Merge pull request #642 from pateljannat/course-permissions
fix: permissions
This commit is contained in:
Jannat Patel
@@ -3,7 +3,7 @@
|
||||
|
||||
import frappe
|
||||
from frappe.model.document import Document
|
||||
from lms.lms.utils import can_create_courses
|
||||
from lms.lms.utils import has_course_moderator_role, has_course_instructor_role
|
||||
|
||||
|
||||
class LMSAssignment(Document):
|
||||
@@ -12,7 +12,7 @@ class LMSAssignment(Document):
|
||||
|
||||
@frappe.whitelist()
|
||||
def save_assignment(assignment, title, type, question):
|
||||
if not can_create_courses():
|
||||
if not has_course_moderator_role() or not has_course_instructor_role():
|
||||
return
|
||||
|
||||
if assignment:
|
||||
|
||||
@@ -216,7 +216,7 @@ def save_course(
|
||||
course_price=None,
|
||||
currency=None,
|
||||
):
|
||||
if not can_create_courses():
|
||||
if not can_create_courses(course):
|
||||
return
|
||||
|
||||
if course:
|
||||
|
||||
@@ -6,7 +6,11 @@ import frappe
|
||||
from frappe import _
|
||||
from frappe.model.document import Document
|
||||
from frappe.utils import cstr
|
||||
from lms.lms.utils import generate_slug, has_course_moderator_role, can_create_courses
|
||||
from lms.lms.utils import (
|
||||
generate_slug,
|
||||
has_course_moderator_role,
|
||||
has_course_instructor_role,
|
||||
)
|
||||
|
||||
|
||||
class LMSQuiz(Document):
|
||||
@@ -148,7 +152,7 @@ def quiz_summary(quiz, results):
|
||||
def save_quiz(
|
||||
quiz_title, max_attempts=1, quiz=None, show_answers=1, show_submission_history=0
|
||||
):
|
||||
if not can_create_courses():
|
||||
if not has_course_moderator_role() or not has_course_instructor_role():
|
||||
return
|
||||
|
||||
values = {
|
||||
|
||||
@@ -521,21 +521,35 @@ def has_course_instructor_role(member=None):
|
||||
)
|
||||
|
||||
|
||||
def can_create_courses(member=None):
|
||||
def can_create_courses(course, member=None):
|
||||
if not member:
|
||||
member = frappe.session.user
|
||||
|
||||
instructors = frappe.get_all(
|
||||
"Course Instructor",
|
||||
{
|
||||
"parent": course,
|
||||
},
|
||||
pluck="instructor",
|
||||
)
|
||||
|
||||
if frappe.session.user == "Guest":
|
||||
return False
|
||||
|
||||
if has_course_instructor_role(member) or has_course_moderator_role(member):
|
||||
if has_course_moderator_role(member):
|
||||
return True
|
||||
|
||||
if has_course_instructor_role(member) and member in instructors:
|
||||
return True
|
||||
|
||||
portal_course_creation = frappe.db.get_single_value(
|
||||
"LMS Settings", "portal_course_creation"
|
||||
)
|
||||
|
||||
return portal_course_creation == "Anyone"
|
||||
if portal_course_creation == "Anyone" and member in instructors:
|
||||
return True
|
||||
|
||||
return False
|
||||
|
||||
|
||||
def has_course_moderator_role(member=None):
|
||||
@@ -727,7 +741,7 @@ def get_chart_data(chart_name, timespan, timegrain, from_date, to_date):
|
||||
}
|
||||
|
||||
|
||||
@frappe.whitelist()
|
||||
@frappe.whitelist(allow_guest=True)
|
||||
def get_course_completion_data():
|
||||
all_membership = frappe.db.count("LMS Enrollment")
|
||||
completed = frappe.db.count("LMS Enrollment", {"progress": ["like", "%100%"]})
|
||||
|
||||
@@ -1,12 +1,12 @@
|
||||
import frappe
|
||||
from frappe import _
|
||||
from lms.lms.utils import can_create_courses
|
||||
from lms.lms.utils import has_course_moderator_role, has_course_instructor_role
|
||||
|
||||
|
||||
def get_context(context):
|
||||
context.no_cache = 1
|
||||
|
||||
if not can_create_courses():
|
||||
if not has_course_moderator_role() or not has_course_instructor_role():
|
||||
message = "You do not have permission to access this page."
