def get_course_and_check_rights(courseid, taskid=None, allow_all_staff=True):
""" Returns the course with id ```courseid``` and the task with id ```taskid```, and verify the rights of the user.
Raise web.notfound() when there is no such course of if the users has not enough rights.
:param courseid: the course on which to check rights
:param taskid: If not None, returns also the task with id ```taskid```
:param allow_all_staff: allow admins AND tutors to see the page. If false, all only admins.
:returns (Course, Task)
"""
try:
if User.is_logged_in():
course = FrontendCourse(courseid)
if allow_all_staff:
if User.get_username() not in course.get_staff():
raise web.notfound()
else:
if User.get_username() not in course.get_admins():
raise web.notfound()
if taskid is None:
return (course, None)
else:
return (course, course.get_task(taskid))
else:
raise web.notfound()
except:
raise web.notfound()
def get_course_and_check_rights(courseid, taskid=None):
""" Return the course with id, and verify the rights of the user to administer it.
Raise web.notfound() when there is no such course of if the users has not enough rights.
If taskid is not None, also returns tyhe tuple (course, task). """
try:
if User.is_logged_in():
course = FrontendCourse(courseid)
if User.get_username() not in course.get_admins():
raise web.notfound()
if taskid is None:
return course
else:
return (course, course.get_task(taskid))
else:
raise web.notfound()
except:
raise web.notfound()
def POST(self, courseid, taskid):
""" POST a new submission """
if User.is_logged_in():
try:
course = FrontendCourse(courseid)
if not course.is_open_to_user(User.get_username()):
return renderer.course_unavailable()
task = course.get_task(taskid)
if not task.is_visible_by_user(User.get_username()):
return renderer.task_unavailable()
User.get_data().view_task(courseid, taskid)
userinput = web.input()
if "@action" in userinput and userinput["@action"] == "submit":
# Verify rights
if not task.can_user_submit(User.get_username()):
return json.dumps({"status": "error", "text": "The deadline is over"})
# Reparse user input with array for multiple choices
init_var = self.list_multiple_multiple_choices_and_files(task)
userinput = task.adapt_input_for_backend(web.input(**init_var))
if not task.input_is_consistent(userinput):
web.header('Content-Type', 'application/json')
return json.dumps({"status": "error", "text": "Please answer to all the questions. Your responses were not tested."})
del userinput['@action']
# Get debug info if the current user is an admin
debug = User.get_username() in course.get_admins()
# Start the submission
submissionid = submission_manager.add_job(task, userinput, debug)
web.header('Content-Type', 'application/json')
return json.dumps({"status": "ok", "submissionid": str(submissionid)})
elif "@action" in userinput and userinput["@action"] == "check" and "submissionid" in userinput:
if submission_manager.is_done(userinput['submissionid']):
web.header('Content-Type', 'application/json')
result = submission_manager.get_submission(userinput['submissionid'])
result = submission_manager.get_input_from_submission(result)
return self.submission_to_json(result, User.get_username() in course.get_admins())
else:
web.header('Content-Type', 'application/json')
return json.dumps({'status': "waiting"})
elif "@action" in userinput and userinput["@action"] == "load_submission_input" and "submissionid" in userinput:
submission = submission_manager.get_submission(userinput["submissionid"])
submission = submission_manager.get_input_from_submission(submission)
if not submission:
raise web.notfound()
web.header('Content-Type', 'application/json')
return self.submission_to_json(submission, (User.get_username() in course.get_admins()), True)
else:
raise web.notfound()
except:
if web.config.debug:
raise
else:
raise web.notfound()
else:
return renderer.index(False)