--- loncom/homework/grades.pm 2003/04/21 18:39:43 1.86 +++ loncom/homework/grades.pm 2003/06/21 00:39:46 1.106 @@ -1,7 +1,7 @@ # The LearningOnline Network with CAPA # The LON-CAPA Grading handler # -# $Id: grades.pm,v 1.86 2003/04/21 18:39:43 ng Exp $ +# $Id: grades.pm,v 1.106 2003/06/21 00:39:46 albertel Exp $ # # Copyright Michigan State University Board of Trustees # @@ -46,6 +46,10 @@ use Apache::lonhomework; use Apache::loncoursedata; use Apache::lonmsg qw(:user_normal_msg); use Apache::Constants qw(:common); +use String::Similarity; + +my %oldessays=(); +my %perm=(); # ----- These first few routines are general use routines.---- # @@ -132,53 +136,60 @@ sub getclasslist { } } $section = ($section ne '' ? $section : 'no'); - if ($getsec eq 'all' || $getsec eq $section) { - $sections{$section}++; - $fullnames{$_}=$fullname; - } else { - delete($classlist->{$_}); - } + if (&canview($section)) { + if ($getsec eq 'all' || $getsec eq $section) { + $sections{$section}++; + $fullnames{$_}=$fullname; + } else { + delete($classlist->{$_}); + } + } else { + delete($classlist->{$_}); + } } my %seen = (); my @sections = sort(keys(%sections)); return ($classlist,\@sections,\%fullnames); } -#find user domain -sub finduser { - my ($name) = @_; - my $domain = ''; - if ( $Apache::grades::viewgrades eq 'F' ) { - my %classlist=&Apache::lonnet::dump('classlist', - $ENV{'course.'.$ENV{'request.course.id'}.'.domain'}, - $ENV{'course.'.$ENV{'request.course.id'}.'.num'}); - my (@fields) = grep /^$name:/, keys %classlist; - ($name, $domain) = split(/:/,$fields[0]); - return ($name,$domain); - } else { - return ($ENV{'user.name'},$ENV{'user.domain'}); +sub canmodify { + my ($sec)=@_; + if ($perm{'mgr'}) { + if (!defined($perm{'mgr_section'})) { + # can modify whole class + return 1; + } else { + if ($sec eq $perm{'mgr_section'}) { + #can modify the requested section + return 1; + } else { + # can't modify the request section + return 0; + } + } } + #can't modify + return 0; } -#--- Prompts a user to enter a username. -sub moreinfo { - my ($request,$reason) = @_; - $request->print("Unable to process request: $reason"); - if ( $Apache::grades::viewgrades eq 'F' ) { - $request->print('
'."\n"); - if ($ENV{'form.url'}) { - $request->print(''."\n"); - } - if ($ENV{'form.symb'}) { - $request->print(''."\n"); - } - $request->print(''."\n"); - $request->print("Student:".''."
\n"); - $request->print("Domain:".''."
\n"); - $request->print(''."
\n"); - $request->print('
'); +sub canview { + my ($sec)=@_; + if ($perm{'vgr'}) { + if (!defined($perm{'vgr_section'})) { + # can modify whole class + return 1; + } else { + if ($sec eq $perm{'vgr_section'}) { + #can modify the requested section + return 1; + } else { + # can't modify the request section + return 0; + } + } } - return ''; + #can't modify + return 0; } #--- Retrieve the grade status of a student for all the parts @@ -221,6 +232,50 @@ sub jscriptNform { } #------------------ End of general use routines -------------------- + +# +# Find most similar essay +# + +sub most_similar { + my ($uname,$udom,$uessay)=@_; + +# ignore spaces and punctuation + + $uessay=~s/\W+/ /gs; + +# these will be returned. Do not care if not at least 50 percent similar + my $limit=0.6; + my $sname=''; + my $sdom=''; + my $scrsid=''; + my $sessay=''; +# go through all essays ... + foreach my $tkey (keys %oldessays) { + my ($tname,$tdom,$tcrsid)=split(/\./,$tkey); +# ... except the same student + if (($tname ne $uname) || ($tdom ne $udom)) { + my $tessay=$oldessays{$tkey}; + $tessay=~s/\W+/ /gs; +# String similarity gives up if not even limit + my $tsimilar=&String::Similarity::similarity($uessay,$tessay,$limit); +# Found one + if ($tsimilar>$limit) { + $limit=$tsimilar; + $sname=$tname; + $sdom=$tdom; + $scrsid=$tcrsid; + $sessay=$oldessays{$tkey}; + } + } + } + if ($limit>0.6) { + return ($sname,$sdom,$scrsid,$sessay,$limit); + } else { + return ('','','','',0); + } +} + #------------------------------------------------------------------- #------------------------------------ Receipt Verification Routines @@ -399,7 +454,7 @@ LISTJAVASCRIPT next if ($statusflg eq '' && $submitonly eq 'yes'); $ctr++; - if ( $Apache::grades::viewgrades eq 'F' ) { + if ( $perm{'vgr'} eq 'F' ) { $gradeTable.=''. ''."\n". @@ -419,8 +474,13 @@ LISTJAVASCRIPT 'onClick="javascript:checkSelect(this.form.stuinfo);" '. 'value="'.$viewgrade.'" />'."\n"; if ($ctr == 0) { - $gradeTable='
 '. - 'No submission found for this resource.
'; + my $num_students=(scalar(keys(%$fullname))); + if ($num_students eq 0) { + $gradeTable='
 There are no students currently enrolled.'; + } else { + $gradeTable='
 '. + 'No submissions found for this resource for any students. ('.$num_students.' checked for submissions
'; + } } elsif ($ctr == 1) { $gradeTable =~ s/type=checkbox/type=checkbox checked/; } @@ -998,11 +1058,18 @@ sub submission { (my $url=$ENV{'form.url'})=~s-^http://($ENV{'SERVER_NAME'}|$ENV{'HTTP_HOST'})--; my ($uname,$udom) = ($ENV{'form.student'},$ENV{'form.userdom'}); - ($uname,$udom) = &finduser($uname) if $udom eq ''; + my $usec = &Apache::lonnet::getsection($udom,$uname,$ENV{'request.course.id'}); $ENV{'form.fullname'} = &get_fullname ($uname,$udom) if $ENV{'form.fullname'} eq ''; my $symb=($ENV{'form.symb'} ne '' ? $ENV{'form.symb'} : (&Apache::lonnet::symbread($url))); if ($symb eq '') { $request->print("Unable to handle ambiguous references:$url:."); return ''; } + + if (!&canview($usec)) { + $request->print('Unable to view requested student.('.$uname.$udom.$usec.$ENV{'request.course.id'}.')'); + $request->print(&show_grading_menu_form($symb,$url)); + return; + } + my $last = ($ENV{'form.lastSub'} eq 'last' ? 'last' : ''); # header info @@ -1075,6 +1142,9 @@ sub submission { $request->print($prnmsg); if ($ENV{'form.handgrade'} eq 'yes' && $ENV{'form.showgrading'} eq 'yes') { +# +# Print out the keyword options line +# $request->print(<Keyword Options:  List    @@ -1082,6 +1152,14 @@ sub submission { CLASS="page">Paste Selection to List    Highlight Attribute

