def load_assignment(lti=lti):
# Get arguments
assignment_id = int(request.values.get('assignment_id'))
assignment = Assignment.by_id(assignment_id)
course_id = get_course_id(True)
user, user_id = get_user()
# Verify exists
check_resource_exists(assignment, "Assignment", assignment_id)
# Verify permissions
if course_id is None:
editor_information = assignment.for_read_only_editor(user_id)
else:
editor_information = assignment.for_editor(user_id, course_id)
browser_info = repr({
'platform': request.user_agent.platform,
'browser': request.user_agent.browser,
'version': request.user_agent.version,
'language': request.user_agent.language,
'user_agent': request.user_agent.string
})
# Log the event
if user is not None:
make_log_entry(assignment_id,
assignment.version,
course_id,
user_id,
'Session.Start',
message=browser_info)
# Verify passcode, if necessary
if assignment.passcode_fails(request.values.get('passcode')):
return ajax_failure("Passcode {!r} rejected".format(
request.values.get("passcode")))
return ajax_success(editor_information)
def update_submission_status(lti, lti_exception=None):
# Get parameters
submission_id = maybe_int(request.values.get("submission_id"))
status = request.values.get('status')
course_id = get_course_id()
user, user_id = get_user()
submission = Submission.by_id(submission_id)
# Check resource exists
check_resource_exists(submission, "Submission", submission_id)
# Verify permissions
if submission.user_id != user_id and not user.is_grader(
submission.course_id):
return ajax_failure(
"This is not your submission and you are not a grader in its course."
)
# Do action
success = submission.update_submission_status(status)
make_log_entry(submission.assignment_id,
submission.assignment_version,
course_id,
user_id,
"Submit",
"answer.py",
category=status,
message=str(success))
return ajax_success({"success": success})
def get_assignments():
assignment_ids = request.values.get('assignment_ids', "")
course_id = get_course_id()
user, user_id = get_user()
# TODO: verify that they have the permissions to see these assignments
assignments, groups = [], []
errors = []
if not assignment_ids:
course: Course = Course.by_id(course_id)
check_resource_exists(course, "Course", course_id)
grouped_assignments = natsorted(
course.get_submitted_assignments_grouped(),
key=lambda r:
(r.AssignmentGroup.name
if r.AssignmentGroup is not None else None, r.Assignment.name))
assignments = [a.Assignment.encode_json() for a in grouped_assignments]
groups = [
a.AssignmentGroup.encode_json()
if a.AssignmentGroup is not None else None
for a in grouped_assignments
]
else:
for assignment_id in assignment_ids.split(","):
if not assignment_id.isdigit():
errors.append(f"Unknown Assignment ID: {assignment_id!r}")
assignment_id = int(assignment_id)
# With Course Role Information
assignment = Assignment.by_id(assignment_id)
check_resource_exists(assignment, "Assignment", assignment_id)
assignments.append(assignment.encode_json())
return ajax_success(
dict(assignments=assignments, errors=errors, groups=groups))
def dump_logs():
assignment_id = int(request.values.get('assignment_id'))
course_id = int(request.values.get('course_id'))
assignment = Assignment.by_id(assignment_id)
user, user_id = get_user()
# Verify exists
check_resource_exists(assignment, "Assignment", assignment_id)
# Verify permissions
if not user.is_grader(course_id):
return "You are not a grader in this course."
# Get data
suas = Submission.by_assignment(assignment_id, course_id)
data = {
'assignment':
assignment.encode_json(),
'submissions': [{
'user':
u.encode_json(),
'submission':
sub.encode_json(),
'history':
Log.get_history(course_id, assignment_id, u.id),
'reviews':
sub.get_reviews()
} for (sub, u, assign) in suas]
}
filename = assignment.get_filename() + '_submissions.json'
return Response(json.dumps(data),
mimetype='application/json',
headers={
'Content-Disposition':
'attachment;filename={}'.format(filename)
})
def submissions_user(course_id, owner_id):
''' List all the users in the course '''
course_id = int(course_id)
course = Course.by_id(course_id)
check_resource_exists(course, "Course", course_id)
user, user_id = get_user()
if course_id is not None:
is_grader = user.is_grader(course_id)
else:
is_grader = False
is_owner = user_id == maybe_int(owner_id)
if not is_grader and not is_owner:
return "You are not an instructor or the owner of the assignment!"
