def List():
""" Lists all campuses using campus_list.html """
# Authenticate user
if not Authorization.canAccess(session.get('user'), ('scheduling_admin')):
return render_template('error/no_access.html')
# Get list of terms
terms = TermModel.all()
term_list = []
for term in terms:
term_list.append({
'term':
term,
'startDate':
datetime.utcfromtimestamp(term.getStartDate()).strftime("%B %Y"),
'endDate':
datetime.utcfromtimestamp(term.getEndDate()).strftime("%B %Y"),
'startDateHtml':
datetime.utcfromtimestamp(
term.getStartDate()).strftime("%Y-%m-%d"),
'endDateHtml':
datetime.utcfromtimestamp(term.getEndDate()).strftime("%Y-%m-%d")
})
return render_template('settings.html', data={'terms': term_list})
def DeleteTerm(term_id):
""" Creates a new Campus """
# Authenticate user
if not Authorization.canAccess(session.get('user'), ('scheduling_admin')):
return JsonResponse.unauthorized({
'message':
'no_access',
'nice_message':
'You do not have access to this function. Contact system administrator.'
})
if not term_id:
return JsonResponse.badRequest({
'message': 'bad_request',
'nice_message': 'Please enter the term'
})
term = TermModel.findById(term_id)
if not term:
return JsonResponse.notFound({
'message': 'not_found',
'nice_message': 'Term not found.'
})
term.delete()
return JsonResponse.ok()
def List(campus_id, building_id):
""" Lists all rooms for a given campus building. """
# Verify user access
if not Authorization.canAccess(session.get('user'), ('building_admin', 'fire_officer', 'scheduling_admin')):
return render_template('error/no_access.html')
# Get the campus object
campus = CampusModel.findById(campus_id)
if not campus:
return render_template('error/resource_not_found.html')
# Get the building object
building = CampusBuildingModel.findById(building_id)
if not building:
return render_template('error/resource_not_found.html')
# Get all rooms
rooms = CampusBuildingRoomModel.findBy('building', building_id)
return render_template('room_list.html', data = {
'campus': campus,
'building': building,
'rooms': rooms
})
def Create(student_id):
if not Authorization.canAccess(session.get('user'), ('scheduling_admin')):
return JsonResponse.unauthorized({
'message':
'no_access',
'nice_message':
'You do not have access to this page. Contact system administrator.'
})
module_id = request.form.get('module')
if not module_id or not student_id:
return JsonResponse.badRequest({
'message':
'missing_parameters',
'nice_message':
'Missing student or module.'
})
newEnrolment = StudentModuleModel()
dateNow = int(time.time())
newEnrolment.setEnrolmentDate(dateNow)
newEnrolment.setStudent(student_id)
newEnrolment.setModule(module_id)
newEnrolment.save()
return JsonResponse.ok()
def Update(campus_id, building_id, room_id):
""" Update a given campus building room. """
# Verify user access
if not Authorization.canAccess(session.get('user'), ('building_admin', 'fire_officer')):
return JsonResponse.unauthorized({'message': 'no_access', 'nice_message': 'You do not have accdss to this page. Contact system administrator.'})
# Get room object
room = CampusBuildingRoomModel.findById(room_id)
if not room:
return JsonResponse.notFound({'message': 'room_missing', 'nice_message': 'Room not found.'})
# Save new values to database
name = request.form.get('room_name')
floor = request.form.get('floor')
capacity = request.form.get('capacity')
if not name and not floor and not capacity:
return JsonResponse.badRequest({'message': 'missing_parameters', 'nice_message': 'Please enter a floor, capacity or name.'})
if name:
room.setIdentifier(name)
if floor:
room.setBuildingFloor(floor)
if capacity:
room.setCapacity(capacity)
room.save()
return JsonResponse.ok()
def Delete(student_id, module_id):
if not Authorization.canAccess(session.get('user'), ('scheduling_admin')):
return JsonResponse.unauthorized({
'message':
'no_access',
'nice_message':
'You do not have access to this function. Contact system administrator.'
