def test_get_user(self):
login = {'name': 'Marc', 'email': '*****@*****.**'}
queries.register_user(login)
self.assertTrue(queries.get_user("Marc"))
queries.delete_User('Marc')
self.assertFalse(queries.get_user(None))
self.assertFalse(queries.get_user("1234"))
self.assertFalse(queries.get_user(""))
self.assertFalse(queries.get_user(" "))
def generate_scores(itemid):
"""
Given an itemid, it creates a score
for the corresponding publication
Returns:
- aggregated score
- for each component of the score:
* individual score
* tip to improve
Components for this version are:
* photo: yes or no
* description: based on length
* user_score
"""
partial = {}
# photo score
item_data = get_item(itemid)
try:
score, tip = get_photo_score(item_data)
except:
pass
else:
partial["fotos"] = {"score": int(score * 100), "tip": tip}
# description score
try:
description = get_item_description(itemid)
score, tip = get_description_score(description)
except:
pass
else:
partial["descripcion"] = {"score": int(score * 100), "tip": tip}
# user score
try:
user_data = get_user(item_data['seller_id'])
score, tip = get_user_score(user_data)
except:
pass
else:
partial["calificaciones"] = {"score": int(score * 100), "tip": tip}
# calcular score final
result = {
"total_score": get_total_score(partial),
"partial_scores": partial
}
title = item_data["title"]
try:
photo = item_data["thumbnail"]
except KeyError:
pass
return result, title, photo
def account():
if request.method == 'POST':
old = request.form['old']
if queries.get_user(g.db, session['login'], old) and \
set_password(g.db, session['user'], request.form['new']):
flash('Password changed', category='message')
else:
flash('Could not change password!', category='error')
user = queries.User(*session['user'])
devices = queries.get_user_devices(g.db, user)
return render_template('account.html', devices=devices)
def generate_scores(itemid):
"""
Given an itemid, it creates a score
for the corresponding publication
Returns:
- aggregated score
- for each component of the score:
* individual score
* tip to improve
Components for this version are:
* photo: yes or no
* description: based on length
* user_score
"""
partial = {}
# photo score
item_data = get_item(itemid)
try:
score, tip = get_photo_score(item_data)
except:
pass
else:
partial["fotos"] = {"score": int(score*100), "tip": tip}
# description score
try:
description = get_item_description(itemid)
score, tip = get_description_score(description)
except:
pass
else:
partial["descripcion"] = {"score": int(score*100), "tip": tip}
# user score
try:
user_data = get_user(item_data['seller_id'])
score, tip = get_user_score(user_data)
except:
pass
else:
partial["calificaciones"] = {"score": int(score*100), "tip": tip}
# calcular score final
result = {
"total_score": get_total_score(partial),
"partial_scores": partial
}
title = item_data["title"]
try:
photo = item_data["thumbnail"]
except KeyError:
pass
return result, title, photo
def login():
login = request.form.get('login', '').lower()
pwd = request.form.get('password', '')
goto = request.values.get('goto') or '/'
user = queries.get_user(g.db, login, pwd)
if user:
session['userid'] = user.id
session['login'] = user.login
session['user'] = user
return redirect(goto)
else:
flash('Username or password invalid', category='error')
return login_form()
def validate_admin():
stuid, name = auth()
user = get_user(stuid)
if not user.type == "admin":
if user.stuid in options.admins:
session.query(User).filter_by(stuid=user.stuid).update(
{"type": "admin"})
session.commit()
else:
raise Exception("You are not authorized to view this page.")
return user
def validate_admin():
stuid, name = auth()
user = get_user(stuid)
if not user.type == "admin":
if user.stuid in options.admins:
session.query(User).filter_by(stuid=user.stuid).update({
"type": "admin"
})
session.commit()
else:
raise Exception("You are not authorized to view this page.")
return user
def validate_user():
stuid, name = auth()
try:
user = get_user(stuid)
except:
type = "admin" if stuid in options.admins else "student"
user = User(stuid=stuid, name=name, type=type)
session.add(user)
session.commit()
if user.type == "admin" and user.proxy:
user = session.query(User).get(user.proxy)
return user
def log_in():
form_value = extract_form()
user = queries.get_user(form_value['username'])
hashed_password_from_db = user['password'] if user is not None else ''
valid_password = user is not None and 'password' in form_value \
and form_value['username'].strip() != '' and \
common.check_password(form_value['password'], hashed_password_from_db)
if valid_password:
session['logged_in'] = True
session['username'] = user['username']
session['id'] = user['id']
return "/"
else:
flash("Wrong username or password")
return "/login-page"
def validate_user():
stuid, name = auth()
try:
user = get_user(stuid)
except:
type = "admin" if stuid in options.admins else "student"
user = User(stuid=stuid,
name=name,
type=type)
session.add(user)
session.commit()
if user.type == "admin" and user.proxy:
user = session.query(User).get(user.proxy)
return user
def login():
"""
Log the user into the application
"""
# Forget any user_id
session.clear()
# User reached route via POST (as by submitting a form via POST)
if request.method == "POST":
# Ensure username was submitted
if not request.form.get("username"):
return apology("must provide username", 403)
# Ensure password was submitted
elif not request.form.get("password"):
return apology("must provide password", 403)
# Query database for username
row = get_user(request.form.get("username"))
# Ensure username exists and password is correct
if len(row) != 1 or not check_password_hash(row[0]['password'], request.form.get("password")):
return apology("invalid username and/or password", 403)
# Remember which user has logged in
# Stores the users "id" in the Flask session by taking the 1 and only
# row in the rows list and grabbing the value from the "id" column
session["user_id"] = row[0]["id"]
# Display a message on the home page to let the user know their
# project was successfully added to the database
flash(f'You have been logged in successfully!')
