version 1.11, 2003/06/18 19:44:22
|
version 1.16, 2003/07/16 13:52:19
|
Line 238 sub handler {
|
Line 238 sub handler {
|
$name = $ENV{'form.sname'}; |
$name = $ENV{'form.sname'}; |
$domain = $ENV{'form.sdomain'}; |
$domain = $ENV{'form.sdomain'}; |
} |
} |
# |
|
# Open page, try to prevent browser cache. |
|
# |
|
$r->content_type('text/html'); |
|
$r->header_out('Cache-control','no-cache'); |
|
$r->header_out('Pragma','no-cache'); |
|
$r->send_http_header; |
|
## |
## |
## Check permissions |
## Check permissions |
my $allowed_to_edit = &Apache::lonnet::allowed('mgr', |
my $allowed_to_edit = &Apache::lonnet::allowed('mgr', |
$ENV{'request.course.id'}); |
$ENV{'request.course.id'}); |
|
# Only those instructors/tas/whatevers with complete access |
|
# (not section restricted) are able to modify spreadsheets. |
my $allowed_to_view = &Apache::lonnet::allowed('vgr', |
my $allowed_to_view = &Apache::lonnet::allowed('vgr', |
$ENV{'request.course.id'}); |
$ENV{'request.course.id'}); |
|
if (! $allowed_to_view) { |
|
$allowed_to_view = &Apache::lonnet::allowed('vgr', |
|
$ENV{'request.course.id'}.'/'.$ENV{'request.course.sec'}); |
|
# Those who are restricted by section are allowed to view. |
|
# The routines in lonstatistics which decide which students' |
|
# will be shown take care of the restriction by section. |
|
} |
# |
# |
# Only those able to view others grades will be allowed to continue |
# Only those able to view others grades will be allowed to continue |
# if they are not requesting their own. |
# if they are not requesting their own. |
if (($sheettype eq 'classcalc') || |
if ($sheettype eq 'classcalc') { |
($name ne $ENV{'user.name'} ) || |
|
($domain ne $ENV{'user.domain'})) { |
|
if (! $allowed_to_view) { |
if (! $allowed_to_view) { |
$r->print('<h1>Access Permission Denied</h1>'. |
$ENV{'user.error.msg'}= |
'</form></body></html>'); |
$r->uri.":vgr:0:0:Access Permission Denied"; |
return OK; |
return HTTP_NOT_ACCEPTABLE; |
|
} |
|
} |
|
if ((($name ne $ENV{'user.name'} ) || |
|
($domain ne $ENV{'user.domain'})) && $sheettype ne 'classcalc') { |
|
# Check that the student is in their section? |
|
if (exists($ENV{'request.course.sec'}) && |
|
$ENV{'request.course.sec'} ne '' ) { |
|
my $stu_sec = &Apache::lonnet::usection($domain,$name, |
|
$ENV{'request.course.id'}); |
|
if ($stu_sec ne $ENV{'request.course.sec'}) { |
|
$ENV{'user.error.msg'}= |
|
$r->uri.":vgr:0:0:Requested student not in your section."; |
|
return HTTP_NOT_ACCEPTABLE; |
|
} |
} |
} |
} |
} |
|
|
|
# |
|
# Open page, try to prevent browser cache. |
|
# |
|
$r->content_type('text/html'); |
|
&Apache::loncommon::no_cache($r); |
|
$r->send_http_header; |
|
|
# |
# |
# Header.... |
# Header.... |
# |
# |
Line 376 ENDSCRIPT
|
Line 397 ENDSCRIPT
|
} |
} |
$r->print('<table><tr><td>'.$spreadsheet->html_header().'</td>'. |
$r->print('<table><tr><td>'.$spreadsheet->html_header().'</td>'. |
'<td valign="bottom">'.$html."</td></tr></table>\n"); |
'<td valign="bottom">'.$html."</td></tr></table>\n"); |
$r->print(<<END); |
if ($action_message ne '') { |
|
$r->print(<<END); |
<table> |
<table> |
<tr><td valign="top"><b>Last Action:</b></td> |
<tr><td valign="top"><b>Last Action:</b></td> |
<td> </td> |
<td> </td> |
Line 384 ENDSCRIPT
|
Line 406 ENDSCRIPT
|
</tr> |
</tr> |
</table> |
</table> |
END |
END |
|
} |
$r->rflush(); |
$r->rflush(); |
} else { |
} else { |
$r->print('<table><tr><td>'.$spreadsheet->html_header(). |
$r->print('<table><tr><td>'.$spreadsheet->html_header(). |
Line 391 END
|
Line 414 END
|
} |
} |
$r->rflush(); |
$r->rflush(); |
# |
# |
if (! exists($ENV{'form.not_first_run'}) && $sheettype eq 'classcalc') { |
if ($sheettype eq 'classcalc') { |
$r->print('<input type="submit" value="Generate Spreadsheet" /><br />'); |
$r->print('<input type="submit" value="Generate Spreadsheet" /><br />'); |
} |
} |
# |
# |
Line 406 END
|
Line 429 END
|
if ($allowed_to_view || $allowed_to_edit) { |
if ($allowed_to_view || $allowed_to_edit) { |
$r->print($spreadsheet->parent_link()); |
$r->print($spreadsheet->parent_link()); |
} |
} |
|
$r->rflush(); |
$spreadsheet->display($r); |
$spreadsheet->display($r); |
} |
} |
$r->print('</form></body></html>'); |
$r->print('</form></body></html>'); |