def context(self, data, check, mutator):
"""Handler for default HTTP GET request."""
context = {
'page_name': 'Age Verification for %s' % data.program.name,
'program': data.program,
'failed_check': False
}
age_check_result = data.request.COOKIES.get('age_check', None)
if age_check_result == '0':
context['failed_check'] = True
elif age_check_result:
# age check passed, redirect to create profile page
# TODO(nathaniel): Can this be cleaned up at all? Creating and
# discarding a response feels weird.
response = data.redirect.createProfile('student').to(
url_names.GCI_PROFILE_CREATE, secure=True)
raise exception.Redirect(response['Location'])
if data.POST:
context['form'] = AgeCheckForm(data=data.POST)
else:
context['form'] = AgeCheckForm()
return context
def checkAccess(self, data, check, mutator):
mutator.studentEvaluationFromKwargs()
mutator.studentEvaluationRecordFromKwargs()
assert isSet(data.student_evaluation)
if user_logic.isHostForProgram(data.ndb_user, data.program.key()):
return
show_url = data.redirect.survey_record(
data.student_evaluation.link_id).urlOf(
'gsoc_show_student_evaluation')
check.isStudentSurveyActive(
data.student_evaluation, data.url_ndb_profile, show_url=show_url)
check.isProfileActive()
# TODO(dcrodman): When GSoCProject is converted to NDB, this Key
# conversion will need to be removed.
org_key = project_model.GSoCProject.org.get_value_for_datastore(
data.url_project)
org_key = ndb.Key.from_old_key(org_key)
if data.orgAdminFor(org_key):
raise exception.Redirect(show_url)
check.canUserTakeSurvey(data.student_evaluation, 'student')
check.isStudentForSurvey()
def isStudentSurveyActive(self, survey, student, show_url=None):
"""Checks if the student survey can be taken by the specified student.
Args:
survey: a survey entity.
student: a student profile entity.
show_url: survey show page URL to which the user should be redirected.
Raises:
exception.Redirect: if the active period is over and URL to redirect
is specified.
exception.Forbidden: if it is not possible to access survey
at this time.
"""
active_period = survey_logic.getSurveyActivePeriod(survey)
if active_period.state != survey_logic.IN_PERIOD_STATE:
# try finding a personal extension for the student
extension = survey_logic.getPersonalExtension(
student.key, survey.key())
active_period = survey_logic.getSurveyActivePeriod(
survey, extension=extension)
if active_period.state == survey_logic.POST_PERIOD_STATE and show_url:
raise exception.Redirect(show_url)
if active_period.state != survey_logic.IN_PERIOD_STATE:
raise exception.Forbidden(
message=DEF_PAGE_INACTIVE_OUTSIDE %
(active_period.start, active_period.end))
def ensureLoggedOut(data):
"""Ensures that the user is logged out.
Args:
data: request_data.RequestData for the current request.
Raises:
exception.Redirect: If the user is logged in this
exception will redirect them to the logout page.
"""
if data.gae_user:
raise exception.Redirect(links.LINKER.logout(data.request))
def checkAccess(self, data, check, mutator):
check.isLoggedIn()
check.isProgramVisible()
check.isOrganizationInURLActive()
check.isOrgAdminForOrganization(data.url_ndb_org.key.to_old_key())
check.isSlotTransferActive()
mutator.slotTransferEntities()
if not data.slot_transfer_entities:
if 'new' not in data.kwargs:
url = links.LINKER.organization(data.url_ndb_org.key,
'gsoc_update_slot_transfer')
raise exception.Redirect(url)
def canApplyStudent(self, edit_url):
"""Checks if the user can apply as a student.
