def user_new_class():
school_class = SchoolClass(title=request.form['title'],
school=School.get(id=request.form['school']))
school_class.save()
resp = make_response()
resp.status_code = 200
return resp
def user_new_student():
required_fields = ['username', 'real_name', 'email', 'school_id', 'password']
for field in required_fields:
if not request.form[field]:
resp = make_response('missing_' + field)
resp.status_code = 501
return resp
username = request.form['username']
if auth.User.get(username=username):
resp = make_response('duplicate_username')
resp.status_code = 501
return resp
if not re.match(r'^[a-z0-9_-]{3,20}$', username):
# lowercase alphanumeric, hyphens/underscores, 3-20 chars
resp = make_response('invalid_username')
resp.status_code = 501
return resp
password = request.form['password']
if not re.match(r'^.{6,30}$', password):
# wildcard 6-30 chars
resp = make_response('invalid_password')
resp.status_code = 501
return resp
email = request.form['email']
if auth.User.get(email=email):
resp = make_response('duplicate_email')
resp.status_code = 501
return resp
email_validator = lepl.apps.rfc3696.Email()
if not email_validator(email):
resp = make_response('invalid_email')
resp.status_code = 501
return resp
real_name = request.form['username']
school_id = int(request.form['school_id'])
user = auth.User(username=username,
real_name=real_name,
is_admin=False,
active=True,
email=email,
school=School.get(id=school_id))
user.set_password(password)
user.save()
resp = make_response()
resp.status_code = 200
return resp