def test_admin_level_of_access(self):
logout('localhost')
user = login_user('z1', 'adminPass', 'localhost')
self.assertEqual(has_access('localhost', Student), True)
self.assertEqual(has_access('localhost', Staff), True)
self.assertEqual(has_access('localhost', Admin), True)
def test_student_level_of_access(self):
logout('localhost')
user = login_user('z100', 'student228', 'localhost')
self.assertEqual(has_access('localhost', Student), True)
self.assertEqual(has_access('localhost', Staff), False)
self.assertEqual(has_access('localhost', Admin), False)
def viewResults(course, semester):
if (not (has_access(request.remote_addr, Student) or has_access(request.remote_addr, Staff))):
return redirect("/login/Staff/@2Fresults@2F"+course+"@2F"+semester)
update(request.remote_addr)
survey = Survey()
survey = survey.load_course_from_db(DATABASE_FILENAME, course, semester)
responses = get_all_survey_responses(survey)
return render_template('metrics.html', survey = survey, responses = responses)
def login(role = None, page = None):
if page == None:
if (has_access(request.remote_addr, Admin)):
return redirect("/adminHome")
if (has_access(request.remote_addr, Student)):
return redirect("/studentHome")
if (has_access(request.remote_addr, Staff)):
return redirect("/staffHome")
update(request.remote_addr)
return login_page(request, role, page)
def edit_survey(course, semester):
if (not has_access(request.remote_addr, Admin)):
return redirect("/login/Admin/@2Fcreate@2F" + course + "@2F" + semester)
update(request.remote_addr)
saved_questions = read_all_questions()
return render_template("edit_survey.html", course = course, semester = semester, saved_questions = saved_questions)
def publish_survey():
if (not has_access(request.remote_addr, Admin, overrideTime = True)):
return redirect("/login/Admin/@2Fcreate@2F" + request.form['course'] + "@2F" + request.form['semester'])
update(request.remote_addr)
response = save_survey(request.form)
return response
def staffHome():
if (not has_access(request.remote_addr, Staff)):
return redirect("/login/Staff/@2FstaffHome")
update(request.remote_addr)
user = get_user(request.remote_addr)
all_review_surveys = get_surveys(state = 0)
review_surveys = []
for survey in all_review_surveys:
if (user.is_enrolled_in(survey.course)):
review_surveys.append(survey)
all_active_surveys = get_surveys(state = 1)
active_surveys = []
for survey in all_active_surveys:
if (user.is_enrolled_in(survey.course)):
active_surveys.append(survey)
all_closed_surveys = get_surveys(state = 2)
closed_surveys = []
for survey in all_closed_surveys:
if (user.is_enrolled_in(survey.course)):
closed_surveys.append(survey)
root = request.url_root
return render_template("staffHome.html", review_surveys = review_surveys, active_surveys = active_surveys,
closed_surveys = closed_surveys, root = root)
def delete_question():
if (not has_access(request.remote_addr, Admin, overrideTime = True)):
return redirect("/login/Admin/@2Fcreate@2F" + course + "@2F" + semester)
update(request.remote_addr)
remove_question(request.form.get('id'))
return "Question deleted."
def review_saved_questions():
if (not has_access(request.remote_addr, Admin)):
return redirect("/login/Admin/@2Freview_questions")
update(request.remote_addr)
saved_questions = read_all_questions()
return render_template("viewQuestions.html", saved_questions = saved_questions)
def test_admin_login(self):
user = login_user('z1', 'adminPass', 'localhost')
self.assertNotEqual(user, None)
self.assertEqual(type(user), Admin)
self.assertEqual(user, get_user('localhost'))
self.assertEqual(has_access('localhost', Admin), True)
def test_student_login(self):
user = login_user('z100', 'student228', 'localhost')
self.assertNotEqual(user, None)
self.assertEqual(type(user), Student)
self.assertEqual(user, get_user('localhost'))
self.assertEqual(has_access('localhost', Student), True)
def test_staff_login(self):
user = login_user('z50', 'staff670', 'localhost')
self.assertNotEqual(user, None)
self.assertEqual(type(user), Staff)
self.assertEqual(user, get_user('localhost'))
self.assertEqual(has_access('localhost', Staff), True)
def closeSurvey(course, semester):
if (not has_access(request.remote_addr, Staff)):
return redirect("/login/Staff/@2Fclose_survey@2F" + course + "@2F" + semester)
update(request.remote_addr)
survey = Survey()
survey.load_course_from_db(DATABASE_FILENAME, course, semester)
db_execute(DATABASE_FILENAME, 'UPDATE SURVEYS SET STATE = "2" WHERE ID = ' + str(survey.id))
return redirect('/login')
def save_question():
if (not has_access(request.remote_addr, Admin, overrideTime = True)):
return redirect("/login/Admin/@2Fcreate")
update(request.remote_addr)
return str(write_question({'questionText': request.form.get('questionText'),
'options': json.loads(request.form.get('options')),
'multi': request.form.get('multi'),
'text': request.form.get('text'),
'mandatory': request.form.get('mandatory'),
'saved_id': request.form.get('saved_id')}))
def metrics(course, semester):
if (not has_access(request.remote_addr, Admin)):
return redirect("/login/Admin/@2Fmetrics@2F"+course+"@2F"+semester)
update(request.remote_addr)
survey = Survey()
survey = survey.load_course_from_db(DATABASE_FILENAME, course, semester)
responses = get_all_survey_responses(survey)
return render_template('metrics.html', survey = survey, responses = responses)
def studentResults():
if (not has_access(request.remote_addr, Student)):
return redirect("/login/Student/@2FstudentResults")
update(request.remote_addr)
user = get_user(request.remote_addr)
all_closed_surveys = get_surveys(state = 2)
closed_surveys = []
