def load_assignment(lti=lti): # Get arguments assignment_id = int(request.values.get('assignment_id')) assignment = Assignment.by_id(assignment_id) course_id = get_course_id(True) user, user_id = get_user() # Verify exists check_resource_exists(assignment, "Assignment", assignment_id) # Verify permissions if course_id is None: editor_information = assignment.for_read_only_editor(user_id) else: editor_information = assignment.for_editor(user_id, course_id) browser_info = repr({ 'platform': request.user_agent.platform, 'browser': request.user_agent.browser, 'version': request.user_agent.version, 'language': request.user_agent.language, 'user_agent': request.user_agent.string }) # Log the event if user is not None: make_log_entry(assignment_id, assignment.version, course_id, user_id, 'Session.Start', message=browser_info) # Verify passcode, if necessary if assignment.passcode_fails(request.values.get('passcode')): return ajax_failure("Passcode {!r} rejected".format( request.values.get("passcode"))) return ajax_success(editor_information)
def update_submission_status(lti, lti_exception=None): # Get parameters submission_id = maybe_int(request.values.get("submission_id")) status = request.values.get('status') course_id = get_course_id() user, user_id = get_user() submission = Submission.by_id(submission_id) # Check resource exists check_resource_exists(submission, "Submission", submission_id) # Verify permissions if submission.user_id != user_id and not user.is_grader( submission.course_id): return ajax_failure( "This is not your submission and you are not a grader in its course." ) # Do action success = submission.update_submission_status(status) make_log_entry(submission.assignment_id, submission.assignment_version, course_id, user_id, "Submit", "answer.py", category=status, message=str(success)) return ajax_success({"success": success})
def get_assignments(): assignment_ids = request.values.get('assignment_ids', "") course_id = get_course_id() user, user_id = get_user() # TODO: verify that they have the permissions to see these assignments assignments, groups = [], [] errors = [] if not assignment_ids: course: Course = Course.by_id(course_id) check_resource_exists(course, "Course", course_id) grouped_assignments = natsorted( course.get_submitted_assignments_grouped(), key=lambda r: (r.AssignmentGroup.name if r.AssignmentGroup is not None else None, r.Assignment.name)) assignments = [a.Assignment.encode_json() for a in grouped_assignments] groups = [ a.AssignmentGroup.encode_json() if a.AssignmentGroup is not None else None for a in grouped_assignments ] else: for assignment_id in assignment_ids.split(","): if not assignment_id.isdigit(): errors.append(f"Unknown Assignment ID: {assignment_id!r}") assignment_id = int(assignment_id) # With Course Role Information assignment = Assignment.by_id(assignment_id) check_resource_exists(assignment, "Assignment", assignment_id) assignments.append(assignment.encode_json()) return ajax_success( dict(assignments=assignments, errors=errors, groups=groups))
def dump_logs(): assignment_id = int(request.values.get('assignment_id')) course_id = int(request.values.get('course_id')) assignment = Assignment.by_id(assignment_id) user, user_id = get_user() # Verify exists check_resource_exists(assignment, "Assignment", assignment_id) # Verify permissions if not user.is_grader(course_id): return "You are not a grader in this course." # Get data suas = Submission.by_assignment(assignment_id, course_id) data = { 'assignment': assignment.encode_json(), 'submissions': [{ 'user': u.encode_json(), 'submission': sub.encode_json(), 'history': Log.get_history(course_id, assignment_id, u.id), 'reviews': sub.get_reviews() } for (sub, u, assign) in suas] } filename = assignment.get_filename() + '_submissions.json' return Response(json.dumps(data), mimetype='application/json', headers={ 'Content-Disposition': 'attachment;filename={}'.format(filename) })
def submissions_user(course_id, owner_id): ''' List all the users in the course ''' course_id = int(course_id) course = Course.by_id(course_id) check_resource_exists(course, "Course", course_id) user, user_id = get_user() if course_id is not None: is_grader = user.is_grader(course_id) else: is_grader = False is_owner = user_id == maybe_int(owner_id) if not is_grader and not is_owner: return "You are not an instructor or the owner of the assignment!" owner = User.by_id(maybe_int(owner_id)) assignments = natsorted(course.get_submitted_assignments(), key=lambda r: r.name) all_subs = Submission.by_student(owner_id, course_id) all_subs = {s[0].assignment_id: s for s in all_subs} submissions = [all_subs.get(assignment.id, (None, None, assignment)) for assignment in assignments] return render_template('courses/submissions_user.html', course_id=course_id, assignments=assignments, submissions=submissions, owner=owner, is_instructor=is_grader)
