def suspect(request, **kwargs): h = kwargs.get('hex', '') context = generic_context(request, h) try: if not has_role(context, 'Administrator'): raise IOError('No permission to download relay data set') context['page_title'] = 'Presto Plagiarism Report' ceid = decode(h, context['user_session'].decoder) # get all relay assignments (except clones and dummy students) having # a scan result of 5% or more, and for steps 3 and above 3% or more a_set = Assignment.objects.filter(clone_of__isnull=True, participant__estafette__id=ceid, participant__student__dummy_index=0, time_scanned__gt=DEFAULT_DATE, scan_result__gte=3 ).select_related('case', 'leg', 'participant__student' ).exclude(leg__number__lte=2, scan_result__lte=5 ).order_by('case__letter', 'leg__number', 'time_uploaded') content = '%d suspects\n\n' % len(a_set) for a in a_set: content += '\n%s%d by %s (#%d, %d%%)' % (a.case.letter, a.leg.number, a.participant.student.dummy_name(), a.id, a.scan_result) pr_a = a.predecessor if pr_a in a_set: content += ' -- builds on %s%d by %s (#%d)' % (pr_a.case.letter, pr_a.leg.number, pr_a.participant.student.dummy_name(), pr_a.id) return HttpResponse(content, content_type='text/plain; charset=utf-8') except IOError, e: report_error(context, e) return render(request, 'presto/error.html', context)
def developer(request, **kwargs): context = generic_context(request) # check whether user can have developer role if not change_role(context, 'Developer'): return render(request, 'presto/forbidden.html', context) # check whether a template must be deleted if kwargs.get('action', '') == 'delete-template': try: h = kwargs.get('hex', '') context = generic_context(request, h) etid = decode(h, context['user_session'].decoder) et = EstafetteTemplate.objects.get(pk=etid) log_message('Deleting template %s' % et.name, context['user']) et.delete() except Exception, e: report_error(request, context, e) return render(request, 'presto/error.html', context)
def estafette_view(request, **kwargs): h = kwargs.get('hex', '') context = generic_context(request, h) # check whether user can have instructor role if not change_role(context, 'Instructor'): return render(request, 'presto/forbidden.html', context) # check whether estafette case must be deleted if kwargs.get('action', '') == 'delete-case': try: ecid = decode(h, context['user_session'].decoder) ec = EstafetteCase.objects.get(pk=ecid) # remember the estafette that is being edited e = ec.estafette ec.delete() except Exception, e: report_error(context, e) return render(request, 'presto/error.html', context)
def dataset(request, **kwargs): h = kwargs.get('hex', '') context = generic_context(request, h) try: if not has_role(context, 'Administrator'): raise IOError('No permission to download relay data set') context['page_title'] = 'Presto Relay Dataset' context['no_names'] = True context['identify'] = True ceid = decode(h, context['user_session'].decoder) # get all relay participants except dummy students p_set = Participant.objects.filter(estafette__id=ceid, student__dummy_index=0) # create list of ID - e-mail address data = '\n'.join(['#(%d)\t%s' % (v[0], v[1]) for v in p_set.values_list('id', 'student__user__email')]) # make a temporary zip file with tempfile.SpooledTemporaryFile() as tmp: with zipfile.ZipFile(tmp, 'w', zipfile.ZIP_DEFLATED) as zip_file: # add a text file with (id - e-mail address) for each participant zip_file.writestr('participants.txt', data.encode('utf-8')) for p in p_set: # add data for progress bar context['things_to_do'] = p.things_to_do() # NOTE: context properties will include identities of participants set_history_properties(context, p) context['object'] = p context['base_url'] = '.' data = render_to_string('estafette_history.html', context) data = data.replace('/static/presto', 'presto') zip_file.writestr('p%d.html' % p.id, data.encode('utf-8')) # reset file pointer tmp.seek(0) response = HttpResponse(tmp.read(), content_type='application/zip') response['Content-Disposition'] = 'attachment; filename="relay_dataset.zip"' return response except IOError, e: report_error(context, e) return render(request, 'presto/error.html', context)
