--- loncom/homework/grades.pm 2003/06/20 20:13:18 1.103
+++ loncom/homework/grades.pm 2003/07/02 15:30:21 1.109
@@ -1,7 +1,7 @@
# The LearningOnline Network with CAPA
# The LON-CAPA Grading handler
#
-# $Id: grades.pm,v 1.103 2003/06/20 20:13:18 albertel Exp $
+# $Id: grades.pm,v 1.109 2003/07/02 15:30:21 matthew Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -131,7 +131,6 @@ sub getclasslist {
# filter students according to status selected
if ($filterlist && $ENV{'form.status'} ne 'Any') {
if ($ENV{'form.status'} ne $status) {
-Apache->request->print("<p>removed</p>");
delete ($classlist->{$_});
next;
}
@@ -455,7 +454,7 @@ LISTJAVASCRIPT
next if ($statusflg eq '' && $submitonly eq 'yes');
$ctr++;
- if ( $Apache::grades::viewgrades eq 'F' ) {
+ if ( $perm{'vgr'} eq 'F' ) {
$gradeTable.='<tr bgcolor="#ffffe6">'.
'<td align="center"><input type=checkbox name="stuinfo" value="'.
$student.':'.$$fullname{$student}.'"></td>'."\n".
@@ -1059,11 +1058,18 @@ sub submission {
(my $url=$ENV{'form.url'})=~s-^http://($ENV{'SERVER_NAME'}|$ENV{'HTTP_HOST'})--;
my ($uname,$udom) = ($ENV{'form.student'},$ENV{'form.userdom'});
-
+ my $usec = &Apache::lonnet::getsection($udom,$uname,$ENV{'request.course.id'});
$ENV{'form.fullname'} = &get_fullname ($uname,$udom) if $ENV{'form.fullname'} eq '';
my $symb=($ENV{'form.symb'} ne '' ? $ENV{'form.symb'} : (&Apache::lonnet::symbread($url)));
if ($symb eq '') { $request->print("Unable to handle ambiguous references:$url:."); return ''; }
+
+ if (!&canview($usec)) {
+ $request->print('<font color="red">Unable to view requested student.('.$uname.$udom.$usec.$ENV{'request.course.id'}.')</font>');
+ $request->print(&show_grading_menu_form($symb,$url));
+ return;
+ }
+
my $last = ($ENV{'form.lastSub'} eq 'last' ? 'last' : '');
# header info
@@ -1258,7 +1264,7 @@ KEYWORDS
} else {
for my $part (sort keys(%$handgrade)) {
foreach (@$string) {
- my ($partid,$respid) = /^resource\.(\d+)\.(\d+)\.submission/;
+ my ($partid,$respid) = /^resource\.(\w+)\.(\w+)\.submission/;
if ($part eq ($partid.'_'.$respid)) {
my ($ressub,$subval) = split(/:/,$_,2);
# Similarity check
@@ -1297,7 +1303,7 @@ KEYWORDS
}
# return if view submission with no grading option
- if ($ENV{'form.showgrading'} eq '') {
+ if ($ENV{'form.showgrading'} eq '' || (!&canmodify($usec))) {
$request->print('</td></tr></table></td></tr></table></form>'."\n");
$request->print(&show_grading_menu_form($symb,$url))
if (($ENV{'form.command'} eq 'submission') ||
@@ -1441,6 +1447,11 @@ sub processHandGrade {
$ctr++;
next;
}
+ if ($errorflag eq 'not_allowed') {
+ $request->print("<font color=\"red\">Not allowed to modify grades for $uname:$udom</font>");
+ $ctr++;
+ next;
+ }
my $includemsg = $ENV{'form.includemsg'.$ctr};
my ($subject,$message,$msgstatus) = ('','','');
if ($includemsg =~ /savemsg|newmsg\Q$ctr\E/) {
@@ -1460,12 +1471,16 @@ sub processHandGrade {
if ($ENV{'form.collaborator'.$ctr}) {
my (@collaborators) = split(/:/,$ENV{'form.collaborator'.$ctr});
foreach (@collaborators) {
- &saveHandGrade($request,$url,$symb,$_,$udom,$ctr,
- $ENV{'form.unamedom'.$ctr});
- if ($message ne '') {
- $msgstatus = &Apache::lonmsg::user_normal_msg ($_,$udom,
- $ENV{'form.msgsub'},
- $message);
+ my ($errorflag,$pts,$wgt) = &saveHandGrade($request,$url,$symb,$_,$udom,$ctr,$ENV{'form.unamedom'.$ctr});
+ if ($errorflag eq 'not_allowed') {
+ $request->print("<font color=\"red\">Not allowed to modify grades for $_:$udom</font>");
