def confirm_apply(request, pk):
"""
After a student presses apply on a proposal, he/she has to confirm the application on this page.
This page also checks whether the user is allowed to apply
:param request:
:param pk: id of the proposal
"""
prop = get_cached_project(pk)
if prop.Status < 4:
raise PermissionDenied(
'This proposal is not public, application is not possible.')
if get_all_applications(request.user, timeslot=prop.TimeSlot).filter(
Q(Proposal=prop)).exists():
return render(request,
'base.html',
context={
'Message': 'You already applied to this proposal.',
'return': 'students:listapplications',
})
return render(request,
'students/apply.html',
context={
'proposal': get_object_or_404(Proposal, pk=pk),
})
def apply(request, pk):
"""
Let a user apply to a proposal. Called after confirmapply.
:param request:
:param pk: id of a proposal.
"""
prop = get_cached_project(pk)
if prop.Status < 4:
raise PermissionDenied(
'This proposal is not public, application is not possible.')
if get_all_applications(
request.user,
timeslot=prop.TimeSlot).count() >= settings.MAX_NUM_APPLICATIONS:
return render(request,
'base.html',
context={
'Message':
'already at max amount of applied proposals<br>'
'retract one first before continuing',
'return':
'students:listapplications',
})
if get_all_applications(request.user, timeslot=prop.TimeSlot).filter(
Q(Proposal=prop)).exists():
return render(request,
'base.html',
context={
'Message': 'You already applied to this proposal.',
'return': 'students:listapplications',
})
track = ApplicationTracking()
track.Proposal = prop
track.Student = request.user
track.Type = 'a'
track.save()
appl = Application()
appl.Proposal = prop
highestprio = get_all_applications(request.user,
timeslot=prop.TimeSlot).aggregate(
Max('Priority'))['Priority__max']
appl.Student = request.user
if highestprio is None:
appl.Priority = 1
else:
appl.Priority = highestprio + 1
appl.save()
return render(request,
'base.html',
context={
'Message':
'Application saved with priority number {}'.format(
appl.Priority),
'return':
'students:listapplications',
})
def wrapper(*args, **kw):
if 'pk' in kw:
pk = int(kw['pk'])
else:
pk = int(args[1])
proj = get_cached_project(pk)
request = args[0]
# user needs to be logged in (so no need for login_required on top of this)
if not request.user.is_authenticated:
page = args[0].path
return redirect_to_login(
next=page,
login_url='index:login',
redirect_field_name='next',
)
# support staf or superusers are always allowed to view
if get_grouptype(
"3") in request.user.groups.all() or request.user.is_superuser:
return fn(*args, **kw)
# user is staffmember and involved in the project
if proj.ResponsibleStaff == request.user \
or request.user in proj.Assistants.all() \
or proj.Track.Head == request.user:
return fn(*args, **kw)
# group administrators can view proposal
if group_administrator_status(proj, request.user) > 0:
return fn(*args, **kw)
# if project is published, non private and its the right time phase
if proj.Status == 4:
if not proj.Private.exists() or request.user in proj.Private.all(
): # only non-private proposals
# else staff members are allowed to view public proposals in all timeslots and timephases
# this includes assessors as they are type1 or type2.
if request.user.groups.exists():
return fn(*args, **kw)
# students view public proposals or private student views his proposal: Only in timephase after 2
elif get_timephase_number(
) > 2 and proj.TimeSlot == get_timeslot():
return fn(*args, **kw)
# assessors are allowed to view status4 private projects if they have to assess it.
elif planning_public() and \
proj.Private.exists() and \
request.user.groups.exists() and \
proj.TimeSlot == get_timeslot():
for dist in proj.distributions.all():
try:
if request.user in dist.presentationtimeslot.Presentations.Assessors.all(
):
return fn(*args, **kw)
except PresentationTimeSlot.DoesNotExist:
continue
raise PermissionDenied(
"You are not allowed to view this project page.")
def connect(self):
self.pk = self.scope['url_route']['kwargs']['pk']
self.track = get_project_tracking(get_cached_project(self.pk))
if self.track.Subject.Status != 4:
self.close()
return
if not self.scope['user'].groups.exists():
self.close()
return
async_to_sync(self.channel_layer.group_add)('viewnumber{}'.format(
self.pk), self.channel_name)
self.accept()
self.send(text_data=str(self.track.UniqueVisitors.count())
) # send only to this socket connection
def api_redistribute(request):
"""
AJAX call from manual distribute to change a distribution
:param request:
:return:
"""
if get_timephase_number() < 4 or get_timephase_number() > 6:
raise PermissionDenied('Distribution is not possible in this timephase')
if request.method == 'POST':
try:
student = get_all_students(undistributed=True).get(pk=request.POST['student'])
except User.DoesNotExist:
return JsonResponse({'type': 'warning', 'txt': warningString + ' (User cannot be found)'})
try:
dist = student.distributions.get(TimeSlot=get_timeslot())
except Distribution.DoesNotExist:
return JsonResponse({'type': 'warning', 'txt': warningString + ' (Distribution cannot be found)'})
try:
# change Proposal
dist.Proposal = get_cached_project(request.POST['propTo'])
# change Application if user has Application
try:
dist.Application = get_all_applications(dist.Student).get(Proposal=dist.Proposal)
appl_prio = dist.Application.Priority
except Application.DoesNotExist:
dist.Application = None
appl_prio = -1
dist.full_clean()
dist.save()
except Exception as e:
return JsonResponse({'type': 'warning', 'txt': warningString, 'exception': str(e)})
return JsonResponse(
{'type': 'success', 'txt': 'Changed distributed Student ' + dist.Student.usermeta.get_nice_name() +
' to Proposal ' + dist.Proposal.Title, 'prio': appl_prio})
else:
raise PermissionDenied("You don't know what you're doing!")