def get_course_lti_id(self, course):
"""Gets the assignment lti_id that belongs to the course assignment pair if it exists."""
if not isinstance(course, Course):
raise VLEProgrammingError("Expected instance of type Course.")
intersection = list(
set(self.lti_id_set).intersection(course.assignment_lti_id_set))
return intersection[0] if intersection else None
def is_participant(self, obj):
if self.is_superuser:
return True
if isinstance(obj, Course):
return Course.objects.filter(pk=obj.pk, users=self).exists()
if isinstance(obj, Assignment):
return Assignment.objects.filter(pk=obj.pk,
courses__users=self).exists()
raise VLEProgrammingError(
"Participant object must be of type Course or Assignment.")
def _get_course(self, assignment):
if 'course' not in self.context or not self.context['course']:
return assignment.get_active_course()
else:
if not self.context['course'] in assignment.courses.all():
raise VLEProgrammingError('Wrong course is supplied')
elif not self.context['user'].is_participant(
self.context['course']):
raise VLEParticipationError(self.context['course'],
self.context['user'])
return self.context['course']
def has_permission(self, permission, obj=None):
"""
Returns whether the user has the given permission.
If obj is None, it tests the general permissions.
If obj is a Course, it tests the course permissions.
If obj is an Assignment, it tests the assignment permissions.
Raises a VLEProgramming error when misused.
"""
if obj is None:
return permissions.has_general_permission(self, permission)
if isinstance(obj, Course):
return permissions.has_course_permission(self, permission, obj)
if isinstance(obj, Assignment):
return permissions.has_assignment_permission(self, permission, obj)
raise VLEProgrammingError("Permission object must be of type None, Course or Assignment.")
def can_edit(self, user):
"""
Returns whether the given user is allowed to edit the comment:
- Has to be the author or super_user
- Otheriwse has to have the permission 'can_edit_staff_comment' and edit a non journal author comment.
Because staff members can't have a journal themselves, checking if the author is not the owner of the
journal the comment is posted to suffices.
Raises a VLEProgramming error when misused.
"""
if not isinstance(user, User):
raise VLEProgrammingError("Expected instance of type User.")
if user == self.author or user.is_superuser:
return True
return user.has_permission('can_edit_staff_comment', self.entry.node.journal.assignment) and \
self.author != self.entry.node.journal.user
def has_general_permission(user, permission):
"""Check if the user has the needed "global" permission.
Arguments:
user -- user that did the request.
permission -- the permission string to check.
Raises VLEProgrammingError when the passed permission is not a "General Permission".
"""
if permission not in GENERAL_PERMISSIONS:
raise VLEProgrammingError("Permission " + permission +
" is not a general level permission.")
if user.is_superuser:
return True
# If the user is a teacher, he is allowed to create courses on the platform.
if user.is_teacher and permission == 'can_add_course':
return True
return False
def has_assignment_permission(user, permission, assignment):
"""Check if the user has the needed permission in the given assignment.
Arguments:
user -- user that did the request.
assignment -- assignment used to check against.
permission -- the permission string to check.
Raises VLEProgrammingError when the passed permission is not an "Assignment Permission".
Raises VLEParticipationError when the user is not participating in the assignment.
"""
if permission not in ASSIGNMENT_PERMISSIONS:
raise VLEProgrammingError("Permission " + permission +
" is not an assignment level permission.")
if user.is_superuser:
if permission == 'can_have_journal':
return False
return True
user.check_participation(assignment)
permissions = defaultdict(lambda: False)
for course in assignment.courses.all():
if user.is_participant(course):
role = VLE.models.Participation.objects.get(user=user,
course=course).role
role_permissions = model_to_dict(role)
permissions = {
key: (role_permissions[key] or permissions[key])
for key in ASSIGNMENT_PERMISSIONS
}
# Apply negations
if permissions['can_have_journal'] and permissions['can_view_all_journals']:
permissions['can_have_journal'] = False
return permissions[permission]
def has_course_permission(user, permission, course):
"""Check if the user has the needed permission in the given course.
Arguments:
user -- user that did the request.
course -- course used to check against.
permission -- the permission string to check.
Raises VLEProgrammingError when the passed permission is not a "Course Permission".
Raises VLEParticipationError when the user is not participating in the course.
"""
if permission not in COURSE_PERMISSIONS:
raise VLEProgrammingError("Permission " + permission +
" is not a course level permission.")
if user.is_superuser:
return True
user.check_participation(course)
role = VLE.models.Participation.objects.get(user=user, course=course).role
permissions = model_to_dict(role)
return permission in permissions and permissions[permission]