Index: openacs-4/packages/dotlrn/www/members.tcl =================================================================== RCS file: /usr/local/cvsroot/openacs-4/packages/dotlrn/www/members.tcl,v diff -u -r1.23 -r1.24 --- openacs-4/packages/dotlrn/www/members.tcl 15 Jan 2005 22:08:09 -0000 1.23 +++ openacs-4/packages/dotlrn/www/members.tcl 8 Aug 2006 21:26:24 -0000 1.24 @@ -33,6 +33,7 @@ set spam_p [dotlrn::user_can_spam_community_p -user_id [ad_get_user_id] -community_id $community_id] set referer [ns_conn url] set return_url "[ns_conn url]?[ns_conn query]" + set site_wide_admin_p [permission::permission_p -object_id [acs_magic_object security_context_root] -privilege admin] if {!$site_wide_admin_p} { @@ -41,6 +42,19 @@ set admin_p 1 } +# make it so that only course admins +# and site wide admins can read this page +# if { !$admin_p } { +# ad_return_forbidden "Permission Denied" "
+# You don't have permission to view this page. +#" +# ad_script_abort +#} + +if {$admin_p} { + set add_member_url [export_vars -base user-add { {can_browse_p 1} {read_private_data_p t} {referer $return_url} }] +} + if {![exists_and_not_null referer]} { if {[string equal $admin_p t] == 1} { set referer "one-community-admin" @@ -64,7 +78,8 @@ set bulk_actions_export_vars [list "user_id" "rel_type" "referer" "reset"] set actions [list "CSV" "members?csv=yes" "[_ dotlrn.Comma_Separated_Values]"] foreach role $rel_types { - lappend actions "[_ dotlrn.Remove_all] [lang::util::localize [lindex $role 3]]" "members?reset=1&reltype=[lindex $role 0]" "[lang::util::localize [lindex $role 2]]" + # lappend actions "[_ dotlrn.Remove_all] [lang::util::localize [lindex $role 3]]" "members?reset=1&reltype=[lindex $role 0]" "[lang::util::localize [lindex $role 2]]" + lappend actions "[_ dotlrn.Remove_all] [lang::util::localize [lindex $role 3]]" "member-confirm?reset=1&reltype=[lindex $role 0]" "[lang::util::localize [lindex $role 2]]" } } else { @@ -84,6 +99,10 @@ +