def course_delete(username, course_title):
"""
GET - show course deletion form
POST - delete the course from the database
"""
form = None
if g.user.is_authenticated():
if g.user.username == username:
form = CourseDeleteForm()
if form.validate_on_submit():
# user owns and can delete the course
course_id = [ c.course_id for c in g.user.get_courses()
if c.title == course_title and c.instructor_id == g.user.user_id]
Course.delete_course(int(course_id[0]))
g.user.update_courses()
flash('Course %s successfully deleted' % course_title)
return redirect(url_for('user_home', username=username))
else:
# there were errors on the form
return render_template('user/delete.html', form=form)
else:
# unauthorized user
flash('You can not delete a course you do not own.')
return redirect(url_for('user_home', username=g.user.username))
else:
# unauthenticated user
return redirect(url_for('login'))
def course_create(username):
"""
GET - show course creation form
POST - create the course, add it to g.user.courses and
add it to the database
"""
form = None
if g.user.is_authenticated():
if g.user.username == username:
form = CourseCreateForm(g.user.get_course_titles())
if form.validate_on_submit():
# user can create the course
course = Course(
request.form['course_title'],
request.form['course_ident'],
request.form['course_section'],
request.form['course_description'],
g.user.user_id)
course_id = course.create()
if course_id:
course.add_instructor(g.user.user_id, course_id)
g.user.add_course(course)
else:
flash('There was an error adding your class, please try again later.')
return redirect(url_for('user_home', username=username))
else:
# there were errors on the form
return render_template('user/new.html', form=form)
else:
# unauthorized user
flash('You can not create a course here.')
return redirect(url_for('user_home', username=g.user.username))
else:
# unauthenticated user
return redirect(url_for('login'))
def update_courses(self):
""" Get a new list of courses from the database """
self.courses = Course.get_courses(self.username)