def remove_assignment(lti=None): assignment_id = request.values.get('assignment_id', None) if assignment_id == None: return jsonify(success=False, message="Need assignment_id.") assignment = Assignment.by_id(int(assignment_id)) if not g.user.is_instructor(assignment.course_id): return jsonify(success=False, message="You are not an instructor in this assignment's course.") Assignment.remove(assignment.id) return jsonify(success=True)
def remove_assignment(lti=lti): assignment_id = request.values.get('assignment_id', None) if assignment_id is None: return jsonify(success=False, message="No assignment id") user, roles, course = ensure_canvas_arguments() if not User.is_lti_instructor(roles): return jsonify(success=False, message="You are not an instructor in this course.") # TODO: Security hole, evil instructors could remove assignments outside of their course Assignment.remove(assignment_id) return jsonify(success=True)
def remove_assignment(lti=lti): assignment_id = request.values.get('assignment_id', None) if assignment_id is None: return jsonify(success=False, message="No assignment id") user, roles, course = ensure_canvas_arguments() if not User.is_lti_instructor(roles): return jsonify(success=False, message="You are not an instructor in this course.") # TODO: Security hole, evil instructors could remove assignments outside of their course Assignment.remove(assignment_id) return jsonify(success=True)