From afafe0c218e8f55ad593941a4e0fa6f23a8f2a13 Mon Sep 17 00:00:00 2001 From: Sebastian Serth Date: Mon, 7 Sep 2020 18:31:45 +0200 Subject: [PATCH] Adjust teacher permissions: * Hide non-public exercises and proxy exercises * Hide average working time value on statistic page * Add hint about filter to submission page for teachers * Hide display name from feedback page --- app/policies/exercise_policy.rb | 2 +- app/policies/proxy_exercise_policy.rb | 2 +- app/views/exercises/external_users/statistics.html.slim | 2 ++ app/views/exercises/feedback.html.slim | 3 ++- app/views/exercises/statistics.html.slim | 5 +++-- config/locales/de.yml | 1 + config/locales/en.yml | 1 + spec/policies/exercise_policy_spec.rb | 2 +- 8 files changed, 12 insertions(+), 6 deletions(-) diff --git a/app/policies/exercise_policy.rb b/app/policies/exercise_policy.rb index 083f6952..eced0408 100644 --- a/app/policies/exercise_policy.rb +++ b/app/policies/exercise_policy.rb @@ -4,7 +4,7 @@ class ExercisePolicy < AdminOrAuthorPolicy end [:show?, :feedback?, :requests_for_comments?, :statistics?].each do |action| - define_method(action) { admin? || teacher? } + define_method(action) { admin? || teacher_in_study_group? || teacher? && @record.public? || author? } end def study_group_dashboard? diff --git a/app/policies/proxy_exercise_policy.rb b/app/policies/proxy_exercise_policy.rb index 14981c8e..bc26df1b 100644 --- a/app/policies/proxy_exercise_policy.rb +++ b/app/policies/proxy_exercise_policy.rb @@ -4,7 +4,7 @@ class ProxyExercisePolicy < AdminOrAuthorPolicy end def show? - admin? || teacher? + admin? || teacher_in_study_group? || teacher? && @record.public? || author? end [:clone?, :destroy?, :edit?, :update?].each do |action| diff --git a/app/views/exercises/external_users/statistics.html.slim b/app/views/exercises/external_users/statistics.html.slim index d09c2fef..01c464e5 100644 --- a/app/views/exercises/external_users/statistics.html.slim +++ b/app/views/exercises/external_users/statistics.html.slim @@ -79,6 +79,8 @@ h1 = "#{@exercise} (external user #{link_to_if(policy(@external_user).show?, @ex = t('.within_grace_period') .col-sm-3.after_late_deadline.py-2 = t('.after_late_deadline') + - unless current_user.try(:admin?) + p.mt-2 = t('.filter') - if current_user.try(:admin?) p = t('.addendum', delta: StatisticsHelper::WORKING_TIME_DELTA_IN_SECONDS / 60) .d-none#wtimes data-working_times=ActiveSupport::JSON.encode(@working_times_until); diff --git a/app/views/exercises/feedback.html.slim b/app/views/exercises/feedback.html.slim index 4b4e7b89..0aee4422 100644 --- a/app/views/exercises/feedback.html.slim +++ b/app/views/exercises/feedback.html.slim @@ -18,7 +18,8 @@ h1 = link_to_if(policy(@exercise).show?, @exercise, exercise_path(@exercise)) li.card.mt-2 .card-header role="tab" id="heading" div.clearfix.feedback-header - span.username = link_to(feedback.user.displayname, statistics_external_user_exercise_path(id: @exercise.id, external_user_id: feedback.user.id)) + - if policy(@exercise).detailed_statistics? + span.username = link_to_if(policy(feedback.user).show?, feedback.user.displayname, statistics_external_user_exercise_path(id: @exercise.id, external_user_id: feedback.user.id)) - if feedback.anomaly_notification i class="fa fa-envelope-o" data-placement="top" data-toggle="tooltip" data-container="body" title=feedback.anomaly_notification.reason span.date = feedback.created_at diff --git a/app/views/exercises/statistics.html.slim b/app/views/exercises/statistics.html.slim index 10934071..66597b97 100644 --- a/app/views/exercises/statistics.html.slim +++ b/app/views/exercises/statistics.html.slim @@ -21,8 +21,9 @@ h1 = @exercise p == @exercise.average_score ? t('shared.out_of', maximum_value: @exercise.maximum_score, value: @exercise.average_score.round(2)) : empty p = progress_bar(@exercise.average_percentage) -= row(label: '.average_worktime') do - p = @exercise.average_working_time +- if policy(@exercise).detailed_statistics? + = row(label: '.average_worktime') do + p = @exercise.average_working_time - Hash[:internal_users => t('.internal_users'), :external_users => t('.external_users')].each_pair do |symbol, label| - if symbol==:internal_users && current_user.admin? diff --git a/config/locales/de.yml b/config/locales/de.yml index c34c909c..8d2ae058 100644 --- a/config/locales/de.yml +++ b/config/locales/de.yml @@ -455,6 +455,7 @@ de: within_grace_period: Abgabe innerhalb der Gnadenfrist after_late_deadline: Verspätete Abgabe addendum: '* Differenzen von mehr als %{delta} Minuten werden ignoriert.' + filter: "Hinweis: Nur die letzte Abgabe vor einer Abgabefrist ist sichtbar." proxy_exercises: index: clone: Duplizieren diff --git a/config/locales/en.yml b/config/locales/en.yml index db8bfa6e..5d7bd43d 100644 --- a/config/locales/en.yml +++ b/config/locales/en.yml @@ -455,6 +455,7 @@ en: within_grace_period: Within Grace Period after_late_deadline: Too Late addendum: "* Deltas longer than %{delta} minutes are ignored." + filter: "Remember: Only the last submission per deadline is shown." proxy_exercises: index: clone: Duplicate diff --git a/spec/policies/exercise_policy_spec.rb b/spec/policies/exercise_policy_spec.rb index 4de6a9f4..999f1a1c 100644 --- a/spec/policies/exercise_policy_spec.rb +++ b/spec/policies/exercise_policy_spec.rb @@ -3,7 +3,7 @@ require 'rails_helper' describe ExercisePolicy do subject { described_class } -let(:exercise) { FactoryBot.build(:dummy) } +let(:exercise) { FactoryBot.build(:dummy, public: true) } permissions :batch_update? do it 'grants access to admins only' do