def post(self) -> Response: """ POST response method for creating a quiz submission. JSON Web Token is required. Student must be in the course. Student may only have one submission per quiz. """ user = get_jwt_identity() data = request.get_json() quiz_id = data['quiz'] # already a submission from this user if len(Submissions.objects(quiz=quiz_id, user=user)) != 0: return forbidden() # quiz doesn't exist try: quiz = Quizzes.objects.get(id=quiz_id) course = Courses.objects.get(id=quiz.course.id) except DoesNotExist as e: return not_found() # student must be enrolled in the course of the quiz courses = Courses.objects(students=user) if course not in courses: return forbidden() # student is in course and has not submitted # generate the answer key answer_key = {} for question in quiz.quizQuestions: answer_key[question.index] = question.answer # compare answer key to student responses student_responses = data['answers'] grade = 0 for response in student_responses: index = response['question'] if index in answer_key and answer_key[index] == response['answer']: grade += 1 try: data['user'] = user data['grade'] = grade submission = Submissions(**data).save() except ValidationError as e: return bad_request(e.to_dict()) output = {'id': str(submission.id)} return jsonify(output)
def get(self, course_id: str) -> Response: """ GET response method for all documents in course collection. JSON Web Token is required. """ authorized: bool = True #Users.objects.get(id=get_jwt_identity()).access.admin user_id = get_jwt_identity() # make sure the course exists try: course = Courses.objects.get(id=course_id) except DoesNotExist: return not_found() if authorized: inst_id = getattr(getattr(course, 'instructor'), 'id') if (str(inst_id) != str(user_id)): query = Feedback.objects(course=course_id, public=True) else: query = Feedback.objects(course=course_id) res = [] for fb in query: img_b64 = base64.b64encode(fb.user.image.thumbnail.read()) fb_json = { 'comment': fb.comment, 'user': fb.user.name, 'image': img_b64.decode('utf-8') } res.append(fb_json) return jsonify(res) else: return forbidden()
def post(self) -> Response: """ POST response method for endorsing a course. :return: JSON object """ data = request.get_json() user_id=get_jwt_identity() course_id = data["courseId"] authorized: bool = Users.objects.get(id=user_id).roles.organization if authorized: # don't let an organization endorse the same course twice if Courses.objects(id=course_id, endorsedBy=ObjectId(user_id)): return conflict("You already endorsed this course!") # add the organization the course's endorsedBy list try: endorse = Courses.objects(id=course_id).update(push__endorsedBy=ObjectId(user_id)) if endorse == 0: return not_found("404 Error: The requested course does not exist") except InvalidId as e: print(e.__class__.__name__) print(dir(e)) return bad_request(str(e)) except ValidationError as e: return bad_request(e.message) output = {'id': user_id} return jsonify(output) else: return forbidden()
def delete(self) -> Response: """ DELETE response method for deleting all users. JSON Web Token is required. Authorization is required: Access(admin=true) :return: JSON object """ authorized: bool = True #Users.objects.get(id=get_jwt_identity()).access.admin if authorized: output = Users.objects.delete() return jsonify(output) else: return forbidden()
def get(self, course_id) -> Response: # get the number of people enrolled in a course # get the instructor for the course try: course = Courses.objects.get(id=course_id) inst = course.instructor except DoesNotExist: return not_found("could not find the specified course") authorized = (str(inst.id) == get_jwt_identity()) if not authorized: return forbidden() output = {'students': len(course.students)} return jsonify(output)
def get(self) -> Response: """ GET response method for acquiring all user data. JSON Web Token is required. Authorization is required: Access(admin=true) :return: JSON object """ authorized: bool = True #Users.objects.get(id=get_jwt_identity()).access.admin if authorized: query = Users.objects() fields = {'email', 'password', 'name', 'phone', 'roles'} return jsonify(convert_query(query, fields)) else: return forbidden()
def get(self, user_id: str) -> Response: """ GET response method for acquiring single user data. JSON Web Token is required. Authorization is required: Access(admin=true) or UserId = get_jwt_identity() :return: JSON object """ authorized: bool = True #Users.objects.get(id=get_jwt_identity()).access.admin if authorized: user = Users.objects.get(id=user_id) fields = {'email', 'password', 'name', 'phone', 'roles'} return jsonify(convert_doc(user, fields)) else: return forbidden()
