Esempio n. 1
0
    def context(self, data, check, mutator):
        """Handler for default HTTP GET request."""
        context = {
            'page_name': 'Age Verification for %s' % data.program.name,
            'program': data.program,
            'failed_check': False
        }

        age_check_result = data.request.COOKIES.get('age_check', None)

        if age_check_result == '0':
            context['failed_check'] = True
        elif age_check_result:
            # age check passed, redirect to create profile page
            # TODO(nathaniel): Can this be cleaned up at all? Creating and
            # discarding a response feels weird.
            response = data.redirect.createProfile('student').to(
                url_names.GCI_PROFILE_CREATE, secure=True)
            raise exception.Redirect(response['Location'])

        if data.POST:
            context['form'] = AgeCheckForm(data=data.POST)
        else:
            context['form'] = AgeCheckForm()

        return context
Esempio n. 2
0
  def checkAccess(self, data, check, mutator):
    mutator.studentEvaluationFromKwargs()
    mutator.studentEvaluationRecordFromKwargs()

    assert isSet(data.student_evaluation)

    if user_logic.isHostForProgram(data.ndb_user, data.program.key()):
      return

    show_url = data.redirect.survey_record(
          data.student_evaluation.link_id).urlOf(
          'gsoc_show_student_evaluation')
    check.isStudentSurveyActive(
        data.student_evaluation, data.url_ndb_profile, show_url=show_url)

    check.isProfileActive()
    # TODO(dcrodman): When GSoCProject is converted to NDB, this Key
    # conversion will need to be removed.
    org_key = project_model.GSoCProject.org.get_value_for_datastore(
        data.url_project)
    org_key = ndb.Key.from_old_key(org_key)

    if data.orgAdminFor(org_key):
      raise exception.Redirect(show_url)

    check.canUserTakeSurvey(data.student_evaluation, 'student')
    check.isStudentForSurvey()
Esempio n. 3
0
    def isStudentSurveyActive(self, survey, student, show_url=None):
        """Checks if the student survey can be taken by the specified student.

    Args:
      survey: a survey entity.
      student: a student profile entity.
      show_url: survey show page URL to which the user should be redirected.

    Raises:
      exception.Redirect: if the active period is over and URL to redirect
        is specified.
      exception.Forbidden: if it is not possible to access survey
        at this time.
    """
        active_period = survey_logic.getSurveyActivePeriod(survey)
        if active_period.state != survey_logic.IN_PERIOD_STATE:
            # try finding a personal extension for the student
            extension = survey_logic.getPersonalExtension(
                student.key, survey.key())
            active_period = survey_logic.getSurveyActivePeriod(
                survey, extension=extension)

            if active_period.state == survey_logic.POST_PERIOD_STATE and show_url:
                raise exception.Redirect(show_url)

            if active_period.state != survey_logic.IN_PERIOD_STATE:
                raise exception.Forbidden(
                    message=DEF_PAGE_INACTIVE_OUTSIDE %
                    (active_period.start, active_period.end))
Esempio n. 4
0
def ensureLoggedOut(data):
    """Ensures that the user is logged out.

  Args:
    data: request_data.RequestData for the current request.

  Raises:
    exception.Redirect: If the user is logged in this
      exception will redirect them to the logout page.
  """
    if data.gae_user:
        raise exception.Redirect(links.LINKER.logout(data.request))
Esempio n. 5
0
    def checkAccess(self, data, check, mutator):
        check.isLoggedIn()
        check.isProgramVisible()
        check.isOrganizationInURLActive()
        check.isOrgAdminForOrganization(data.url_ndb_org.key.to_old_key())

        check.isSlotTransferActive()
        mutator.slotTransferEntities()
        if not data.slot_transfer_entities:
            if 'new' not in data.kwargs:
                url = links.LINKER.organization(data.url_ndb_org.key,
                                                'gsoc_update_slot_transfer')
                raise exception.Redirect(url)
Esempio n. 6
0
    def canApplyStudent(self, edit_url):
        """Checks if the user can apply as a student.
    """
        self.isLoggedIn()

        if self.data.ndb_profile and self.data.ndb_profile.is_student:
            raise exception.Redirect(edit_url)

        self.studentSignupActive()

        if not self.data.ndb_profile:
            return

        raise exception.Forbidden(
            message=DEF_ALREADY_PARTICIPATING_AS_NON_STUDENT %
            self.data.program.name)
Esempio n. 7
0
    def handle(self):
        http = httplib2.Http()
        credentials = decorator.get_credentials()
        http = credentials.authorize(http)
        drive_service = build('drive', 'v2', http=http)
        shipment_info_id = int(self.data.kwargs['id'])
        program_key = ndb.Key.from_old_key(self.data.program.key())
        shipment_info = shipment_tracking.ShipmentInfo.get_by_id(
            shipment_info_id, parent=program_key)
        usa_url = URL_FMT % (shipment_info.spreadsheet_id, 0)
        intl_url = URL_FMT % (shipment_info.spreadsheet_id, 1)

