def post_secure_sesd_route(): try: data = request.get_json() course_token = data.get('course_id', None) date_taken = data.get('date_taken', None) answer_pair = data.get('answers') owner = data.get('owner') course_id = Course.get_course_id(course_token,EXPIRY_INTERVAL) if not all( (course_id, date_taken, answer_pair, owner, ) ): return respond_back(ERROR, 'One of the primary arguments are missing') repo_owner = db.session.query(User).filter_by(username=owner).first() if course_id is None or repo_owner is None: return respond_back(ERROR,'This course does not exist') course_taken = db.session.query(ExamTaken).filter_by(course_id=course_id, participant_id=current_user.id).first() if course_taken is not None: return respond_back(ERROR, 'You have already taken this examination') # needed to verify JSON object's correctness for the answer answer_object = MyJSONObjectWriter() json.dump(answer_pair, answer_object, skipkeys=True, indent=2, separators=(',', ': ')) other_data = answer_object.get_buffer() solution_data = { 'user_id': current_user.id, 'owner_id': repo_owner.id, 'course_id': course_id, 'data': other_data, 'date_taken': date_taken } submit_paper_for_marking(current_user.email, json.dumps(solution_data)) return respond_back(SUCCESS, 'OK') except BadRequest: return respond_back(ERROR, 'No data was specified')
def initial_request_route(username, repo): course_owner = db.session.query(User).filter_by(username=username).first() if course_owner is None or course_owner.role < User.ADMINISTRATOR: return respond_back(ERROR, 'User does not exists or repository name is invalid') for repository in course_owner.repositories: if repository.repo_name == repo: return jsonify({'status': SUCCESS, 'url': urlify(course_owner, repository, 60 * 60 * 2), 'detail': 'Success'}) return respond_back(ERROR, 'Invalid repository name')
def edit_course_route(): if request.method == 'GET': course_name = request.args.get( 'course_name' ) repository_name = request.args.get( 'repository_name') if course_name is None or repository_name is None: return respond_back(ERROR, 'Missing request argument') else: return respond_back(SUCCESS, 'OK')
def signup_route(): try: data = request.get_json() if data is None: return error_response('Invalid request sent') name = data.get('full_name', None) address = data.get('address', None) email = data.get('email') username = data.get('username') phone_number = data.get('phone') password = data.get('password') if not all(( name, address, email, username, password, )): return respond_back(ERROR, 'Missing data member') if data_cache.sismember('tuq:usernames', username): return error_response('The username has been registered') if data_cache.sismember('tuq:emails', email): return respond_back(ERROR, 'The email address has been registered') if phone_number is not None and len( phone_number) != 0 and data_cache.sismember( 'tuq:phones', phone_number): return error_response('The mobile number has been registered') user = User(username=username, fullname=name, email=email, alias=username, password=password, address=address, role=User.NORMAL_USER, display_picture=DEFAULT_DISPLAY_PICTURE, phone_number=phone_number, is_active_premium=False, date_of_registration=str(datetime.utcnow())) try: db.session.add(user) db.session.commit() except InvalidRequestError as invalid_request_err: print(invalid_request_err) return error_response('User detail already exist') data_cache.sadd('tuq:emails', email) data_cache.sadd('tuq:usernames', username) if phone_number is not None: data_cache.sadd('tuq:phones', phone_number) send_confirmation_message(email, user.id, name) return respond_back( SUCCESS, 'A confirmation message has been sent to your email') except Exception as e: print(e) return error_response('Unable to process signup request')
def get_courses_route(): try: repository_name = request.args.get('repository') if repository_name is None: return respond_back(ERROR, 'Invalid repository name') repository = db.session.query(Repository).filter_by(user_id=current_user.id, repo_name=repository_name).first() if repository is None: return respond_back(ERROR, 'Nothing found') return jsonify({'status': SUCCESS, 'courses': list_courses_data(repository.courses)}) except BadRequest: return respond_back(ERROR, 'Bad request')