})
if not student_id or not module_id:
return JsonResponse.badRequest({
'message': 'missing_parameters',
'nice_message': 'Missing parameter.'
})
enrolments = StudentModuleModel.findBy('student', student_id)
for enrolment in enrolments:
if enrolment.getModule() == int(module_id):
enrolment.delete()
return JsonResponse.ok()
return JsonResponse.notFound({
'message': 'not_found',
'nice_message': 'Enrolment does not exist.'
})
def View(campus_id, building_id, room_id):
""" Retrieve information for a given campus building room. """
# Verify user access
if not Authorization.canAccess(session.get('user'), ('building_admin', 'fire_officer', 'scheduling_admin')):
return render_template('error/no_access.html')
# Get the campus object
campus = CampusModel.findById(campus_id)
if not campus:
return render_template('error/resource_not_found.html')
# Get the building object
building = CampusBuildingModel.findById(building_id)
if not building:
return render_template('error/resource_not_found.html')
# Get the room object
room = CampusBuildingRoomModel.findById(room_id)
if not room:
return render_template('error/resource_not_found.html')
return render_template('room_view.html', data = {
'campus': campus,
'building': building,
'room': room
})
def View(campus_id, building_id):
""" Get building information """
# Verify user access
if not Authorization.canAccess(
session.get('user'),
('building_admin', 'fire_officer', 'scheduling_admin')):
return render_template('error/no_access.html')
# Get campus object
campus = CampusModel.findById(campus_id)
if not campus:
return render_template('error/resource_not_found.html')
# Get building object
building = CampusBuildingModel.findById(building_id)
if not building:
return render_template('error/resource_not_found.html')
return render_template('building_view.html',
data={
'campus': campus,
'building': building
})
def PasswordResetPost():
if Authorization.isLoggedIn(session.get('user')):
return redirect(url_for('Campus.List'))
email = request.form.get('email')
staff = StaffModel.findby('email', email)
if len(staff) != 0:
resetToken = str(uuid.uuid4()).replace('-', '')
expires = time.time() + 30 * 60 # 30 minutes
prm = PasswordResetModel()
prm.setToken(resetToken) \
.setUserId(staff.getId()) \
.setUserType('staff') \
.setExpires(expires) \
.save()
Email.sendEmail(
email, 'password_reset', {
'password_reset_url':
Config.getValue('APP_URL') + '/auth/password-reset/' +
resetToken
})
return render_template('auth/password_reset_sent.html')
def Create(campus_id, building_id):
""" Create a room in a given campus building. """
# Verify user access
if not Authorization.canAccess(session.get('user'), ('building_admin')):
return JsonResponse.unauthorized({'message': 'no_acces', 'nice_message': 'You do not have acess to this page. Contact system administrator.'})
# Get building object
building = CampusBuildingModel.findById(building_id)
if not building:
return JsonResponse.notFound({'message': 'not_found', 'nice_message': 'Building not found.'})
# Parse and validate request body
name = request.form.get('room_name')
floor = request.form.get('floor')
capacity = request.form.get('capacity')
if not name or not floor or not capacity:
return JsonResponse.badRequest({'message': 'bad_request', 'nice_message': 'Please enter a capacity, name and floor.'})
# Save new data to database
room = CampusBuildingRoomModel()
room.setIdentifier(name) \
.setBuildingFloor(floor) \
.setBuilding(building_id) \
.setCapacity(capacity) \
.save()
return JsonResponse.ok()
def Create(campus_id):
""" Creates new campus building """
# Verify user access
if not Authorization.canAccess(session.get('user'), ('building_admin', )):
return JsonResponse.unauthorized()
# Ensure campus exists
campus = CampusModel.findById(campus_id)
if not campus:
return JsonResponse.notFound()
# Parse and validate request body
name = request.form.get('building_name')
floorCount = request.form.get('floor_count')
if not name or not floorCount:
return JsonResponse.badRequest()
# Save new data to database
building = CampusBuildingModel()
building.setName(name) \
.setFloorCount(floorCount) \
.setCampus(campus_id) \
.save()
return JsonResponse.ok()
def Update(id):
""" Updates information for a Campus """
if not Authorization.canAccess(session.get('user'), ('building_admin')):
return JsonResponse.unauthorized({
'message':
'no_access',
'nice_message':
'You do not have access to this function. Contact system administrator.'