def log_file(request, **kwargs): ymd = kwargs.get('date', '') if ymd == '': ymd = timezone.now().strftime('%Y%m%d') context = generic_context(request) try: log_message('Viewing log file %s' % ymd, context['user']) if not has_role(context, 'Administrator'): raise IOError('No permission to view log files') path = os.path.join(settings.LOG_DIR, 'presto-%s.log' % ymd) with codecs.open(path, 'r', encoding='utf8') as log: content = log.read() lines = kwargs.get('lines', '') pattern = unquote(kwargs.get('pattern', '')).decode('utf8') if lines: # show last N lines content = '\n'.join(content.split('\n')[int(lines):]) elif pattern: # show pattern-matching lines, separated by blank line content = '\n\n'.join(re.findall('^.*' + pattern + '.*$', content, re.MULTILINE)) except IOError, e: report_error(context, e) return render(request, 'presto/error.html', context)
def course(request, **kwargs): h = kwargs.get('hex', '') act = kwargs.get('action', '') context = generic_context(request, h) # check whether user can view this course try: cid = decode(h, context['user_session'].decoder) if act == 'delete-relay': # in this case, the course relay ID is passed as hex ce = CourseEstafette.objects.get(pk=cid) c = ce.course else: # otherwise the course ID c = Course.objects.get(pk=cid) # ensure that user is instructor in the course if not (c.manager == context['user'] or c.instructors.filter(id=context['user'].id)): log_message('ACCESS DENIED: Invalid course parameter', context['user']) return render(request, 'presto/forbidden.html', context) except Exception, e: report_error(context, e) return render(request, 'presto/error.html', context)
def picture_queue(request, **kwargs): h = kwargs.get('hex', '') act = kwargs.get('action', '') # check whether user can view this course try: if act in ['delete', 'get']: # NOTE: when getting a picture, the coding keys should NOT be rotated context = generic_context(request, 'NOT') # and the day code should be used to decode the hexed queue picture ID qpid = decode(h, day_code(PQ_DAY_CODE)) qp = QueuePicture.objects.get(pk=qpid) c = qp.course else: # the hex code should be a course ID, and key rotation should proceed as usual context = generic_context(request, h) cid = decode(h, context['user_session'].decoder) c = Course.objects.get(pk=cid) # always ensure that the user is instructor in the course if not (c.manager == context['user'] or c.instructors.filter(id=context['user'].id)): log_message('ACCESS DENIED: Invalid course parameter', context['user']) return render(request, 'presto/forbidden.html', context) except Exception, e: report_error(context, e) return render(request, 'presto/error.html', context)
def history_view(request, **kwargs): h = kwargs.get('hex', '') context = generic_context(request, h) # check whether user can have student role if not change_role(context, 'Student'): return render(request, 'presto/forbidden.html', context) # check whether user is enrolled in any courses cl = Course.objects.filter(coursestudent__user=context['user'] ).annotate(count=Count('coursestudent')) # add this list in readable form to the context (showing multiple enrollments) context['course_list'] = ', '.join( [c.title() + (' <span style="font-weight: 800; color: red">%d×</span>' % c.count if c.count > 1 else '') for c in cl ]) # student (but also instructor in that role) may be enrolled in several courses # NOTE: "dummy" students are included, but not the "instructor" students csl = CourseStudent.objects.filter(user=context['user'], dummy_index__gt=-1) # get the estafettes for all the student's courses (even if they are not active) cel = CourseEstafette.objects.filter( is_deleted=False, is_hidden=False, course__in=[cs.course.id for cs in csl]) # add this list in readable form to the context context['estafette_list'] = ', '.join([ce.title() for ce in cel]) # get the set of all the course student's current participations pl = Participant.objects.filter(estafette__is_deleted=False, estafette__is_hidden=False, student__in=[cs.id for cs in csl] ).order_by('-estafette__start_time') # if user is a "focused" dummy user, retain only this course user's participations if context.has_key('alias'): pl = pl.filter(student=context['csid']) # if h is not set, show the list of participations as a menu if h == '': # start with an empty list (0 participations) context['participations'] = [] # for each participation, create a context entry with properties to be displayed for p in pl: lang = p.estafette.course.language # estafettes "speak" the language of their course steps = p.estafette.estafette.template.nr_of_legs() part = {'object': p, 'lang': lang, 'start': lang.ftime(p.estafette.start_time), 'end': lang.ftime(p.estafette.end_time), 'next_deadline': p.estafette.next_deadline(), 'steps': steps, 'hex': encode(p.id, context['user_session'].encoder), 