def register(): """ End-point to handle User/Staff Registration """ form = UserRegistrationForm() position = current_user.position if current_user.is_master(): position = 'Master' if form.validate_on_submit(): if dict(form.position.choices).get( form.position.data) == "Upper Management": if not current_user.is_master( ) and current_user.position != "Upper Management": flash("You don't have permissions to set Upper Management.") return redirect(url_for('auth.register')) academy = Academy.query.filter_by( name=dict(form.academy.choices).get(form.academy.data)).first() if not current_user.is_master( ) and current_user.position != "Upper Management": if not current_user.has_academy_access(academy.id): flash('You can only add people to your own academy.') return redirect(url_for('auth.register')) send_confirmation_email(form.email.data) flash('Please check given email to confirm the email address.', 'success') user = User(username=form.username.data, name=form.name.data, phone=form.phone.data, email=form.email.data, position=form.position.data) user.set_password(form.password.data) db.session.add(user) db.session.commit() trained = form.trained.data for t in trained: i = TrainedIn(name=t, teacher=user.id) db.session.add(i) db.session.commit() user.academy_id = academy.id permission = PermissionGroups.query.filter_by( group_name=form.position.data).first() user.add_access(permission) db.session.commit() flash('Registration successful.') return redirect(url_for('staff.user', name=user.name)) return render_template('auth/user_register.html', title="Register Staff", form=form, position=position)
def add_student(): """ Handle adding new students """ form = CreateStudentForm() if form.validate_on_submit(): academy = Academy.query.filter_by(name=form.academy.data).first() options_121 = [ '121-General English', '121-Exam Class', '121-Business English', '121-Children', 'In-Company-121' ] type_of_class = TypeOfClass.query.filter_by( name=form.typeofclass.data).first() if not current_user.is_master( ) and current_user.position != "Upper Management": if not current_user.has_academy_access(academy.id): flash('You can only add people to your own academy.') return redirect(url_for('students.add_student')) if form.lesson.data == None: flash('Ensure class is chosen!') return redirect(url_for('students.add_student')) if type_of_class.name == 'Group General English': lesson = Lessons.query.filter_by(id=form.lesson.data).first() if lesson == None: flash('Ensure class is chosen!') return redirect(url_for('students.add_student')) step = Step.query.filter_by(name=form.step.data).first() student = Student(name=form.name.data, phone=form.phone.data, email=form.email.data, days_missed=0, comment=form.comment.data, user_id=current_user.id, class_id=lesson.id, academy_id=academy.id, step_id=step.id) db.session.add(student) lesson.amount_of_students = lesson.amount_of_students + 1 db.session.commit() flash('Student Added') return redirect( url_for('students.student_profile', academy=academy.name, name=student.name)) elif form.typeofclass.data in options_121: # todo: Implement the 121 classes lesson_name = get_name(name=form.name.data, academy=academy.id, types=form.typeofclass.data, companyname=form.companyname.data) return render_template('students/add_student.html', title="Add Students", form=form)
def remove_user(name): """ End-point to handle removing User/Staff data """ user = User.query.filter_by(name=name).first() academy = Academy.query.filter_by(id=user.academy_id).first() trained = TrainedIn.query.filter_by(teacher=user.id).all() form = RemoveUserForm() avatar = None files = os.listdir(current_app.config['UPLOAD_PATH'] + 'avatars') for f in files: file_ext = os.path.splitext(f)[1] if str(user.id) + file_ext == f: avatar = f if user.id == current_user.id: flash("You can't delete youself!") return redirect(url_for('staff.user', name=name)) if not current_user.is_master( ) and current_user.position != "Upper Management": if current_user.academy_id != academy.id: flash('You can only delete profiles from your own academy.') return redirect(url_for('staff.user', name=name)) if user.position == "Upper Management": flash('Managers cannot remove Upper Management') return redirect(url_for('staff.user', name=name)) if form.validate_on_submit(): if dict(form.affirmation.choices).get(form.affirmation.data) == 'Yes': db.session.delete(user) for t in trained: db.session.delete(t) flash('{} deleted!'.format(user.name)) if avatar is not None: os.remove( os.path.join(current_app.config['UPLOAD_PATH'] + 'avatars/' + avatar)) db.session.commit() return redirect(url_for('main.index')) else: flash('{} not deleted!'.format(user.name)) return redirect(url_for('staff.user', name=name)) return render_template('staff/remove_user.html', title='Remove User', user=user, form=form)