def delete_repository_route(): json_data = request.get_json() if json_data is None: return respond_back(ERROR,'Invalid request data') repository_name = json_data.get( 'repository_name' ) if repository_name is None: return respond_back(ERROR, 'A repository name must be specified') for repo in current_user.repositories: if repository_name == repo.repo_name: db.session.delete(repo) db.session.commit() return respond_back(SUCCESS,'Removed successfully') return respond_back(ERROR, 'No such repository found for user')
def confirm_user_route(): if request.method == 'GET': token = request.args.get('token') if not User.confirm_user_with_token(EXPIRY_INTERVAL, token=token): return respond_back(ERROR, 'You have either been confirmed or used an invalid/expired link.') else: return respond_back(ERROR, 'Your account has been successfully confirmed') else: try: data = request.get_json() if data is None: return respond_back(ERROR, 'Invalid data') email_address = data.get('email') if email_address is None: return respond_back(ERROR, 'No email address was specified') if not data_cache.sismember('tuq:emails', email_address): return respond_back(ERROR, 'Email address is not registered') user = db.session.query(User).filter_by(email=email_address).first() if user is None: return respond_back(ERROR, 'No user with that email exist') send_confirmation_message(user.email, user.id, user.fullname) return respond_back(SUCCESS, 'A confirmation mail has been sent to your address') except Exception as exc: print 'Error: {}'.format(str(exc)) return respond_back(ERROR, 'Unable to process request')
def login_route(): try: data = request.get_json() if data is None: return respond_back(ERROR, 'Invalid request sent') username = data.get('username', None) password = data.get('password', None) student = db.session.query(User).filter_by(username=username).first() if student is None: return jsonify({'status': ERROR, 'detail': 'Invalid login detail'}) if not student.verify_password(password): return jsonify({ 'status': ERROR, 'detail': 'Invalid username or password' }) login_user(student, False) return jsonify({ 'status': SUCCESS, 'detail': current_user.fullname, 'dp_link': current_user.display_picture, 'endpoints': url_for('auth.get_endpoint_route', _external=True) }) except BadRequest: return error_response('Invalid login request received.')
def upload(upload_object, request_object, username, data): # file_index: just a custom header to ensure the upload comes from an accredited client file_index = request_object.headers.get('FileIndex') if file_index is None: return respond_back(ERROR, 'Data does not originate from accredited source') if data in request_object.files: repository_name = request_object.args.get('repository') if repository_name is None or len(str(repository_name)) < 1: return respond_back(ERROR, 'Invalid repository name') try: sub_dir = '{parent_dir}/{sub}'.format(parent_dir=username, sub=repository_name) filename = upload_object.save(request_object.files[data], folder=sub_dir) url = upload_object.url(filename) url = url.replace('http', 'https', 1) if url.startswith('http') else url return jsonify({'status': SUCCESS, 'index': file_index, 'url': url}) except UploadNotAllowed: return respond_back(ERROR, 'Upload type not allowed') return respond_back(ERROR, 'Invalid data')
def get_question_route(): file_id = request.args.get('file_id', None) if request.args.get('path_generator') is None: return respond_back(ERROR, 'Invalid request') if file_id is None: return invalid_url_error() course = db.session.query(Course).filter_by(id=file_id).first() if course is None: return invalid_url_error() return send_file(course.quiz_filename)
def delete_course_route(): json_data = request.get_json() if json_data is None: return respond_back(ERROR, 'Invalid request data') repository_name = json_data.get( 'repository_name') # repository under which the course can be found course_name = json_data.get('course_name') if course_name is None: return respond_back(ERROR, 'A course name must be specified') repository = db.session.query( Repository ).filter_by( repo_name = repository_name, user_id = current_user.id ).first() if repository is None: return respond_back(ERROR, 'Cannot find repository housing the course') course = db.session.query( Course ).filter_by( repo_id = repository.id, name = course_name ).first() if course is None: return respond_back(ERROR, 'Cannot find the course specified') db.session.remove(course) db.session.commit() data_cache.hdel(well_known_courses,course.id) return respond_back(SUCCESS, 'Course removed successfully')
