def register(self):
if not Validate.bool(self.settings('allow_local_registration','false')):
return HTTPFound(location=route_url('menu', self.request))
self.response['email'] = ''
if 'form.submitted' in self.request.params:
self.response['email'] = Validate.sanatize(self.request.params['email'])
password = Validate.sanatize(self.request.params['password'])
repassword = Validate.sanatize(self.request.params['re.password'])
if Users.by({'email':self.response['email']}).first():
self.response['message'] = "Email already in use"
return self.template('register.pt')
if not Validate.email(self.response['email']):
self.response['message'] = "Not a valid email address"
return self.template('register.pt')
if not Validate.password(password):
self.response['message'] = "Improper password."
return self.template('register.pt')
if repassword != password:
self.response['message'] = "Passwords do not match."
return self.template('register.pt')
# Below is good
Users.registerLocalUser(self.response['email'], password)
return HTTPFound(location=route_url('login', self.request))
return self.template('register.pt')
def register(self):
if not Validate.bool(self.settings("allow_local_registration", "false")):
return HTTPFound(location=route_url("menu", self.request))
self.response["email"] = ""
if "form.submitted" in self.request.params:
self.response["email"] = Validate.sanatize(self.request.params["email"])
password = Validate.sanatize(self.request.params["password"])
repassword = Validate.sanatize(self.request.params["re.password"])
if Users.by({"email": self.response["email"]}).first():
self.notify("Email already in use!", warn=True)
return self.template("register.pt")
if not Validate.email(self.response["email"]):
self.notify("Not a valid email address!", warn=True)
return self.template("register.pt")
if not Validate.password(password):
self.notify("Improper password!", warn=True)
return self.template("register.pt")
if repassword != password:
self.notify("Passwords do not match!", warn=True)
return self.template("register.pt")
# Below is good
Users.registerLocalUser(self.response["email"], password)
return HTTPFound(location=route_url("login", self.request))
return self.template("register.pt")
def local_login(self):
if "form.submitted" in self.request.params:
user = Users.by({"is_local": True, "email": self.request.params["email"]}).first()
if user and user.validate_password(self.request.params["password"]):
user = Users.login_updates(user)
return HTTPFound(location=route_url("alias", self.request), headers=remember(self.request, user.id))
self.notify("Please check your username or password!", warn=True)
return self.template("login.pt")
def local_login(self):
if 'form.submitted' in self.request.params:
user = Users.by({'is_local':True, 'email':self.request.params['email']}).first()
if user and user.validate_password(self.request.params['password']):
user = Users.login_updates(user);
return HTTPFound(location=route_url('alias', self.request), headers=remember(self.request, user.id))
self.response['message'] = 'Please check your username or password'
return self.template('login.pt')
def _generate_test(self):
category = Categories.by(self.category_id).first()
last_test = Tests.by({'category':category.name, 'alias':self.alias},sort='id desc').first()
# Create New Test
test = Tests(alias=self.alias, category=category.name, d2l_folder=category.d2l_folder, used_accessibility_view=self.used_accessibility_view)
# Copy values at time of generation, this in case values change in the future, personal results aren't effected.
test.wrong_answer_time_penalty = category.wrong_answer_time_penalty
test.max_wrong_answer_allowed = category.max_wrong_answer_allowed
test.question_time_allowed = category.question_time_allowed
DBSession.add(test)
DBSession.flush()
# Get and Randomize Questions
questionsets = QuestionSets.by({'category_id':self.category_id}).all()
random.shuffle(questionsets) # randomize first to guarentee all questions
questionsets = questionsets[0:category.playable_questions] # limit randomized
# Setup Unfinished Questions
for questionset in questionsets:
question = self._get_question_variation(questionset, last_test)
result = TestsResults(tests_id=test.id,
question_sets_id=questionset.id,
question=question,
answer_choices=TestManager.get_answers(questionset.id)
)
DBSession.add(result)
# okay below
DBSession.flush()
user = Users.by({'alias':self.alias}).first()
user.current_test = test.id
transaction.commit()
def tearDown(self):
user = Users.by({'email':'*****@*****.**'}).first()
DBSession.delete(user)
DBSession.flush()
DBSession.execute("ALTER TABLE users AUTO_INCREMENT = " + str(self.auto_increment_reset) + ";")
transaction.commit()
super(NoGroupPermissionTests,self).tearDown()
def d2l_instructor_grades(self):
uc = self.get_user_context()
if not isinstance(uc, d2lauth.D2LUserContext):
return uc # if no user_context is setup, return uc to d2l to get authorized.
