class Criterion(DefaultTableMixin, UUIDMixin, ActiveMixin, WriteTrackingMixin): __tablename__ = 'criterion' # table columns user_id = db.Column(db.Integer, db.ForeignKey('user.id', ondelete="CASCADE"), nullable=False) name = db.Column(db.String(255), nullable=False) description = db.Column(db.Text) public = db.Column(db.Boolean(), default=False, nullable=False, index=True) default = db.Column(db.Boolean(), default=True, nullable=False, index=True) # relationships # user via User Model # assignment many-to-many criterion with association assignment_criteria user_uuid = association_proxy('user', 'uuid') assignment_criteria = db.relationship("AssignmentCriterion", back_populates="criterion", lazy='dynamic') comparison_criteria = db.relationship("ComparisonCriterion", backref="criterion", lazy='dynamic') answer_criteria_scores = db.relationship("AnswerCriterionScore", backref="criterion", lazy='dynamic') # hybrid and other functions @hybrid_property def compared(self): return self.compare_count > 0 @classmethod def get_by_uuid_or_404(cls, model_uuid, joinedloads=[], title=None, message=None): if not title: title = "Criterion Unavailable" if not message: message = "Sorry, this criterion was deleted or is no longer accessible." return super(cls, cls).get_by_uuid_or_404(model_uuid, joinedloads, title, message) @classmethod def get_active_by_uuid_or_404(cls, model_uuid, joinedloads=[], title=None, message=None): if not title: title = "Criterion Unavailable" if not message: message = "Sorry, this criterion was deleted or is no longer accessible." return super(cls, cls).get_active_by_uuid_or_404(model_uuid, joinedloads, title, message) @classmethod def __declare_last__(cls): super(cls, cls).__declare_last__() cls.compare_count = column_property( select([func.count(ComparisonCriterion.id)]). where(ComparisonCriterion.criterion_id == cls.id). scalar_subquery(), deferred=True, group="counts" )
class ActivityLog(DefaultTableMixin): __tablename__ = 'activity_log' # table columns user_id = db.Column(db.Integer, db.ForeignKey('user.id', ondelete="SET NULL"), nullable=True) course_id = db.Column(db.Integer, db.ForeignKey('course.id', ondelete="SET NULL"), nullable=True) timestamp = db.Column( db.TIMESTAMP, default=func.current_timestamp(), nullable=False ) event = db.Column(db.String(50)) data = db.Column(db.Text) status = db.Column(db.String(20)) message = db.Column(db.Text) session_id = db.Column(db.String(100))
class LTINonce(DefaultTableMixin, WriteTrackingMixin): __tablename__ = 'lti_nonce' # table columns lti_consumer_id = db.Column(db.Integer, db.ForeignKey("lti_consumer.id", ondelete="CASCADE"), nullable=False) oauth_nonce = db.Column(db.String(191), nullable=False) oauth_timestamp = db.Column(db.TIMESTAMP, nullable=False) # relationships # lti_consumer via LTIConsumer Model # hybrid and other functions @classmethod def is_valid_nonce(cls, oauth_consumer_key, oauth_nonce, oauth_timestamp): from . import LTIConsumer lti_consumer = LTIConsumer.get_by_consumer_key(oauth_consumer_key) if lti_consumer == None: return False try: # is valid if it is unique on consumer, nonce, and timestamp # validate based on insert passing the unique check or not lti_nonce = LTINonce(lti_consumer_id=lti_consumer.id, oauth_nonce=oauth_nonce, oauth_timestamp=datetime.fromtimestamp( float(oauth_timestamp))) db.session.add(lti_nonce) db.session.commit() except exc.IntegrityError: db.session.rollback() return False return True @classmethod def __declare_last__(cls): super(cls, cls).__declare_last__() __table_args__ = ( # prevent duplicate user in course db.UniqueConstraint('lti_consumer_id', 'oauth_nonce', 'oauth_timestamp', name='_unique_lti_consumer_nonce_and_timestamp'), DefaultTableMixin.default_table_args)
class KalturaMedia(DefaultTableMixin, WriteTrackingMixin): __tablename__ = 'kaltura_media' # table columns user_id = db.Column(db.Integer, db.ForeignKey('user.id', ondelete="CASCADE"), nullable=False) service_url = db.Column(db.String(255), nullable=False) partner_id = db.Column(db.Integer, default=0, nullable=False) player_id = db.Column(db.Integer, default=0, nullable=False) upload_ks = db.Column(db.String(255), nullable=False) upload_token_id = db.Column(db.String(255), nullable=False, index=True) file_name = db.Column(db.String(255), nullable=True) entry_id = db.Column(db.String(255), nullable=True) download_url = db.Column(db.String(255), nullable=True) # relationships # user via User Model files = db.relationship("File", backref="kaltura_media", lazy='dynamic') # hyprid and other functions @hybrid_property def extension(self): return self.file_name.lower().rsplit( '.', 1)[1] if '.' in self.file_name else None @hybrid_property def media_type(self): from compair.kaltura import KalturaCore if self.extension in KalturaCore.video_extensions(): return 1 elif self.extension in KalturaCore.audio_extensions(): return 5 return None @hybrid_property def show_recent_warning(self): now = dateutil.parser.parse( datetime.datetime.utcnow().replace(tzinfo=pytz.utc).isoformat()) # modified will be when the upload was completed warning_period = self.modified.replace( tzinfo=pytz.utc) + datetime.timedelta(minutes=5) return now < warning_period # hyprid and other functions @classmethod def __declare_last__(cls): super(cls, cls).__declare_last__()
class ThirdPartyUser(DefaultTableMixin, WriteTrackingMixin): __tablename__ = 'third_party_user' # table columns third_party_type = db.Column(EnumType(ThirdPartyType, name="third_party_type"), nullable=False) unique_identifier = db.Column(db.String(255), nullable=False) user_id = db.Column(db.Integer, db.ForeignKey("user.id", ondelete="CASCADE"), nullable=False) _params = db.Column(db.Text) # relationships # user via User Model # hyprid and other functions @property def params(self): return json.loads(self._params) if self._params else None @params.setter def params(self, params): self._params = json.dumps(params) if params else None @classmethod def __declare_last__(cls): super(cls, cls).__declare_last__() __table_args__ = ( # prevent duplicate user in course db.UniqueConstraint( 'third_party_type', 'unique_identifier', name='_unique_third_party_type_and_unique_identifier'), DefaultTableMixin.default_table_args)
class UserCourse(DefaultTableMixin, WriteTrackingMixin): __tablename__ = 'user_course' # table columns user_id = db.Column(db.Integer, db.ForeignKey("user.id", ondelete="CASCADE"), nullable=False) course_id = db.Column(db.Integer, db.ForeignKey("course.id", ondelete="CASCADE"), nullable=False) course_role = db.Column(EnumType(CourseRole, name="course_role"), nullable=False, index=True) group_name = db.Column(db.String(255), nullable=True, index=True) # relationships # user many-to-many course with association user_course user = db.relationship("User", foreign_keys=[user_id], back_populates="user_courses") course = db.relationship("Course", back_populates="user_courses") # hyprid and other functions user_uuid = association_proxy('user', 'uuid') course_uuid = association_proxy('course', 'uuid') @classmethod def __declare_last__(cls): super(cls, cls).__declare_last__() __table_args__ = ( # prevent duplicate user in course db.UniqueConstraint('course_id', 'user_id', name='_unique_user_and_course'), DefaultTableMixin.default_table_args)
class Course(DefaultTableMixin, UUIDMixin, ActiveMixin, WriteTrackingMixin): __tablename__ = 'course' # table columns name = db.Column(db.String(255), nullable=False) year = db.Column(db.Integer, nullable=False) term = db.Column(db.String(255), nullable=False) sandbox = db.Column(db.Boolean(), nullable=False, default=False, index=True) start_date = db.Column(db.DateTime(timezone=True), nullable=True) end_date = db.Column(db.DateTime(timezone=True), nullable=True) # relationships # user many-to-many course with association user_course user_courses = db.relationship("UserCourse", back_populates="course", lazy="dynamic") assignments = db.relationship("Assignment", backref="course", lazy="dynamic") grades = db.relationship("CourseGrade", backref="course", lazy='dynamic') groups = db.relationship("Group", backref="course", lazy='dynamic') # lti lti_contexts = db.relationship("LTIContext", backref="compair_course", lazy='dynamic') # hybrid and other functions @hybrid_property def lti_linked(self): return self.lti_context_count > 0 @hybrid_property def lti_has_sis_data(self): return self.lti_context_sis_count > 0 @hybrid_property def lti_sis_data(self): sis_data = {} for lti_context in self.lti_contexts.all(): sis_course_id = lti_context.lis_course_offering_sourcedid sis_section_id = lti_context.lis_course_section_sourcedid if not sis_course_id or not sis_section_id: continue sis_data.setdefault(sis_course_id, []).append(sis_section_id) return sis_data @hybrid_property def available(self): now = dateutil.parser.parse(datetime.datetime.utcnow().replace(tzinfo=pytz.utc).isoformat()) # must be after start date if set if self.start_date and self.start_date.replace(tzinfo=pytz.utc) > now: return False # must be before end date if set if self.end_date and now >= self.end_date.replace(tzinfo=pytz.utc): return False return True @hybrid_property def start_date_order(self): if self.start_date: return self.start_date elif self.min_assignment_answer_start: return self.min_assignment_answer_start else: return self.created @start_date_order.expression def start_date_order(cls): return case([ (cls.start_date != None, cls.start_date), (cls.min_assignment_answer_start != None, cls.min_assignment_answer_start) ], else_ = cls.created) def calculate_grade(self, user): from . import CourseGrade CourseGrade.calculate_grade(self, user) def calculate_group_grade(self, group): from . import CourseGrade CourseGrade.calculate_group_grade(self, group) def calculate_grades(self): from . import CourseGrade CourseGrade.calculate_grades(self) def clear_lti_links(self): for lti_context in self.lti_contexts.all(): lti_context.compair_course_id = None for assignment in self.assignments.all(): assignment.clear_lti_links() @classmethod def get_by_uuid_or_404(cls, model_uuid, joinedloads=[], title=None, message=None): if not title: title = "Course Unavailable" if not message: message = "Sorry, this course was deleted or is no longer accessible." return super(cls, cls).get_by_uuid_or_404(model_uuid, joinedloads, title, message) @classmethod def get_active_by_uuid_or_404(cls, model_uuid, joinedloads=[], title=None, message=None): if not title: title = "Course Unavailable" if not message: message = "Sorry, this course was deleted or is no longer accessible." return super(cls, cls).get_active_by_uuid_or_404(model_uuid, joinedloads, title, message) @classmethod def __declare_last__(cls): from .lti_models import LTIContext from . import Assignment, UserCourse, CourseRole super(cls, cls).__declare_last__() cls.groups_locked = column_property( exists([1]). where(and_( Assignment.course_id == cls.id, Assignment.active == True, Assignment.enable_group_answers == True, or_( and_(Assignment.compare_start == None, Assignment.answer_end <= sql_utcnow()), and_(Assignment.compare_start != None, Assignment.compare_start <= sql_utcnow()) ) )), deferred=True, group="group_associates" ) cls.min_assignment_answer_start = column_property( select([func.min(Assignment.answer_start)]). where(and_( Assignment.course_id == cls.id, Assignment.active == True )). scalar_subquery(), deferred=True, group="min_associates" ) cls.lti_context_count = column_property( select([func.count(LTIContext.id)]). where(LTIContext.compair_course_id == cls.id). scalar_subquery(), deferred=True, group="counts" ) cls.lti_context_sis_count = column_property( select([func.count(LTIContext.id)]). where(and_( LTIContext.compair_course_id == cls.id, LTIContext.lis_course_offering_sourcedid != None, LTIContext.lis_course_section_sourcedid != None, )). scalar_subquery(), deferred=True, group="counts" ) cls.assignment_count = column_property( select([func.count(Assignment.id)]). where(and_( Assignment.course_id == cls.id, Assignment.active == True )). scalar_subquery(), deferred=True, group="counts" ) cls.student_assignment_count = column_property( select([func.count(Assignment.id)]). where(and_( Assignment.course_id == cls.id, Assignment.active == True, Assignment.answer_start <= sql_utcnow() )). scalar_subquery(), deferred=True, group="counts" ) cls.student_count = column_property( select([func.count(UserCourse.id)]). where(and_( UserCourse.course_id == cls.id, UserCourse.course_role == CourseRole.student )). scalar_subquery(), deferred=True, group="counts" )
