def post(self):
# authentication
token = request.headers.get('Authorization')
try:
account = auth.check(token)
if account['class'] != 'student':
return jsonify({'error': errors.AUTHENTICATION_FORBIDDEN}), 403
except errors.AuthenticationError:
return jsonify({'error': errors.AUTHENTICATION_INVALID}), 401
body = request.get_json()
if not body:
return jsonify({'error': DATA_EMPTY}), 422
for k in ('enrollment_id', 'comments', 'rating'):
if not body.get(k):
return jsonify({'error': FIELD_EMPTY.format(k)}), 422
try:
with connection.cursor() as cursor:
cursor.execute('INSERT INTO evaluations (enrollment_id, rating, comments) VALUES (%(enrollment_id)s, %(rating)s, %(comments)s)', body)
connection.commit()
return jsonify(None), 201
except pymysql.err.IntegrityError as e:
logger.error(e)
return jsonify({'error': DATA_SAVE}), 500
def get(self):
token = request.headers.get('Authorization')
try:
account = auth.check(token)
except errors.AuthenticationError():
return jsonify({'error': errors.AUTHENTICATION_INVALID}), 401
return jsonify({'data': {'token': token, 'account': account}}), 200
def get(self, professor_id):
# authentication
token = request.headers.get('Authorization')
try:
account = auth.check(token)
if account['class'] not in {'professor', 'administrator'}:
return jsonify({'error': errors.AUTHENTICATION_FORBIDDEN}), 403
except errors.AuthenticationError:
return jsonify({'error': errors.AUTHENTICATION_INVALID}), 401
with connection.cursor() as cursor:
# all
cursor.execute(
'SELECT * FROM courses WHERE professor_id=%(professor_id)s',
{'professor_id': professor_id})
return jsonify({'data': cursor.fetchall()}), 200
def get(self, evaluation_id=None):
# authentication
token = request.headers.get('Authorization')
try:
account = auth.check(token)
if account['class'] != 'administrator':
return jsonify({'error': errors.AUTHENTICATION_FORBIDDEN}), 403
except errors.AuthenticationError:
return jsonify({'error': errors.AUTHENTICATION_INVALID}), 401
with connection.cursor() as cursor:
if evaluation_id is None:
cursor.execute('SELECT * FROM evaluations')
return jsonify({'data': cursor.fetchall()}), 200
else:
cursor.execute('SELECT * FROM evaluations WHERE id=%(id)s', {'id': evaluation_id})
return jsonify({'data': cursor.fetchone()}), 200
def get(self, professor_id):
# authentication
token = request.headers.get('Authorization')
try:
account = auth.check(token)
if account['class'] not in {'professor', 'administrator'}:
return jsonify({'error': errors.AUTHENTICATION_FORBIDDEN}), 403
except errors.AuthenticationError:
return jsonify({'error': errors.AUTHENTICATION_INVALID}), 401
year = request.args.get('year')
semester = request.args.get('semester')
course_id = request.args.get('course_id')
args = {
'professor_id': professor_id,
'year': year,
'semester': semester,
'course_id': course_id
}
with connection.cursor() as cursor:
if course_id:
if year and semester:
cursor.execute(
'''
SELECT * FROM evaluations
JOIN enrollments ON evaluations.enrollment_id = enrollments.id
JOIN courses ON enrollments.course_id = courses.id
WHERE enrollment_id IN (
SELECT enrollments.id FROM courses INNER JOIN enrollments ON courses.id = enrollments.course_id
WHERE courses.professor_id=%(professor_id)s AND enrollments.year=%(year)s AND enrollments.semester=%(semester)s AND courses.id=%(course_id)s
)
''', args)
elif year:
cursor.execute(
'''
SELECT * FROM evaluations
JOIN enrollments ON evaluations.enrollment_id = enrollments.id
JOIN courses ON enrollments.course_id = courses.id
WHERE enrollment_id IN (
SELECT enrollments.id FROM courses INNER JOIN enrollments ON courses.id = enrollments.course_id
WHERE courses.professor_id=%(professor_id)s AND enrollments.year=%(year)s AND courses.id=%(course_id)s
)
''', args)
else:
# all
cursor.execute(
'''
SELECT * FROM evaluations
JOIN enrollments ON evaluations.enrollment_id = enrollments.id
JOIN courses ON enrollments.course_id = courses.id
WHERE enrollment_id IN (
SELECT enrollments.id FROM courses INNER JOIN enrollments ON courses.id = enrollments.course_id
WHERE courses.professor_id=%(professor_id)s AND courses.id=%(course_id)s
)
''', args)
else:
if year and semester:
cursor.execute(
'''
SELECT * FROM evaluations
JOIN enrollments ON evaluations.enrollment_id = enrollments.id
JOIN courses ON enrollments.course_id = courses.id
WHERE enrollment_id IN (
SELECT enrollments.id FROM courses INNER JOIN enrollments ON courses.id = enrollments.course_id
WHERE courses.professor_id=%(professor_id)s AND enrollments.year=%(year)s AND enrollments.semester=%(semester)s
)
''', args)
elif year:
cursor.execute(
'''
SELECT * FROM evaluations
JOIN enrollments ON evaluations.enrollment_id = enrollments.id