})
name = request.form.get('campus_name')
if not name:
return JsonResponse.badRequest({
'message': 'name_missing',
'nice_message': 'Missing campus name.'
})
campus = CampusModel.findById(id)
if not campus:
return JsonResponse.notFound({
'message':
'not_found',
'nice_message':
'Campus could not be found.'
})
campus.setName(name) \
.save()
return JsonResponse.ok()
def Create():
""" Creates a new Campus """
# Authenticate user
if not Authorization.canAccess(session.get('user'), ('building_admin')):
return JsonResponse.unauthorized({
'message':
'no_access',
'nice_message':
'You do not have access to this function. Contact system administrator.'
})
name = request.form.get('campus_name')
if not name:
return JsonResponse.badRequest({
'message': 'name_missing',
'nice_message': 'Missing Campus Name'
})
campus = CampusModel()
campus.setName(name) \
.save()
return JsonResponse.ok()
def List(module_id):
""" Lists all sessions for given module. """
# Verify user access
if not Authorization.canAccess(session.get('user'), ('scheduling_admin')):
return render_template('error/no_access.html')
# Get module object
module = ModuleModel.findById(module_id)
if not module:
return render_template('error/resource_not_found.html')
# Get list of module sessions for given module
sessions = ModuleSession.findBy('module', module_id)
# Get a list of all teachers
teachers = TeacherModel.all()
# Get a list of all module session types
session_types = ModuleSessionTypeModel.all()
return render_template('session_list.html',
data={
'module': module,
'sessions': sessions,
'teachers': teachers,
'session_types': session_types
})
def List():
""" Return list of all teachers """
if not Authorization.canAccess(session.get('user'), ('admin')):
return render_template('error/no_access.html')
teachers = TeacherModel().all()
return render_template('teacher_list.html', data={'teachers': teachers})
def List():
"""Gets a list of all students (Template: student_list.html)"""
#Authorise (change who can authorise)
if not Authorization.canAccess(session.get('user'), ('admin')):
return render_template('error/no_access.html')
students = StudentModel.all()
return render_template("student_list.html", data={"students": students})
def View(id):
""" Returns teachers information """
if not Authorization.canAccess(session.get('user'), ('admin')):
return render_template('error/no_access.html')
teachers = TeacherModel.findById(id)
if not teachers:
return render_template('error/resource_not_found.html')
return render_template('teacher_view.html', data={'teacher': teachers})
def Update(id):
""" Updates teachers information """
if not Authorization.canAccess(session.get('user'), ('admin')):
return JsonResponse.unauthorized({
'message':
'no_access',
'nice_message':
'You do not have access to this function. Contact system administrator.'
})
first_name = request.form.get('first_name')
last_name = request.form.get('last_name')
email = request.form.get('email')
mobile_phone = request.form.get('mobile_phone')
password = request.form.get('password')
if not first_name and not last_name and not email and not mobile_phone and not password:
return JsonResponse.badRequest({
'message':
'missing_parameters',
'nice_message':
'Please enter details for the teacher.'
})
teachers = TeacherModel.findById(id)
if not teachers:
return JsonResponse.notFound({
'message': 'not_found',
'nice_message': 'Teacher not found.'
})
if first_name:
teachers.setFirstName(first_name)
if last_name:
teachers.setLastName(last_name)
if email:
teachers.setEmail(email)
if mobile_phone:
teachers.setMobile(mobile_phone)
if password:
salt = teachers.getSalt()
hashedPassword = Security.hashPassword(password, salt)
teachers.setPassword(hashedPassword)
try:
teachers.save()
except:
return JsonResponse.badRequest({'error': 'database_error'})
return JsonResponse.ok()
def Update(module_id, session_id):
""" Updates a module session. """
# Verify user access
if not Authorization.canAccess(session.get('user'), ('scheduling_admin')):
return JsonResponse.unauthorized({
'message':
'no_access',
'nice_message':
'You do not have access to this function. Contact system administrator.'
