Commit 3ebaacc7 authored by mathieso's avatar mathieso

More tests, new views, things.

parent 0184c695
......@@ -9,6 +9,8 @@ X - initial valuies of new config flags and shit.
? Trimmed date format
Module updates
# History
All records owned by nobody?
......@@ -17,13 +19,29 @@ Submission feedback - put JSON of eval and other things in history record.
Remove JSON field from submission content type.
Need a filter to remove students not in own classes.
Date range filter on reports.
# Permission
Grader can get to http://s1.localhost/admin/config/user-interface, does nothing.
What do graders see when there is no admin toolbar?
- search in admin toolbar.
# Suggestion
Confirm cancel
# SUbmission delays - user confidence
# Submission delays - user confidence
When submit, can be slow, tell user that something is happening.
......@@ -49,6 +67,9 @@ Does the instructor views access plugin work? Make one for graders and admin too
Add record selection thing?
# FiB
color change after shrink
# Exercises
......
No preview for this file type
......@@ -442,7 +442,13 @@ skilling.admin.badges.add_badge:
description: 'Add a new badge.'
weight: 60
# Skilling | Reflections
skilling.admin.reflections:
title: 'Reflections'
route_name: view.reflection_notes_for_authors.list
parent: system.admin.skilling
description: 'List reflection notes.'
weight: 70
# Skilling | FiBs and MCQs
......
......@@ -1592,9 +1592,6 @@ function skilling_node_view_alter(array &$build, Drupal\Core\Entity\EntityInterf
$build['#post_render'][] = 'skilling_node_rebuild_headers';
/** @var Node $node */
$node = $entity;
// if ($node->bundle() === SkillingConstants::CALENDAR_CONTENT_TYPE) {
// skilling_add_planner_form($build, $entity, $display);
// }
if ($node->bundle() === SkillingConstants::NOTICE_CONTENT_TYPE) {
/** @var \Drupal\skilling\Notice $noticeService */
$noticeService = Drupal::service('skilling.notice');
......@@ -1674,7 +1671,6 @@ function skilling_node_view_alter(array &$build, Drupal\Core\Entity\EntityInterf
// $build['#cache']['max-age'] = 0;
// \Drupal::service('page_cache_kill_switch')->trigger();
} // Is exercise content type.
// } // End isStudent().
// For authors, reviewers, and admins.
if ($currentUser->isAuthor() || $currentUser->isAdministrator() || $currentUser->isReviewer()) {
if ($entity->getEntityTypeId() === 'node') {
......
......@@ -26,6 +26,7 @@ use Drupal\skilling\SkillingUser;
use Drupal\skilling\SkillingUserFactory;
use Drupal\skilling\Utilities as SkillingUtilities;
use Drupal\skilling\SkillingClass\SkillingCurrentClass;
use Drupal\taxonomy\Entity\Term;
/**
* A service to check the current user's access to entities, blocks, and fields.
......@@ -196,6 +197,22 @@ class SkillingAccessChecker {
'http_method' => 'get',
'allowed' => TRUE,
],
[
'field_name' => SkillingConstants::FIELD_ORDER_IN_BOOK,
'operation' => SkillingConstants::VIEW_OPERATION,
'paths' => [
'/admin/skilling/reflection-notes',
],
'roles' => [
SkillingConstants::SITE_ROLE_AUTHOR,
SkillingConstants::SITE_ROLE_INSTRUCTOR,
SkillingConstants::SITE_ROLE_REVIEWER,
],
'http_method' => 'get',
'allowed' => TRUE,
],
[
'field_name' => SkillingConstants::FIELD_ORDER_IN_BOOK,
'operation' => SkillingConstants::VIEW_OPERATION,
......@@ -248,15 +265,62 @@ class SkillingAccessChecker {
return $result;
}
elseif ($entityType == 'file') {
/** @var File $file */
$file = $entity;
$result = $this->getFileAccess($file, $operation);
return $result;
}
elseif ($entityType == 'taxonomy_term') {
/** @var Term $term */
$term = $entity;
$result = $this->getTaxonomyTermAccess($term, $operation);
return $result;
}
$result = AccessResult::neutral();
$result->setCacheMaxAge(0);
return $result;
}
public function getTaxonomyTermAccess(Term $term, $operation) {
$allow = $this->isTaxonomyTermAccess($term, $operation);
if ($allow) {
$result = AccessResult::neutral();
}
else {
$result = AccessResult::forbidden();
}
$result->setCacheMaxAge(0);
return $result;
}
public function isTaxonomyTermAccess(Term $term, $operation) {
$taxonomyName = $term->bundle();
if ($taxonomyName != SkillingConstants::TAXONOMY_RUBRIC_ITEM_CATEGORIES) {
return TRUE;
}
$allow = FALSE;
// Normalize operation name.
