def post_secure_sesd_route():
try:
data = request.get_json()
course_token = data.get('course_id', None)
date_taken = data.get('date_taken', None)
answer_pair = data.get('answers')
owner = data.get('owner')
course_id = Course.get_course_id(course_token,EXPIRY_INTERVAL)
if not all( (course_id, date_taken, answer_pair, owner, ) ):
return respond_back(ERROR, 'One of the primary arguments are missing')
repo_owner = db.session.query(User).filter_by(username=owner).first()
if course_id is None or repo_owner is None:
return respond_back(ERROR,'This course does not exist')
course_taken = db.session.query(ExamTaken).filter_by(course_id=course_id,
participant_id=current_user.id).first()
if course_taken is not None:
return respond_back(ERROR, 'You have already taken this examination')
# needed to verify JSON object's correctness for the answer
answer_object = MyJSONObjectWriter()
json.dump(answer_pair, answer_object, skipkeys=True, indent=2, separators=(',', ': '))
other_data = answer_object.get_buffer()
solution_data = { 'user_id': current_user.id, 'owner_id': repo_owner.id,
'course_id': course_id, 'data': other_data,
'date_taken': date_taken }
submit_paper_for_marking(current_user.email, json.dumps(solution_data))
return respond_back(SUCCESS, 'OK')
except BadRequest:
return respond_back(ERROR, 'No data was specified')
def initial_request_route(username, repo):
course_owner = db.session.query(User).filter_by(username=username).first()
if course_owner is None or course_owner.role < User.ADMINISTRATOR:
return respond_back(ERROR, 'User does not exists or repository name is invalid')
for repository in course_owner.repositories:
if repository.repo_name == repo:
return jsonify({'status': SUCCESS, 'url': urlify(course_owner, repository, 60 * 60 * 2), 'detail': 'Success'})
return respond_back(ERROR, 'Invalid repository name')
def edit_course_route():
if request.method == 'GET':
course_name = request.args.get( 'course_name' )
repository_name = request.args.get( 'repository_name')
if course_name is None or repository_name is None:
return respond_back(ERROR, 'Missing request argument')
else:
return respond_back(SUCCESS, 'OK')
def signup_route():
try:
data = request.get_json()
if data is None:
return error_response('Invalid request sent')
name = data.get('full_name', None)
address = data.get('address', None)
email = data.get('email')
username = data.get('username')
phone_number = data.get('phone')
password = data.get('password')
if not all((
name,
address,
email,
username,
password,
)):
return respond_back(ERROR, 'Missing data member')
if data_cache.sismember('tuq:usernames', username):
return error_response('The username has been registered')
if data_cache.sismember('tuq:emails', email):
return respond_back(ERROR, 'The email address has been registered')
if phone_number is not None and len(
phone_number) != 0 and data_cache.sismember(
'tuq:phones', phone_number):
return error_response('The mobile number has been registered')
user = User(username=username,
fullname=name,
email=email,
alias=username,
password=password,
address=address,
role=User.NORMAL_USER,
display_picture=DEFAULT_DISPLAY_PICTURE,
phone_number=phone_number,
is_active_premium=False,
date_of_registration=str(datetime.utcnow()))
try:
db.session.add(user)
db.session.commit()
except InvalidRequestError as invalid_request_err:
print(invalid_request_err)
return error_response('User detail already exist')
data_cache.sadd('tuq:emails', email)
data_cache.sadd('tuq:usernames', username)
if phone_number is not None:
data_cache.sadd('tuq:phones', phone_number)
send_confirmation_message(email, user.id, name)
return respond_back(
SUCCESS, 'A confirmation message has been sent to your email')
except Exception as e:
print(e)
return error_response('Unable to process signup request')
def get_courses_route():
try:
repository_name = request.args.get('repository')
if repository_name is None:
return respond_back(ERROR, 'Invalid repository name')
repository = db.session.query(Repository).filter_by(user_id=current_user.id, repo_name=repository_name).first()
if repository is None:
return respond_back(ERROR, 'Nothing found')
return jsonify({'status': SUCCESS, 'courses': list_courses_data(repository.courses)})
except BadRequest:
return respond_back(ERROR, 'Bad request')
def delete_repository_route():
json_data = request.get_json()
if json_data is None:
return respond_back(ERROR,'Invalid request data')
repository_name = json_data.get( 'repository_name' )
if repository_name is None:
return respond_back(ERROR, 'A repository name must be specified')
for repo in current_user.repositories:
if repository_name == repo.repo_name:
db.session.delete(repo)
db.session.commit()
return respond_back(SUCCESS,'Removed successfully')
return respond_back(ERROR, 'No such repository found for user')
def confirm_user_route():
if request.method == 'GET':
token = request.args.get('token')
if not User.confirm_user_with_token(EXPIRY_INTERVAL, token=token):
return respond_back(ERROR, 'You have either been confirmed or used an invalid/expired link.')
