def export_submissions():
assignment_id = int(request.values.get('assignment_id'))
assignment = Assignment.by_id(assignment_id)
course_id = get_course_id(True)
user, user_id = get_user()
# Verify exists
check_resource_exists(assignment, "Assignment", assignment_id)
# Verify permissions
assignment = Assignment.by_id(int(assignment_id))
if course_id is None or not user.is_instructor(int(course_id)):
return "You are not an instructor or the owner of the assignment!"
# Get data
suas = Submission.by_assignment(assignment_id, course_id)
submissions = [sua[0] for sua in suas]
users = [sua[1] for sua in suas]
bundle = export_zip(assignments=[assignment],
submissions=submissions,
users=users)
filename = assignment.get_filename(extension='.zip')
return Response(bundle,
mimetype='application/zip',
headers={
'Content-Disposition':
'attachment;filename={}'.format(filename)
})
def update_submission_status(lti, lti_exception=None):
# Get parameters
submission_id = maybe_int(request.values.get("submission_id"))
status = request.values.get('status')
course_id = get_course_id()
user, user_id = get_user()
submission = Submission.by_id(submission_id)
# Check resource exists
check_resource_exists(submission, "Submission", submission_id)
# Verify permissions
if submission.user_id != user_id and not user.is_grader(
submission.course_id):
return ajax_failure(
"This is not your submission and you are not a grader in its course."
)
# Do action
success = submission.update_submission_status(status)
make_log_entry(submission.assignment_id,
submission.assignment_version,
course_id,
user_id,
"Submit",
"answer.py",
category=status,
message=str(success))
return ajax_success({"success": success})
def dashboard(lti=lti, lti_exception=None):
"""
:type lti: controllers.pylti.flask.lTI
"""
force_default_assignment = maybe_bool(request.values.get('force_default_assignment', "false"))
if 'user' not in g and not g.user:
return "You are not logged in."
course_id = get_course_id()
user, user_id = get_user()
if course_id is None:
return "You are not in a course context."
is_grader = user.is_grader(course_id)
if is_grader and not force_default_assignment:
return grader_dashboard(user, course_id)
course = Course.by_id(course_id)
assignment = course.get_default_assignment()
if assignment is not None:
return redirect(url_for("blockpy.load", assignment_id=assignment.id,
course_id=course_id, user_id=user_id, force_download=False,
embed=True))
else:
# No default assignment!
assignments = natsorted(course.get_submitted_assignments(),
key=lambda r: r.name)
all_subs = Submission.by_student(user_id, course_id)
all_subs = {s[0].assignment_id: s for s in all_subs}
submissions = [all_subs.get(assignment.id, (None, None, assignment))
for assignment in assignments]
return render_template('courses/dashboard.html', embed=True,
course_id=course_id, user=user, is_grader=is_grader,
submissions=submissions, criteria='student')
def get_assignments():
assignment_ids = request.values.get('assignment_ids', "")
course_id = get_course_id()
user, user_id = get_user()
# TODO: verify that they have the permissions to see these assignments
assignments, groups = [], []
errors = []
if not assignment_ids:
course: Course = Course.by_id(course_id)
check_resource_exists(course, "Course", course_id)
grouped_assignments = natsorted(
course.get_submitted_assignments_grouped(),
key=lambda r:
(r.AssignmentGroup.name
if r.AssignmentGroup is not None else None, r.Assignment.name))
assignments = [a.Assignment.encode_json() for a in grouped_assignments]
groups = [
a.AssignmentGroup.encode_json()
if a.AssignmentGroup is not None else None
for a in grouped_assignments
]
else:
for assignment_id in assignment_ids.split(","):
if not assignment_id.isdigit():
errors.append(f"Unknown Assignment ID: {assignment_id!r}")
assignment_id = int(assignment_id)
# With Course Role Information
assignment = Assignment.by_id(assignment_id)
check_resource_exists(assignment, "Assignment", assignment_id)
assignments.append(assignment.encode_json())
return ajax_success(
dict(assignments=assignments, errors=errors, groups=groups))
def dashboard(lti=lti):
"""
:type lti: controllers.pylti.flask.lTI
"""
if 'user' not in g and not g.user:
return "You are not logged in."
course_id = get_course_id()
user, user_id = get_user()
if course_id is None:
return "You are not in a course context."
is_grader = user.is_grader(course_id)
if is_grader:
return grader_dashboard(user, course_id)
course = Course.by_id(course_id)
assignments = natsorted(course.get_submitted_assignments(),
key=lambda r: r.name)
all_subs = Submission.by_student(user_id, course_id)
all_subs = {s[0].assignment_id: s for s in all_subs}
submissions = [
all_subs.get(assignment.id, (None, None, assignment))
for assignment in assignments
]
return render_template('courses/dashboard.html',
embed=True,
course_id=course_id,
user=user,
is_grader=is_grader,
submissions=submissions,
criteria='student')
def load_assignment(lti=lti):
# Get arguments
assignment_id = int(request.values.get('assignment_id'))
assignment = Assignment.by_id(assignment_id)
course_id = get_course_id(True)
user, user_id = get_user()
# Verify exists
check_resource_exists(assignment, "Assignment", assignment_id)
# Verify permissions
if course_id is None:
editor_information = assignment.for_read_only_editor(user_id)
else:
editor_information = assignment.for_editor(user_id, course_id)
browser_info = repr({
'platform': request.user_agent.platform,
'browser': request.user_agent.browser,
'version': request.user_agent.version,
'language': request.user_agent.language,
'user_agent': request.user_agent.string
})
# Log the event
if user is not None:
make_log_entry(assignment_id,
assignment.version,
course_id,
user_id,
'Session.Start',
message=browser_info)
# Verify passcode, if necessary
if assignment.passcode_fails(request.values.get('passcode')):
return ajax_failure("Passcode {!r} rejected".format(
request.values.get("passcode")))
return ajax_success(editor_information)
def save_assignment(lti=lti):
assignment_id = request.values.get('assignment_id')
user, user_id = get_user()
course_id = get_course_id()
assignment = Assignment.query.get(assignment_id)
# Verify exists
check_resource_exists(assignment, "Assignment", assignment_id)
# Verify permissions
if assignment.owner_id != user.id:
require_course_grader(user, assignment.course_id)
# Parse new settings
updates = {}
if "hidden" in request.values:
updates["hidden"] = maybe_bool(request.values.get("hidden"))
if "reviewed" in request.values:
updates["reviewed"] = maybe_bool(request.values.get("reviewed"))
if "public" in request.values:
updates["public"] = maybe_bool(request.values.get("public"))
if "url" in request.values:
updates["url"] = request.values.get("url") or None
if "ip_ranges" in request.values:
updates["ip_ranges"] = request.values.get("ip_ranges")
if "name" in request.values:
updates["name"] = request.values.get("name")
if "settings" in request.values:
updates["settings"] = request.values.get("settings")
# Perform update
modified = assignment.edit(updates)
make_log_entry(assignment.id, assignment.version,
course_id or assignment.course_id,
user.id, "X-Instructor.Settings.Edit", "assignment_settings.blockpy",
message=json.dumps(updates))
return ajax_success({"modified": modified})
def fix_course_outcome_url():
new_url = request.values.get("new_url")
course_id = get_course_id()
user, user_id = get_user()
require_course_instructor(user, course_id)
course = Course.by_id(course_id)
course.update_endpoint(new_url)
return ajax_success({"success": "True"})
def load_assignment(lti=lti):
# Get arguments
assignment_id = int(request.values.get('assignment_id'))
assignment = Assignment.by_id(assignment_id)
student_id = maybe_int(request.values.get('user_id'))
course_id = get_course_id(True)
user, user_id = get_user()
force_download = maybe_bool(request.values.get('force_download', "false"))
# Verify exists
check_resource_exists(assignment, "Assignment", assignment_id)
# Verify permissions
if user_id != student_id and not user.is_grader(course_id):
return ajax_failure(
"Only graders can see submissions for other people.")