# Redirect user to home page
return redirect('/')
# User reached route via GET (as by clicking a link or via redirect)
return render_template('login.html')
def update_grade():
admin = validate_admin()
stuid = request.form['stuid']
hw_id = request.form['hw_id']
score = request.form['score'].strip()
excused = 1 if request.form['excused'] == "true" else 0
# check that score is valid
try:
float(score)
except:
assert (score in ["", "E"])
# fill in grades
grade = get_grade(stuid, hw_id)
if not grade:
add_grade(get_user(stuid), get_homework(hw_id), score, excused)
else:
grade.score = score
grade.excused = excused
session.commit()
return "Grade update successful!"
def update_grade():
admin = validate_admin()
stuid = request.form['stuid']
hw_id = request.form['hw_id']
score = request.form['score'].strip()
excused = 1 if request.form['excused'] == "true" else 0
# check that score is valid
try:
float(score)
except:
assert(score in ["", "E"])
# fill in grades
grade = get_grade(stuid, hw_id)
if not grade:
add_grade(get_user(stuid), get_homework(hw_id), score, excused)
else:
grade.score = score
grade.excused = excused
session.commit()
return "Grade update successful!"
def load_user(user_id):
return get_user(user_id)
def register():
"""
Allows the user to register for an account to login to the application.
The user fills out a form with:
- first and last name
- a user name
- password
- email address
"""
# Forget any user_id
session.clear()
# If POST is sent as the request method...
if request.method == "POST":
first = request.form.get('first') # Get user's first name
last = request.form.get('last') # Get user's last name
name = request.form.get('username') # Get user's username
password = request.form.get('password') # Get user's password
conf_pass = request.form.get('confirmation') # Confirm matching password
email_add = request.form.get('email_add') # Get user's email address
# If the user does not enter a first name...
if not first:
return apology("Need to enter a first name. Please try again!")
# If the user does not enter a last name...
if not last:
return apology("Need to enter a last name. Please try again!")
# If the user does not enter a username...
if not name:
return apology("Need to enter a username. Please try again!")
# If the user did not enter their password twice...
if not password or not conf_pass:
return apology(
"Need to enter your password twice. Please try again!"
)
# If the user does not enter an email address...
if not email_add:
return apology("Need to enter an email address. Please try again!")
# If the user's passwords do not match
if password != conf_pass:
return apology("Your passwords do not match. Please try again!")
# If that username is already in the data base
if dup_user(name):
return apology(
"Username already exists.\nLog in or try another username."
)
else:
# Hash the user's password to store in the database
hashed_pw = generate_password_hash(password)
# Add the username and hashed password into the user database table
add_user(first, last, name, hashed_pw, email_add)
# Get the row where the username is in the data base
rows = get_user(name)
# rows = user_details(user_id)
# Ensure username exists and password is correct
if len(rows) != 1 or not check_password_hash(
rows[0]['password'], request.form.get("password")
):
return apology("invalid username and/or password", 403)
# Remember which user has logged in
# Stores the users "id" in the Flask session by taking the 1 and only
# row in the rows list and grabbing the value from the "id" column
session["user_id"] = rows[0]['id']
# Display a message on the home page to let the user know their
# project was successfully added to the database
flash(
f'Your registration is complete and you have been logged in successfully!'
)
# Send the user to the portfolio page
return redirect("/")
else: # Otherwise, sent a GET request, need to send to register form
return render_template('register.html')
def get_userID():
userID = queries.get_user(session["username"])
return json.dumps(userID)
def user_exists(self, name):
""" check if user exists """
return len(self.db.execute(queries.get_user(name))) > 0
def get(self, name):
""" get user information """
user_info = self.db.execute(queries.get_user(name))
return user_info
user = User(stuid=stuid,
name="Test User",
type="admin")
else:
app = Flask(__name__)
app.debug = (options.target != "prod")
@app.errorhandler(Exception)
def handle_exceptions(error):
return make_response(error.message, 403)
stuid = auth_stuid()
if not stuid:
raise Exception("You are no longer logged in. Please refresh the page.")
try:
user = get_user(stuid)
except:
user = User(stuid=stuid,
name=auth_student_name(),
type="student")
session.add(user)
session.commit()
@app.route("/")
def index():
return render_template("admin/index.html", options=options, user=user)
@app.route("/reminder_email/<int:hw_id>", methods=['POST'])
def reminder_email(hw_id):