class Assignment(DefaultTableMixin, UUIDMixin, ActiveMixin, WriteTrackingMixin): __tablename__ = 'assignment' # table columns user_id = db.Column(db.Integer, db.ForeignKey('user.id', ondelete="CASCADE"), nullable=False) course_id = db.Column(db.Integer, db.ForeignKey('course.id', ondelete="CASCADE"), nullable=False) file_id = db.Column(db.Integer, db.ForeignKey('file.id', ondelete="SET NULL"), nullable=True) name = db.Column(db.String(255)) description = db.Column(db.Text) answer_start = db.Column(db.DateTime(timezone=True)) answer_end = db.Column(db.DateTime(timezone=True)) compare_start = db.Column(db.DateTime(timezone=True), nullable=True) compare_end = db.Column(db.DateTime(timezone=True), nullable=True) self_eval_start = db.Column(db.DateTime(timezone=True), nullable=True) self_eval_end = db.Column(db.DateTime(timezone=True), nullable=True) self_eval_instructions = db.Column(db.Text, nullable=True) number_of_comparisons = db.Column(db.Integer, nullable=False) students_can_reply = db.Column(db.Boolean(), default=False, nullable=False) enable_self_evaluation = db.Column(db.Boolean(), default=False, nullable=False) enable_group_answers = db.Column(db.Boolean(), default=False, nullable=False) scoring_algorithm = db.Column(Enum(ScoringAlgorithm), nullable=True, default=ScoringAlgorithm.elo) pairing_algorithm = db.Column(Enum(PairingAlgorithm), nullable=True, default=PairingAlgorithm.random) rank_display_limit = db.Column(db.Integer, nullable=True) educators_can_compare = db.Column(db.Boolean(), default=False, nullable=False) answer_grade_weight = db.Column(db.Integer, default=1, nullable=False) comparison_grade_weight = db.Column(db.Integer, default=1, nullable=False) self_evaluation_grade_weight = db.Column(db.Integer, default=1, nullable=False) peer_feedback_prompt = db.Column(db.Text) # relationships # user via User Model # course via Course Model # file via File Model # assignment many-to-many criterion with association assignment_criteria assignment_criteria = db.relationship( "AssignmentCriterion", back_populates="assignment", order_by=AssignmentCriterion.position.asc(), collection_class=ordering_list('position', count_from=0)) answers = db.relationship("Answer", backref="assignment", lazy="dynamic", order_by=Answer.submission_date.desc()) comparisons = db.relationship("Comparison", backref="assignment", lazy="dynamic") comparison_examples = db.relationship("ComparisonExample", backref="assignment", lazy="dynamic") scores = db.relationship("AnswerScore", backref="assignment", lazy="dynamic") criteria_scores = db.relationship("AnswerCriterionScore", backref="assignment", lazy="dynamic") grades = db.relationship("AssignmentGrade", backref="assignment", lazy='dynamic') # lti lti_resource_links = db.relationship("LTIResourceLink", backref="compair_assignment", lazy='dynamic') # hybrid and other functions course_uuid = association_proxy('course', 'uuid') user_avatar = association_proxy('user', 'avatar') user_uuid = association_proxy('user', 'uuid') user_displayname = association_proxy('user', 'displayname') user_student_number = association_proxy('user', 'student_number') user_fullname = association_proxy('user', 'fullname') user_fullname_sortable = association_proxy('user', 'fullname_sortable') user_system_role = association_proxy('user', 'system_role') lti_course_linked = association_proxy('course', 'lti_linked') @hybrid_property def lti_linked(self): return self.lti_resource_link_count > 0 @hybrid_property def criteria(self): criteria = [] for assignment_criterion in self.assignment_criteria: if assignment_criterion.active and assignment_criterion.criterion.active: criterion = assignment_criterion.criterion criterion.weight = assignment_criterion.weight criteria.append(criterion) return criteria @hybrid_property def compared(self): return self.all_compare_count > 0 @hybrid_property def answered(self): return self.comparable_answer_count > 0 def completed_comparison_count_for_user(self, user_id): return self.comparisons \ .filter_by( user_id=user_id, completed=True ) \ .count() def draft_comparison_count_for_user(self, user_id): return self.comparisons \ .filter_by( user_id=user_id, draft=True ) \ .count() def clear_lti_links(self): for lti_resource_link in self.lti_resource_links.all(): lti_resource_link.compair_assignment_id = None @hybrid_property def available(self): now = dateutil.parser.parse( datetime.datetime.utcnow().replace(tzinfo=pytz.utc).isoformat()) answer_start = self.answer_start.replace(tzinfo=pytz.utc) return answer_start <= now @hybrid_property def answer_period(self): now = dateutil.parser.parse( datetime.datetime.utcnow().replace(tzinfo=pytz.utc).isoformat()) answer_start = self.answer_start.replace(tzinfo=pytz.utc) answer_end = self.answer_end.replace(tzinfo=pytz.utc) return answer_start <= now < answer_end @hybrid_property def answer_grace(self): now = dateutil.parser.parse( datetime.datetime.utcnow().replace(tzinfo=pytz.utc).isoformat()) grace = self.answer_end.replace(tzinfo=pytz.utc) + datetime.timedelta( seconds=60) # add 60 seconds answer_start = self.answer_start.replace(tzinfo=pytz.utc) return answer_start <= now < grace @hybrid_property def compare_period(self): now = dateutil.parser.parse( datetime.datetime.utcnow().replace(tzinfo=pytz.utc).isoformat()) answer_end = self.answer_end.replace(tzinfo=pytz.utc) if not self.compare_start: return now >= answer_end else: return self.compare_start.replace( tzinfo=pytz.utc) <= now < self.compare_end.replace( tzinfo=pytz.utc) @hybrid_property def compare_grace(self): now = dateutil.parser.parse( datetime.datetime.utcnow().replace(tzinfo=pytz.utc).isoformat()) if self.compare_start and self.compare_end: grace = self.compare_end.replace( tzinfo=pytz.utc) + datetime.timedelta( seconds=60) # add 60 seconds compare_start = self.compare_start.replace(tzinfo=pytz.utc) return compare_start <= now < grace else: answer_end = self.answer_end.replace(tzinfo=pytz.utc) return now >= answer_end @hybrid_property def after_comparing(self): now = dateutil.parser.parse( datetime.datetime.utcnow().replace(tzinfo=pytz.utc).isoformat()) answer_end = self.answer_end.replace(tzinfo=pytz.utc) # compare period not set if not self.compare_start: return now >= answer_end # compare period is set else: return now >= self.compare_end.replace(tzinfo=pytz.utc) @hybrid_property def self_eval_period(self): now = dateutil.parser.parse( datetime.datetime.utcnow().replace(tzinfo=pytz.utc).isoformat()) if not self.enable_self_evaluation: return False elif self.self_eval_start: return self.self_eval_start.replace( tzinfo=pytz.utc) <= now < self.self_eval_end.replace( tzinfo=pytz.utc) else: if self.compare_start: return now >= self.compare_start.replace(tzinfo=pytz.utc) else: return now >= self.answer_end.replace(tzinfo=pytz.utc) @hybrid_property def self_eval_grace(self): now = dateutil.parser.parse( datetime.datetime.utcnow().replace(tzinfo=pytz.utc).isoformat()) if not self.enable_self_evaluation: return False elif self.self_eval_start: grace = self.self_eval_end.replace( tzinfo=pytz.utc) + datetime.timedelta( seconds=60) # add 60 seconds return self.self_eval_start.replace(tzinfo=pytz.utc) <= now < grace else: if self.compare_start: return now >= self.compare_start.replace(tzinfo=pytz.utc) else: return now >= self.answer_end.replace(tzinfo=pytz.utc) @hybrid_property def evaluation_count(self): return self.compare_count + self.self_evaluation_count @hybrid_property def total_comparisons_required(self): return self.number_of_comparisons + self.comparison_example_count @hybrid_property def total_steps_required(self): return self.total_comparisons_required + ( 1 if self.enable_self_evaluation else 0) def calculate_grade(self, user): from . import AssignmentGrade AssignmentGrade.calculate_grade(self, user) def calculate_group_grade(self, group): from . import AssignmentGrade AssignmentGrade.calculate_group_grade(self, group) def calculate_grades(self): from . import AssignmentGrade AssignmentGrade.calculate_grades(self) @classmethod def validate_periods(cls, course_start, course_end, answer_start, answer_end, compare_start, compare_end, self_eval_start, self_eval_end): # validate answer period if answer_start == None: return (False, "No answer period start time provided.") elif answer_end == None: return (False, "No answer period end time provided.") course_start = course_start.replace( tzinfo=pytz.utc) if course_start else None course_end = course_end.replace( tzinfo=pytz.utc) if course_end else None answer_start = answer_start.replace(tzinfo=pytz.utc) answer_end = answer_end.replace(tzinfo=pytz.utc) # course start <= answer start < answer end <= course end if course_start and course_start > answer_start: return ( False, "Answer period start time must be after the course start time." ) elif answer_start >= answer_end: return ( False, "Answer period end time must be after the answer start time.") elif course_end and course_end < answer_end: return ( False, "Answer period end time must be before the course end time.") # validate compare period if compare_start == None and compare_end != None: return (False, "No compare period start time provided.") elif compare_start != None and compare_end == None: return (False, "No compare period end time provided.") elif compare_start != None and compare_end != None: compare_start = compare_start.replace(tzinfo=pytz.utc) compare_end = compare_end.replace(tzinfo=pytz.utc) # answer start < compare start < compare end <= course end if answer_start > compare_start: return ( False, "Compare period start time must be after the answer start time." ) elif compare_start > compare_end: return ( False, "Compare period end time must be after the compare start time." ) elif course_end and course_end < compare_end: return ( False, "Compare period end time must be before the course end time." ) # validate self-eval period if self_eval_start == None and self_eval_end != None: return (False, "No self-evaluation start time provided.") elif self_eval_start != None and self_eval_end == None: return (False, "No self-evaluation end time provided.") elif self_eval_start != None and self_eval_end != None: self_eval_start = self_eval_start.replace(tzinfo=pytz.utc) self_eval_end = self_eval_end.replace(tzinfo=pytz.utc) # self_eval start < self_eval end <= course end if self_eval_start > self_eval_end: return ( False, "Self-evaluation end time must be after the self-evaluation start time." ) elif course_end and course_end < self_eval_end: return ( False, "Self-evaluation end time must be before the course end time." ) # if comparison period defined: compare start < self_eval start if compare_start != None and compare_start > self_eval_start: return ( False, "Self-evaluation start time must be after the compare start time." ) # else: answer end < self_eval start # elif compare_start == None and answer_end >= self_eval_start: # return (False, "Self-evaluation start time must be after the answer end time.") return (True, None) @classmethod def get_by_uuid_or_404(cls, model_uuid, joinedloads=[], title=None, message=None): if not title: title = "Assignment Unavailable" if not message: message = "Sorry, this assignment was deleted or is no longer accessible." return super(cls, cls).get_by_uuid_or_404(model_uuid, joinedloads, title, message) @classmethod def get_active_by_uuid_or_404(cls, model_uuid, joinedloads=[], title=None, message=None): if not title: title = "Assignment Unavailable" if not message: message = "Sorry, this assignment was deleted or is no longer accessible." return super(cls, cls).get_active_by_uuid_or_404(model_uuid, joinedloads, title, message) @classmethod def __declare_last__(cls): from . import UserCourse, CourseRole, LTIResourceLink, Group super(cls, cls).