KEYWORDS +# +# Load the other essays for similarity check +# + my $essayurl=&Apache::lonnet::declutter($url); + my ($adom,$aname,$apath)=($essayurl=~/^(\w+)\/(\w+)\/(.*)$/); + $apath=&Apache::lonnet::escape($apath); + $apath=~s/\W/\_/gs; + %oldessays=&Apache::lonnet::dump('nohist_essay_'.$apath,$adom,$aname); } } @@ -1189,6 +1267,15 @@ KEYWORDS my ($partid,$respid) = /^resource\.(\d+)\.(\d+)\.submission/; if ($part eq ($partid.'_'.$respid)) { my ($ressub,$subval) = split(/:/,$_,2); +# Similarity check + my $similar=''; + my ($oname,$odom,$ocrsid,$oessay,$osim)=&most_similar($uname,$udom,$subval); + if ($osim) { + $osim=int($osim*100.0); + $similar='

Essay is '.$osim.'% similar to an essay by '.&Apache::loncommon::plainname($oname,$odom). + '

'. + &keywords_highlight($oessay).'

'; + } $lastsubonly.='Part '. $partid.' ( ID '.$respid. ' )   '. @@ -1196,8 +1283,8 @@ KEYWORDS ' File uploaded by student Like all files provided by users, this file may contain virusses
':''). - 'Answer: '. - &keywords_highlight($subval).''."\n" + 'Answer:
'. + &keywords_highlight($subval).'

