def get_ticket_messages(ticket_id):
"""
Retrieve messages in ticket.
"""
current_identity = get_current_user()
ticket = Ticket.query.get(ticket_id)
if is_user_relevant_to_ticket(current_identity, ticket):
return rp_message.retrieve_all_request(ticket_id,
get_current_user(),
read=True)
else:
return Iresponse.create_response('Unauthorized', 403)
def retrieve_user():
"""
Returns the user model of the current user.
"""
current_identity = get_current_user()
if current_identity is None:
return Iresponse.create_response("", 404)
student, ta, supv, usr = {}, {}, {}, {}
student = database.serialize_list(current_identity.student_courses)
ta = database.serialize_list(current_identity.ta_courses)
supv = database.serialize_list(current_identity.supervisor_courses)
usr = current_identity.serialize
usr['student'] = student
usr['ta'] = ta
usr['supervisor'] = supv
usr['roles'] = []
if len(usr['student']) >= 1:
usr['roles'].append('student')
if len(usr['ta']) >= 1:
usr['roles'].append('ta')
if len(usr['supervisor']) >= 1:
usr['roles'].append('supervisor')
return Iresponse.create_response({'user': usr}, 200)
def unread_messages():
"""
Retrieve all unread messages of this user.
If in the url the param course_id is specified
only the unread messages with a course_id matching
the specified course_id will be returned.
"""
specified_course = request.args.get('course_id')
current_identity = get_current_user()
tmp = {}
unread = current_identity.unread
for msg in unread:
if str(msg.ticket_id) not in tmp:
if specified_course is not None:
tick = Ticket.query.filter_by(id=msg.ticket_id).first()
if str(tick.course_id) != str(specified_course):
continue
ticket_id = str(msg.ticket_id)
tmp[ticket_id] = {'ticket': msg.ticket.serialize, 'n': 0}
if current_identity in msg.ticket.bound_tas:
tmp[ticket_id]['ta'] = True
else:
tmp[ticket_id]['ta'] = False
tmp[ticket_id]['n'] += 1
return Iresponse.create_response(tmp, 200)
def verify_ta_rights_in_course(*args, **kwargs):
"""
Function that verifies that an user has ta rights in the specified
course. This function required that the course_id is specified
in the decorator.
Returns on failure:
- Iresponse 400: if the user can not be extracted from the jwt.
- Iresponse 404: if the course can not be found.
- Iresponse 403: if the user is not a teaching assistant
in the course.
Returns on succes:
- Calls the decorated function, with the following params:
(course, user, *args, **kwargs).
So the decorated function should always accept atleast two params,
namely the course and user, in that order.
Extra params, should come after the course and user.
"""
verify_jwt_in_request()
curr_user = get_current_user()
course = Course.Course.query.get(course_id)
if curr_user is None:
return Iresponse.create_response("", 400)
if course is None:
return Iresponse.create_response("Course not found", 404)
if curr_user not in course.ta_courses:
if curr_user not in course.supervisors:
return Iresponse.create_response("", 403)
return func(course, curr_user, *args, **kwargs)
def create_message(ticket_id):
"""
Create a new message.
"""
json_data = request.get_json()
if request is None:
return Iresponse.empty_json_request()
current_identity = get_current_user()
json_data["studentid"] = current_identity.id
userId = escape(json_data["studentid"])
msg = rp_message.create_request(json_data, ticket_id)
ticket = Ticket.query.get(ticket_id)
user = User.query.get(userId)
if (ticket.user_id != user.id):
message = createdEmailMessage(ticket.title, [ticket.email], ticket_id,
json_data['message'], user.name)
if current_app.config['SEND_MAIL_ON_MESSAGE']:
print("send email")
app = current_app._get_current_object()
thr = Thread(target=sendAsyncEmail, args=[message, app])
thr.start()
return msg
def get_user(user_id):
"""
Retrieve user credentials.
"""
user = get_current_user()
if user is None:
return Iresponse.create_response("", 404)
return Iresponse.create_response(user.serialize, 200)
def retrieve_user_tickets():
"""
Returns all the tickets of the user.
"""
curr_user = get_current_user()
tickets = Ticket.query.filter_by(user_id=curr_user.id).all()
return Iresponse.create_response(database.serialize_list(tickets), 200)
def get_user_ticket_for_course(course_id):
"""
Function that gets all the tickets of a user in the course with
id: <course_id>
"""
curr_user = get_current_user()
tickets = Ticket.query.filter(Ticket.user_id == curr_user.id,
Ticket.course_id == course_id).all()
return Iresponse.create_response(database.serialize_list(tickets), 200)
def get_courses_user_is_ta_in():
"""
Retrieve the courses where user is a teaching assistant.
