Coach and download files if session is read only see BT#9233

1.9.x
Julio Montoya 10 years ago
parent 5d74663bae
commit 74c25067aa
  1. 6
      main/inc/ajax/model.ajax.php
  2. 6
      main/work/downloadfolder.inc.php
  3. 14
      main/work/student_work.php
  4. 17
      main/work/view.php
  5. 24
      main/work/work.lib.php
  6. 2
      main/work/work.php
  7. 4
      main/work/work_list_all.php

@ -214,7 +214,6 @@ switch ($action) {
case 'get_work_student':
require_once api_get_path(SYS_CODE_PATH).'work/work.lib.php';
$count = getWorkListStudent(0, $limit, $sidx, $sord, $whereCondition, true);
break;
case 'get_work_user_list_all':
require_once api_get_path(SYS_CODE_PATH).'work/work.lib.php';
@ -258,7 +257,7 @@ switch ($action) {
}
break;
case 'get_work_student_list_overview':
if (!api_is_allowed_to_edit()) {
if (!(api_is_allowed_to_edit() || api_is_coach())) {
return 0;
}
require_once api_get_path(SYS_CODE_PATH).'work/work.lib.php';
@ -588,7 +587,6 @@ switch ($action) {
'actions'
);
} else {
$columns = array(
'type',
'firstname',
@ -677,7 +675,7 @@ switch ($action) {
$result = get_exam_results_hotpotatoes_data($start, $limit, $sidx, $sord, $hotpot_path, $whereCondition);
break;
case 'get_work_student_list_overview':
if (!api_is_allowed_to_edit()) {
if (!(api_is_allowed_to_edit() || api_is_coach())) {
return array();
}
require_once api_get_path(SYS_CODE_PATH).'work/work.lib.php';

@ -10,14 +10,16 @@
$work_id = $_GET['id'];
require_once '../inc/global.inc.php';
$current_course_tool = TOOL_STUDENTPUBLICATION;
$_course = api_get_course_info();
//protection
// Protection
api_protect_course_script(true);
require_once 'work.lib.php';
$work_data = get_work_data_by_id($work_id);
$groupId = api_get_group_id();
if (empty($work_data)) {
exit;
}
@ -59,7 +61,7 @@ if (array_key_exists('filename', $work_data)) {
$filenameCondition = ", filename";
}
if (api_is_allowed_to_edit()) {
if (api_is_allowed_to_edit() || api_is_coach()) {
//Search for all files that are not deleted => visibility != 2
$sql = "SELECT DISTINCT
url,

@ -39,7 +39,7 @@ if (!empty($group_id)) {
} else {
// you are not a teacher
$show_work = GroupManager::user_has_access(
$user_id,
api_get_user_id(),
$group_id,
GroupManager::GROUP_TOOL_WORK
);
@ -58,7 +58,7 @@ if (!empty($group_id)) {
'name' => get_lang('GroupSpace').' '.$group_properties['name']
);
} else {
if (!api_is_allowed_to_edit(false, true)) {
if (!(api_is_allowed_to_edit() || api_is_coach())) {
api_not_allowed(true);
}
}
@ -178,8 +178,14 @@ foreach ($workPerUser as $work) {
$url = api_get_path(WEB_CODE_PATH).'work/download.php?'.api_get_cidreq().'&id='.$itemId;
$links .= Display::url(Display::return_icon('save.png', get_lang('Download')), $url);
}
$url = api_get_path(WEB_CODE_PATH).'work/edit.php?'.api_get_cidreq().'&item_id='.$itemId.'&id='.$workId.'&parent_id='.$workId;
$links .= Display::url(Display::return_icon('rate_work.png', get_lang('Comment')), $url);
if (api_is_allowed_to_edit()) {
$url = api_get_path(WEB_CODE_PATH).'work/edit.php?'.api_get_cidreq().'&item_id='.$itemId.'&id='.$workId.'&parent_id='.$workId;
$links .= Display::url(
Display::return_icon('rate_work.png', get_lang('Comment')),
$url
);
}
$table->setCellContents($row, $column, $links);