def post(self: str) -> Response: """ POST response method for creating user. JSON Web Token is required. Authorization is required: Access(admin=true) :return: JSON object """ authorized: bool = True #Users.objects.get(id=get_jwt_identity()).access.admin if authorized: data = request.get_json() user = create_user(data) output = {'id': str(user.id)} return jsonify(output) else: return forbidden()
def get(self, course_id: str) -> Response: """ GET response method for single documents in course collection. :return: JSON object """ # check if the given course id is valid or not try: course = Courses.objects.get(id=course_id) except DoesNotExist as e: return not_found() except ValidationError as e: return bad_request() user = get_jwt_identity() try: # check if the user is enrolled in the course queryCourse = Courses.objects.get(id=course_id, students=ObjectId(user)) student = True except DoesNotExist as e: student = False # check if the user is the instructor of the course or if they are an admin inst = str(course.instructor.id) == user admin = Users.objects.get(id=user).roles.admin authorized = student or inst or admin if authorized: if inst or admin: query = Quizzes.objects(course=course) elif student: query = Quizzes.objects(course=course, published=True) fields = { 'id', 'name', 'quizQuestions', 'published', } embedded = {'course': {'id': 'course'}} converted = convert_embedded_query(query, fields, embedded) return jsonify(converted) else: return forbidden()
def put(self, user_id: str) -> Response: """ PUT response method for updating a user. JSON Web Token is required. Authorization is required: Access(admin=true) or UserId = get_jwt_identity() :return: JSON object """ authorized: bool = True #Users.objects.get(id=get_jwt_identity()).access.admin if authorized: data = request.get_json() put_user = Users.objects(id=user_id).update(**data) output = {'id': str(put_user.id)} return jsonify(output) else: return forbidden()
def delete(self, op_id: str) -> Response: """ DELETE response method for deleting single opportunity. JSON Web Token is required. """ authorized: bool = Users.objects.get(id=get_jwt_identity()).roles.organization or \ Users.objects.get(id=get_jwt_identity()).roles.admin if authorized: try: output = Opportunity.objects.get(id=op_id).delete() except ValidationError as e: return bad_request(e.message) return jsonify(output) else: return forbidden()
def put(self, op_id: str) -> Response: """ PUT response method for updating an opportunity. JSON Web Token is required. """ data = request.get_json() authorized: bool = Users.objects.get(id=get_jwt_identity()).roles.organization or \ Users.objects.get(id=get_jwt_identity()).roles.admin if authorized: try: res = Opportunity.objects.get(id=op_id).update(**data) except ValidationError as e: return bad_request(e.message) return jsonify(res) else: return forbidden()
def get(self) -> Response: """ GET response method for all documents in quiz collection. JSON Web Token is required. """ authorized: bool = Users.objects.get(id=get_jwt_identity()).roles.admin if authorized: query = Quizzes.objects() fields = { 'id', 'name', 'published', } response = convert_query(query, include=fields) return jsonify(response) else: return forbidden()
def get(self, course_id) -> Response: # get the number of *published* quizzes in a course # get the instructor for the course try: course = Courses.objects.get(id=course_id) inst = course.instructor except DoesNotExist: return not_found("could not find the specified course") authorized = (str(inst.id) == get_jwt_identity()) if not authorized: return forbidden() # get all the quizzes for this course that are published quizzes = Quizzes.objects(course=course, published=True) output = {'quizzes': len(quizzes)} return jsonify(output)
def get(self, course_id) -> Response: # get the number of *published* quizzes in a course # get the instructor for the course try: course = Courses.objects.get(id=course_id) inst = course.instructor except DoesNotExist: return not_found("could not find the specified course") authorized = (str(inst.id) == get_jwt_identity()) if not authorized: return forbidden() # get all the quizzes for this course that are published quizzes = Quizzes.objects(course=course, published=True) # output will be a list of quiz objects (name, # of submissions, and average) output = [] for quiz in quizzes: query = Submissions.objects(quiz=quiz.id) if (len(query) > 0 and len(quiz.quizQuestions) > 0): total = 0 for submission in query: total += submission.grade average = total / (len(query) * len(quiz.quizQuestions)) # the following two lines take the decimal average and convert it to whole number with 2 digits remaining # examples: # 0.01 -> 100.0 -> 1 # 0.234 -> 234.0 -> 23 average *= 10000 average //= 100 totalSubs = len(query) else: average = 0 totalSubs = 0 output.append({ 'quiz': quiz.name, 'average': average, 'totalSubmissions': totalSubs, }) return jsonify(output)