if course_id is None:
editor_information = assignment.for_read_only_editor(student_id)
else:
editor_information = assignment.for_editor(student_id, course_id)
browser_info = json.dumps({
'platform': request.user_agent.platform,
'browser': request.user_agent.browser,
'version': request.user_agent.version,
'language': request.user_agent.language,
'user_agent': request.user_agent.string
})
# Log the event
if user is not None:
if user_id != student_id:
make_log_entry(assignment_id,
assignment.version,
course_id,
user_id,
'X-Submission.Get',
message=str(student_id))
else:
make_log_entry(assignment_id,
assignment.version,
course_id,
user_id,
'Session.Start',
message=browser_info)
# Verify passcode, if necessary
if assignment.passcode_fails(request.values.get('passcode')):
return ajax_failure("Passcode {!r} rejected".format(
request.values.get("passcode")))
if force_download:
student_filename = User.by_id(student_id).get_filename("")
filename = assignment.get_filename(
"") + "_" + student_filename + '_submission.json'
return Response(json.dumps(editor_information),
mimetype='application/json',
headers={
'Content-Disposition':
'attachment;filename={}'.format(filename)
})
else:
return ajax_success(editor_information)
def save_file(lti=lti):
filename = request.values.get("filename")
course_id = get_course_id()
user, user_id = get_user()
if course_id is None:
return ajax_failure("Course ID was not made available")
if filename in Submission.STUDENT_FILENAMES:
return save_student_file(filename, course_id, user)
if filename in Assignment.INSTRUCTOR_FILENAMES:
return save_instructor_file(course_id, user, filename)
return ajax_failure("Unknown filename: " + str(filename))
def log_event(lti=lti):
course_id = get_course_id()
user, user_id = get_user()
assignment_id = request.values.get('assignment_id')
assignment_version = request.values.get('assignment_version')
event_type = request.values.get("event_type")
file_path = request.values.get("file_path", "")
category = request.values.get('category', "")
label = request.values.get('label', "")
message = request.values.get('message', "")
# Make the entry
new_log = make_log_entry(assignment_id, assignment_version, course_id, user_id,
event_type, file_path, category, label, message)
return ajax_success({"log_id": new_log.id})
def get_assignments():
assignment_ids = request.values.get('assignment_ids', "")
course_id = get_course_id()
user, user_id = get_user()
# TODO: verify that they have the permissions to see this file
assignments = []
for assignment_id in assignment_ids.split(","):
if not assignment_id.isdigit():
return ajax_failure(f"Unknown Assignment ID: {assignment_id!r}")
assignment_id = int(assignment_id)
# With Course Role Information
assignment = Assignment.by_id(assignment_id)
check_resource_exists(assignment, "Assignment", assignment_id)
assignments.append(assignment.encode_json())
return ajax_success(dict(assignments=assignments))
def export():
assignment_id = int(request.values.get('assignment_id'))
assignment = Assignment.by_id(assignment_id)
course_id = get_course_id(True)
user, user_id = get_user()
# Verify exists
check_resource_exists(assignment, "Assignment", assignment_id)
# Verify permissions
bundle = export_bundle(assignments=[assignment])
filename = assignment.get_filename()
return Response(json.dumps(bundle),
mimetype='application/json',
headers={
'Content-Disposition':
'attachment;filename={}'.format(filename)
})
def save_image():
# Get parameters
submission_id = maybe_int(request.values.get("submission_id"))
directory = request.values.get('directory')
image = request.values.get('image')
course_id = get_course_id()
user, user_id = get_user()
submission = Submission.by_id(submission_id)
# Check resource exists
check_resource_exists(submission, "Submission", submission_id)
# Verify permissions
if submission.user_id != user_id and not user.is_grader(submission.course_id):
return ajax_failure("This is not your submission and you are not a grader in its course.")
# Do action
success = submission.save_image(directory, image)
make_log_entry(submission.assignment_id, submission.assignment_version,
course_id, user_id, "X-Image.Save", directory)
return ajax_success({"success": success})
def update_submission(lti, lti_exception=None):
# Get parameters
submission_id = maybe_int(request.values.get("submission_id"))
lis_result_sourcedid = request.values.get('lis_result_sourcedid')
assignment_group_id = maybe_int(request.values.get('assignment_group_id'))
score = float(request.values.get('score', '0'))
correct = maybe_bool(request.values.get("correct"))
# TODO: Only send image if the assignment settings starts as Block or Split
image = request.values.get('image', "")
hidden_override = maybe_bool(request.values.get('hidden_override'))
force_update = maybe_bool(request.values.get('force_update'))
course_id = get_course_id()
user, user_id = get_user()
submission = Submission.by_id(submission_id)
# Check resource exists
check_resource_exists(submission, "Submission", submission_id)
# Verify permissions
if submission.user_id != user_id and not user.is_grader(submission.course_id):
return ajax_failure("This is not your submission and you are not a grader in its course.")
# Do action
was_changed = submission.update_submission(score, correct)
if assignment_group_id is None:
assignment_group_id = submission.assignment_group_id
# TODO: Document that we currently only pass back grade if it changed
# TODO: If failure on previous submission grading, then retry
if was_changed or force_update:
submission.save_block_image(image)
error = "Generic LTI Failure - perhaps not logged into LTI session?"