 '.$similar.''."\n" if ($ENV{'form.lastSub'} eq 'lastonly' || ($ENV{'form.lastSub'} eq 'hdgrade' && $$handgrade{$part} =~ /:yes$/)); @@ -1216,7 +1303,7 @@ KEYWORDS } # return if view submission with no grading option - if ($ENV{'form.showgrading'} eq '') { + if ($ENV{'form.showgrading'} eq '' || (!&canmodify($usec))) { $request->print(''."\n"); $request->print(&show_grading_menu_form($symb,$url)) if (($ENV{'form.command'} eq 'submission') || @@ -1235,7 +1322,7 @@ KEYWORDS my $lastone = pop @col_fullnames; $msgfor .= ', '.(join ', ',@col_fullnames).' and '.$lastone.'.'; } - $msgfor =~ s/\'/\\'/g; #\' + $msgfor =~ s/\'/\\'/g; #' stupid emacs $result.=''."\n". ' '. @@ -1360,6 +1447,11 @@ sub processHandGrade { $ctr++; next; } + if ($errorflag eq 'not_allowed') { + $request->print("Not allowed to modify grades for $uname:$udom"); + $ctr++; + next; + } my $includemsg = $ENV{'form.includemsg'.$ctr}; my ($subject,$message,$msgstatus) = ('','',''); if ($includemsg =~ /savemsg|newmsg\Q$ctr\E/) { @@ -1379,12 +1471,16 @@ sub processHandGrade { if ($ENV{'form.collaborator'.$ctr}) { my (@collaborators) = split(/:/,$ENV{'form.collaborator'.$ctr}); foreach (@collaborators) { - &saveHandGrade($request,$url,$symb,$_,$udom,$ctr, - $ENV{'form.unamedom'.$ctr}); - if ($message ne '') { - $msgstatus = &Apache::lonmsg::user_normal_msg ($_,$udom, - $ENV{'form.msgsub'}, - $message); + my ($errorflag,$pts,$wgt) = &saveHandGrade($request,$url,$symb,$_,$udom,$ctr,$ENV{'form.unamedom'.$ctr}); + if ($errorflag eq 'not_allowed') { + $request->print("Not allowed to modify grades for $_:$udom"); + next; + } else { + if ($message ne '') { + $msgstatus = &Apache::lonmsg::user_normal_msg ($_,$udom, + $ENV{'form.msgsub'}, + $message); + } } } } @@ -1517,6 +1613,9 @@ sub processHandGrade { #---- Save the score and award for each student, if changed sub saveHandGrade { my ($request,$url,$symb,$stuname,$domain,$newflg,$submitter) = @_; + my $usec = &Apache::lonnet::getsection($domain,$stuname, + $ENV{'request.course.id'}); + if (!&canmodify($usec)) { return('not_allowed'); } my %record = &Apache::lonnet::restore($symb,$ENV{'request.course.id'},$domain,$stuname); my %newrecord = (); my ($pts,$wgt) = ('',''); @@ -1846,7 +1945,8 @@ sub viewgrades { my (undef,undef,$fullname) = &getclasslist($ENV{'form.section'},'1'); my $ctr = 0; foreach (sort {lc($$fullname{$a}) cmp lc($$fullname{$b}) } keys %$fullname) { - my ($uname,$udom) = split(/:/); + my $uname = $_; + $uname=~s/:/_/; $result.=''."\n"; $result.=&viewstudentgrade($url,$symb,$ENV{'request.course.id'}, $_,$$fullname{$_},\@parts,\%weight); @@ -1856,6 +1956,10 @@ sub viewgrades { $result.=''."\n"; $result.=''."\n"; + if (scalar(%$fullname) eq 0) { + my $colspan=3+scalar(@parts); + $result='There are no students in section "'.$ENV{'form.section'}.'" with enrollment status "'.$ENV{'form.status'}.'" to modify or grade.'; + } $result.