"""
curr_user = get_current_user()
if curr_user is None:
return Iresponse.create_response("", 404)
courses = curr_user.ta_courses
return Iresponse.create_response(database.serialize_list(courses), 200)
def retrieve_active_user_tickets(user_id):
"""
Gets all the active tickets of a user with id: <user_id>
"""
current_identity = get_current_user()
user_id = current_identity.id
tickets = Ticket.query.filter(
Ticket.user_id == user_id,
Ticket.status_id != TicketStatus.closed).all()
return Iresponse.create_response(database.serialize_list(tickets), 200)
def retrieve_user_leveldata():
"""
Retrieves the level and experience points of loged in user
"""
current_identity = get_current_user()
user_id = current_identity.id
user = User.query.get(user_id)
response = {}
response['level'] = level = user.level
response['experience'] = user.experience
return Iresponse.create_response(response, 200)
def retrieve_single_ticket(ticket_id):
"""
Retrieve single ticket from database.
"""
current_identity = get_current_user()
ticket = Ticket.query.get(ticket_id)
if is_user_relevant_to_ticket(current_identity, ticket):
ticketObj = Ticket.query.get(ticket_id)
else:
return Iresponse.create_response('Unauthorized', 403)
if ticketObj is None:
return Iresponse.create_response("", 404)
return Iresponse.create_response(ticketObj.serialize, 200)
def close_ticket(ticket_id):
"""
Close ticket when is has been handled.
"""
current_identity = get_current_user()
try:
ticket = Ticket.query.get(ticket_id)
if is_user_relevant_to_ticket(current_identity, ticket):
ticket.close
database.db.session.commit()
notifications.notify(current_identity.id, ticket, 'Closed ticket',
Message.NTFY_TYPE_CLOSED)
else:
return Iresponse.create_response('Unauthorized', 403)
except Exception as e:
print(e) # LOGGING
return Iresponse.create_response("Error", 400)
return Iresponse.create_response(
{
'status': "success",
'message': 'ticket closed'
}, 200)
def verify_roles(*args, **kwargs):
"""
Function that verifies that an user is a ta in the specified
course. This function required that the course_id is specified
in the decorator.
Returns on failure:
- Iresponse 400: if the user can not be extracted from the jwt.
- Iresponse 404: if the course can not be found.
- Iresponse 403: if the user is not a teaching assistant
in the course.
Returns on succes:
- Calls the decorated function, with the following params:
(course, user, *args, **kwargs).
So the decorated function should always accept atleast two params,
namely the course and user, in that order.
Extra params, should come after the course and user.
"""
verify_jwt_in_request()
curr_user = get_current_user()
c_ta = 'ta' in roles
c_ta &= len(curr_user.ta_courses) > 0
c_stud = 'student' in roles
c_stud &= len(curr_user.student_courses) > 0
c_super = 'supervisor' in roles
c_super &= len(curr_user.supervisor_courses) > 0
if curr_user is None:
return Iresponse.create_response("", 400)
if type(roles) != list:
return Iresponse.create_response("", 500)
if not c_ta and not c_stud and not c_super:
return Iresponse.create_response(
"User doesn\'t have a correct role.", 403)
return fn(*args, **kwargs)
def create_ticket():
"""
Check ticket submission and add to database.
"""
print(request.headers)
# Mandatory check to comply with incompatible testing.
formdata = None
if request.get_json():
data = request.get_json()
formdata = {
'subject': data['subject'],
'message': data['message'],
'courseid': data['courseid'],
'labelid': data['labelid'],
}
else:
formdata = request.form
if hasattr(request, 'files'):
if request.files != '':
filecount = 0
file_names = list()
for file_id in request.files:
filecount += 1
if filecount > 5:
return Iresponse.create_response("Too many files", 400)
file = request.files[file_id]
if not rp_file.save_file(file, file_names):
print("invalid file")
return Iresponse.create_response("File too large", 400)
if not json_validation.validate_json(
formdata, ['message', 'subject', 'courseid', 'labelid']):
return Iresponse.create_response("Malformed request", 400)
message = escape(formdata['message'])
subject = escape(formdata['subject'])
courseid = escape(formdata['courseid'])
labelid = escape(formdata['labelid'])
ticket_data = {
'message': message,
'subject': subject,
'courseid': courseid,
'labelid': labelid,
'files': file_names
}
if not course_validation.check_course_validity(courseid, labelid):
for file in file_names:
rp_file.remove_file(file)
return Iresponse.create_response("Invalid Course/Label", 400)
current_identity = get_current_user()
ticket_data['studentid'] = current_identity.id
ticket_data['name'] = current_identity.name
ticket_data['email'] = current_identity.email
if not json_validation.validate_ticket_data(ticket_data):
for file in file_names:
rp_file.remove_file(file)
return Iresponse.create_response("Invalid ticket data", 400)
response = rp_ticket.create_request(ticket_data)
return response
def get_ta_tickets():
"""
Get tickets for given teaching assistant
"""
current_identity = get_current_user()
return rp_ticket.get_assigned_tickets(current_identity)