try:
success, score = lti_post_grade(lti, submission, lis_result_sourcedid, assignment_group_id,
submission.user_id, submission.course_id)
except LTIPostMessageException as e:
success = False
error = str(e)
if success:
make_log_entry(submission.assignment_id, submission.assignment_version,
course_id, user_id, "X-Submission.LMS", "answer.py", message=str(score))
else:
submission.update_grading_status(GradingStatuses.FAILED)
make_log_entry(submission.assignment_id, submission.assignment_version,
course_id, user_id, "X-Submission.LMS.Failure", "answer.py", message=error)
return ajax_failure({"submitted": False, "changed": was_changed, "message": error})
return ajax_success({"submitted": was_changed or force_update, "changed": was_changed})
def load_submission(lti=lti):
submission_id = int(request.args.get('submission_id'))
embed = maybe_bool(request.values.get('embed'))
course_id = get_course_id(True)
user, user_id = get_user()
submission = Submission.by_id(submission_id)
read_only = maybe_bool(request.values.get('read_only', "true"))
# Check that the resource exists
check_resource_exists(submission, "Submission", submission_id)
# If it is this user's submission, redirect to load the assignment
if submission.user_id == user_id:
if course_id is None:
course_id = submission.course_id
return redirect(
url_for('blockpy.load',
assignment_id=submission.assignment.id,
course_id=course_id))
# Check that it is public or you are a grader
elif user.is_grader(submission.course_id):
role = 'grader'
elif not submission.assignment.public:
# TODO: Handle this more gracefully
return ajax_failure(
"Cannot view submission. This is not a public submission, and you do not own the submission, and you are "
"not an instructor in its course.")
else:
role = 'anonymous'
# Get the assignment
assignment_data = submission.assignment.for_editor(submission.user_id,
submission.course_id)
return load_editor(
lti, {
"user": user,
"user_id": user_id,
"embed": embed,
"read_only": read_only,
"current_submission_id": submission_id,
"course_id": course_id,
"role": role,
"assignment_group_id": None,
"assignment_data": assignment_data
})
def export():
assignment_group_id = int(request.values.get('assignment_group_id'))
assignment_group = AssignmentGroup.by_id(assignment_group_id)
course_id = get_course_id(True)
user, user_id = get_user()
# Verify exists
check_resource_exists(assignment_group, "Assignment Group",
assignment_group_id)
# Perform action
assignments = assignment_group.get_assignments()
memberships = assignment_group.get_memberships()
bundle = export_bundle(groups=[assignment_group],
assignments=assignments,
memberships=memberships)
filename = assignment_group.get_filename()
return Response(json.dumps(bundle, indent=2),
mimetype='application/json',
headers={
'Content-Disposition':
'attachment;filename={}'.format(filename)
})
def users():
user_ids = request.values.get('user_ids', "")
course_id = get_course_id()
user, user_id = get_user()
if course_id is None:
return ajax_failure("You are not in a course context.")
is_grader = user.is_grader(course_id)
if not is_grader and user_ids != str(user_id):
return ajax_failure("You do not have permissions to see those users.")
users = []
errors = []
# If blank, then get all the available users
if not user_ids:
course = Course.by_id(course_id)
check_resource_exists(course, "Course", course_id)
user_roles = course.get_users()
user_data = {}
for role, user in user_roles:
if user not in user_data:
user_data[user] = user.encode_json()
user_data[user]['roles'] = []
user_data[user]['roles'].append(role.encode_json())
users.extend(user_data.values())
# Otherwise, get the subset suggested
else:
for user_id in user_ids.split(","):
if not user_id.isdigit():
errors.append(f"Unknown User ID: {user_id!r}")
continue
user_id = int(user_id)
# With Course Role Information
user = User.by_id(user_id)
check_resource_exists(user, "User", user_id)
user_data = user.encode_json()
user_data['roles'] = [
r.encode_json() for r in user.get_course_roles(course_id)
]
users.append(user_data)
return ajax_success(dict(users=users, errors=errors))
def users():
user_ids = request.values.get('user_ids', "")
course_id = get_course_id()
user, user_id = get_user()
if course_id is None:
return ajax_failure("You are not in a course context.")
is_grader = user.is_grader(course_id)
if not is_grader and user_ids != str(user_id):
return ajax_failure("You do not have permissions to see those users.")
users = []
for user_id in user_ids.split(","):
if not user_id.isdigit():
return ajax_failure(f"Unknown User ID: {user_id!r}")
user_id = int(user_id)
# With Course Role Information
user = User.by_id(user_id)
check_resource_exists(user, "User", user_id)
user_data = user.encode_json()
user_data['roles'] = [
r.encode_json() for r in user.get_course_roles(course_id)
]
users.append(user_data)
return ajax_success(dict(users=users))
def watch_events():
course_id = get_course_id(False)
user, user_id = get_user()
return render_template('courses/watch_events.html', course_id=course_id, user=user)
def watch_events():
course_id = get_course_id(False)
return render_template('courses/watch_events.html', course_id=course_id)