"""
self.isLoggedIn()
if self.data.ndb_profile and self.data.ndb_profile.is_student:
raise exception.Redirect(edit_url)
self.studentSignupActive()
if not self.data.ndb_profile:
return
raise exception.Forbidden(
message=DEF_ALREADY_PARTICIPATING_AS_NON_STUDENT %
self.data.program.name)
def handle(self):
http = httplib2.Http()
credentials = decorator.get_credentials()
http = credentials.authorize(http)
drive_service = build('drive', 'v2', http=http)
shipment_info_id = int(self.data.kwargs['id'])
program_key = ndb.Key.from_old_key(self.data.program.key())
shipment_info = shipment_tracking.ShipmentInfo.get_by_id(
shipment_info_id, parent=program_key)
usa_url = URL_FMT % (shipment_info.spreadsheet_id, 0)
intl_url = URL_FMT % (shipment_info.spreadsheet_id, 1)
#get sheet content for USA students
resp, usa_sheet_content = drive_service._http.request(usa_url)
if resp.status != 200:
logging.error('An error occurred: %s', resp)
resp, intl_sheet_content = drive_service._http.request(intl_url)
if resp.status != 200:
logging.error('An error occurred: %s', resp)
task_start_url = links.SOC_LINKER.site(
url_names.GSOC_SHIPMENT_TASK_START)
#start task for USA students
params = {
'program_key': str(self.data.program.key()),
'sheet_content': json.dumps(usa_sheet_content),
'sheet_type': 'usa',
'shipment_info_id': shipment_info_id,
}
taskqueue.add(url=task_start_url, params=params)
#start task for international students
params = {
'program_key': str(self.data.program.key()),
'sheet_content': json.dumps(intl_sheet_content),
'sheet_type': 'intl',
'shipment_info_id': shipment_info_id,
}
taskqueue.add(url=task_start_url, params=params)
#return back to sync data page
result_url = links.SOC_LINKER.program(self.data.program,
url_names.GSOC_SHIPMENT_LIST)
raise exception.Redirect(result_url)
def context(self, data, check, mutator):
"""See base.RequestHandler.context for specification."""
# TODO(daniel): these models should not be imported directly here
from soc.modules.gsoc.models import program as soc_program_model
from soc.modules.gci.models import program as ci_program_model
program_sections = []
if data.site.latest_gsoc:
latest_soc = soc_program_model.GSoCProgram.get_by_key_name(
data.site.latest_gsoc)
if latest_soc:
program_sections.append(
ProgramSection(
data, latest_soc,
SOC_PROGRAM_IMAGE_PATH % latest_soc.program_id))
if data.site.latest_gci:
latest_ci = ci_program_model.GCIProgram.get_by_key_name(
data.site.latest_gci)
if latest_ci:
program_sections.append(
ProgramSection(
data, latest_ci,
CI_PROGRAM_IMAGE_PATH % latest_ci.program_id))
if len(program_sections) == 1:
# do not bother to show landing page if there is only one active program
# just redirect to the corresponding home page instead
raise exception.Redirect(
program_sections[0].context()['homepage_url'])
else:
active_programs_counter = len([
program_section for program_section in program_sections
if program_section.isActive()
])
contact_us_section = ContactUsSection(data)
return {
'active_programs_counter': active_programs_counter,
'contact_us_section': contact_us_section,
'program_sections': program_sections,
'page_name': LANDING_PAGE_NAME,
}
def isSurveyActive(self, survey, show_url=None):
"""Checks if the survey in the request data is active.
Args:
survey: the survey entity for which the access must be checked
show_url: The survey show page url to which the user must be
redirected to
"""
assert isSet(self.data.program)
assert isSet(self.data.timeline)
if self.data.timeline.surveyPeriod(survey):
return
if self.data.timeline.afterSurveyEnd(survey) and show_url:
raise exception.Redirect(show_url)
raise exception.Forbidden(message=DEF_PAGE_INACTIVE_OUTSIDE %
(survey.survey_start, survey.survey_end))
def editProfilePostAction(self, data, check, mutator):
"""Handler for regular (edit/create profile) POST action."""
if not self.validate(data):
# TODO(nathaniel): problematic self-call.
return self.get(data, check, mutator)
org_id = data.GET.get('new_org')
if org_id:
create_url = self.linker.program(data.program,
'create_gci_org_profile')
raise exception.Redirect(create_url + '?org_id=' + org_id)
else:
