From 08cd10af8dfd75c3b4c80e106c40497d80064999 Mon Sep 17 00:00:00 2001 From: Eugeniy Mikhailov Date: Fri, 21 Jan 2011 00:15:16 -0500 Subject: grades table output now has selection of raws to see for each user group Ignore-this: 1d6ef98c48cfbee6b7af7cb53bff7219 darcs-hash:20110121051516-067c0-11a6166d086ae0a951fa77203a25f56c8b89bbc7.gz --- GradeBook.tcl | 17 +++++++++++++---- 1 file changed, 13 insertions(+), 4 deletions(-) (limited to 'GradeBook.tcl') diff --git a/GradeBook.tcl b/GradeBook.tcl index 950c922..34c04fb 100755 --- a/GradeBook.tcl +++ b/GradeBook.tcl @@ -124,8 +124,9 @@ proc htmlDBout {db permission_list user {sort_col {}}} { puts {
} set show_header 1 - # show the table with grades + # get names of all columns set column_list [getColListFromTable GradesTable] + # set hidden column list switch $permission(GroupName) { instructor { set hidden_columns {} } ta { set hidden_columns [list UserName PasswordHash GroupName] } @@ -138,8 +139,16 @@ proc htmlDBout {db permission_list user {sort_col {}}} { set column_list [removeElementFromList $col $column_list] } set sql_column_str [colList2sqlColStr $column_list] - # get all allowed columns - set eval_str [concat SELECT $sql_column_str FROM GradesTable ORDER BY $sort_col] + # set users of what group user can see, i.e. set WHERE statement + switch $permission(GroupName) { + instructor { set where_statement {} } + ta { set where_statement "WHERE GroupName=\"student\"" } + student { set where_statement "WHERE UserName=\"$user\"" } + guest { dbg "Guest must not be allowed to set table view port. Aborting. This line is never executed" 0; exit } + default { dbg "Default must not be allowed to set table view port. Aborting. This line is never executed." 0; exit } + } + # get all allowed columns and rows + set eval_str [concat SELECT $sql_column_str FROM GradesTable $where_statement ORDER BY $sort_col] set err [catch { db eval $eval_str v { if { $show_header } { @@ -186,7 +195,7 @@ proc htmlDBout {db permission_list user {sort_col {}}} { if { $err } { dbg "we should never be here if $sortCol exist in the table" 1 dbg $errStat 1 - + htmlErrorMsg $errStat } puts "" puts {
} -- cgit v1.2.3