def export_submissions(): assignment_id = int(request.values.get('assignment_id')) assignment = Assignment.by_id(assignment_id) course_id = get_course_id(True) user, user_id = get_user() # Verify exists check_resource_exists(assignment, "Assignment", assignment_id) # Verify permissions assignment = Assignment.by_id(int(assignment_id)) if course_id is None or not user.is_instructor(int(course_id)): return "You are not an instructor or the owner of the assignment!" # Get data suas = Submission.by_assignment(assignment_id, course_id) submissions = [sua[0] for sua in suas] users = [sua[1] for sua in suas] bundle = export_zip(assignments=[assignment], submissions=submissions, users=users) filename = assignment.get_filename(extension='.zip') return Response(bundle, mimetype='application/zip', headers={ 'Content-Disposition': 'attachment;filename={}'.format(filename) })
def save_assignment(lti=lti): assignment_id = request.values.get('assignment_id') user, user_id = get_user() course_id = get_course_id() assignment = Assignment.query.get(assignment_id) # Verify exists check_resource_exists(assignment, "Assignment", assignment_id) # Verify permissions if assignment.owner_id != user.id: require_course_grader(user, assignment.course_id) # Parse new settings updates = {} if "hidden" in request.values: updates["hidden"] = maybe_bool(request.values.get("hidden")) if "reviewed" in request.values: updates["reviewed"] = maybe_bool(request.values.get("reviewed")) if "public" in request.values: updates["public"] = maybe_bool(request.values.get("public")) if "url" in request.values: updates["url"] = request.values.get("url") or None if "ip_ranges" in request.values: updates["ip_ranges"] = request.values.get("ip_ranges") if "name" in request.values: updates["name"] = request.values.get("name") if "settings" in request.values: updates["settings"] = request.values.get("settings") # Perform update modified = assignment.edit(updates) make_log_entry(assignment.id, assignment.version, course_id or assignment.course_id, user.id, "X-Instructor.Settings.Edit", "assignment_settings.blockpy", message=json.dumps(updates)) return ajax_success({"modified": modified})
def view_submissions(course_id, user_id, assignment_group_id): embed = maybe_bool(request.values.get('embed')) viewer, viewer_id = get_user() group, assignments, submissions = get_groups_submissions( assignment_group_id, user_id, course_id) # Check permissions for submission in submissions: if not submission: return ajax_failure( "No submission for the given course, user, and group.") elif submission.user_id != viewer_id: require_course_grader(viewer, submission.course_id) # Do action points_total, points_possible = calculate_submissions_score( assignments, submissions) score = round(points_total / points_possible, 2) # TODO: Handle tags is_grader = viewer.is_grader(course_id) tags = [] if is_grader: tags = [tag.encode_json() for tag in AssignmentTag.get_all()] return render_template("reports/group.html", embed=embed, points_total=points_total, points_possible=points_possible, score=score, tags=tags, is_grader=is_grader, group=list(zip(assignments, submissions)), user_id=user_id, course_id=course_id)
def dashboard(lti=lti): """ :type lti: controllers.pylti.flask.lTI """ if 'user' not in g and not g.user: return "You are not logged in." course_id = get_course_id() user, user_id = get_user() if course_id is None: return "You are not in a course context." is_grader = user.is_grader(course_id) if is_grader: return grader_dashboard(user, course_id) course = Course.by_id(course_id) assignments = natsorted(course.get_submitted_assignments(), key=lambda r: r.name) all_subs = Submission.by_student(user_id, course_id) all_subs = {s[0].assignment_id: s for s in all_subs} submissions = [ all_subs.get(assignment.id, (None, None, assignment)) for assignment in assignments ] return render_template('courses/dashboard.html', embed=True, course_id=course_id, user=user, is_grader=is_grader, submissions=submissions, criteria='student')
