Beispiel #1
0
def create_course(request):
    """ Add a course to the calendar belonging to the school
    in which the current user is enrolled in"""

    # Like before, get the request's context.
    context = RequestContext(request)
    course_added = False

    user = request.user
    profile = get_profile(user)

    if 'Instructor' in profile[1]:
        school = UserProfile.objects.get(user=user).school
        if not school:
            return render_permission_denied(
                context, 'create courses. Enrol in a school first.')
    else:
        #return HttpResponse("You don't have permission to create courses!")
        return render_permission_denied(context, 'create courses')
    # If it's a HTTP POST, we're interested in processing form data.
    if request.method == 'POST':

        # Attempt to grab information from the raw form information.
        course_form = CourseForm(data=request.POST)
        if course_form.is_valid():
            # Save the event's form data to the database.
            course = course_form.save(commit=False)
            course.school = school
            course.creator = user

            # Add the personal calendar for the user
            calendar = Calendar(name=course.code + " Calendar")
            calendar.save()
            course.cal = calendar

            course.save()

            course_added = True
        # Invalid form or forms - mistakes or something else?
        # Print problems to the terminal.
        # They'll also be shown to the user.
        else:
            print course_form.errors

    # Not a HTTP POST, so we render our form using the EventForm.
    # These forms will be blank, ready for user input.
    else:
        course_form = CourseForm()

    # Render the template depending on the context.
    return render_to_response(
        'school/create_course.html', {
            'course_form': course_form,
            'user': user,
            'course_added': course_added,
            'school': school
        }, context)
Beispiel #2
0
def add_student_admin(request, course_id):
    """ Add a student admin to the course belonging to the school
       in which the instructor is enrolled in"""

    # Get the request's context.
    context = RequestContext(request)
    student_admin_added = False

    user = request.user
    profile = get_profile(user)
    #If has abillity to create a course then they are an instructor
    if 'Instructor' in profile[1]:
        school = profile[0].school
        if not school:
            return render_permission_denied(
                context, 'add admin. Enrol in a school first.')
    else:
        #return HttpResponse("You don't have permission to add a student admin!")
        return render_permission_denied(context, 'add student admin')

    course = Course.objects.filter(id=int(course_id))[:1]
    if (course):
        course = course[0]

    # If it's a HTTP POST, we're interested in processing form data.
    if request.method == 'POST' and course:

        # Attempt to grab information from the raw form information.
        student_admin_form = StudentAdminForm(course, data=request.POST)
        if student_admin_form.is_valid():
            # Save the event's form data to the database.
            student_admin = student_admin_form.cleaned_data
            course.student_admins = student_admin['student_admins']
            student_admin_added = True
            #course_admins_added.send(sender=None, owner_type='course', owner_id=course_id,
            #                            students=course.student_admins, user=None)

        # Invalid form or forms - mistakes
        # Print problems to the terminal.
        else:
            print student_admin_form.errors

    # Not a HTTP POST, so we render our form using the EventForm.
    # These forms will be blank, ready for user input.
    else:
        student_admin_form = StudentAdminForm(course)

    # Render the template depending on the context.
    return render_to_response(
        'school/add_student_admin.html', {
            'student_admin_form': student_admin_form,
            'user': user,
            'student_admin_added': student_admin_added,
            'school': school
        }, context)
Beispiel #3
0
def view_event(request, owner_type, owner_id, event_id):
    """Return the event with event_id if the current user has permission to
    view the calendar to which the event belongs"""
    # Like before, get the request's context.
    context = RequestContext(request)

    user = request.user
    edit_priv = False
    # If it's a HTTP POST, we're interested in processing form data.
    if request.method == 'GET':
        verified_obj = verified_calendar(context, owner_type, owner_id, user)
        if not isinstance(verified_obj, HttpResponse):
            calendar, edit_priv = verified_obj
        else:
            return verified_obj

        event = Event.objects.get(id=int(event_id))

