Skip to content

Commit

Permalink
Add config that limits teachers rights in exercise BT#15235
Browse files Browse the repository at this point in the history 
$_configuration['limit_exercise_teacher_access']
  • Loading branch information
@jmontoyaa
jmontoyaa committed Jan 29, 2019
1 parent 970529f commit a1e9e3f
Show file tree
Hide file tree
Showing 4 changed files with 108 additions and 13 deletions.
101 changes: 88 additions & 13 deletions main/exercise/exercise.php
View file
Expand Up @@ -27,6 +27,9 @@


// Access control // Access control
api_protect_course_script(true); api_protect_course_script(true);

$limitTeacherAccess = api_get_configuration_value('limit_exercise_teacher_access');

require_once 'hotpotatoes.lib.php'; require_once 'hotpotatoes.lib.php';


/* Constants and variables */ /* Constants and variables */
Expand Down Expand Up @@ -106,6 +109,9 @@
$nameTools = get_lang('Exercises'); $nameTools = get_lang('Exercises');
$errorXmlExport = null; $errorXmlExport = null;
if ($is_allowedToEdit && !empty($choice) && $choice === 'exportqti2') { if ($is_allowedToEdit && !empty($choice) && $choice === 'exportqti2') {
if ($limitTeacherAccess && !api_is_platform_admin()) {
api_not_allowed(true);
}
require_once api_get_path(SYS_CODE_PATH).'exercise/export/qti2/qti2_export.php'; require_once api_get_path(SYS_CODE_PATH).'exercise/export/qti2/qti2_export.php';


$export = export_exercise_to_qti($exerciseId, true); $export = export_exercise_to_qti($exerciseId, true);
Expand Down Expand Up @@ -228,6 +234,10 @@
case 'delete': case 'delete':
// deletes an exercise // deletes an exercise
if ($exercise_action_locked == false) { if ($exercise_action_locked == false) {
if ($limitTeacherAccess && !api_is_platform_admin()) {
// Teacher cannot delete an exercise
break;
}
$objExerciseTmp->delete(); $objExerciseTmp->delete();
$link_info = GradebookUtils::isResourceInCourseGradebook( $link_info = GradebookUtils::isResourceInCourseGradebook(
api_get_course_id(), api_get_course_id(),
Expand All @@ -239,9 +249,15 @@
GradebookUtils::remove_resource_from_course_gradebook($link_info['id']); GradebookUtils::remove_resource_from_course_gradebook($link_info['id']);
} }
echo Display::return_message(get_lang('ExerciseDeleted'), 'confirmation'); echo Display::return_message(get_lang('ExerciseDeleted'), 'confirmation');

} }
break; break;
case 'enable': case 'enable':
if ($limitTeacherAccess && !api_is_platform_admin()) {
// Teacher change exercise
break;
}

// enables an exercise // enables an exercise
if (empty($sessionId)) { if (empty($sessionId)) {
$objExerciseTmp->enable(); $objExerciseTmp->enable();
Expand All @@ -264,6 +280,10 @@
echo Display::return_message(get_lang('VisibilityChanged'), 'confirmation'); echo Display::return_message(get_lang('VisibilityChanged'), 'confirmation');
break; break;
case 'disable': case 'disable':
if ($limitTeacherAccess && !api_is_platform_admin()) {
// Teacher change exercise
break;
}
// disables an exercise // disables an exercise
if (empty($sessionId)) { if (empty($sessionId)) {
$objExerciseTmp->disable(); $objExerciseTmp->disable();
Expand Down Expand Up @@ -307,6 +327,11 @@
); );
break; break;
case 'clean_results': case 'clean_results':
if ($limitTeacherAccess && !api_is_platform_admin()) {
// Teacher change exercise
break;
}