def edit_course_route(): if request.method == 'GET': try: course_id = request.args.get('course_id') repository_name = request.args.get('repository_name') if course_id is None or len( course_id) < 1 or repository_name is None: return error_response('Missing request argument') repository = db.session.query(Repository).\ filter_by(repo_name=repository_name,owner_id=current_user.id).first() if repository is None or repository.owner_id != current_user.id: return respond_back(ERROR, 'Repository does not exist') course = db.session.query(Course).filter_by( id=long(course_id), repo_id=repository.id).first() if course is None: return error_response('No course under that name was found') departments = [ dept for dept in course.departments if len(dept.name.strip()) != 0 ] question_file = open(course.quiz_filename, 'r') answer_file = open(course.solution_filename, 'r') data = { 'name': course.name, 'course_code': course.code, 'administrator_name': course.lecturer_in_charge, 'departments': departments, 'repository_name': repository_name, 'date_to_be_held': str(course.date_to_be_held), 'icon': course.logo_location, 'duration': course.duration_in_minutes, 'approach': course.answers_approach, 'randomize': course.randomize_questions, 'expires_on': str(course.expires_on), 'question': json.load(question_file), 'answers': json.load(answer_file) } question_file.close() answer_file.close() return success_response(data) except Exception as exc: print('Exception caught: {}\n'.format(str(exc))) return error_response('Unable to get that information') else: try: update_course(request.get_json(), current_user, db) return success_response('Update performed successfully') except ValueError as value_error: return error_response(str(value_error)) except Exception as exc: print(exc) return error_response('Unable to perform course update')
def add_repository_route(): try: data = request.get_json() if data is None: return respond_back(ERROR, 'Invalid data') repository_name = data.get('repository_name') if repository_name is None or len(repository_name) == 0: return respond_back(ERROR, 'Invalid repository name supplied') for repo in current_user.repositories: if repo.repo_name == repository_name: return respond_back(ERROR, 'Repository with that name already exist in your account') repository = Repository(repo_name=repository_name) current_user.repositories.append(repository) safe_makedir(UPLOAD_DIR, current_user.username, repository_name) db.session.add(repository) db.session.add(current_user) db.session.commit() return respond_back(SUCCESS, 'Successful') except BadRequest: return respond_back(ERROR, 'Bad request') except Exception as e: print e return respond_back(ERROR, 'Unable to add repository, check the data and try again')
def rank_courses_result(courses): data = [] # courses = json.loads(courses) for course in courses: if course is None: continue course = json.loads(course) if course is None: continue course_id = long(course.get('id')) data.append({ 'paper_name': course.get('name'), 'icon': course.get('icon'), 'owner': course.get('owner_username'), 'id': Course.generate_course_token(course_id, EXPIRY_INTERVAL * 2) }) return respond_back(SUCCESS, data)
def delete_repository_route(): json_data = request.get_json() if json_data is None: return respond_back(ERROR, 'Invalid request data') repository_name = json_data.get('repository_name') if repository_name is None or len(repository_name) == 0: return error_response('A valid repository name must be specified') try: for repository in current_user.repositories: if repository_name == repository.repo_name: db.session.delete(repository) db.session.commit() data_cache.rpush( deleted_repo_keys, current_user.username + '^^' + repository_name) return success_response('Removed successfully') return error_response('No such repository found for user') except Exception as exc: print(exc) return error_response('Unable to process request')