else:
return respond_back(ERROR, 'Your account has been successfully confirmed')
else:
try:
data = request.get_json()
if data is None:
return respond_back(ERROR, 'Invalid data')
email_address = data.get('email')
if email_address is None:
return respond_back(ERROR, 'No email address was specified')
if not data_cache.sismember('tuq:emails', email_address):
return respond_back(ERROR, 'Email address is not registered')
user = db.session.query(User).filter_by(email=email_address).first()
if user is None:
return respond_back(ERROR, 'No user with that email exist')
send_confirmation_message(user.email, user.id, user.fullname)
return respond_back(SUCCESS, 'A confirmation mail has been sent to your address')
except Exception as exc:
print 'Error: {}'.format(str(exc))
return respond_back(ERROR, 'Unable to process request')
def login_route():
try:
data = request.get_json()
if data is None:
return respond_back(ERROR, 'Invalid request sent')
username = data.get('username', None)
password = data.get('password', None)
student = db.session.query(User).filter_by(username=username).first()
if student is None:
return jsonify({'status': ERROR, 'detail': 'Invalid login detail'})
if not student.verify_password(password):
return jsonify({
'status': ERROR,
'detail': 'Invalid username or password'
})
login_user(student, False)
return jsonify({
'status':
SUCCESS,
'detail':
current_user.fullname,
'dp_link':
current_user.display_picture,
'endpoints':
url_for('auth.get_endpoint_route', _external=True)
})
except BadRequest:
return error_response('Invalid login request received.')
def upload(upload_object, request_object, username, data):
# file_index: just a custom header to ensure the upload comes from an accredited client
file_index = request_object.headers.get('FileIndex')
if file_index is None:
return respond_back(ERROR, 'Data does not originate from accredited source')
if data in request_object.files:
repository_name = request_object.args.get('repository')
if repository_name is None or len(str(repository_name)) < 1:
return respond_back(ERROR, 'Invalid repository name')
try:
sub_dir = '{parent_dir}/{sub}'.format(parent_dir=username, sub=repository_name)
filename = upload_object.save(request_object.files[data], folder=sub_dir)
url = upload_object.url(filename)
url = url.replace('http', 'https', 1) if url.startswith('http') else url
return jsonify({'status': SUCCESS, 'index': file_index, 'url': url})
except UploadNotAllowed:
return respond_back(ERROR, 'Upload type not allowed')
return respond_back(ERROR, 'Invalid data')
def get_question_route():
file_id = request.args.get('file_id', None)
if request.args.get('path_generator') is None:
return respond_back(ERROR, 'Invalid request')
if file_id is None:
return invalid_url_error()
course = db.session.query(Course).filter_by(id=file_id).first()
if course is None:
return invalid_url_error()
return send_file(course.quiz_filename)
def delete_course_route():
json_data = request.get_json()
if json_data is None:
return respond_back(ERROR, 'Invalid request data')
repository_name = json_data.get( 'repository_name') # repository under which the course can be found
course_name = json_data.get('course_name')
if course_name is None:
return respond_back(ERROR, 'A course name must be specified')
repository = db.session.query( Repository ).filter_by( repo_name = repository_name,
user_id = current_user.id ).first()
if repository is None:
return respond_back(ERROR, 'Cannot find repository housing the course')
course = db.session.query( Course ).filter_by( repo_id = repository.id, name = course_name ).first()
if course is None:
return respond_back(ERROR, 'Cannot find the course specified')
db.session.remove(course)
db.session.commit()
data_cache.hdel(well_known_courses,course.id)
return respond_back(SUCCESS, 'Course removed successfully')
def edit_course_route():
if request.method == 'GET':
try:
course_id = request.args.get('course_id')
repository_name = request.args.get('repository_name')
if course_id is None or len(
course_id) < 1 or repository_name is None:
return error_response('Missing request argument')
repository = db.session.query(Repository).\
filter_by(repo_name=repository_name,owner_id=current_user.id).first()
if repository is None or repository.owner_id != current_user.id:
return respond_back(ERROR, 'Repository does not exist')
course = db.session.query(Course).filter_by(
id=long(course_id), repo_id=repository.id).first()
if course is None:
return error_response('No course under that name was found')
departments = [
dept for dept in course.departments
if len(dept.name.strip()) != 0
]
question_file = open(course.quiz_filename, 'r')
answer_file = open(course.solution_filename, 'r')
data = {
'name': course.name,
'course_code': course.code,
'administrator_name': course.lecturer_in_charge,
'departments': departments,
'repository_name': repository_name,
'date_to_be_held': str(course.date_to_be_held),
'icon': course.logo_location,
'duration': course.duration_in_minutes,
'approach': course.answers_approach,
'randomize': course.randomize_questions,
'expires_on': str(course.expires_on),
'question': json.load(question_file),
'answers': json.load(answer_file)
}
question_file.close()
answer_file.close()
return success_response(data)
except Exception as exc:
print('Exception caught: {}\n'.format(str(exc)))
return error_response('Unable to get that information')
else:
try:
update_course(request.get_json(), current_user, db)
return success_response('Update performed successfully')
except ValueError as value_error:
return error_response(str(value_error))
except Exception as exc:
print(exc)
return error_response('Unable to perform course update')
def add_repository_route():
try:
data = request.get_json()
if data is None:
return respond_back(ERROR, 'Invalid data')
repository_name = data.get('repository_name')
if repository_name is None or len(repository_name) == 0:
return respond_back(ERROR, 'Invalid repository name supplied')
for repo in current_user.repositories:
if repo.repo_name == repository_name:
return respond_back(ERROR, 'Repository with that name already exist in your account')
repository = Repository(repo_name=repository_name)
current_user.repositories.append(repository)
safe_makedir(UPLOAD_DIR, current_user.username, repository_name)
db.session.add(repository)
db.session.add(current_user)
db.session.commit()
return respond_back(SUCCESS, 'Successful')
except BadRequest:
return respond_back(ERROR, 'Bad request')
except Exception as e:
print e
return respond_back(ERROR, 'Unable to add repository, check the data and try again')
def rank_courses_result(courses):
data = []
# courses = json.loads(courses)
for course in courses:
if course is None: continue
course = json.loads(course)
if course is None: continue
course_id = long(course.get('id'))
data.append({
'paper_name':
course.get('name'),
'icon':
course.get('icon'),
'owner':
course.get('owner_username'),
'id':
Course.generate_course_token(course_id, EXPIRY_INTERVAL * 2)
})
return respond_back(SUCCESS, data)
def delete_repository_route():
json_data = request.get_json()
if json_data is None:
return respond_back(ERROR, 'Invalid request data')
repository_name = json_data.get('repository_name')
if repository_name is None or len(repository_name) == 0:
return error_response('A valid repository name must be specified')
try:
for repository in current_user.repositories:
if repository_name == repository.repo_name:
db.session.delete(repository)
db.session.commit()
data_cache.rpush(
deleted_repo_keys,
current_user.username + '^^' + repository_name)
return success_response('Removed successfully')
return error_response('No such repository found for user')
except Exception as exc:
print(exc)
return error_response('Unable to process request')
def get_result_route():
all_results = db.session.query(ExamTaken).filter_by(participant_id=current_user.id).all()
data = []
for result in all_results:
course_info = data_cache.hget(well_known_courses, result.course_id)
course_info_obj = None
if course_info is None:
course_info = db.session.query(Course).filter_by(id=result.course_id).first()
if course_info is None: # still none?
