Community Help

AbrahamOquendo · ‎10-24-2023

Hello Canvas people im one of the admins my institution work , I try to hide import course for teachers on permission but remove some features that teacher needs. I try using a js code by @James thanks, that work for us but we have designers, they need the import course function and the code just restric all user course roles excepts admins accounts, is there a way or a js code that can only restric the teacher course role not by using the permision function?

@James code:

(function() {'use strict';
  if (!ENV.current_user_roles.some(e => ['admin','root_admin'].includes(e))) {
  if (/^\/courses\/\d+(\/settings)?\/?$/.test(window.location.pathname)) {
  const el = document.querySelector('#right-side-wrapper a[href*="/content_migrations"]');
  if (el) {el.style.display = 'none';} } }})();

chriscas · ‎10-24-2023

Hi @AbrahamOquendo,

if that last code modification did not work, I have a feeling that your designers and teachers may have overlap, which I was concerned about. The ENV variables, which are easiest to use, are not in context. For example, If i am a teacher in course A and a student in course B, the ENV.current_user_roles list will have both 'student' and 'teacher' in it no matter what course I'm currently accessing. If you want to only hide the import button from people enrolled as a teacher in a particular course, you could use my javascript without the need for the google apps part, just call the javascript without a parameter.

For example, something like this should work (I did not have a chance to test this, it should be very close to working if not 100% though):

async function get_user_context_roles(includeAdmin=false){
	// Create canvas_domain and set it to the current host from the URL
	const canvas_domain=window.location.hostname;
	// Create canvas_user_id variable and set it to the current user id via ENV variable
	const canvas_user_id=ENV.current_user_id;
	// Create canvas_account_id variable and set it to the root account id via ENV variable
	let canvas_account_id=ENV.DOMAIN_ROOT_ACCOUNT_ID;
	// Create canvas_course_id and set it to the current course id if inside a course via the URL, otherwise make it null
	let canvas_course_id=(window.location.pathname.slice(0,9) == '/courses/') ? window.location.pathname.split('/')[2] : null;
	// Set up dictionary with role and type sets
	let role_dict={role:new Set(),type:new Set()};
	// If the user is not an anonymous viewer of a public course
	if (canvas_user_id!=null) {
		// Add the default 'Account:user' and 'RootAccount:user' types into the type dictionary, as they apply to all logged in users
		role_dict.type.add('Account:user').add('RootAccount:user');
		// Checks if the current location is somewhere inside a group
		if (/^\/groups\/[0-9]+/.test(window.location.pathname)) {
			// Get the group_id from the URL (ENV variables are inconsistent for this purpose)
			const canvas_group_id=window.location.pathname.split('/')[2]
			// Get group info via the API
			const group_response=await fetch('/api/v1/groups/'+canvas_group_id)
			if (group_response.ok){
				const group_obj=await group_response.json();
				// If it's a course group, set the canvas_course_id for later use
				if (group_obj.context_type='Course') canvas_course_id=group_obj.course_id;
				// If it's an account group, set the canvas_account_id for later use
				if (group_obj.context_type='Account') canvas_account_id=group_obj.account_id;
			}
		}
		// Checks if the current location is an area associated with a course
		if (canvas_course_id!=null) {
			// Get course info via the API
			const course_response=await fetch('/api/v1/courses/'+canvas_course_id)
			if (course_response.ok){
				const course_obj=await course_response.json();
				// Set the canvas_account_id for later use
				canvas_account_id=course_obj.account_id;
				// For each enrollment returned, add appropriate info to the role_dict sets
				course_obj.enrollments.forEach(enrollment => {
					role_dict.type.add('Course:'+enrollment.type);
					role_dict.role.add('Course:'+((enrollment.type+'enrollment' === enrollment.role.toLowerCase()) ? enrollment.role.slice(0, -10) : enrollment.role));
				});
			}
		}
		// Checks if the user is some kind of admin anywhere in Canvas
		if (includeAdmin && (ENV.current_user_roles.includes('admin'))) {
			// ENV indicates user is some sort fo admin, so add Account admin tyoe
			role_dict.type.add('Account:admin');
			// If on an account page, start at that level
			if (/^\/accounts\/[0-9]+/.test(window.location.pathname)) canvas_account_id=window.location.pathname.split('/')[2]
			// Use google apps script code to find admin roles starting from the current subaccount and working back up the account tree.  This may take a significant amount if time depending on the depth of the current location in the canvas account tree.
			const admin_response=await fetch('<<<paste google apps script webapp deploy url here>>>?canvas_user_id='+canvas_user_id+'&canvas_account_id='+canvas_account_id+'&canvas_domain='+canvas_domain)
			if (admin_response.ok){
				const admin_obj=await admin_response.json();
				console.log(admin_obj);
				if (admin_obj.status=='success') {
					// combine existing role and type lists with the admin lists
					admin_obj.data.role.forEach(adminRole => role_dict.role.add(adminRole));
					admin_obj.data.type.forEach(adminType => role_dict.type.add(adminType));
				};
			};
		};
	};
	return role_dict;
}

