diff options
| author | Eugeniy Mikhailov <evgmik@gmail.com> | 2011-01-21 00:15:16 -0500 |
|---|---|---|
| committer | Eugeniy Mikhailov <evgmik@gmail.com> | 2011-01-21 00:15:16 -0500 |
| commit | 08cd10af8dfd75c3b4c80e106c40497d80064999 (patch) | |
| tree | 7d2095c02fee28351dadac7bca56c3e93ec4bc12 | |
| parent | 7b998ae7dc85942825aa5103ddf45e6d91990144 (diff) | |
| download | GradeBook-08cd10af8dfd75c3b4c80e106c40497d80064999.tar.gz GradeBook-08cd10af8dfd75c3b4c80e106c40497d80064999.zip | |
grades table output now has selection of raws to see for each user group
Ignore-this: 1d6ef98c48cfbee6b7af7cb53bff7219
darcs-hash:20110121051516-067c0-11a6166d086ae0a951fa77203a25f56c8b89bbc7.gz
| -rwxr-xr-x | GradeBook.tcl | 17 |
1 files changed, 13 insertions, 4 deletions
diff --git a/GradeBook.tcl b/GradeBook.tcl index 950c922..34c04fb 100755 --- a/GradeBook.tcl +++ b/GradeBook.tcl @@ -124,8 +124,9 @@ proc htmlDBout {db permission_list user {sort_col {}}} { puts {<div class="gradestable">} set show_header 1 - # show the table with grades + # get names of all columns set column_list [getColListFromTable GradesTable] + # set hidden column list switch $permission(GroupName) { instructor { set hidden_columns {} } ta { set hidden_columns [list UserName PasswordHash GroupName] } @@ -138,8 +139,16 @@ proc htmlDBout {db permission_list user {sort_col {}}} { set column_list [removeElementFromList $col $column_list] } set sql_column_str [colList2sqlColStr $column_list] - # get all allowed columns - set eval_str [concat SELECT $sql_column_str FROM GradesTable ORDER BY $sort_col] + # set users of what group user can see, i.e. set WHERE statement + switch $permission(GroupName) { + instructor { set where_statement {} } + ta { set where_statement "WHERE GroupName=\"student\"" } + student { set where_statement "WHERE UserName=\"$user\"" } + guest { dbg "Guest must not be allowed to set table view port. Aborting. This line is never executed" 0; exit } + default { dbg "Default must not be allowed to set table view port. Aborting. This line is never executed." 0; exit } + } + # get all allowed columns and rows + set eval_str [concat SELECT $sql_column_str FROM GradesTable $where_statement ORDER BY $sort_col] set err [catch { db eval $eval_str v { if { $show_header } { @@ -186,7 +195,7 @@ proc htmlDBout {db permission_list user {sort_col {}}} { if { $err } { dbg "we should never be here if $sortCol exist in the table" 1 dbg $errStat 1 - + htmlErrorMsg $errStat } puts "</table>" puts {</div>} |