Skip to content

Commit b6322b5

Browse files
authored
Merge pull request #2457 from Alex-Jordan/course-config-grader
add problem_grader permission
2 parents c9a78b7 + ed0ca36 commit b6322b5

12 files changed

Lines changed: 64 additions & 36 deletions

File tree

conf/defaults.config

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -793,6 +793,7 @@ $authen{admin_module} = ['WeBWorK::Authen::Basic_TheLastOption'];
793793
become_student => "professor",
794794
access_instructor_tools => "ta",
795795
score_sets => "professor",
796+
problem_grader => "professor",
796797
send_mail => "professor",
797798
receive_feedback => ['ta', 'professor', 'admin'],
798799

lib/WeBWorK/ConfigValues.pm

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -516,6 +516,15 @@ sub getConfigValues ($ce) {
516516
doc2 => x('Only this permission level and higher get buttons for sending email to the instructor.'),
517517
type => 'permission'
518518
},
519+
{
520+
var => 'permissionLevels{problem_grader}',
521+
doc => x('Can use problem grader'),
522+
doc2 => x(
523+
'This permission level and higher can use the problem grader (both the grader that is available '
524+
. 'on a problem page and the set-wide probelem grader).'
525+
),
526+
type => 'permission'
527+
},
519528
{
520529
var => 'permissionLevels{record_answers_when_acting_as_student}',
521530
doc => x('Can submit answers for a student'),

lib/WeBWorK/ContentGenerator/GatewayQuiz.pm

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -118,7 +118,7 @@ sub can_showProblemGrader ($c, $user, $permissionLevel, $effectiveUser, $set, $p
118118
my $authz = $c->authz;
119119

120120
return ($authz->hasPermissions($user->user_id, 'access_instructor_tools')
121-
&& $authz->hasPermissions($user->user_id, 'score_sets')
121+
&& $authz->hasPermissions($user->user_id, 'problem_grader')
122122
&& $set->set_id ne 'Undefined_Set'
123123
&& !$c->{invalidSet});
124124
}

lib/WeBWorK/ContentGenerator/Instructor/ProblemGrader.pm

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -48,7 +48,7 @@ async sub initialize ($c) {
4848
unless $c->stash->{set}
4949
&& $c->stash->{problem}
5050
&& $authz->hasPermissions($userID, 'access_instructor_tools')
51-
&& $authz->hasPermissions($userID, 'score_sets');
51+
&& $authz->hasPermissions($userID, 'problem_grader');
5252

5353
# Get all users of the set, and restrict to the sections or recitations that are allowed for the user if such
5454
# restrictions are defined. For gateway sets only get users for which versions exist. The users are sorted by

lib/WeBWorK/ContentGenerator/Problem.pm

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -96,7 +96,7 @@ sub can_showProblemGrader ($c, $user, $effectiveUser, $set, $problem) {
9696
my $authz = $c->authz;
9797

9898
return ($authz->hasPermissions($user->user_id, 'access_instructor_tools')
99-
&& $authz->hasPermissions($user->user_id, 'score_sets')
99+
&& $authz->hasPermissions($user->user_id, 'problem_grader')
100100
&& $set->set_id ne 'Undefined_Set'
101101
&& !$c->{invalidSet});
102102
}

lib/WebworkWebservice.pm

Lines changed: 6 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -262,10 +262,12 @@ sub command_permission {
262262
setProblemTags => 'modify_tags',
263263

264264
# WebworkWebservice::ProblemActions
265-
getUserProblem => 'access_instructor_tools',
266-
putUserProblem => 'modify_student_data',
267-
putProblemVersion => 'modify_student_data',
268-
putPastAnswer => 'modify_student_data',
265+
getUserProblem => 'access_instructor_tools',
266+
# Note: The modify_student_data permission is checked in the following three methods and only the status and
267+
# comment_string can actually be modified by users with the problem_grader permission only.
268+
putUserProblem => 'problem_grader',
269+
putProblemVersion => 'problem_grader',
270+
putPastAnswer => 'problem_grader',
269271
tidyPGCode => 'access_instructor_tools',
270272
convertCodeToPGML => 'access_instructor_tools',
271273

lib/WebworkWebservice/ProblemActions.pm

Lines changed: 40 additions & 24 deletions
Original file line numberDiff line numberDiff line change
@@ -47,17 +47,22 @@ sub putUserProblem {
4747
my $userProblem = $db->getUserProblem($params->{user_id}, $params->{set_id}, $params->{problem_id});
4848
if (!$userProblem) { return { text => 'User problem not found.' }; }
4949

50-
for (
51-
'source_file', 'value', 'max_attempts', 'showMeAnother',
52-
'showMeAnotherCount', 'prPeriod', 'prCount', 'problem_seed',
53-
'status', 'attempted', 'last_answer', 'num_correct',
54-
'num_incorrect', 'att_to_open_children', 'counts_parent_grade', 'sub_status',
55-
'flags'
56-
)
57-
{
58-
$userProblem->{$_} = $params->{$_} if defined($params->{$_});
50+
if ($self->c->authz->hasPermissions($self->authen->{user_id}, 'modify_student_data')) {
51+
for (
52+
'source_file', 'value', 'max_attempts', 'showMeAnother',
53+
'showMeAnotherCount', 'prPeriod', 'prCount', 'problem_seed',
54+
'attempted', 'last_answer', 'num_correct', 'num_incorrect',
55+
'att_to_open_children', 'counts_parent_grade', 'sub_status', 'flags'
56+
)
57+
{
58+
$userProblem->{$_} = $params->{$_} if defined $params->{$_};
59+
}
5960
}
6061

62+
# The status is the only thing that users with the problem_grader permission can change.
63+
# This method can not be called without the problem_grader permission.
64+
$userProblem->{status} = $params->{status} if defined $params->{status};
65+
6166
# Remove the needs_grading flag if the mark_graded parameter is set.
6267
$userProblem->{flags} =~ s/:needs_grading$// if $params->{mark_graded};
6368

@@ -81,17 +86,22 @@ sub putProblemVersion {
8186
$db->getProblemVersion($params->{user_id}, $params->{set_id}, $params->{version_id}, $params->{problem_id});
8287
if (!$problemVersion) { return { text => 'Problem version not found.' }; }
8388

84-
for (
85-
'source_file', 'value', 'max_attempts', 'showMeAnother',
86-
'showMeAnotherCount', 'prPeriod', 'prCount', 'problem_seed',
87-
'status', 'attempted', 'last_answer', 'num_correct',
88-
'num_incorrect', 'att_to_open_children', 'counts_parent_grade', 'sub_status',
89-
'flags'
90-
)
91-
{
92-
$problemVersion->{$_} = $params->{$_} if defined($params->{$_});
89+
if ($self->c->authz->hasPermissions($self->authen->{user_id}, 'modify_student_data')) {
90+
for (
91+
'source_file', 'value', 'max_attempts', 'showMeAnother',
92+
'showMeAnotherCount', 'prPeriod', 'prCount', 'problem_seed',
93+
'attempted', 'last_answer', 'num_correct', 'num_incorrect',
94+
'att_to_open_children', 'counts_parent_grade', 'sub_status', 'flags'
95+
)
96+
{
97+
$problemVersion->{$_} = $params->{$_} if defined($params->{$_});
98+
}
9399
}
94100

101+
# The status is the only thing that users with the problem_grader permission can change.
102+
# This method can not be called without the problem_grader permission.
103+
$problemVersion->{status} = $params->{status} if defined $params->{status};
104+
95105
# Remove the needs_grading flag if the mark_graded parameter is set.
96106
$problemVersion->{flags} =~ s/:needs_grading$// if $params->{mark_graded};
97107

@@ -116,14 +126,20 @@ sub putPastAnswer {
116126

117127
$pastAnswer->{user_id} = $params->{user_id} if $params->{user_id};
118128

119-
for (
120-
'set_id', 'problem_id', 'source_file', 'timestamp',
121-
'scores', 'answer_string', 'comment_string', 'problem_seed'
122-
)
123-
{
124-
$pastAnswer->{$_} = $params->{$_} if defined($params->{$_});
129+
if ($self->c->authz->hasPermissions($self->authen->{user_id}, 'modify_student_data')) {
130+
for (
131+
'set_id', 'problem_id', 'source_file', 'timestamp',
132+
'scores', 'answer_string', 'comment_string', 'problem_seed'
133+
)
134+
{
135+
$pastAnswer->{$_} = $params->{$_} if defined($params->{$_});
136+
}
125137
}
126138

139+
# The comment_string is the only thing that users with the problem_grader permission can change.
140+
# This method can not be called without the problem_grader permission.
141+
$pastAnswer->{comment_string} = $params->{comment_string} if defined $params->{comment_string};
142+
127143
eval { $db->putPastAnswer($pastAnswer) };
128144
if ($@) { return { text => "putPastAnswer $@" }; }
129145

templates/ContentGenerator/Instructor/ProblemGrader.html.ep

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -33,7 +33,7 @@
3333
% last;
3434
% }
3535
%
36-
% unless ($authz->hasPermissions(param('user'), 'score_sets')) {
36+
% unless ($authz->hasPermissions(param('user'), 'problem_grader')) {
3737
<div class="alert alert-danger p-1 mb-0"><%= maketext('You are not authorized to grade assignments.') %></div>
3838
% last;
3939
% }

templates/ContentGenerator/Instructor/ProblemGrader/siblings.html.ep

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -2,7 +2,7 @@
22
%
33
% unless ($set
44
% && $authz->hasPermissions(param('user'), 'access_instructor_tools')
5-
% && $authz->hasPermissions(param('user'), 'score_sets'))
5+
% && $authz->hasPermissions(param('user'), 'problem_grader'))
66
% {
77
% last;
88
% }

templates/ContentGenerator/Instructor/ProblemSetDetail.html.ep

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -549,7 +549,7 @@
549549
<i class="icon far fa-eye" data-alt="<%= maketext('View') %>"></i>
550550
<% end =%>
551551
% }
552-
% if ($authz->hasPermissions(param('user'), 'score_sets')) {
552+
% if ($authz->hasPermissions(param('user'), 'problem_grader')) {
553553
<%= link_to $c->systemLink(url_for(
554554
'instructor_problem_grader',
555555
setID => $setID,

0 commit comments

Comments
 (0)