__declare_last__() cls.answer_count = column_property(select([ func.count(Answer.id) ]).select_from( join(Answer, UserCourse, UserCourse.user_id == Answer.user_id, isouter=True).join( Group, Group.id == Answer.group_id, isouter=True)).where( and_( Answer.assignment_id == cls.id, Answer.active == True, Answer.draft == False, Answer.practice == False, or_( and_( UserCourse.course_id == cls.course_id, UserCourse.course_role != CourseRole.dropped, UserCourse.id != None), and_(Group.course_id == cls.course_id, Group.active == True, Group.id != None), ))).scalar_subquery(), deferred=True, group="counts") cls.student_answer_count = column_property(select([ func.count(Answer.id) ]).select_from( join(Answer, UserCourse, UserCourse.user_id == Answer.user_id, isouter=True).join( Group, Group.id == Answer.group_id, isouter=True)).where( and_( Answer.assignment_id == cls.id, Answer.active == True, Answer.draft == False, Answer.practice == False, or_( and_( UserCourse.course_id == cls.course_id, UserCourse.course_role == CourseRole.student, UserCourse.id != None), and_(Group.course_id == cls.course_id, Group.active == True, Group.id != None), ))).scalar_subquery(), deferred=True, group="counts") # Comparable answer count # To be consistent with student_answer_count, we are not counting # answers from sys admin here cls.comparable_answer_count = column_property(select([ func.count(Answer.id) ]).select_from( join(Answer, UserCourse, UserCourse.user_id == Answer.user_id, isouter=True).join( Group, Group.id == Answer.group_id, isouter=True)).where( and_( Answer.assignment_id == cls.id, Answer.active == True, Answer.draft == False, Answer.practice == False, Answer.comparable == True, or_( and_( UserCourse.course_id == cls.course_id, UserCourse.course_role != CourseRole.dropped, UserCourse.id != None), and_(Group.course_id == cls.course_id, Group.active == True, Group.id != None), ))).scalar_subquery(), deferred=True, group="counts") cls.comparison_example_count = column_property(select( [func.count(ComparisonExample.id)]).where( and_(ComparisonExample.assignment_id == cls.id, ComparisonExample.active == True)).scalar_subquery(), deferred=True, group="counts") cls.all_compare_count = column_property(select([ func.count(Comparison.id) ]).where(and_(Comparison.assignment_id == cls.id)).scalar_subquery(), deferred=True, group="counts") cls.compare_count = column_property(select([func.count( Comparison.id)]).where( and_(Comparison.assignment_id == cls.id, Comparison.completed == True)).scalar_subquery(), deferred=True, group="counts") cls.self_evaluation_count = column_property(select([ func.count(AnswerComment.id) ]).select_from( join(AnswerComment, Answer, AnswerComment.answer_id == Answer.id)).where( and_( AnswerComment.comment_type == AnswerCommentType.self_evaluation, AnswerComment.active == True, AnswerComment.answer_id == Answer.id, AnswerComment.draft == False, Answer.assignment_id == cls.id)).scalar_subquery(), deferred=True, group="counts") cls.lti_resource_link_count = column_property(select([ func.count(LTIResourceLink.id) ]).where( LTIResourceLink.compair_assignment_id == cls.id).scalar_subquery(), deferred=True, group="counts")
class User(DefaultTableMixin, UUIDMixin, WriteTrackingMixin, UserMixin): __tablename__ = 'user' # table columns global_unique_identifier = db.Column( db.String(191), nullable=True) #should be treated as write once and only once username = db.Column(db.String(191), unique=True, nullable=True) _password = db.Column(db.String(255), unique=False, nullable=True) system_role = db.Column(EnumType(SystemRole), nullable=False, index=True) displayname = db.Column(db.String(255), nullable=False) email = db.Column(db.String(254), nullable=True) # email addresses are max 254 characters firstname = db.Column(db.String(255), nullable=True) lastname = db.Column(db.String(255), nullable=True) student_number = db.Column(db.String(50), unique=True, nullable=True) last_online = db.Column(db.DateTime) email_notification_method = db.Column( EnumType(EmailNotificationMethod), nullable=False, default=EmailNotificationMethod.enable, index=True) # relationships # user many-to-many course with association user_course user_courses = db.relationship("UserCourse", foreign_keys='UserCourse.user_id', back_populates="user") course_grades = db.relationship("CourseGrade", foreign_keys='CourseGrade.user_id', backref="user", lazy='dynamic') assignments = db.relationship("Assignment", foreign_keys='Assignment.user_id', backref="user", lazy='dynamic') assignment_grades = db.relationship("AssignmentGrade", foreign_keys='AssignmentGrade.user_id', backref="user", lazy='dynamic') answers = db.relationship("Answer", foreign_keys='Answer.user_id', backref="user", lazy='dynamic') answer_comments = db.relationship("AnswerComment", foreign_keys='AnswerComment.user_id', backref="user", lazy='dynamic') criteria = db.relationship("Criterion", foreign_keys='Criterion.user_id', backref="user", lazy='dynamic') files = db.relationship("File", foreign_keys='File.user_id', backref="user", lazy='dynamic') kaltura_files = db.relationship("KalturaMedia", foreign_keys='KalturaMedia.user_id', backref="user", lazy='dynamic') comparisons = db.relationship("Comparison", foreign_keys='Comparison.user_id', backref="user", lazy='dynamic') # third party authentification third_party_auths = db.relationship("ThirdPartyUser", foreign_keys='ThirdPartyUser.user_id', backref="user", lazy='dynamic') # lti authentification lti_user_links = db.relationship("LTIUser", foreign_keys='LTIUser.compair_user_id', backref="compair_user", lazy='dynamic') # hybrid and other functions @property def password(self): return self._password @password.setter def password(self, password): self._password = hash_password(password) if password != None else None @hybrid_property def fullname(self): if self.firstname and self.lastname: return '%s %s' % (self.firstname, self.lastname) elif self.firstname: # only first name provided return self.firstname elif self.lastname: # only last name provided return self.lastname elif self.displayname: return self.displayname else: return None @hybrid_property def fullname_sortable(self): if self.firstname and self.lastname and self.system_role == SystemRole.student and self.student_number: return '%s, %s (%s)' % (self.lastname, self.firstname, self.student_number) elif self.firstname and self.lastname: return '%s, %s' % (self.lastname, self.firstname) elif self.firstname: # only first name provided return self.firstname elif self.lastname: # only last name provided return self.lastname elif self.displayname: return self.displayname else: return None @hybrid_property def avatar(self): """ According to gravatar's hash specs 1.Trim leading and trailing whitespace from an email address 2.Force all characters to lower-case 3.md5 hash the final string """ hash_input = None if self.system_role != SystemRole.student and self.email: hash_input = self.email elif self.uuid: hash_input = self.uuid + "@compair" m = hashlib.md5() m.update(hash_input.strip().lower().encode('utf-8')) return m.hexdigest() @hybrid_property def uses_compair_login(self): # third party auth users may have their username not set return self.username != None and current_app.config['APP_LOGIN_ENABLED'] @hybrid_property def lti_linked(self): return self.lti_user_link_count > 0 @hybrid_property def has_third_party_auth(self): return self.third_party_auth_count > 0 def verify_password(self, password): if self.password == None or not current_app.config['APP_LOGIN_ENABLED']: return False pwd_context = getattr(security, current_app.config['PASSLIB_CONTEXT']) return pwd_context.verify(password, self.password) def update_last_online(self): self.last_online = datetime.utcnow() db.session.add(self) db.session.commit() def generate_session_token(self): """ Generate a session token that identifies the user login session. Since the flask wll generate the same session _id for the same IP and browser agent combination, it is hard to distinguish the users by session from the activity log """ key = str(self.id) + '-' + str(time.time()) return hashlib.md5(key.encode('UTF-8')).hexdigest() # This could be used for token based authentication # def generate_auth_token(self, expiration=60): # s = Serializer(current_app.config['SECRET_KEY'], expires_in=expiration) # return s.dumps({'id': self.id}) @classmethod def get_user_course_role(cls, user_id, course_id): from . import UserCourse user_course = UserCourse.query \ .filter_by( course_id=course_id, user_id=user_id ) \ .one_or_none() return user_course.course_role if user_course else None def get_course_role(self, course_id): """ Return user's course role by course id """ for user_course in self.user_courses: if user_course.course_id == course_id: return user_course.course_role return None @classmethod def get_user_course_group(cls, user_id, course_id): from . import UserCourse user_course = UserCourse.query \ .options(joinedload('group')) \ .filter_by( course_id=course_id, user_id=user_id ) \ .one_or_none() return user_course.group if user_course else None def get_course_group(self, course_id): """ Return user's course group by course id """ for user_course in self.user_courses: if user_course.course_id == course_id: return user_course.group return None @classmethod def get_by_uuid_or_404(cls, model_uuid, joinedloads=[], title=None, message=None): if not title: title = "User Unavailable" if not message: message = "Sorry, this user was deleted or is no longer accessible." return super(cls, cls).get_by_uuid_or_404(model_uuid, joinedloads, title, message) @classmethod def get_active_by_uuid_or_404(cls, model_uuid, joinedloads=[], title=None, message=None): if not title: title = "User Unavailable" if not message: message = "Sorry, this user was deleted or is no longer accessible." return super(cls, cls).get_active_by_uuid_or_404(model_uuid, joinedloads, title, message) @classmethod def __declare_last__(cls): from .lti_models import LTIUser from . import ThirdPartyUser super(cls, cls).__declare_last__() cls.third_party_auth_count = column_property(select([ func.count(ThirdPartyUser.id) ]).where(ThirdPartyUser.user_id == cls.id).scalar_subquery(), deferred=True, group="counts") cls.lti_user_link_count = column_property(select([ func.count(LTIUser.id) ]).where(LTIUser.compair_user_id == cls.id).scalar_subquery(), deferred=True, group="counts") __table_args__ = ( # prevent duplicate user in course db.UniqueConstraint('global_unique_identifier', name='_unique_global_unique_identifier'), DefaultTableMixin.default_table_args)