JOIN courses ON enrollments.course_id = courses.id
WHERE enrollment_id IN (
SELECT enrollments.id FROM courses INNER JOIN enrollments ON courses.id = enrollments.course_id
WHERE courses.professor_id=%(professor_id)s AND enrollments.year=%(year)s
)
''', args)
else:
# all
cursor.execute(
'''
SELECT * FROM evaluations
JOIN enrollments ON evaluations.enrollment_id = enrollments.id
JOIN courses ON enrollments.course_id = courses.id
WHERE enrollment_id IN (
SELECT enrollments.id FROM courses INNER JOIN enrollments ON courses.id = enrollments.course_id
WHERE courses.professor_id=%(professor_id)s
)
''', args)
return jsonify({'data': cursor.fetchall()}), 200
def get(self, student_id):
# authentication
token = request.headers.get('Authorization')
try:
account = auth.check(token)
if account['class'] not in {'student', 'administrator'}:
return jsonify({'error': errors.AUTHENTICATION_FORBIDDEN}), 403
except errors.AuthenticationError:
return jsonify({'error': errors.AUTHENTICATION_INVALID}), 401
year = request.args.get('year')
semester = request.args.get('semester')
evaluated = request.args.get('evaluated')
with connection.cursor() as cursor:
if evaluated:
if year and semester:
# by year and semester
cursor.execute(
'''
SELECT * FROM enrollments
JOIN courses ON courses.id = enrollments.course_id
WHERE enrollments.student_id=%(student_id)s AND enrollments.year=%(year)s AND enrollments.semester=%(semester)s
''',
{'student_id': student_id, 'year': year, 'semester': semester}
)
elif year:
# by year
cursor.execute(
'''
SELECT * FROM enrollments
JOIN courses ON courses.id = enrollments.course_id
WHERE enrollments.student_id=%(student_id)s AND enrollments.year=%(year)s
''',
{'student_id': student_id, 'year': year}
)
else:
# all
cursor.execute(
'''
SELECT * FROM enrollments
JOIN courses ON courses.id = enrollments.course_id
WHERE enrollments.student_id=%(student_id)s
''',
{'student_id': student_id}
)
else:
if year and semester:
# by year and semester
cursor.execute(
'''
SELECT * FROM enrollments
JOIN courses ON courses.id = enrollments.course_id
WHERE enrollments.student_id=%(student_id)s AND enrollments.year=%(year)s AND enrollments.semester=%(semester)s AND enrollments.id NOT IN (
SELECT enrollments.id FROM evaluations
JOIN enrollments ON evaluations.enrollment_id = enrollments.id
WHERE student_id=%(student_id)s
)
''',
{'student_id': student_id, 'year': year, 'semester': semester}
)
elif year:
# by year
cursor.execute(
'''
SELECT * FROM enrollments
JOIN courses ON courses.id = enrollments.course_id
WHERE enrollments.student_id=%(student_id)s AND enrollments.year=%(year)s AND enrollments.id NOT IN (
SELECT enrollments.id FROM evaluations
JOIN enrollments ON evaluations.enrollment_id = enrollments.id
WHERE student_id=%(student_id)s
)
''',
{'student_id': student_id, 'year': year}
)
else:
# all
cursor.execute(
'''
SELECT * FROM enrollments
JOIN courses ON courses.id = enrollments.course_id
WHERE enrollments.student_id=%(student_id)s AND enrollments.id NOT IN (
SELECT enrollments.id FROM evaluations
JOIN enrollments ON evaluations.enrollment_id = enrollments.id
WHERE student_id=%(student_id)s
)
''',
{'student_id': student_id}
)
return jsonify({'data': cursor.fetchall()}), 200
def get(self, student_id, evaluation_id=None):
# authentication
token = request.headers.get('Authorization')
try:
account = auth.check(token)
if account['class'] != 'student':
return jsonify({'error': errors.AUTHENTICATION_FORBIDDEN}), 403
except errors.AuthenticationError:
return jsonify({'error': errors.AUTHENTICATION_INVALID}), 401
year = request.args.get('year')
semester = request.args.get('semester')
args = {
'student_id': student_id,
'year': year,
'semester': semester
}
with connection.cursor() as cursor:
if year and semester:
# by year and semester
cursor.execute(
'''
SELECT * FROM evaluations
JOIN enrollments ON evaluations.enrollment_id = enrollments.id
JOIN courses ON enrollments.course_id = courses.id
WHERE enrollment_id IN (
SELECT * FROM enrollments WHERE student_id=%(student_id)s AND year=%(year)s AND semester=%(semester)s
)
''',
args
)
elif year:
# by year
cursor.execute(
'''
SELECT * FROM evaluations
JOIN enrollments ON evaluations.enrollment_id = enrollments.id
JOIN courses ON enrollments.course_id = courses.id
WHERE enrollment_id IN (
SELECT * FROM enrollments WHERE student_id=%(student_id)s AND year=%(year)s
)
''',
args
)
else:
# all
cursor.execute(
'''
SELECT * FROM evaluations
JOIN enrollments ON evaluations.enrollment_id = enrollments.id
JOIN courses ON enrollments.course_id = courses.id
WHERE enrollment_id IN (
SELECT id FROM enrollments WHERE student_id=%(student_id)s
)
''',
args
)
return jsonify({'data': cursor.fetchall()}), 200