def add_class(): tid = flask.session['id'] tm = teachers_model.Teachers(tid) if request.method == 'GET': return render_template('add_class.html', error=None) elif request.method == 'POST': # first check that all unis are valid um = users_model.Users() for uni in request.form['unis'].split('\n'): uni = uni.strip('\r') # always reads at least one empty line from form if not uni: continue if not um.is_valid_uni(uni): invalid_uni = "Invalid UNI's entered, please recreate the class" return render_template('add_class.html', error=invalid_uni) course_name = request.form['classname'] cid = tm.add_course(course_name) if cid == -1: coursename_exists = "There is already a course by this name that you teach" return render_template('add_class.html', error=coursename_exists) cm = courses_model.Courses(cid) for uni in request.form['unis'].split('\n'): uni = uni.strip('\r') cm.add_student(uni) return flask.redirect(flask.url_for('main_teacher'))
def add_class(): tm = teachers_model.Teachers(g.conn, flask.session['id']) if request.method == 'GET': return render_template('add_class.html') elif request.method == 'POST': # first check that all unis are valid um = users_model.Users(g.conn) for uni in request.form['unis'].split('\n'): uni = uni.strip('\r') # always reads at least one empty line from form if not uni: continue if not um.is_valid_uni(uni): return render_template('add_class.html', invalid_uni=True) # then create course and add students to course course_name = request.form['classname'] cid = tm.add_course(course_name) cm = courses_model.Courses(g.conn, cid) for uni in request.form['unis'].split('\n'): uni = uni.strip('\r') cm.add_student(uni) return flask.redirect(flask.url_for('main_teacher'))
def test_is_valid_uni(db): um = users_model.Users(db) assert not um.is_valid_uni('thisisobviouslyfake') assert um.is_valid_uni('ds9876') assert not um.is_valid_uni('lj1337')
def test_get_create(db): user = { 'given_name': 'Jack', 'family_name': 'Sparrow', 'email': '*****@*****.**' } um = users_model.Users(db) # create a user uid = um.get_or_create_user(user) assert type(uid) is int assert uid > 0 # second call is to get that user uid2 = um.get_or_create_user(user) assert uid == uid2 # test that an existing user is fetched correctly user = { 'given_name': 'Leeroy', 'family_name': 'Jenkins', 'email': '*****@*****.**' } uid3 = um.get_or_create_user(user) assert type(uid3) is int assert uid3 == 1
def filled_db(): imhere.app.secret_key = str(uuid.uuid4()) um = users_model.Users() um.get_or_create_user(stu) um.get_or_create_user(newt) m = model.Model() ds = m.get_client() key = ds.key('student') entity = datastore.Entity( key=key) entity.update({ 'sid': stu['id'], 'uni': 'cs4156' }) ds.put(entity) key = ds.key('teacher') entity = datastore.Entity( key=key) entity.update({ 'tid': newt['id'] }) ds.put(entity) tm = teachers_model.Teachers(newt['id']) course_name = 'Writing' cid = tm.add_course(course_name) cm = courses_model.Courses(cid) cm.add_student('cs4156') yield cid
def register(): if request.method == 'GET': return render_template('register.html', name=flask.session['google_user']['name'], is_student=flask.session['is_student'], is_teacher=flask.session['is_teacher']) elif request.method == 'POST': if request.form['type'] == 'student': # check that uni doesn't already exist # if it doesn't, continue student creation um = users_model.Users(g.conn) if not um.is_valid_uni(request.form['uni']): query = ''' insert into students (sid, uni) values({0}, '{1}') '''.format(flask.session['id'], request.form['uni']) g.conn.execute(query) flask.session['is_student'] = True return flask.redirect(flask.url_for('main_student')) else: return render_template( 'register.html', name=flask.session['google_user']['name'], invalid_uni=True) else: try: query = ''' insert into teachers (tid) values({0}) '''.format(flask.session['id']) g.conn.execute(query) flask.session['is_teacher'] = True except: pass return flask.redirect(flask.url_for('main_teacher'))
def register(): if request.method == 'GET': return render_template( 'register.html', name=flask.session['google_user']['name'], is_student=flask.session['is_student'], is_teacher=flask.session['is_teacher'] ) elif request.method == 'POST': m = model.Model() ds = m.get_client() if request.form['type'] == 'student': # check that uni doesn't already exist # if it doesn't, continue student creation um = users_model.Users() if not um.is_valid_uni(request.form['uni']): key = ds.key('student') entity = datastore.Entity( key=key) entity.update({ 'sid': flask.session['id'], 'uni': request.form['uni'] }) ds.put(entity) flask.session['is_student'] = True return flask.redirect(flask.url_for('main_student')) else: return render_template( 'register.html', name=flask.session['google_user']['name'], invalid_uni=True) else: try: key = ds.key('teacher') entity = datastore.Entity( key=key) entity.update({ 'tid': flask.session['id'] }) ds.put(entity) flask.session['is_teacher'] = True except: pass return flask.redirect(flask.url_for('main_teacher'))
def oauth2callback(): flow = oauth2client.client.flow_from_clientsecrets( 'client_secrets.json', scope=[ 'https://www.googleapis.com/auth/userinfo.email', 'https://www.googleapis.com/auth/userinfo.profile' ], redirect_uri=flask.url_for('oauth2callback', _external=True)) if 'code' not in flask.request.args: auth_uri = flow.step1_get_authorize_url() return flask.redirect(auth_uri) else: auth_code = flask.request.args.get('code') print auth_code credentials = flow.step2_exchange(auth_code) flask.session['credentials'] = credentials.to_json() app.logger.warning(flask.session) # use token to get user profile from google oauth api http_auth = credentials.authorize(httplib2.Http()) userinfo_client = apiclient.discovery.build('oauth2', 'v2', http_auth) user = userinfo_client.userinfo().v2().me().get().execute() # if 'columbia.edu' not in user['email']: # return flask.redirect(flask.url_for('bademail')) um = users_model.Users(g.conn) flask.session['google_user'] = user flask.session['id'] = um.get_or_create_user(user) # now add is_student and is_teacher to flask.session im = index_model.Index(g.conn, flask.session['id']) flask.session['is_student'] = True if im.is_student() else False flask.session['is_teacher'] = True if im.is_teacher() else False # issue is here print flask.session redirect = flask.session['redirect'] flask.session.pop('redirect', None) return flask.redirect(redirect)
def test_sql_injection(db): um = users_model.Users(db) assert um.is_valid_uni("' or 1=1;") == False assert um.is_valid_uni("'little bobby tables'") == False
def test_get_user(self, user): uid = users_model.Users().get_or_create_user(user) assert uid == 1234567898765432
def create_user_test(self): user = users_model.Users() assert user is not None