async function do_customizations() {
	if (/^\/courses\/\d+(\/settings)?\/?$/.test(window.location.pathname)) {
		let user_context_data=await get_user_context_roles();
		if (user_context_data.role.has('Course:Teacher')) {
		const el = document.querySelector('#right-side-wrapper a[href*="/content_migrations"]');
  if (el) {el.style.display = 'none';}
	}}
}

if (document.readyState === "complete" || (document.readyState !== "loading" && !document.documentElement.doScroll)) {
	do_customizations();
} else {
	document.addEventListener("DOMContentLoaded", do_customizations);
}

This is definitely more complex and lengthy code and does involve API calls, but the role results are in context and include actual custom role names as well. I'm fairly certain my get_user_context_roles function is solid, but I have not deployed it in production yet, so you may want to do as much testing as you can on your own to verify it works at least for your scenario.

-Chris

View solution in original post

chriscas · ‎10-24-2023

Hi @AbrahamOquendo,

I think the following small tweak may do the trick for you:

-Chris

James · ‎10-24-2023

Chris ( @chriscas ) have you verified this?

I tried logging in as some designers, even adding myself as a designer to a course in beta, and it did not show up in the ENV.current_user_roles. Maybe we have things set up differently, but I'm not convinced designer shows up. There are a couple of places in the source code that make it look like it should, so it might just be our instance.

I was getting ready to direct @AbrahamOquendo to your or Christopher Esbrandt's code on detecting custom user roles using the API.

chriscas · ‎10-24-2023

Thanks, @James for pointing this out. With all of the testing I've been doing with my own code around this issue, I think I confused myself on what the default ENV has and does not have (and also around our own custom admin designer role). I did just try again and you do seem to be right that the course designer role is not there.

So, @AbrahamOquendo, I think there is one other simple approach if you want to hide from teachers (and do not have people who have multiple role combinations of teachers, admins, and desiners):

(function() {'use strict';
  if (ENV.current_user_roles.some(e => ['teacher'].includes(e))) {
  if (/^\/courses\/\d+(\/settings)?\/?$/.test(window.location.pathname)) {
  const el = document.querySelector('#right-side-wrapper a[href*="/content_migrations"]');
  if (el) {el.style.display = 'none';} } }})();

If you do have users who have overlap among teacher, admin, and designer roles and don't want to hide the button from those people, you'd need a slightly more complex approach to get the user's actual roles in the course using the Canvas API through JavaScript... You can see my recent thread about this for some information.

-Chris

AbrahamOquendo · ‎10-24-2023

Hey @chriscas,

All users that have teacher/designers roles in the course they are just normal accounts, we give the role when we add them to the course we dont have a teacher/designers with admin. I try that code still have the same issue probably goin to try Canvas API it might resolve the issue thanks @James @chriscas for your time.

chriscas · ‎10-24-2023

Hi @AbrahamOquendo,

if that last code modification did not work, I have a feeling that your designers and teachers may have overlap, which I was concerned about. The ENV variables, which are easiest to use, are not in context. For example, If i am a teacher in course A and a student in course B, the ENV.current_user_roles list will have both 'student' and 'teacher' in it no matter what course I'm currently accessing. If you want to only hide the import button from people enrolled as a teacher in a particular course, you could use my javascript without the need for the google apps part, just call the javascript without a parameter.

For example, something like this should work (I did not have a chance to test this, it should be very close to working if not 100% though):

