Index: openacs-4/packages/lorsm/www/course-add-2.tcl =================================================================== RCS file: /usr/local/cvsroot/openacs-4/packages/lorsm/www/Attic/course-add-2.tcl,v diff -u -r1.2 -r1.3 --- openacs-4/packages/lorsm/www/course-add-2.tcl 4 Sep 2004 14:51:21 -0000 1.2 +++ openacs-4/packages/lorsm/www/course-add-2.tcl 27 Oct 2004 07:46:52 -0000 1.3 @@ -27,6 +27,11 @@ } } + +# Permissions +set user_id [ad_conn user_id] +dotlrn::require_user_admin_community -user_id $user_id -community_id [dotlrn_community::get_community_id] + # unzips the file if { ![empty_string_p $upload_file] && [ catch {set tmp_dir [lors::imscp::expand_file $upload_file ${upload_file.tmpfile} lors-imscp-$course_id] } errMsg] } { @@ -44,8 +49,8 @@ } -#check permission -set user_id [ad_conn user_id] + +# Permissions on target folder ad_require_permission $folder_id admin Index: openacs-4/packages/lorsm/www/enabler.tcl =================================================================== RCS file: /usr/local/cvsroot/openacs-4/packages/lorsm/www/Attic/enabler.tcl,v diff -u -r1.1 -r1.2 --- openacs-4/packages/lorsm/www/enabler.tcl 4 Sep 2004 14:51:21 -0000 1.1 +++ openacs-4/packages/lorsm/www/enabler.tcl 27 Oct 2004 07:46:52 -0000 1.2 @@ -16,14 +16,16 @@ } set package_id [ad_conn package_id] +set user_id [ad_conn user_id] set community_id [dotlrn_community::get_community_id] set admin_p [dotlrn::user_can_admin_community_p \ - -user_id [ad_conn user_id] \ + -user_id $user_id \ -community_id $community_id ] +# Permissions +dotlrn::require_user_admin_community -user_id $user_id -community_id $community_id - set title "Set Course Trackable" set context [list "Set Course Status"] Index: openacs-4/packages/lorsm/www/index.tcl =================================================================== RCS file: /usr/local/cvsroot/openacs-4/packages/lorsm/www/index.tcl,v diff -u -r1.2 -r1.3 --- openacs-4/packages/lorsm/www/index.tcl 4 Sep 2004 14:51:21 -0000 1.2 +++ openacs-4/packages/lorsm/www/index.tcl 27 Oct 2004 07:46:52 -0000 1.3 @@ -15,20 +15,26 @@ set package_id [ad_conn package_id] +set user_id [ad_conn user_id] set community_id [dotlrn_community::get_community_id] set admin_p [dotlrn::user_can_admin_community_p \ -user_id [ad_conn user_id] \ -community_id $community_id ] +set admin_p [dotlrn::user_can_admin_community_p \ + -user_id $user_id \ + -community_id $community_id ] +# Permissions +dotlrn::require_user_admin_community -user_id $user_id -community_id $community_id + set actions [list] -if {$admin_p} { - lappend actions "Add Course" [export_vars -base "course-add"] "Add a IMS/SCORM Compliant Course" - lappend actions "Search Learning Objects" [export_vars -base "/search"] "Search for Learninng Objects in the Repository" - lappend actions "Available Courses" [export_vars -base "shared/"] "View Available Courses in the Repository" -} +lappend actions "Add Course" [export_vars -base "course-add"] "Add a IMS/SCORM Compliant Course" +lappend actions "Search Learning Objects" [export_vars -base "/search"] "Search for Learninng Objects in the Repository" +lappend actions "Available Courses" [export_vars -base "shared/"] "View Available Courses in the Repository" + template::list::create \ -name d_courses \ Index: openacs-4/packages/lorsm/www/not-allowed.adp =================================================================== RCS file: /usr/local/cvsroot/openacs-4/packages/lorsm/www/not-allowed.adp,v diff -u --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ openacs-4/packages/lorsm/www/not-allowed.adp 27 Oct 2004 07:46:52 -0000 1.1 @@ -0,0 +1,5 @@ + +Action Not Allowed +@context;noquote@ + +We're sorry, but it appears that you do not have the permission to perform this operation. \ No newline at end of file Index: openacs-4/packages/lorsm/www/not-allowed.tcl =================================================================== RCS file: /usr/local/cvsroot/openacs-4/packages/lorsm/www/not-allowed.tcl,v diff -u --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ openacs-4/packages/lorsm/www/not-allowed.tcl 27 Oct 2004 07:46:52 -0000 1.1 @@ -0,0 +1,10 @@ +ad_page_contract { + + Action not allowed. + + @author Lars Pind (lars@pinds.com) + @creation-date 2002-10-14 + @cvs-id $Id: not-allowed.tcl,v 1.1 2004/10/27 07:46:52 ernieg Exp $ +} + +set context [list "Not Allowed"] Index: openacs-4/packages/lorsm/www/sharer.tcl =================================================================== RCS file: /usr/local/cvsroot/openacs-4/packages/lorsm/www/Attic/sharer.tcl,v diff -u -r1.1 -r1.2 --- openacs-4/packages/lorsm/www/sharer.tcl 4 Sep 2004 14:51:21 -0000 1.1 +++ openacs-4/packages/lorsm/www/sharer.tcl 27 Oct 2004 07:46:52 -0000 1.2 @@ -27,6 +27,9 @@ -user_id $user_id \ -community_id $community_id ] +# Permissions +dotlrn::require_user_admin_community -user_id $user_id -community_id $community_id + # check write permisssion for the learning object/manifest permission::require_write_permission -object_id $man_id -creation_user $user_id Index: openacs-4/packages/lorsm/www/tracker.tcl =================================================================== RCS file: /usr/local/cvsroot/openacs-4/packages/lorsm/www/Attic/tracker.tcl,v diff -u -r1.1 -r1.2 --- openacs-4/packages/lorsm/www/tracker.tcl 4 Sep 2004 14:51:21 -0000 1.1 +++ openacs-4/packages/lorsm/www/tracker.tcl 27 Oct 2004 07:46:52 -0000 1.2 @@ -22,8 +22,18 @@ -user_id [ad_conn user_id] \ -community_id $community_id ] +# Permissions +dotlrn::require_user_admin_community -user_id [ad_conn user_id] -community_id $community_id +# Checks whether the user has appropiate permissions otherwise we kick +# him out +if {!$admin_p} { + ad_returnredirect "not-allowed" + return -code error +} + + set title "Set Course Track Options" set context [list "Set Course Options"] Index: openacs-4/packages/lorsm/www/delivery/menu.tcl =================================================================== RCS file: /usr/local/cvsroot/openacs-4/packages/lorsm/www/delivery/menu.tcl,v diff -u -r1.1 -r1.2 --- openacs-4/packages/lorsm/www/delivery/menu.tcl 4 Sep 2004 14:51:22 -0000 1.1 +++ openacs-4/packages/lorsm/www/delivery/menu.tcl 27 Oct 2004 07:46:53 -0000 1.2 @@ -41,6 +41,11 @@ set title [fs::remove_special_file_system_characters -string $title] regsub {'} $title {\'} title + # as suggested by Michele Slocovich (michele@sii.it) + # http://openacs.org/bugtracker/openacs/com/lors/bug?bug%5fnumber=2100 + # + set title [string map { \{ \\{ \} \\} } $title ] + upvar #$adp_level man_id man_id set url "'[export_vars -base "record-view" \ -url {item_id man_id}]'" Index: openacs-4/packages/lorsm/www/delivery2/view/index.vuh =================================================================== RCS file: /usr/local/cvsroot/openacs-4/packages/lorsm/www/delivery2/view/index.vuh,v diff -u -r1.1 -r1.2 --- openacs-4/packages/lorsm/www/delivery2/view/index.vuh 4 Sep 2004 14:51:28 -0000 1.1 +++ openacs-4/packages/lorsm/www/delivery2/view/index.vuh 27 Oct 2004 07:46:53 -0000 1.2 @@ -35,9 +35,8 @@ if { [lorsm::init the_url the_root $content_root $template_root public "" $content_type] } { # we introduced our own template - rp_internal_redirect -absolute_path /home/ernieg/web/concord/templates/lorsm-default + rp_internal_redirect -absolute_path [acs_root_dir]/templates/lorsm-default - } else { # ns_returnnotfound set page "[ad_header {Content Item Not Found}]" Index: openacs-4/packages/lorsm/www/shared/add-shared-course-2.tcl =================================================================== RCS file: /usr/local/cvsroot/openacs-4/packages/lorsm/www/shared/Attic/add-shared-course-2.tcl,v diff -u -r1.1 -r1.2 --- openacs-4/packages/lorsm/www/shared/add-shared-course-2.tcl 