def edit_submitted_progress(progress_id, lesson_id): """ End-point to edit the previously submitted progress """ progress = StepActualProgress.query.filter_by(id=progress_id).first() lesson = Lessons.query.filter_by( id=lesson_id).join(Academy).join(Step).first() form = StepProgressForm() if not current_user.is_master( ) and current_user.position != "Upper Management" or current_user.position != "Management": if progress.user_id != current_user.id: flash("You cannot edit somebody else's submitted progress") return redirect( url_for('classes.view_class', name=lesson.name, academy=lesson.academy.name)) if form.validate_on_submit(): progress.lesson_number = form.lesson_number.data progress.last_page = form.last_page.data progress.last_word = form.last_word.data progress.exercises = form.exercises.data progress.comment = form.comment.data progress.user_id = current_user.id db.session.commit() return redirect( url_for('classes.view_class', name=lesson.name, academy=lesson.academy.name)) else: form.lesson_number.data = progress.lesson_number form.last_page.data = progress.last_page form.last_word.data = progress.last_word form.exercises.data = progress.exercises form.comment.data = progress.comment return render_template('class/edit_submitted_progress.html', title="Edit Submitted Progress", form=form, lesson=lesson, progress=progress, step=lesson.step.name)
def edit_announcement(announcement_id): """ End-Point to Handle Editing Announcements """ form = AnnouncementForm() announcement = Announcement.query.filter_by(id=announcement_id).first() academy = Academy.query.filter_by(id=current_user.academy_id).first() if form.validate_on_submit(): if not current_user.is_master( ) and current_user.position != "Upper Management": if dict(form.academy.choices).get( form.academy.data) != academy.name: flash( "You don't have permissions to make announcements to academies other than your own." ) return redirect(url_for('main.make_announcement')) if form.for_all.data == True: flash( "You don't have permissions to make announcements to academies other than your own." ) return redirect(url_for('main.make_announcement')) announcement.subject = form.subject.data, announcement.message = form.message.data, announcement.for_all = form.for_all.data, db.session.commit() flash('Announcement has been editted!') return redirect(url_for('main.index')) else: form.subject.data = announcement.subject form.message.data = announcement.message form.for_all.data = announcement.for_all return render_template('make_announcement.html', title='Edit Announcement', what='Edit', form=form)
def make_announcement(): """ End-Point handling making announcements """ form = AnnouncementForm() academy = Academy.query.filter_by(id=current_user.academy_id).first() if form.validate_on_submit(): if not current_user.is_master( ) and current_user.position != "Upper Management": if dict(form.academy.choices).get( form.academy.data) != academy.name: flash( "You don't have permissions to make announcements to academies other than your own." ) return redirect(url_for('main.make_announcement')) if form.for_all.data == True: flash( "You don't have permissions to make announcements to academies other than your own." ) return redirect(url_for('main.make_announcement')) academy = Academy.query.filter_by( name=dict(form.academy.choices).get(form.academy.data)).first() announcement = Announcement(subject=form.subject.data, message=form.message.data, for_all=form.for_all.data, user_id=current_user.id, academy_id=academy.id) db.session.add(announcement) db.session.commit() flash('Announcement has been sent!') return redirect(url_for('main.index')) return render_template('make_announcement.html', title='Make Announcement', what='Make', form=form)
def remove_student(name, academy): """ End-point to handle removing student data from the database """ academy = Academy.query.filter_by(name=academy).first() student = Student.query.filter_by(name=name).filter_by( academy_id=academy.id).first() lesson = Lessons.query.filter_by(id=student.class_id).first() form = RemoveStudentForm() if not current_user.is_master( ) and current_user.position != "Upper Management": if current_user.academy_id != academy.id: flash('You can only remove people from your own academy.') return redirect( url_for('students.student_profile', name=student.name, academy=academy.name)) if form.validate_on_submit(): if dict(form.affirmation.choices).get(form.affirmation.data) == 'Yes': lesson.amount_of_students = lesson.amount_of_students - 1 db.session.delete(student) flash('{} deleted!'.format(student.name)) db.session.commit() return redirect(url_for('main.index')) else: flash('{} not deleted!'.format(student.name)) return redirect( url_for('students.student_profile', name=name, academy=academy.name)) return render_template('students/remove_student.html', title="Remove Student", form=form, student=student, academy=academy)
