def post(self):
"""
Creates a user, and will log him in.
Will also show the user id, and prompt to change the password.
"""
DA = DataAccessor()
uid = userIDGen()
pw = passwordGen()
user = DA.addStudent(uid, pw)
session = generateSession(user)
session.generated = True;
session.put()
self.response.headers.add_header(
'Set-Cookie',
'sid=%s; expires=Fri, 31-Dec-2020 23:59:59 GMT; path=/' % session.sessionID)
## user = DS.User.get(user)
message = "Your account has been created. Please store the following information in a secure location.<br/>"
message += "<span class='credential'>UserID: %s</span><br/>" % user.uid
message += "<span class='credential'>Password: %s</span><br/>" % user.password
message += "Change your password: <a href='/student/password'>Manage Account</a>"
setSessionMessage(session, message, False)
self.redirect('/student')
def post(self):
"""
Attempts to log in a user.
If the attempt fails, a message is shown.
Otherwise, they are logged in and redirected to the
appropriate tools page.
"""
uid = self.request.get('id')
pw = self.request.get('pw')
if not uid or not pw:
setSessionMessageByRequest(self, "Please provide a User ID and Password to login.", True)
self.redirect('/login')
else:
DA = DataAccessor()
u = DA.getUser(uid, pw)
if u is None:
setSessionMessageByRequest(self, "The User ID and Password Combination you have provided was incorrect.", True)
self.redirect('/login')
else:
sweepSessions()
session = generateSession(u.key())
self.response.headers.add_header(
'Set-Cookie',
'sid=%s; expires=Fri, 31-Dec-2020 23:59:59 GMT; path=/' % str(session.sessionID))
if u.userType == 'STUDENT':
self.redirect('/student')
elif u.userType == 'ADMIN':
self.redirect('/admin')
else :
setSessionMessageByRequest(self, "Invalid user", True)
self.redirect('/login')
def post(self):
"""
Changes the admin password.
"""
DA = DataAccessor()
session = getSessionByRequest(self)
user = getSessionUser(session)
old = self.request.get("old")
new = self.request.get("new")
new2 = self.request.get("new2")
if old != user.password:
setSessionMessage(session, "Invalid Password")
self.redirect("/admin")
if new != new2:
setSessionMessage(session, "Your new passwords did not match. Please try again.", True)
else:
setSessionMessage(session, "You have successfully changed your password.", False)
# Reset the password
DA.update(user, password=new)
# Reset the session.
session.generated = False
session.put()
self.redirect("/admin")
def post(self):
"""
Creates a new admin. Required post request parameters are
uid - the new user id
pw - the new password
pw2 - retyping the new password.
"""
DA = DataAccessor()
session = getSessionByRequest(self)
uid = self.request.get("uid")
pw = self.request.get("pw")
pw2 = self.request.get("pw2")
if pw != pw2:
setSessionMessage(session, "Your new passwords did not match. Please try again.", True)
self.redirect("/admin")
return
try:
DA.addAdmin(uid, pw)
except Usage:
setSessionMessage(session, "A user with that uid exists already", True)
self.redirect("/admin")
return
setSessionMessage(session, "Admin: " + uid + " successfully added.", False)
self.redirect("/admin")
def post(self):
"""
Saves a new rating into the datastore.
"""
def errhandler(obj):
raise DataStoreClash(obj)
DA = DataAccessor(errhandler)
session = getSessionByRequest(self)
user = getSessionUser(session)
typename = self.request.get("typename")
ratable = None
if typename == 'Book':
isbn = self.request.get('isbn')
title = self.request.get('title')
author = self.request.get('author')
try:
ratable = DA.addBook( title, isbn, author )
except BadValueError:
setSessionMessage(session, "Enter all values.", True)
self.redirect('/student/new/Book')
return
except ValueError:
setSessionMessage(session, "Bad input syntax.", True)
self.redirect('/student/new/Book')
return
except DataStoreClash, err:
setSessionMessage(session, "Book already exists.", True)
self.redirect('/ratable/'+str(err.entity.key()))
return
def post(self) :
"""
Handles adding grades to a course.
"""
key = self.request.get('key')
course = db.get(db.Key(key))
session = getSessionByRequest(self)
user = getSessionUser(session)
da = DataAccessor()
if (not self.request.get('grade')) :
query = DS.Grade.all().filter('course =', course)
query.filter('student =', user)
grade = query.get()
da.delete(grade)
setSessionMessage(session, "Removed your grade", False)
self.redirect('/ratable/%s' % key)
return
da.addGrade(course, getSessionUser(session), self.request.get('grade'))
setSessionMessage(session, "Added your grade.", False)
self.redirect('/ratable/%s' % key)
def get(self):
"""
Will generate the user management page.
"""
DA = DataAccessor()
students = DA.getStudents()
admins = DA.getAdmins()
self.generate("manageUsers.html", {"admins": admins, "students": students})
def get(self):
"""
Clears the datastore on access.
