def update(request, subm_id):
# Submission should only be editable by their creators
submission = get_object_or_404(Submission, pk=subm_id)
# Somebody may bypass the template check by sending direct POST form data
if not submission.can_reupload():
raise SuspiciousOperation("Update of submission %s is not allowed at this time." % str(subm_id))
if request.user not in submission.authors.all():
return redirect('dashboard')
if request.POST:
updateForm = SubmissionFileUpdateForm(request.POST, request.FILES)
if updateForm.is_valid():
new_file = SubmissionFile(attachment=updateForm.files['attachment'])
new_file.save()
# fix status of old uploaded file
submission.file_upload.replaced_by = new_file
submission.file_upload.save()
# store new file for submissions
submission.file_upload = new_file
submission.state = submission.get_initial_state()
submission.notes = updateForm.data['notes']
submission.save()
messages.info(request, 'Submission files successfully updated.')
return redirect('dashboard')
else:
updateForm = SubmissionFileUpdateForm(instance=submission)
return render(request, 'update.html', {'submissionFileUpdateForm': updateForm,
'submission': submission})
def update(request, subm_id):
# Submission should only be editable by their creators
submission = get_object_or_404(Submission, pk=subm_id)
# Somebody may bypass the template check by sending direct POST form data
if not submission.can_reupload():
raise SuspiciousOperation(
"Update of submission %s is not allowed at this time." %
str(subm_id))
if request.user not in submission.authors.all():
return redirect('dashboard')
if request.POST:
updateForm = SubmissionFileUpdateForm(request.POST, request.FILES)
if updateForm.is_valid():
new_file = SubmissionFile(
attachment=updateForm.files['attachment'])
new_file.save()
# fix status of old uploaded file
submission.file_upload.replaced_by = new_file
submission.file_upload.save()
# store new file for submissions
submission.file_upload = new_file
submission.state = submission.get_initial_state()
submission.notes = updateForm.data['notes']
submission.save()
messages.info(request, 'Submission files successfully updated.')
return redirect('dashboard')
else:
updateForm = SubmissionFileUpdateForm(instance=submission)
return render(request, 'update.html', {
'submissionFileUpdateForm': updateForm,
'submission': submission
})
def update(request, subm_id):
# Submission should only be editable by their creators
submission = get_object_or_404(Submission, pk=subm_id)
# Somebody may bypass the template check by sending direct POST form data.
# This check also fails when the student performs a simple reload on the /update page
# without form submission after the deadline.
# In practice, the latter happens all the time, so we skip the Exception raising here,
# which lead to endless mails for the admin user in the past.
if not submission.can_reupload():
return redirect('dashboard')
#raise SuspiciousOperation("Update of submission %s is not allowed at this time." % str(subm_id))
if request.user not in submission.authors.all():
return redirect('dashboard')
if request.POST:
updateForm = SubmissionFileUpdateForm(request.POST, request.FILES)
if updateForm.is_valid():
new_file = SubmissionFile(
attachment=updateForm.files['attachment'])
new_file.save()
# fix status of old uploaded file
submission.file_upload.replaced_by = new_file
submission.file_upload.save()
# store new file for submissions
submission.file_upload = new_file
submission.state = submission.get_initial_state()
submission.notes = updateForm.data['notes']
submission.save()
messages.info(request, 'Submission files successfully updated.')
return redirect('dashboard')
else:
updateForm = SubmissionFileUpdateForm(instance=submission)
return render(request, 'update.html', {
'submissionFileUpdateForm': updateForm,
'submission': submission
})
def new(request, ass_id):
ass = get_object_or_404(Assignment, pk=ass_id)
if not ass.is_visible(user=request.user):
raise Http404()
# Check whether submissions are allowed.
if not ass.can_create_submission(user=request.user):
raise PermissionDenied(
"You are not allowed to create a submission for this assignment")
# get submission form according to the assignment type
SubmissionForm = getSubmissionForm(ass)
# Analyze submission data
if request.POST:
if 'authors' in request.POST:
authors = map(lambda s: User.objects.get(pk=int(s)),
request.POST['authors'].split(','))
if not ass.authors_valid(authors):
raise PermissionDenied(
"The given list of co-authors is invalid!")
# we need to fill all forms here, so that they can be rendered on validation errors
submissionForm = SubmissionForm(request.user, ass, request.POST,
request.FILES)
if submissionForm.is_valid():
submission = submissionForm.save(
commit=False) # commit=False to set submitter in the instance
submission.submitter = request.user
submission.assignment = ass
submission.state = submission.get_initial_state()
# take uploaded file from extra field
if ass.has_attachment:
submissionFile = SubmissionFile(
attachment=submissionForm.cleaned_data['attachment'])
submissionFile.save()
submission.file_upload = submissionFile
submission.save()
submissionForm.save_m2m(
) # because of commit=False, we first need to add the form-given authors
submission.save()
messages.info(request, "New submission saved.")
if submission.state == Submission.SUBMITTED:
inform_course_owner(request, submission)
return redirect('dashboard')
else:
messages.error(request,
"Please correct your submission information.")
else:
submissionForm = SubmissionForm(request.user, ass)
return render(request, 'new.html', {
'submissionForm': submissionForm,
'assignment': ass
})
def new(request, ass_id):
ass = get_object_or_404(Assignment, pk=ass_id)
if not ass.is_visible(user=request.user):
raise Http404()
# Check whether submissions are allowed.
if not ass.can_create_submission(user=request.user):
raise PermissionDenied("You are not allowed to create a submission for this assignment")
# get submission form according to the assignment type
SubmissionForm = getSubmissionForm(ass)
# Analyze submission data
if request.POST:
if 'authors' in request.POST:
authors = map(lambda s: User.objects.get(pk=int(s)), request.POST['authors'].split(','))
if not ass.authors_valid(authors):
raise PermissionDenied("The given list of co-authors is invalid!")
# we need to fill all forms here, so that they can be rendered on validation errors
submissionForm = SubmissionForm(request.user, ass, request.POST, request.FILES)
if submissionForm.is_valid():
submission = submissionForm.save(commit=False) # commit=False to set submitter in the instance
submission.submitter = request.user
submission.assignment = ass
submission.state = submission.get_initial_state()
# take uploaded file from extra field
if ass.has_attachment:
submissionFile = SubmissionFile(attachment=submissionForm.cleaned_data['attachment'])
submissionFile.save()
submission.file_upload = submissionFile
submission.save()
submissionForm.save_m2m() # because of commit=False, we first need to add the form-given authors
submission.save()
messages.info(request, "New submission saved.")
if submission.state == Submission.SUBMITTED:
inform_course_owner(request, submission)
return redirect('dashboard')
else:
messages.error(request, "Please correct your submission information.")
else:
submissionForm = SubmissionForm(request.user, ass)
return render(request, 'new.html', {'submissionForm': submissionForm,
'assignment': ass})
