moodle/moodle
3
0
Fork 0
mirror of https://github.com/moodle/moodle.git synced 2025-08-06 01:16:44 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

MDL-10579 Implement capability checks in grade import/export/report/edit pages - work in progress

Browse source 
refactoring - reports now use real index.php
This commit is contained in:
skodak 2007-07-23 22:20:07 +00:00
parent 7229af7890
commit 65dd61bda6
12 changed files with 332 additions and 348 deletions
Download patch file Download diff file Expand all files Collapse all files

109
grade/report/grader/index.php
View file

@ -1,12 +1,38 @@
<?php // $Id$
/// This creates and handles the whole grader report interface, sans header and footer
///////////////////////////////////////////////////////////////////////////
// NOTICE OF COPYRIGHT //
// //
// Moodle - Modular Object-Oriented Dynamic Learning Environment //
// http://moodle.org //
// //
// Copyright (C) 1999 onwards Martin Dougiamas http://moodle.com //
// //
// This program is free software; you can redistribute it and/or modify //
// it under the terms of the GNU General Public License as published by //
// the Free Software Foundation; either version 2 of the License, or //
// (at your option) any later version. //
// //
// This program is distributed in the hope that it will be useful, //
// but WITHOUT ANY WARRANTY; without even the implied warranty of //
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the //
// GNU General Public License for more details: //
// //
// http://www.gnu.org/copyleft/gpl.html //
// //
///////////////////////////////////////////////////////////////////////////
require_once($CFG->dirroot.'/grade/report/grader/lib.php');
$gradeserror = array();
require_once '../../../config.php';
require_once $CFG->libdir.'/gradelib.php';
require_once $CFG->dirroot.'/grade/lib.php';
require_once $CFG->dirroot.'/grade/report/grader/lib.php';
$courseid = required_param('id'); // course id
$page = optional_param('page', 0, PARAM_INT); // active page
$perpageurl = optional_param('perpage', 0, PARAM_INT);
$edit = optional_param('edit', -1, PARAM_BOOL); // sticky editting mode
// get the params ($report, $courseid and $context are already set in grade/report.php)
$sortitemid = optional_param('sortitemid', 0, PARAM_ALPHANUM); // sort by which grade item
$action = optional_param('action', 0, PARAM_ALPHA);
$move = optional_param('move', 0, PARAM_INT);
@ -15,9 +41,64 @@ $target = optional_param('target', 0, PARAM_ALPHANUM);
$toggle = optional_param('toggle', NULL, PARAM_INT);
$toggle_type = optional_param('toggle_type', 0, PARAM_ALPHANUM);
/// basic access checks
if (!$course = get_record('course', 'id', $courseid)) {
print_error('nocourseid');
}
require_login($course);
$context = get_context_instance(CONTEXT_COURSE, $course->id);
require_capability('gradereport/grader:view', $context);
/// return tracking object
$gpr = new grade_plugin_return(array('type'=>'report', 'plugin'=>'grader', 'courseid'=>$courseid, 'page'=>$page));
/// last selected report session tracking
if (!isset($USER->grade_last_report)) {
$USER->grade_last_report = array();
}
$USER->grade_last_report[$course->id] = 'grader';
/// Build navigation
$strgrades = get_string('grades');
$reportname = get_string('modulename', 'gradereport_grader');
$navlinks = array(array('name'=>$strgrades, 'link'=>$CFG->wwwroot.'/grade/index.php?id='.$courseid, 'type'=>'misc'),
array('name'=>$reportname, 'link'=>'', 'type'=>'misc'));
$navigation = build_navigation($navlinks);
/// Build editing on/off buttons
if (!isset($USER->gradeediting)) {
$USER->gradeediting = 0;
}
if (($edit == 1) and confirm_sesskey()) {
$USER->gradeediting = 1;
} else if (($edit == 0) and confirm_sesskey()) {
$USER->gradeediting = 0;
}
// page params for the turn editting on
$options = $gpr->get_options();
$options['sesskey'] = sesskey();
if ($USER->gradeediting) {
$options['edit'] = 0;
$string = get_string('turneditingoff');
} else {
$options['edit'] = 1;
$string = get_string('turneditingon');
}
$buttons = print_single_button('index.php', $options, $string, 'get', '_self', true);
$gradeserror = array();
// Handle toggle change request
if (!is_null($toggle) && !empty($toggle_type)) {
set_user_preferences(array('grade_report_show' . $toggle_type => $toggle));
set_user_preferences(array('grade_report_show'.$toggle_type => $toggle));
}
//first make sure we have proper final grades - this must be done before constructing of the grade tree
@ -32,7 +113,7 @@ if ($data = data_submitted() and confirm_sesskey()) {
}
// Override perpage if set in URL
if ($perpageurl = optional_param('perpage', 0, PARAM_INT)) {
if ($perpageurl) {
$report->user_prefs['studentsperpage'] = $perpageurl;
}
@ -45,13 +126,16 @@ $report->load_users();
$numusers = $report->get_numusers();
$report->load_final_grades();
if (!$context = get_context_instance(CONTEXT_COURSE, $report->gtree->courseid)) {
return false;
}
/// Print header
print_header_simple($strgrades.':'.$reportname, ':'.$strgrades, $navigation,
'', '', true, $buttons, navmenu($course));
/// Print the plugin selector at the top
print_grade_plugin_selector($courseid, 'report', 'grader');
// Add tabs
$currenttab = 'graderreport';
include('tabs.php');
require('tabs.php');
echo $report->group_selector;
@ -70,7 +154,7 @@ $reporthtml .= "</table>";
// print submit button
if ($USER->gradeediting) {
echo '<form action="report.php" method="post">';
echo '<form action="index.php" method="post">';
echo '<div>';
echo '<input type="hidden" value="'.$courseid.'" name="id" />';
echo '<input type="hidden" value="'.sesskey().'" name="sesskey" />';
@ -89,4 +173,7 @@ if ($USER->gradeediting && ($report->get_pref('quickfeedback') || $report->get_p
if ($report->get_pref('studentsperpage') >= 20) {
print_paging_bar($numusers, $report->page, $report->get_pref('studentsperpage'), $report->pbarurl);
}
print_footer($course);
?>