"""
DA = DataAccessor()
DA.clear()
setSessionMessageByRequest(self, "The datastore has been cleared.", False)
self.redirect("/admin")
def get(self) :
"""
Deletes the current user.
"""
session = getSessionByRequest(self)
user = getSessionUser(session)
da = DataAccessor()
da.delete(user)
expireSession(session)
self.redirect('/browse/')
def get(self):
"""
Shows the student.html file, which
is supposed to be blank.
"""
DA = DataAccessor()
session = getSessionByRequest(self)
user = getSessionUser(session)
ratings = DA.getRatingsByUser(user)
ratings = prepareRatingsForTemplate(ratings, user)
self.generate('student.html', {
'ratings': ratings,
'isStudentPage': True,
'surpressFooter': True
})
def get(self) :
"""
Deletes the object that has been stored in the session.
"""
session = getSessionByRequest(self)
if session.deletionTarget :
da = DataAccessor()
da.delete(session.deletionTarget)
ratable = unify(session.deletionTarget.rated)
setSessionMessage(session, "You have deleted " + ratable.name + ".")
session.deletionTarget = None
session.put()
else :
setSessionMessage(session, "Invalid request.", True)
self.redirect('/student/')
def post(self, unused) :
"""
Adds a rating to the given object.
"""
session = getSessionByRequest(self)
key = self.request.get('key')
rating = self.request.get('rating')
if (not validRating(rating)) :
setSessionMessage(session, "Invalid rating.", False)
self.redirect("/student/addrating/%s" % key)
return
target = db.get(db.Key(key))
comment = self.request.get('comment')
if not comment :
comment = None
da = DataAccessor()
da.addRating(target, getSessionUser(session), rating, comment = comment)
setSessionMessage(session, "Added Rating.", False)
self.redirect("/student/")
def get(self, key=None):
"""
Deletes the user in question.
"""
DA = DataAccessor()
if key == "all":
for u in DA.getStudents():
DA.delete(u)
elif key:
user = db.get(db.Key(key))
DA.delete(user)
self.redirect("/admin/manageUsers")
import re
import string
import sys
import wsgiref.handlers
from google.appengine.api import users
from google.appengine.ext import db
from google.appengine.ext import webapp
from google.appengine.ext.webapp import template
from google.appengine.ext.webapp.util import login_required
# Set to true if we want to have our webapp print stack traces, etc
_DEBUG = True
#default admin login
DA = DataAccessor()
try:
DA.addAdmin('admin','000000')
except Usage:
pass
class Login(BaseRequestHandler):
def get(self):
"""
Generates the login page.
"""
session = getSessionByRequest(self)
if (getSessionUser(session)) :
self.redirect("/browse/")
return
def post(self, key=0):
"""
Edits the given rating.
"""
DA = DataAccessor()
rated = db.get(db.Key(key))
session = getSessionByRequest(self)
user = getSessionUser(session)
rating = getUserRating(user, rated)
if (not rating) :
setSessionMessage(session, "You cannot edit something you have not rated.", True)
self.redirect('/student')
return
q = DA.getAllRatings().filter("rated =", rated)
if q.count() != 1 :
setSessionMessage(session, "This item is no longer editable.", True);
self.redirect("/student/")
return
typename = rated.__class__.__name__
if typename == 'Book':
isbn = self.request.get('isbn')
title = self.request.get('title')
author = self.request.get('author')
DA.update( rated, isbn=isbn, title=title, author=author )
elif typename == 'Paper':
paperType = self.request.get('paperType').upper()
title = self.request.get('title')
author = self.request.get('author')
DA.update( rated, paperType=paperType, title=title, author=author )
elif typename == 'Course':
unique = self.request.get('unique')
courseNum = self.request.get('courseNum')
name = self.request.get('name')
semester = self.request.get('semester').upper()
instructor = self.request.get('instructor')
year = self.request.get('year')
DA.update( rated, unique=unique, courseNum=courseNum, name=name, semester=semester, year=year, instructor=instructor )
elif typename == 'Game':
platform = self.request.get('platform').upper()
title = self.request.get('title')
DA.update( rated, platform=platform, title=title )
elif typename in ['Internship', 'PlaceLive', 'PlaceEat', 'PlaceFun', 'PlaceLive', 'PlaceStudy'] :
name = self.request.get('name')
location = self.request.get('location')
semester = self.request.get('semester').upper()
year = self.request.get('year')
DA.update( rated, name=name, location=location, semester=semester, year=year )
if (validRating(self.request.get('rating'))) :
DA.update(rating, rating=int(self.request.get('rating')))
setSessionMessageByRequest(self, "Successfully updated rating.")
else :
setSessionMessageByRequest(self, "Invalid rating input. Keeping original", True)
self.redirect('/student')
