CSC/ECE 517 Fall 2016/E1653. Fix and improve rubric criteria
E1653. Fix and Improve Rubric Criteria
Expertiza Background
Expertiza is an open source project based on Ruby on Rails framework.It is a web application to create reusable learning objects through peer review. It supports various features such as team projects, and the submission of various documents including URLs and wiki pages. Expertiza allows the instructor to create new assignments and customize new or existing assignments. It also allows the instructor to create a list of topics the students can sign up for. Students can form teams in Expertiza to work on various projects and assignments. Students can also peer review other students' submissions. Expertiza supports submission across various document types, including the URLs and wiki pages.
Tasks Identified
- Change allow_action? method of questionnaires controller to restrict unauthorized access to edit review rubrics. Only Instructors who own the rubric or their Teaching Assistants should be allowed edit them.
- Display an error message when a user who is not the owner of a questionnaire attempts to edit it.
Modified Files
- questionnaires_controller.rb
Summary of Implementation
New Functionality
- An instructor can no longer change others' review rubrics. If he attempts to do so, an error message will be displayed.
- Only those review rubrics can be modified by an instructor which are owned by him.
- A Teaching Assistant can modify only those review rubrics which are owned by the instructor under whom he works.
Changes in Source Code
1. Changes in allow_action? method of the Questionnaires controller:
# For filtering the versions list with proper search and pagination. def paginate_list(id, user_id, item_type, event, datetime) # Set up the search criteria criteria = '' criteria = criteria + "id = #{id} AND " if id && id.to_i > 0 if current_user_role? == 'Super-Administrator' criteria = criteria + "whodunnit = #{user_id} AND " if user_id && user_id.to_i > 0 end criteria = criteria + "whodunnit = #{current_user.try(:id)} AND " if current_user.try(:id) && current_user.try(:id).to_i > 0 criteria = criteria + "item_type = '#{item_type}' AND " if item_type && !(item_type.eql? 'Any') criteria = criteria + "event = '#{event}' AND " if event && !(event.eql? 'Any') criteria = criteria + "created_at >= '#{time_to_string(params[:start_time])}' AND " criteria = criteria + "created_at <= '#{time_to_string(params[:end_time])}' AND " if current_role == 'Instructor' || current_role == 'Administrator' end # Remove the last ' AND ' criteria = criteria[0..-5] versions = Version.page(params[:page]).order('id').per_page(25).where(criteria) versions end