def delete(CID):
page = r"/" + request.url.split("/")[-1]
auth = AuthorizedUser()
user_name = auth.get_username()
# if auth.user_level() == 'admin':
try:
#need to add app/ in the front to tell the os where to start looking
#file_path = 'app/'+databaseInterface.get_course_file_path(CID)
file_path = '/var/www/html/Syllus-flask/' + databaseInterface.get_course_file_path(
CID)
#Remove file from server
os.remove(file_path)
app.logger.info("File removed: {0}".format(file_path))
#Remove the file from the database
delete_filePath = Courses.update(filePath=None).where(
Courses.CID == CID)
delete_filePath.execute()
flash("Syllabus has been deleted")
#RECORD THE CHANGE
get_time = datetime.datetime.now()
time_stamp = get_time.strftime("%Y-%m-%d %H:%M")
last_modified_message = "Deleted By {} On {}".format(
user_name, str(time_stamp))
message = "Uploads: {0} has been {1}".format(file_path,
last_modified_message)
log.writer('INFO', page, message)
update_last_modified = Courses.update(
lastModified=last_modified_message).where(Courses.CID == CID)
update_last_modified.execute()
return redirect(redirect_url())
except Exception, e:
app.logger.info("{0} attempting to delete a syllabus.".format(str(e)))
message = "An error occured during the delete process of the file."
return render_template("error.html", cfg=cfg, message=message)
def adminDivisionManagement(did):
if (request.method == "GET"):
authorizedUser = AuthorizedUser()
# only admin should be able to change division chairs
if authorizedUser.isAdmin:
# every user could be division chair
users = Users.select()
#sidebar element
divisions = Divisions.select()
#division we are viewing
division = Divisions.get(Divisions.DID == did)
# organize all the division chairs
divisionChairs = {}
divisionChairs[division.DID] = Users.select().where(Users.DID == did)
return render_template("/admin/editDivision.html",
division = division,
divisionChairs = divisionChairs,
cfg = cfg,
users = users,
divisions = divisions,
isAdmin = authorizedUser.isAdmin)
else:
abort(403)
def adminProgramManagement(pid):
# if (request.method == "GET"):
authorizedUser = AuthorizedUser()
# only admin should be able to change program chairs
if authorizedUser.isAdmin:
# all uses could be program chair
users = Users.select()
#sidebar elements
divisions = Divisions.select()
programs = Programs.select()
# program we are viewing
program = Programs.get(Programs.PID == pid)
programChairs = {}
programChairs[program.PID] = Users.select().where(Users.PID == pid)
return render_template("/admin/editProgram.html",
program=program,
programChairs=programChairs,
cfg=cfg,
users=users,
divisions=divisions,
programs=programs,
isAdmin=authorizedUser.isAdmin)
#sending to 403 instead
else:
abort(403)
def downloadAll(SEID):
page = r"/" + request.url.split("/")[-1]
authorizedUser = AuthorizedUser()
# we need the location so that we can use relative file paths
here = os.path.dirname(__file__)
if authorizedUser.isAdmin:
#For os methods we need to include app because it doesn't know to start at
#app like in flask
parent_folder = cfg['fileOperations']['dataPaths'][
'download'] + '/' + SEID
# get full path
parent_folder = os.path.join(here, parent_folder)
zip_path = cfg['fileOperations']['dataPaths'][
'zips'] + '/' + SEID + '.zip'
zip_path = os.path.join(here, zip_path)
try:
contents = os.walk(parent_folder)
zip_file = zipfile.ZipFile(zip_path, "w", zipfile.ZIP_DEFLATED)
for root, folders, files in contents:
for folder_name in folders:
absolute_path = os.path.join(root, folder_name)
relative_path = absolute_path.replace(parent_folder, '')
zip_file.write(absolute_path, relative_path)
for file_name in files:
absolute_path = os.path.join(root, file_name)
relative_path = absolute_path.replace(parent_folder, '')
zip_file.write(absolute_path, relative_path)
zip_file.close()
message = 'Download: {0} has been downloaded as a zip'.format(
parent_folder)
log.writer("INFO", page, message)
return send_file(zip_path, as_attachment=True)
except Exception, e:
return render_template('error.html', cfg=cfg, message=e)
def removeCourse():
authorizedUser = AuthorizedUser()
if authorizedUser.isAdmin:
if request.method == "GET":
semesters = Semesters.select()
return render_template('admin/courseManagement/removeCourse.html',
cfg = cfg,
isAdmin = authorizedUser.isAdmin,
semesters = semesters
)
elif request.method == "POST":
try:
data = request.form
course = Courses.get(Courses.CID == data['CID'])
msg = 'Course (' + course.prefix + '-' + course.number + '-' + course.section + ') has been deleted.'