class LTIContext(DefaultTableMixin, WriteTrackingMixin): __tablename__ = 'lti_context' # table columns lti_consumer_id = db.Column(db.Integer, db.ForeignKey("lti_consumer.id", ondelete="CASCADE"), nullable=False) context_id = db.Column(db.String(255), nullable=False) context_type = db.Column(db.String(255), nullable=True) context_title = db.Column(db.String(255), nullable=True) ext_ims_lis_memberships_id = db.Column(db.String(255), nullable=True) ext_ims_lis_memberships_url = db.Column(db.Text, nullable=True) custom_context_memberships_url = db.Column(db.Text, nullable=True) compair_course_id = db.Column(db.Integer, db.ForeignKey("course.id", ondelete="CASCADE"), nullable=True) # relationships # compair_course via Course Model # lti_consumer via LTIConsumer Model lti_memberships = db.relationship("LTIMembership", backref="lti_context", lazy="dynamic") lti_resource_links = db.relationship("LTIResourceLink", backref="lti_context") # hyprid and other functions compair_course_uuid = association_proxy('compair_course', 'uuid') @hybrid_property def membership_enabled(self): return self.membership_ext_enabled or self.membership_service_enabled @hybrid_property def membership_ext_enabled(self): return self.ext_ims_lis_memberships_url and self.ext_ims_lis_memberships_id @hybrid_property def membership_service_enabled(self): return self.custom_context_memberships_url def is_linked_to_course(self): return self.compair_course_id != None def update_enrolment(self, compair_user_id, course_role): from . import UserCourse if self.is_linked_to_course(): user_course = UserCourse.query \ .filter_by( user_id=compair_user_id, course_id=self.compair_course_id ) \ .one_or_none() if user_course is None: # create new enrollment new_user_course = UserCourse(user_id=compair_user_id, course_id=self.compair_course_id, course_role=course_role) db.session.add(new_user_course) else: user_course.course_role = course_role db.session.commit() @classmethod def get_by_lti_consumer_id_and_context_id(cls, lti_consumer_id, context_id): return LTIContext.query \ .filter_by( lti_consumer_id=lti_consumer_id, context_id=context_id ) \ .one_or_none() @classmethod def get_by_tool_provider(cls, lti_consumer, tool_provider): if tool_provider.context_id == None: return None lti_context = LTIContext.get_by_lti_consumer_id_and_context_id( lti_consumer.id, tool_provider.context_id) if lti_context == None: lti_context = LTIContext(lti_consumer_id=lti_consumer.id, context_id=tool_provider.context_id) db.session.add(lti_context) lti_context.context_type = tool_provider.context_type lti_context.context_title = tool_provider.context_title lti_context.ext_ims_lis_memberships_id = tool_provider.ext_ims_lis_memberships_id lti_context.ext_ims_lis_memberships_url = tool_provider.ext_ims_lis_memberships_url if tool_provider.custom_context_memberships_url: lti_context.custom_context_memberships_url = tool_provider.custom_context_memberships_url db.session.commit() return lti_context @classmethod def __declare_last__(cls): super(cls, cls).__declare_last__() __table_args__ = (db.UniqueConstraint( 'lti_consumer_id', 'context_id', name='_unique_lti_consumer_and_lti_context'), DefaultTableMixin.default_table_args)
class LTIMembership(DefaultTableMixin, WriteTrackingMixin): __tablename__ = 'lti_membership' # table columns lti_context_id = db.Column(db.Integer, db.ForeignKey("lti_context.id", ondelete="CASCADE"), nullable=False) lti_user_id = db.Column(db.Integer, db.ForeignKey("lti_user.id", ondelete="CASCADE"), nullable=False) roles = db.Column(db.String(255), nullable=True) lis_result_sourcedid = db.Column(db.String(255), nullable=True) lis_result_sourcedids = db.Column(db.Text, nullable=True) course_role = db.Column(Enum(CourseRole, name="course_role"), nullable=False) compair_course_id = association_proxy('lti_context', 'compair_course_id') compair_user_id = association_proxy('lti_user', 'compair_user_id') # relationships # lti_conext via LTIContext Model # lti_user via LTIUser Model # hybrid and other functions context_id = association_proxy('lti_context', 'context_id') user_id = association_proxy('lti_user', 'user_id') @classmethod def update_membership_for_course(cls, course): from . import MembershipNoValidContextsException valid_membership_contexts = [ lti_context for lti_context in course.lti_contexts if lti_context.membership_enabled ] if len(valid_membership_contexts) == 0: raise MembershipNoValidContextsException lti_members = [] for lti_context in valid_membership_contexts: members = LTIMembership._get_membership(lti_context) lti_members += LTIMembership._update_membership_for_context( lti_context, members) LTIMembership._update_enrollment_for_course(course.id, lti_members) @classmethod def _update_membership_for_context(cls, lti_context, members): from compair.models import SystemRole, CourseRole, \ LTIUser, LTIUserResourceLink lti_resource_links = lti_context.lti_resource_links # remove old membership rows LTIMembership.query \ .filter_by( lti_context_id=lti_context.id ) \ .delete() # retrieve existing lti_user rows user_ids = [] for member in members: user_ids.append(member['user_id']) existing_lti_users = [] if len(user_ids) > 0: existing_lti_users = LTIUser.query \ .filter(and_( LTIUser.lti_consumer_id == lti_context.lti_consumer_id, LTIUser.user_id.in_(user_ids) )) \ .all() # get existing lti_user_resource_link if there there exists lti users and known resource links for context existing_lti_user_resource_links = [] if len(existing_lti_users) > 0 and len(lti_resource_links) > 0: lti_resource_link_ids = [ lti_resource_link.id for lti_resource_link in lti_resource_links ] existing_lti_user_ids = [ existing_lti_user.id for existing_lti_user in existing_lti_users ] existing_lti_user_resource_links = LTIUserResourceLink.query \ .filter(and_( LTIUserResourceLink.lti_resource_link_id.in_(lti_resource_link_ids), LTIUserResourceLink.lti_user_id.in_(existing_lti_user_ids) )) \ .all() new_lti_users = [] new_lti_user_resource_links = [] lti_memberships = [] for member in members: # get lti user if exists lti_user = next((lti_user for lti_user in existing_lti_users if lti_user.user_id == member.get('user_id')), None) roles = member.get('roles') has_instructor_role = any( role.lower().find("instructor") >= 0 or role.lower().find( "faculty") >= 0 or role.lower().find("staff") >= 0 for role in roles) has_ta_role = any(role.lower().find("teachingassistant") >= 0 for role in roles) # create lti user if doesn't exist if not lti_user: lti_user = LTIUser(lti_consumer_id=lti_context.lti_consumer_id, user_id=member.get('user_id')) new_lti_users.append(lti_user) # update/set fields if needed lti_user.system_role = SystemRole.instructor if has_instructor_role else SystemRole.student lti_user.lis_person_name_given = member.get('person_name_given') lti_user.lis_person_name_family = member.get('person_name_family') lti_user.lis_person_name_full = member.get('person_name_full') lti_user.handle_fullname_with_missing_first_and_last_name() lti_user.lis_person_contact_email_primary = member.get( 'person_contact_email_primary') lti_user.lis_person_sourcedid = member.get('lis_person_sourcedid') if member.get('global_unique_identifier'): lti_user.global_unique_identifier = member.get( 'global_unique_identifier') if member.get('student_number'): lti_user.student_number = member.get('student_number') if not lti_user.is_linked_to_user( ) and lti_user.global_unique_identifier: lti_user.generate_or_link_user_account() course_role = CourseRole.student if has_instructor_role: course_role = CourseRole.instructor elif has_ta_role: course_role = CourseRole.teaching_assistant # create new lti membership row lti_membership = LTIMembership( lti_user=lti_user, lti_context=lti_context, roles=text_type(roles), lis_result_sourcedid=member.get('lis_result_sourcedid'), lis_result_sourcedids=json.dumps( member.get('lis_result_sourcedids')) if member.get('lis_result_sourcedids') else None, course_role=course_role) lti_memberships.append(lti_membership) # if membership includes lis_result_sourcedids, create/update lti user resource links if member.get('lis_result_sourcedids'): for lis_result_sourcedid_set in member.get( 'lis_result_sourcedids'): lti_resource_link = next( lti_resource_link for lti_resource_link in lti_resource_links if lti_resource_link.resource_link_id == lis_result_sourcedid_set['resource_link_id']) if not lti_resource_link: continue lti_user_resource_link = None if len(existing_lti_user_resource_links ) > 0 and lti_user.id: # get lti user resource link if exists lti_user_resource_link = next( (lti_user_resource_link for lti_user_resource_link in existing_lti_user_resource_links if lti_user_resource_link.lti_user_id == lti_user. id and lti_user_resource_link.lti_resource_link_id == lti_resource_link.id), None) # create new lti user resource link if needed if not lti_user_resource_link: lti_user_resource_link = LTIUserResourceLink( lti_resource_link=lti_resource_link, lti_user=lti_user, roles=text_type(roles), course_role=course_role) new_lti_user_resource_links.append( lti_user_resource_link) # finally update the lis_result_sourcedid value for the user resource link lti_user_resource_link.lis_result_sourcedid = lis_result_sourcedid_set[ 'lis_result_sourcedid'] db.session.add_all(new_lti_users) db.session.add_all(existing_lti_users) db.session.add_all(lti_memberships) db.session.add_all(new_lti_user_resource_links) db.session.add_all(existing_lti_user_resource_links) # save new lti users db.session.commit() return lti_memberships @classmethod def _update_enrollment_for_course(cls, course_id, lti_members): from compair.models import UserCourse user_courses = UserCourse.query \ .filter_by(course_id=course_id) \ .all() new_user_courses = [] for lti_member in lti_members: if lti_member.compair_user_id != None: user_course = next( (user_course for user_course in user_courses if user_course.user_id == lti_member.compair_user_id), None) # add new user_course if doesn't exist if user_course == None: user_course = UserCourse( course_id=course_id, user_id=lti_member.compair_user_id, course_role=lti_member.course_role) new_user_courses.append(user_course) # update user_course role else: user_course.course_role = lti_member.course_role # update user profile if needed lti_member.lti_user.update_user_profile() db.session.add_all(new_user_courses) db.session.commit() # set user_course to dropped role if missing from membership results and not current user for user_course in user_courses: # never unenrol current_user if current_user and current_user.is_authenticated and user_course.user_id == current_user.id: continue lti_member = next( (lti_member for lti_member in lti_members if user_course.user_id == lti_member.compair_user_id), None) if