def view_attestation(request, attestation_id):
attest = get_object_or_404(Attestation, pk=attestation_id)
if not (attest.solution.author == request.user or in_group(request.user,'Tutor,Trainer') or request.user.is_superuser):
return access_denied(request)
if request.method == "POST":
form = AttestationPreviewForm(request.POST, instance=attest)
if form.is_valid():
form.save()
if 'publish' in request.POST:
attest.publish(request)
return HttpResponseRedirect(reverse('attestation_list', args=[attest.solution.task.id]))
else:
form = AttestationPreviewForm(instance=attest)
submitable = attest.author == request.user and not attest.published
return render_to_response("attestation/attestation_view.html", {"attest": attest, 'submitable':submitable, 'form':form, 'show_author': not get_settings().anonymous_attestation}, context_instance=RequestContext(request))
def view_attestation(request, attestation_id):
attest = get_object_or_404(Attestation, pk=attestation_id)
may_modify = attest.author == request.user or request.user.is_trainer
may_view = attest.solution.author == request.user or request.user.is_tutor or may_modify
if not may_view:
return access_denied(request)
if request.method == "POST":
if not may_modify:
return access_denied(request)
with transaction.atomic():
form = AttestationPreviewForm(request.POST, instance=attest)
if form.is_valid():
form.save()
if 'publish' in request.POST:
if attest.solution.task.only_trainers_publish and not request.user.is_trainer:
return access_denied(request)
attest.publish(request, by = request.user)
return HttpResponseRedirect(reverse('attestation_list', args=[attest.solution.task.id]))
else:
form = AttestationPreviewForm(instance=attest)
submitable = may_modify and not attest.published
withdrawable = may_modify and attest.published
return render_to_response("attestation/attestation_view.html", {"attest": attest, 'submitable':submitable, 'withdrawable': withdrawable, 'form':form, 'show_author': not get_settings().anonymous_attestation, 'show_attestor': not get_settings().invisible_attestor}, context_instance=RequestContext(request))
def view_attestation(request, attestation_id):
attest = get_object_or_404(Attestation, pk=attestation_id)
if not (attest.solution.author == request.user or in_group(
request.user, 'Tutor,Trainer') or request.user.is_superuser):
return access_denied(request)
if request.method == "POST":
form = AttestationPreviewForm(request.POST, instance=attest)
if form.is_valid():
form.save()
if 'publish' in request.POST:
attest.publish(request)
return HttpResponseRedirect(
reverse('attestation_list', args=[attest.solution.task.id]))
else:
form = AttestationPreviewForm(instance=attest)
submitable = attest.author == request.user and not attest.published
return render_to_response(
"attestation/attestation_view.html", {
"attest": attest,
'submitable': submitable,
'form': form,
'show_author': not get_settings().anonymous_attestation
},
context_instance=RequestContext(request))
def view_attestation(request, attestation_id):
attest = get_object_or_404(Attestation, pk=attestation_id)
may_modify = attest.author == request.user or request.user.is_trainer
may_view = attest.solution.author == request.user or request.user.is_tutor or may_modify
if not may_view:
return access_denied(request)
if request.method == "POST":
if not may_modify:
return access_denied(request)
with transaction.atomic():
form = AttestationPreviewForm(request.POST, instance=attest)
if form.is_valid():
form.save()
if 'publish' in request.POST:
if attest.solution.task.only_trainers_publish and not request.user.is_trainer:
return access_denied(request)
attest.publish(request, by = request.user)
return HttpResponseRedirect(reverse('attestation_list', args=[attest.solution.task.id]))
else:
form = AttestationPreviewForm(instance=attest)
submitable = may_modify and not attest.published
withdrawable = may_modify and attest.published
htmlinjectors = HtmlInjector.objects.filter(task = attest.solution.task, inject_in_attestation_view = True)
htmlinjector_snippets = [ injector.html_file.read() for injector in htmlinjectors ]
return render(request,
"attestation/attestation_view.html",
{
"attest": attest,
"submitable": submitable,
"withdrawable": withdrawable,
"form": form,
"show_author": not get_settings().anonymous_attestation,
"show_attestor": not get_settings().invisible_attestor,
"htmlinjector_snippets": htmlinjector_snippets,
}
)
def view_attestation(request, attestation_id):
attest = get_object_or_404(Attestation, pk=attestation_id)
may_modify = attest.author == request.user or request.user.is_trainer
may_view = attest.solution.author == request.user or request.user.is_tutor or may_modify
if not may_view:
return access_denied(request)
if request.method == "POST":
if not may_modify:
return access_denied(request)
with transaction.atomic():
form = AttestationPreviewForm(request.POST, instance=attest)
if form.is_valid():
form.save()
if 'publish' in request.POST:
if attest.solution.task.only_trainers_publish and not request.user.is_trainer:
return access_denied(request)
attest.publish(request, by=request.user)
return HttpResponseRedirect(
reverse('attestation_list',
args=[attest.solution.task.id]))
else:
form = AttestationPreviewForm(instance=attest)
submitable = may_modify and not attest.published
withdrawable = may_modify and attest.published
htmlinjectors = HtmlInjector.objects.filter(
task=attest.solution.task, inject_in_attestation_view=True)
htmlinjector_snippets = [
injector.html_file.read() for injector in htmlinjectors
]
return render_to_response(
"attestation/attestation_view.html", {
"attest": attest,
"submitable": submitable,
"withdrawable": withdrawable,
"form": form,
"show_author": not get_settings().anonymous_attestation,
"show_attestor": not get_settings().invisible_attestor,
"htmlinjector_snippets": htmlinjector_snippets,
},
context_instance=RequestContext(request))