def post(self) -> Response: """ POST response method for creating a course. JSON Web Token is required. Authorization is required: Access(admin=true) """ authorized: bool = True #Users.objects.get(id=get_jwt_identity()).access.admin if authorized: data = request.get_json() # get the instructor id based off of jwt token identity data['instructor'] = get_jwt_identity() try: course = Courses(**data).save() except ValidationError as e: return bad_request(e.to_dict()) output = {'id': str(course.id)} return jsonify(output) else: return forbidden()
def get(self, course_id) -> Response: # get the view count for a course page # get the instructor for the course try: inst = Courses.objects.get(id=course_id).instructor except DoesNotExist: return not_found("could not find the specified course") authorized = (str(inst.id) == get_jwt_identity()) if not authorized: return forbidden() # get the page with the given name (might not be registered yet) try: page_name = '~courses~' + course_id page = Pages.objects.get(name=page_name) output = {'views': page.views} return jsonify(output) except DoesNotExist: return not_found("this page has no views yet")
def post(self) -> Response: """ POST response method for creating a quiz. JSON Web Token is required. Authorization is required: role must be instructor """ user = get_jwt_identity() data = request.get_json() oid = ObjectId(user) authorized: bool = Courses.objects.get( id=data['course'])['instructor']['id'] == oid authorized = authorized or Users.objects.get(id=user).roles.admin if authorized: try: quiz = Quizzes(**data).save() except ValidationError as e: return bad_request(e.to_dict()) output = {'id': str(quiz.id)} return jsonify(output) else: return forbidden()
def delete(self, course_id: str) -> Response: """ DELETE response method for deleting single course. JSON Web Token is required. Authorization is required: Access(admin=true) """ queryCourse = Courses.objects.get(id=course_id) user = get_jwt_identity() # only the course instructor can delete courses authorized: bool = queryCourse['instructor']['id'] == ObjectId(user) # or an admin authorized = authorized or Users.objects.get(id=user).roles.admin if authorized: output = Courses.objects(id=course_id).delete() if output == 0: return not_found() else: return jsonify(output) else: return forbidden()
def post(self) -> Response: """ POST response method for creating an opportunity. JSON Web Token is required. """ data = request.get_json() authorized: bool = Users.objects.get(id=get_jwt_identity()).roles.organization or \ Users.objects.get(id=get_jwt_identity()).roles.admin if authorized: data['organization'] = get_jwt_identity() try: opportunity = Opportunity(**data).save() except ValidationError as e: return bad_request(e.to_dict()) output = {'id': str(opportunity.id)} return jsonify(output) else: return forbidden()
def post(self) -> Response: authorized: bool = True #Users.objects.get(id=get_jwt_identity()).access.admin if authorized: data = request.get_json() # make sure the course exists try: course = Courses.objects.get(id=data["course"]) except DoesNotExist: return not_found() # get the user id based off of jwt token identity data['user'] = get_jwt_identity() try: feedback = Feedback(**data).save() except ValidationError as e: return bad_request(e.to_dict()) output = {'id': str(feedback.id)} return jsonify(output) else: return forbidden()
def get(self) -> Response: """ GET response method for all documents related to an org. :return: JSON object """ query = Opportunity.objects(organization=get_jwt_identity()) authorized: bool = Users.objects.get(id=get_jwt_identity()).roles.organization or \ Users.objects.get(id=get_jwt_identity()).roles.admin if authorized: fields = { 'paid', 'description', 'published', 'id', } converted = convert_query(query, fields) return jsonify(converted) else: return forbidden()
def put(self, quiz_id: str) -> Response: """ PUT response method for updating a quiz. JSON Web Token is required. """ query = Quizzes.objects.get(id=quiz_id) user = get_jwt_identity() # only the course instructor can delete their quizzes authorized: bool = query.course.instructor.id == ObjectId(user) # or an admin authorized = authorized or Users.objects.get(id=user).roles.admin if not authorized: return forbidden() data = request.get_json() if ('course' in data): data['course'] = ObjectId(data['course']) try: res = query.update(**data) except ValidationError as e: return bad_request(e.message) return jsonify(res)
def get(self) -> Response: """ GET response method for all documents in course collection. JSON Web Token is required. """ authorized: bool = True #Users.objects.get(id=get_jwt_identity()).access.admin if authorized: query = Courses.objects() fields = { 'id', 'name', 'objective', 'learningOutcomes', 'published', } res = convert_query(query, include=fields) return jsonify(res) else: return forbidden()