lti_member == None: user_course.course_role = CourseRole.dropped db.session.commit() @classmethod def _get_membership(cls, lti_context): if lti_context.membership_ext_enabled: return LTIMembership._get_membership_ext(lti_context) elif lti_context.membership_service_enabled: return LTIMembership._get_membership_service(lti_context) return [] @classmethod def _get_membership_ext(cls, lti_context): lti_consumer = lti_context.lti_consumer memberships_id = lti_context.ext_ims_lis_memberships_id memberships_url = lti_context.ext_ims_lis_memberships_url params = { 'id': memberships_id, 'lti_message_type': 'basic-lis-readmembershipsforcontext', 'lti_version': 'LTI-1p0', 'oauth_callback': 'about:blank' } request = requests.Request('POST', memberships_url, data=params).prepare() sign = OAuth1(lti_consumer.oauth_consumer_key, lti_consumer.oauth_consumer_secret, signature_type=SIGNATURE_TYPE_BODY, signature_method=SIGNATURE_HMAC) signed_request = sign(request) params = parse_qs(signed_request.body.decode('utf-8')) data = LTIMembership._post_membership_request(memberships_url, params) root = ElementTree.fromstring(data.encode('utf-8')) codemajor = root.find('statusinfo/codemajor') if codemajor is not None and codemajor.text in [ 'Failure', 'Unsupported' ]: raise MembershipInvalidRequestException if root.find('memberships') == None or len( root.findall('memberships/member')) == 0: raise MembershipNoResultsException members = [] for record in root.findall('memberships/member'): roles_text = record.findtext('roles') member = { 'user_id': record.findtext('user_id'), 'roles': roles_text.split(",") if roles_text != None else [], 'global_unique_identifier': None, 'student_number': None, 'lis_result_sourcedid': record.findtext('lis_result_sourcedid'), 'person_contact_email_primary': record.findtext('person_contact_email_primary'), 'person_name_given': record.findtext('person_name_given'), 'person_name_family': record.findtext('person_name_family'), 'person_name_full': record.findtext('person_name_full') } # find global unique identifier if available if lti_consumer.global_unique_identifier_param and record.findtext( lti_consumer.global_unique_identifier_param): member['global_unique_identifier'] = record.findtext( lti_consumer.global_unique_identifier_param) if lti_consumer.custom_param_regex_sanitizer and lti_consumer.global_unique_identifier_param.startswith( 'custom_'): regex = re.compile( lti_consumer.custom_param_regex_sanitizer) member['global_unique_identifier'] = regex.sub( '', member['global_unique_identifier']) if member['global_unique_identifier'] == '': member['global_unique_identifier'] = None # find student number if available if lti_consumer.student_number_param and record.findtext( lti_consumer.student_number_param): member['student_number'] = record.findtext( lti_consumer.student_number_param) if lti_consumer.custom_param_regex_sanitizer and lti_consumer.student_number_param.startswith( 'custom_'): regex = re.compile( lti_consumer.custom_param_regex_sanitizer) member['student_number'] = regex.sub( '', member['student_number']) if member['student_number'] == '': member['student_number'] = None members.append(member) return members @classmethod def _get_membership_service(cls, lti_context): # possible parameters are role, lis_result_sourcedid, limit lti_consumer = lti_context.lti_consumer memberships_url = lti_context.custom_context_memberships_url lti_resource_links = lti_context.lti_resource_links members = [] while True: headers = { 'Accept': 'application/vnd.ims.lis.v2.membershipcontainer+json' } request = requests.Request('GET', memberships_url, headers=headers).prepare() # Note: need to use LTIMemerbshipServiceOauthClient since normal client will # not include oauth_body_hash if there is not content type or the body is None sign = OAuth1(lti_consumer.oauth_consumer_key, lti_consumer.oauth_consumer_secret, signature_type=SIGNATURE_TYPE_AUTH_HEADER, signature_method=SIGNATURE_HMAC, client_class=LTIMemerbshipServiceOauthClient) # sign = OAuth1(lti_consumer.oauth_consumer_key, lti_consumer.oauth_consumer_secret, # signature_type=SIGNATURE_TYPE_AUTH_HEADER, signature_method=SIGNATURE_HMAC) signed_request = sign(request) headers = signed_request.headers data = LTIMembership._get_membership_request( memberships_url, headers) if data == None: break membership = data['pageOf']['membershipSubject']['membership'] if len(membership) == 0: raise MembershipNoResultsException for record in membership: if record.get('status').find("Inactive") >= 0: continue member = { 'user_id': record['member'].get('userId'), 'roles': record.get('role'), 'lis_person_sourcedid': record['member'].get('sourcedId'), 'global_unique_identifier': None, 'student_number': None, 'person_contact_email_primary': record['member'].get('email'), 'person_name_given': record['member'].get('givenName'), 'person_name_family': record['member'].get('familyName'), 'person_name_full': record['member'].get('name') } if (lti_consumer.global_unique_identifier_param or lti_consumer.student_number_param ) and 'message' in record: for message in record['message']: if not message[ 'message_type'] == 'basic-lti-launch-request': continue # find global unique identifier if present in membership result if lti_consumer.global_unique_identifier_param: # check if global_unique_identifier_param is a basic lti parameter if lti_consumer.global_unique_identifier_param in message: member['global_unique_identifier'] = message[ lti_consumer. global_unique_identifier_param] # check if global_unique_identifier_param is an extension and present elif lti_consumer.global_unique_identifier_param.startswith( 'ext_'): ext_global_unique_identifier = lti_consumer.global_unique_identifier_param[ len('ext_'):] if ext_global_unique_identifier in message[ 'ext']: member[ 'global_unique_identifier'] = message[ 'ext'][ ext_global_unique_identifier] # check if global_unique_identifier_param is an custom attribute and present elif lti_consumer.global_unique_identifier_param.startswith( 'custom_'): custom_global_unique_identifier = lti_consumer.global_unique_identifier_param[ len('custom_'):] if custom_global_unique_identifier in message[ 'custom']: member[ 'global_unique_identifier'] = message[ 'custom'][ custom_global_unique_identifier] # get student number if present in membership result if lti_consumer.student_number_param: # check if student_number_param is a basic lti parameter if lti_consumer.student_number_param in message: member['student_number'] = message[ lti_consumer.student_number_param] # check if student_number_param is an extension and present elif lti_consumer.student_number_param.startswith( 'ext_'): ext_student_number = lti_consumer.student_number_param[ len('ext_'):] if ext_student_number in message['ext']: member['student_number'] = message['ext'][ ext_student_number] # check if student_number_param is an custom attribute and present elif lti_consumer.student_number_param.startswith( 'custom_'): custom_student_number = lti_consumer.student_number_param[ len('custom_'):] if custom_student_number in message['custom']: member['student_number'] = message[ 'custom'][custom_student_number] members.append(member) # check if another page or else finish memberships_url = data.get('nextPage') if not memberships_url: break # get lis_result_sourcedid for all resource links known to the system for lti_resource_link in lti_resource_links: memberships_url = lti_context.custom_context_memberships_url # add role t0 membership url query string memberships_url += "?" if memberships_url.find("?") == -1 else "&" memberships_url += "role=Learner" # add rlid to membership url query string memberships_url += "&rlid={}".format( lti_resource_link.resource_link_id) while True: headers = { 'Accept': 'application/vnd.ims.lis.v2.membershipcontainer+json' } request = requests.Request('GET', memberships_url, headers=headers).prepare() # Note: need to use LTIMemerbshipServiceOauthClient since normal client will # not include oauth_body_hash if there is not content type or the body is None sign = OAuth1(lti_consumer.oauth_consumer_key, lti_consumer.oauth_consumer_secret, signature_type=SIGNATURE_TYPE_AUTH_HEADER, signature_method=SIGNATURE_HMAC, client_class=LTIMemerbshipServiceOauthClient) # sign = OAuth1(lti_consumer.oauth_consumer_key, lti_consumer.oauth_consumer_secret, # signature_type=SIGNATURE_TYPE_AUTH_HEADER, signature_method=SIGNATURE_HMAC) signed_request = sign(request) headers = signed_request.headers data = LTIMembership._get_membership_request( memberships_url, headers) if data == None: break membership = data['pageOf']['membershipSubject']['membership'] if len(membership) == 0: continue for record in membership: if record.get('status').find("Inactive") >= 0: continue member = next( (member for member in members if member['user_id'] == record['member'].get('userId') ), None) if not member or not 'message' in record: continue for message in record['message']: if not message[ 'message_type'] == 'basic-lti-launch-request' or not 'lis_result_sourcedid' in message: continue lis_result_sourcedid_array = member.setdefault( 'lis_result_sourcedids', []) lis_result_sourcedid_array.append({ 'resource_link_id': lti_resource_link.resource_link_id, 'lis_result_sourcedid': message['lis_result_sourcedid'] }) # check if another page or else finish memberships_url = data.get('nextPage') if not memberships_url: break return members @classmethod def _post_membership_request(cls, memberships_url, params): verify = current_app.config.get('ENFORCE_SSL', True) return requests.post(memberships_url, data=params, verify=verify).text @classmethod def _get_membership_request(cls, memberships_url, headers=None): verify = current_app.config.get('ENFORCE_SSL', True) rv = requests.get(memberships_url, headers=headers, verify=verify) if rv.content: return rv.json() return None @classmethod def __declare_last__(cls): super(cls, cls).__declare_last__() __table_args__ = ( # prevent duplicate resource link in consumer db.UniqueConstraint('lti_context_id', 'lti_user_id', name='_unique_lti_context_and_lti_user'), DefaultTableMixin.default_table_args)
class LTIUserResourceLink(DefaultTableMixin, WriteTrackingMixin): __tablename__ = 'lti_user_resource_link' # table columns lti_resource_link_id = db.Column(db.Integer, db.ForeignKey("lti_resource_link.id", ondelete="CASCADE"), nullable=False) lti_user_id = db.Column(db.Integer, db.ForeignKey("lti_user.id", ondelete="CASCADE"), nullable=False) roles = db.Column(db.String(255), nullable=True) lis_result_sourcedid = db.Column(db.String(255), nullable=True) course_role = db.Column(EnumType(CourseRole), nullable=False) # relationships # lti_user via LTIUser Model # lti_resource_link via LTIResourceLink Model # hybrid and other functions context_id = association_proxy('lti_resource_link', 'context_id') resource_link_id = association_proxy('lti_resource_link', 'resource_link_id') user_id = association_proxy('lti_user', 'user_id') compair_user_id = association_proxy('lti_user', 'compair_user_id') @classmethod def get_by_lti_resource_link_id_and_lti_user_id(cls, lti_resource_link_id, lti_user_id): return LTIUserResourceLink.query \ .filter_by( lti_resource_link_id=lti_resource_link_id, lti_user_id=lti_user_id ) \ .one_or_none() @classmethod def get_by_tool_provider(cls, lti_resource_link, lti_user, tool_provider): from . import CourseRole lti_user_resource_link = LTIUserResourceLink.get_by_lti_resource_link_id_and_lti_user_id( lti_resource_link.id, lti_user.id) if lti_user_resource_link == None: lti_user_resource_link = LTIUserResourceLink( lti_resource_link_id=lti_resource_link.id, lti_user_id=lti_user.id ) db.session.add(lti_user_resource_link) lti_user_resource_link.roles = text_type(tool_provider.roles) lti_user_resource_link.lis_result_sourcedid = tool_provider.lis_result_sourcedid # set course role every time if tool_provider.roles and any( role.lower().find("instructor") >= 0 or role.lower().find("faculty") >= 0 or role.lower().find("staff") >= 0 for role in tool_provider.roles ): lti_user_resource_link.course_role = CourseRole.instructor elif tool_provider.roles and any(role.lower().find("teachingassistant") >= 0 for role in tool_provider.roles): lti_user_resource_link.course_role = CourseRole.teaching_assistant else: lti_user_resource_link.course_role = CourseRole.student db.session.commit() return lti_user_resource_link @classmethod def __declare_last__(cls): super(cls, cls).__declare_last__() __table_args__ = ( # prevent duplicate resource link in consumer db.UniqueConstraint('lti_resource_link_id', 'lti_user_id', name='_unique_lti_resource_link_and_lti_user'), DefaultTableMixin.default_table_args )
class ThirdPartyUser(DefaultTableMixin, UUIDMixin, WriteTrackingMixin): __tablename__ = 'third_party_user' # table columns third_party_type = db.Column(EnumType(ThirdPartyType), nullable=False) unique_identifier = db.Column(db.String(191), nullable=False) user_id = db.Column(db.Integer, db.ForeignKey("user.id", ondelete="CASCADE"), nullable=False) _params = db.Column(db.Text) # relationships # user via User Model user_uuid = association_proxy('user', 'uuid') # hybrid and other functions @property def params(self): return json.loads(self._params) if self._params else None @params.setter def params(self, params): self._params = json.dumps(params) if params else None @property def global_unique_identifier(self): if self.params: global_unique_identifier_attribute = None if self.third_party_type == ThirdPartyType.cas: global_unique_identifier_attribute = current_app.config.get('CAS_GLOBAL_UNIQUE_IDENTIFIER_FIELD') elif self.third_party_type == ThirdPartyType.saml: global_unique_identifier_attribute = current_app.config.get('SAML_GLOBAL_UNIQUE_IDENTIFIER_FIELD') if global_unique_identifier_attribute and global_unique_identifier_attribute in self.params: global_unique_identifier = self.params.get(global_unique_identifier_attribute) if isinstance(global_unique_identifier, list): global_unique_identifier = global_unique_identifier[0] if len(global_unique_identifier) > 0 else None return global_unique_identifier return None @classmethod def __declare_last__(cls): super(cls, cls).__declare_last__() __table_args__ = ( # prevent duplicate user in course db.UniqueConstraint('third_party_type', 'unique_identifier', name='_unique_third_party_type_and_unique_identifier'), DefaultTableMixin.default_table_args ) @classmethod def get_by_uuid_or_404(cls, model_uuid, joinedloads=[], title=None, message=None): if not title: title = "Third Party User Unavailable" if not message: message = "Sorry, this third party user was deleted or is no longer accessible." return super(cls, cls).get_by_uuid_or_404(model_uuid, joinedloads, title, message) def generate_or_link_user_account(self): from . import SystemRole, User if not self.user: # check if global_unique_identifier user already exists if self.global_unique_identifier: self.user = User.query \ .filter_by(global_unique_identifier=self.global_unique_identifier) \ .one_or_none() if not self.user: self.user = User( username=None, password=None, system_role=self._get_system_role(), global_unique_identifier=self.global_unique_identifier ) self._sync_name() self._sync_email() if self.user.system_role == SystemRole.student: self._sync_student_number() # instructors can have their display names set to their full name by default if self.user.system_role != SystemRole.student and self.user.fullname != None: self.user.displayname = self.user.fullname else: self.user.displayname = display_name_generator(self.user.system_role.value) def update_user_profile(self): if self.user and self.user.system_role == SystemRole.student and self.params: # overwrite first/last name if student not allowed to change it if not current_app.config.get('ALLOW_STUDENT_CHANGE_NAME'): self._sync_name() # overwrite email if student not allowed to change it if not current_app.config.get('ALLOW_STUDENT_CHANGE_EMAIL'): self._sync_email() # overwrite student number if student not allowed to change it if not current_app.config.get('ALLOW_STUDENT_CHANGE_STUDENT_NUMBER'): self._sync_student_number() def _sync_name(self): if self.params: firstname_attribute = lastname_attribute = None if self.third_party_type == ThirdPartyType.cas: firstname_attribute = current_app.config.get('CAS_ATTRIBUTE_FIRST_NAME') lastname_attribute = current_app.config.get('CAS_ATTRIBUTE_LAST_NAME') elif self.third_party_type == ThirdPartyType.saml: firstname_attribute = current_app.config.get('SAML_ATTRIBUTE_FIRST_NAME') lastname_attribute = current_app.config.get('SAML_ATTRIBUTE_LAST_NAME') if firstname_attribute and firstname_attribute in self.params: first_name = self.params.get(firstname_attribute) if isinstance(first_name, list): first_name = first_name[0] if len(first_name) > 0 else None self.user.firstname = first_name if lastname_attribute and lastname_attribute in self.params: last_name = self.params.get(lastname_attribute) if isinstance(last_name, list): last_name = last_name[0] if len(last_name) > 0 else None self.user.lastname = last_name def _sync_email(self): if self.params: email_attribute = None if self.third_party_type == ThirdPartyType.cas: email_attribute = current_app.config.get('CAS_ATTRIBUTE_EMAIL') elif self.third_party_type == ThirdPartyType.saml: email_attribute = current_app.config.get('SAML_ATTRIBUTE_EMAIL') if email_attribute and email_attribute in self.params: email = self.params.get(email_attribute) if isinstance(email, list): email = email[0] if len(email) > 0 else None self.user.email = email def _sync_student_number(self): if self.params: student_number_attribute = None if self.third_party_type == ThirdPartyType.cas: student_number_attribute = current_app.config.get('CAS_ATTRIBUTE_STUDENT_NUMBER') elif self.third_party_type == ThirdPartyType.saml: student_number_attribute = current_app.config.get('SAML_ATTRIBUTE_STUDENT_NUMBER') if student_number_attribute and student_number_attribute in self.params: student_number = self.params.get(student_number_attribute) if isinstance(student_number, list): student_number = student_number[0] if len(student_number) > 0 else None self.user.student_number = student_number def _get_system_role(self): from . import SystemRole if self.params: user_roles_attribute = instructor_role_values = None if self.third_party_type == ThirdPartyType.cas: user_roles_attribute = current_app.config.get('CAS_ATTRIBUTE_USER_ROLE') instructor_role_values = list(current_app.config.get('CAS_INSTRUCTOR_ROLE_VALUES')) if self.third_party_type == ThirdPartyType.saml: user_roles_attribute = current_app.config.get('SAML_ATTRIBUTE_USER_ROLE') instructor_role_values = list(current_app.config.get('SAML_INSTRUCTOR_ROLE_VALUES')) if user_roles_attribute and instructor_role_values and user_roles_attribute in self.params: user_roles = self.params.get(user_roles_attribute) if not isinstance(user_roles, list): user_roles = [user_roles] for user_role in user_roles: if user_role in instructor_role_values: return SystemRole.instructor return SystemRole.student def upgrade_system_role(self): # upgrade system role is needed if self.user and self.params and self._get_system_role(): system_role = self._get_system_role() if self.user.system_role == SystemRole.student and system_role == SystemRole.instructor: self.user.system_role = system_role db.session.commit()
class LTIUser(DefaultTableMixin, WriteTrackingMixin): __tablename__ = 'lti_user' # table columns lti_consumer_id = db.Column(db.Integer, db.ForeignKey("lti_consumer.id", ondelete="CASCADE"), nullable=False) user_id = db.Column(db.String(255), nullable=False) lis_person_name_given = db.Column(db.String(255), nullable=True) lis_person_name_family = db.Column(db.String(255), nullable=True) lis_person_name_full = db.Column(db.String(255), nullable=True) lis_person_contact_email_primary = db.Column(db.String(255), nullable=True) compair_user_id = db.Column(db.Integer, db.ForeignKey("user.id", ondelete="CASCADE"), nullable=True) system_role = db.Column(EnumType(SystemRole, name="system_role"), nullable=False) # relationships # user via User Model # lti_consumer via LTIConsumer Model lti_memberships = db.relationship("LTIMembership", backref="lti_user", lazy="dynamic") lti_user_resource_links = db.relationship("LTIUserResourceLink", backref="lti_user", lazy="dynamic") # hyprid and other functions def is_linked_to_user(self): return self.compair_user_id != None @classmethod def get_by_lti_consumer_id_and_user_id(cls, lti_consumer_id, user_id): return LTIUser.query \ .filter_by( lti_consumer_id=lti_consumer_id, user_id=user_id ) \ .one_or_none() @classmethod def get_by_tool_provider(cls, lti_consumer, tool_provider): from . import SystemRole if tool_provider.user_id == None: return None lti_user = LTIUser.get_by_lti_consumer_id_and_user_id( lti_consumer.id, tool_provider.user_id) if not lti_user: lti_user = LTIUser( lti_consumer_id=lti_consumer.id, user_id=tool_provider.user_id, system_role=SystemRole.instructor \ if tool_provider.is_instructor() \ else SystemRole.student ) db.session.add(lti_user) lti_user.lis_person_name_given = tool_provider.lis_person_name_given lti_user.lis_person_name_family = tool_provider.lis_person_name_family lti_user.lis_person_name_full = tool_provider.lis_person_name_full lti_user.lis_person_contact_email_primary = tool_provider.lis_person_contact_email_primary db.session.commit() return lti_user def upgrade_system_role(self): # upgrade system role is needed if self.is_linked_to_user(): if self.compair_user.system_role == SystemRole.student and self.system_role in [ SystemRole.instructor, SystemRole.sys_admin ]: self.compair_user.system_role = self.system_role elif self.compair_user.system_role == SystemRole.instructor and self.system_role == SystemRole.sys_admin: self.compair_user.system_role = self.system_role db.session.commit() @classmethod def __declare_last__(cls): super(cls, cls).__declare_last__() __table_args__ = ( # prevent duplicate resource link in consumer db.UniqueConstraint('lti_consumer_id', 'user_id', name='_unique_lti_consumer_and_lti_user'), DefaultTableMixin.default_table_args)
class LTIResourceLink(DefaultTableMixin, WriteTrackingMixin): __tablename__ = 'lti_resource_link' # table columns lti_consumer_id = db.Column(db.Integer, db.ForeignKey("lti_consumer.id", ondelete="CASCADE"), nullable=False) lti_context_id = db.Column(db.Integer, db.ForeignKey("lti_context.id", ondelete="CASCADE"), nullable=True) resource_link_id = db.Column(db.String(191), nullable=False) resource_link_title = db.Column(db.String(255), nullable=True) launch_presentation_return_url = db.Column(db.Text, nullable=True) custom_param_assignment_id = db.Column(db.String(255), nullable=True) compair_assignment_id = db.Column(db.Integer, db.ForeignKey("assignment.id", ondelete="CASCADE"), nullable=True) # relationships # compair_assignment via Assignment Model # lti_consumer via LTIConsumer Model # lti_context via LTIContext Model lti_user_resource_links = db.relationship("LTIUserResourceLink", backref="lti_resource_link", lazy="dynamic") # hybrid and other functions context_id = association_proxy('lti_context', 'context_id') compair_assignment_uuid = association_proxy('compair_assignment', 'uuid') def is_linked_to_assignment(self): return self.compair_assignment_id != None def _update_link_to_compair_assignment(self, lti_context): from compair.models import Assignment if self.custom_param_assignment_id and lti_context and lti_context.compair_course_id: # check if assignment exists assignment = Assignment.query \ .filter_by( uuid=self.custom_param_assignment_id, course_id=lti_context.compair_course_id, active=True ) \ .one_or_none() if assignment: self.compair_assignment = assignment return self self.compair_assignment = None return self @classmethod def get_by_lti_consumer_id_and_resource_link_id(cls, lti_consumer_id, resource_link_id): return LTIResourceLink.query \ .filter_by( lti_consumer_id=lti_consumer_id, resource_link_id=resource_link_id ) \ .one_or_none() @classmethod def get_by_tool_provider(cls, lti_consumer, tool_provider, lti_context=None): lti_resource_link = LTIResourceLink.get_by_lti_consumer_id_and_resource_link_id( lti_consumer.id, tool_provider.resource_link_id) if lti_resource_link == None: lti_resource_link = LTIResourceLink( lti_consumer_id=lti_consumer.id, resource_link_id=tool_provider.resource_link_id) db.session.add(lti_resource_link) lti_resource_link.lti_context_id = lti_context.id if lti_context else None lti_resource_link.resource_link_title = tool_provider.resource_link_title lti_resource_link.launch_presentation_return_url = tool_provider.launch_presentation_return_url lti_resource_link.custom_param_assignment_id = tool_provider.custom_assignment lti_resource_link._update_link_to_compair_assignment(lti_context) db.session.commit() return lti_resource_link @classmethod def __declare_last__(cls): super(cls, cls).__declare_last__() __table_args__ = ( # prevent duplicate resource link in consumer db.UniqueConstraint('lti_consumer_id', 'resource_link_id', name='_unique_lti_consumer_and_lti_resource_link'), DefaultTableMixin.default_table_args)
class File(DefaultTableMixin, UUIDMixin, WriteTrackingMixin): __tablename__ = 'file' # table columns user_id = db.Column(db.Integer, db.ForeignKey('user.id', ondelete="CASCADE"), nullable=False) kaltura_media_id = db.Column(db.Integer, db.ForeignKey('kaltura_media.id', ondelete="SET NULL"), nullable=True) name = db.Column(db.String(255), nullable=False) alias = db.Column(db.String(255), nullable=False) # relationships # user via User Model # kaltura_media via KalturaMedia Model assignments = db.relationship("Assignment", backref="file", lazy='dynamic') answers = db.relationship("Answer", backref="file", lazy='dynamic') # hyprid and other functions @hybrid_property def extension(self): return self.name.lower().rsplit('.', 1)[1] if '.' in self.name else None @hybrid_property def mimetype(self): mimetype, encoding = mimetypes.guess_type(self.name) return mimetype @hybrid_property def active(self): return self.assignment_count + self.answer_count > 0 @classmethod def get_active_or_404(cls, model_id, joinedloads=[], title=None, message=None): if not title: title = "Attachment Unavailable" if not message: message = "Sorry, this attachment was deleted or is no longer accessible." query = cls.query # load relationships if needed for load_string in joinedloads: query.options(joinedload(load_string)) model = query.get_or_404(model_id) if model is None or not model.active: abort(404, title=title, message=message) return model @classmethod def get_active_by_uuid_or_404(cls, model_uuid, joinedloads=[], title=None, message=None): if not title: title = "Attachment Unavailable" if not message: message = "Sorry, this attachment was deleted or is no longer accessible." query = cls.query # load relationships if needed for load_string in joinedloads: query.options(joinedload(load_string)) model = query.filter_by(uuid=model_uuid).one_or_none() if model is None or not model.active: abort(404, title=title, message=message) return model @classmethod def __declare_last__(cls): super(cls, cls).__declare_last__() cls.assignment_count = column_property( select([func.count(Assignment.id)]). where(and_( Assignment.file_id == cls.id, Assignment.active == True )), deferred=True, group="counts" ) cls.answer_count = column_property( select([func.count(Answer.id)]). where(and_( Answer.file_id == cls.id, Answer.active == True )), deferred=True, group="counts" )
class LTIConsumer(DefaultTableMixin, UUIDMixin, ActiveMixin, WriteTrackingMixin): __tablename__ = 'lti_consumer' # table columns oauth_consumer_key = db.Column(db.String(255), unique=True, nullable=False) oauth_consumer_secret = db.Column(db.String(255), nullable=False) lti_version = db.Column(db.String(20), nullable=True) tool_consumer_instance_guid = db.Column(db.String(255), unique=True, nullable=True) tool_consumer_instance_name = db.Column(db.String(255), nullable=True) tool_consumer_instance_url = db.Column(db.Text, nullable=True) lis_outcome_service_url = db.Column(db.Text, nullable=True) user_id_override = db.Column(db.String(255), nullable=True) # relationships lti_nonces = db.relationship("LTINonce", backref="lti_consumer", lazy="dynamic") lti_contexts = db.relationship("LTIContext", backref="lti_consumer", lazy="dynamic") lti_resource_links = db.relationship("LTIResourceLink", backref="lti_consumer", lazy="dynamic") lti_users = db.relationship("LTIUser", backref="lti_consumer", lazy="dynamic") # hyprid and other functions @classmethod def get_by_consumer_key(cls, consumer_key): return LTIConsumer.query \ .filter_by( active=True, oauth_consumer_key=consumer_key ) \ .one_or_none() @classmethod def get_by_tool_provider(cls, tool_provider): lti_consumer = LTIConsumer.get_by_consumer_key( tool_provider.consumer_key) if lti_consumer == None: return None lti_consumer.lti_version = tool_provider.lti_version lti_consumer.tool_consumer_instance_guid = tool_provider.tool_consumer_instance_guid lti_consumer.tool_consumer_instance_name = tool_provider.tool_consumer_instance_name lti_consumer.tool_consumer_instance_url = tool_provider.tool_consumer_instance_url # do no overwrite lis_outcome_service_url if value is None # some LTI consumers do not always send the lis_outcome_service_url # ex: Canvas when linking from module instead of an assignment if tool_provider.lis_outcome_service_url: lti_consumer.lis_outcome_service_url = tool_provider.lis_outcome_service_url db.session.commit() return lti_consumer @classmethod def get_by_uuid_or_404(cls, model_uuid, joinedloads=[], title=None, message=None): if not title: title = "LTI Consumer Unavailable" if not message: message = "Sorry, this LTI consumer was deleted or is no longer accessible." return super(cls, cls).get_by_uuid_or_404(model_uuid, joinedloads, title, message) @classmethod def get_active_by_uuid_or_404(cls, model_uuid, joinedloads=[], title=None, message=None): if not title: title = "LTI Consumer Unavailable" if not message: message = "Sorry, this LTI consumer was deleted or is no longer accessible." return super(cls, cls).get_active_by_uuid_or_404(model_uuid, joinedloads, title, message) @classmethod def __declare_last__(cls): super(cls, cls).__declare_last__()
class Group(DefaultTableMixin, UUIDMixin, ActiveMixin, WriteTrackingMixin): # table columns course_id = db.Column(db.Integer, db.ForeignKey("course.id", ondelete="CASCADE"), nullable=False) name = db.Column(db.String(255), nullable=True) # relationships # course though Course Model user_courses = db.relationship("UserCourse", back_populates="group", lazy="dynamic") answers = db.relationship("Answer", backref="group") # hybrid and other functions course_uuid = association_proxy('course', 'uuid') group_uuid = association_proxy('group', 'uuid') @hybrid_property def avatar(self): """ According to gravatar's hash specs 1.Trim leading and trailing whitespace from an email address 2.Force all characters to lower-case 3.md5 hash the final string """ hash_input = self.uuid + ".group.@compair" if self.uuid else None m = hashlib.md5() m.update(hash_input.strip().lower().encode('utf-8')) return m.hexdigest() @classmethod def get_by_uuid_or_404(cls, model_uuid, joinedloads=[], title=None, message=None): if not title: title = "Group Unavailable" if not message: message = "Sorry, this group was deleted or is no longer accessible." return super(cls, cls).get_by_uuid_or_404(model_uuid, joinedloads, title, message) @classmethod def get_active_by_uuid_or_404(cls, model_uuid, joinedloads=[], title=None, message=None): if not title: title = "Group Unavailable" if not message: message = "Sorry, this group was deleted or is no longer accessible." return super(cls, cls).get_active_by_uuid_or_404(model_uuid, joinedloads, title, message) @classmethod def __declare_last__(cls): super(cls, cls).__declare_last__() __table_args__ = (db.UniqueConstraint('course_id', 'name', name='uq_course_and_group_name'), DefaultTableMixin.default_table_args)
class LTIUser(DefaultTableMixin, UUIDMixin, WriteTrackingMixin): __tablename__ = 'lti_user' # table columns lti_consumer_id = db.Column(db.Integer, db.ForeignKey("lti_consumer.id", ondelete="CASCADE"), nullable=False) user_id = db.Column(db.String(191), nullable=False) lis_person_name_given = db.Column(db.String(255), nullable=True) lis_person_name_family = db.Column(db.String(255), nullable=True) lis_person_name_full = db.Column(db.String(255), nullable=True) lis_person_contact_email_primary = db.Column(db.String(255), nullable=True) global_unique_identifier = db.Column(db.String(255), nullable=True) compair_user_id = db.Column(db.Integer, db.ForeignKey("user.id", ondelete="CASCADE"), nullable=True) system_role = db.Column(EnumType(SystemRole), nullable=False) student_number = db.Column(db.String(255), nullable=True) lis_person_sourcedid = db.Column(db.String(255), nullable=True) # relationships # compair_user via User Model # lti_consumer via LTIConsumer Model lti_memberships = db.relationship("LTIMembership", backref="lti_user", lazy="dynamic") lti_user_resource_links = db.relationship("LTIUserResourceLink", backref="lti_user", lazy="dynamic") # hybrid and other functions lti_consumer_uuid = association_proxy('lti_consumer', 'uuid') oauth_consumer_key = association_proxy('lti_consumer', 'oauth_consumer_key') compair_user_uuid = association_proxy('compair_user', 'uuid') def is_linked_to_user(self): return self.compair_user_id != None def generate_or_link_user_account(self): from . import SystemRole, User if self.compair_user_id == None and self.global_unique_identifier: self.compair_user = User.query \ .filter_by(global_unique_identifier=self.global_unique_identifier) \ .one_or_none() if not self.compair_user: self.compair_user = User( username=None, password=None, system_role=self.system_role, firstname=self.lis_person_name_given, lastname=self.lis_person_name_family, email=self.lis_person_contact_email_primary, global_unique_identifier=self.global_unique_identifier ) if self.compair_user.system_role == SystemRole.student: self.compair_user.student_number = self.student_number # instructors can have their display names set to their full name by default