def get_ticket_messages(ticket_id): """ Retrieve messages in ticket. """ current_identity = get_current_user() ticket = Ticket.query.get(ticket_id) if is_user_relevant_to_ticket(current_identity, ticket): return rp_message.retrieve_all_request(ticket_id, get_current_user(), read=True) else: return Iresponse.create_response('Unauthorized', 403)
def retrieve_user(): """ Returns the user model of the current user. """ current_identity = get_current_user() if current_identity is None: return Iresponse.create_response("", 404) student, ta, supv, usr = {}, {}, {}, {} student = database.serialize_list(current_identity.student_courses) ta = database.serialize_list(current_identity.ta_courses) supv = database.serialize_list(current_identity.supervisor_courses) usr = current_identity.serialize usr['student'] = student usr['ta'] = ta usr['supervisor'] = supv usr['roles'] = [] if len(usr['student']) >= 1: usr['roles'].append('student') if len(usr['ta']) >= 1: usr['roles'].append('ta') if len(usr['supervisor']) >= 1: usr['roles'].append('supervisor') return Iresponse.create_response({'user': usr}, 200)
def unread_messages(): """ Retrieve all unread messages of this user. If in the url the param course_id is specified only the unread messages with a course_id matching the specified course_id will be returned. """ specified_course = request.args.get('course_id') current_identity = get_current_user() tmp = {} unread = current_identity.unread for msg in unread: if str(msg.ticket_id) not in tmp: if specified_course is not None: tick = Ticket.query.filter_by(id=msg.ticket_id).first() if str(tick.course_id) != str(specified_course): continue ticket_id = str(msg.ticket_id) tmp[ticket_id] = {'ticket': msg.ticket.serialize, 'n': 0} if current_identity in msg.ticket.bound_tas: tmp[ticket_id]['ta'] = True else: tmp[ticket_id]['ta'] = False tmp[ticket_id]['n'] += 1 return Iresponse.create_response(tmp, 200)
def verify_ta_rights_in_course(*args, **kwargs): """ Function that verifies that an user has ta rights in the specified course. This function required that the course_id is specified in the decorator. Returns on failure: - Iresponse 400: if the user can not be extracted from the jwt. - Iresponse 404: if the course can not be found. - Iresponse 403: if the user is not a teaching assistant in the course. Returns on succes: - Calls the decorated function, with the following params: (course, user, *args, **kwargs). So the decorated function should always accept atleast two params, namely the course and user, in that order. Extra params, should come after the course and user. """ verify_jwt_in_request() curr_user = get_current_user() course = Course.Course.query.get(course_id) if curr_user is None: return Iresponse.create_response("", 400) if course is None: return Iresponse.create_response("Course not found", 404) if curr_user not in course.ta_courses: if curr_user not in course.supervisors: return Iresponse.create_response("", 403) return func(course, curr_user, *args, **kwargs)
def create_message(ticket_id): """ Create a new message. """ json_data = request.get_json() if request is None: return Iresponse.empty_json_request() current_identity = get_current_user() json_data["studentid"] = current_identity.id userId = escape(json_data["studentid"]) msg = rp_message.create_request(json_data, ticket_id) ticket = Ticket.query.get(ticket_id) user = User.query.get(userId) if (ticket.user_id != user.id): message = createdEmailMessage(ticket.title, [ticket.email], ticket_id, json_data['message'], user.name) if current_app.config['SEND_MAIL_ON_MESSAGE']: print("send email") app = current_app._get_current_object() thr = Thread(target=sendAsyncEmail, args=[message, app]) thr.start() return msg
def get_user(user_id): """ Retrieve user credentials. """ user = get_current_user() if user is None: return Iresponse.create_response("", 404) return Iresponse.create_response(user.serialize, 200)
def retrieve_user_tickets(): """ Returns all the tickets of the user. """ curr_user = get_current_user() tickets = Ticket.query.filter_by(user_id=curr_user.id).all() return Iresponse.create_response(database.serialize_list(tickets), 200)
def get_user_ticket_for_course(course_id): """ Function that gets all the tickets of a user in the course with id: <course_id> """ curr_user = get_current_user() tickets = Ticket.query.filter(Ticket.user_id == curr_user.id, Ticket.course_id == course_id).all() return Iresponse.create_response(database.serialize_list(tickets), 200)
def get_courses_user_is_ta_in(): """ Retrieve the courses where user is a teaching assistant. """ curr_user = get_current_user() if curr_user is None: return Iresponse.create_response("", 404) courses = curr_user.ta_courses return Iresponse.create_response(database.serialize_list(courses), 200)