// Clean student results // Clean student results
if ($exercise_action_locked == false) { if ($exercise_action_locked == false) {
$quantity_results_deleted = $objExerciseTmp->cleanResults(true); $quantity_results_deleted = $objExerciseTmp->cleanResults(true);
Expand Down Expand Up @@ -338,6 +363,10 @@
if (!empty($hpchoice)) { if (!empty($hpchoice)) {
switch ($hpchoice) { switch ($hpchoice) {
case 'delete': case 'delete':
if ($limitTeacherAccess && !api_is_platform_admin()) {
// Teacher change exercise
break;
}
// deletes an exercise // deletes an exercise
$imgparams = []; $imgparams = [];
$imgcount = 0; $imgcount = 0;
Expand Down Expand Up @@ -367,7 +396,12 @@
} }
break; break;
case 'enable': // enables an exercise case 'enable': // enables an exercise
$newVisibilityStatus = "1"; //"visible" if ($limitTeacherAccess && !api_is_platform_admin()) {
// Teacher change exercise
break;
}

$newVisibilityStatus = '1'; //"visible"
$query = "SELECT id FROM $TBL_DOCUMENT $query = "SELECT id FROM $TBL_DOCUMENT
WHERE c_id = $courseId AND path='".Database::escape_string($file)."'"; WHERE c_id = $courseId AND path='".Database::escape_string($file)."'";
$res = Database::query($query); $res = Database::query($query);
Expand All @@ -383,6 +417,10 @@


break; break;
case 'disable': // disables an exercise case 'disable': // disables an exercise
if ($limitTeacherAccess && !api_is_platform_admin()) {
// Teacher change exercise
break;
}
$newVisibilityStatus = '0'; //"invisible" $newVisibilityStatus = '0'; //"invisible"
$query = "SELECT id FROM $TBL_DOCUMENT $query = "SELECT id FROM $TBL_DOCUMENT
WHERE c_id = $courseId AND path='".Database::escape_string($file)."'"; WHERE c_id = $courseId AND path='".Database::escape_string($file)."'";
Expand Down Expand Up @@ -769,11 +807,16 @@
); );


// Test settings // Test settings
$actions .= Display::url( $settings = Display::url(
Display::return_icon('settings.png', get_lang('Configure'), '', ICON_SIZE_SMALL), Display::return_icon('settings.png', get_lang('Configure'), '', ICON_SIZE_SMALL),
'exercise_admin.php?'.api_get_cidreq().'&exerciseId='.$row['id'] 'exercise_admin.php?'.api_get_cidreq().'&exerciseId='.$row['id']
); );


if ($limitTeacherAccess && !api_is_platform_admin()) {
$settings = '';
}
$actions .= $settings;

// Exercise results // Exercise results
$actions .= '<a href="exercise_report.php?'.api_get_cidreq().'&exerciseId='.$row['id'].'">'. $actions .= '<a href="exercise_report.php?'.api_get_cidreq().'&exerciseId='.$row['id'].'">'.
Display::return_icon('test_results.png', get_lang('Results'), '', ICON_SIZE_SMALL).'</a>'; Display::return_icon('test_results.png', get_lang('Results'), '', ICON_SIZE_SMALL).'</a>';
Expand Down Expand Up @@ -816,7 +859,7 @@


// Clean exercise // Clean exercise
if ($locked == false) { if ($locked == false) {
$actions .= Display::url( $clean = Display::url(
Display::return_icon( Display::return_icon(
'clean.png', 'clean.png',
get_lang('CleanStudentResults'), get_lang('CleanStudentResults'),
Expand All @@ -830,26 +873,32 @@
] ]
); );
} else { } else {
$actions .= Display::return_icon( $clean = Display::return_icon(
'clean_na.png', 'clean_na.png',
get_lang('ResourceLockedByGradebook'), get_lang('ResourceLockedByGradebook'),
'', '',
ICON_SIZE_SMALL ICON_SIZE_SMALL
); );
} }


if ($limitTeacherAccess && !api_is_platform_admin()) {
$clean = '';
}

$actions .= $clean;

