Beispiel #1
0
def download(download_id: str):
    """Downloading a zip file of the code files.

    Args:
        download_id (str): Can be on each side of
                           a solution.id and sharedsolution.shared_url.
    """
    solution = Solution.get_or_none(Solution.id == download_id)
    shared_solution = SharedSolution.get_or_none(
        SharedSolution.shared_url == download_id,
    )
    if solution is None and shared_solution is None:
        return fail(404, 'Solution does not exist.')

    if shared_solution is None:
        viewer_is_solver = solution.solver.id == current_user.id
        has_viewer_access = current_user.role.is_viewer
        if not viewer_is_solver and not has_viewer_access:
            return fail(403, 'This user has no permissions to view this page.')
        files = solution.files
        filename = solution.exercise.subject
    else:
        files = shared_solution.solution.files
        filename = shared_solution.solution.exercise.subject

    response = make_response(solutions.create_zip_from_solution(files))
    response.headers.set('Content-Type', 'zip')
    response.headers.set(
        'Content-Disposition', 'attachment',
        filename=f'{filename}.zip',
    )
    return response
Beispiel #2
0
    def test_share_solution_function(
        exercise: Exercise,
        student_user: User,
    ):
        student_user2 = conftest.create_student_user(index=1)
        solution = conftest.create_solution(exercise, student_user2)

        client2 = conftest.get_logged_user(student_user2.username)
        # Sharing his own solution
        shared_response = client2.post('/share', data=json.dumps(dict(
            solutionId=solution.id, act='get',
        )), content_type='application/json')
        assert shared_response.status_code == 200

        # Entering another student solution
        shared_url = SharedSolution.get_or_none(
            SharedSolution.solution == solution,
        )
        conftest.logout_user(client2)
        client = conftest.get_logged_user(student_user.username)
        shared_response = client.get(f'{routes.SHARED}/{shared_url}')
        assert shared_response.status_code == 200

        # Downloading another student solution by solution.id
        solution_id_download_response = client.get(
            f'{routes.DOWNLOADS}/{solution.id}',
        )
        assert solution_id_download_response.status_code == 403

        # Downloading another student solution
        download_response = client.get(
            f'{routes.DOWNLOADS}/{shared_url}',
        )
        assert download_response.status_code == 200

        # Deleting another user's solution
        delete_not_user_solution_response = client.post(
            '/share', data=json.dumps(dict(
                solutionId=solution.id, act='delete',
            )), content_type='application/json',
        )
        assert delete_not_user_solution_response.status_code == 403

        # Deleting his own solution
        conftest.logout_user(client)
        client2 = conftest.get_logged_user(student_user2.username)
        delete_share_response = client2.post('/share', data=json.dumps(dict(
            solutionId=solution.id, act='delete',
        )), content_type='application/json')
        assert delete_share_response.status_code == 200

        # Entering not shared solution after deletion
        conftest.logout_user(client2)
        client = conftest.get_logged_user(student_user.username)
        not_shared_solution_response = client.get(
            f'{routes.SHARED}/{shared_url}',
        )
        assert not_shared_solution_response.status_code == 404
Beispiel #3
0
def shared_solution(shared_url: str, file_id: Optional[int] = None):
    if not webapp.config.get('SHAREABLE_SOLUTIONS', False):
        return fail(404, 'Solutions are not shareable.')

    shared_solution = SharedSolution.get_or_none(
        SharedSolution.shared_url == shared_url,
    )
    if shared_solution is None:
        return fail(404, 'The solution does not exist.')

    solution_id = shared_solution.solution.id
    return view(
        solution_id=solution_id, file_id=file_id, shared_url=shared_url,
    )
Beispiel #4
0
def get(solution_id: int) -> SharedSolution:
    if not webapp.config.get('SHAREABLE_SOLUTIONS', False):
        raise LmsError('Shareable solutions are not allowed.', 403)

    solution = Solution.get_or_none(solution_id)
    if solution is None:
        raise LmsError(f'No such solution {solution_id}', 404)

    solver_id = solution.solver.id
    if solver_id != current_user.id and not current_user.role.is_manager:
        raise LmsError("You aren't allowed to access this page.", 403)

    shared_solution = SharedSolution.get_or_none(
        SharedSolution.solution == solution, )

    if shared_solution is None:
        shared_solution = SharedSolution.create_new(solution=solution)

    return shared_solution
Beispiel #5
0
def get_download_data(
    download_id: str, ) -> Tuple[Iterator[SolutionFile], str]:
    solution = Solution.get_or_none(Solution.id == download_id)
    shared_solution = SharedSolution.get_or_none(
        SharedSolution.shared_url == download_id, )
    if solution is None and shared_solution is None:
        raise ResourceNotFound('Solution does not exist.', 404)

    if shared_solution is None:
        viewer_is_solver = solution.solver.id == current_user.id
        has_viewer_access = current_user.role.is_viewer
        if not viewer_is_solver and not has_viewer_access:
            raise ForbiddenPermission(
                'This user has no permissions to view this page.',
                403,
            )
        files = solution.files
        filename = solution.exercise.subject
    else:
        files = shared_solution.solution.files
        filename = shared_solution.solution.exercise.subject

    return files, filename