chore(supervisor): adding a supervisor auth tag WIP
This commit is contained in:
parent
61991aadc4
commit
1f8e76d68b
@ -54,3 +54,4 @@ AuthTagSubmissionGroup: Nutzer:in ist Mitglied in registrierter Abgabegruppe
|
||||
AuthTagWorkflow: Nutzer:in hat passende Workflow-Rolle
|
||||
AuthTagStudent: Nutzer:in ist Student:in
|
||||
AuthTagExamTime: Zeitliche Einschränkungen durch relevante Prüfung sind erfüllt
|
||||
AuthTagSupervisor: Nutzer:in ist Ansprechpartner für jemand anderes
|
||||
@ -54,3 +54,4 @@ AuthTagSubmissionGroup: User is part of a submission group
|
||||
AuthTagWorkflow: User has matching workflow role
|
||||
AuthTagStudent: User is a student
|
||||
AuthTagExamTime: Exam time restrictions are satisfied
|
||||
AuthTagSupervisor: User is supervisor for someone else
|
||||
|
||||
18
routes
18
routes
@ -92,8 +92,8 @@
|
||||
/user/lang LangR POST !free
|
||||
/user/storage-key StorageKeyR POST !free
|
||||
|
||||
-- /user/for/#CryptoUUIDUser ForProfileR GET POST !supervisor
|
||||
-- /user/profile/for/#CryptoUUIDUser ForProfuleDataR GET !supervisor
|
||||
/user/for/#CryptoUUIDUser ForProfileR GET POST !supervisor
|
||||
/user/profile/for/#CryptoUUIDUser ForProfuleDataR GET !supervisor
|
||||
|
||||
|
||||
/exam-office ExamOfficeR !exam-office:
|
||||
@ -278,14 +278,14 @@
|
||||
/lms/#SchoolId/#QualificationShorthand LmsR GET POST !free -- TODO verify that this is ok
|
||||
/lms/#SchoolId/#QualificationShorthand/edit LmsEditR GET POST
|
||||
/lms/#SchoolId/#QualificationShorthand/users LmsUsersR GET
|
||||
/lms/#SchoolId/#QualificationShorthand/users/direct LmsUsersDirectR GET
|
||||
/lms/#SchoolId/#QualificationShorthand/users/direct LmsUsersDirectR GET !development
|
||||
/lms/#SchoolId/#QualificationShorthand/userlist LmsUserlistR GET POST
|
||||
/lms/#SchoolId/#QualificationShorthand/userlist/upload LmsUserlistUploadR GET POST
|
||||
/lms/#SchoolId/#QualificationShorthand/userlist/direct LmsUserlistDirectR POST
|
||||
/lms/#SchoolId/#QualificationShorthand/result LmsResultR GET POST
|
||||
/lms/#SchoolId/#QualificationShorthand/result/upload LmsResultUploadR GET POST
|
||||
/lms/#SchoolId/#QualificationShorthand/result/direct LmsResultDirectR POST
|
||||
/lms/#SchoolId/#QualificationShorthand/fake LmsFakeR GET POST -- TODO: delete this testing URL
|
||||
/lms/#SchoolId/#QualificationShorthand/userlist/upload LmsUserlistUploadR GET POST !development
|
||||
/lms/#SchoolId/#QualificationShorthand/userlist/direct LmsUserlistDirectR POST !token
|
||||
/lms/#SchoolId/#QualificationShorthand/result LmsResultR GET POST
|
||||
/lms/#SchoolId/#QualificationShorthand/result/upload LmsResultUploadR GET POST !development
|
||||
/lms/#SchoolId/#QualificationShorthand/result/direct LmsResultDirectR POST !token
|
||||
/lms/#SchoolId/#QualificationShorthand/fake LmsFakeR GET POST !development -- TODO: delete this testing URL
|
||||
|
||||
/api ApiDocsR GET !free
|
||||
/swagger SwaggerR GET !free
|
||||
|
||||
@ -363,7 +363,7 @@ mkLmsTable (Entity qid quali) acts restrict cols psValidator = do
|
||||
pjob <- preview $ _dbtProjRow . resultPrintJob
|
||||
forMM_ (view $ _dbtProjFilter . _ltProjFilterMayAccess) $ \b -> do
|
||||
euid <- encrypt $ user ^. _entityKey
|
||||
guardM . lift . lift . fmap (== b) . hasReadAccessTo . urlRoute $ AdminUserR euid -- TODO create a page with proper rights; this is only for admins!
|
||||
guardM . lift . lift . fmap (== b) . hasReadAccessTo . urlRoute $ ForProfuleDataR euid -- TODO create a page with proper rights; this is only for admins!
|
||||
return (qusr,user,lusr,pjob)
|
||||
|
||||
dbtColonnade = cols
|
||||
|
||||
@ -115,6 +115,7 @@ data AuthTag -- sortiert nach gewünschter Reihenfolge auf /authpreds, d.h. Prä
|
||||
| AuthToken
|
||||
| AuthDeprecated
|
||||
| AuthDevelopment
|
||||
| AuthSupervisor
|
||||
| AuthFree
|
||||
deriving (Eq, Ord, Enum, Bounded, Read, Show, Data, Generic, Typeable)
|
||||
deriving anyclass (Universe, Finite, Hashable, NFData)
|
||||
|
||||
Loading…
Reference in New Issue
Block a user