Ejemplo n.º 1
0
def add_user_to_shared_collection(request, secret_share_key=''):
    """
    Decrypt the encrypted URL and add the user to the appropriate
    collection with the appropriate role
    """
    decrypted_info = base64.urlsafe_b64decode(
        secret_share_key.encode("ascii", "ignore"))
    (random_id, collection_id, expired_in,
     random_id) = decrypted_info.split('!!')

    # NOTE: hard coding the role as LEARNER (i.e. student) instead of passing
    # the role via the share URL as before. That's insecure without encryption
    # and proper validation that the URL hasn't been tampered with. The main purpose
    # of the sharing functionality is to give other students access to the collection,
    # so this accomplishes that.
    role = Users_Collections.LEARNER

    if not collection_id.isdigit():
        return HttpResponseBadRequest('Invalid share URL [C]')
    if not Users_Collections.is_valid_role(role):
        return HttpResponseBadRequest('Invalid share URL [R]')

    try:
        expired_in = datetime.datetime.strptime(expired_in, "%Y-%m-%d")
        current_time = datetime.datetime.now()
        if expired_in <= current_time:
            return HttpResponseBadRequest(
                'This share URL has **expired** and is no longer valid.')
    except ValueError:
        return HttpResponseBadRequest('Invalid share URL [E]')

    if not Collection.objects.filter(id=int(collection_id)):
        return HttpResponseBadRequest('Invalid share URL [CC]')

    collection = Collection.objects.get(id=int(collection_id))
    uc_kwargs = {
        'user': request.user,
        'collection': collection,
        'role': Users_Collections.OBSERVER
    }
    if not Users_Collections.objects.exclude(**uc_kwargs):
        uc_kwargs['role'] = role
        uc_kwargs['date_joined'] = datetime.date.today()
        Users_Collections(**uc_kwargs).save()
    log.info('User added to the collection %s as a learner.' % collection_id,
             extra={'user': request.user})
    return HttpResponseRedirect("/")
Ejemplo n.º 2
0
def handle_custom_file(uploaded_file, course_name, user, is_teacher=False):
    """Handles an uploaded custom deck file."""
    cached_file_contents = uploaded_file.read()
    mappings = None
    try:
        [file_contents, zfile, file_names, path_to_excel] = extract_from_zip(uploaded_file)
        is_zip = True
    except zipfile.BadZipfile:
        file_contents = cached_file_contents
        is_zip = False
    if not utils.correct_custom_format(file_contents):
        raise Exception, "Incorrect format of the spreadsheet."
    card_template_fields = utils.get_card_template(file_contents)
    card_template = CardTemplate(title=course_name, owner=user)
    card_template.save()
    for template_field in card_template_fields:
        label = template_field['label']
        side = template_field['side']
        sort_order = template_field['sort_order']
        if side == 'Front':
            display = True
        else:
            display = False
        type = template_field['type'][0]
        field = Field(label=label, field_type=type, show_label=True, display=display, sort_order=sort_order)
        field.save()
        card_template_field = CardTemplates_Fields(card_template=card_template, field=field)
        card_template_field.save()
    collection = Collection(title=course_name, card_template=card_template, published=not is_teacher)
    collection.save()
    user_collection = Users_Collections(user=user, date_joined=date.today(), collection=collection, role=Users_Collections.ADMINISTRATOR)
    user_collection.save()
    deck = create_deck(collection_id=collection.id, deck_title='Untitled Deck')
    if is_zip:
        [file_contents, mappings] = get_mappings_from_zip(deck, file_contents, file_names, zfile, path_to_excel, custom=True)

    try:
        parsed_cards = utils.parse_deck_template_file(deck.collection.card_template, file_contents, mappings, custom=True)
    except:
        raise Exception, "Uploaded file type not supported."
    add_cards_to_deck(deck, parsed_cards)
    return deck
Ejemplo n.º 3
0
def get_or_update_role_bucket(request, collection_id = None, role = None):
    """ Get, create, and/or update the user's role_bucket.
        Returns the uptodate role_bucket dictionary.
    """
    role_bucket = request.session.get('role_bucket',{})

    if role_bucket and collection_id:
        if not role or not role_bucket.has_key(role):
            raise Exception("Invalid role provided. %s does not exist" % role)
        role_bucket[role].append(collection_id)
    else:
        role_bucket = Users_Collections.get_role_buckets(request.user)
        request.session['role_bucket'] = role_bucket