// Visible / invisible // Visible / invisible
// Check if this exercise was added in a LP // Check if this exercise was added in a LP
if ($exercise->exercise_was_added_in_lp == true) { if ($exercise->exercise_was_added_in_lp == true) {
$actions .= Display::return_icon( $visibility = Display::return_icon(
'invisible.png', 'invisible.png',
get_lang('AddedToLPCannotBeAccessed'), get_lang('AddedToLPCannotBeAccessed'),
'', '',
ICON_SIZE_SMALL ICON_SIZE_SMALL
); );
} else { } else {
if ($row['active'] == 0 || $visibility == 0) { if ($row['active'] == 0 || $visibility == 0) {
$actions .= Display::url( $visibility = Display::url(
Display::return_icon( Display::return_icon(
'invisible.png', 'invisible.png',
get_lang('Activate'), get_lang('Activate'),
Expand All @@ -860,7 +909,7 @@
); );
} else { } else {
// else if not active // else if not active
$actions .= Display::url( $visibility = Display::url(
Display::return_icon( Display::return_icon(
'visible.png', 'visible.png',
get_lang('Deactivate'), get_lang('Deactivate'),
Expand All @@ -871,8 +920,15 @@
); );
} }
} }

if ($limitTeacherAccess && !api_is_platform_admin()) {
$visibility = '';
}

$actions .= $visibility;

// Export qti ... // Export qti ...
$actions .= Display::url( $export = Display::url(
Display::return_icon( Display::return_icon(
'export_qti2.png', 'export_qti2.png',
'IMS/QTI', 'IMS/QTI',
Expand All @@ -881,6 +937,12 @@
), ),
'exercise.php?choice=exportqti2&exerciseId='.$row['id'].'&'.api_get_cidreq() 'exercise.php?choice=exportqti2&exerciseId='.$row['id'].'&'.api_get_cidreq()
); );

if ($limitTeacherAccess && !api_is_platform_admin()) {
$export = '';
}

$actions .= $export;
} else { } else {
// not session // not session
$actions = Display::return_icon( $actions = Display::return_icon(
Expand All @@ -890,15 +952,15 @@


// Check if this exercise was added in a LP // Check if this exercise was added in a LP
if ($exercise->exercise_was_added_in_lp == true) { if ($exercise->exercise_was_added_in_lp == true) {
$actions .= Display::return_icon( $visiblity = Display::return_icon(
'invisible.png', 'invisible.png',
get_lang('AddedToLPCannotBeAccessed'), get_lang('AddedToLPCannotBeAccessed'),
'', '',
ICON_SIZE_SMALL ICON_SIZE_SMALL
); );
} else { } else {
if ($row['active'] == 0 || $visibility == 0) { if ($row['active'] == 0 || $visibility == 0) {
$actions .= Display::url( $visiblity = Display::url(
Display::return_icon( Display::return_icon(
'invisible.png', 'invisible.png',
get_lang('Activate'), get_lang('Activate'),
Expand All @@ -909,7 +971,7 @@
); );
} else { } else {
// else if not active // else if not active
$actions .= Display::url( $visiblity = Display::url(
Display::return_icon( Display::return_icon(
'visible.png', 'visible.png',
get_lang('Deactivate'), get_lang('Deactivate'),
Expand All @@ -921,6 +983,12 @@
} }
} }


if ($limitTeacherAccess && !api_is_platform_admin()) {
$visiblity = '';
}

$actions .= $visiblity;

$actions .= '<a href="exercise_report.php?'.api_get_cidreq().'&exerciseId='.$row['id'].'">'. $actions .= '<a href="exercise_report.php?'.api_get_cidreq().'&exerciseId='.$row['id'].'">'.
Display::return_icon('test_results.png', get_lang('Results'), '', ICON_SIZE_SMALL).'</a>'; Display::return_icon('test_results.png', get_lang('Results'), '', ICON_SIZE_SMALL).'</a>';
$actions .= Display::url( $actions .= Display::url(
Expand All @@ -934,9 +1002,10 @@
} }