Courses.delete().where(Courses.CID == data['CID']).execute()
flash(msg)
return redirect(url_for("removeCourse"))
except Exception as e:
flash(e)
return redirect(url_for("removeCourse"))
else:
abort(404)
else:
abort(403)
def uploads(CID):
auth = AuthorizedUser()
user_name = auth.get_username()
file = request.files['file']
getUploads = GetUploads(file)
try:
upload_path = getUploads.get_upload_path()
#course_path is the map of where the syllabus should be in the upload folder
course_path = getUploads.get_course_path(CID)
directory_path = upload_path + course_path
#Make sure that the directories exist and creates it if it doesn't
result = getUploads.check_path_exist(directory_path)
#Now we rename the file to our create standard
instructors_string = databaseInterface.get_course_instructors(CID)
new_file_name = getUploads.create_filename(CID, instructors_string)
complete_path = (directory_path + new_file_name).replace(" ","")
#Save the File
file.save(complete_path)
if os.path.exists(complete_path):
#Now we need to course_path with its new file name to the database
database_path = (course_path+new_file_name).replace(" ","")
update_course_path = Courses.update(filePath=database_path).where(Courses.CID==CID)
update_course_path.execute()
#Now we need to log the changes
get_time = datetime.datetime.now()
time_stamp = get_time.strftime("%Y-%m-%d %I:%M")
last_modified_message = "Uploaded By {0} On {1}".format(user_name,str(time_stamp))
# log in our log file
message = "Uploads: {0} has been {1}".format(new_file_name, last_modified_message)
page = "/uploads/{0}".format(CID)
log.writer("INFO", page, message)
#update the database to inform the users who uploaded the file
update_last_modified = Courses.update(lastModified=last_modified_message).where(Courses.CID==CID)
update_last_modified.execute()
return redirect(url_for("courses"))
else:
return render_template("error.html",
cfg = cfg,
message = "An error occured during the upload process.")
except Exception as e:
app.logger.info("{0}".format(e))
return render_template("error.html",
cfg = cfg,
message = "An error occured during the upload process."
)
def deleteDeadline():
page = r"/" + request.url.split("/")[-1]
authorizedUser = AuthorizedUser()
if authorizedUser.isAdmin:
data = request.form
deadline = Deadline.get(Deadline.id == int(data['id']))
deadline.delete_instance()
message = "Deadline: {0} has been deleted".format(deadline.description)
log.writer("INFO", page, message)
flash("Your Deadline has been deleted")
return redirect(redirect_url())
else:
abort(403)
def addSemester():
page = "/" + request.url.split("/")[-1]
authorizedUser = AuthorizedUser()
if authorizedUser.isAdmin:
data = request.form
#Class from logic folder
system = GetSystemManagement()
logList = system.add_semester(data)
print logList
#TODO: figure out how to log
log.writer(logList[0], page, logList[1])
flash(logList[1])
return redirect(redirect_url())
else:
abort(403)
def editAdmin():
username = authUser(request.environ)
authorizedUser = AuthorizedUser()
if authorizedUser.isAdmin:
data = request.form
key = 'admin[]'
result = checkData(data, key)
user = result[0]
if user is not None:
user.isAdmin = not user.isAdmin #Flip the boolean value
user.save()
#TODO: LOG HERE
flash(result[1])
return redirect(redirect_url('systemManagement'))
else:
abort(403)
def deadlineDisplay():
if (request.method == "GET"):
authorizedUser = AuthorizedUser()
# we don't want to show deadlines past today
today = datetime.date.today()
# we don't want show repeated dates
dates = Deadline.select().where(
Deadline.date > today).distinct().order_by(Deadline.date)
return render_template("deadline.html",
cfg=cfg,
isAdmin=authorizedUser.isAdmin,
deadlines=dates,
today=today)
def deadlineEdit():
# we need the page for logging purpuses
page = "/" + request.url.split("/")[-1]
authorizedUser = AuthorizedUser()
if authorizedUser.isAdmin:
data = request.form
deadline = Deadline.get(Deadline.id == data['id'])
deadline.description = data['deadlineDescription']