=&show_grading_menu_form($symb,$url); return $result; } @@ -1864,6 +1968,7 @@ sub viewgrades { sub viewstudentgrade { my ($url,$symb,$courseid,$student,$fullname,$parts,$weight) = @_; my ($uname,$udom) = split(/:/,$student); + $student=~s/:/_/; my %record=&Apache::lonnet::restore($symb,$courseid,$udom,$uname); my $result=''. ''."\n"; + 'GD_'.$student.'_'.$part.'_awarded_s" value="'.$pts.'" />'."\n"; $result.=''."\n"; } elsif ($type eq 'solved') { my ($status,$foo)=split(/_/,$score,2); $status = 'nothing' if ($status eq ''); - $result.=''."\n"; $result.='\n"; } else { $result.=''. + 'GD_'.$student.'_'.$part.'_'.$type.'_s" value="'.$score.'" />'. "\n"; $result.=''."\n"; } } @@ -1918,7 +2023,7 @@ sub editgrades { $title.='Section: '.$ENV{'form.section'}.''."\n"; my $result= '
'."\n"; $result.= ''. - ''."\n"; + ''."\n"; my %scoreptr = ( 'correct' =>'correct_by_override', @@ -1966,16 +2071,24 @@ sub editgrades { $result .= ''; $result .= $header; $result .= ''."\n"; - + my $noupdate; for ($i=0; $i<$ENV{'form.total'}; $i++) { + my $line; my $user = $ENV{'form.ctr'.$i}; + my $usercolon = $user; + $usercolon =~s/_/:/; + my ($uname,$udom)=split(/_/,$user); my %newrecord; my $updateflag = 0; - my @userdom = grep /^$user:/,keys %$classlist; - my (undef,$udom) = split(/:/,$userdom[0]); - - $result .= ''; + $line .= ''; + my $usec=%$classlist->{"$uname:$udom"}[5]; + if (!&canmodify($usec)) { + my $numcols=scalar(@partid)*(scalar(@parts)-1)*2; + $noupdate.=$line.""; + next; + } foreach (@partid) { my $old_aw = $ENV{'form.GD_'.$user.'_'.$_.'_awarded_s'}; my $old_part_pcr = $old_aw/($weight{$_} ne '0' ? $weight{$_}:1); @@ -1995,7 +2108,7 @@ sub editgrades { } $score = 'excused' if (($ENV{'form.GD_'.$user.'_'.$_.'_solved'} eq 'excused') && ($score ne 'excused')); - $result .= ''. + $line .= ''. ''; @@ -2018,17 +2131,24 @@ sub editgrades { $newrecord{'resource.'.$part.'regrader'}="$ENV{'user.name'}:$ENV{'user.domain'}"; $updateflag=1; } - $result .= ''. + $line .= ''. ''; } } - $result .= ''."\n"; + $line.=''."\n"; if ($updateflag) { $count++; &Apache::lonnet::cstore(\%newrecord,$symb,$ENV{'request.course.id'}, - $udom,$user); + $udom,$uname); + $result.=$line; + } else { + $noupdate.=$line; } } + if ($noupdate) { + my $numcols=(scalar(@partid)*(scalar(@parts)-1)*2)+3; + $result .= ''.$noupdate; + } $result .= '
UsernameFullnameUsernameDomainFullname
'.$user.' '. - $$fullname{$userdom[0]}.' 
'.$uname.' '. + $udom.' '. + $$fullname{$usercolon}.' Not allowed to modify student
'.$old_aw.' '.$old_aw.' '.$awarded. ($score eq 'excused' ? $score : '').' '.$old_aw.' '.$old_aw.' '.$awarded.' 
No Changes Occured For the Students Below
'."\n". &show_grading_menu_form ($symb,$url); my $msg = 'Number of records updated = '.$rec_update. @@ -2230,7 +2350,7 @@ CSVFORMJS $result.=''."\n"; my $upfile_select=&Apache::loncommon::upfile_select_html(); $result.=< +
@@ -2308,7 +2428,8 @@ sub csvuploadassign { } $request->print('