+ next;
+ } else {
+ if ($message ne '') {
+ $msgstatus = &Apache::lonmsg::user_normal_msg ($_,$udom,
+ $ENV{'form.msgsub'},
+ $message);
+ }
}
}
}
@@ -1598,6 +1613,9 @@ sub processHandGrade {
#---- Save the score and award for each student, if changed
sub saveHandGrade {
my ($request,$url,$symb,$stuname,$domain,$newflg,$submitter) = @_;
+ my $usec = &Apache::lonnet::getsection($domain,$stuname,
+ $ENV{'request.course.id'});
+ if (!&canmodify($usec)) { return('not_allowed'); }
my %record = &Apache::lonnet::restore($symb,$ENV{'request.course.id'},$domain,$stuname);
my %newrecord = ();
my ($pts,$wgt) = ('','');
@@ -1655,8 +1673,8 @@ sub viewgrades_js {
var textbox = eval("document.classgrade.TEXTVAL_"+partid);
if (point == "textval") {
var point = eval("document.classgrade.TEXTVAL_"+partid+".value");
- if (isNaN(point) || point < 0) {
- alert("A number equal or greater than 0 is expected. Entered value = "+point);
+ if (isNaN(point) || parseFloat(point) < 0) {
+ alert("A number equal or greater than 0 is expected. Entered value = "+parseFloat(point));
var resetbox = false;
for (var i=0; i<radioButton.length; i++) {
if (radioButton[i].checked) {
@@ -1669,8 +1687,8 @@ sub viewgrades_js {
}
return;
}
- if (point > weight) {
- var resp = confirm("You entered a value ("+point+
+ if (parseFloat(point) > parseFloat(weight)) {
+ var resp = confirm("You entered a value ("+parseFloat(point)+
") greater than the weight for the part. Accept?");
if (resp == false) {
textbox.value = "";
@@ -1679,7 +1697,7 @@ sub viewgrades_js {
}
for (var i=0; i<radioButton.length; i++) {
radioButton[i].checked=false;
- if (point == i) {
+ if (parseFloat(point) == i) {
radioButton[i].checked=true;
}
}
@@ -1753,13 +1771,13 @@ sub viewgrades_js {
var point = textbox.value;
var weight = eval("document.classgrade.weight_"+partid+".value");
- if (isNaN(point) || point < 0) {
- alert("A number equal or greater than 0 is expected. Entered value = "+point);
+ if (isNaN(point) || parseFloat(point) < 0) {
+ alert("A number equal or greater than 0 is expected. Entered value = "+parseFloat(point));
textbox.value = "";
return;
}
- if (point > weight) {
- var resp = confirm("You entered a value ("+point+
+ if (parseFloat(point) > parseFloat(weight)) {
+ var resp = confirm("You entered a value ("+parseFloat(point)+
") greater than the weight of the part. Accept?");
if (resp == false) {
textbox.value = "";
@@ -2062,10 +2080,15 @@ sub editgrades {
my ($uname,$udom)=split(/_/,$user);
my %newrecord;
my $updateflag = 0;
-
$line .= '<tr bgcolor="#ffffde"><td>'.$uname.' </td><td>'.
$udom.' </td><td>'.
$$fullname{$usercolon}.' </td>';
+ my $usec=$classlist->{"$uname:$udom"}[5];
+ if (!&canmodify($usec)) {
+ my $numcols=scalar(@partid)*(scalar(@parts)-1)*2;
+ $noupdate.=$line."<td colspan=\"$numcols\"><font color=\"red\">Not allowed to modify student</font></td></tr>";
+ next;
+ }
foreach (@partid) {
my $old_aw = $ENV{'form.GD_'.$user.'_'.$_.'_awarded_s'};
my $old_part_pcr = $old_aw/($weight{$_} ne '0' ? $weight{$_}:1);
@@ -2123,7 +2146,8 @@ sub editgrades {
}
}
if ($noupdate) {
- $result .= '<tr bgcolor="#ffffff"><td align="center" colspan="7">No Changes Occured For the Students Below</td></tr>'.$noupdate;
+ my $numcols=(scalar(@partid)*(scalar(@parts)-1)*2)+3;
+ $result .= '<tr bgcolor="#ffffff"><td align="center" colspan="'.$numcols.'">No Changes Occured For the Students Below</td></tr>'.$noupdate;
}
$result .= '</table></td></tr></table>'."\n".