async function get_user_context_roles(includeAdmin=false){
	// Create canvas_domain and set it to the current host from the URL
	const canvas_domain=window.location.hostname;
	// Create canvas_user_id variable and set it to the current user id via ENV variable
	const canvas_user_id=ENV.current_user_id;
	// Create canvas_account_id variable and set it to the root account id via ENV variable
	let canvas_account_id=ENV.DOMAIN_ROOT_ACCOUNT_ID;
	// Create canvas_course_id and set it to the current course id if inside a course via the URL, otherwise make it null
	let canvas_course_id=(window.location.pathname.slice(0,9) == '/courses/') ? window.location.pathname.split('/')[2] : null;
	// Set up dictionary with role and type sets
	let role_dict={role:new Set(),type:new Set()};
	// If the user is not an anonymous viewer of a public course
	if (canvas_user_id!=null) {
		// Add the default 'Account:user' and 'RootAccount:user' types into the type dictionary, as they apply to all logged in users
		role_dict.type.add('Account:user').add('RootAccount:user');
		// Checks if the current location is somewhere inside a group
		if (/^\/groups\/[0-9]+/.test(window.location.pathname)) {
			// Get the group_id from the URL (ENV variables are inconsistent for this purpose)
			const canvas_group_id=window.location.pathname.split('/')[2]
			// Get group info via the API
			const group_response=await fetch('/api/v1/groups/'+canvas_group_id)
			if (group_response.ok){
				const group_obj=await group_response.json();
				// If it's a course group, set the canvas_course_id for later use
				if (group_obj.context_type='Course') canvas_course_id=group_obj.course_id;
				// If it's an account group, set the canvas_account_id for later use
				if (group_obj.context_type='Account') canvas_account_id=group_obj.account_id;
			}
		}
		// Checks if the current location is an area associated with a course
		if (canvas_course_id!=null) {
			// Get course info via the API
			const course_response=await fetch('/api/v1/courses/'+canvas_course_id)
			if (course_response.ok){
				const course_obj=await course_response.json();
				// Set the canvas_account_id for later use
				canvas_account_id=course_obj.account_id;
				// For each enrollment returned, add appropriate info to the role_dict sets
				course_obj.enrollments.forEach(enrollment => {
					role_dict.type.add('Course:'+enrollment.type);
					role_dict.role.add('Course:'+((enrollment.type+'enrollment' === enrollment.role.toLowerCase()) ? enrollment.role.slice(0, -10) : enrollment.role));
				});
			}
		}
		// Checks if the user is some kind of admin anywhere in Canvas
		if (includeAdmin && (ENV.current_user_roles.includes('admin'))) {
			// ENV indicates user is some sort fo admin, so add Account admin tyoe
			role_dict.type.add('Account:admin');
			// If on an account page, start at that level
			if (/^\/accounts\/[0-9]+/.test(window.location.pathname)) canvas_account_id=window.location.pathname.split('/')[2]
			// Use google apps script code to find admin roles starting from the current subaccount and working back up the account tree.  This may take a significant amount if time depending on the depth of the current location in the canvas account tree.
			const admin_response=await fetch('<<<paste google apps script webapp deploy url here>>>?canvas_user_id='+canvas_user_id+'&canvas_account_id='+canvas_account_id+'&canvas_domain='+canvas_domain)
			if (admin_response.ok){
				const admin_obj=await admin_response.json();
				console.log(admin_obj);
				if (admin_obj.status=='success') {
					// combine existing role and type lists with the admin lists
					admin_obj.data.role.forEach(adminRole => role_dict.role.add(adminRole));
					admin_obj.data.type.forEach(adminType => role_dict.type.add(adminType));
				};
			};
		};
	};
	return role_dict;
}

async function do_customizations() {
	if (/^\/courses\/\d+(\/settings)?\/?$/.test(window.location.pathname)) {
		let user_context_data=await get_user_context_roles();
		if (user_context_data.role.has('Course:Teacher')) {
		const el = document.querySelector('#right-side-wrapper a[href*="/content_migrations"]');
  if (el) {el.style.display = 'none';}
	}}
}

if (document.readyState === "complete" || (document.readyState !== "loading" && !document.documentElement.doScroll)) {
	do_customizations();
} else {
	document.addEventListener("DOMContentLoaded", do_customizations);
}

This is definitely more complex and lengthy code and does involve API calls, but the role results are in context and include actual custom role names as well. I'm fairly certain my get_user_context_roles function is solid, but I have not deployed it in production yet, so you may want to do as much testing as you can on your own to verify it works at least for your scenario.

-Chris

AbrahamOquendo · ‎10-25-2023

Hello @chriscas,

We test the code everthing work fine 100% everthing look good. I explain the other admins about how the code works and how the API on your recent thread works and they actually like it. And again @chriscas @James thanks for the time you guys take the resolve this issue we have.

-Abraham

Hide Import Course for Teachers

Canvas

Are new quizzes endpoints available in API develop...

Using Canvas API to get assignment Calendar Events...

Finding the Login URL for a Canvas Student added v...

Canvas API for Badging / Credentials

Unable to Publish course - backend issue

Are new quizzes endpoints available in API develop...

Permission or Bad EndPoint?

Using Canvas API to get assignment Calendar Events...

Finding the Login URL for a Canvas Student added v...

Getting a developer key for production

You're signed out

Hide Import Course for Teachers

Community Help

View our top guides and resources: