Index: openacs-4/packages/lorsm/www/course-add-2.tcl
===================================================================
RCS file: /usr/local/cvsroot/openacs-4/packages/lorsm/www/Attic/course-add-2.tcl,v
diff -u -r1.2 -r1.3
--- openacs-4/packages/lorsm/www/course-add-2.tcl 4 Sep 2004 14:51:21 -0000 1.2
+++ openacs-4/packages/lorsm/www/course-add-2.tcl 27 Oct 2004 07:46:52 -0000 1.3
@@ -27,6 +27,11 @@
}
}
+
+# Permissions
+set user_id [ad_conn user_id]
+dotlrn::require_user_admin_community -user_id $user_id -community_id [dotlrn_community::get_community_id]
+
# unzips the file
if { ![empty_string_p $upload_file] &&
[ catch {set tmp_dir [lors::imscp::expand_file $upload_file ${upload_file.tmpfile} lors-imscp-$course_id] } errMsg] } {
@@ -44,8 +49,8 @@
}
-#check permission
-set user_id [ad_conn user_id]
+
+# Permissions on target folder
ad_require_permission $folder_id admin
Index: openacs-4/packages/lorsm/www/enabler.tcl
===================================================================
RCS file: /usr/local/cvsroot/openacs-4/packages/lorsm/www/Attic/enabler.tcl,v
diff -u -r1.1 -r1.2
--- openacs-4/packages/lorsm/www/enabler.tcl 4 Sep 2004 14:51:21 -0000 1.1
+++ openacs-4/packages/lorsm/www/enabler.tcl 27 Oct 2004 07:46:52 -0000 1.2
@@ -16,14 +16,16 @@
}
set package_id [ad_conn package_id]
+set user_id [ad_conn user_id]
set community_id [dotlrn_community::get_community_id]
set admin_p [dotlrn::user_can_admin_community_p \
- -user_id [ad_conn user_id] \
+ -user_id $user_id \
-community_id $community_id ]
+# Permissions
+dotlrn::require_user_admin_community -user_id $user_id -community_id $community_id
-
set title "Set Course Trackable"
set context [list "Set Course Status"]
Index: openacs-4/packages/lorsm/www/index.tcl
===================================================================
RCS file: /usr/local/cvsroot/openacs-4/packages/lorsm/www/index.tcl,v
diff -u -r1.2 -r1.3
--- openacs-4/packages/lorsm/www/index.tcl 4 Sep 2004 14:51:21 -0000 1.2
+++ openacs-4/packages/lorsm/www/index.tcl 27 Oct 2004 07:46:52 -0000 1.3
@@ -15,20 +15,26 @@
set package_id [ad_conn package_id]
+set user_id [ad_conn user_id]
set community_id [dotlrn_community::get_community_id]
set admin_p [dotlrn::user_can_admin_community_p \
-user_id [ad_conn user_id] \
-community_id $community_id ]
+set admin_p [dotlrn::user_can_admin_community_p \
+ -user_id $user_id \
+ -community_id $community_id ]
+# Permissions
+dotlrn::require_user_admin_community -user_id $user_id -community_id $community_id
+
set actions [list]
-if {$admin_p} {
- lappend actions "Add Course" [export_vars -base "course-add"] "Add a IMS/SCORM Compliant Course"
- lappend actions "Search Learning Objects" [export_vars -base "/search"] "Search for Learninng Objects in the Repository"
- lappend actions "Available Courses" [export_vars -base "shared/"] "View Available Courses in the Repository"
-}
+lappend actions "Add Course" [export_vars -base "course-add"] "Add a IMS/SCORM Compliant Course"
+lappend actions "Search Learning Objects" [export_vars -base "/search"] "Search for Learninng Objects in the Repository"
+lappend actions "Available Courses" [export_vars -base "shared/"] "View Available Courses in the Repository"
+
template::list::create \
-name d_courses \
Index: openacs-4/packages/lorsm/www/not-allowed.adp
===================================================================
RCS file: /usr/local/cvsroot/openacs-4/packages/lorsm/www/not-allowed.adp,v
diff -u
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ openacs-4/packages/lorsm/www/not-allowed.adp 27 Oct 2004 07:46:52 -0000 1.1
@@ -0,0 +1,5 @@
+<master>
+<property name="title">Action Not Allowed</property>
+<property name="context">@context;noquote@</property>
+
+We're sorry, but it appears that you do not have the permission to perform this operation.
\ No newline at end of file
Index: openacs-4/packages/lorsm/www/not-allowed.tcl
===================================================================
RCS file: /usr/local/cvsroot/openacs-4/packages/lorsm/www/not-allowed.tcl,v
diff -u
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ openacs-4/packages/lorsm/www/not-allowed.tcl 27 Oct 2004 07:46:52 -0000 1.1
@@ -0,0 +1,10 @@
+ad_page_contract {
+
+ Action not allowed.
+
+ @author Lars Pind (lars@pinds.com)
+ @creation-date 2002-10-14
+ @cvs-id $Id: not-allowed.tcl,v 1.1 2004/10/27 07:46:52 ernieg Exp $
+}
+
+set context [list "Not Allowed"]
Index: openacs-4/packages/lorsm/www/sharer.tcl
===================================================================
RCS file: /usr/local/cvsroot/openacs-4/packages/lorsm/www/Attic/sharer.tcl,v
diff -u -r1.1 -r1.2
--- openacs-4/packages/lorsm/www/sharer.tcl 4 Sep 2004 14:51:21 -0000 1.1
+++ openacs-4/packages/lorsm/www/sharer.tcl 27 Oct 2004 07:46:52 -0000 1.2
@@ -27,6 +27,9 @@
-user_id $user_id \
-community_id $community_id ]
+# Permissions
+dotlrn::require_user_admin_community -user_id $user_id -community_id $community_id
+
# check write permisssion for the learning object/manifest
permission::require_write_permission -object_id $man_id -creation_user $user_id
Index: openacs-4/packages/lorsm/www/tracker.tcl
===================================================================
RCS file: /usr/local/cvsroot/openacs-4/packages/lorsm/www/Attic/tracker.tcl,v
diff -u -r1.1 -r1.2
--- openacs-4/packages/lorsm/www/tracker.tcl 4 Sep 2004 14:51:21 -0000 1.1
+++ openacs-4/packages/lorsm/www/tracker.tcl 27 Oct 2004 07:46:52 -0000 1.2
@@ -22,8 +22,18 @@
-user_id [ad_conn user_id] \
-community_id $community_id ]
+# Permissions
+dotlrn::require_user_admin_community -user_id [ad_conn user_id] -community_id $community_id
+# Checks whether the user has appropiate permissions otherwise we kick
+# him out
+if {!$admin_p} {
+ ad_returnredirect "not-allowed"
+ return -code error
+}
+
+
set title "Set Course Track Options"
set context [list "Set Course Options"]
Index: openacs-4/packages/lorsm/www/delivery/menu.tcl
===================================================================
RCS file: /usr/local/cvsroot/openacs-4/packages/lorsm/www/delivery/menu.tcl,v
diff -u -r1.1 -r1.2
--- openacs-4/packages/lorsm/www/delivery/menu.tcl 4 Sep 2004 14:51:22 -0000 1.1
+++ openacs-4/packages/lorsm/www/delivery/menu.tcl 27 Oct 2004 07:46:53 -0000 1.2
@@ -41,6 +41,11 @@
set title [fs::remove_special_file_system_characters -string $title]
regsub {'} $title {\'} title
+ # as suggested by Michele Slocovich (michele@sii.it)
+ # http://openacs.org/bugtracker/openacs/com/lors/bug?bug%5fnumber=2100
+ #
+ set title [string map { \{ \\{ \} \\} } $title ]
+
upvar #$adp_level man_id man_id
set url "'[export_vars -base "record-view" \
-url {item_id man_id}]'"
Index: openacs-4/packages/lorsm/www/delivery2/view/index.vuh
===================================================================
RCS file: /usr/local/cvsroot/openacs-4/packages/lorsm/www/delivery2/view/index.vuh,v
diff -u -r1.1 -r1.2
--- openacs-4/packages/lorsm/www/delivery2/view/index.vuh 4 Sep 2004 14:51:28 -0000 1.1
+++ openacs-4/packages/lorsm/www/delivery2/view/index.vuh 27 Oct 2004 07:46:53 -0000 1.2
@@ -35,9 +35,8 @@
if { [lorsm::init the_url the_root $content_root $template_root public "" $content_type] } {
# we introduced our own template
- rp_internal_redirect -absolute_path /home/ernieg/web/concord/templates/lorsm-default
+ rp_internal_redirect -absolute_path [acs_root_dir]/templates/lorsm-default
-
} else {
# ns_returnnotfound
set page "[ad_header {Content Item Not Found}]"
Index: openacs-4/packages/lorsm/www/shared/add-shared-course-2.tcl
===================================================================
RCS file: /usr/local/cvsroot/openacs-4/packages/lorsm/www/shared/Attic/add-shared-course-2.tcl,v
diff -u -r1.1 -r1.2