# TODO(nathaniel): make this .program() call unnecessary.
data.redirect.program()
return data.redirect.to(self._getEditProfileURLName(),
validated=True,
secure=True)
def post(self, data, check, mutator):
form = ShipmentInfoForm(data=data.POST)
error = bool(form.errors)
if error:
rendered_form = self.renderForm(data)
return http.HttpResponse(content=rendered_form)
else:
# TODO(daniel): find a better solution for creating entities from forms
# that use ndb
name = form.cleaned_data['name']
spreadsheet_id = form.cleaned_data['spreadsheet_id']
entity = shipment_tracking.ShipmentInfo(
name=name,
spreadsheet_id=spreadsheet_id,
parent=ndb.Key.from_old_key(data.program.key()))
entity.put()
shipment_id = entity.key.id()
edit_url = links.SOC_LINKER.shipmentInfo(
data.program, shipment_id, url_names.GSOC_EDIT_SHIPMENT_INFO)
raise exception.Redirect(edit_url)
def context(self, data, check, mutator):
form = LookupForm(request_data=data, data=data.POST or None)
error = bool(form.errors)
forms = [form]
profile = None
if not form.errors and data.request.method == 'POST':
profile = form.cleaned_data.get('profile')
if profile:
raise exception.Redirect(
links.SOC_LINKER.profile(profile, urls.UrlNames.PROFILE_ADMIN))
else:
return {
'forms': forms,
'error': error,
'posted': error,
'page_name': 'Lookup profile',
}
def canApplyNonStudent(self, role, edit_url):
"""Checks if the user can apply as a mentor or org admin.
"""
self.isLoggedIn()
if self.data.ndb_profile and not self.data.ndb_profile.is_student:
raise exception.Redirect(edit_url)
if role == 'org_admin' and self.data.timeline.beforeOrgSignupStart():
period = self.data.timeline.orgSignupStart()
raise exception.Forbidden(message=DEF_PAGE_INACTIVE_BEFORE %
period)
if role == 'mentor' and not self.data.timeline.orgsAnnounced():
period = self.data.timeline.orgsAnnouncedOn()
raise exception.Forbidden(message=DEF_PAGE_INACTIVE_BEFORE %
period)
if self.data.ndb_profile:
raise exception.Forbidden(
message=DEF_ALREADY_PARTICIPATING_AS_STUDENT %
(role, self.data.program.name))
def redirect(self, uri):
raise exception.Redirect(uri)
def isLoggedOut(self):
"""Ensures that the user is logged out."""
if self.data.gae_user:
raise exception.Redirect(links.LINKER.logout(self.data.request))
def checkAccess(self, data, check, mutator):
"""Checks whether this task is visible to the public and any other checks
if it is a POST request.
"""
mutator.taskFromKwargs(comments=True, work_submissions=True)
data.is_visible = check.isTaskVisible()
if task_logic.updateTaskStatus(data.task):
# The task logic updated the status of the task since the deadline passed
# and the GAE task was late to run. Reload the page.
raise exception.Redirect('')
if data.request.method == 'POST':
# Access checks for the different forms on this page. Note that there
# are no elif clauses because one could add multiple GET params :).
check.isProfileActive()
# Tasks for non-active organizations cannot be touched
check.isOrganizationActive(data.task.org)
if 'reply' in data.GET:
# checks for posting comments
# valid tasks and profile are already checked.
check.isBeforeAllWorkStopped()
check.isCommentingAllowed()
if 'submit_work' in data.GET:
check.isBeforeAllWorkStopped()
if not task_logic.canSubmitWork(data.task, data.ndb_profile):
check.fail(DEF_NOT_ALLOWED_TO_UPLOAD_WORK)
if 'button' in data.GET:
# check for any of the buttons
button_name = self._buttonName(data)
buttons = {}
TaskInformation(data).setButtonControls(buttons)
if not buttons.get(button_name):
check.fail(DEF_NOT_ALLOWED_TO_OPERATE_BUTTON % button_name)
if 'send_for_review' in data.GET:
check.isBeforeAllWorkStopped()
if not task_logic.isOwnerOfTask(data.task, data.ndb_profile) or \
not data.work_submissions or \
data.task.status not in TASK_IN_PROGRESS:
check.fail(DEF_CANT_SEND_FOR_REVIEW)
if 'delete_submission' in data.GET:
check.isBeforeAllWorkStopped()
task_id = self._submissionId(data)
work = work_submission_model.GCIWorkSubmission.get_by_id(
task_id, parent=data.task)
if not work:
check.fail(DEF_NO_WORK_FOUND % id)
user_key = ndb.Key.from_old_key(
task_model.GCIWorkSubmission.user.get_value_for_datastore(
work))
time_expired = work.submitted_on - datetime.datetime.now()
if (user_key != data.ndb_user.key
or time_expired > task_logic.DELETE_EXPIRATION):
check.fail(DEF_NOT_ALLOWED_TO_DELETE)
def redirect(self, uri, permanent=False): # pylint:disable=arguments-differ
raise exception.Redirect(uri)