try:
students = []
category = self.request.params.get('category','---')
if category != '---':
id = self.request.matchdict['id']
classlist = d2lservice.get_classlist(uc,org_unit_id=id)
for student in classlist:
email = str(student.props['Username']) + self.settings('d2l_append_email_address','')
student_summary = {'name': str(student.props['DisplayName']),
'email': email,
'bestgrade' : 'Incomplete',
}
user = Users.by({'email':email}).first()
if user:
test = Tests.by({'alias':user.alias,'category':category}, sort='total_percentage desc').first()
if test:
student_summary['bestgrade'] = str(test.percentage) + '%'
students.append(student_summary)
self.response['students'] = students
self.response['categories'] = Categories.all()
return self.template('instructors-grades.pt', theme='D2L')
except Exception as e:
print "ERROR: " + str(e) # log later?
return HTTPForbidden()
def edit_info(self):
users = Users.by(None,sort='last_active desc')
self.response['users_last_active'] = users.all()[0:5]
self.response['users_local_count'] = users.filter(getattr(Users,'is_local')==True).count()
self.response['users_non_local_count'] = users.filter(getattr(Users,'is_local')==False).count()
self.response['users_total_count'] = users.count()
return self.template('/edit-info.pt', theme='AdminPanel')
def next(self):
id = int(self.request.matchdict['id'])
category = self._secure_get_category(id)
self.response['finished'] = False
result = TestsResults.by({'tests_id':self.request.user.current_test, 'attempted':False}, sort='id asc').first()
if result:
c = Categories.by(id, user=self.request.user, permission=ACL.PLAY).first()
self.response['category'] = Result2Dict(c, purge=['category_intro'])
self.response['category']['transition_in'] = Result2Dict(c.get_transition_in())
self.response['category']['transition_out'] = Result2Dict(c.get_transition_out())
self.response['question'] = result.question
#self.response['answers'] = TestManager.get_answers(result.question_sets_id)
self.response['answers'] = result.get_answers()
result.attempted = True
user = Users.by(self.request.user.id).first()
user.current_question = result.question_sets_id
transaction.commit()
else:
test = Tests.by(self.request.user.current_test).first()
self.response['test_id'] = self.request.user.current_test
test.completed = True
transaction.commit()
self.response['finished'] = True
return self.response
def d2l_authorization(self):
uc = self.get_user_context()
if not isinstance(uc, d2lauth.D2LUserContext):
return uc # if no user_context is setup, return uc to d2l to get authorized.
try:
whoami = d2lservice.get_whoami(uc)
id = str(whoami.UniqueName) + self.settings('d2l_append_email_address','')
fullname = whoami.FirstName + u' ' + whoami.LastName
# if doesn't exist create it and update login info
category = self.request.params.get('category','0')
user = Users.by({'email':id}).first()
if not user:
Users.registerNonLocalUser(email=id, fullname=fullname)
user = Users.by({'email':id}).first() #retrieve new user
# auto group incoming users
if Validate.bool(self.request.params.get('group','false')):
user = Users.add_groups(user, Groups.groups_auto_assigned_by_category(category))
user = Users.login_updates(user)
# set session and send them to alias controller
return HTTPFound(location=route_url('alias', self.request, _query={'category':category} ),
headers=remember(self.request, user.id))
except Exception as e:
print "ERROR 0: " + str(e) # log later?
return HTTPForbidden()
def alias(self):
if self.request.user.alias:
return self.reroute()
self.response['alias'] = ''
self.response['accessibility'] = False
if 'form.submitted' in self.request.params:
self.response['alias'] = Validate.sanatize(self.request.params['alias'])
self.response['accessibility'] = Validate.bool(self.request.params.get('accessibility', False))
user = Users.by({'alias':self.response['alias']}).first()
if user:
self.response['message'] = 'Alias is already taken'
elif not Validate.alias(self.response['alias']):
self.response['message'] = 'Improper Alias'
else:
user = Users.by(self.request.user.id).first()
user.alias = self.response['alias']
user.needs_accessibility = self.response['accessibility']
transaction.commit()
return self.reroute()
return self.template('alias.pt')
def alias(self):
if self.request.user.alias:
return self.reroute()
self.response['alias'] = ''
self.response['category'] = self.request.params.get('category','0')
self.response['accessibility'] = False
if 'form.submitted' in self.request.params:
self.response['alias'] = Validate.sanatize(self.request.params['alias'])
self.response['accessibility'] = Validate.bool(self.request.params.get('accessibility', False))
user = Users.by({'alias':self.response['alias']}).first()
if user:
self.notify('Alias already in use!',warn=True)
elif not Validate.alias(self.response['alias']):
self.notify('Improper alias!',warn=True)
else:
user = Users.by(self.request.user.id).first()
user.alias = self.response['alias']
user.needs_accessibility = self.response['accessibility']
transaction.commit()
return self.reroute()
return self.template('alias.pt')
def edit_info(self):
# Analytics
if 'edit.info.analytics.submit' in self.request.params:
value = self.request.params.get('edit.info.analytics','')
analytics = Properties.by({'prop_name':'ANALYTICS'}).first()
analytics.prop_value = value
transaction.commit()
self.notify('Changes saved!')