})
# Get session object
session = ModuleSessionModel.findById(session_id)
if not session:
return JsonResponse.notFound({
'message': 'not_found',
'nice_message': 'Session not found.'
})
# Save new values to database
teacher = request.form.get('teacher')
sessionType = request.form.get('type')
if not teacher and not sessionType:
return JsonResponse.badRequest({
'message':
'missing_parameters',
'nice_message':
'Please enter a teacher and session type.'
})
if teacher:
if not TeacherModel.findById(teacher):
return JsonResponse.badRequest({
'message': 'not_found',
'nice_message': 'Teacher not found.'
})
session.setStaff(teacher)
if sessionType:
if not ModuleSessionModel.findById(sessionType):
return JsonResponse.badRequest({
'message':
'not_found',
'nice_message':
'Session type not found.'
})
session.setType(sessionType)
session.save()
return JsonResponse.ok()
def View(id):
""" Gets information for given module. """
# Verify user access
if not Authorization.canAccess(session.get('user'), ('scheduling_admin')):
return render_template('error/no_access.html')
# Get module object
module = ModuleModel.findById(id)
if not module:
return render_template('error/resource_not_found.html')
# Get leader (teacher) object
leader = TeacherModel.findById(module.getLeader())
if not module:
return render_template('error/server_error.html')
# Get teachers object
teachers = TeacherModel.all()
# Get enrolled students
students = []
enrolments = StudentModuleModel.findBy('module', id)
for enrolment in enrolments:
students.append(StudentModel.findById(enrolment.getStudent()))
# Get module sessions (+ teachers)
sessions = ModuleSessionModel.findBy('module', id)
sessions_list = []
for session2 in sessions:
sessions_list.append({
'session':
session2,
'staff':
TeacherModel.findById(session2.getStaff()),
'type':
ModuleSessionTypeModel.findById(session2.getType())
})
# Get session types
sessionTypes = ModuleSessionTypeModel.all()
return render_template('module_view.html',
data={
'module': module,
'leader': leader,
'teachers': teachers,
'students': students,
'sessionTypes': sessionTypes,
'sessions': sessions_list
})
def List():
""" Lists all campuses using campus_list.html """
# Authenticate user
if not Authorization.canAccess(
session.get('user'),
('building_admin', 'fire_officer', 'scheduling_admin')):
return render_template('error/no_access.html')
# Get list of campuses
campuses = CampusModel.all()
return render_template('campus_list.html', data={'campuses': campuses})
def Update(id):
"""POST /staff/[id] - Updates staff information (JSON) (Post variables: first_name, last_name, email, mobile_phone, salt, password, role (integer))"""
#Auth
if not Authorization.canAccess(session.get('user'), ('admin')):
return JsonResponse.unauthorized({
'message':
'no_access',
'nice_message':
'You do not have access to this function. Contact system administrator.'
})
first_name = request.form.get('first_name')
last_name = request.form.get('last_name')
email = request.form.get('email')
mobile_phone = request.form.get('mobile_phone')
password = request.form.get('password')
role = request.form.get('role')
if not first_name and not last_name and not email and not mobile_phone and not password and not role:
#Bad request
return JsonResponse.badRequest({
'message':
'missing_parameters',
'nice_message':
'Pleaase enter new details for the staff member'
})
staff = StaffModel.findById(id)
#Not sure on method names
if first_name:
staff.setFirstName(first_name)
if last_name:
staff.setLastName(last_name)
if email:
staff.setEmail(email)
if mobile_phone:
staff.setMobile(mobile_phone)
if role:
staff.setRole(role)
#Password hashed here
if password:
salt = staff.getSalt()
hashedPassword = Security.hashPassword(password, salt)
staff.setPassword(hashedPassword)
try:
staff.save()
except:
return JsonResponse.badRequest({'error': 'database_error'})
return JsonResponse.ok()
def View(id):
"""GET /staff/[id] - Returns staff information (Template: staff_view.html)"""
if not Authorization.canAccess(session.get('user'), ('admin')):
return render_template('error/no_access.html')
staff = StaffModel.findById(id)
roles = StaffRoleModel.all()
return render_template("staff_view.html",
data={
"staff": staff,
"roles": roles
})
def Delete(campus_id, building_id, room_id):
""" Deletes a given campus building room. """
# Verify user access
if not Authorization.canAccess(session.get('user'), ('building_admin')):
return JsonResponse.unauthorized({'message': 'no_access', 'nice_message': 'You do not have access to this function. Contact system administrator.'})
# Get room object
room = CampusBuildingRoomModel.findById(room_id)
# Delete from database
room.delete()
return JsonResponse.ok()
def UpdateTerm(term_id):
""" Creates a new Campus """
# Authenticate user
if not Authorization.canAccess(session.get('user'), ('scheduling_admin')):
return JsonResponse.unauthorized({
'message':
'no_access',
'nice_message':
'You do not have access to this function. Contact system administrator.'
