summaryrefslogtreecommitdiff
path: root/yaksh/views.py
diff options
context:
space:
mode:
Diffstat (limited to 'yaksh/views.py')
-rw-r--r--yaksh/views.py3
1 files changed, 2 insertions, 1 deletions
diff --git a/yaksh/views.py b/yaksh/views.py
index 0fb2214..dcf6133 100644
--- a/yaksh/views.py
+++ b/yaksh/views.py
@@ -250,8 +250,9 @@ def add_quiz(request, course_id, quiz_id=None):
"""To add a new quiz in the database.
Create a new quiz and store it."""
user = request.user
+ course = Course.objects.get(id=course_id)
ci = RequestContext(request)
- if not is_moderator(user):
+ if not is_moderator(user) or (user != course.creator and user not in course.teachers.all()):
raise Http404('You are not allowed to view this page!')
context = {}
if request.method == "POST":
generated by cgit (git 2.34.1) at 2024-12-21 01:48:19 +0000