self.response['analytics'] = Properties.get('ANALYTICS',default='')
# Site User Information
users = Users.by(None,sort='last_active desc')
self.response['users_last_active'] = users.all()[0:5]
self.response['users_local_count'] = users.filter(getattr(Users,'is_local')==True).count()
self.response['users_non_local_count'] = users.filter(getattr(Users,'is_local')==False).count()
self.response['users_total_count'] = users.count()
return self.template('/edit-info.pt', theme='AdminPanel')
def change_password(self):
user = Users.by(self.request.user.id).first()
if not user.is_local:
return HTTPForbidden()
if 'form.submitted' in self.request.params:
old = Validate.sanatize(self.request.params['old_password'])
new = Validate.sanatize(self.request.params['new_password'])
recheck = Validate.sanatize(self.request.params['new_recheck_password'])
if not Validate.password(new):
self.response['message'] = "Improper new password."
return self.template('change_password.pt')
if recheck != new:
self.response['message'] = "New passwords do not match."
return self.template('change_password.pt')
if user.validate_password(old):
user._set_password(new)
transaction.commit()
return self.template('change_password.pt')
def change_password(self):
user = Users.by(self.request.user.id).first()
if not user.is_local:
return HTTPForbidden()
if "form.submitted" in self.request.params:
old = Validate.sanatize(self.request.params["old_password"])
new = Validate.sanatize(self.request.params["new_password"])
recheck = Validate.sanatize(self.request.params["new_recheck_password"])
if not Validate.password(new):
self.notify("Improper new password!", warn=True)
return self.template("change_password.pt")
if recheck != new:
self.notify("New passwords do not match!", warn=True)
return self.template("change_password.pt")
if user.validate_password(old):
user._set_password(new)
transaction.commit()
return self.template("change_password.pt")
def test_player_playing_routine(self):
self._run_alias_creator()
#start
res = self.app.get('/category/1/playing', status=200)
self.assertTrue(res.status_code==200)
#next question
res = self.app.get('/category/1/playing/next', status=200)
self.assertTrue(res.status_code==200)
self.assertTrue("category" in res.body)
self.assertTrue("wrong_answer_time_penalty" in res.body)
self.assertTrue("transition_in" in res.body)
self.assertTrue("transition_out" in res.body)
#check answer
res = self.app.get('/category/1/playing/check?answer=1&time=5', status=200)
self.assertTrue(res.status_code==200)
self.assertTrue("duration" in res.body)
self.assertTrue("continue_on" in res.body)
self.assertTrue("was_correct" in res.body)
#result
res = self.app.get('/category/1/playing/result', status=200)
self.assertTrue(res.status_code==200)
self.assertTrue("ranking" in res.body)
self.assertTrue("category" in res.body)
self.assertTrue("competitive" in res.body)
self.assertTrue("percentage" in res.body)
self.assertTrue("answer_help" in res.body)
#get user
user = Users.by({'email':'*****@*****.**'}).first()
#score
res = self.app.get('/profile/score/' + str(user.current_test), status=200)
self.assertTrue(res.status_code==200)
def groupfinder(userid, request):
if Users.by(userid).first():
results = DBSession.query(Users,Groups).filter(Users.id == userid).join(Users.groups).all()
return [result.Groups.name for result in results]
return []
def user(self):
userid = unauthenticated_userid(self)
if userid is not None:
return Users.by(userid).first()
def edit_groups(self):
lookup = self.request.params.get('edit.user.find','')
self.response['email'] = self.request.params.get('edit.user.find.email','')
self.response['user'] = Users.by({'email':self.response['email']}).first()
if self.response['user'] and lookup:
self.notify('User found')
if self.response['email'] and not self.response['user'] and lookup:
self.notify('No user found',warn=True)
self.response['editing_group'] = None
# add/remove users from groups
if 'edit.user.group.add.submit' in self.request.params:
id = self.request.params.get('edit.user.group.add','')
group = Groups.by(id).first()
self.response['user'].groups.append(Groups.by(id).first())
transaction.commit()
self.notify('Added user to group')
self.response['editing_group'] = Groups.by(id).first()
self.response['user'] = Users.by({'email':self.response['email']}).first()
if 'edit.user.group.remove.submit' in self.request.params:
id = self.request.params.get('edit.user.group.remove','')
self.response['user'].groups.remove(Groups.by(id).first())
transaction.commit()
self.notify('Removed user from group')
self.response['user'] = Users.by({'email':self.response['email']}).first()
if 'edit.group.find.submit' in self.request.params:
id = self.request.params.get('edit.group.find','')
self.response['editing_group'] = Groups.by(id).first()
if 'edit.group.edit.submit' in self.request.params:
id = self.request.params.get('edit.group.edit.id','')
group = Groups.by(id).first()
group.name = self.request.params.get('edit.group.edit.name','No name')
group.description = self.request.params.get('edit.group.edit.description','No Description')
group.play = Validate.bool(self.request.params.get('edit.group.edit.play', False))
group.edit = Validate.bool(self.request.params.get('edit.group.edit.edit', False))
group.review = Validate.bool(self.request.params.get('edit.group.edit.review', False))
cats = []
for cid in self.request.params.getall('edit.group.edit.categories'):
cats.append(Categories.by(int(cid)).first())
group.categories = cats
transaction.commit()
self.response['editing_group'] = Groups.by(id).first()
self.notify('Changes saved!')