13
grade/report/grader/lib.php
View file

@ -66,11 +66,10 @@ class grade_report_grader extends grade_report {
$this->sortitemid = $sortitemid;
// base url for sorting by first/last name
$this->baseurl = 'report.php?id='.$this->courseid.'&amp;perpage='.$this->get_pref('studentsperpage')
.'&amp;report=grader&amp;page='.$this->page;
$this->baseurl = 'index.php?id='.$this->courseid.'&amp;perpage='.$this->get_pref('studentsperpage')
.'&amp;page='.$this->page;
//
$this->pbarurl = 'report.php?id='.$this->courseid.'&amp;perpage='.$this->get_pref('studentsperpage')
.'&amp;report=grader&amp;';
$this->pbarurl = 'index.php?id='.$this->courseid.'&amp;perpage='.$this->get_pref('studentsperpage');
// Setup groups if requested
if ($this->get_pref('showgroups')) {
@ -968,7 +967,7 @@ class grade_report_grader extends grade_report {
$hide_show = 'show';
}
$show_hide_icon = '<a href="report.php?report=grader&amp;target='.$eid
$show_hide_icon = '<a href="index.php?target='.$eid
. "&amp;action=$hide_show" . $this->gtree->commonvars . "\">\n"
. '<img src="'.$CFG->pixpath.'/t/'.$hide_show.'.gif" class="iconsmall" alt="'
. ${'str' . $hide_show}.'" title="'.${'str' . $hide_show}.'" /></a>'. "\n";
@ -981,7 +980,7 @@ class grade_report_grader extends grade_report {
// Print lock/unlock icon
$lock_unlock_icon = '<a href="report.php?report=grader&amp;target='.$eid
$lock_unlock_icon = '<a href="index.php?target='.$eid
. "&amp;action=$lock_unlock" . $this->gtree->commonvars . "\">\n"
. '<img src="'.$CFG->pixpath.'/t/'.$lock_unlock.'.gif" class="iconsmall" alt="'
. ${'str' . $lock_unlock}.'" title="'.${'str' . $lock_unlock}.'" /></a>'. "\n";
@ -993,7 +992,7 @@ class grade_report_grader extends grade_report {
$expand_contract = 'switch_plus';
}
$contract_expand_icon = '<a href="report.php?report=grader&amp;target=' . $eid
$contract_expand_icon = '<a href="index.php?target=' . $eid
. "&amp;action=$expand_contract" . $this->gtree->commonvars . "\">\n"
. '<img src="'.$CFG->pixpath.'/t/'.$expand_contract.'.gif" class="iconsmall" alt="'
. ${'str' . $expand_contract}.'" title="'.${'str' . $expand_contract}.'" /></a>'. "\n";

4
grade/report/grader/preferences.php
View file

@ -57,7 +57,7 @@ if ($form = data_submitted()) {
}
}
redirect($CFG->wwwroot . '/grade/report.php?report=grader&amp;id='.$courseid, get_string('changessaved'), 1);
redirect($CFG->wwwroot . '/grade/report/grader/index.php?id='.$courseid, get_string('changessaved'), 1);
exit;
}
@ -68,7 +68,7 @@ $strgradepreferences = get_string('gradepreferences', 'grades');
$navlinks = array();
$navlinks[] = array('name' => $strgrades, 'link' => $CFG->wwwroot . '/grade/index.php?id='.$courseid, 'type' => 'misc');
$navlinks[] = array('name' => $strgraderreport,
'link' => $CFG->wwwroot . '/grade/report.php?id=' . $courseid . '&amp;report=grader', 'type' => 'misc');
'link' => $CFG->wwwroot . '/grade/report/grader/index.php?id=' . $courseid, 'type' => 'misc');
$navlinks[] = array('name' => $strgradepreferences, 'link' => '', 'type' => 'misc');
$navigation = build_navigation($navlinks);

2
grade/report/grader/tabs.php
View file

@ -1,7 +1,7 @@
<?php // $Id$
$row = $tabs = array();
$row[] = new tabobject('graderreport',
$CFG->wwwroot.'/grade/report.php?id='.$courseid.'&amp;report=grader',
$CFG->wwwroot.'/grade/report/grader/index.php?id='.$courseid,
get_string('modulename', 'gradereport_grader'));
$row[] = new tabobject('preferences',

78
grade/report/index.php Normal file
View file

@ -0,0 +1,78 @@
<?php //$Id$
///////////////////////////////////////////////////////////////////////////
// NOTICE OF COPYRIGHT //
// //
// Moodle - Modular Object-Oriented Dynamic Learning Environment //
// http://moodle.org //
// //
// Copyright (C) 1999 onwards Martin Dougiamas http://moodle.com //
// //
// This program is free software; you can redistribute it and/or modify //
// it under the terms of the GNU General Public License as published by //
// the Free Software Foundation; either version 2 of the License, or //
// (at your option) any later version. //
// //
// This program is distributed in the hope that it will be useful, //
// but WITHOUT ANY WARRANTY; without even the implied warranty of //
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the //
// GNU General Public License for more details: //
// //
// http://www.gnu.org/copyleft/gpl.html //
// //
///////////////////////////////////////////////////////////////////////////
require '../../config.php';
$courseid = required_param('id', PARAM_INT);
/// basic access checks
if (!$course = get_record('course', 'id', $courseid)) {
print_error('nocourseid');
}
require_login($course);
$context = get_context_instance(CONTEXT_COURSE, $course->id);
/// find all accessible reports
if ($reports = get_list_of_plugins('grade/report', 'CVS')) { // Get all installed reports
foreach ($reports as $key => $plugin) { // Remove ones we can't see
if (!has_capability('gradereport/'.$plugin.':view', $context)) {
unset($reports[$key]);
}
}
}
if (empty($reports)) {
error('No reports accessible', $CFG->wwwroot.'/course/view.php:id='.$course->id); // TODO: localize
}
if (!isset($USER->grade_last_report)) {
$USER->grade_last_report = array();
}
if (!empty($USER->grade_last_report[$course->id])) {
$last = $USER->grade_last_report[$course->id];
} else {
$last = null;
}
if (!in_array($last, $reports)) {
$last = null;
}
if (empty($last)) {
if (in_array('grader', $reports)) {
$last = 'grader';
} else if (in_array('user', $reports)) {
$last = 'user';
} else {
$last = reset($reports);
}
}
//redirect to last or guessed report
redirect($CFG->wwwroot.'/grade/report/'.$last.'/index.php?id='.$course->id);
?>