def retrieve_active_user_tickets(user_id): """ Gets all the active tickets of a user with id: <user_id> """ current_identity = get_current_user() user_id = current_identity.id tickets = Ticket.query.filter( Ticket.user_id == user_id, Ticket.status_id != TicketStatus.closed).all() return Iresponse.create_response(database.serialize_list(tickets), 200)
def retrieve_user_leveldata(): """ Retrieves the level and experience points of loged in user """ current_identity = get_current_user() user_id = current_identity.id user = User.query.get(user_id) response = {} response['level'] = level = user.level response['experience'] = user.experience return Iresponse.create_response(response, 200)
def retrieve_single_ticket(ticket_id): """ Retrieve single ticket from database. """ current_identity = get_current_user() ticket = Ticket.query.get(ticket_id) if is_user_relevant_to_ticket(current_identity, ticket): ticketObj = Ticket.query.get(ticket_id) else: return Iresponse.create_response('Unauthorized', 403) if ticketObj is None: return Iresponse.create_response("", 404) return Iresponse.create_response(ticketObj.serialize, 200)
def close_ticket(ticket_id): """ Close ticket when is has been handled. """ current_identity = get_current_user() try: ticket = Ticket.query.get(ticket_id) if is_user_relevant_to_ticket(current_identity, ticket): ticket.close database.db.session.commit() notifications.notify(current_identity.id, ticket, 'Closed ticket', Message.NTFY_TYPE_CLOSED) else: return Iresponse.create_response('Unauthorized', 403) except Exception as e: print(e) # LOGGING return Iresponse.create_response("Error", 400) return Iresponse.create_response( { 'status': "success", 'message': 'ticket closed' }, 200)
def verify_roles(*args, **kwargs): """ Function that verifies that an user is a ta in the specified course. This function required that the course_id is specified in the decorator. Returns on failure: - Iresponse 400: if the user can not be extracted from the jwt. - Iresponse 404: if the course can not be found. - Iresponse 403: if the user is not a teaching assistant in the course. Returns on succes: - Calls the decorated function, with the following params: (course, user, *args, **kwargs). So the decorated function should always accept atleast two params, namely the course and user, in that order. Extra params, should come after the course and user. """ verify_jwt_in_request() curr_user = get_current_user() c_ta = 'ta' in roles c_ta &= len(curr_user.ta_courses) > 0 c_stud = 'student' in roles c_stud &= len(curr_user.student_courses) > 0 c_super = 'supervisor' in roles c_super &= len(curr_user.supervisor_courses) > 0 if curr_user is None: return Iresponse.create_response("", 400) if type(roles) != list: return Iresponse.create_response("", 500) if not c_ta and not c_stud and not c_super: return Iresponse.create_response( "User doesn\'t have a correct role.", 403) return fn(*args, **kwargs)
def create_ticket(): """ Check ticket submission and add to database. """ print(request.headers) # Mandatory check to comply with incompatible testing. formdata = None if request.get_json(): data = request.get_json() formdata = { 'subject': data['subject'], 'message': data['message'], 'courseid': data['courseid'], 'labelid': data['labelid'], } else: formdata = request.form if hasattr(request, 'files'): if request.files != '': filecount = 0 file_names = list() for file_id in request.files: filecount += 1 if filecount > 5: return Iresponse.create_response("Too many files", 400) file = request.files[file_id] if not rp_file.save_file(file, file_names): print("invalid file") return Iresponse.create_response("File too large", 400) if not json_validation.validate_json( formdata, ['message', 'subject', 'courseid', 'labelid']): return Iresponse.create_response("Malformed request", 400) message = escape(formdata['message']) subject = escape(formdata['subject']) courseid = escape(formdata['courseid']) labelid = escape(formdata['labelid']) ticket_data = { 'message': message, 'subject': subject, 'courseid': courseid, 'labelid': labelid, 'files': file_names } if not course_validation.check_course_validity(courseid, labelid): for file in file_names: rp_file.remove_file(file) return Iresponse.create_response("Invalid Course/Label", 400) current_identity = get_current_user() ticket_data['studentid'] = current_identity.id ticket_data['name'] = current_identity.name ticket_data['email'] = current_identity.email if not json_validation.validate_ticket_data(ticket_data): for file in file_names: rp_file.remove_file(file) return Iresponse.create_response("Invalid ticket data", 400) response = rp_ticket.create_request(ticket_data) return response
def get_ta_tickets(): """ Get tickets for given teaching assistant """ current_identity = get_current_user() return rp_ticket.get_assigned_tickets(current_identity)