def dashboard(lti=lti, lti_exception=None): """ :type lti: controllers.pylti.flask.lTI """ force_default_assignment = maybe_bool(request.values.get('force_default_assignment', "false")) if 'user' not in g and not g.user: return "You are not logged in." course_id = get_course_id() user, user_id = get_user() if course_id is None: return "You are not in a course context." is_grader = user.is_grader(course_id) if is_grader and not force_default_assignment: return grader_dashboard(user, course_id) course = Course.by_id(course_id) assignment = course.get_default_assignment() if assignment is not None: return redirect(url_for("blockpy.load", assignment_id=assignment.id, course_id=course_id, user_id=user_id, force_download=False, embed=True)) else: # No default assignment! assignments = natsorted(course.get_submitted_assignments(), key=lambda r: r.name) all_subs = Submission.by_student(user_id, course_id) all_subs = {s[0].assignment_id: s for s in all_subs} submissions = [all_subs.get(assignment.id, (None, None, assignment)) for assignment in assignments] return render_template('courses/dashboard.html', embed=True, course_id=course_id, user=user, is_grader=is_grader, submissions=submissions, criteria='student')
def fix_course_outcome_url(): new_url = request.values.get("new_url") course_id = get_course_id() user, user_id = get_user() require_course_instructor(user, course_id) course = Course.by_id(course_id) course.update_endpoint(new_url) return ajax_success({"success": "True"})
def load_assignment(lti=lti): # Get arguments assignment_id = int(request.values.get('assignment_id')) assignment = Assignment.by_id(assignment_id) student_id = maybe_int(request.values.get('user_id')) course_id = get_course_id(True) user, user_id = get_user() force_download = maybe_bool(request.values.get('force_download', "false")) # Verify exists check_resource_exists(assignment, "Assignment", assignment_id) # Verify permissions if user_id != student_id and not user.is_grader(course_id): return ajax_failure( "Only graders can see submissions for other people.") if course_id is None: editor_information = assignment.for_read_only_editor(student_id) else: editor_information = assignment.for_editor(student_id, course_id) browser_info = json.dumps({ 'platform': request.user_agent.platform, 'browser': request.user_agent.browser, 'version': request.user_agent.version, 'language': request.user_agent.language, 'user_agent': request.user_agent.string }) # Log the event if user is not None: if user_id != student_id: make_log_entry(assignment_id, assignment.version, course_id, user_id, 'X-Submission.Get', message=str(student_id)) else: make_log_entry(assignment_id, assignment.version, course_id, user_id, 'Session.Start', message=browser_info) # Verify passcode, if necessary if assignment.passcode_fails(request.values.get('passcode')): return ajax_failure("Passcode {!r} rejected".format( request.values.get("passcode"))) if force_download: student_filename = User.by_id(student_id).get_filename("") filename = assignment.get_filename( "") + "_" + student_filename + '_submission.json' return Response(json.dumps(editor_information), mimetype='application/json', headers={ 'Content-Disposition': 'attachment;filename={}'.format(filename) }) else: return ajax_success(editor_information)
def delete(self, review_id): user, user_id = get_user() review = Review.by_id(review_id) check_resource_exists(review, "Review", review_id) submission = Submission.by_id(review.submission_id) check_resource_exists(submission, "Submission", review.submission_id) require_course_grader(user, submission.course_id) review.delete() return ajax_success(dict(success=True))
def get_one(self, review_id): user, user_id = get_user() review = Review.by_id(review_id) check_resource_exists(review, "Review", review_id) submission = Submission.by_id(review.submission_id) check_resource_exists(submission, "Submission", review.submission_id) if submission.user_id != user_id: require_course_grader(user, submission.course_id) return ajax_success(dict(review=review.encode_json()))
def save_file(lti=lti): filename = request.values.get("filename") course_id = get_course_id() user, user_id = get_user() if course_id is None: return ajax_failure("Course ID was not made available") if filename in Submission.STUDENT_FILENAMES: return save_student_file(filename, course_id, user) if filename in Assignment.INSTRUCTOR_FILENAMES: return save_instructor_file(course_id, user, filename) return ajax_failure("Unknown filename: " + str(filename))
def get_submission_image(lti=lti): submission_id = int(request.values.get('submission_id')) relative_image_path = 'uploads/submission_blocks/{}.png'.format(submission_id) submission = Submission.query.get(submission_id) user, user_id = get_user() # Check exists check_resource_exists(submission, "Submission", submission_id) # Check permissions if submission.user_id != user_id: require_course_grader(user, submission.course_id) # Do action return app.send_static_file(relative_image_path)