owner = User.by_id(maybe_int(owner_id))
assignments = natsorted(course.get_submitted_assignments(),
key=lambda r: r.name)
all_subs = Submission.by_student(owner_id, course_id)
all_subs = {s[0].assignment_id: s for s in all_subs}
submissions = [all_subs.get(assignment.id, (None, None, assignment))
for assignment in assignments]
return render_template('courses/submissions_user.html',
course_id=course_id,
assignments=assignments,
submissions=submissions,
owner=owner,
is_instructor=is_grader)
def export_submissions():
assignment_id = int(request.values.get('assignment_id'))
assignment = Assignment.by_id(assignment_id)
course_id = get_course_id(True)
user, user_id = get_user()
# Verify exists
check_resource_exists(assignment, "Assignment", assignment_id)
# Verify permissions
assignment = Assignment.by_id(int(assignment_id))
if course_id is None or not user.is_instructor(int(course_id)):
return "You are not an instructor or the owner of the assignment!"
# Get data
suas = Submission.by_assignment(assignment_id, course_id)
submissions = [sua[0] for sua in suas]
users = [sua[1] for sua in suas]
bundle = export_zip(assignments=[assignment],
submissions=submissions,
users=users)
filename = assignment.get_filename(extension='.zip')
return Response(bundle,
mimetype='application/zip',
headers={
'Content-Disposition':
'attachment;filename={}'.format(filename)
})
def save_assignment(lti=lti):
assignment_id = request.values.get('assignment_id')
user, user_id = get_user()
course_id = get_course_id()
assignment = Assignment.query.get(assignment_id)
# Verify exists
check_resource_exists(assignment, "Assignment", assignment_id)
# Verify permissions
if assignment.owner_id != user.id:
require_course_grader(user, assignment.course_id)
# Parse new settings
updates = {}
if "hidden" in request.values:
updates["hidden"] = maybe_bool(request.values.get("hidden"))
if "reviewed" in request.values:
updates["reviewed"] = maybe_bool(request.values.get("reviewed"))
if "public" in request.values:
updates["public"] = maybe_bool(request.values.get("public"))
if "url" in request.values:
updates["url"] = request.values.get("url") or None
if "ip_ranges" in request.values:
updates["ip_ranges"] = request.values.get("ip_ranges")
if "name" in request.values:
updates["name"] = request.values.get("name")
if "settings" in request.values:
updates["settings"] = request.values.get("settings")
# Perform update
modified = assignment.edit(updates)
make_log_entry(assignment.id, assignment.version,
course_id or assignment.course_id,
user.id, "X-Instructor.Settings.Edit", "assignment_settings.blockpy",
message=json.dumps(updates))
return ajax_success({"modified": modified})
def view_submissions(course_id, user_id, assignment_group_id):
embed = maybe_bool(request.values.get('embed'))
viewer, viewer_id = get_user()
group, assignments, submissions = get_groups_submissions(
assignment_group_id, user_id, course_id)
# Check permissions
for submission in submissions:
if not submission:
return ajax_failure(
"No submission for the given course, user, and group.")
elif submission.user_id != viewer_id:
require_course_grader(viewer, submission.course_id)
# Do action
points_total, points_possible = calculate_submissions_score(
assignments, submissions)
score = round(points_total / points_possible, 2)
# TODO: Handle tags
is_grader = viewer.is_grader(course_id)
tags = []
if is_grader:
tags = [tag.encode_json() for tag in AssignmentTag.get_all()]
return render_template("reports/group.html",
embed=embed,
points_total=points_total,
points_possible=points_possible,
score=score,
tags=tags,
is_grader=is_grader,
group=list(zip(assignments, submissions)),
user_id=user_id,
course_id=course_id)
def dashboard(lti=lti):
"""
:type lti: controllers.pylti.flask.lTI
"""
if 'user' not in g and not g.user:
return "You are not logged in."
course_id = get_course_id()
user, user_id = get_user()
if course_id is None:
return "You are not in a course context."
is_grader = user.is_grader(course_id)
if is_grader:
return grader_dashboard(user, course_id)
course = Course.by_id(course_id)
assignments = natsorted(course.get_submitted_assignments(),
key=lambda r: r.name)
all_subs = Submission.by_student(user_id, course_id)
all_subs = {s[0].assignment_id: s for s in all_subs}
submissions = [
all_subs.get(assignment.id, (None, None, assignment))
for assignment in assignments
]
return render_template('courses/dashboard.html',
embed=True,
course_id=course_id,
user=user,
is_grader=is_grader,
submissions=submissions,
criteria='student')
def dashboard(lti=lti, lti_exception=None):
"""
:type lti: controllers.pylti.flask.lTI
"""
force_default_assignment = maybe_bool(request.values.get('force_default_assignment', "false"))
if 'user' not in g and not g.user:
return "You are not logged in."