--- openacs-4/packages/lorsm/www/shared/add-shared-course-2.tcl 4 Sep 2004 14:51:29 -0000 1.1
+++ openacs-4/packages/lorsm/www/shared/add-shared-course-2.tcl 27 Oct 2004 07:46:54 -0000 1.2
@@ -21,6 +21,9 @@
set community_id [dotlrn_community::get_community_id]
set class_key [dotlrn_community::get_community_type_from_community_id $community_id]
+# Permissions
+dotlrn::require_user_admin_community -user_id $user_id -community_id $community_id
+
# check admin permisssion for the community
set admin_p [dotlrn::user_can_admin_community_p \
-user_id $user_id \
Index: openacs-4/packages/lorsm/www/shared/add-shared-course.tcl
===================================================================
RCS file: /usr/local/cvsroot/openacs-4/packages/lorsm/www/shared/Attic/add-shared-course.tcl,v
diff -u -r1.1 -r1.2
--- openacs-4/packages/lorsm/www/shared/add-shared-course.tcl 4 Sep 2004 14:51:29 -0000 1.1
+++ openacs-4/packages/lorsm/www/shared/add-shared-course.tcl 27 Oct 2004 07:46:54 -0000 1.2
@@ -20,6 +20,9 @@
set community_id [dotlrn_community::get_community_id]
set class_key [dotlrn_community::get_community_type_from_community_id $community_id]
+# Permissions
+dotlrn::require_user_admin_community -user_id $user_id -community_id $community_id
+
# check admin permisssion for the community
set admin_p [dotlrn::user_can_admin_community_p \
-user_id $user_id \
Index: openacs-4/packages/lorsm/www/shared/course-info.tcl
===================================================================
RCS file: /usr/local/cvsroot/openacs-4/packages/lorsm/www/shared/Attic/course-info.tcl,v
diff -u -r1.1 -r1.2
--- openacs-4/packages/lorsm/www/shared/course-info.tcl 4 Sep 2004 14:51:29 -0000 1.1
+++ openacs-4/packages/lorsm/www/shared/course-info.tcl 27 Oct 2004 07:46:54 -0000 1.2
@@ -17,16 +17,21 @@
set context [list [list [export_vars -base .] "Shared Courses"] "Preview Course"]
+set community_id [dotlrn_community::get_community_id]
+
set title "Preview Course"
+# Permissions
+dotlrn::require_user_admin_community -user_id [ad_conn user_id] -community_id $community_id
+
# In order to share courses across classes, we need to share
# file-storage objects across file-storage instances. This has been
# proven to be really tricky. But here we pass the fs_package_id for
# the current community, so we don't have to have permissions for
# other instances of file-storages of other classes. See
# documentation for further details.
-set community_id [dotlrn_community::get_community_id]
+
set fs_local_package_id [site_node_apm_integration::get_child_package_id \
-package_id [dotlrn_community::get_package_id $community_id] \
-package_key "file-storage"\
Index: openacs-4/packages/lorsm/www/shared/index.tcl
===================================================================
RCS file: /usr/local/cvsroot/openacs-4/packages/lorsm/www/shared/Attic/index.tcl,v
diff -u -r1.1 -r1.2
--- openacs-4/packages/lorsm/www/shared/index.tcl 4 Sep 2004 14:51:29 -0000 1.1
+++ openacs-4/packages/lorsm/www/shared/index.tcl 27 Oct 2004 07:46:54 -0000 1.2
@@ -18,3 +18,7 @@
set title "Shared Courses"
set context [list "Shared Courses"]
+set community_id [dotlrn_community::get_community_id]
+
+# Permissions
+dotlrn::require_user_admin_community -user_id [ad_conn user_id] -community_id $community_id
Index: openacs-4/packages/lorsm/www/tracking/index.tcl
===================================================================
RCS file: /usr/local/cvsroot/openacs-4/packages/lorsm/www/tracking/Attic/index.tcl,v
diff -u -r1.1 -r1.2
--- openacs-4/packages/lorsm/www/tracking/index.tcl 4 Sep 2004 14:51:29 -0000 1.1
+++ openacs-4/packages/lorsm/www/tracking/index.tcl 27 Oct 2004 07:46:54 -0000 1.2
@@ -24,6 +24,8 @@
-user_id [ad_conn user_id] \
-community_id $community_id ]
+# Permissions
+dotlrn::require_user_admin_community -user_id [ad_conn user_id] -community_id $community_id
set title "Student Tracking"
set context {Tracking}