def update_grading_status(lti, lti_exception=None): submission_id = maybe_int(request.values.get("submission_id")) # TODO: Pretty sure multiple assignments are broken for grading assignment_group_id = maybe_int(request.values.get('assignment_group_id')) new_grading_status = request.values.get("new_grading_status") user, user_id = get_user() submission = Submission.by_id(submission_id) # Check resource exists check_resource_exists(submission, "Submission", submission_id) # Verify permissions if not user.is_grader(submission.course_id): return ajax_failure( "This is not your submission and you are not a grader in its course." ) submission.update_grading_status(new_grading_status) if submission.grading_status != GradingStatuses.FULLY_GRADED: return ajax_success({'new_status': new_grading_status}) # Do action if assignment_group_id is None: assignment_group_id = submission.assignment_group_id error = "Generic LTI Failure - perhaps not logged into LTI session?" try: success, score = lti_post_grade(lti, submission, None, assignment_group_id, submission.user_id, submission.course_id) except LTIPostMessageException as e: success = False error = str(e) if success: make_log_entry(submission.assignment_id, submission.assignment_version, submission.course_id, user_id, "X-Submission.LMS", "answer.py", message=str(score)) return ajax_success({"submitted": True, "new_status": "FullyGraded"}) else: submission.update_grading_status(GradingStatuses.FAILED) make_log_entry(submission.assignment_id, submission.assignment_version, submission.course_id, user_id, "X-Submission.LMS.Failure", "answer.py", message=error) return ajax_failure({ "submitted": False, "message": error, "new_status": "Failed" })
def put(self, review_id): user, user_id = get_user() review = Review.by_id(review_id) check_resource_exists(review, "Review", review_id) submission = Submission.by_id(review.submission_id) check_resource_exists(submission, "Submission", review.submission_id) require_course_grader(user, submission.course_id) review_data = request.json.copy() del review_data['id'] fix_nullables(review_data) review_data['author_id'] = user_id edited_review = review.edit(review_data) return ajax_success(dict(review=edited_review.encode_json()))
def get_all(self): submission_id = maybe_int(request.values.get('submission_id')) user, user_id = get_user() if submission_id is None: reviews = Review.get_generic_reviews() else: submission = Submission.by_id(submission_id) check_resource_exists(submission, "Submission", submission_id) reviews = Review.get_for_submission(submission_id) if submission.user_id != user_id: require_course_grader(user, submission.course_id) return ajax_success( dict(reviews=[review.encode_json() for review in reviews]))
def update_submission_status(): submission_id = maybe_int(request.values.get("submission_id")) new_submission_status = request.values.get("new_submission_status") user, user_id = get_user() submission = Submission.by_id(submission_id) # Check resource exists check_resource_exists(submission, "Submission", submission_id) # Verify permissions if not user.is_grader(submission.course_id): return ajax_failure( "You are not a grader in this submission's course.") submission.update_submission_status(new_submission_status) return ajax_success({'new_status': new_submission_status})
def get_image(): submission_id = int(request.values.get('submission_id')) directory = request.values.get('directory') relative_image_path = 'uploads/{}/{}.png'.format(directory, submission_id) submission = Submission.query.get(submission_id) user, user_id = get_user() # Check exists check_resource_exists(submission, "Submission", submission_id) # Check permissions if submission.user_id != user_id and not user.is_grader(submission.course_id): return ajax_failure("This is not your submission and you are not a grader in its course.") # Do action return app.send_static_file(relative_image_path)
def post(self): user, user_id = get_user() submission_id = maybe_int(request.values.get('submission_id')) submission = Submission.by_id(submission_id) check_resource_exists(submission, "Submission", submission_id) require_course_grader(user, submission.course_id) review_data = request.values.copy() del review_data['id'] review_data['author_id'] = user_id review_data['submission_version'] = submission.version review_data['assignment_version'] = submission.assignment_version fix_nullables(review_data) new_review = Review.new(review_data) return ajax_success(dict(review=new_review.encode_json()))