course_id = get_course_id()
user, user_id = get_user()
if course_id is None:
return "You are not in a course context."
is_grader = user.is_grader(course_id)
if is_grader and not force_default_assignment:
return grader_dashboard(user, course_id)
course = Course.by_id(course_id)
assignment = course.get_default_assignment()
if assignment is not None:
return redirect(url_for("blockpy.load", assignment_id=assignment.id,
course_id=course_id, user_id=user_id, force_download=False,
embed=True))
else:
# No default assignment!
assignments = natsorted(course.get_submitted_assignments(),
key=lambda r: r.name)
all_subs = Submission.by_student(user_id, course_id)
all_subs = {s[0].assignment_id: s for s in all_subs}
submissions = [all_subs.get(assignment.id, (None, None, assignment))
for assignment in assignments]
return render_template('courses/dashboard.html', embed=True,
course_id=course_id, user=user, is_grader=is_grader,
submissions=submissions, criteria='student')
def fix_course_outcome_url():
new_url = request.values.get("new_url")
course_id = get_course_id()
user, user_id = get_user()
require_course_instructor(user, course_id)
course = Course.by_id(course_id)
course.update_endpoint(new_url)
return ajax_success({"success": "True"})
def load_assignment(lti=lti):
# Get arguments
assignment_id = int(request.values.get('assignment_id'))
assignment = Assignment.by_id(assignment_id)
student_id = maybe_int(request.values.get('user_id'))
course_id = get_course_id(True)
user, user_id = get_user()
force_download = maybe_bool(request.values.get('force_download', "false"))
# Verify exists
check_resource_exists(assignment, "Assignment", assignment_id)
# Verify permissions
if user_id != student_id and not user.is_grader(course_id):
return ajax_failure(
"Only graders can see submissions for other people.")
if course_id is None:
editor_information = assignment.for_read_only_editor(student_id)
else:
editor_information = assignment.for_editor(student_id, course_id)
browser_info = json.dumps({
'platform': request.user_agent.platform,
'browser': request.user_agent.browser,
'version': request.user_agent.version,
'language': request.user_agent.language,
'user_agent': request.user_agent.string
})
# Log the event
if user is not None:
if user_id != student_id:
make_log_entry(assignment_id,
assignment.version,
course_id,
user_id,
'X-Submission.Get',
message=str(student_id))
else:
make_log_entry(assignment_id,
assignment.version,
course_id,
user_id,
'Session.Start',
message=browser_info)
# Verify passcode, if necessary
if assignment.passcode_fails(request.values.get('passcode')):
return ajax_failure("Passcode {!r} rejected".format(
request.values.get("passcode")))
if force_download:
student_filename = User.by_id(student_id).get_filename("")
filename = assignment.get_filename(
"") + "_" + student_filename + '_submission.json'
return Response(json.dumps(editor_information),
mimetype='application/json',
headers={
'Content-Disposition':
'attachment;filename={}'.format(filename)
})
else:
return ajax_success(editor_information)
def delete(self, review_id):
user, user_id = get_user()
review = Review.by_id(review_id)
check_resource_exists(review, "Review", review_id)
submission = Submission.by_id(review.submission_id)
check_resource_exists(submission, "Submission", review.submission_id)
require_course_grader(user, submission.course_id)
review.delete()
return ajax_success(dict(success=True))
def get_one(self, review_id):
user, user_id = get_user()
review = Review.by_id(review_id)
check_resource_exists(review, "Review", review_id)
submission = Submission.by_id(review.submission_id)
check_resource_exists(submission, "Submission", review.submission_id)
if submission.user_id != user_id:
require_course_grader(user, submission.course_id)
return ajax_success(dict(review=review.encode_json()))
def save_file(lti=lti):
filename = request.values.get("filename")
course_id = get_course_id()
user, user_id = get_user()
if course_id is None:
return ajax_failure("Course ID was not made available")
if filename in Submission.STUDENT_FILENAMES:
return save_student_file(filename, course_id, user)
if filename in Assignment.INSTRUCTOR_FILENAMES:
return save_instructor_file(course_id, user, filename)
return ajax_failure("Unknown filename: " + str(filename))
def get_submission_image(lti=lti):
submission_id = int(request.values.get('submission_id'))
relative_image_path = 'uploads/submission_blocks/{}.png'.format(submission_id)
submission = Submission.query.get(submission_id)
user, user_id = get_user()
# Check exists
check_resource_exists(submission, "Submission", submission_id)
# Check permissions
if submission.user_id != user_id:
require_course_grader(user, submission.course_id)
# Do action
return app.send_static_file(relative_image_path)
def update_grading_status(lti, lti_exception=None):
submission_id = maybe_int(request.values.get("submission_id"))
# TODO: Pretty sure multiple assignments are broken for grading
assignment_group_id = maybe_int(request.values.get('assignment_group_id'))
new_grading_status = request.values.get("new_grading_status")
user, user_id = get_user()
submission = Submission.by_id(submission_id)
# Check resource exists
check_resource_exists(submission, "Submission", submission_id)
# Verify permissions
if not user.is_grader(submission.course_id):
return ajax_failure(
"This is not your submission and you are not a grader in its course."
