diff options
| -rwxr-xr-x | GradeBook_lib.tcl | 34 |
1 files changed, 34 insertions, 0 deletions
diff --git a/GradeBook_lib.tcl b/GradeBook_lib.tcl index 63eeef1..41b3f86 100755 --- a/GradeBook_lib.tcl +++ b/GradeBook_lib.tcl @@ -825,6 +825,34 @@ proc FillDefaultAccessRights {} { AddDefaultAccessRight update_grades_stats 1 0 0 0 0 } +proc getDefaultPermissionsForGroup { group } { + global defaultAccessRights + if { ![info exist defaultAccessRights] } { + FillDefaultAccessRights + } + set permission_list [list GroupName $group] + foreach {action dummy} $defaultAccessRights { + lappend permission_list $action [getDefaultPermission $action $group] + } + return $permission_list +} + +proc FillMissingPermissionsWithDefaults { permission_list default_permission_list} { + # permission_list takes precedense over default_permission_list + set group [lindex $permission_list 1] + set default_group [lindex $default_permission_list 1] + if { $group ne $default_group } { + dbg "attempt to join permission lists for different groups: $group and $default_group" msg_level_warning + return $permission_list + } + foreach {action permission} $default_permission_list { + if { $action ni $permission_list} { + lappend permission_list $action $permission + } + } + return $permission_list +} + proc getDefaultPermission { action group } { global defaultAccessRights if { ![info exist defaultAccessRights] } { @@ -2412,6 +2440,9 @@ proc Authenticate_User { user_requested password } { return $user } +proc AddMissingDefaultRights { permission_list group } { +} + proc AccessGroupRights {db user } { dbg "access rights check for user: $user" msg_level_info set eval_str [list SELECT GroupName FROM GradesTable WHERE UserName='$user'] @@ -2426,6 +2457,9 @@ proc AccessGroupRights {db user } { set permission_list [list GroupName $group] db eval $eval_str permissions { lappend permission_list $permissions(actionname) $permissions($group) } dbg "permissions for user $user belonging to the group $group are: $permission_list" msg_level_info + + set default_permission_list [getDefaultPermissionsForGroup $group] + set permission_list [FillMissingPermissionsWithDefaults $permission_list $default_permission_list] return $permission_list } |