def mass_close_assignment(): assignment_id = maybe_int(request.values.get("assignment_id")) course_id = maybe_int(request.values.get("course_id")) new_submission_status = request.values.get("new_submission_status") user, user_id = get_user() submissions = Submission.by_assignment(assignment_id=assignment_id, course_id=course_id) # Verify permissions if not user.is_grader(course_id): return ajax_failure("You are not a grader in this course.") # Do action for submission in submissions: submission.update_submission_status(new_submission_status) return ajax_success({'new_status': new_submission_status})
def log_event(lti=lti): course_id = get_course_id() user, user_id = get_user() assignment_id = request.values.get('assignment_id') assignment_version = request.values.get('assignment_version') event_type = request.values.get("event_type") file_path = request.values.get("file_path", "") category = request.values.get('category', "") label = request.values.get('label', "") message = request.values.get('message', "") # Make the entry new_log = make_log_entry(assignment_id, assignment_version, course_id, user_id, event_type, file_path, category, label, message) return ajax_success({"log_id": new_log.id})
def get_assignments(): assignment_ids = request.values.get('assignment_ids', "") course_id = get_course_id() user, user_id = get_user() # TODO: verify that they have the permissions to see this file assignments = [] for assignment_id in assignment_ids.split(","): if not assignment_id.isdigit(): return ajax_failure(f"Unknown Assignment ID: {assignment_id!r}") assignment_id = int(assignment_id) # With Course Role Information assignment = Assignment.by_id(assignment_id) check_resource_exists(assignment, "Assignment", assignment_id) assignments.append(assignment.encode_json()) return ajax_success(dict(assignments=assignments))
def index(): """ List all of the courses associated with the user. """ user, user_id = get_user() # Get this user's course with their roles my_courses = [] if user: my_courses = user.get_courses() # Get all public courses public_courses = Course.get_public() return render_template('courses/index.html', user=user, my_courses=my_courses, public_courses=public_courses)
def assignments(course_id): user, user_id = get_user() # TODO: Check if public course if not g.user.in_course(course_id): return redirect(url_for('courses.index')) assignments = Assignment.get_available() groups = AssignmentGroup.query.all() course_groups = Course.get_all_groups() editable_courses = g.user.get_editable_courses() return render_template('courses/assignments.html', assignments=assignments, groups=groups, editable_courses=editable_courses, course_groups=course_groups, course_id=course_id)
def export(): assignment_id = int(request.values.get('assignment_id')) assignment = Assignment.by_id(assignment_id) course_id = get_course_id(True) user, user_id = get_user() # Verify exists check_resource_exists(assignment, "Assignment", assignment_id) # Verify permissions bundle = export_bundle(assignments=[assignment]) filename = assignment.get_filename() return Response(json.dumps(bundle), mimetype='application/json', headers={ 'Content-Disposition': 'attachment;filename={}'.format(filename) })
def save_image(): # Get parameters submission_id = maybe_int(request.values.get("submission_id")) directory = request.values.get('directory') image = request.values.get('image') course_id = get_course_id() user, user_id = get_user() submission = Submission.by_id(submission_id) # Check resource exists check_resource_exists(submission, "Submission", submission_id) # Verify permissions if submission.user_id != user_id and not user.is_grader(submission.course_id): return ajax_failure("This is not your submission and you are not a grader in its course.") # Do action success = submission.save_image(directory, image) make_log_entry(submission.assignment_id, submission.assignment_version, course_id, user_id, "X-Image.Save", directory) return ajax_success({"success": success})
def load_readonly(lti=lti): embed = maybe_bool(request.values.get('embed')) user, user_id = get_user() assignment_data = json.loads(request.values.get("assignment_data", "{}")) # Handle Passcode # Handle IP Addresses print(assignment_data) return load_editor(lti, { "user": user, "user_id": user_id, "embed": embed, "read_only": True, "current_submission_id": None, "course_id": None, "role": assignment_data.get('user', {}).get('role', 'instructor'), "assignment_group_id": None, "assignment_data": assignment_data })