def download(download_id: str): """Downloading a zip file of the code files. Args: download_id (str): Can be on each side of a solution.id and sharedsolution.shared_url. """ solution = Solution.get_or_none(Solution.id == download_id) shared_solution = SharedSolution.get_or_none( SharedSolution.shared_url == download_id, ) if solution is None and shared_solution is None: return fail(404, 'Solution does not exist.') if shared_solution is None: viewer_is_solver = solution.solver.id == current_user.id has_viewer_access = current_user.role.is_viewer if not viewer_is_solver and not has_viewer_access: return fail(403, 'This user has no permissions to view this page.') files = solution.files filename = solution.exercise.subject else: files = shared_solution.solution.files filename = shared_solution.solution.exercise.subject response = make_response(solutions.create_zip_from_solution(files)) response.headers.set('Content-Type', 'zip') response.headers.set( 'Content-Disposition', 'attachment', filename=f'{filename}.zip', ) return response
def test_share_solution_function( exercise: Exercise, student_user: User, ): student_user2 = conftest.create_student_user(index=1) solution = conftest.create_solution(exercise, student_user2) client2 = conftest.get_logged_user(student_user2.username) # Sharing his own solution shared_response = client2.post('/share', data=json.dumps(dict( solutionId=solution.id, act='get', )), content_type='application/json') assert shared_response.status_code == 200 # Entering another student solution shared_url = SharedSolution.get_or_none( SharedSolution.solution == solution, ) conftest.logout_user(client2) client = conftest.get_logged_user(student_user.username) shared_response = client.get(f'{routes.SHARED}/{shared_url}') assert shared_response.status_code == 200 # Downloading another student solution by solution.id solution_id_download_response = client.get( f'{routes.DOWNLOADS}/{solution.id}', ) assert solution_id_download_response.status_code == 403 # Downloading another student solution download_response = client.get( f'{routes.DOWNLOADS}/{shared_url}', ) assert download_response.status_code == 200 # Deleting another user's solution delete_not_user_solution_response = client.post( '/share', data=json.dumps(dict( solutionId=solution.id, act='delete', )), content_type='application/json', ) assert delete_not_user_solution_response.status_code == 403 # Deleting his own solution conftest.logout_user(client) client2 = conftest.get_logged_user(student_user2.username) delete_share_response = client2.post('/share', data=json.dumps(dict( solutionId=solution.id, act='delete', )), content_type='application/json') assert delete_share_response.status_code == 200 # Entering not shared solution after deletion conftest.logout_user(client2) client = conftest.get_logged_user(student_user.username) not_shared_solution_response = client.get( f'{routes.SHARED}/{shared_url}', ) assert not_shared_solution_response.status_code == 404
def get(solution_id: int) -> SharedSolution: if not webapp.config.get('SHAREABLE_SOLUTIONS', False): raise LmsError('Shareable solutions are not allowed.', 403) solution = Solution.get_or_none(solution_id) if solution is None: raise LmsError(f'No such solution {solution_id}', 404) solver_id = solution.solver.id if solver_id != current_user.id and not current_user.role.is_manager: raise LmsError("You aren't allowed to access this page.", 403) shared_solution = SharedSolution.get_or_none( SharedSolution.solution == solution, ) if shared_solution is None: shared_solution = SharedSolution.create_new(solution=solution) return shared_solution
def shared_solution(shared_url: str, file_id: Optional[int] = None): if not webapp.config.get('SHAREABLE_SOLUTIONS', False): return fail(404, 'Solutions are not shareable.') shared_solution = SharedSolution.get_or_none( SharedSolution.shared_url == shared_url, ) if shared_solution is None: return fail(404, 'The solution does not exist.') solution_id = shared_solution.solution.id return view( solution_id=solution_id, file_id=file_id, shared_url=shared_url, )
def get_download_data( download_id: str, ) -> Tuple[Iterator[SolutionFile], str]: solution = Solution.get_or_none(Solution.id == download_id) shared_solution = SharedSolution.get_or_none( SharedSolution.shared_url == download_id, ) if solution is None and shared_solution is None: raise ResourceNotFound('Solution does not exist.', 404) if shared_solution is None: viewer_is_solver = solution.solver.id == current_user.id has_viewer_access = current_user.role.is_viewer if not viewer_is_solver and not has_viewer_access: raise ForbiddenPermission( 'This user has no permissions to view this page.', 403, ) files = solution.files filename = solution.exercise.subject else: files = shared_solution.solution.files filename = shared_solution.solution.exercise.subject return files, filename
def create_shared_solution(solution: Solution) -> SharedSolution: return SharedSolution.create_new(solution=solution)
def create_shared_solution(solution: Solution) -> str: return SharedSolution.create_shared_solution(solution=solution)