)
submission.update_grading_status(new_grading_status)
if submission.grading_status != GradingStatuses.FULLY_GRADED:
return ajax_success({'new_status': new_grading_status})
# Do action
if assignment_group_id is None:
assignment_group_id = submission.assignment_group_id
error = "Generic LTI Failure - perhaps not logged into LTI session?"
try:
success, score = lti_post_grade(lti, submission, None,
assignment_group_id,
submission.user_id,
submission.course_id)
except LTIPostMessageException as e:
success = False
error = str(e)
if success:
make_log_entry(submission.assignment_id,
submission.assignment_version,
submission.course_id,
user_id,
"X-Submission.LMS",
"answer.py",
message=str(score))
return ajax_success({"submitted": True, "new_status": "FullyGraded"})
else:
submission.update_grading_status(GradingStatuses.FAILED)
make_log_entry(submission.assignment_id,
submission.assignment_version,
submission.course_id,
user_id,
"X-Submission.LMS.Failure",
"answer.py",
message=error)
return ajax_failure({
"submitted": False,
"message": error,
"new_status": "Failed"
})
def put(self, review_id):
user, user_id = get_user()
review = Review.by_id(review_id)
check_resource_exists(review, "Review", review_id)
submission = Submission.by_id(review.submission_id)
check_resource_exists(submission, "Submission", review.submission_id)
require_course_grader(user, submission.course_id)
review_data = request.json.copy()
del review_data['id']
fix_nullables(review_data)
review_data['author_id'] = user_id
edited_review = review.edit(review_data)
return ajax_success(dict(review=edited_review.encode_json()))
def get_all(self):
submission_id = maybe_int(request.values.get('submission_id'))
user, user_id = get_user()
if submission_id is None:
reviews = Review.get_generic_reviews()
else:
submission = Submission.by_id(submission_id)
check_resource_exists(submission, "Submission", submission_id)
reviews = Review.get_for_submission(submission_id)
if submission.user_id != user_id:
require_course_grader(user, submission.course_id)
return ajax_success(
dict(reviews=[review.encode_json() for review in reviews]))
def update_submission_status():
submission_id = maybe_int(request.values.get("submission_id"))
new_submission_status = request.values.get("new_submission_status")
user, user_id = get_user()
submission = Submission.by_id(submission_id)
# Check resource exists
check_resource_exists(submission, "Submission", submission_id)
# Verify permissions
if not user.is_grader(submission.course_id):
return ajax_failure(
"You are not a grader in this submission's course.")
submission.update_submission_status(new_submission_status)
return ajax_success({'new_status': new_submission_status})
def get_image():
submission_id = int(request.values.get('submission_id'))
directory = request.values.get('directory')
relative_image_path = 'uploads/{}/{}.png'.format(directory, submission_id)
submission = Submission.query.get(submission_id)
user, user_id = get_user()
# Check exists
check_resource_exists(submission, "Submission", submission_id)
# Check permissions
if submission.user_id != user_id and not user.is_grader(submission.course_id):
return ajax_failure("This is not your submission and you are not a grader in its course.")