$operation = $this->normalizeOperation($operation);
// Some flag to make code more readable.
$viewOperation = $operation === SkillingConstants::VIEW_OPERATION;
$editOperation = $operation === SkillingConstants::EDIT_OPERATION;
// Make role flags in local vars to make code easier to read.
$admin = $this->currentUser->isAdministrator();
$author = $this->currentUser->isAuthor();
$reviewer = $this->currentUser->isReviewer();
$instructor = $this->currentUser->isInstructor();
$grader = $this->currentUser->isGrader();
// Start checking access.
if ($viewOperation) {
$allow = $admin || $author || $instructor || $grader || $reviewer;
}
if ($editOperation) {
$allow = $admin || $author;
}
return $allow;
}
/**
* Is an entity one that Skilling's access check cares about?
*
......@@ -550,6 +614,8 @@ class SkillingAccessChecker {
}
}
}
break;
case SkillingConstants::NOTICE_CONTENT_TYPE:
if ($viewOperation) {
if ($authenticated) {
......@@ -726,7 +792,9 @@ class SkillingAccessChecker {
case SkillingConstants::REFLECT_NOTE_CONTENT_TYPE:
if ($viewOperation) {
// Admins can see all reflect notes.
if ($admin) {
// Authors can see them in a view, but restrictions are added on
// individual nodes.
if ($admin || $author) {
$allow = TRUE;
break;
}
......@@ -1481,7 +1549,6 @@ class SkillingAccessChecker {
$admin = $this->currentUser->isAdministrator();
$author = $this->currentUser->isAuthor();
$instructor = $this->currentUser->isInstructor();
$grader = $this->currentUser->isGrader();
$reviewer = $this->currentUser->isReviewer();
if ($operation === SkillingConstants::VIEW_OPERATION) {
switch ($fieldName) {
......@@ -1558,9 +1625,7 @@ class SkillingAccessChecker {
$allow = FALSE;
$admin = $this->currentUser->isAdministrator();
$author = $this->currentUser->isAuthor();
$instructor = $this->currentUser->isInstructor();
$reviewer = $this->currentUser->isReviewer();
$grader = $this->currentUser->isGrader();
if ($operation === SkillingConstants::VIEW_OPERATION) {
switch ($fieldName) {
......@@ -1636,8 +1701,6 @@ class SkillingAccessChecker {
$admin = $this->currentUser->isAdministrator();
$author = $this->currentUser->isAuthor();
$instructor = $this->currentUser->isInstructor();
$reviewer = $this->currentUser->isReviewer();
$grader = $this->currentUser->isGrader();
if ($operation === SkillingConstants::VIEW_OPERATION) {
switch ($fieldName) {
......@@ -1708,7 +1771,6 @@ class SkillingAccessChecker {
$author = $this->currentUser->isAuthor();
$reviewer = $this->currentUser->isReviewer();
$instructor = $this->currentUser->isInstructor();
$grader = $this->currentUser->isGrader();
if ($operation === SkillingConstants::VIEW_OPERATION) {
switch ($fieldName) {
// Viewing an MCQ.
......@@ -2306,7 +2368,6 @@ class SkillingAccessChecker {
*/
protected function isMcqResponseFieldAccess($operation, $fieldName) {
// Deny access by default.
$allow = FALSE;
$admin = $this->currentUser->isAdministrator();
$author = $this->currentUser->isAuthor();
$reviewer = $this->currentUser->isReviewer();
......@@ -2343,7 +2404,6 @@ class SkillingAccessChecker {
*/
protected function isFibResponseFieldAccess($operation, $fieldName) {
// Deny access by default.
$allow = FALSE;
$admin = $this->currentUser->isAdministrator();
$author = $this->currentUser->isAuthor();
$reviewer = $this->currentUser->isReviewer();
......@@ -2477,62 +2537,6 @@ class SkillingAccessChecker {
return $allow;
}
// /**
// * Check field access for the history content type for the current user.