def create_class(): """ End-point to handle creating the classes """ form = CreateClassForm() if form.validate_on_submit(): academy = Academy.query.filter_by( name=dict(form.academy.choices).get(form.academy.data)).first() class_type = dict(form.typeofclass.choices).get(form.typeofclass.data) if not current_user.is_master( ) and current_user.position != "Upper Management": if current_user.academy_id != academy.id: flash('You can only add classes to your own academy.') return redirect(url_for('classes.create_class')) if class_type == 'Group General English': if form.lengthofclass.data == '30 Minutes': flash('General English Group class cannot be 30 minutes long') return redirect(url_for('classes.create_class')) length_of_class = LengthOfClass.query.filter_by( name=dict(form.lengthofclass.choices).get( form.lengthofclass.data)).first() step = Step.query.filter_by(name=form.step.data).first() expectedtracker = StepExpectedTracker.query.filter_by( length_of_class=length_of_class.id).filter_by( step_id=step.id).first() type_of_class = TypeOfClass.query.filter_by(name=dict( form.typeofclass.choices).get(form.typeofclass.data)).first() class_number = StepExpectedProgress.query.filter_by( lesson_number=form.startat.data).filter_by( step_expected_id=expectedtracker.id).order_by( StepExpectedProgress.class_number.asc()).first() if length_of_class.name == '2 Hours' or length_of_class.name == '2,5 Hours': if class_number.class_number != 1: number = int(class_number.class_number) - 1 actual_class_number = StepExpectedProgress.query.filter_by( step_expected_id=expectedtracker.id).filter_by( class_number=number).first() class_number = actual_class_number actualtracker = StepActualTracker( length_of_class=length_of_class.id, step_id=step.id) db.session.add(actualtracker) db.session.commit() name = get_name(name=None, days=form.daysdone.data, time=form.time.data, types=class_type, academy=academy.name) lesson = Lessons(name=name, time=str(form.time.data), comment=form.comment.data, amount_of_students=0, class_number=class_number.class_number, user_id=current_user.id, length_of_class=length_of_class.id, academy_id=academy.id, step_id=step.id, type_of_class=type_of_class.id, step_expected_id=expectedtracker.id, step_actual_id=actualtracker.id) db.session.add(lesson) db.session.commit() days = form.daysdone.data for t in days: i = DaysDone(name=t, lessons=lesson.id) db.session.add(i) db.session.commit() flash('Class Added.') return redirect( url_for('classes.view_class', name=lesson.name, academy=academy.name)) elif class_type == 'Group Exam Class': # todo: input class type system name = get_name(name=None, days=form.daysdone.data, time=form.time.data, types=class_type, academy=academy.name) return redirect( url_for('classes.view_class', name=lesson.name, academy=academy.name)) return render_template('class/create_class.html', title="Create Class", option='Create', form=form)
def decorated_function(*args, **kwargs): if not current_user.is_authenticated or not current_user.is_master(): abort(403) return f(*args, **kwargs)
def edit_user(name): """ End-Point to handle changes to User/Staff data """ user = User.query.filter_by(name=name).first() academy = Academy.query.filter_by(id=user.academy_id).first() trained = TrainedIn.query.filter_by(teacher=user.id).all() if user.position == "Upper Management" or user.is_master(): if not current_user.is_master( ) and current_user.position != "Upper Management": flash("You don't have permissions to edit Upper Management.") return redirect(url_for('staff.user', name=name)) if not current_user.is_master( ) and current_user.position != "Upper Management": if current_user.academy_id != academy.id: flash('You can only edit profiles from your own academy.') return redirect(url_for('staff.user', name=name)) form = EditProfileForm(obj=user.id) position = current_user.position position_edit = user.position if current_user.is_master(): position = 'Master' if form.validate_on_submit(): if dict(form.position.choices).get( form.position.data) == "Upper Management": if not current_user.is_master( ) and current_user.position != "Upper Management": flash("You don't have permissions to set Upper Management.") return redirect(url_for('staff.user', name=name)) academy_new = Academy.query.filter_by( name=dict(form.academy.choices).get(form.academy.data)).first() if not current_user.is_master( ) and current_user.position != "Upper Management": if current_user.academy_id != academy_new.id: flash('You can only edit profiles from your own academy.') return redirect(url_for('staff.user', name=name)) if user.name != form.name.data: user.name = form.name.data db.session.commit() if user.phone != form.phone.data: user.phone = form.phone.data db.session.commit() if user.email != form.email.data: user.email = form.email.data send_confirmation_email(form.email.data) flash('Please check given email to confirm the email address.', 'success') db.session.commit() if user.position != form.position.data: permission_old = PermissionGroups.query.filter_by( group_name=user.position).first() permission_new = PermissionGroups.query.filter_by( group_name=form.position.data).first() user.remove_access(permission_old) user.add_access(permission_new) user.position = form.position.data db.session.commit() if academy.name != academy_new.name: user.academy_id = academy_new.id db.session.commit() trained_new = form.trained.data for t in trained_new: u = TrainedIn.query.filter_by(teacher=user.id).filter_by( name=t).first() if u is None: i = TrainedIn(name=t, teacher=user.id) db.session.add(i) db.session.commit() for t in trained: if t.name not in trained_new: db.session.delete(t) db.session.commit() flash('User information updated') return redirect(url_for('staff.user', name=user.name)) elif not form.is_submitted(): form.name.data = user.name form.phone.data = user.phone form.email.data = user.email form.position.data = user.position form.academy.data = academy.name form.trained.data = [t.name for t in trained] return render_template('staff/edit_user.html', title='Edit User', user=user, form=form, position=position, position_edit=position_edit)
def edit_student(name, academy): """ End-point to handle changes to student information """ academy = Academy.query.filter_by(name=academy).first() student = Student.query.filter_by(name=name).filter_by( academy_id=academy.id).first() current_lesson = Lessons.query.filter_by(id=student.class_id).first() length_of_class = LengthOfClass.query.filter_by( id=current_lesson.length_of_class).first() type_of_class = TypeOfClass.query.filter_by( id=current_lesson.type_of_class).first() options_121 = [ '121-General English', '121-Exam Class', '121-Business English', '121-Children', 'In-Company-121' ] step = None if not current_user.is_master( ) and current_user.position != "Upper Management": if current_user.academy_id != academy.id: flash('You can only remove people from your own academy.') return redirect( url_for('students.student_profile', name=student.name, academy=academy.name)) if type_of_class.name == 'Group General English': step = Step.query.filter_by(id=student.step_id).first() # todo: Implement other class types form = EditStudentForm(obj=student.id) form2 = AdditionalClassForm(obj=student.id) form3 = AdditionalClassForm2(obj=student.id) form.name.data = student.name form.phone.data = student.phone form.email.data = student.email form.comment.data = student.comment form.lengthofclass.data = length_of_class.name form.academy.data = academy.name form.typeofclass.data = type_of_class.name if step: form.step.data = step.name form.lesson.choices = [(current_lesson.id, '{} Students: {}/8 {}'.format( current_lesson.name, current_lesson.amount_of_students, current_lesson.time))] if student.student_on_class: link = Studentonclass.query.filter_by( id=student.student_on_class).first() lesson = Lessons.query.filter_by(student_on_class=link.id).first() acad = Academy.query.filter_by(id=lesson.academy_id).first() length_of = LengthOfClass.query.filter_by( id=lesson.length_of_class).first() type_of = TypeOfClass.query.filter_by(id=lesson.type_of_class).first() if type_of.name == 'Group General English': step_additional = Step.query.filter_by(id=lesson.step_id).first() form2.step.data = step_additional.name # todo: Implement other class types form2.lengthofclass.data = length_of.name form2.academy.data = acad.name form2.typeofclass.data = type_of.name form2.lesson_.choices = [(lesson.id, '{} Students: {}/8 {}'.format( lesson.name, lesson.amount_of_students, lesson.time))] if student.student_on_class2: link = Studentonclass.query.filter_by( id=student.student_on_class2).first() lesson = Lessons.query.filter_by(student_on_class2=link.id).first() acad = Academy.query.filter_by(id=lesson.academy_id).first() length_of = LengthOfClass.query.filter_by( id=lesson.length_of_class).first() type_of = TypeOfClass.query.filter_by(id=lesson.type_of_class).first() if type_of.name == 'Group General English': step_additional = Step.query.filter_by(id=lesson.step_id).first() form3.step.data = step_additional.name # todo: Implement other class types form3.lengthofclass.data = length_of.name form3.academy.data = acad.name form3.typeofclass.data = type_of.name form3.lesson3.data = [(lesson.id, '{} Students: {}/8 {}'.format( lesson.name, lesson.amount_of_students, lesson.time))] if form.validate_on_submit(): if form.typeofclass.data == 'Group General English': if form.lesson.data == 'None': flash('You must have a lesson value') return redirect( url_for('students.edit_student', name=student.name, academy=academy.name)) if form.lesson.data == None: flash('You must have a lesson value') return redirect( url_for('students.edit_student', name=student.name, academy=academy.name)) if student.name != form.name.data: student.name = form.name.data if student.phone != form.phone.data: student.phone = form.phone.data if student.email != form.email.data: student.email = form.email.data if student.comment != form.comment.data: student.comment = form.comment.data if academy.name != form.academy.data: new_academy = Academy.query.filter_by( name=form.academy.name).first() student.academy_id = new_academy.id if current_lesson.id != form.lesson.data: new_lesson = Lessons.query.filter_by( id=form.lesson.data).first() student.class_id = new_lesson.id if type_of_class.name != form.typeofclass.data: if form.typeofclass.data == 'Group General English': student.step_id = new_lesson.step_id # todo: Implement other class types if step: if step.name != form.step.data: step = Step.query.filter_by(name=form.step.data).first() student.step_id = step.id student.user_id = current_user.id elif form.typeofclass.data in options_121: # todo: Implement 121 classes lesson_name = get_name(name=form.name.data, academy=academy.id, types=form.typeofclass.data, companyname=form.companyname.data) db.session.commit() flash('Student Editted') return redirect( url_for('students.edit_student', name=student.name, academy=academy.name)) return render_template('students/edit_student.html', title="Edit Student", form=form, form2=form2, form3=form3, student=student, student_id=student.id, academy=academy)