print 'We have an issue with {}'.format(result.course_id)
continue
# otherwise cache it
course_cache = {'name': course_info.name, 'id': course_info.id,
'owner': course_info.lecturer_in_charge,
'question': course_info.quiz_filename,
'code': course_info.code, 'solution': course_info.solution_filename}
data_cache.hset(well_known_courses,result.course_id, json.dumps(course_cache))
course_info_obj = course_cache # no need to recheck the data_cache, just use the data
if course_info_obj is None: # if it has not been loaded yet, use the data obtained
course_info_obj = json.loads(course_info)
data.append({'name': course_info_obj['name'], 'score': result.score, 'date': result.date_taken,
'total': result.total_score,
'code': course_info_obj['code'], 'owner': course_info_obj['owner']})
return respond_back(SUCCESS, data)
def request_entity_too_large(e):
return respond_back(ERROR, 'Request entity is too large')
def success_response(message):
return respond_back(SUCCESS, message)
def invalid_url_error():
return respond_back(ERROR, 'Invalid URL specified')
def error_response(message):
return respond_back(ERROR, message)
def admin_add_course_route():
try:
data = request.get_json()
if data is None:
return respond_back(ERROR, 'Invalid data')
print data
course_name = data.get('name')
course_code = data.get('course_code')
personnel_in_charge = data.get('administrator_name')
hearing_date = data.get('date_to_be_held')
duration_in_minutes = data.get('duration')
question = data.get('question')
approach = data.get('approach')
randomize_question = data.get('randomize')
expires = data.get('expires_on')
solution = data.get('answers')
departments = data.get('departments')
repository_name = data.get('repository_name')
if course_code is None or course_name is None or personnel_in_charge is None\
or hearing_date is None or duration_in_minutes is None or departments is None\
or question is None or randomize_question is None or approach is None\
or solution is None:
return respond_back(ERROR, 'Missing arguments')
repositories = current_user.repositories
repository_to_use = None
for repo in repositories:
if repo.repo_name == repository_name:
repository_to_use = repo
break
if repository_to_use is None:
return respond_back(ERROR, 'Repository does not exist')
for course in repository_to_use.courses:
if course_code == course.code:
return respond_back(ERROR, 'Course with that code already exist')
department_list = []
try:
for department_name in departments:
department_list.append(Department(name=department_name))
except AttributeError:
return respond_back(ERROR, 'Expects a valid data in the departments')
full_path, solution_fn = (None, None)
try:
filename = course_code.replace(' ', '_').replace('.', '_') + '.json'
dir_path = safe_makedir(UPLOAD_DIR, current_user.username, repository_name)
full_path = safe_join(dir_path, filename)
solution_fn = safe_join(dir_path, 'solutions_'+ filename)
with open(full_path, mode='wt') as out:
json.dump(question, out, sort_keys=True, indent=4, separators=(',', ': '))
with open( solution_fn, mode='wt') as out:
json.dump(solution, out, indent=True, separators=(',', ': '))
except ValueError:
return respond_back(ERROR, 'Invalid JSON Document for question')
course = Course(name=course_name, code=course_code, lecturer_in_charge=personnel_in_charge,
answers_approach=approach, expires_on=expires,
date_to_be_held=date_from_string(hearing_date), duration_in_minutes=int(duration_in_minutes),
departments=department_list, quiz_filename=full_path, solution_filename = solution_fn,
randomize_questions=randomize_question)
repository_to_use.courses.append(course)
db.session.add(course)
db.session.add(repository_to_use)
db.session.add(current_user)
db.session.commit()
course_cache = { 'name': course.name, 'id': course.id, 'owner': course.lecturer_in_charge,
'code': course.code, 'solution': course.solution_filename }
is_set = data_cache.hset(well_known_courses,course.id, json.dumps(course_cache))
print 'New course set: {}'.format( is_set )
return respond_back(SUCCESS, 'New course added successfully')
except BadRequest:
return respond_back(ERROR, 'Bad request')
except Exception as e:
print e
return respond_back(ERROR, 'Could not add the course')
def interval_server_error(e):
return respond_back(ERROR, 'An internal server error occured')
def get_endpoint_route():
endpoints = { 'result': url_for( 'auth.get_result_route', _external=True ) }
return respond_back(SUCCESS, endpoints)
def before_auth_request():
if not current_user.is_authenticated:
return respond_back(ERROR, 'Not logged in')
if not current_user.confirmed:
return respond_back(ERROR, 'Account has not been confirmed yet')