// *
// * @param string $operation
// * Operation, view or edit.
// * @param string $fieldName
// * Name of the field to check access to.
// *
// * @return bool
// * True means access is not blocked. False means it is blocked.
// *
// * @throws \Drupal\skilling\Exception\SkillingInvalidValueException
// */
// protected function isHistoryFieldAccess($operation, $fieldName) {
// // Deny access by default.
// $allow = FALSE;
// $admin = $this->currentUser->isAdministrator();
// $author = $this->currentUser->isAuthor();
// $instructor = $this->currentUser->isInstructor();
// $student = $this->currentUser->isStudent();
// if ($operation === SkillingConstants::VIEW_OPERATION) {
// switch ($fieldName) {
// // Viewing a history field.
// case SkillingConstants::FIELD_TITLE:
// case SkillingConstants::FIELD_WHEN:
// case SkillingConstants::FIELD_USER:
// case SkillingConstants::FIELD_EVENT_TYPE_NAME:
// case SkillingConstants::FIELD_SUBJECT_NODE:
// case SkillingConstants::FIELD_DETAILS:
// $allow = $admin || $instructor || $student;
// break;
//
// case SkillingConstants::FIELD_NOTES:
// $allow = $admin || $instructor;
// break;
//
// default:
// $this->makeUnknownFieldErrorReportForUser($fieldName);
// }
// }
// elseif ($operation === SkillingConstants::EDIT_OPERATION) {
// // Editing a history field.
// // Admins can edit all fields.
// if ($admin) {
// $allow = TRUE;
// }
// }
// else {
// throw new SkillingInvalidValueException(
// Html::escape('Operation not supported: ' . $operation),
// __FILE__, __LINE__
// );
// }
// return $allow;
// }
/**
* Check field access for the reflect note content type for the current user.
*
......@@ -2551,19 +2555,23 @@ class SkillingAccessChecker {
$allow = FALSE;
$admin = $this->currentUser->isAdministrator();
$instructor = $this->currentUser->isInstructor();
$author = $this->currentUser->isAuthor();
$student = $this->currentUser->isStudent();
if ($operation === SkillingConstants::VIEW_OPERATION) {
switch ($fieldName) {
// Viewing a reflect note.
case SkillingConstants::FIELD_TITLE:
$allow = $admin || $instructor;
break;
case SkillingConstants::FIELD_INTERNAL_NAME:
case SkillingConstants::FIELD_NOTES:
$allow = $admin || $instructor;
$allow = $admin || $instructor || $author;
break;
case SkillingConstants::FIELD_NODE:
case SkillingConstants::FIELD_NOTE:
$allow = $admin || $instructor || $student;
$allow = $admin || $instructor || $student || $author;
break;
default:
......@@ -2614,10 +2622,6 @@ class SkillingAccessChecker {
// Deny access by default.
$allow = FALSE;
$admin = $this->currentUser->isAdministrator();
$author = $this->currentUser->isAuthor();
$instructor = $this->currentUser->isInstructor();
$reviewer = $this->currentUser->isReviewer();
$grader = $this->currentUser->isGrader();
$authenticated = $this->currentUser->isAuthenticated();
if ($operation === SkillingConstants::VIEW_OPERATION) {
......@@ -2674,9 +2678,6 @@ class SkillingAccessChecker {
$allow = FALSE;
$admin = $this->currentUser->isAdministrator();
$author = $this->currentUser->isAuthor();
$reviewer = $this->currentUser->isReviewer();
$instructor = $this->currentUser->isInstructor();
$grader = $this->currentUser->isGrader();
if ($operation === SkillingConstants::VIEW_OPERATION) {
switch ($fieldName) {
// Viewing a badge.
......@@ -3238,11 +3239,8 @@ class SkillingAccessChecker {
if ($student || $grader) {
// Only see events for classes they are enrolled in.
/** @var \Drupal\node\NodeInterface $event */
// $event = $paragraph->get('field_event');
// if ($this->isCurrentUserInClassWithEvent($event)) {
$allow = TRUE;
break;
// }
}
}
elseif ($editOperation) {
......@@ -3484,6 +3482,4 @@ class SkillingAccessChecker {
return FALSE;
}
}
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment