Example #1
0
def journal_add_view(context, request):

    if IJournalEntry.providedBy(context):
        entry = context
        project = context.__parent__.__parent__
        add_form = False
    else:
        entry = JournalEntry()
        project = context
        add_form = True

    errors = {}
    defaults = {}

    if 'form.submitted' in request.POST:
        try:
            # FormEncode validation
            defaults = dict(request.POST)
            defaults['indicators'] = request.POST.get('indicators')
            form_result = entry_schema.to_python(request.POST)
        except formencode.validators.Invalid, why:
            errors = why.error_dict
        else:

            session = DBSession()

            # Handle image upload
            if form_result['image'] is not None:
                entry.image = File('image.jpg', form_result['image'].read())

            elif form_result['image_action'] == 'delete' and entry.image:
                session.delete(entry.image)

            entry.date = datetime.now()
            entry.text = form_result['text']
            entry.user = authenticated_user(request)

            # Check whether indicator belongs to this project.
            indicator_query = session.query(Indicator)
            indicator_query = indicator_query.filter(Project.id == project.id)
            indicator_query = indicator_query.join(Project.objectives)
            indicator_query = indicator_query.join(Objective.competences)
            indicator_query = indicator_query.join(Competence.indicator_sets)
            indicator_query = indicator_query.join(IndicatorSet.indicators)
            if form_result['indicators']:
                indicator_query = indicator_query.filter(
                    Indicator.id.in_(form_result['indicators']))
                indicators = indicator_query.all()
                entry.indicators = indicators

            if add_form:
                project.journal_entries.append(entry)

            if ITeacher.providedBy(authenticated_user(request)):
                return HTTPFound(location=model_url(
                    get_root(request)['projects'][project.id], request))
            return HTTPFound(
                location=model_url(authenticated_user(request), request))
Example #2
0
 def test_acl(self):
     from eportfolio.models import Student
     from eportfolio.models import JournalEntry
     
     from eportfolio.security.journal import JournalEntryPermissions
     self.config.registry.registerAdapter(JournalEntryPermissions)
     
     student = Student(email=u'*****@*****.**')
     
     entry = JournalEntry()
     entry.user = student
     
     # Only the author of the journal entry can edit it.
     acl = [
         ('Allow', u'*****@*****.**', 'edit'),
         ('Deny', 'system.Everyone', 'edit'),
         ('Allow', u'*****@*****.**', 'remove'), 
     ]
     
     self.assertEquals(acl, entry.__acl__)
Example #3
0
def journal_add_view(context, request):
    
    if IJournalEntry.providedBy(context):
        entry = context
        project = context.__parent__.__parent__
        add_form = False
    else:
        entry = JournalEntry()
        project = context
        add_form = True
        
    errors = {}
    defaults = {}
    
    if 'form.submitted' in request.POST:
        try:
            # FormEncode validation
            defaults = dict(request.POST)
            defaults['indicators'] = request.POST.get('indicators')
            form_result = entry_schema.to_python(request.POST)
        except formencode.validators.Invalid, why:
            errors=why.error_dict
        else:
            
            session = DBSession()
            
            # Handle image upload
            if form_result['image'] is not None:
                entry.image = File('image.jpg', form_result['image'].read())

            elif form_result['image_action'] == 'delete' and entry.image:
                session.delete(entry.image)
            
            entry.date = datetime.now()
            entry.text = form_result['text']
            entry.user = authenticated_user(request)
            
            # Check whether indicator belongs to this project.
            indicator_query = session.query(Indicator)
            indicator_query = indicator_query.filter(Project.id == project.id)
            indicator_query = indicator_query.join(Project.objectives)
            indicator_query = indicator_query.join(Objective.competences)
            indicator_query = indicator_query.join(Competence.indicator_sets)
            indicator_query = indicator_query.join(IndicatorSet.indicators)
            if form_result['indicators']:
                indicator_query = indicator_query.filter(Indicator.id.in_(form_result['indicators']))
                indicators = indicator_query.all()
                entry.indicators = indicators
            
            if add_form:
                project.journal_entries.append(entry)
                
            if ITeacher.providedBy(authenticated_user(request)):
                return HTTPFound(location = model_url(get_root(request)['projects'][project.id], request))
            return HTTPFound(location = model_url(authenticated_user(request), request))