/**
* _setUpAjaxList
*
* @access public
* @return void
*/
function _setUpAjaxList()
{
// Set up Columns
$columns = array(array("Course.id", "", "", "hidden"), array("Course.course", __("Course", true), "15em", "action", "Course Home"), array("Course.title", __("Title", true), "auto", "action", "Course Home"), array("Course.creator_id", "", "", "hidden"), array("Course.record_status", __("Status", true), "5em", "map", array("A" => __("Active", true), "I" => __("Inactive", true))), array("Course.creator", __("Created by", true), "10em", "action", "View Creator"));
// put all the joins together
$joinTables = array();
// super admins
if (User::hasPermission('functions/superadmin')) {
$extraFilters = '';
// faculty admins
} else {
if (User::hasPermission('controllers/departments')) {
// includes both FacultyAdmin'd and Instructed courses (outside admin fac)
$adminList = User::getMyDepartmentsCourseList('list');
$adminKeys = array_keys($adminList);
$instrList = $this->Course->getCourseByInstructor($this->Auth->user('id'));
$instrKeys = Set::extract('/Course/id', $instrList);
$extraFilters = array('Course.id' => array_merge($adminKeys, $instrKeys));
// instructors
} else {
$extraFilters = array('Instructor.id' => $this->Auth->user('id'));
}
}
// Set up actions
$warning = __("Are you sure you want to delete this course permanently?", true);
$actions = array(array(__("Course Home", true), "", "", "", "home", "Course.id"), array(__("View Record", true), "", "", "", "view", "Course.id"), array(__("Edit Course", true), "", "", "", "edit", "Course.id"), array(__("Delete Course", true), $warning, "", "", "delete", "Course.id"), array(__("View Creator", true), "", "", "users", "view", "Course.creator_id"));
$recursive = 0;
$this->AjaxList->setUp($this->Course, $columns, $actions, 'Course.course', 'Course.course', $joinTables, $extraFilters, $recursive);
}
/**
* surveyAccess
*
* @param mixed $survey
*
* @access public
* @return void
*/
function surveyAccess($survey)
{
// instructor
if (!User::hasPermission('controllers/departments')) {
$instructorIds = array($this->Auth->user('id'));
// admins
} else {
// course ids
$courseIds = array_keys(User::getMyDepartmentsCourseList('list'));
// instructors
$instructors = $this->UserCourse->findAllByCourseId($courseIds);
$instructorIds = Set::extract($instructors, '/UserCourse/user_id');
// add the user's id
array_push($instructorIds, $this->Auth->user('id'));
}
return in_array($survey['Survey']['creator_id'], $instructorIds) || User::hasPermission('functions/superadmin');
}
/**
* View an email template
* @param <type> $id template id
*/
function view($id)
{
$this->set('title_for_layout', __('View Email Template', true));
//title for view
// retrieving the requested email template
$template = $this->EmailTemplate->findById($id);
// check to see if $id is valid - numeric & is a email template
if (!is_numeric($id) || empty($template)) {
$this->Session->setFlash(__('Error: Invalid ID.', true));
$this->redirect('index');
return;
}
// check for permissions if the email template is not public
if ($template['EmailTemplate']['availability'] != '1' && !User::hasPermission('functions/superadmin')) {
// instructor
if (!User::hasPermission('controllers/departments')) {
$instructorIds = array($this->Auth->user('id'));
// admins
} else {
// course ids
$courseIds = array_keys(User::getMyDepartmentsCourseList('list'));
// instructors
$instructors = $this->UserCourse->findAllByCourseId($courseIds);
$instructorIds = Set::extract($instructors, '/UserCourse/user_id');
// add the user's id
array_push($instructorIds, $this->Auth->user('id'));
}
// creator's id be in the array of accessible user ids
if (!in_array($template['EmailTemplate']['creator_id'], $instructorIds)) {
$this->Session->setFlash(__('Error: You do not have permission to vie this email template', true));
$this->redirect('index');
}
}