deadline.save()
message = "Deadline: has been edited to {0}".format(
deadline.description)
log.writer("INFO", page, message)
flash("Your Deadline has been edited")
return redirect(redirect_url())
else:
abort(403)
def archive(SEID):
# we need to know if the user is authorized to see this
authorizedUser = AuthorizedUser()
getAll = GetAll()
semesters = databaseInterface.get_all_semesters()
if SEID == None:
SEID = databaseInterface.grab_current_semester()
two_dictionaries = getAll.create_dictionaries(SEID)
current_term = Semesters.get(Semesters.SEID == SEID)
return render_template("archive.html",
cfg = cfg,
semesters = semesters,
current_term = current_term,
SEID = SEID,
isAdmin = authorizedUser.isAdmin,
divisions_to_programs = two_dictionaries[0],
programs_to_courses = two_dictionaries[1]
)
def addCourse():
authorizedUser = AuthorizedUser()
if authorizedUser.isAdmin:
if request.method == "GET":
semesters = Semesters.select()
programs = Programs.select()
users = Users.select()
return render_template('admin/courseManagement/addCourse.html',
cfg=cfg,
isAdmin=authorizedUser.isAdmin,
semesters=semesters,
programs=programs,
users=users)
elif request.method == "POST":
data = request.form
try:
new_course = databaseInterface.insert_course(
str(data['prefix']).upper(), str(data['number']),
str(data['section']).upper(), int(data['PID']),
int(data['SEID']))
if new_course:
new_user_course = databaseInterface.insert_course_user(
str(data['user']), int(new_course.CID))
if new_user_course:
flash('The course ({0} {1}) has been added'.format(
data['prefix'], data['number']))
else:
flash(
'Course failed to be uploaded with instructor. Contact the system support'
)
else:
flash(
'There was an error adding the course. The course was not added.'
)
except Exception as e:
flash(e)
return redirect(url_for("addCourse"))
else:
abort(404)
else:
abort(403)
def deadlineCreate():
# we need the page for loggin purposes
page = "/" + request.url.split("/")[-1]
# we need the user to know if they are is admin
authorizedUser = AuthorizedUser()
if authorizedUser.isAdmin:
# data contains
# deadlineDescription
data = request.form
date = datetime.datetime.strptime(data['deadlineDate'],
"%m/%d/%Y").date()
deadline = Deadline.create(description=data['deadlineDescription'],
date=date)
deadline.save()
# log the messages
message = "Deadline: {0} has been added".format(deadline.description)
log.writer("INFO", page, message)
flash("Your Deadline has been created")
return redirect(redirect_url())
else:
abort(403)
def editProgram():
authorizedUser = AuthorizedUser()
if authorizedUser.isAdmin:
# we need the page for loggin purposes
page = "/" + request.url.split("/")[-1]
data = request.form
newChairs = request.form.getlist('professors[]')
pid = data['PID']
# TODO: the loop is repeated a lot we should be able to take it out
currentChairs = Users.select().where(Users.PID == pid)
for currentChair in currentChairs:
#IF A USER'S NAME IS NOT PART OF THE NEWCHAIR LIST THEN DELETE THEM
if currentChair.username not in newChairs:
message = "USER: {0} has been removed as a program chair for pid: {1}".format(
currentChair.username, pid)
log.writer("INFO", page, message)
currentChair.PID = None
currentChair.save()
else:
#HOWEVER IF THEY ARE PART OF THE LIST, DELETE THEM FROM THE LIST
newChairs.remove(currentChair.username)
#LOOK THROUGH THE NEW CHAIR LIST
for user_name in newChairs:
#ADD THE USERNAMES TO THE PROGRAM CHAIR LIST
newChair = Users.get(Users.username == user_name)
print newChair.username
newChair.PID = pid
newChair.save()
message = "USER: {0} has been added as a program chair for pid: {1}".format(
user_name, pid)
log.writer("INFO", page, message)
flash("Program succesfully changed")
return redirect(redirect_url())
else:
abort(403)
def systemManagement():
page = "/" + request.url.split("/")[-1] #We need page for logging purposes
authorizedUser = AuthorizedUser()
if authorizedUser.isAdmin: #Ensure that the user is an Admin
#Class from logic folder
system = GetSystemManagement()