        #get sheet content for USA students
        resp, usa_sheet_content = drive_service._http.request(usa_url)
        if resp.status != 200:
            logging.error('An error occurred: %s', resp)

        resp, intl_sheet_content = drive_service._http.request(intl_url)
        if resp.status != 200:
            logging.error('An error occurred: %s', resp)

        task_start_url = links.SOC_LINKER.site(
            url_names.GSOC_SHIPMENT_TASK_START)

        #start task for USA students
        params = {
            'program_key': str(self.data.program.key()),
            'sheet_content': json.dumps(usa_sheet_content),
            'sheet_type': 'usa',
            'shipment_info_id': shipment_info_id,
        }
        taskqueue.add(url=task_start_url, params=params)

        #start task for international students
        params = {
            'program_key': str(self.data.program.key()),
            'sheet_content': json.dumps(intl_sheet_content),
            'sheet_type': 'intl',
            'shipment_info_id': shipment_info_id,
        }
        taskqueue.add(url=task_start_url, params=params)

        #return back to sync data page
        result_url = links.SOC_LINKER.program(self.data.program,
                                              url_names.GSOC_SHIPMENT_LIST)
        raise exception.Redirect(result_url)
Esempio n. 8
0
    def context(self, data, check, mutator):
        """See base.RequestHandler.context for specification."""
        # TODO(daniel): these models should not be imported directly here
        from soc.modules.gsoc.models import program as soc_program_model
        from soc.modules.gci.models import program as ci_program_model

        program_sections = []

        if data.site.latest_gsoc:
            latest_soc = soc_program_model.GSoCProgram.get_by_key_name(
                data.site.latest_gsoc)
            if latest_soc:
                program_sections.append(
                    ProgramSection(
                        data, latest_soc,
                        SOC_PROGRAM_IMAGE_PATH % latest_soc.program_id))

        if data.site.latest_gci:
            latest_ci = ci_program_model.GCIProgram.get_by_key_name(
                data.site.latest_gci)
            if latest_ci:
                program_sections.append(
                    ProgramSection(
                        data, latest_ci,
                        CI_PROGRAM_IMAGE_PATH % latest_ci.program_id))

        if len(program_sections) == 1:
            # do not bother to show landing page if there is only one active program
            # just redirect to the corresponding home page instead
            raise exception.Redirect(
                program_sections[0].context()['homepage_url'])
        else:
            active_programs_counter = len([
                program_section for program_section in program_sections
                if program_section.isActive()
            ])

            contact_us_section = ContactUsSection(data)

            return {
                'active_programs_counter': active_programs_counter,
                'contact_us_section': contact_us_section,
                'program_sections': program_sections,
                'page_name': LANDING_PAGE_NAME,
            }
Esempio n. 9
0
    def isSurveyActive(self, survey, show_url=None):
        """Checks if the survey in the request data is active.

    Args:
      survey: the survey entity for which the access must be checked
      show_url: The survey show page url to which the user must be
          redirected to
    """
        assert isSet(self.data.program)
        assert isSet(self.data.timeline)

        if self.data.timeline.surveyPeriod(survey):
            return

        if self.data.timeline.afterSurveyEnd(survey) and show_url:
            raise exception.Redirect(show_url)

        raise exception.Forbidden(message=DEF_PAGE_INACTIVE_OUTSIDE %
                                  (survey.survey_start, survey.survey_end))
Esempio n. 10
0
    def editProfilePostAction(self, data, check, mutator):
        """Handler for regular (edit/create profile) POST action."""
        if not self.validate(data):
            # TODO(nathaniel): problematic self-call.
            return self.get(data, check, mutator)

        org_id = data.GET.get('new_org')

        if org_id:
            create_url = self.linker.program(data.program,
                                             'create_gci_org_profile')
            raise exception.Redirect(create_url + '?org_id=' + org_id)
        else:
            # TODO(nathaniel): make this .program() call unnecessary.
            data.redirect.program()

            return data.redirect.to(self._getEditProfileURLName(),
                                    validated=True,
                                    secure=True)
Esempio n. 11
0
 def post(self, data, check, mutator):
     form = ShipmentInfoForm(data=data.POST)
     error = bool(form.errors)
     if error:
         rendered_form = self.renderForm(data)
         return http.HttpResponse(content=rendered_form)
     else:
         # TODO(daniel): find a better solution for creating entities from forms
         # that use ndb
         name = form.cleaned_data['name']
         spreadsheet_id = form.cleaned_data['spreadsheet_id']
         entity = shipment_tracking.ShipmentInfo(
             name=name,
             spreadsheet_id=spreadsheet_id,
             parent=ndb.Key.from_old_key(data.program.key()))
         entity.put()
         shipment_id = entity.key.id()
         edit_url = links.SOC_LINKER.shipmentInfo(
             data.program, shipment_id, url_names.GSOC_EDIT_SHIPMENT_INFO)
         raise exception.Redirect(edit_url)
Esempio n. 12
0
    def context(self, data, check, mutator):
        form = LookupForm(request_data=data, data=data.POST or None)
        error = bool(form.errors)