Assigning Grades

'); my $courseid=$ENV{'request.course.id'}; - my ($classlist) = &getclasslist('all','1'); + my ($classlist) = &getclasslist('all',0); + my @notallowed; my @skipped; my $countdone=0; foreach my $grade (@gradedata) { @@ -2319,6 +2440,11 @@ sub csvuploadassign { push(@skipped,"$username:$domain"); next; } + my $usec=%$classlist->{"$username:$domain"}[5]; + if (!&canmodify($usec)) { + push(@notallowed,"$username:$domain"); + next; + } my %grades; foreach my $dest (keys(%fields)) { if ($dest eq 'username' || $dest eq 'domain') { next; } @@ -2337,10 +2463,14 @@ sub csvuploadassign { } $request->print("
Stored $countdone students\n"); if (@skipped) { - $request->print('
Skipped Students
'); - foreach my $student (@skipped) { $request->print("
$student"); } + $request->print('Skipped Students

'); + foreach my $student (@skipped) { $request->print("$student
\n"); } + } + if (@notallowed) { + $request->print('

Students Not Allowed to Modify

'); + foreach my $student (@notallowed) { $request->print("$student
\n"); } } - $request->print(&view_edit_entire_class_form($symb,$url)); + $request->print("
\n"); $request->print(&show_grading_menu_form($symb,$url)); return ''; } @@ -2437,6 +2567,7 @@ LISTJAVASCRIPT ' all details'."\n"; $result.=''."\n". + ''."\n". ''."\n". ''."\n". ''."\n". @@ -2511,15 +2642,14 @@ sub getSymbMap { my $countProblems = 0; $mapiterator->next(); # skip the first BEGIN_MAP my $mapcurRes = $mapiterator->next(); # for "current resource" - my $ctr=0; - while ($mapdepth > 0 && $ctr < 100) { + while ($mapdepth > 0) { if($mapcurRes == $mapiterator->BEGIN_MAP) { $mapdepth++; } - if($mapcurRes == $mapiterator->END_MAP) { $mapdepth++; } + if($mapcurRes == $mapiterator->END_MAP) { $mapdepth--; } if (ref($mapcurRes) && $mapcurRes->is_problem() && !$mapcurRes->randomout) { $countProblems++; } - $ctr++; + $mapcurRes = $mapiterator->next(); } if ($countProblems > 0) { my $title = $curRes->compTitle(); @@ -2545,9 +2675,14 @@ sub displayPage { my $cnum = $ENV{"course.$ENV{'request.course.id'}.num"}; my $getsec = $ENV{'form.section'} eq '' ? 'all' : $ENV{'form.section'}; my $pageTitle = $ENV{'form.page'}; - my (undef,undef,$fullname) = &getclasslist($getsec,'1'); + my ($classlist,undef,$fullname) = &getclasslist($getsec,'1'); my ($uname,$udom) = split(/:/,$ENV{'form.student'}); - + my $usec=$classlist->{$ENV{'form.student'}}[5]; + if (!&canview($usec)) { + $request->print('Unable to view requested student.('.$ENV{'form.student'}.')'); + $request->print(&show_grading_menu_form($symb,$url)); + return; + } my $result='

 '.$ENV{'form.title'}.'

'; $result.='

 Student: '.$$fullname{$ENV{'form.student'}}. ' ('.$uname.($udom eq $cdom ? '':':'.$udom).')

'."\n"; @@ -2582,16 +2717,15 @@ sub displayPage { ' No '. ' '.($ENV{'form.vProb'} eq 'no' ? 'Title' : 'Problem View').'/Grade'; - my ($depth,$ctr,$question) = (1,0,1); + my ($depth,$question) = (1,1); $iterator->next(); # skip the first BEGIN_MAP my $curRes = $iterator->next(); # for "current resource" - while ($depth > 0 && $ctr < 100) { # ctr, just in case it never gets out of loop + while ($depth > 0) { if($curRes == $iterator->BEGIN_MAP) { $depth++; } - if($curRes == $iterator->END_MAP) { $depth++; } + if($curRes == $iterator->END_MAP) { $depth--; } if (ref($curRes) && $curRes->is_problem() && !$curRes->randomout) { my $parts = $curRes->parts(); - $parts = &temp_parts_fix($parts); # remove line when lonnavmap is fixed my $title = $curRes->compTitle(); my $symbx = $curRes->symb(); $studentTable.=''.$question. @@ -2661,19 +2795,21 @@ sub displayPage { '','.submission'); } - - foreach my $partid (@{$parts}) { - $studentTable.=&gradeBox($request,$symbx,$uname,$udom,$question,$partid,\%record); - $studentTable.=''."\n"; - $question++; + if (&canmodify($usec)) { + foreach my $partid (@{$parts}) { + $studentTable.=&gradeBox($request,$symbx,$uname,$udom,$question,$partid,\%record); + $studentTable.=''."\n"; + $question++; + } } $studentTable.=''; - } + } $curRes = $iterator->next(); - $ctr++; } + $navmap->untieHashes(); + $studentTable.=''."\n". '  '. @@ -2684,18 +2820,6 @@ sub displayPage { return ''; } -sub temp_parts_fix { #remove sub once lonnavmap is fixed - my $parts = shift; - my %seen = (); - my @correctParts = (); - foreach (@{$parts}) { - next if ($seen{$_} > 0); - $seen{$_}++; - push @correctParts,$_; - } - return \@correctParts; -} - sub updateGradeByPage { my ($request) = shift; @@ -2703,9 +2827,14 @@ sub updateGradeByPage { my $cnum = $ENV{"course.$ENV{'request.course.id'}.num"}; my $getsec = $ENV{'form.section'} eq '' ? 'all' : $ENV{'form.section'}; my $pageTitle = $ENV{'form.page'}; - my (undef,undef,$fullname) = &getclasslist($getsec,'1'); + my ($classlist,undef,$fullname) = &getclasslist($getsec,'1'); my ($uname,$udom) = split(/:/,$ENV{'form.student'}); - + my $usec=$classlist->{$ENV{'form.student'}}[5]; + if (!&canmodify($usec)) { + $request->print('Unable to modify requested student.('.$ENV{'form.student'}.''); + $request->print(&show_grading_menu_form($ENV{'form.symb'},$ENV{'form.url'})); + return; + } my $result='

 '.$ENV{'form.title'}.'

'; $result.='

 Student: '.$$fullname{$ENV{'form.student'}}. ' ('.$uname.($udom eq $cdom ? '':':'.$udom).')

'."\n"; @@ -2729,14 +2858,13 @@ sub updateGradeByPage { $iterator->next(); # skip the first BEGIN_MAP my $curRes = $iterator->next(); # for "current resource" - my ($depth,$ctr,$question,$changeflag)= (1,0,1,0); - while ($depth > 0 && $ctr < 100) { # ctr, just in case it never gets out of loop + my ($depth,$question,$changeflag)= (1,1,0); + while ($depth > 0) { if($curRes == $iterator->BEGIN_MAP) { $depth++; } - if($curRes == $iterator->END_MAP) { $depth++; } + if($curRes == $iterator->END_MAP) { $depth--; } if (ref($curRes) && $curRes->is_problem() && !$curRes->randomout) { my $parts = $curRes->parts(); - $parts = &temp_parts_fix($parts); # remove line when lonnavmap is fixed my $title = $curRes->compTitle(); my $symbx = $curRes->symb(); $studentTable.=''.$question. @@ -2793,9 +2921,10 @@ sub updateGradeByPage { } $curRes = $iterator->next(); - $ctr++; } + $navmap->untieHashes(); + $studentTable.=''; $studentTable.=&show_grading_menu_form($ENV{'form.symb'},$ENV{'form.url'}); my $grademsg=($changeflag == 0 ? 'No score was changed or updated.' : @@ -3323,7 +3452,8 @@ GRADINGMENUJS sub handler { my $request=$_[0]; - + + undef(%perm); if ($ENV{'browser.mathml'}) { $request->content_type('text/xml'); } else { @@ -3352,15 +3482,14 @@ sub handler { if ($tsymb) { my ($map,$id,$url)=split(/\_\_\_/,$tsymb); if (&Apache::lonnet::allowed('mgr',$tcrsid)) { - $request->print( - &Apache::lonnet::ssi('/res/'.$url, - ('grade_username' => $tuname, - 'grade_domain' => $tudom, - 'grade_courseid' => $tcrsid, - 'grade_symb' => $tsymb))); + $request->print(&Apache::lonnet::ssi_body('/res/'.$url, + ('grade_username' => $tuname, + 'grade_domain' => $tudom, + 'grade_courseid' => $tcrsid, + 'grade_symb' => $tsymb))); } else { $request->print('

Not authorized: '.$token.'