&show_grading_menu_form ($symb,$url);
@@ -2326,7 +2350,7 @@ CSVFORMJS
$result.='<tr bgcolor=#ffffe6><td>'."\n";
my $upfile_select=&Apache::loncommon::upfile_select_html();
$result.=<<ENDUPFORM;
-<form method="post" enctype="multipart/form-data" action="/adm/grades" name="gradesupload" target="LONcatInfo">
+<form method="post" enctype="multipart/form-data" action="/adm/grades" name="gradesupload">
<input type="hidden" name="symb" value="$symb" />
<input type="hidden" name="url" value="$url" />
<input type="hidden" name="command" value="csvuploadmap" />
@@ -2405,6 +2429,7 @@ sub csvuploadassign {
$request->print('<h3>Assigning Grades</h3>');
my $courseid=$ENV{'request.course.id'};
my ($classlist) = &getclasslist('all',0);
+ my @notallowed;
my @skipped;
my $countdone=0;
foreach my $grade (@gradedata) {
@@ -2415,6 +2440,11 @@ sub csvuploadassign {
push(@skipped,"$username:$domain");
next;
}
+ my $usec=$classlist->{"$username:$domain"}[5];
+ if (!&canmodify($usec)) {
+ push(@notallowed,"$username:$domain");
+ next;
+ }
my %grades;
foreach my $dest (keys(%fields)) {
if ($dest eq 'username' || $dest eq 'domain') { next; }
@@ -2433,9 +2463,14 @@ sub csvuploadassign {
}
$request->print("<br />Stored $countdone students\n");
if (@skipped) {
- $request->print('<br /><font size="+1"><b>Skipped Students</b></font><br />');
- foreach my $student (@skipped) { $request->print("<br />$student"); }
+ $request->print('<p<font size="+1"><b>Skipped Students</b></font></p>');
+ foreach my $student (@skipped) { $request->print("$student<br />\n"); }
}
+ if (@notallowed) {
+ $request->print('<p><font size="+1" color="red"><b>Students Not Allowed to Modify</b></font></p>');
+ foreach my $student (@notallowed) { $request->print("$student<br />\n"); }
+ }
+ $request->print("<br />\n");
$request->print(&show_grading_menu_form($symb,$url));
return '';
}
@@ -3477,38 +3512,34 @@ sub handler {
delete($perm{'mgr'});
}
}
-# $Apache::lonxml::debug=1;
-# &Apache::lonxml::debug("command is $command");
- if ($command eq 'submission') {
+ if ($command eq 'submission' && $perm{'vgr'}) {
($ENV{'form.student'} eq '' ? &listStudents($request) : &submission($request,0,0));
} elsif ($command eq 'pickStudentPage' && $perm{'vgr'}) {
&pickStudentPage($request);
} elsif ($command eq 'displayPage' && $perm{'vgr'}) {
&displayPage($request);
- } elsif ($command eq 'gradeByPage') {
+ } elsif ($command eq 'gradeByPage' && $perm{'mgr'}) {
&updateGradeByPage($request);
- } elsif ($command eq 'processGroup') {
+ } elsif ($command eq 'processGroup' && $perm{'vgr'}) {
&processGroup($request);
- } elsif ($command eq 'gradingmenu') {
+ } elsif ($command eq 'gradingmenu' && $perm{'vgr'}) {
$request->print(&gradingmenu($request));
- } elsif ($command eq 'viewgrades') {
+ } elsif ($command eq 'viewgrades' && $perm{'vgr'}) {
$request->print(&viewgrades($request));
- } elsif ($command eq 'handgrade') {
+ } elsif ($command eq 'handgrade' && $perm{'mgr'}) {
$request->print(&processHandGrade($request));
- } elsif ($command eq 'editgrades') {
+ } elsif ($command eq 'editgrades' && $perm{'mgr'}) {
$request->print(&editgrades($request));
- } elsif ($command eq 'verify') {
+ } elsif ($command eq 'verify' && $perm{'vgr'}) {
$request->print(&verifyreceipt($request));
- } elsif ($command eq 'csvform') {
+ } elsif ($command eq 'csvform' && $perm{'mgr'}) {
$request->print(&upcsvScores_form($request));
- } elsif ($command eq 'csvupload') {
+ } elsif ($command eq 'csvupload' && $perm{'mgr'}) {
$request->print(&csvupload($request));
- } elsif ($command eq 'viewclasslist') {
- $request->print(&viewclasslist($request));
- } elsif ($command eq 'csvuploadmap') {
+ } elsif ($command eq 'csvuploadmap' && $perm{'mgr'} ) {
$request->print(&csvuploadmap($request));
- } elsif ($command eq 'csvuploadassign') {
+ } elsif ($command eq 'csvuploadassign' && $perm{'mgr'}) {
if ($ENV{'form.associate'} ne 'Reverse Association') {
$request->print(&csvuploadassign($request));
} else {
@@ -3519,12 +3550,12 @@ sub handler {
}
$request->print(&csvuploadmap($request));
}
- } elsif ($command eq 'scantron_selectphase') {
+ } elsif ($command eq 'scantron_selectphase' && $perm{'mgr'}) {
$request->print(&scantron_selectphase($request));
- } elsif ($command eq 'scantron_process') {
+ } elsif ($command eq 'scantron_process' && $perm{'mgr'}) {
$request->print(&scantron_process_students($request));
- } else {
- $request->print("Unknown action: $command:");
+ } elsif ($command) {
+ $request->print("Access Denied");
}
}
&send_footer($request);