'progress': '%d/%d' % (p.submitted_steps(), steps), } context['participations'].append(part) # and show the list as a menu context['page_title'] = 'Presto History' return render(request, 'presto/history_view.html', context) # if we get here, h is set, which means that a specific estafette has been selected try: # first validate the hex code pid = decode(h, context['user_session'].decoder) p = Participant.objects.get(pk=pid) context['object'] = p # encode again, because used to get progress chart context['hex'] = encode(p.id, context['user_session'].encoder) # add progress bar data context['things_to_do'] = p.things_to_do() # do not add participant name popups context['identify'] = False # add context fields to be displayed when rendering the template set_history_properties(context, p) # show the full estafette history using the standard page template context['page_title'] = 'Presto History' return render(request, 'presto/estafette_history.html', context) except Exception, e: report_error(context, e) return render(request, 'presto/error.html', context)
def ack_letter(request, **kwargs): # NOTE: downloading a file opens a NEW browser tab/window, meaning that # the coding keys should NOT be rotated; this is achieved by passing "NOT" as test code. context = generic_context(request, 'NOT') # check whether user can have student role if not has_role(context, 'Student'): return render(request, 'presto/forbidden.html', context) try: h = kwargs.get('hex', '') # verify that letter exists # NOTE: since keys have not been rotated, use the ENcoder here! lid = decode(h, context['user_session'].encoder) # get letter properties loa = LetterOfAcknowledgement.objects.get(id=lid) # update fields, but do not save yet because errors may still prevent effective rendering loa.time_last_rendered = timezone.now() loa.rendering_count += 1 # get the dict with relevant LoA properties in user-readable form rd = loa.as_dict() # create letter as PDF pdf = MyFPDF() pdf.add_font('DejaVu', '', DEJAVU_FONT, uni=True) pdf.add_font('DejaVu', 'I', DEJAVU_OBLIQUE_FONT, uni=True) pdf.add_font('DejaVu', 'B', DEJAVU_BOLD_FONT, uni=True) pdf.add_font('DejaVu', 'BI', DEJAVU_BOLD_OBLIQUE_FONT, uni=True) pdf.add_page() # see whether course has a description; if so, make a reference to page 2 and # and prepare the text for this page 2 if rd['CD']: see_page_2 = ' described on page 2' else: see_page_2 = '' # NOTE: if the RID entry (= the referee ID) equals zero, the letter is a participant LoA! if rd['RID'] == 0: pdf.letter_head(rd['AC'], rd['DI'], 'Acknowledgement of Project Relay completion') # add the participant acknowledgement text to the letter text = ''.join([ 'To whom it may concern,\n\n', 'With this letter, DelftX, an on-line learning initiative of Delft University of', ' Technology through edX, congratulates ', rd['FN'], '* for having completed', ' the project relay ', rd['PR'], ' offered as part of the online course ', rd['CN'], see_page_2, '.\n\n', 'A project relay comprises a series of steps: assignments that follow on from', ' each other. In each step, participants must first peer review, appraise, and', ' then build on the preceding step submitted by another participant.\n\n', 'The project relay ', rd['PR'], ' comprised ', rd['SL'], ', where each step posed an intellectual challenge that will have required', ' several hours of work. DelftX appreciates in particular the contribution that', ' participants make to the learning of other participants by giving feedback', ' on their work.\n\n\n', rd['SN'], '\n', rd['SP'] ]) else: pdf.letter_head(rd['AC'], rd['DI'], 'Project Relay Referee Letter of Acknowledgement') # adapt some text fragments to attribute values cases = plural_s(rd['ACC'], 'appeal case') hours = plural_s(rd['XH'], 'hour') # average appreciation is scaled between -1 and 1 if rd['AA'] > 0: appr = ' The participants involved in the appeal were appreciative of the arbitration.' elif rd['AA'] < -0.5: appr = ' Regrettably, the participants involved in the appeal were generally not appreciative of the arbitration.' else: appr = '' if rd['DFC'] == rd['DLC']: period = 'On ' + rd['DLC'] else: period = 'In the period between %s and %s' % (rd['DFC'], rd['DLC']) # add the referee acknowledgement text to the letter text = ''.join([ 'To whom it may concern,\n\n', 'With this letter, DelftX, an on-line learning initiative of Delft University of Technology', ' through edX, wishes to express its gratitude for the additional efforts made by ', rd['FN'], '* while participating in the project relay ', rd['PR'], ' offered as part of the online course ', rd['CN'], see_page_2, '.