From e8d9a02f1748fc9cc85c3961b98a3e207e4c705d Mon Sep 17 00:00:00 2001 From: kunaljaykam Date: Sat, 11 May 2024 14:45:37 +0530 Subject: [PATCH] SAK-49150 Gradebook: TA not in group, but with permission to grade a group, cannot actually grade --- .../business/GradebookNgBusinessService.java | 21 +++++++++++-------- 1 file changed, 12 insertions(+), 9 deletions(-) diff --git a/gradebookng/tool/src/java/org/sakaiproject/gradebookng/business/GradebookNgBusinessService.java b/gradebookng/tool/src/java/org/sakaiproject/gradebookng/business/GradebookNgBusinessService.java index 4300c3d9b78c..f225eab78b1b 100644 --- a/gradebookng/tool/src/java/org/sakaiproject/gradebookng/business/GradebookNgBusinessService.java +++ b/gradebookng/tool/src/java/org/sakaiproject/gradebookng/business/GradebookNgBusinessService.java @@ -1795,21 +1795,17 @@ public List sortGradeMatrix(Map */ public List getSiteSectionsAndGroups() { final String siteId = getCurrentSiteId(); + final String userId = getCurrentUser().getId(); final List rval = new ArrayList<>(); - GbRole role; - try { - role = this.getUserRole(siteId); - } catch (final GbAccessDeniedException e) { - log.warn("Could not fetch the users role in site [{}], {}", siteId, e.toString()); - return rval; - } - // get groups (handles both groups and sections) try { final Site site = this.siteService.getSite(siteId); - final Collection groups = isSuperUser() || role == GbRole.INSTRUCTOR ? site.getGroups() : site.getGroupsWithMember(userDirectoryService.getCurrentUser().getId()); + + final List perms = getPermissionsForUser(userId, siteId); + + final Collection groups = !perms.isEmpty() ? site.getGroups() : site.getGroupsWithMember(userDirectoryService.getCurrentUser().getId()); for (final Group group : groups) { rval.add(new GbGroup(group.getId(), group.getTitle(), group.getReference(), GbGroup.Type.GROUP)); @@ -1820,6 +1816,13 @@ public List getSiteSectionsAndGroups() { log.error("Error retrieving groups", e); } + GbRole role; + try { + role = this.getUserRole(siteId); + } catch (final GbAccessDeniedException e) { + log.warn("Could not fetch the users role in site [{}], {}", siteId, e.toString()); + return rval; + } // if user is a TA, get the groups they can see and filter the GbGroup // list to keep just those