4 Sep 2004 14:51:29 -0000 1.1 +++ openacs-4/packages/lorsm/www/shared/add-shared-course-2.tcl 27 Oct 2004 07:46:54 -0000 1.2 @@ -21,6 +21,9 @@ set community_id [dotlrn_community::get_community_id] set class_key [dotlrn_community::get_community_type_from_community_id $community_id] +# Permissions +dotlrn::require_user_admin_community -user_id $user_id -community_id $community_id + # check admin permisssion for the community set admin_p [dotlrn::user_can_admin_community_p \ -user_id $user_id \ Index: openacs-4/packages/lorsm/www/shared/add-shared-course.tcl =================================================================== RCS file: /usr/local/cvsroot/openacs-4/packages/lorsm/www/shared/Attic/add-shared-course.tcl,v diff -u -r1.1 -r1.2 --- openacs-4/packages/lorsm/www/shared/add-shared-course.tcl 4 Sep 2004 14:51:29 -0000 1.1 +++ openacs-4/packages/lorsm/www/shared/add-shared-course.tcl 27 Oct 2004 07:46:54 -0000 1.2 @@ -20,6 +20,9 @@ set community_id [dotlrn_community::get_community_id] set class_key [dotlrn_community::get_community_type_from_community_id $community_id] +# Permissions +dotlrn::require_user_admin_community -user_id $user_id -community_id $community_id + # check admin permisssion for the community set admin_p [dotlrn::user_can_admin_community_p \ -user_id $user_id \ Index: openacs-4/packages/lorsm/www/shared/course-info.tcl =================================================================== RCS file: /usr/local/cvsroot/openacs-4/packages/lorsm/www/shared/Attic/course-info.tcl,v diff -u -r1.1 -r1.2 --- openacs-4/packages/lorsm/www/shared/course-info.tcl 4 Sep 2004 14:51:29 -0000 1.1 +++ openacs-4/packages/lorsm/www/shared/course-info.tcl 27 Oct 2004 07:46:54 -0000 1.2 @@ -17,16 +17,21 @@ set context [list [list [export_vars -base .] "Shared Courses"] "Preview Course"] +set community_id [dotlrn_community::get_community_id] + set title "Preview Course" +# Permissions +dotlrn::require_user_admin_community -user_id [ad_conn user_id] -community_id $community_id + # In order to share courses across classes, we need to share # file-storage objects across file-storage instances. This has been # proven to be really tricky. But here we pass the fs_package_id for # the current community, so we don't have to have permissions for # other instances of file-storages of other classes. See # documentation for further details. -set community_id [dotlrn_community::get_community_id] + set fs_local_package_id [site_node_apm_integration::get_child_package_id \ -package_id [dotlrn_community::get_package_id $community_id] \ -package_key "file-storage"\ Index: openacs-4/packages/lorsm/www/shared/index.tcl =================================================================== RCS file: /usr/local/cvsroot/openacs-4/packages/lorsm/www/shared/Attic/index.tcl,v diff -u -r1.1 -r1.2 --- openacs-4/packages/lorsm/www/shared/index.tcl 4 Sep 2004 14:51:29 -0000 1.1 +++ openacs-4/packages/lorsm/www/shared/index.tcl 27 Oct 2004 07:46:54 -0000 1.2 @@ -18,3 +18,7 @@ set title "Shared Courses" set context [list "Shared Courses"] +set community_id [dotlrn_community::get_community_id] + +# Permissions +dotlrn::require_user_admin_community -user_id [ad_conn user_id] -community_id $community_id Index: openacs-4/packages/lorsm/www/tracking/index.tcl =================================================================== RCS file: /usr/local/cvsroot/openacs-4/packages/lorsm/www/tracking/Attic/index.tcl,v diff -u -r1.1 -r1.2 --- openacs-4/packages/lorsm/www/tracking/index.tcl 4 Sep 2004 14:51:29 -0000 1.1 +++ openacs-4/packages/lorsm/www/tracking/index.tcl 27 Oct 2004 07:46:54 -0000 1.2 @@ -24,6 +24,8 @@ -user_id [ad_conn user_id] \ -community_id $community_id ] +# Permissions +dotlrn::require_user_admin_community -user_id [ad_conn user_id] -community_id $community_id set title "Student Tracking" set context {Tracking}