        #If the event mentioned doesn't belong to the calendar
        if not (event.cal.id == calendar.id):
            return render_permission_denied(context, 'view this event')

    else:
        return render_to_response(reverse('index'), {}, context)

    # Render the template depending on the context.
    return render_to_response('scheduler/view_event.html', {
        'event': event,
        'edit_priv': edit_priv,
        'owner_type': owner_type
    }, context)
Beispiel #4
0
def view_school(request, school_id):
    """Return all the courses owned by school_id and the school object.
    Also return if the current user is eligible to be enroled in to school
    with school_id, the current school the user is enrolled"""

    # Like before, obtain the context for the user's request.
    context = RequestContext(request)

    user = request.user
    eligible = False
    enrolled = False

    school = SchoolProfile.objects.filter(id=int(school_id))[:1]
    if (school):
        school = school[0]
        courses = school.course_set.all()
        user_school = UserProfile.objects.get(user=user).school

        eligible = school.validate_user_email(user.email)
        if (user_school):
            enrolled = school.id == user_school.id

        if request.method == 'POST':
            #If the user wants to post, then he/she must have clicked enrol
            # button in the school
            if (eligible):
                profile = UserProfile.objects.get(user=user)
                profile.school = school
                profile.save()
                enrolled = True
            else:
                return render_permission_denied(context,
                                                'enrol in this school')

        return render_to_response(
            'school/school_view.html', {
                'school': school,
                'courses': courses,
                'enrolled': enrolled,
                'eligible': eligible,
                'current_school': user_school
            }, context)
    else:
        # TODO: this is not a permission denied! This is a not found!!!!!!
        return render_permission_denied(context, 'view non existing school')
Beispiel #5
0
def verified_calendar(context, owner_type, owner_id, user):
    """Return a calendar owned by owner_id only if the current user has
    permission to view the calendar
    If the owner_type is a school or a course, ensure that the user is
    enrolled"""

    if (owner_type == 'user'):
        if (user.id == int(owner_id)):
            calendar = UserProfile.objects.get(user=user).cal
            edit_priv = True
        else:
            #return HttpResponse('Sorry, this is not your own profile!')
            return render_permission_denied(context,
                                            'access this user\'s calendar')
    elif (owner_type == 'school'):
        profile = UserProfile.objects.get(user=user)
        if (profile.school.id == int(owner_id)):
            calendar = profile.school.cal
            edit_priv = profile.school.admin.id == user.id
        else:
            #return HttpResponse('Sorry, this is not your school!')
            return render_permission_denied(context,
                                            'access this school\'s calendar')
    elif (owner_type == 'course'):
        profile = UserProfile.objects.get(user=user)
        course = profile.courses.filter(id=int(owner_id))[:1]
        # If the user is enrolled in a course and the school
        if course and course[0].school.id == profile.school.id:
            calendar = course[0].cal

            #If student
            if (Student.objects.filter(user=user)):
                edit_priv = False
                if (course[0].student_admins.filter(id=int(profile.id))):
                    edit_priv = True
        else:
            course = Course.objects.filter(id=int(owner_id))[:1]
            #If teacher
            if course and course[0].creator.id == profile.user.id:
                edit_priv = True
                calendar = course[0].cal
            else:
                return render_permission_denied(
                    context, ' access this course\'s calendar')
    return (calendar, edit_priv)
Beispiel #6
0
def update_event(request, owner_type, owner_id, event_id):
    """Return the event with event_id if the current user has permission to
    view the calendar to which the event belongs"""
    # Like before, get the request's context.
    context = RequestContext(request)

    user = request.user

    verified_obj = verified_calendar(context, owner_type, owner_id, user)
    if not isinstance(verified_obj, Calendar):
        calendar = verified_obj
    else:
        return verified_obj

    event = Event.objects.get(id=int(event_id))

