Commit d22889d1 authored by Bruno Nocera Zanette's avatar Bruno Nocera Zanette

Restricted results to only professor's sectionposes

Restricted the results to only the ones belonging to the logged-in professor.
Signed-off-by: Bruno Nocera Zanette's avatarBruno Nocera Zanette <brunonzanette@gmail.com>
parent 0d07f328
......@@ -14,6 +14,7 @@ import org.springframework.roo.addon.jpa.entity.RooJpaEntity;
import org.springframework.roo.addon.tostring.RooToString;
import br.ufpr.c3sl.sapos.models.people.Professor;
import br.ufpr.c3sl.sapos.models.util.KerberosAuthProvider;
@RooJavaBean
@RooToString
......@@ -59,6 +60,22 @@ public class SectionPos {
sql = " where "+transcripts+" and section_year="+year+" order by section_year, period";
return entityManager().createNativeQuery("select * from Section_Pos"+sql, SectionPos.class).getResultList();
}
public static Object findSectionPosesByYearByProfessor(String year) {
String professorId=KerberosAuthProvider.getIdFromLoggedInUser();
String sql = null;
String transcripts = " id in (select transcript_section from transcript) ";
if (year.isEmpty())
sql = "where "+transcripts;
else
sql = " where "+transcripts+" and section_year="+year;
return entityManager().createNativeQuery(
"SELECT * from Section_Pos"+sql+
" and professor = "+"'"+professorId+"'"+
" order by section_year, period"
, SectionPos.class).getResultList();
}
public static Object findSectionPosesByProfessor(String prof, String year, String period) {
String periodPart = "";
......
......@@ -35,8 +35,13 @@ public class SectionPosController {
@RequestMapping(value="list",method = RequestMethod.GET)
public String list(@RequestParam(value = "year", required = false) String year,
Model model) {
model.addAttribute("sectionposes", SectionPos.findSectionPosesByYear(year));
return "sectionposes/list";
if (KerberosAuthProvider.getPersonAuth().equals(KerberosAuthProvider.authProfessor))
model.addAttribute("sectionposes", SectionPos.findSectionPosesByYearByProfessor(year));
else
model.addAttribute("sectionposes", SectionPos.findSectionPosesByYear(year));
return "sectionposes/list";
}
@RequestMapping(value = "sectionsselectchoice", method = RequestMethod.GET)
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment