def post(self): # authentication token = request.headers.get('Authorization') try: account = auth.check(token) if account['class'] not in {'professor', 'administrator'}: return jsonify({'error': errors.AUTHENTICATION_FORBIDDEN}), 403 except errors.AuthenticationError: return jsonify({'error': errors.AUTHENTICATION_INVALID}), 401 body = request.get_json() if not body: return jsonify({'error': DATA_EMPTY}), 422 for k in ('name', 'description', 'professor_id'): if not body.get(k): return jsonify({'error': FIELD_EMPTY.format(k)}) try: with connection.cursor() as cursor: cursor.execute( 'INSERT INTO courses (professor_id, name, description) VALUES (%(professor_id)s, %(name)s, %(description)s)', body) connection.commit() return jsonify(None), 201 except pymysql.err.IntegrityError: logger.error(e) return jsonify({'error': DATA_SAVE}), 500
def post(self): # authentication token = request.headers.get('Authorization') try: account = auth.check(token) if account['class'] != 'student': return jsonify({'error': errors.AUTHENTICATION_FORBIDDEN}), 403 except errors.AuthenticationError: return jsonify({'error': errors.AUTHENTICATION_INVALID}), 401 body = request.get_json() if not body: return jsonify({'error': DATA_EMPTY}), 422 for k in ('enrollment_id', 'comments', 'rating'): if not body.get(k): return jsonify({'error': FIELD_EMPTY.format(k)}), 422 try: with connection.cursor() as cursor: cursor.execute('INSERT INTO evaluations (enrollment_id, rating, comments) VALUES (%(enrollment_id)s, %(rating)s, %(comments)s)', body) connection.commit() return jsonify(None), 201 except pymysql.err.IntegrityError as e: logger.error(e) return jsonify({'error': DATA_SAVE}), 500
def post(self): body = request.get_json() if not body: return jsonify({'error': errors.DATA_EMPTY}), 422 for k in ('email', 'password', 'class'): if not body.get(k): return jsonify({'error': errors.FIELD_EMPTY.format(k)}), 422 body['password'] = password.generate(body['password']) if body['class'] == 'student': for k in ('university_number', ): if not body.get(k): return jsonify({'error': errors.FIELD_EMPTY.format(k)}), 422 elif body['class'] == 'professor': for k in ('first_name', 'last_name'): if not body.get(k): return jsonify({'error': errors.FIELD_EMPTY.format(k)}), 422 else: return jsonify({'error': errors.FIELD_INVALID.format('class')}), 422 try: connection.begin() with connection.cursor() as cursor: cursor.execute( 'INSERT INTO accounts (class, email, password) VALUES (%(class)s, %(email)s, %(password)s)', body) body['account_id'] = cursor.lastrowid if body['class'] == 'student': cursor.execute( 'INSERT INTO students (account_id, university_number) VALUES (%(account_id)s, %(university_number)s)', body) else: cursor.execute( 'INSERT INTO professors (account_id, first_name, last_name) VALUES (%(account_id)s, %(first_name)s, %(last_name)s)', body) connection.commit() return jsonify(None), 201 except pymysql.err.IntegrityError as e: connection.rollback() logger.error(e) return jsonify({'error': errors.DATA_SAVE}), 500
def get(self, professor_id): # authentication token = request.headers.get('Authorization') try: account = auth.check(token) if account['class'] not in {'professor', 'administrator'}: return jsonify({'error': errors.AUTHENTICATION_FORBIDDEN}), 403 except errors.AuthenticationError: return jsonify({'error': errors.AUTHENTICATION_INVALID}), 401 with connection.cursor() as cursor: # all cursor.execute( 'SELECT * FROM courses WHERE professor_id=%(professor_id)s', {'professor_id': professor_id}) return jsonify({'data': cursor.fetchall()}), 200
def get(self, evaluation_id=None): # authentication token = request.headers.get('Authorization') try: account = auth.check(token) if account['class'] != 'administrator': return jsonify({'error': errors.AUTHENTICATION_FORBIDDEN}), 403 except errors.AuthenticationError: return jsonify({'error': errors.AUTHENTICATION_INVALID}), 401 with connection.cursor() as cursor: if evaluation_id is None: cursor.execute('SELECT * FROM evaluations') return jsonify({'data': cursor.fetchall()}), 200 else: cursor.execute('SELECT * FROM evaluations WHERE id=%(id)s', {'id': evaluation_id}) return jsonify({'data': cursor.fetchone()}), 200
def post(self): body = request.get_json() if not body: return jsonify({'error': errors.DATA_EMPTY}), 422 try: with connection.cursor() as cursor: cursor.execute('SELECT * FROM accounts WHERE email=%(email)s', body) account = cursor.fetchone() if account is None or not password.check( body['password'], account['password']): return jsonify({'error': errors.AUTHENTICATION_WRONG}), 422 if account['class'] == 'student': cursor.execute( 'SELECT * FROM students WHERE account_id=%(id)s', account) else: cursor.execute( 'SELECT * FROM professors WHERE account_id=%(id)s', account) user = cursor.fetchone() logging.debug(user) account.update(user) for k in ('password', 'created', 'updated', 'exp'): if k in account: del account[k] return jsonify({ 'data': { 'token': auth.generate(account), 'account': account } }), 200 except pymysql.err.IntegrityError as e: logger.error(e) return jsonify({'error': errors.DATA_SAVE}), 500
def get(self, course_id): # authentication token = request.headers.get('Authorization') try: account = auth.check(token) if account['class'] != 'administrator': return jsonify({'error': errors.AUTHENTICATION_FORBIDDEN}), 403 except errors.AuthenticationError: return jsonify({'error': errors.AUTHENTICATION_INVALID}), 401 with connection.cursor() as cursor: cursor.execute( ''' SELECT * FROM evaluations WHERE enrollment_id IN ( SELECT id FROM enrollments WHERE course_id=%(course_id)s ) ''', {'course_id': course_id}) return jsonify({'data': cursor.fetchall()}), 200
def post(self): body = request.get_json() if not body: return jsonify({'error': DATA_EMPTY}), 422 for k in ('student_id', 'course_id', 'year', 'semester', 'section'): if not body.get(k): return jsonify({'error': FIELD_EMPTY.format(k)}), 422 try: with connection.cursor() as cursor: cursor.execute('INSERT INTO enrollments (student_id,course_id,year,semester,section) VALUES (%(student_id)s, %(course_id)s, %(year)s, %(semester)s, %(section)s)', body) connection.commit() return jsonify(None), 201 except pymysql.err.IntegrityError as e: logger.error(e) return jsonify({'error': DATA_SAVE}), 500
def get(self, professor_id): # authentication token = request.headers.get('Authorization') try: account = auth.check(token) if account['class'] not in {'professor', 'administrator'}: return jsonify({'error': errors.AUTHENTICATION_FORBIDDEN}), 403 except errors.AuthenticationError: return jsonify({'error': errors.AUTHENTICATION_INVALID}), 401 year = request.args.get('year') semester = request.args.get('semester') course_id = request.args.get('course_id') args = { 'professor_id': professor_id, 'year': year, 'semester': semester, 'course_id': course_id } with connection.cursor() as cursor: if course_id: if year and semester: cursor.execute( ''' SELECT * FROM evaluations JOIN enrollments ON evaluations.enrollment_id = enrollments.id JOIN courses ON enrollments.course_id = courses.id WHERE enrollment_id IN ( SELECT enrollments.id FROM courses INNER JOIN enrollments ON courses.id = enrollments.course_id WHERE courses.professor_id=%(professor_id)s AND enrollments.year=%(year)s AND enrollments.semester=%(semester)s AND courses.id=%(course_id)s ) ''', args) elif year: cursor.execute( ''' SELECT * FROM evaluations JOIN enrollments ON evaluations.enrollment_id = enrollments.id JOIN courses ON enrollments.course_id = courses.id WHERE enrollment_id IN ( SELECT enrollments.id FROM courses INNER JOIN enrollments ON courses.id = enrollments.course_id WHERE courses.professor_id=%(professor_id)s AND enrollments.year=%(year)s AND courses.id=%(course_id)s ) ''', args) else: # all cursor.execute( ''' SELECT * FROM evaluations JOIN enrollments ON evaluations.enrollment_id = enrollments.id JOIN courses ON enrollments.course_id = courses.id WHERE enrollment_id IN ( SELECT enrollments.id FROM courses INNER JOIN enrollments ON courses.id = enrollments.course_id WHERE courses.professor_id=%(professor_id)s AND courses.id=%(course_id)s ) ''', args) else: if year and semester: cursor.execute( ''' SELECT * FROM evaluations JOIN enrollments ON evaluations.enrollment_id = enrollments.id JOIN courses ON enrollments.course_id = courses.id WHERE enrollment_id IN ( SELECT enrollments.id FROM courses INNER JOIN enrollments ON courses.id = enrollments.course_id WHERE courses.professor_id=%(professor_id)s AND enrollments.year=%(year)s AND enrollments.semester=%(semester)s ) ''', args) elif year: cursor.execute( ''' SELECT * FROM evaluations JOIN enrollments ON evaluations.enrollment_id = enrollments.id JOIN courses ON enrollments.course_id = courses.id WHERE enrollment_id IN ( SELECT enrollments.id FROM courses INNER JOIN enrollments ON courses.id = enrollments.course_id WHERE courses.professor_id=%(professor_id)s AND enrollments.year=%(year)s ) ''', args) else: # all cursor.execute( ''' SELECT * FROM evaluations JOIN enrollments ON evaluations.enrollment_id = enrollments.id JOIN courses ON enrollments.course_id = courses.id WHERE enrollment_id IN ( SELECT enrollments.id FROM courses INNER JOIN enrollments ON courses.id = enrollments.course_id WHERE courses.professor_id=%(professor_id)s ) ''', args) return jsonify({'data': cursor.fetchall()}), 200
def get(self, student_id): # authentication token = request.headers.get('Authorization') try: account = auth.check(token) if account['class'] not in {'student', 'administrator'}: return jsonify({'error': errors.AUTHENTICATION_FORBIDDEN}), 403 except errors.AuthenticationError: return jsonify({'error': errors.AUTHENTICATION_INVALID}), 401 year = request.args.get('year') semester = request.args.get('semester') evaluated = request.args.get('evaluated') with connection.cursor() as cursor: if evaluated: if year and semester: # by year and semester cursor.execute( ''' SELECT * FROM enrollments JOIN courses ON courses.id = enrollments.course_id WHERE enrollments.student_id=%(student_id)s AND enrollments.year=%(year)s AND enrollments.semester=%(semester)s ''', {'student_id': student_id, 'year': year, 'semester': semester} ) elif year: # by year cursor.execute( ''' SELECT * FROM enrollments JOIN courses ON courses.id = enrollments.course_id WHERE enrollments.student_id=%(student_id)s AND enrollments.year=%(year)s ''', {'student_id': student_id, 'year': year} ) else: # all cursor.execute( ''' SELECT * FROM enrollments JOIN courses ON courses.id = enrollments.course_id WHERE enrollments.student_id=%(student_id)s ''', {'student_id': student_id} ) else: if year and semester: # by year and semester cursor.execute( ''' SELECT * FROM enrollments JOIN courses ON courses.id = enrollments.course_id WHERE enrollments.student_id=%(student_id)s AND enrollments.year=%(year)s AND enrollments.semester=%(semester)s AND enrollments.id NOT IN ( SELECT enrollments.id FROM evaluations JOIN enrollments ON evaluations.enrollment_id = enrollments.id WHERE student_id=%(student_id)s ) ''', {'student_id': student_id, 'year': year, 'semester': semester} ) elif year: # by year cursor.execute( ''' SELECT * FROM enrollments JOIN courses ON courses.id = enrollments.course_id WHERE enrollments.student_id=%(student_id)s AND enrollments.year=%(year)s AND enrollments.id NOT IN ( SELECT enrollments.id FROM evaluations JOIN enrollments ON evaluations.enrollment_id = enrollments.id WHERE student_id=%(student_id)s ) ''', {'student_id': student_id, 'year': year} ) else: # all cursor.execute( ''' SELECT * FROM enrollments JOIN courses ON courses.id = enrollments.course_id WHERE enrollments.student_id=%(student_id)s AND enrollments.id NOT IN ( SELECT enrollments.id FROM evaluations JOIN enrollments ON evaluations.enrollment_id = enrollments.id WHERE student_id=%(student_id)s ) ''', {'student_id': student_id} ) return jsonify({'data': cursor.fetchall()}), 200
def get(self, student_id, evaluation_id=None): # authentication token = request.headers.get('Authorization') try: account = auth.check(token) if account['class'] != 'student': return jsonify({'error': errors.AUTHENTICATION_FORBIDDEN}), 403 except errors.AuthenticationError: return jsonify({'error': errors.AUTHENTICATION_INVALID}), 401 year = request.args.get('year') semester = request.args.get('semester') args = { 'student_id': student_id, 'year': year, 'semester': semester } with connection.cursor() as cursor: if year and semester: # by year and semester cursor.execute( ''' SELECT * FROM evaluations JOIN enrollments ON evaluations.enrollment_id = enrollments.id JOIN courses ON enrollments.course_id = courses.id WHERE enrollment_id IN ( SELECT * FROM enrollments WHERE student_id=%(student_id)s AND year=%(year)s AND semester=%(semester)s ) ''', args ) elif year: # by year cursor.execute( ''' SELECT * FROM evaluations JOIN enrollments ON evaluations.enrollment_id = enrollments.id JOIN courses ON enrollments.course_id = courses.id WHERE enrollment_id IN ( SELECT * FROM enrollments WHERE student_id=%(student_id)s AND year=%(year)s ) ''', args ) else: # all cursor.execute( ''' SELECT * FROM evaluations JOIN enrollments ON evaluations.enrollment_id = enrollments.id JOIN courses ON enrollments.course_id = courses.id WHERE enrollment_id IN ( SELECT id FROM enrollments WHERE student_id=%(student_id)s ) ''', args ) return jsonify({'data': cursor.fetchall()}), 200