'); - } + } } else { $request->print('

Not a valid DocID: '.$token.'

'); } @@ -3369,36 +3498,48 @@ sub handler { } } } else { - $Apache::grades::viewgrades=&Apache::lonnet::allowed('vgr',$ENV{'request.course.id'}); - if ($command eq 'submission') { + if (!($perm{'vgr'}=&Apache::lonnet::allowed('vgr',$ENV{'request.course.id'}))) { + if ($perm{'vgr'}=&Apache::lonnet::allowed('vgr',$ENV{'request.course.id'}.'/'.$ENV{'request.course.sec'})) { + $perm{'vgr_section'}=$ENV{'request.course.sec'}; + } else { + delete($perm{'vgr'}); + } + } + if (!($perm{'mgr'}=&Apache::lonnet::allowed('mgr',$ENV{'request.course.id'}))) { + if ($perm{'mgr'}=&Apache::lonnet::allowed('mgr',$ENV{'request.course.id'}.'/'.$ENV{'request.course.sec'})) { + $perm{'mgr_section'}=$ENV{'request.course.sec'}; + } else { + delete($perm{'mgr'}); + } + } + + if ($command eq 'submission' && $perm{'vgr'}) { ($ENV{'form.student'} eq '' ? &listStudents($request) : &submission($request,0,0)); - } elsif ($command eq 'pickStudentPage') { + } elsif ($command eq 'pickStudentPage' && $perm{'vgr'}) { &pickStudentPage($request); - } elsif ($command eq 'displayPage') { + } elsif ($command eq 'displayPage' && $perm{'vgr'}) { &displayPage($request); - } elsif ($command eq 'gradeByPage') { + } elsif ($command eq 'gradeByPage' && $perm{'mgr'}) { &updateGradeByPage($request); - } elsif ($command eq 'processGroup') { + } elsif ($command eq 'processGroup' && $perm{'vgr'}) { &processGroup($request); - } elsif ($command eq 'gradingmenu') { + } elsif ($command eq 'gradingmenu' && $perm{'vgr'}) { $request->print(&gradingmenu($request)); - } elsif ($command eq 'viewgrades') { + } elsif ($command eq 'viewgrades' && $perm{'vgr'}) { $request->print(&viewgrades($request)); - } elsif ($command eq 'handgrade') { + } elsif ($command eq 'handgrade' && $perm{'mgr'}) { $request->print(&processHandGrade($request)); - } elsif ($command eq 'editgrades') { + } elsif ($command eq 'editgrades' && $perm{'mgr'}) { $request->print(&editgrades($request)); - } elsif ($command eq 'verify') { + } elsif ($command eq 'verify' && $perm{'vgr'}) { $request->print(&verifyreceipt($request)); - } elsif ($command eq 'csvform') { + } elsif ($command eq 'csvform' && $perm{'mgr'}) { $request->print(&upcsvScores_form($request)); - } elsif ($command eq 'csvupload') { + } elsif ($command eq 'csvupload' && $perm{'mgr'}) { $request->print(&csvupload($request)); - } elsif ($command eq 'viewclasslist') { - $request->print(&viewclasslist($request)); - } elsif ($command eq 'csvuploadmap') { + } elsif ($command eq 'csvuploadmap' && $perm{'mgr'} ) { $request->print(&csvuploadmap($request)); - } elsif ($command eq 'csvuploadassign') { + } elsif ($command eq 'csvuploadassign' && $perm{'mgr'}) { if ($ENV{'form.associate'} ne 'Reverse Association') { $request->print(&csvuploadassign($request)); } else { @@ -3409,12 +3550,12 @@ sub handler { } $request->print(&csvuploadmap($request)); } - } elsif ($command eq 'scantron_selectphase') { + } elsif ($command eq 'scantron_selectphase' && $perm{'mgr'}) { $request->print(&scantron_selectphase($request)); - } elsif ($command eq 'scantron_process') { + } elsif ($command eq 'scantron_process' && $perm{'mgr'}) { $request->print(&scantron_process_students($request)); - } else { - $request->print("Unknown action: $command:"); + } elsif ($command) { + $request->print("Access Denied"); } } &send_footer($request);