@ -35,14 +35,14 @@ $isDrhOfCourse = CourseManager::isUserSubscribedInCourseAsDrh(
$courseInfo
);
if ((user_is_author($id) || $isDrhOfCourse) ||
if ((user_is_author($id) || $isDrhOfCourse || (api_is_allowed_to_edit() || api_is_coach())) ||
(
$courseInfo['show_score'] == 0 &&
$work['active'] == 1 &&
$work['accepted'] == 1
)
) {
if (api_is_allowed_to_edit(null, true) || api_is_drh()) {
if ((api_is_allowed_to_edit() || api_is_coach()) || api_is_drh()) {
$url_dir = 'work_list_all.php?id='.$my_folder_data['id'];
} else {
$url_dir = 'work_list.php?id='.$my_folder_data['id'];
@ -51,8 +51,13 @@ if ((user_is_author($id) || $isDrhOfCourse) ||
$interbreadcrumb[] = array('url' => $url_dir, 'name' => $my_folder_data['title']);
$interbreadcrumb[] = array('url' => '#','name' => $work['title']);
//|| api_is_drh()
if (($courseInfo['show_score'] == 0 && $work['active'] == 1 && $work['accepted'] == 1) ||
(api_is_allowed_to_edit()) || user_is_author($id) || $isDrhOfCourse
if (($courseInfo['show_score'] == 0 &&
$work['active'] == 1 &&
$work['accepted'] == 1
) ||
(api_is_allowed_to_edit() || api_is_coach()) ||
user_is_author($id) ||
$isDrhOfCourse
) {
$action = isset($_REQUEST['action']) ? $_REQUEST['action'] : null;
switch ($action) {
@ -89,7 +94,9 @@ if ((user_is_author($id) || $isDrhOfCourse) ||
$tpl->assign('work', $work);
$tpl->assign('work_comment_enabled', ALLOW_USER_COMMENTS);
$tpl->assign('comments', $comments);
$tpl->assign('form', $commentForm);
if (api_is_allowed_to_session_edit()) {
$tpl->assign('form', $commentForm);
}
$tpl->assign('is_allowed_to_edit', api_is_allowed_to_edit());
$template = $tpl->get_template('work/view.tpl');

@ -1828,12 +1828,12 @@ function getWorkListTeacher(
) {
$workTable = Database::get_course_table(TABLE_STUDENT_PUBLICATION);
$workTableAssignment = Database::get_course_table(TABLE_STUDENT_PUBLICATION_ASSIGNMENT);
$courseInfo = api_get_course_info();
$course_id = api_get_course_int_id();
$session_id = api_get_session_id();
$condition_session = api_get_session_condition($session_id);
$group_id = api_get_group_id();
$is_allowed_to_edit = api_is_allowed_to_edit(null, true);
$is_allowed_to_edit = api_is_allowed_to_edit() || api_is_coach();
if (!in_array($direction, array('asc', 'desc'))) {
$direction = 'desc';
@ -1931,9 +1931,18 @@ function getWorkListTeacher(
);
}
$deleteUrl = api_get_path(WEB_CODE_PATH).'work/work.php?id='.$workId.'&action=delete_dir&'.api_get_cidreq();
$deleteLink = '<a href="#" onclick="showConfirmationPopup(this, \''.$deleteUrl.'\' ) " >'.
Display::return_icon('delete.png', get_lang('Delete'), array(), ICON_SIZE_SMALL).'</a>';
$deleteLink = '<a href="#" onclick="showConfirmationPopup(this, \'' . $deleteUrl . '\' ) " >' .
Display::return_icon(
'delete.png',
get_lang('Delete'),
array(),
ICON_SIZE_SMALL
) . '</a>';
if (!api_is_allowed_to_edit()) {
$deleteLink = null;
$editLink = null;
}
$work['actions'] = $downloadLink.$editLink.$deleteLink;
$works[] = $work;
}
@ -2184,7 +2193,7 @@ function get_work_user_list(
}
$work_data = get_work_data_by_id($work_id);
$is_allowed_to_edit = api_is_allowed_to_edit(null, true);
$is_allowed_to_edit = api_is_allowed_to_edit() || api_is_coach();
$condition_session = api_get_session_condition($session_id);
$locked = api_resource_is_locked_by_gradebook($work_id, LINK_STUDENTPUBLICATION);
@ -2377,7 +2386,7 @@ function get_work_user_list(
// Actions.
$action = '';
if ($is_allowed_to_edit) {
if (api_is_allowed_to_edit()) {
$action .= '<a href="'.$url.'view.php?'.api_get_cidreq().'&id='.$item_id.'" title="'.get_lang('View').'">'.
Display::return_icon('default.png', get_lang('View'),array(), ICON_SIZE_SMALL).'</a> ';
@ -3632,6 +3641,7 @@ function getWorkCommentForm($work)
$form->addElement('checkbox', 'send_mail', null, get_lang('SendMail'));
}
$form->addElement('button', 'button', get_lang('Send'));
return $form->return_form();
}

@ -289,7 +289,7 @@ switch ($action) {
get_lang('Description').':</strong><p>'.Security::remove_XSS($my_folder_data['description'], STUDENT).
'</p></div></p>';
}
if (api_is_allowed_to_edit()) {
if (api_is_allowed_to_edit() || api_is_coach()) {
// Work list
$content .= '<div class="row">';
$content .= '<div class="span9">';

@ -15,7 +15,7 @@ require_once 'work.lib.php';
$this_section = SECTION_COURSES;
$workId = isset($_GET['id']) ? intval($_GET['id']) : null;
$is_allowed_to_edit = api_is_allowed_to_edit();
$is_allowed_to_edit = api_is_allowed_to_edit() || api_is_coach();
if (empty($workId)) {
api_not_allowed(true);
@ -33,7 +33,7 @@ $isDrhOfCourse = CourseManager::isUserSubscribedInCourseAsDrh(
api_get_course_info()
);
if (!(api_is_allowed_to_edit() || $isDrhOfCourse)) {
if (!($is_allowed_to_edit || $isDrhOfCourse)) {
api_not_allowed(true);
}

Loading…
Cancel
Save