def grader_detail(self, request, *args, **kwargs): # Retrieve grading info if request.method in permissions.SAFE_METHODS: return self.retrieve(request, *args, **kwargs) ## submit grade info # get user and related exercise and submission user = request.user if not isinstance(user, GraderUser): raise PermissionDenied( "Posting to grading url is only allowed with grader " "authentication token" ) exercise = user._exercise submission = user._submission # compare submission linked to grader token to submission in url if submission != self.submission: raise PermissionDenied( "You are not allowed to grade other submissions than what " "your grader authentication token is for" ) return Response(_post_async_submission(request, exercise, submission))
def grader_detail(self, request, *args, **kwargs): # Retrieve grading info if request.method in permissions.SAFE_METHODS: return self.retrieve(request, *args, **kwargs) ## submit and grade new ssubmission # Onyl grader is allowed to post to this resource user = request.user if not isinstance(user, GraderUser): raise PermissionDenied( "Posting to grading url is only allowed with grader " "authentication token" ) # compare exercise linked to grader token with exercise defined in url exercise = user._exercise if exercise != self.exercise: raise PermissionDenied( "You are allowed only to create new submission to exercise " "that your grader atuhentication token is for." ) # resolve submiting user from grader token student_id = user._extra.get('student_id', None) if not student_id and student_id != 0: raise PermissionDenied( "There is no user_id stored in your grader authentication token, " "so it can't be used to create new submission." ) try: student = UserProfile.objects.get(user_id=student_id) except UserProfile.DoesNotExist: raise PermissionDenied( "User_id in your grader authentication token doesn't really exist, " "so you can't create new submission with your grader token." ) # make sure this was not submission token (after above check this should ever trigger) if user._submission is not None: raise PermissionDenied( "This grader authentication token is for specific submission, " "thus you can't create new submission with it." ) # find out if student can submit new exercise and if ok create submission template status, errors, students = exercise.check_submission_allowed(student) if status != exercise.SUBMIT_STATUS.ALLOWED: return Response({'success': False, 'errors': errors}) submission = Submission.objects.create(exercise=exercise) submission.submitters = students # grade and update submission with data return Response(_post_async_submission(request, exercise, submission, errors))
def grader_detail(self, request, *args, **kwargs): # Retrieve grading info if request.method in permissions.SAFE_METHODS: return self.retrieve(request, *args, **kwargs) ## submit and grade new ssubmission # Onyl grader is allowed to post to this resource user = request.user if not isinstance(user, GraderUser): raise PermissionDenied( "Posting to grading url is only allowed with grader " "authentication token" ) info = user.permissions.submissions.get_create(exercise=self.exercise)[1] if info is None: raise PermissionDenied( "You are allowed only to create new submission to exercise " "that your grader atuhentication token is for." ) # resolve submiting user from grader token user_id = info.get("user_id") if not user_id and user_id != 0: raise PermissionDenied( "There is no user_id stored in your grader authentication token, " "so it can't be used to create new submission." ) try: student = UserProfile.objects.get(user_id=user_id) except UserProfile.DoesNotExist: raise PermissionDenied( "User_id in your grader authentication token doesn't really exist, " "so you can't create new submission with your grader token." ) # find out if student can submit new exercise and if ok create submission template status, errors, students = self.exercise.check_submission_allowed(student) if status != self.exercise.SUBMIT_STATUS.ALLOWED: return Response({'success': False, 'errors': errors}) submission = Submission.objects.create(exercise=self.exercise) submission.submitters.set(students) # grade and update submission with data return Response(_post_async_submission(request, self.exercise, submission, errors))