    #If the event mentioned doesn't belong to the calendar
    if not (event.creator.id == user.id or event.cal.id == calendar.id):
        #return HttpResponse('You do not have permission to edit this event')
        return render_permission_denied(context, 'edit this event')

    event_added = False
    # If it's a HTTP POST, we're interested in processing form data.
    if request.method == 'POST':
        event_form = EventForm(data=request.POST, instance=event)
        if (event_form.is_valid()):
            e = event_form.save(commit=False)
            e.save()
            event_added = True
            #notify the subscribers
            updated_event.send(sender=None,
                               owner_type=owner_type,
                               owner_id=owner_id,
                               event=event,
                               user=user)

    else:
        event_form = EventForm(instance=event)

    # Render the template depending on the context.
    return render_to_response('scheduler/update_event.html', {
        'event_form': event_form,
        'user': user,
        'event_added': event_added
    }, context)
def user_login(request):
    # Like before, obtain the context for the user's request.
    context = RequestContext(request)

    # If the request is a HTTP POST, try to pull out the relevant information.
    if request.method == 'POST':
        # Gather the username and password provided by the user.
        # This information is obtained from the login form.
        username = request.POST['username']
        password = request.POST['password']

        # Use Django's machinery to attempt to see if the username/password
        # combination is valid - a User object is returned if it is.
        user = authenticate(username=username, password=password)

        # If we have a User object, the details are correct.
        # If None (Python's way of representing the absence of a value), no user
        # with matching credentials was found.
        if user:
            # Is the account active? It could have been disabled.
            if user.is_active:
                # If the account is valid and active, we can log the user in.
                # We'll send the user back to the homepage.
                login(request, user)
                return HttpResponseRedirect(reverse('index'))
            else:
                # An inactive account was used - no logging in!
                return HttpResponse("Your account is disabled.")
        else:
            # Bad login details were provided. So we can't log the user in.
            print "Invalid login details: {0}, {1}".format(username, password)
            return render_permission_denied(
                context,
                ' proceed with registration since invalid login details were supplied'
            )

    # The request is not a HTTP POST, so display the login form.
    # This scenario would most likely be a HTTP GET.
    else:
        # No context variables to pass to the template system, hence the
        # blank dictionary object...
        return render_to_response('main/login.html', {}, context)
Beispiel #8
0
def view_course(request, course_id):
    """Return a course given a course id. If the user choses to enrol in the
    course, then add a course relation between the course and the user"""

    # Like before, obtain the context for the user's request.
    context = RequestContext(request)

    user = request.user
    eligible = False
    enrolled = False
    is_instructor = False
    course = Course.objects.filter(id=int(course_id))[:1]
    if (course):
        course = course[0]
        user_profile = UserProfile.objects.get(user=user)
        if user_profile.school:
            eligible = course.school.id == user_profile.school.id

        relation = user_profile.courses.filter(id=course.id)[:1]
        if relation:
            enrolled = True

        is_instructor = course.creator.id == user_profile.user.id

        if request.method == 'POST':
            #If the user wants to post, then he/she must have clicked enrol
            # button in the school
            if (eligible and not enrolled):
                user_profile.courses.add(course)
                user_profile.save()
                enrolled = True

        return render_to_response(
            'school/course_view.html', {
                'course': course,
                'enrolled': enrolled,
                'eligible': eligible,
                'is_instructor': is_instructor
            }, context)
    else:
        return render_permission_denied(context, ' view non existing course')
Beispiel #9
0
def get_courses(request):
    """ Give a list of courses which is offered by the school in which the
    user is enrolled in"""

    # Like before, get the request's context.
    context = RequestContext(request)

    # If it's a HTTP POST, we're interested in processing form data.
    if request.method == 'GET':
        # Attempt to grab information from the raw form information.
        # Note that we make use of both UserForm and UserProfileForm.
        user_school = UserProfile.objects.get(user=request.user).school
        if user_school:
            courses = Course.objects.filter(school_id=user_school.id)
        else:
            return render_permission_denied(
                context, 'view courses. Please enrol in a school first')

    # Render the template depending on the context.
    return render_to_response('school/search_courses.html',
                              {'courses': courses}, context)