Esempio n. 1
0
def List():
    """ Lists all campuses using campus_list.html """
    # Authenticate user
    if not Authorization.canAccess(session.get('user'), ('scheduling_admin')):
        return render_template('error/no_access.html')

    # Get list of terms
    terms = TermModel.all()
    term_list = []

    for term in terms:
        term_list.append({
            'term':
            term,
            'startDate':
            datetime.utcfromtimestamp(term.getStartDate()).strftime("%B %Y"),
            'endDate':
            datetime.utcfromtimestamp(term.getEndDate()).strftime("%B %Y"),
            'startDateHtml':
            datetime.utcfromtimestamp(
                term.getStartDate()).strftime("%Y-%m-%d"),
            'endDateHtml':
            datetime.utcfromtimestamp(term.getEndDate()).strftime("%Y-%m-%d")
        })

    return render_template('settings.html', data={'terms': term_list})
Esempio n. 2
0
def DeleteTerm(term_id):
    """ Creates a new Campus """
    # Authenticate user
    if not Authorization.canAccess(session.get('user'), ('scheduling_admin')):
        return JsonResponse.unauthorized({
            'message':
            'no_access',
            'nice_message':
            'You do not have access to this function. Contact system administrator.'
        })

    if not term_id:
        return JsonResponse.badRequest({
            'message': 'bad_request',
            'nice_message': 'Please enter the term'
        })

    term = TermModel.findById(term_id)

    if not term:
        return JsonResponse.notFound({
            'message': 'not_found',
            'nice_message': 'Term not found.'
        })

    term.delete()

    return JsonResponse.ok()
Esempio n. 3
0
def List(campus_id, building_id):
    """ Lists all rooms for a given campus building. """
    # Verify user access
    if not Authorization.canAccess(session.get('user'), ('building_admin', 'fire_officer', 'scheduling_admin')):
        return render_template('error/no_access.html')

    # Get the campus object
    campus = CampusModel.findById(campus_id)

    if not campus:
        return render_template('error/resource_not_found.html')

    # Get the building object
    building = CampusBuildingModel.findById(building_id)

    if not building:
        return render_template('error/resource_not_found.html')

    # Get all rooms
    rooms = CampusBuildingRoomModel.findBy('building', building_id)
    
    return render_template('room_list.html', data = {
        'campus': campus,
        'building': building,
        'rooms': rooms
    })
Esempio n. 4
0
def Create(student_id):

    if not Authorization.canAccess(session.get('user'), ('scheduling_admin')):
        return JsonResponse.unauthorized({
            'message':
            'no_access',
            'nice_message':
            'You do not have access to this page. Contact system administrator.'
        })

    module_id = request.form.get('module')

    if not module_id or not student_id:
        return JsonResponse.badRequest({
            'message':
            'missing_parameters',
            'nice_message':
            'Missing student or module.'
        })

    newEnrolment = StudentModuleModel()

    dateNow = int(time.time())

    newEnrolment.setEnrolmentDate(dateNow)

    newEnrolment.setStudent(student_id)
    newEnrolment.setModule(module_id)
    newEnrolment.save()

    return JsonResponse.ok()
Esempio n. 5
0
def Update(campus_id, building_id, room_id):
    """ Update a given campus building room. """
    # Verify user access
    if not Authorization.canAccess(session.get('user'), ('building_admin', 'fire_officer')):
        return JsonResponse.unauthorized({'message': 'no_access', 'nice_message': 'You do not have accdss to this page. Contact system administrator.'})

    # Get room object
    room = CampusBuildingRoomModel.findById(room_id)

    if not room:
        return JsonResponse.notFound({'message': 'room_missing', 'nice_message': 'Room not found.'})
    
    # Save new values to database
    name = request.form.get('room_name')
    floor = request.form.get('floor')
    capacity = request.form.get('capacity')


    if not name and not floor and not capacity:
        return JsonResponse.badRequest({'message': 'missing_parameters', 'nice_message': 'Please enter a floor, capacity or name.'})
    
    if name:
        room.setIdentifier(name)
    
    if floor:
        room.setBuildingFloor(floor)
    
    if capacity:
        room.setCapacity(capacity)

    room.save()

    return JsonResponse.ok()
Esempio n. 6
0
def Delete(student_id, module_id):
    if not Authorization.canAccess(session.get('user'), ('scheduling_admin')):
        return JsonResponse.unauthorized({
            'message':
            'no_access',
            'nice_message':
            'You do not have access to this function. Contact system administrator.'
        })

    if not student_id or not module_id:
        return JsonResponse.badRequest({
            'message': 'missing_parameters',
            'nice_message': 'Missing parameter.'
        })

    enrolments = StudentModuleModel.findBy('student', student_id)

    for enrolment in enrolments:
        if enrolment.getModule() == int(module_id):
            enrolment.delete()
            return JsonResponse.ok()

    return JsonResponse.notFound({
        'message': 'not_found',
        'nice_message': 'Enrolment does not exist.'
    })
Esempio n. 7
0
def View(campus_id, building_id, room_id):
    """ Retrieve information for a given campus building room. """
    # Verify user access
    if not Authorization.canAccess(session.get('user'), ('building_admin', 'fire_officer', 'scheduling_admin')):
        return render_template('error/no_access.html')

    # Get the campus object
    campus = CampusModel.findById(campus_id)

    if not campus:
        return render_template('error/resource_not_found.html')

    # Get the building object
    building = CampusBuildingModel.findById(building_id)

    if not building:
        return render_template('error/resource_not_found.html')
    
    # Get the room object
    room = CampusBuildingRoomModel.findById(room_id)

    if not room:
        return render_template('error/resource_not_found.html')

    return render_template('room_view.html', data = {
        'campus': campus,
        'building': building,
        'room': room
    })
Esempio n. 8
0
def View(campus_id, building_id):
    """ Get building information """
    # Verify user access
    if not Authorization.canAccess(
            session.get('user'),
        ('building_admin', 'fire_officer', 'scheduling_admin')):
        return render_template('error/no_access.html')

    # Get campus object
    campus = CampusModel.findById(campus_id)

    if not campus:
        return render_template('error/resource_not_found.html')

    # Get building object
    building = CampusBuildingModel.findById(building_id)

    if not building:
        return render_template('error/resource_not_found.html')

    return render_template('building_view.html',
                           data={
                               'campus': campus,
                               'building': building
                           })
Esempio n. 9
0
def PasswordResetPost():
    if Authorization.isLoggedIn(session.get('user')):
        return redirect(url_for('Campus.List'))

    email = request.form.get('email')

    staff = StaffModel.findby('email', email)

    if len(staff) != 0:
        resetToken = str(uuid.uuid4()).replace('-', '')
        expires = time.time() + 30 * 60  # 30 minutes

        prm = PasswordResetModel()

        prm.setToken(resetToken) \
           .setUserId(staff.getId()) \
           .setUserType('staff') \
           .setExpires(expires) \
           .save()

        Email.sendEmail(
            email, 'password_reset', {
                'password_reset_url':
                Config.getValue('APP_URL') + '/auth/password-reset/' +
                resetToken
            })

    return render_template('auth/password_reset_sent.html')
Esempio n. 10
0
def Create(campus_id, building_id):
    """ Create a room in a given campus building. """
    # Verify user access
    if not Authorization.canAccess(session.get('user'), ('building_admin')):
        return JsonResponse.unauthorized({'message': 'no_acces', 'nice_message': 'You do not have acess to this page. Contact system administrator.'})

    # Get building object
    building = CampusBuildingModel.findById(building_id)

    if not building:
        return JsonResponse.notFound({'message': 'not_found', 'nice_message': 'Building not found.'})

    # Parse and validate request body
    name  = request.form.get('room_name')
    floor = request.form.get('floor')
    capacity = request.form.get('capacity')


    if not name or not floor or not capacity:
        return JsonResponse.badRequest({'message': 'bad_request', 'nice_message': 'Please enter a capacity, name and floor.'})

    # Save new data to database
    room = CampusBuildingRoomModel()

    room.setIdentifier(name) \
        .setBuildingFloor(floor) \
        .setBuilding(building_id) \
        .setCapacity(capacity) \
        .save()

    return JsonResponse.ok()
Esempio n. 11
0
def Create(campus_id):
    """ Creates new campus building """
    # Verify user access
    if not Authorization.canAccess(session.get('user'), ('building_admin', )):
        return JsonResponse.unauthorized()

    # Ensure campus exists
    campus = CampusModel.findById(campus_id)

    if not campus:
        return JsonResponse.notFound()

    # Parse and validate request body
    name = request.form.get('building_name')
    floorCount = request.form.get('floor_count')

    if not name or not floorCount:
        return JsonResponse.badRequest()

    # Save new data to database
    building = CampusBuildingModel()

    building.setName(name) \
            .setFloorCount(floorCount) \
            .setCampus(campus_id) \
            .save()

    return JsonResponse.ok()
Esempio n. 12
0
def Update(id):
    """ Updates information for a Campus """
    if not Authorization.canAccess(session.get('user'), ('building_admin')):
        return JsonResponse.unauthorized({
            'message':
            'no_access',
            'nice_message':
            'You do not have access to this function. Contact system administrator.'
        })

    name = request.form.get('campus_name')

    if not name:
        return JsonResponse.badRequest({
            'message': 'name_missing',
            'nice_message': 'Missing campus name.'
        })

    campus = CampusModel.findById(id)

    if not campus:
        return JsonResponse.notFound({
            'message':
            'not_found',
            'nice_message':
            'Campus could not be found.'
        })

    campus.setName(name) \
          .save()

    return JsonResponse.ok()
Esempio n. 13
0
def Create():
    """ Creates a new Campus """
    # Authenticate user
    if not Authorization.canAccess(session.get('user'), ('building_admin')):
        return JsonResponse.unauthorized({
            'message':
            'no_access',
            'nice_message':
            'You do not have access to this function. Contact system administrator.'
        })

    name = request.form.get('campus_name')

    if not name:
        return JsonResponse.badRequest({
            'message': 'name_missing',
            'nice_message': 'Missing Campus Name'
        })

    campus = CampusModel()

    campus.setName(name) \
          .save()

    return JsonResponse.ok()
Esempio n. 14
0
def List(module_id):
    """ Lists all sessions for given module. """
    # Verify user access
    if not Authorization.canAccess(session.get('user'), ('scheduling_admin')):
        return render_template('error/no_access.html')

    # Get module object
    module = ModuleModel.findById(module_id)

    if not module:
        return render_template('error/resource_not_found.html')

    # Get list of module sessions for given module
    sessions = ModuleSession.findBy('module', module_id)

    # Get a list of all teachers
    teachers = TeacherModel.all()

    # Get a list of all module session types
    session_types = ModuleSessionTypeModel.all()

    return render_template('session_list.html',
                           data={
                               'module': module,
                               'sessions': sessions,
                               'teachers': teachers,
                               'session_types': session_types
                           })
Esempio n. 15
0
def List():
    """ Return list of all teachers """
    if not Authorization.canAccess(session.get('user'), ('admin')):
        return render_template('error/no_access.html')

    teachers = TeacherModel().all()

    return render_template('teacher_list.html', data={'teachers': teachers})
Esempio n. 16
0
def List():
    """Gets a list of all students (Template: student_list.html)"""
    #Authorise (change who can authorise)
    if not Authorization.canAccess(session.get('user'), ('admin')):
        return render_template('error/no_access.html')

    students = StudentModel.all()

    return render_template("student_list.html", data={"students": students})
Esempio n. 17
0
def View(id):
    """ Returns teachers information """
    if not Authorization.canAccess(session.get('user'), ('admin')):
        return render_template('error/no_access.html')

    teachers = TeacherModel.findById(id)
    if not teachers:
        return render_template('error/resource_not_found.html')

    return render_template('teacher_view.html', data={'teacher': teachers})
Esempio n. 18
0
def Update(id):
    """ Updates teachers information """
    if not Authorization.canAccess(session.get('user'), ('admin')):
        return JsonResponse.unauthorized({
            'message':
            'no_access',
            'nice_message':
            'You do not have access to this function. Contact system administrator.'
        })

    first_name = request.form.get('first_name')
    last_name = request.form.get('last_name')
    email = request.form.get('email')
    mobile_phone = request.form.get('mobile_phone')
    password = request.form.get('password')

    if not first_name and not last_name and not email and not mobile_phone and not password:
        return JsonResponse.badRequest({
            'message':
            'missing_parameters',
            'nice_message':
            'Please enter details for the teacher.'
        })

    teachers = TeacherModel.findById(id)

    if not teachers:
        return JsonResponse.notFound({
            'message': 'not_found',
            'nice_message': 'Teacher not found.'
        })

    if first_name:
        teachers.setFirstName(first_name)

    if last_name:
        teachers.setLastName(last_name)

    if email:
        teachers.setEmail(email)

    if mobile_phone:
        teachers.setMobile(mobile_phone)

    if password:
        salt = teachers.getSalt()
        hashedPassword = Security.hashPassword(password, salt)
        teachers.setPassword(hashedPassword)

    try:
        teachers.save()
    except:
        return JsonResponse.badRequest({'error': 'database_error'})

    return JsonResponse.ok()
Esempio n. 19
0
def Update(module_id, session_id):
    """ Updates a module session. """
    # Verify user access
    if not Authorization.canAccess(session.get('user'), ('scheduling_admin')):
        return JsonResponse.unauthorized({
            'message':
            'no_access',
            'nice_message':
            'You do not have access to this function. Contact system administrator.'
        })

    # Get session object
    session = ModuleSessionModel.findById(session_id)

    if not session:
        return JsonResponse.notFound({
            'message': 'not_found',
            'nice_message': 'Session not found.'
        })

    # Save new values to database
    teacher = request.form.get('teacher')
    sessionType = request.form.get('type')

    if not teacher and not sessionType:
        return JsonResponse.badRequest({
            'message':
            'missing_parameters',
            'nice_message':
            'Please enter a teacher and session type.'
        })

    if teacher:
        if not TeacherModel.findById(teacher):
            return JsonResponse.badRequest({
                'message': 'not_found',
                'nice_message': 'Teacher not found.'
            })

        session.setStaff(teacher)

    if sessionType:
        if not ModuleSessionModel.findById(sessionType):
            return JsonResponse.badRequest({
                'message':
                'not_found',
                'nice_message':
                'Session type not found.'
            })

        session.setType(sessionType)

    session.save()

    return JsonResponse.ok()
Esempio n. 20
0
def View(id):
    """ Gets information for given module. """
    # Verify user access
    if not Authorization.canAccess(session.get('user'), ('scheduling_admin')):
        return render_template('error/no_access.html')

    # Get module object
    module = ModuleModel.findById(id)

    if not module:
        return render_template('error/resource_not_found.html')

    # Get leader (teacher) object
    leader = TeacherModel.findById(module.getLeader())

    if not module:
        return render_template('error/server_error.html')

    # Get teachers object
    teachers = TeacherModel.all()

    # Get enrolled students
    students = []
    enrolments = StudentModuleModel.findBy('module', id)

    for enrolment in enrolments:
        students.append(StudentModel.findById(enrolment.getStudent()))

    # Get module sessions (+ teachers)
    sessions = ModuleSessionModel.findBy('module', id)
    sessions_list = []

    for session2 in sessions:
        sessions_list.append({
            'session':
            session2,
            'staff':
            TeacherModel.findById(session2.getStaff()),
            'type':
            ModuleSessionTypeModel.findById(session2.getType())
        })

    # Get session types
    sessionTypes = ModuleSessionTypeModel.all()

    return render_template('module_view.html',
                           data={
                               'module': module,
                               'leader': leader,
                               'teachers': teachers,
                               'students': students,
                               'sessionTypes': sessionTypes,
                               'sessions': sessions_list
                           })
Esempio n. 21
0
def List():
    """ Lists all campuses using campus_list.html """
    # Authenticate user
    if not Authorization.canAccess(
            session.get('user'),
        ('building_admin', 'fire_officer', 'scheduling_admin')):
        return render_template('error/no_access.html')

    # Get list of campuses
    campuses = CampusModel.all()

    return render_template('campus_list.html', data={'campuses': campuses})
Esempio n. 22
0
def Update(id):
    """POST /staff/[id] - Updates staff information (JSON) (Post variables: first_name, last_name, email, mobile_phone, salt, password, role (integer))"""
    #Auth
    if not Authorization.canAccess(session.get('user'), ('admin')):
        return JsonResponse.unauthorized({
            'message':
            'no_access',
            'nice_message':
            'You do not have access to this function. Contact system administrator.'
        })

    first_name = request.form.get('first_name')
    last_name = request.form.get('last_name')
    email = request.form.get('email')
    mobile_phone = request.form.get('mobile_phone')
    password = request.form.get('password')
    role = request.form.get('role')

    if not first_name and not last_name and not email and not mobile_phone and not password and not role:
        #Bad request
        return JsonResponse.badRequest({
            'message':
            'missing_parameters',
            'nice_message':
            'Pleaase enter new details for the staff member'
        })

    staff = StaffModel.findById(id)
    #Not sure on method names
    if first_name:
        staff.setFirstName(first_name)
    if last_name:
        staff.setLastName(last_name)
    if email:
        staff.setEmail(email)
    if mobile_phone:
        staff.setMobile(mobile_phone)
    if role:
        staff.setRole(role)
    #Password hashed here

    if password:
        salt = staff.getSalt()
        hashedPassword = Security.hashPassword(password, salt)
        staff.setPassword(hashedPassword)

    try:
        staff.save()
    except:
        return JsonResponse.badRequest({'error': 'database_error'})

    return JsonResponse.ok()
Esempio n. 23
0
def View(id):
    """GET /staff/[id] - Returns staff information (Template: staff_view.html)"""
    if not Authorization.canAccess(session.get('user'), ('admin')):
        return render_template('error/no_access.html')

    staff = StaffModel.findById(id)
    roles = StaffRoleModel.all()

    return render_template("staff_view.html",
                           data={
                               "staff": staff,
                               "roles": roles
                           })
Esempio n. 24
0
def Delete(campus_id, building_id, room_id):
    """ Deletes a given campus building room. """
    # Verify user access
    if not Authorization.canAccess(session.get('user'), ('building_admin')):
        return JsonResponse.unauthorized({'message': 'no_access', 'nice_message': 'You do not have access to this function. Contact system administrator.'})

    # Get room object
    room = CampusBuildingRoomModel.findById(room_id)

    # Delete from database
    room.delete()

    return JsonResponse.ok()
Esempio n. 25
0
def UpdateTerm(term_id):
    """ Creates a new Campus """
    # Authenticate user
    if not Authorization.canAccess(session.get('user'), ('scheduling_admin')):
        return JsonResponse.unauthorized({
            'message':
            'no_access',
            'nice_message':
            'You do not have access to this function. Contact system administrator.'
        })

    term = request.form.get('term')
    term_start = request.form.get('term_start')
    term_end = request.form.get('term_end')

    if not term or not term_start or not term_end:
        return JsonResponse.badRequest({
            'message':
            'missing_parameters',
            'nice_message':
            'Please enter a new term number, start date or end date.'
        })

    if term not in ('1', '2', '3', 1, 2, 3):
        return JsonResponse.badRequest({
            'message':
            'bad_request',
            'nice_message':
            'Please select a term between 1 and 3.'
        })