years = system.get_years_list() #Returns a list of the next five years
#DatabaseInterface from logic folder
semesters = databaseInterface.get_all_semesters()
users = databaseInterface.get_non_admins()
admins = databaseInterface.get_all_admins()
return render_template(
'admin/editSystem.html',
cfg=cfg,
#This variable is for the navbar
isAdmin=authorizedUser.isAdmin,
users=users,
admins=admins,
semesters=semesters,
years=years,
)
else:
abort(403)
def editDivision():
authorizedUser = AuthorizedUser()
if authorizedUser.isAdmin:
# we need the page for logging purposes
page = "/" + request.url.split("/")[-1]
data = request.form
newChairs = request.form.getlist('professors[]')
did = data['DID']
#SELECT ALL OF THE CURRENT CHAIRS OF THE DIVISION
currentChairs = Users.select().where(Users.DID == did)
for currentChair in currentChairs:
# we want to delete chairs that are not in the new list
if currentChair.username not in newChairs:
message = "USER: {0} has been removed as a Division chair for did: {1}".format(
currentChair.username, did)
log.writer("INFO", page, message)
currentChair.DID = None
currentChair.save()
# we dont want to duplicate chairs
else:
newChairs.remove(currentChair.username)
for user_name in newChairs:
#ADD THE USERNAMES TO THE Division CHAIR LIST
newChair = Users.get(Users.username == user_name)
newChair.DID = did
newChair.save()
message = "USER: {0} has been added as a Division chair for did: {1}".format(
user_name, did)
log.writer("INFO", page, message)
flash("Division succesfully changed")
return redirect(redirect_url())
else:
abort(403)
def missingSyllabi():
authorizedUser = AuthorizedUser()
if authorizedUser.isAdmin:
if request.method == "GET":
semesters = Semesters.select()
return render_template(
'admin/courseManagement/missingSyllabi.html',
cfg=cfg,
isAdmin=authorizedUser.isAdmin,
semesters=semesters)
elif request.method == "POST":
try:
data = request.form
filePath = makeExcelFile(data['SEID'])
return send_file(filePath, as_attachment=True)
except Exception as e:
#TODO: Log e
print e
flash('Error occured while trying to prepare excel sheet. ')
return redirect(url_for("missingSyllabi"))
else:
abort(404)
else:
abort(403)
def courses():
'''This function will render the correct template based off of the user's role'''
#activate classes used on this controller
getAll = GetAll()
#Grab user information
auth = AuthorizedUser()
user = auth.get_user()
user_level = auth.user_level()
#CREATE TWO DEFAULT DICTIONARIES
currentSEID = databaseInterface.grab_current_semester()
current_term = Semesters.get(Semesters.SEID == currentSEID)
getCourses = GetCourses(auth)
# we need to get the dictionaries that populate the tables
two_dictionaries = getAll.create_dictionaries(currentSEID)
divisions_to_programs = two_dictionaries[0]
programs_to_courses = two_dictionaries[1]
# MY COURSES SELECT QUERY
my_courses = getCourses.check_for_my_courses(currentSEID)
# RENDER CORRECT PAGE BASED ON ACCESS LEVEL
for case in switch(user_level):
if case('admin'):
return render_template('courses/admin.html',
cfg = cfg,
my_courses = my_courses,
isAdmin = auth.isAdmin,
divisions_to_programs = divisions_to_programs,
programs_to_courses = programs_to_courses,
current_term = current_term
)
break;
if case('division'):
division_key = user.DID
print division_key
return render_template('courses/division.html',
cfg = cfg,
my_courses = my_courses,
division_key = division_key,
divisions_to_programs = divisions_to_programs,
programs_to_courses = programs_to_courses,
current_term = current_term
)
break;
if case('program'):
program_key = user.PID.name
return render_template('courses/program.html',
cfg = cfg,
my_courses = my_courses,
program_key = program_key,
programs_to_courses = programs_to_courses,
current_term = current_term
)
break;
if case('faculty'):
return render_template('courses/faculty.html',
cfg = cfg,
my_courses = my_courses,
current_term = current_term
)
break;
if case():
# TODO: return ERROR
abort(404)
render_template('error.html')