def get_result_route(): all_results = db.session.query(ExamTaken).filter_by(participant_id=current_user.id).all() data = [] for result in all_results: course_info = data_cache.hget(well_known_courses, result.course_id) course_info_obj = None if course_info is None: course_info = db.session.query(Course).filter_by(id=result.course_id).first() if course_info is None: # still none? print 'We have an issue with {}'.format(result.course_id) continue # otherwise cache it course_cache = {'name': course_info.name, 'id': course_info.id, 'owner': course_info.lecturer_in_charge, 'question': course_info.quiz_filename, 'code': course_info.code, 'solution': course_info.solution_filename} data_cache.hset(well_known_courses,result.course_id, json.dumps(course_cache)) course_info_obj = course_cache # no need to recheck the data_cache, just use the data if course_info_obj is None: # if it has not been loaded yet, use the data obtained course_info_obj = json.loads(course_info) data.append({'name': course_info_obj['name'], 'score': result.score, 'date': result.date_taken, 'total': result.total_score, 'code': course_info_obj['code'], 'owner': course_info_obj['owner']}) return respond_back(SUCCESS, data)
def request_entity_too_large(e): return respond_back(ERROR, 'Request entity is too large')
def success_response(message): return respond_back(SUCCESS, message)
def invalid_url_error(): return respond_back(ERROR, 'Invalid URL specified')
def error_response(message): return respond_back(ERROR, message)
def admin_add_course_route(): try: data = request.get_json() if data is None: return respond_back(ERROR, 'Invalid data') print data course_name = data.get('name') course_code = data.get('course_code') personnel_in_charge = data.get('administrator_name') hearing_date = data.get('date_to_be_held') duration_in_minutes = data.get('duration') question = data.get('question') approach = data.get('approach') randomize_question = data.get('randomize') expires = data.get('expires_on') solution = data.get('answers') departments = data.get('departments') repository_name = data.get('repository_name') if course_code is None or course_name is None or personnel_in_charge is None\ or hearing_date is None or duration_in_minutes is None or departments is None\ or question is None or randomize_question is None or approach is None\ or solution is None: return respond_back(ERROR, 'Missing arguments') repositories = current_user.repositories repository_to_use = None for repo in repositories: if repo.repo_name == repository_name: repository_to_use = repo break if repository_to_use is None: return respond_back(ERROR, 'Repository does not exist') for course in repository_to_use.courses: if course_code == course.code: return respond_back(ERROR, 'Course with that code already exist') department_list = [] try: for department_name in departments: department_list.append(Department(name=department_name)) except AttributeError: return respond_back(ERROR, 'Expects a valid data in the departments') full_path, solution_fn = (None, None) try: filename = course_code.replace(' ', '_').replace('.', '_') + '.json' dir_path = safe_makedir(UPLOAD_DIR, current_user.username, repository_name) full_path = safe_join(dir_path, filename) solution_fn = safe_join(dir_path, 'solutions_'+ filename) with open(full_path, mode='wt') as out: json.dump(question, out, sort_keys=True, indent=4, separators=(',', ': ')) with open( solution_fn, mode='wt') as out: json.dump(solution, out, indent=True, separators=(',', ': ')) except ValueError: return respond_back(ERROR, 'Invalid JSON Document for question') course = Course(name=course_name, code=course_code, lecturer_in_charge=personnel_in_charge, answers_approach=approach, expires_on=expires, date_to_be_held=date_from_string(hearing_date), duration_in_minutes=int(duration_in_minutes), departments=department_list, quiz_filename=full_path, solution_filename = solution_fn, randomize_questions=randomize_question) repository_to_use.courses.append(course) db.session.add(course) db.session.add(repository_to_use) db.session.add(current_user) db.session.commit() course_cache = { 'name': course.name, 'id': course.id, 'owner': course.lecturer_in_charge, 'code': course.code, 'solution': course.solution_filename } is_set = data_cache.hset(well_known_courses,course.id, json.dumps(course_cache)) print 'New course set: {}'.format( is_set ) return respond_back(SUCCESS, 'New course added successfully') except BadRequest: return respond_back(ERROR, 'Bad request') except Exception as e: print e return respond_back(ERROR, 'Could not add the course')
def interval_server_error(e): return respond_back(ERROR, 'An internal server error occured')
def get_endpoint_route(): endpoints = { 'result': url_for( 'auth.get_result_route', _external=True ) } return respond_back(SUCCESS, endpoints)
def before_auth_request(): if not current_user.is_authenticated: return respond_back(ERROR, 'Not logged in') if not current_user.confirmed: return respond_back(ERROR, 'Account has not been confirmed yet')