\n\n', 'A project relay comprises a series of steps: assignments that follow on from each other. ', 'In each step, participants must first peer review, appraise, and then build on the ', 'preceding step submitted by another participant. Participant ', rd['FN'], ' has not only completed the course, but also passed the referee test for ', rd['SL'], ' of the ', rd['PR'], ' project relay. This implies having a better command of the subject', ' taught than regular participants.\n\n', 'Referees arbitrate appeal cases, i.e., situations where the reviewed participant ', 'disagrees with the reviewer\'s critique and/or appraisal. ', period, ', participant ', rd['FN'], ' has arbitrated on ', cases, '. This corresponds to approximately ', hours, ' of work.', appr, '\n\nThe role of referee is indispensable to run project ', 'relays on a large scale. DelftX therefore greatly values participants volunteering to ', 'act as such, since it requires significant effort on top of the regular assignments.\n\n\n', rd['SN'], '\n', rd['SP'] ]) pdf.main_text(text) # add footnote with disclaimer pdf.footnote(rd['EM']) if see_page_2: pdf.page_2(rd) # set document properties if rd['RID'] == 0: task = 'completing a project relay' else: task = 'work as project relay referee' pdf.set_properties(rd['AC'], task, rd['FN'], rd['RC'], rd['TLR']) # output to temporary file temp_file = mkstemp()[1] pdf.output(temp_file, 'F') log_message('Rendering acknowledgement letter for %s' % rd['PR'], context['user']) # push the PDF as attachment to the browser w = FileWrapper(file(temp_file, 'rb')) response = HttpResponse(w, content_type='application/pdf') response[ 'Content-Disposition'] = 'attachment; filename="presto-LoA.pdf"' # now we can assume that the PDF will appear, so the updated letter data can be saved loa.save() return response except Exception, e: report_error(context, e) return render(request, 'presto/error.html', context)
suffix=request.POST.get('suffix', ''), start_time=datetime.strptime(request.POST.get('starts', ''), '%Y-%m-%d %H:%M'), deadline=datetime.strptime(request.POST.get('deadline', ''), '%Y-%m-%d %H:%M'), review_deadline=datetime.strptime( request.POST.get('revsdue', ''), '%Y-%m-%d %H:%M'), end_time=datetime.strptime(request.POST.get('ends', ''), '%Y-%m-%d %H:%M'), questionnaire_template=QuestionnaireTemplate.objects.get( pk=qid), final_reviews=int(request.POST.get('reviews', ''))) ce.save() log_message('Added new estafette to course', context['user']) except Exception, e: report_error(context, e) return render(request, 'presto/error.html', context) # add course properties that need conversion to context context['course'] = { 'object': c, 'start': c.language.fdate(c.start_date), 'end': c.language.fdate(c.end_date), 'manager': prefixed_user_name(c.manager), 'owned': c.manager == context['user'], 'instructors': [{
def download(request, **kwargs): # NOTE: downloading a file opens a NEW browser tab/window, meaning that # the coding keys should NOT be rotated; this is achieved by passing "NOT" as test code. context = generic_context(request, 'NOT') # check whether user can have student or instructor role is_instructor = has_role(context, 'Instructor') if not (has_role(context, 'Student') or is_instructor): return render(request, 'presto/forbidden.html', context) try: h = kwargs.get('hex', '') # verify hex key # NOTE: since keys have not been rotated, use the ENcoder here! aid = decode(h, context['user_session'].encoder) file_name = kwargs.get('file_name', '') # file_name = 'case' indicates a download request for a case attachment if file_name == 'case': ec = EstafetteCase.objects.get(pk=aid) if ec.upload == None: raise ValueError('No attachment file for this case') f = ec.upload.upload_file ext = os.path.splitext(f.name)[1] w = FileWrapper(file(f.path, 'rb')) response = HttpResponse(w, 'application/octet-stream') response['Content-Disposition'] = ( 'attachment; filename="attachment-case-%s%s"' % (ec.letter, ext)) return response # no case attachment? then the download request must concern an assignment work = kwargs.get('work', '') dwnldr = kwargs.get('dwnldr', '') # verify that download is for an existing assignment log_message('Looking for assignment #%d' % aid, context['user']) a = Assignment.objects.get(pk=aid) # get the list of participant uploads for this assignment (or its clone original) # and also the full path to the upload directory if a.clone_of: original = a.clone_of # in case a clone was cloned, keep looking until the "true" original has been found while original.clone_of: original = original.clone_of pul = ParticipantUpload.objects.filter(assignment=original) upl_dir = os.path.join(settings.MEDIA_ROOT, original.participant.upload_dir) else: pul = ParticipantUpload.objects.filter(assignment=a) upl_dir = os.path.join(settings.MEDIA_ROOT, a.participant.upload_dir) log_message('Upload dir = ' + upl_dir, context['user']) # create an empty temporary dir to hold copies of uploaded files temp_dir = os.path.join(upl_dir, 'temp') try: rmtree(temp_dir) except: pass os.mkdir(temp_dir) log_message('TEMP dir: ' + temp_dir, context['user']) if file_name == 'all-zipped': pr_work = 'pr-step%d%s' % (a.leg.number, a.case.letter) zip_dir = os.path.join(temp_dir, pr_work) os.mkdir(zip_dir) # copy the upladed files to the temporary dir ... for pu in pul: real_name = os.path.join(upl_dir, os.path.basename(pu.upload_file.name)) # ... under their formal name, not their actual ext = os.path.splitext(pu.upload_file.name)[1].lower() formal_name = os_path( os.path.join(zip_dir, pu.file_name) + ext) if is_instructor: log_message( 'Copying %s "as is" to ZIP as %s' % (real_name, formal_name), context['user']) # NOTE: for instructors, do NOT anonymize the document copy2(real_name, formal_name) else: log_message( 'Copy-cleaning %s to ZIP as %s' % (real_name, formal_name), context['user']) # strip author data from file and write it to the "work" dir clear_metadata(real_name, formal_name) # compress the files into a single zip file zip_file = make_archive(zip_dir, 'zip', temp_dir, pr_work) response = HttpResponse(FileWrapper(file(zip_file, 'rb')), content_type='application/zip') response['Content-Disposition'] = ( 'attachment; filename="%s.zip"' % pr_work) # always record download in database UserDownload.objects.create(user=context['user_session'].user, assignment=a) # only change time_first_download if it concerns a predecessor's work! if work == 'pre' and a.time_first_download == DEFAULT_DATE: a.time_first_download = timezone.now() a.time_last_download = timezone.now() a.save() return response else: # check whether file name is on "required files" list fl = a.leg.file_list() rf = False for f in fl: if f['name'] == file_name: rf = f if not rf: raise ValueError('Unknown file name: %s' % file_name) # find the corresponding upload pul = pul.filter(file_name=rf['name']) if not pul: raise ValueError('File "%s" not found' % rf['name']) pu = pul.first() # the real file name should not be known to the user real_name = os.path.join(upl_dir, os.path.basename(pu.upload_file.name)) ext = os.path.splitext(pu.upload_file.name)[1] # the formal name is the requested file field plus the document's extension formal_name = os_path(os.path.join(temp_dir, pu.file_name) + ext) if is_instructor: log_message( 'Copying %s "as is" to ZIP as %s' % (real_name, formal_name), context['user']) # NOTE: for instructors, do NOT anonymize the document copy2(real_name, formal_name) else: # strip author data from the file log_message( 'Copy-cleaning %s to %s' % (real_name, formal_name), context['user']) clear_metadata(real_name, formal_name) mime = { '.pdf': 'application/pdf', '.docx': 'application/vnd.openxmlformats-officedocument.wordprocessingml.document', '.xlsx': 'application/vnd.openxmlformats-officedocument.spreadsheetml.sheet', '.pptx': 'application/vnd.openxmlformats-officedocument.presentationml.presentation' } w = FileWrapper(file(settings.LEADING_SLASH + formal_name, 'rb')) response = HttpResponse(w, content_type=mime[ext]) response['Content-Disposition'] = ( 'attachment; filename="%s-%d%s%s"' % (file_name, a.leg.number, a.case.letter, ext)) # always record download in database UserDownload.objects.create(user=context['user_session'].user, assignment=a) # only change time_first_download if it concerns a predecessor's work! if work == 'pre' and a.time_first_download == DEFAULT_DATE: a.time_first_download = timezone.now() a.time_last_download = timezone.now() a.save() # if work is downloaded for the first time by a referee, this should be registered if dwnldr == 'ref': ap = Appeal.objects.filter(review__assignment=a).first() if not ap: raise ValueError('Appeal not found') if ap.time_first_viewed == DEFAULT_DATE: ap.time_first_viewed = timezone.now() ap.save() log_message('First view by referee: ' + unicode(ap), context['user']) return response except Exception, e: report_error(context, e) return render(request, 'presto/error.html', context)