# HG changeset patch # User gibus # Date 1339502432 -7200 # Node ID 5387c032df3577abfabe2b562c24998af8fc4c28 # Parent 054d572a3db40a9bf62af5c530c2380489f0a9f3 In role_teacher model, individual students can see their own comments but also teacher's ones, whereas individual students' comments cannot be seen by students. diff -r 054d572a3db4 -r 5387c032df35 src/cm/fixtures/roles_teacher.yaml --- a/src/cm/fixtures/roles_teacher.yaml Fri Jun 08 14:30:24 2012 +0200 +++ b/src/cm/fixtures/roles_teacher.yaml Tue Jun 12 14:00:32 2012 +0200 @@ -14,9 +14,10 @@ fields: name: "Student" description: "" - permissions: [52, 11, 31, 33, 34] + permissions: [52, 11, 31, 33, 34, 38] # can_view_approved_comment 34 # can_delete_comment_own 33 +# can_edit_comment_own 38 # can_create_comment 31 # can_view_text 11 # can_view_workspace 52 @@ -32,4 +33,4 @@ # can_create_comment 31 # can_view_text 11 # can_view_workspace 52 - \ No newline at end of file + diff -r 054d572a3db4 -r 5387c032df35 src/cm/security.py --- a/src/cm/security.py Fri Jun 08 14:30:24 2012 +0200 +++ b/src/cm/security.py Tue Jun 12 14:00:32 2012 +0200 @@ -13,6 +13,7 @@ from cm.models import * from cm import cm_settings from cm.exception import UnauthorizedException +from cm.cm_settings import DECORATED_CREATORS def get_request_user(request): if request and request.user and not request.user.is_anonymous(): @@ -99,7 +100,6 @@ return False actual_own_user = False - from cm.cm_settings import DECORATED_CREATORS if comment.user == request.user: if DECORATED_CREATORS: if request.GET.get('name', None) == comment.get_name(): @@ -157,13 +157,57 @@ if user and has_perm(request, 'can_view_unapproved_comment', text=text): return list(comments.order_by(*order_by)) else: + # Fetch role_model to process specific behaviour for role_teacher model + from cm.models import ApplicationConfiguration + role_model = ApplicationConfiguration.get_key('workspace_role_model') + if has_perm(request, 'can_view_approved_comment', text=text): visible_comments = comments.filter(state = 'approved').order_by(*order_by) # filter comments with a non visible (i.e. moderated) comment in the above thread comments_thread_viewable = [c for c in visible_comments if c.is_thread_full_visible()] + + # for role_teacher role model, do not show 'individual student' comments + if (role_model == 'teacher'): + unfiltered_comments = list(comments_thread_viewable) + for c in unfiltered_comments: + if c.user_id and c.user_id != 1: + try: + userrole = UserRole.objects.get(user=c.user, text=text) + except: + userrole = UserRole.objects.get(user=None, text=None) + if userrole.role_id == None: + role = c.user.get_profile().global_userrole().role + else: + role = userrole.role + if role.name == 'Individual student': + comments_thread_viewable.remove(c) return comments_thread_viewable elif user and has_perm(request, 'can_view_comment_own', text=text): - visible_comments = comments.filter(user=user).order_by(*order_by) + if DECORATED_CREATORS: + visible_comments = comments.filter(name=request.GET.get('name', None)).order_by(*order_by) + else: + visible_comments = comments.filter(user=user).order_by(*order_by) + + # for role_teacher role model, add 'teacher' comments + if (role_model == 'teacher'): + with_teachers = [] + for u in list(User.objects.filter(userrole__role__name = 'Teacher')): + if DECORATED_CREATORS: + with_teachers.append(u.username) + else: + with_teachers.append(u.id) + + # add admin and current user + admin = User.objects.get(id=1) + if DECORATED_CREATORS: + with_teachers.append(admin.username) + with_teachers.append(request.GET.get('name', None)) + visible_comments = comments.filter(name__in=with_teachers).order_by(*order_by) + else: + with_teachers.append(admin.id) + with_teachers.append(user.id) + visible_comments = comments.filter(user__id__in=with_teachers).order_by(*order_by) + # filter comments with a non visible (i.e. moderated) comment in the above thread comments_thread_viewable = [c for c in visible_comments if c.is_thread_full_visible(own_user=user)] return comments_thread_viewable