        forms = [form]
        profile = None

        if not form.errors and data.request.method == 'POST':
            profile = form.cleaned_data.get('profile')

        if profile:
            raise exception.Redirect(
                links.SOC_LINKER.profile(profile, urls.UrlNames.PROFILE_ADMIN))
        else:
            return {
                'forms': forms,
                'error': error,
                'posted': error,
                'page_name': 'Lookup profile',
            }
Esempio n. 13
0
    def canApplyNonStudent(self, role, edit_url):
        """Checks if the user can apply as a mentor or org admin.
    """
        self.isLoggedIn()

        if self.data.ndb_profile and not self.data.ndb_profile.is_student:
            raise exception.Redirect(edit_url)

        if role == 'org_admin' and self.data.timeline.beforeOrgSignupStart():
            period = self.data.timeline.orgSignupStart()
            raise exception.Forbidden(message=DEF_PAGE_INACTIVE_BEFORE %
                                      period)

        if role == 'mentor' and not self.data.timeline.orgsAnnounced():
            period = self.data.timeline.orgsAnnouncedOn()
            raise exception.Forbidden(message=DEF_PAGE_INACTIVE_BEFORE %
                                      period)

        if self.data.ndb_profile:
            raise exception.Forbidden(
                message=DEF_ALREADY_PARTICIPATING_AS_STUDENT %
                (role, self.data.program.name))
Esempio n. 14
0
def redirect(self, uri):
    raise exception.Redirect(uri)
Esempio n. 15
0
 def isLoggedOut(self):
     """Ensures that the user is logged out."""
     if self.data.gae_user:
         raise exception.Redirect(links.LINKER.logout(self.data.request))
Esempio n. 16
0
    def checkAccess(self, data, check, mutator):
        """Checks whether this task is visible to the public and any other checks
    if it is a POST request.
    """
        mutator.taskFromKwargs(comments=True, work_submissions=True)
        data.is_visible = check.isTaskVisible()

        if task_logic.updateTaskStatus(data.task):
            # The task logic updated the status of the task since the deadline passed
            # and the GAE task was late to run. Reload the page.
            raise exception.Redirect('')

        if data.request.method == 'POST':
            # Access checks for the different forms on this page. Note that there
            # are no elif clauses because one could add multiple GET params :).
            check.isProfileActive()

            # Tasks for non-active organizations cannot be touched
            check.isOrganizationActive(data.task.org)

            if 'reply' in data.GET:
                # checks for posting comments
                # valid tasks and profile are already checked.
                check.isBeforeAllWorkStopped()
                check.isCommentingAllowed()

            if 'submit_work' in data.GET:
                check.isBeforeAllWorkStopped()
                if not task_logic.canSubmitWork(data.task, data.ndb_profile):
                    check.fail(DEF_NOT_ALLOWED_TO_UPLOAD_WORK)

            if 'button' in data.GET:
                # check for any of the buttons
                button_name = self._buttonName(data)

                buttons = {}
                TaskInformation(data).setButtonControls(buttons)
                if not buttons.get(button_name):
                    check.fail(DEF_NOT_ALLOWED_TO_OPERATE_BUTTON % button_name)

            if 'send_for_review' in data.GET:
                check.isBeforeAllWorkStopped()
                if not task_logic.isOwnerOfTask(data.task, data.ndb_profile) or \
                    not data.work_submissions or \
                    data.task.status not in TASK_IN_PROGRESS:
                    check.fail(DEF_CANT_SEND_FOR_REVIEW)

            if 'delete_submission' in data.GET:
                check.isBeforeAllWorkStopped()
                task_id = self._submissionId(data)
                work = work_submission_model.GCIWorkSubmission.get_by_id(
                    task_id, parent=data.task)

                if not work:
                    check.fail(DEF_NO_WORK_FOUND % id)

                user_key = ndb.Key.from_old_key(
                    task_model.GCIWorkSubmission.user.get_value_for_datastore(
                        work))
                time_expired = work.submitted_on - datetime.datetime.now()
                if (user_key != data.ndb_user.key
                        or time_expired > task_logic.DELETE_EXPIRATION):
                    check.fail(DEF_NOT_ALLOWED_TO_DELETE)
Esempio n. 17
0
 def redirect(self, uri, permanent=False):  # pylint:disable=arguments-differ
     raise exception.Redirect(uri)