$this->data = $this->EmailTemplate->findById($id);
$this->set('readonly', true);
}
/**
* delete
*
* @param mixed $id
*
* @access public
* @return void
*/
function delete($id)
{
// retrieving the requested rubric
$eval = $this->Rubric->getEventSub($id);
// check to see if $id is valid - numeric & is a rubric
if (!is_numeric($id) || empty($eval)) {
$this->Session->setFlash(__('Error: Invalid ID.', true));
$this->redirect('index');
return;
}
if (!User::hasPermission('functions/superadmin')) {
// instructor
if (!User::hasPermission('controllers/departments')) {
$instructorIds = array($this->Auth->user('id'));
// admins
} else {
// course ids
$courseIds = array_keys(User::getMyDepartmentsCourseList('list'));
// instructors
$instructors = $this->UserCourse->findAllByCourseId($courseIds);
$instructorIds = Set::extract($instructors, '/UserCourse/user_id');
// add the user's id
array_push($instructorIds, $this->Auth->user('id'));
}
// creator id must be in the array of accessible user ids
if (!in_array($eval['Rubric']['creator_id'], $instructorIds)) {
$this->Session->setFlash(__('Error: You do not have permission to delete this rubric', true));
$this->redirect('index');
return;
}
}
// Deny Deleting evaluations in use:
if ($this->Rubric->getEventCount($id)) {
$this->Session->setFlash(__('This evaluation is in use. Please remove all the events assosiated with this evaluation first.', true), 'error');
} else {
if ($this->Rubric->delete($id, true)) {
$this->Session->setFlash(__('The rubric was deleted successfully.', true), 'good');
}
}
$this->redirect('index');
}
/**
* getAccessibleCourses
*
* @access public
* @return list of course ids
*/
function getAccessibleCourses()
{
if (User::hasPermission('functions/user/admin')) {
return array_keys(User::getMyDepartmentsCourseList('list'));
} else {
return array_keys(User::getMyCourseList());
}
}
/**
* delete
*
* @param mixed $id
*
* @access public
* @return void
*/
function delete($id)
{
if (!User::hasPermission('controllers/mixevals')) {
$this->Session->setFlash(__('You do not have permission to delete mixed evaluations', true));
$this->redirect('/home');
return;
}
// retrieving the requested mixed evaluation
$eval = $this->Mixeval->find('first', array('conditions' => array('id' => $id), 'contain' => array('Event')));
// check to see if $id is valid - numeric & is a mixed evaluation
if (!is_numeric($id) || empty($eval)) {
$this->Session->setFlash(__('Invalid ID.', true));
$this->redirect('index');
return;
}
if (!User::hasPermission('functions/superadmin')) {
// instructor
if (!User::hasPermission('controllers/departments')) {
$instructorIds = array($this->Auth->user('id'));
// admins
} else {
// course ids
$courseIds = array_keys(User::getMyDepartmentsCourseList('list'));
// instructors
$instructors = $this->UserCourse->findAllByCourseId($courseIds);
$instructorIds = Set::extract($instructors, '/UserCourse/user_id');
// add the user's id
array_push($instructorIds, $this->Auth->user('id'));
}
// creator's id be in the array of accessible user ids
if (!in_array($eval['Mixeval']['creator_id'], $instructorIds)) {
$this->Session->setFlash(__('Error: You do not have permission to delete this evaluation', true));
$this->redirect('index');
return;
}
}
// Deny Deleting evaluations in use:
$this->Mixeval->id = $id;
$data = $this->Mixeval->read();
$inUse = 0 < count($data['Event']);
if ($inUse) {
$message = __("This evaluation is now in use, and can NOT be deleted.<br />", true);
$message .= __("Please remove all the events associated with this evaluation first.", true);
$this->Session->setFlash($message);
$this->redirect('index');
// exit;
} else {
if ($this->Mixeval->delete($id)) {
$this->Session->setFlash(__('The Mixed Evaluation was removed successfully.', true), 'good');
$this->redirect('index');
} else {
$this->Session->setFlash($this->Mixeval->errorMessage, 'error');
}
}
}
