depth = 1; - $iterator->next(); # ignore first BEGIN_MAP my $curRes = $iterator->next(); my %symbx = (); my @titles = (); my $minder=0; - while ($depth > 0) { - if ($curRes == $iterator->BEGIN_MAP()) {$depth++;} + my $seenBeginMap = 0; + while ($depth > 0 || !$seenBeginMap) { + if ($curRes == $iterator->BEGIN_MAP()) {$depth++; $seenBeginMap = 1; } if ($curRes == $iterator->END_MAP()) { $depth--; } if (ref($curRes) && $curRes->is_map()) { @@ -2630,9 +2722,14 @@ sub displayPage { my $cnum = $ENV{"course.$ENV{'request.course.id'}.num"}; my $getsec = $ENV{'form.section'} eq '' ? 'all' : $ENV{'form.section'}; my $pageTitle = $ENV{'form.page'}; - my (undef,undef,$fullname) = &getclasslist($getsec,'1'); + my ($classlist,undef,$fullname) = &getclasslist($getsec,'1'); my ($uname,$udom) = split(/:/,$ENV{'form.student'}); - + my $usec=$classlist->{$ENV{'form.student'}}[5]; + if (!&canview($usec)) { + $request->print('Unable to view requested student.('.$ENV{'form.student'}.')'); + $request->print(&show_grading_menu_form($symb,$url)); + return; + } my $result='

 '.$ENV{'form.title'}.'

'; $result.='

 Student: '.$$fullname{$ENV{'form.student'}}. ' ('.$uname.($udom eq $cdom ? '':':'.$udom).')

'."\n"; @@ -2715,12 +2812,13 @@ sub displayPage { my @versionKeys = split(/\:/,$record{$version.':keys'}); my @displaySub = (); foreach my $partid (@{$parts}) { + my $responseType = $curRes->responseType($partid); my @matchKey = grep /^resource\.$partid\..*?\.submission$/,@versionKeys; next if ($record{"$version:resource.$partid.solved"} eq ''); # next if ($record{"$version:resource.$partid.award"} eq 'APPROX_ANS' && # $record{"$version:resource.$partid.solved"} eq ''); $displaySub[0].=(exists $record{$version.':'.$matchKey[0]}) ? - 'Part '.$partid.' '. + 'Part '.$partid.' Type:'.$responseType.':endtype'. ($record{"$version:resource.$partid.tries"} eq '' ? 'Trial not counted' : 'Trial '.$record{"$version:resource.$partid.tries"}).'  '. $record{$version.':'.$matchKey[0]}.'
' : ''; @@ -2745,15 +2843,16 @@ sub displayPage { '','.submission'); } - - foreach my $partid (@{$parts}) { - $studentTable.=&gradeBox($request,$symbx,$uname,$udom,$question,$partid,\%record); - $studentTable.=''."\n"; - $question++; + if (&canmodify($usec)) { + foreach my $partid (@{$parts}) { + $studentTable.=&gradeBox($request,$symbx,$uname,$udom,$question,$partid,\%record); + $studentTable.=''."\n"; + $question++; + } } $studentTable.=''; - } + } $curRes = $iterator->next(); } @@ -2776,9 +2875,14 @@ sub updateGradeByPage { my $cnum = $ENV{"course.$ENV{'request.course.id'}.num"}; my $getsec = $ENV{'form.section'} eq '' ? 'all' : $ENV{'form.section'}; my $pageTitle = $ENV{'form.page'}; - my (undef,undef,$fullname) = &getclasslist($getsec,'1'); + my ($classlist,undef,$fullname) = &getclasslist($getsec,'1'); my ($uname,$udom) = split(/:/,$ENV{'form.student'}); - + my $usec=$classlist->{$ENV{'form.student'}}[5]; + if (!&canmodify($usec)) { + $request->print('Unable to modify requested student.('.$ENV{'form.student'}.''); + $request->print(&show_grading_menu_form($ENV{'form.symb'},$ENV{'form.url'})); + return; + } my $result='

 '.$ENV{'form.title'}.'

'; $result.='

 Student: '.$$fullname{$ENV{'form.student'}}. ' ('.$uname.($udom eq $cdom ? '':':'.$udom).')

'."\n"; @@ -3234,7 +3338,7 @@ sub gradingmenu { function checkChoice(formname) { var cmd = formname.command; formname.saveState.value = "saveCmd="+radioSelection(cmd)+":saveSec="+pullDownSelection(formname.section)+ - ":saveSub="+radioSelection(formname.submitonly)+":saveStatus="+pullDownSelection(formname.status); + ":saveSub="+radioSelection(formname.submitonly)+":saveStatus="+pullDownSelection(formname.Status); if (cmd[0].checked || cmd[1].checked || cmd[2].checked || cmd[3].checked || cmd[4].checked) formname.submit(); if (cmd[5].checked) { if (!checkReceiptNo(formname,'notOK')) { return false;} @@ -3372,12 +3476,7 @@ GRADINGMENUJS } $result.= '
'; - + $result.='Student Status:'.&Apache::lonhtmlcommon::StatusOptions($saveStatus,undef,1,undef); $result.='   (Applies to the first three options only.)'."\n"; if (ref($sections)) { @@ -3396,7 +3495,8 @@ GRADINGMENUJS sub handler { my $request=$_[0]; - + + undef(%perm); if ($ENV{'browser.mathml'}) { $request->content_type('text/xml'); } else { @@ -3441,36 +3541,48 @@ sub handler { } } } else { - $Apache::grades::viewgrades=&Apache::lonnet::allowed('vgr',$ENV{'request.course.id'}); - if ($command eq 'submission') { + if (!($perm{'vgr'}=&Apache::lonnet::allowed('vgr',$ENV{'request.course.id'}))) { + if ($perm{'vgr'}=&Apache::lonnet::allowed('vgr',$ENV{'request.course.id'}.'/'.$ENV{'request.course.sec'})) { + $perm{'vgr_section'}=$ENV{'request.course.sec'}; + } else { + delete($perm{'vgr'}); + } + } + if (!($perm{'mgr'}=&Apache::lonnet::allowed('mgr',$ENV{'request.course.id'}))) { + if ($perm{'mgr'}=&Apache::lonnet::allowed('mgr',$ENV{'request.course.id'}.'/'.$ENV{'request.course.sec'})) { + $perm{'mgr_section'}=$ENV{'request.course.sec'}; + } else { + delete($perm{'mgr'}); + } + } + + if ($command eq 'submission' && $perm{'vgr'}) { ($ENV{'form.student'} eq '' ? &listStudents($request) : &submission($request,0,0)); - } elsif ($command eq 'pickStudentPage') { + } elsif ($command eq 'pickStudentPage' && $perm{'vgr'}) { &pickStudentPage($request); - } elsif ($command eq 'displayPage') { + } elsif ($command eq 'displayPage' && $perm{'vgr'}) { &displayPage($request); - } elsif ($command eq 'gradeByPage') { + } elsif ($command eq 'gradeByPage' && $perm{'mgr'}) { &updateGradeByPage($request); - } elsif ($command eq 'processGroup') { + } elsif ($command eq 'processGroup' && $perm{'vgr'}) { &processGroup($request); - } elsif ($command eq 'gradingmenu') { + } elsif ($command eq 'gradingmenu' && $perm{'vgr'}) { $request->print(&gradingmenu($request)); - } elsif ($command eq 'viewgrades') { + } elsif ($command eq 'viewgrades' && $perm{'vgr'}) { $request->print(&viewgrades($request)); - } elsif ($command eq 'handgrade') { + } elsif ($command eq 'handgrade' && $perm{'mgr'}) { $request->print(&processHandGrade($request)); - } elsif ($command eq 'editgrades') { + } elsif ($command eq 'editgrades' && $perm{'mgr'}) { $request->print(&editgrades($request)); - } elsif ($command eq 'verify') { + } elsif ($command eq 'verify' && $perm{'vgr'}) { $request->print(&verifyreceipt($request)); - } elsif ($command eq 'csvform') { + } elsif ($command eq 'csvform' && $perm{'mgr'}) { $request->print(&upcsvScores_form($request)); - } elsif ($command eq 'csvupload') { + } elsif ($command eq 'csvupload' && $perm{'mgr'}) { $request->print(&csvupload($request)); - } elsif ($command eq 'viewclasslist') { - $request->print(&viewclasslist($request)); - } elsif ($command eq 'csvuploadmap') { + } elsif ($command eq 'csvuploadmap' && $perm{'mgr'} ) { $request->print(&csvuploadmap($request)); - } elsif ($command eq 'csvuploadassign') { + } elsif ($command eq 'csvuploadassign' && $perm{'mgr'}) { if ($ENV{'form.associate'} ne 'Reverse Association') { $request->print(&csvuploadassign($request)); } else { @@ -3481,12 +3593,12 @@ sub handler { } $request->print(&csvuploadmap($request)); } - } elsif ($command eq 'scantron_selectphase') { + } elsif ($command eq 'scantron_selectphase' && $perm{'mgr'}) { $request->print(&scantron_selectphase($request)); - } elsif ($command eq 'scantron_process') { + } elsif ($command eq 'scantron_process' && $perm{'mgr'}) { $request->print(&scantron_process_students($request)); - } else { - $request->print("Unknown action: $command:"); + } elsif ($command) { + $request->print("Access Denied"); } } &send_footer($request);