    termObj = TermModel.findById(term_id)

    if not termObj:
        return JsonResponse.notFound({
            'message': 'not_found',
            'nice_message': 'Term not found.'
        })

    if term:
        termObj.setTerm(term)

    if term_start:
        termObj.setStartDate(yyyyMmDdToTimestamp(term_start))

    if term_end:
        termObj.setEndDate(yyyyMmDdToTimestamp(term_end))

    termObj.save()

    return JsonResponse.ok()
Esempio n. 26
0
def View(id):
    """Returns student information [+ student module enrolments]. (Template: student_view.html)"""

    if not Authorization.canAccess(session.get('user'), ('admin')):
        return render_template('error/no_access.html')

    student = StudentModel.findById(id)
    #Get Modules ?

    return render_template(
        "student_view.html",
        data={"student": student
              #Modules?
              })
Esempio n. 27
0
def View(id):
    """ Gets campus information and displays it using campus_view.html """
    # Authenticate user
    if not Authorization.canAccess(
            session.get('user'),
        ('building_admin', 'fire_officer', 'scheduling_admin')):
        return render_template('error/no_access.html')

    campus = CampusModel.findById(id)

    if not campus:
        return render_template('error/resource_not_found.html')

    return render_template('campus_view.html', data={'campus': campus})
Esempio n. 28
0
def List():
    """GET /staff - Lists all staff members (Template: staff_list.html)"""
    if not Authorization.canAccess(session.get('user'), ('admin')):
        return render_template('error/no_access.html')

    roles = StaffRoleModel.all()

    allStaff = StaffModel.all()

    return render_template("staff_list.html",
                           data={
                               "staff": allStaff,
                               "roles": roles
                           })
Esempio n. 29
0
def Create(module_id):
    """ Creates a new module session. """
    # Verify user access
    if not Authorization.canAccess(session.get('user'), ('scheduling_admin')):
        return JsonResponse.unauthorized({
            'message':
            'no_access',
            'nice_message':
            'You do not have access to this page. Contact system administrator.'
        })

    # Get module object
    module = ModuleModel.findById(module_id)

    if not module:
        return JsonResponse.notFound({
            'message': 'not_found',
            'nice_message': 'Module not found.'
        })

    # Parse and validate request body
    teacher = request.form.get('teacher')
    sessionType = request.form.get('type')

    if not TeacherModel.findById(teacher):
        return JsonResponse.badRequest({
            'message': 'not_found',
            'nice_message': 'Teacher not found.'
        })

    if not ModuleSessionTypeModel.findById(sessionType):
        return JsonResponse.badRequest({
            'message':
            'not_found',
            'nice_message':
            'Module session not found.'
        })

    # Save new data to database
    moduleSession = ModuleSessionModel()

    moduleSession.setModule(module.getId()) \
                 .setStaff(teacher) \
                 .setType(sessionType) \
                 .save()

    return JsonResponse.ok()
Esempio n. 30
0
def Update(id):
    """ Updates a given module. """
    # Verify user access
    if not Authorization.canAccess(session.get('user'), ('scheduling_admin')):
        return JsonResponse.unauthorized({
            'message':
            'no_access',
            'nice_message':
            'You do not have access to this page. Contact system administrator.'
        })

    # Get module object
    module = ModuleModel.findById(id)

    if not module:
        return JsonResponse.notFound({
            'message': 'not_found',
            'nice_message': 'Module not found.'
        })

    # Save new values to database
    name = request.form.get('module_name')
    leader = request.form.get('leader')

    if not name and not leader:
        return JsonResponse.badRequest({
            'message':
            'missing_parameters',
            'nice_message':
            'Please enter a new name or module leader.'
        })

    if name:
        module.setName(name)

    if leader:
        if not TeacherModel.findById(leader):
            return JsonResponse.badRequest({
                'message': 'not_found',
                'nice_message': 'Teacher not found.'
            })

        module.setLeader(leader)

    module.save()

    return JsonResponse.ok()