# Do action
return app.send_static_file(relative_image_path)
def post(self):
user, user_id = get_user()
submission_id = maybe_int(request.values.get('submission_id'))
submission = Submission.by_id(submission_id)
check_resource_exists(submission, "Submission", submission_id)
require_course_grader(user, submission.course_id)
review_data = request.values.copy()
del review_data['id']
review_data['author_id'] = user_id
review_data['submission_version'] = submission.version
review_data['assignment_version'] = submission.assignment_version
fix_nullables(review_data)
new_review = Review.new(review_data)
return ajax_success(dict(review=new_review.encode_json()))
def mass_close_assignment():
assignment_id = maybe_int(request.values.get("assignment_id"))
course_id = maybe_int(request.values.get("course_id"))
new_submission_status = request.values.get("new_submission_status")
user, user_id = get_user()
submissions = Submission.by_assignment(assignment_id=assignment_id,
course_id=course_id)
# Verify permissions
if not user.is_grader(course_id):
return ajax_failure("You are not a grader in this course.")
# Do action
for submission in submissions:
submission.update_submission_status(new_submission_status)
return ajax_success({'new_status': new_submission_status})
def log_event(lti=lti):
course_id = get_course_id()
user, user_id = get_user()
assignment_id = request.values.get('assignment_id')
assignment_version = request.values.get('assignment_version')
event_type = request.values.get("event_type")
file_path = request.values.get("file_path", "")
category = request.values.get('category', "")
label = request.values.get('label', "")
message = request.values.get('message', "")
# Make the entry
new_log = make_log_entry(assignment_id, assignment_version, course_id, user_id,
event_type, file_path, category, label, message)
return ajax_success({"log_id": new_log.id})
def get_assignments():
assignment_ids = request.values.get('assignment_ids', "")
course_id = get_course_id()
user, user_id = get_user()
# TODO: verify that they have the permissions to see this file
assignments = []
for assignment_id in assignment_ids.split(","):
if not assignment_id.isdigit():
return ajax_failure(f"Unknown Assignment ID: {assignment_id!r}")
assignment_id = int(assignment_id)
# With Course Role Information
assignment = Assignment.by_id(assignment_id)
check_resource_exists(assignment, "Assignment", assignment_id)
assignments.append(assignment.encode_json())
return ajax_success(dict(assignments=assignments))
def index():
"""
List all of the courses associated with the user.
"""
user, user_id = get_user()
# Get this user's course with their roles
my_courses = []
if user:
my_courses = user.get_courses()
# Get all public courses
public_courses = Course.get_public()
return render_template('courses/index.html',
user=user,
my_courses=my_courses,
public_courses=public_courses)
def assignments(course_id):
user, user_id = get_user()
# TODO: Check if public course
if not g.user.in_course(course_id):
return redirect(url_for('courses.index'))
assignments = Assignment.get_available()
groups = AssignmentGroup.query.all()
course_groups = Course.get_all_groups()
editable_courses = g.user.get_editable_courses()
return render_template('courses/assignments.html',
assignments=assignments,
groups=groups,
editable_courses=editable_courses,
course_groups=course_groups,
course_id=course_id)
def export():
assignment_id = int(request.values.get('assignment_id'))
assignment = Assignment.by_id(assignment_id)
course_id = get_course_id(True)
user, user_id = get_user()
# Verify exists
check_resource_exists(assignment, "Assignment", assignment_id)
# Verify permissions
bundle = export_bundle(assignments=[assignment])
filename = assignment.get_filename()
return Response(json.dumps(bundle),
mimetype='application/json',
headers={
'Content-Disposition':
'attachment;filename={}'.format(filename)
})
def save_image():
# Get parameters
submission_id = maybe_int(request.values.get("submission_id"))
directory = request.values.get('directory')
image = request.values.get('image')
course_id = get_course_id()
user, user_id = get_user()
submission = Submission.by_id(submission_id)
# Check resource exists
check_resource_exists(submission, "Submission", submission_id)
# Verify permissions
if submission.user_id != user_id and not user.is_grader(submission.course_id):
return ajax_failure("This is not your submission and you are not a grader in its course.")
# Do action
success = submission.save_image(directory, image)
make_log_entry(submission.assignment_id, submission.assignment_version,
course_id, user_id, "X-Image.Save", directory)
return ajax_success({"success": success})
def load_readonly(lti=lti):
embed = maybe_bool(request.values.get('embed'))
user, user_id = get_user()
assignment_data = json.loads(request.values.get("assignment_data", "{}"))
# Handle Passcode
# Handle IP Addresses
print(assignment_data)
return load_editor(lti, {
"user": user,
"user_id": user_id,
"embed": embed,
"read_only": True,
"current_submission_id": None,
"course_id": None,
"role": assignment_data.get('user', {}).get('role', 'instructor'),
"assignment_group_id": None,
"assignment_data": assignment_data
})