// Delete // Delete
$delete = '';
if ($session_id == $row['session_id']) { if ($session_id == $row['session_id']) {
if ($locked == false) { if ($locked == false) {
$actions .= Display::url( $delete = Display::url(
Display::return_icon( Display::return_icon(
'delete.png', 'delete.png',
get_lang('Delete'), get_lang('Delete'),
Expand All @@ -950,7 +1019,7 @@
] ]
); );
} else { } else {
$actions .= Display::return_icon( $delete = Display::return_icon(
'delete_na.png', 'delete_na.png',
get_lang('ResourceLockedByGradebook'), get_lang('ResourceLockedByGradebook'),
'', '',
Expand All @@ -959,6 +1028,12 @@
} }
} }


if ($limitTeacherAccess && !api_is_platform_admin()) {
$delete = '';
}

$actions .= $delete;

// Number of questions // Number of questions
$random_label = null; $random_label = null;
if ($row['random'] > 0 || $row['random'] == -1) { if ($row['random'] > 0 || $row['random'] == -1) {
Expand Down
6 changes: 6 additions & 0 deletions main/exercise/exercise_admin.php
View file
Expand Up @@ -19,6 +19,12 @@
api_not_allowed(true); api_not_allowed(true);
} }


$limitTeacherAccess = api_get_configuration_value('limit_exercise_teacher_access');

if ($limitTeacherAccess && !api_is_platform_admin()) {
api_not_allowed(true);
}

$htmlHeadXtra[] = '<script> $htmlHeadXtra[] = '<script>
function activate_start_date() { function activate_start_date() {
if(document.getElementById(\'start_date_div\').style.display == \'none\') { if(document.getElementById(\'start_date_div\').style.display == \'none\') {
Expand Down
11 changes: 11 additions & 0 deletions main/exercise/question_list_admin.inc.php
View file
Expand Up @@ -15,8 +15,15 @@
* It is included from the script admin.php * It is included from the script admin.php
*/ */



$limitTeacherAccess = api_get_configuration_value('limit_exercise_teacher_access');

// deletes a question from the exercise (not from the data base) // deletes a question from the exercise (not from the data base)
if ($deleteQuestion) { if ($deleteQuestion) {
if ($limitTeacherAccess && !api_is_platform_admin()) {
exit;
}

// if the question exists // if the question exists
if ($objQuestionTmp = Question::read($deleteQuestion)) { if ($objQuestionTmp = Question::read($deleteQuestion)) {
$objQuestionTmp->delete($exerciseId); $objQuestionTmp->delete($exerciseId);
Expand Down Expand Up @@ -279,6 +286,10 @@
); );
} }


if ($limitTeacherAccess && !api_is_platform_admin()) {
$delete_link = '';
}

$btnActions = implode( $btnActions = implode(
PHP_EOL, PHP_EOL,
[$edit_link, $clone_link, $delete_link] [$edit_link, $clone_link, $delete_link]
Expand Down
3 changes: 3 additions & 0 deletions main/install/configuration.dist.php
View file
Expand Up @@ -1084,6 +1084,9 @@
// Option only when building an exercise as a teacher // Option only when building an exercise as a teacher
// $_configuration['question_pagination_lenght'] = 20; // $_configuration['question_pagination_lenght'] = 20;


// Teachers cannot delete an exercise/questions, change exercise visibility, download to qti, clean results
// $_configuration['limit_exercise_teacher_access'] = false;

// ------ Custom DB changes (keep this at the end) // ------ Custom DB changes (keep this at the end)
// Add user activation by confirmation email // Add user activation by confirmation email
// This option prevents the new user to login in the platform if your account is not confirmed via email // This option prevents the new user to login in the platform if your account is not confirmed via email
Expand Down

0 comments on commit a1e9e3f

Please sign in to comment.