    return role_bucket
Ejemplo n.º 4
0
def get_or_update_role_bucket(request, collection_id=None, role=None):
    """ Get, create, and/or update the user's role_bucket.
        Returns the uptodate role_bucket dictionary.
    """
    role_bucket = request.session.get('role_bucket', {})

    if role_bucket and collection_id:
        if not role or not role_bucket.has_key(role):
            raise Exception("Invalid role provided. %s does not exist" % role)
        role_bucket[role].append(collection_id)
    else:
        role_bucket = Users_Collections.get_role_buckets(request.user)
        request.session['role_bucket'] = role_bucket

    return role_bucket
Ejemplo n.º 5
0
def add_user_to_shared_collection(request, secret_share_key=''):
    """
    Decrypt the encrypted URL and add the user to the appropriate
    collection with the appropriate role
    """
    decrypted_info = base64.urlsafe_b64decode(secret_share_key.encode("ascii", "ignore"))
    (random_id, collection_id, expired_in, random_id) = decrypted_info.split('!!')

    # NOTE: hard coding the role as LEARNER (i.e. student) instead of passing
    # the role via the share URL as before. That's insecure without encryption
    # and proper validation that the URL hasn't been tampered with. The main purpose
    # of the sharing functionality is to give other students access to the collection,
    # so this accomplishes that.
    role = Users_Collections.LEARNER

    if not collection_id.isdigit():
        return HttpResponseBadRequest('Invalid share URL [C]')
    if not Users_Collections.is_valid_role(role):
        return HttpResponseBadRequest('Invalid share URL [R]')

    try:
        expired_in = datetime.datetime.strptime(expired_in,"%Y-%m-%d")
        current_time = datetime.datetime.now()
        if expired_in <= current_time:
            return HttpResponseBadRequest('This share URL has **expired** and is no longer valid.')
    except ValueError:
        return HttpResponseBadRequest('Invalid share URL [E]')

    if not Collection.objects.filter(id=int(collection_id)):
        return HttpResponseBadRequest('Invalid share URL [CC]')

    collection = Collection.objects.get(id=int(collection_id))
    uc_kwargs = {'user':request.user,'collection':collection,'role':Users_Collections.OBSERVER}
    if not Users_Collections.objects.exclude(**uc_kwargs):
        uc_kwargs['role'] = role
        uc_kwargs['date_joined'] = datetime.date.today()
        Users_Collections(**uc_kwargs).save()
    log.info('User added to the collection %s as a learner.' %collection_id, extra={'user': request.user})
    return HttpResponseRedirect("/")
Ejemplo n.º 6
0
def handle_custom_file(uploaded_file, course_name, user, is_teacher=False):
    """Handles an uploaded custom deck file."""
    cached_file_contents = uploaded_file.read()
    mappings = None
    try:
        [file_contents, zfile, file_names,
         path_to_excel] = extract_from_zip(uploaded_file)
        is_zip = True
    except zipfile.BadZipfile:
        file_contents = cached_file_contents
        is_zip = False
    if not utils.correct_custom_format(file_contents):
        raise Exception, "Incorrect format of the spreadsheet."
    card_template_fields = utils.get_card_template(file_contents)
    card_template = CardTemplate(title=course_name, owner=user)
    card_template.save()
    for template_field in card_template_fields:
        label = template_field['label']
        side = template_field['side']
        sort_order = template_field['sort_order']
        if side == 'Front':
            display = True
        else:
            display = False
        type = template_field['type'][0]
        field = Field(label=label,
                      field_type=type,
                      show_label=True,
                      display=display,
                      sort_order=sort_order)
        field.save()
        card_template_field = CardTemplates_Fields(card_template=card_template,
                                                   field=field)
        card_template_field.save()
    collection = Collection(title=course_name,
                            card_template=card_template,
                            published=not is_teacher)
    collection.save()
    user_collection = Users_Collections(user=user,
                                        date_joined=date.today(),
                                        collection=collection,
                                        role=Users_Collections.ADMINISTRATOR)
    user_collection.save()
    deck = create_deck(collection_id=collection.id, deck_title='Untitled Deck')
    if is_zip:
        [file_contents, mappings] = get_mappings_from_zip(deck,
                                                          file_contents,
                                                          file_names,
                                                          zfile,
                                                          path_to_excel,
                                                          custom=True)

    try:
        parsed_cards = utils.parse_deck_template_file(
            deck.collection.card_template,
            file_contents,
            mappings,
            custom=True)
    except:
        raise Exception, "Uploaded file type not supported."
    add_cards_to_deck(deck, parsed_cards)
    return deck