116
grade/report/user/index.php
View file

@ -1,28 +1,110 @@
<?php // $Id$
/// This creates and handles the whole user report interface, sans header and footer
///////////////////////////////////////////////////////////////////////////
// NOTICE OF COPYRIGHT //
// //
// Moodle - Modular Object-Oriented Dynamic Learning Environment //
// http://moodle.org //
// //
// Copyright (C) 1999 onwards Martin Dougiamas http://moodle.com //
// //
// This program is free software; you can redistribute it and/or modify //
// it under the terms of the GNU General Public License as published by //
// the Free Software Foundation; either version 2 of the License, or //
// (at your option) any later version. //
// //
// This program is distributed in the hope that it will be useful, //
// but WITHOUT ANY WARRANTY; without even the implied warranty of //
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the //
// GNU General Public License for more details: //
// //
// http://www.gnu.org/copyleft/gpl.html //
// //
///////////////////////////////////////////////////////////////////////////
require_once($CFG->dirroot.'/grade/report/user/lib.php');
require_once '../../../config.php';
require_once $CFG->libdir.'/gradelib.php';
require_once $CFG->dirroot.'/grade/lib.php';
require_once $CFG->dirroot.'/grade/report/user/lib.php';
// get the params
if (!$userid = optional_param('user', 0, PARAM_INT)) {
// current user
$userid = $USER->id;
$courseid = required_param('id');
$userid = optional_param('userid', $USER->id, PARAM_INT);
/// basic access checks
if (!$course = get_record('course', 'id', $courseid)) {
print_error('nocourseid');
}
require_login($course);
if (!$user = get_complete_user_data('id', $userid)) {
error("Incorrect userid");
}
// Create a report instance
$report = new grade_report_user($courseid, $gpr, $context, $userid);
$context = get_context_instance(CONTEXT_COURSE, $course->id);
$usercontext = get_context_instance(CONTEXT_PERSONAL, $user->id);
require_capability('gradereport/user:view', $context);
// find total number of participants
$numusers = $report->get_numusers();
$access = true;
if (has_capability('moodle/grade:viewall', $context)) {
//ok - can view all course grades
$gradetotal = 0;
$gradesum = 0;
} else if ($user->id == $USER->id and has_capability('moodle/grade:view', $context) and $course->showgrades) {
//ok - can view own grades
// print the page
print_heading(get_string('modulename', 'gradereport_user'). " - ".fullname($report->user));
if ($report->fill_table()) {
echo $report->print_table(true);
} else if (has_capability('moodle/grade:view', $usercontext) and $course->showgrades) {
// ok - can view grades of this user- parent most probably
} else {
$acces = false;
}
/// return tracking object
$gpr = new grade_plugin_return(array('type'=>'report', 'plugin'=>'user', 'courseid'=>$courseid, 'userid'=>$userid));
/// last selected report session tracking
if (!isset($USER->grade_last_report)) {
$USER->grade_last_report = array();
}
$USER->grade_last_report[$course->id] = 'user';
/// Build navigation
$strgrades = get_string('grades');
$reportname = get_string('modulename', 'gradereport_user');
$navlinks = array(array('name'=>$strgrades, 'link'=>$CFG->wwwroot.'/grade/index.php?id='.$courseid, 'type'=>'misc'),
array('name'=>$reportname, 'link'=>'', 'type'=>'misc'));
$navigation = build_navigation($navlinks);
/// Print header
print_header_simple($strgrades.':'.$reportname, ':'.$strgrades, $navigation,
'', '', true, '', navmenu($course));
/// Print the plugin selector at the top
print_grade_plugin_selector($courseid, 'report', 'user');
if ($access) {
//first make sure we have proper final grades - this must be done before constructing of the grade tree
grade_regrade_final_grades($courseid);
// Create a report instance
$report = new grade_report_user($courseid, $gpr, $context, $userid);
$gradetotal = 0;
$gradesum = 0;
// print the page
print_heading(get_string('modulename', 'gradereport_user'). ' - '.fullname($report->user));
if ($report->fill_table()) {
echo $report->print_table(true);
}
} else {
// no access to grades!
echo "Can not view grades."; //TODO: localize
}
print_footer($course);
?>