if 'edit.group.new.submit' in self.request.params:
i = Groups.newest().id + 1
DBSession.add(Groups(name='New Group' + str(i)))
transaction.commit()
self.response['editing_group'] = Groups.newest()
self.notify('Added group!')
if 'edit.group.delete.submit' in self.request.params:
id = int(self.request.params.get('edit.group.find','0'))
if id not in [1,2,3]:
try:
group = Groups.by(id).first()
DBSession.delete(group)
transaction.commit()
self.notify('Removed group!')
except exc.SQLAlchemyError:
self.notify("You can't delete this group. It has user and category dependencies.",warn=True)
else:
self.notify("Can't remove permanent group!",warn=True)
self.response['groups'] = Groups.all()
self.response['categories'] = Categories.all()
return self.template('/edit-groups.pt', theme='AdminPanel')
def setUp(self):
super(NoGroupPermissionTests,self).setUp()
Users.registerLocalUser(email='*****@*****.**', password='******', groups=[])
user = Users.by({'email':'*****@*****.**'}).first()
self.auto_increment_reset = user.id
def edit_groups(self):
self.response['email'] = self.request.params.get('edit.find.user','')
self.response['user'] = Users.by({'email':self.response['email']}).first()
self.response['editing_group'] = None
# add/remove users from groups
if 'edit.user.group.add.submit' in self.request.params:
id = self.request.params.get('edit.user.group.add','')
group = Groups.by(id).first()
self.response['user'].groups.append(Groups.by(id).first())
transaction.commit()
self.response['message'] = "Added user to group"
self.response['message_class'] = "info"
self.response['editing_group'] = Groups.by(id).first()
self.response['user'] = Users.by({'email':self.response['email']}).first()
if 'edit.user.group.remove.submit' in self.request.params:
id = self.request.params.get('edit.user.group.remove','')
self.response['user'].groups.remove(Groups.by(id).first())
transaction.commit()
self.response['message'] = "Removed user from group"
self.response['message_class'] = "info"
self.response['user'] = Users.by({'email':self.response['email']}).first()
if 'edit.group.find.submit' in self.request.params:
id = self.request.params.get('edit.group.find','')
self.response['editing_group'] = Groups.by(id).first()
if 'edit.group.edit.submit' in self.request.params:
id = self.request.params.get('edit.group.edit.id','')
group = Groups.by(id).first()
group.name = self.request.params.get('edit.group.edit.name','No name')
group.description = self.request.params.get('edit.group.edit.description','No Description')
group.play = Validate.bool(self.request.params.get('edit.group.edit.play', False))
group.edit = Validate.bool(self.request.params.get('edit.group.edit.edit', False))
group.review = Validate.bool(self.request.params.get('edit.group.edit.review', False))
cats = []
for cid in self.request.params.getall('edit.group.edit.categories'):
cats.append(Categories.by(int(cid)).first())
group.categories = cats
transaction.commit()
self.response['editing_group'] = Groups.by(id).first()
self.response['message'] = "Edit successful"
self.response['message_class'] = "info"
if 'edit.group.new.submit' in self.request.params:
i = Groups.newest().id + 1
DBSession.add(Groups(name='New Group' + str(i)))
transaction.commit()
self.response['editing_group'] = Groups.newest()
self.response['message'] = "Added new group"
self.response['message_class'] = "info"
if 'edit.group.delete.submit' in self.request.params:
id = int(self.request.params.get('edit.group.find','0'))
if id not in [1,2,3]:
try:
group = Groups.by(id).first()
DBSession.delete(group)
transaction.commit()
self.response['message'] = "Deleted group"
self.response['message_class'] = "info"
except exc.SQLAlchemyError:
self.response['message'] = "You can't delete this group. It has user and category dependencies."
else:
self.response['message'] = "You can't delete this permanent group"
self.response['groups'] = Groups.all()
self.response['categories'] = Categories.all()
return self.template('/edit-groups.pt', theme='AdminPanel')