if self.compair_user.system_role != SystemRole.student and self.compair_user.fullname != None: self.compair_user.displayname = self.compair_user.fullname else: self.compair_user.displayname = display_name_generator(self.compair_user.system_role.value) db.session.commit() @classmethod def get_by_lti_consumer_id_and_user_id(cls, lti_consumer_id, user_id): return LTIUser.query \ .filter_by( lti_consumer_id=lti_consumer_id, user_id=user_id ) \ .one_or_none() @classmethod def get_by_tool_provider(cls, lti_consumer, tool_provider): from . import SystemRole if tool_provider.user_id == None: return None lti_user = LTIUser.get_by_lti_consumer_id_and_user_id( lti_consumer.id, tool_provider.user_id) if not lti_user: lti_user = LTIUser( lti_consumer_id=lti_consumer.id, user_id=tool_provider.user_id, system_role=SystemRole.instructor \ if tool_provider.roles and any( role.lower().find("instructor") >= 0 or role.lower().find("faculty") >= 0 or role.lower().find("staff") >= 0 for role in tool_provider.roles ) \ else SystemRole.student ) db.session.add(lti_user) lti_user.lis_person_name_given = tool_provider.lis_person_name_given lti_user.lis_person_name_family = tool_provider.lis_person_name_family lti_user.lis_person_name_full = tool_provider.lis_person_name_full lti_user.handle_fullname_with_missing_first_and_last_name() lti_user.lis_person_contact_email_primary = tool_provider.lis_person_contact_email_primary lti_user.lis_person_sourcedid = tool_provider.lis_person_sourcedid if lti_consumer.global_unique_identifier_param and lti_consumer.global_unique_identifier_param in tool_provider.launch_params: lti_user.global_unique_identifier = tool_provider.launch_params[lti_consumer.global_unique_identifier_param] if lti_consumer.custom_param_regex_sanitizer and lti_consumer.global_unique_identifier_param.startswith('custom_'): regex = re.compile(lti_consumer.custom_param_regex_sanitizer) lti_user.global_unique_identifier = regex.sub('', lti_user.global_unique_identifier) if lti_user.global_unique_identifier == '': lti_user.global_unique_identifier = None else: lti_user.global_unique_identifier = None if lti_consumer.student_number_param and lti_consumer.student_number_param in tool_provider.launch_params: lti_user.student_number = tool_provider.launch_params[lti_consumer.student_number_param] if lti_consumer.custom_param_regex_sanitizer and lti_consumer.student_number_param.startswith('custom_'): regex = re.compile(lti_consumer.custom_param_regex_sanitizer) lti_user.student_number = regex.sub('', lti_user.student_number) if lti_user.student_number == '': lti_user.student_number = None else: lti_user.student_number = None if not lti_user.is_linked_to_user() and lti_user.global_unique_identifier: lti_user.generate_or_link_user_account() db.session.commit() return lti_user @classmethod def get_by_uuid_or_404(cls, model_uuid, joinedloads=[], title=None, message=None): if not title: title = "LTI User Unavailable" if not message: message = "Sorry, this LTI user was deleted or is no longer accessible." return super(cls, cls).get_by_uuid_or_404(model_uuid, joinedloads, title, message) # relationships def update_user_profile(self): if self.compair_user and self.compair_user.system_role == SystemRole.student: # overwrite first/last name if student not allowed to change it if not current_app.config.get('ALLOW_STUDENT_CHANGE_NAME'): self.compair_user.firstname = self.lis_person_name_given self.compair_user.lastname = self.lis_person_name_family # overwrite email if student not allowed to change it if not current_app.config.get('ALLOW_STUDENT_CHANGE_EMAIL'): self.compair_user.email = self.lis_person_contact_email_primary # overwrite student number if student not allowed to change it and lti_consumer has a student_number_param if not current_app.config.get('ALLOW_STUDENT_CHANGE_STUDENT_NUMBER') and self.lti_consumer.student_number_param: self.compair_user.student_number = self.student_number def upgrade_system_role(self): # upgrade system role is needed if self.compair_user: if self.compair_user.system_role == SystemRole.student and self.system_role in [SystemRole.instructor, SystemRole.sys_admin]: self.compair_user.system_role = self.system_role elif self.compair_user.system_role == SystemRole.instructor and self.system_role == SystemRole.sys_admin: self.compair_user.system_role = self.system_role db.session.commit() def handle_fullname_with_missing_first_and_last_name(self): if self.lis_person_name_full and (not self.lis_person_name_given or not self.lis_person_name_family): full_name_parts = self.lis_person_name_full.split(" ") if len(full_name_parts) >= 2: # assume lis_person_name_given is all but last part self.lis_person_name_given = " ".join(full_name_parts[:-1]) self.lis_person_name_family = full_name_parts[-1] else: # not sure what is first or last name, just assignment both to full name self.lis_person_name_given = self.lis_person_name_full self.lis_person_name_family = self.lis_person_name_full @classmethod def __declare_last__(cls): super(cls, cls).__declare_last__() __table_args__ = ( # prevent duplicate resource link in consumer db.UniqueConstraint('lti_consumer_id', 'user_id', name='_unique_lti_consumer_and_lti_user'), DefaultTableMixin.default_table_args )
class User(DefaultTableMixin, UUIDMixin, WriteTrackingMixin, UserMixin): __tablename__ = 'user' # table columns username = db.Column(db.String(255), unique=True, nullable=True) _password = db.Column(db.String(255), unique=False, nullable=True) system_role = db.Column(EnumType(SystemRole, name="system_role"), nullable=False, index=True) displayname = db.Column(db.String(255), nullable=False) email = db.Column(db.String(254)) # email addresses are max 254 characters firstname = db.Column(db.String(255)) lastname = db.Column(db.String(255)) student_number = db.Column(db.String(50), unique=True, nullable=True) last_online = db.Column(db.DateTime) email_notification_method = db.Column( EnumType(EmailNotificationMethod, name="email_notification_method"), nullable=False, default=EmailNotificationMethod.enable, index=True) # relationships # user many-to-many course with association user_course user_courses = db.relationship("UserCourse", foreign_keys='UserCourse.user_id', back_populates="user") course_grades = db.relationship("CourseGrade", foreign_keys='CourseGrade.user_id', backref="user", lazy='dynamic') assignments = db.relationship("Assignment", foreign_keys='Assignment.user_id', backref="user", lazy='dynamic') assignment_grades = db.relationship("AssignmentGrade", foreign_keys='AssignmentGrade.user_id', backref="user", lazy='dynamic') assignment_comments = db.relationship( "AssignmentComment", foreign_keys='AssignmentComment.user_id', backref="user", lazy='dynamic') answers = db.relationship("Answer", foreign_keys='Answer.user_id', backref="user", lazy='dynamic') answer_comments = db.relationship("AnswerComment", foreign_keys='AnswerComment.user_id', backref="user", lazy='dynamic') criteria = db.relationship("Criterion", foreign_keys='Criterion.user_id', backref="user", lazy='dynamic') files = db.relationship("File", foreign_keys='File.user_id', backref="user", lazy='dynamic') kaltura_files = db.relationship("KalturaMedia", foreign_keys='KalturaMedia.user_id', backref="user", lazy='dynamic') comparisons = db.relationship("Comparison", foreign_keys='Comparison.user_id', backref="user", lazy='dynamic') # third party authentification third_party_auths = db.relationship("ThirdPartyUser", foreign_keys='ThirdPartyUser.user_id', backref="user", lazy='dynamic') # lti authentification lti_user_links = db.relationship("LTIUser", foreign_keys='LTIUser.compair_user_id', backref="compair_user", lazy='dynamic') # hyprid and other functions def _get_password(self): return self._password def _set_password(self, password): self._password = hash_password(password) if password != None else None password = property(_get_password, _set_password) password = synonym('_password', descriptor=password) @hybrid_property def fullname(self): if self.firstname and self.lastname: return '%s %s' % (self.firstname, self.lastname) elif self.firstname: # only first name provided return self.firstname elif self.lastname: # only last name provided return self.lastname else: return None @hybrid_property def fullname_sortable(self): if self.firstname and self.lastname: return '%s, %s' % (self.lastname, self.firstname) elif self.firstname: # only first name provided return self.firstname elif self.lastname: # only last name provided return self.lastname else: return None @hybrid_property def avatar(self): """ According to gravatar's hash specs 1.Trim leading and trailing whitespace from an email address 2.Force all characters to lower-case 3.md5 hash the final string Defaults to a hash of the user's username if no email is available """ hash_input = None if self.system_role != SystemRole.student and self.email: hash_input = self.email elif self.uuid: hash_input = self.uuid + "@compair" m = hashlib.md5() m.update(hash_input.strip().lower().encode('utf-8')) return m.hexdigest() @hybrid_property def uses_compair_login(self): # third party auth users may have their username not set return self.username != None and current_app.config['APP_LOGIN_ENABLED'] def verify_password(self, password): if self.password == None or not current_app.config['APP_LOGIN_ENABLED']: return False pwd_context = getattr(security, current_app.config['PASSLIB_CONTEXT']) return pwd_context.verify(password, self.password) def update_last_online(self): self.last_online = datetime.utcnow() db.session.add(self) db.session.commit() def generate_session_token(self): """ Generate a session token that identifies the user login session. Since the flask wll generate the same session _id for the same IP and browser agent combination, it is hard to distinguish the users by session from the activity log """ key = str(self.id) + str(time.time()) return hashlib.md5(key.encode('UTF-8')).hexdigest() # This could be used for token based authentication # def generate_auth_token(self, expiration=60): # s = Serializer(current_app.config['SECRET_KEY'], expires_in=expiration) # return s.dumps({'id': self.id}) def get_course_role(self, course_id): """ Return user's course role by course id """ for user_course in self.user_courses: if user_course.course_id == course_id: return user_course.course_role return None @classmethod def get_by_uuid_or_404(cls, model_uuid, joinedloads=[], title=None, message=None): if not title: title = "User Unavailable" if not message: message = "Sorry, this user was deleted or is no longer accessible." return super(cls, cls).get_by_uuid_or_404(model_uuid, joinedloads, title, message) @classmethod def get_active_by_uuid_or_404(cls, model_uuid, joinedloads=[], title=None, message=None): if not title: title = "User Unavailable" if not message: message = "Sorry, this user was deleted or is no longer accessible." return super(cls, cls).get_active_by_uuid_or_404(model_uuid, joinedloads, title, message) @classmethod def __declare_last__(cls): super(cls, cls).__declare_last__() # This could be used for token based authentication # def verify_auth_token(token): # s = Serializer(current_app.config['SECRET_KEY']) # try: # data = s.loads(token) # except SignatureExpired: # return None # valid token, but expired # except BadSignature: # return None # invalid token # # if 'id' not in data: # return None # # return data['id']