for survey in all_closed_surveys:
if user.is_enrolled_in(survey.course):
closed_surveys.append(survey)
return render_template("studentResults.html", closed_surveys = closed_surveys)
def studentHome():
if (not has_access(request.remote_addr, Student)):
return redirect("/login/Student/@2FstudentHome")
update(request.remote_addr)
user = get_user(request.remote_addr)
all_active_surveys = get_surveys(state = 1)
active_surveys = []
for survey in all_active_surveys:
if user.is_enrolled_in(survey.course) and not user.has_responded_to(DATABASE_FILENAME, survey):
active_surveys.append(survey)
return render_template("studentHome.html", active_surveys = active_surveys)
def login_page(request, role, page):
if request.method == "GET":
logged_in_as = None
if (has_access(request.remote_addr, Student)):
logged_in_as = 'Student'
if (has_access(request.remote_addr, Staff)):
logged_in_as = 'Staff'
return render_template("login.html",
page=page,
role=role,
logged_in_as=logged_in_as,
attempt=request.args.get('attempt'))
if request.method == "POST":
user = login_user(request.form["username"], request.form["password"],
request.remote_addr)
if user == None:
attempt = 1
if request.args.get('attempt'):
attempt = int(request.args.get('attempt')) + 1
if page:
return redirect("/login/" + page + "?attempt=" + str(attempt))
return redirect("/login" + "?attempt=" + str(attempt))
if type(user) is Admin:
if page:
return redirect(page.replace("@2F", "/"))
return redirect("/adminHome") #Admin Homepage
elif type(user) is Staff:
if page:
return redirect(page.replace("@2F", "/"))
return redirect("/staffHome") #Staff Homepage
elif type(user) is Student or type(user) is Guest:
if page:
return redirect(page.replace("@2F", "/"))
return redirect("/studentHome") #Student Homepage
else:
return "Something went wrong"
def commit_review():
if (not has_access(request.remote_addr, Staff, overrideTime = True)):
return redirect("/login/Staff/@2Fcommit_review")
update(request.remote_addr)
survey = Survey()
survey.load_course_from_db(DATABASE_FILENAME, request.form.get('course'), request.form.get('semester'))
survey.questions = []
for questionId in json.loads(request.form.get('ids')):
question = Question()
question.load_from_db(DATABASE_FILENAME, questionId)
survey.questions.append(question)
survey.update_db(DATABASE_FILENAME)
return "Success"
def reviewSurvey(course, semester):
if (not has_access(request.remote_addr, Staff)):
return redirect("/login/Staff/@2Freview@2F" + course + "@2F" + semester)
update(request.remote_addr)
survey = get_survey(course, semester)
num_questions = len(survey.questions)
all_questions = read_all_questions()
extra_questions = []
for question in all_questions:
matches = False
for survey_question in survey.questions:
if question.matches(survey_question):
matches = True
break
if not matches and question.get_visible() and not question.get_mandatory():
extra_questions.append(question)
num_extra_questions = len(extra_questions)
return render_template("reviewSurvey.html", survey = survey, num_questions = num_questions,
extra_questions = extra_questions, num_extra_questions = num_extra_questions)
def home():
if (not has_access(request.remote_addr, Admin)):
return redirect("/login/Admin/@2FadminHome")
update(request.remote_addr)
guest_was_approved = None
if request.method == "POST":
if request.form.get('approve'):
approve_guest(request.form.get('approve'))
guest_was_approved = True
elif request.form.get('deny'):
deny_guest(request.form.get('deny'))
guest_was_approved = False
pending_guests = get_pending_guests()
review_surveys = get_surveys(state = 0)
active_surveys = get_surveys(state = 1)
closed_surveys = get_surveys(state = 2)
root = request.url_root
return render_template("home.html", review_surveys = review_surveys, active_surveys = active_surveys,
closed_surveys = closed_surveys, root = root, pending_guests = pending_guests,
guest_was_approved = guest_was_approved)
def view_survey(course, semester):
if (not has_access(request.remote_addr, Student)):
return redirect("/login/Student/@2Fsurvey@2F"+course+"@2F"+semester)
user = get_user(request.remote_addr)
survey = Survey()
survey = survey.load_course_from_db(DATABASE_FILENAME, course, semester)
if (not user.is_enrolled_in(survey.course)):
return redirect("/login/Student/@2Fsurvey@2F"+course+"@2F"+semester)
if (user.has_responded_to(DATABASE_FILENAME, survey)):
return redirect("/login/Student/@2Fsurvey@2F"+course+"@2F"+semester)
update(request.remote_addr)
if request.method == "POST":
return save_response(DATABASE_FILENAME, survey, request)
numQuestions = len(survey.questions)
if survey == None:
return render_template("surveyFail.html")
return render_template("survey.html", survey = survey, numQuestions = numQuestions)
def test_admin_logout(self):
logout('localhost')
self.assertEqual(get_user('localhost'), None)
self.assertEqual(has_access('localhost', Admin), False)
def test_student_logout(self):
logout('localhost')
self.assertEqual(get_user('localhost'), None)
self.assertEqual(has_access('localhost', Student), False)
def test_staff_incorrect_login(self):
user = login_user('z10', 'adminPass', 'localhost')
self.assertEqual(user, None)
self.assertEqual(has_access('localhost', Admin), False)
def create():
if (not has_access(request.remote_addr, Admin)):
return redirect("/login/Admin/@2Fcreate")
update(request.remote_addr)
return view_semesters(request, get_surveys())
def create_course(semester):
if (not has_access(request.remote_addr, Admin)):
return redirect("/login/Admin/@2Fselect_course@2F"+semester)
update(request.remote_addr)
return view_courses(request, get_surveys(), semester)
