Andal.LND/edx-platform
6
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

only is_staff users can add/edit/delete course instructors

Browse Source
This commit is contained in:
ichuang
2013-01-10 23:29:52 -05:00
parent 5cc88ec1ad
commit 37f848949d
1 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
lms/djangoapps/instructor/views.py
View File

@@ -245,7 +245,7 @@ def instructor_dashboard(request, course_id):
datatable['title'] = 'List of Staff in course {0}'.format(course_id)
track.views.server_track(request, 'list-staff', {}, page='idashboard')
elif 'List course instructors' in action:
elif 'List course instructors' in action and request.user.is_staff:
group = get_instructor_group(course)
msg += 'Instructor group = {0}'.format(group.name)
log.debug('instructor grp={0}'.format(group.name))
@@ -269,7 +269,7 @@ def instructor_dashboard(request, course_id):
user.groups.add(group)
track.views.server_track(request, 'add-staff {0}'.format(user), {}, page='idashboard')
elif action == 'Add instructor':
elif action == 'Add instructor' and request.user.is_staff:
uname = request.POST['instructor']
try:
user = User.objects.get(username=uname)
@@ -297,7 +297,7 @@ def instructor_dashboard(request, course_id):
user.groups.remove(group)
track.views.server_track(request, 'remove-staff {0}'.format(user), {}, page='idashboard')
elif action == 'Remove instructor':
elif action == 'Remove instructor' and request.user.is_staff:
uname = request.POST['instructor']
try:
user = User.objects.get(username=uname)