|
||||
if frappe.session.user == "Guest":
|
||||
message = "Please login to access this page."
|
||||
|
||||
@@ -1,13 +1,13 @@
|
||||
import frappe
|
||||
from frappe.utils import cstr
|
||||
from frappe import _
|
||||
from lms.lms.utils import can_create_courses
|
||||
from lms.lms.utils import has_course_instructor_role, has_course_moderator_role
|
||||
|
||||
|
||||
def get_context(context):
|
||||
context.no_cache = 1
|
||||
|
||||
if not can_create_courses():
|
||||
if not has_course_moderator_role() or not has_course_instructor_role():
|
||||
message = "You do not have permission to access this page."
|
||||
if frappe.session.user == "Guest":
|
||||
message = "Please login to access this page."
|
||||
|
||||
@@ -1,12 +1,12 @@
|
||||
import frappe
|
||||
from lms.lms.utils import can_create_courses, has_course_moderator_role
|
||||
from lms.lms.utils import has_course_instructor_role, has_course_moderator_role
|
||||
from frappe import _
|
||||
|
||||
|
||||
def get_context(context):
|
||||
context.no_cache = 1
|
||||
|
||||
if not can_create_courses():
|
||||
if not has_course_moderator_role() or not has_course_instructor_role():
|
||||
message = "You do not have permission to access this page."
|
||||
if frappe.session.user == "Guest":
|
||||
message = "Please login to access this page."
|
||||
|
||||
@@ -23,7 +23,7 @@ def get_context(context):
|
||||
redirect_to_courses_list()
|
||||
|
||||
if course_name == "new-course":
|
||||
if not can_create_courses():
|
||||
if not can_create_courses(course_name):
|
||||
message = "You do not have permission to access this page."
|
||||
if frappe.session.user == "Guest":
|
||||
message = "Please login to access this page."
|
||||
|
||||
@@ -15,7 +15,7 @@ def get_context(context):
|
||||
except KeyError:
|
||||
redirect_to_courses_list()
|
||||
|
||||
if not can_create_courses():
|
||||
if not can_create_courses(course_name):
|
||||
message = "You do not have permission to access this page."
|
||||
if frappe.session.user == "Guest":
|
||||
message = "Please login to access this page."
|
||||
|
||||
@@ -1,13 +1,13 @@
|
||||
import frappe
|
||||
from frappe import _
|
||||
from lms.lms.utils import (
|
||||
can_create_courses,
|
||||
check_profile_restriction,
|
||||
get_restriction_details,
|
||||
has_course_moderator_role,
|
||||
get_courses_under_review,
|
||||
get_average_rating,
|
||||
check_multicurrency,
|
||||
has_course_instructor_role,
|
||||
)
|
||||
from lms.overrides.user import get_enrolled_courses, get_authored_courses
|
||||
|
||||
@@ -21,7 +21,17 @@ def get_context(context):
|
||||
context.created_courses = get_authored_courses(None, False)
|
||||
context.review_courses = get_courses_under_review()
|
||||
context.restriction = check_profile_restriction()
|
||||
context.show_creators_section = can_create_courses()
|
||||
|
||||
portal_course_creation = frappe.db.get_single_value(
|
||||
"LMS Settings", "portal_course_creation"
|
||||
)
|
||||
context.show_creators_section = (
|
||||
True
|
||||
if portal_course_creation == "Anyone"
|
||||
or has_course_moderator_role()
|
||||
or has_course_instructor_role()
|
||||
else False
|
||||
)
|
||||
context.show_review_section = (
|
||||
has_course_moderator_role() and frappe.session.user != "Guest"
|
||||
)
|
||||
|
||||
@@ -10,7 +10,7 @@ def get_context(context):
|
||||
if not frappe.db.exists("LMS Course", course_name):
|
||||
redirect_to_courses_list()
|
||||
|
||||
if not can_create_courses():
|
||||
if not can_create_courses(course_name):
|
||||
message = "You do not have permission to access this page."
|
||||
if frappe.session.user == "Guest":
|
||||
message = "Please login to access this page."
|
||||
|
||||
Reference in New Issue
Block a user