})
term = request.form.get('term')
term_start = request.form.get('term_start')
term_end = request.form.get('term_end')
if not term or not term_start or not term_end:
return JsonResponse.badRequest({
'message':
'missing_parameters',
'nice_message':
'Please enter a new term number, start date or end date.'
})
if term not in ('1', '2', '3', 1, 2, 3):
return JsonResponse.badRequest({
'message':
'bad_request',
'nice_message':
'Please select a term between 1 and 3.'
})
termObj = TermModel.findById(term_id)
if not termObj:
return JsonResponse.notFound({
'message': 'not_found',
'nice_message': 'Term not found.'
})
if term:
termObj.setTerm(term)
if term_start:
termObj.setStartDate(yyyyMmDdToTimestamp(term_start))
if term_end:
termObj.setEndDate(yyyyMmDdToTimestamp(term_end))
termObj.save()
return JsonResponse.ok()
def View(id):
"""Returns student information [+ student module enrolments]. (Template: student_view.html)"""
if not Authorization.canAccess(session.get('user'), ('admin')):
return render_template('error/no_access.html')
student = StudentModel.findById(id)
#Get Modules ?
return render_template(
"student_view.html",
data={"student": student
#Modules?
})
def View(id):
""" Gets campus information and displays it using campus_view.html """
# Authenticate user
if not Authorization.canAccess(
session.get('user'),
('building_admin', 'fire_officer', 'scheduling_admin')):
return render_template('error/no_access.html')
campus = CampusModel.findById(id)
if not campus:
return render_template('error/resource_not_found.html')
return render_template('campus_view.html', data={'campus': campus})
def List():
"""GET /staff - Lists all staff members (Template: staff_list.html)"""
if not Authorization.canAccess(session.get('user'), ('admin')):
return render_template('error/no_access.html')
roles = StaffRoleModel.all()
allStaff = StaffModel.all()
return render_template("staff_list.html",
data={
"staff": allStaff,
"roles": roles
})
def Create(module_id):
""" Creates a new module session. """
# Verify user access
if not Authorization.canAccess(session.get('user'), ('scheduling_admin')):
return JsonResponse.unauthorized({
'message':
'no_access',
'nice_message':
'You do not have access to this page. Contact system administrator.'
})
# Get module object
module = ModuleModel.findById(module_id)
if not module:
return JsonResponse.notFound({
'message': 'not_found',
'nice_message': 'Module not found.'
})
# Parse and validate request body
teacher = request.form.get('teacher')
sessionType = request.form.get('type')
if not TeacherModel.findById(teacher):
return JsonResponse.badRequest({
'message': 'not_found',
'nice_message': 'Teacher not found.'
})
if not ModuleSessionTypeModel.findById(sessionType):
return JsonResponse.badRequest({
'message':
'not_found',
'nice_message':
'Module session not found.'
})
# Save new data to database
moduleSession = ModuleSessionModel()
moduleSession.setModule(module.getId()) \
.setStaff(teacher) \
.setType(sessionType) \
.save()
return JsonResponse.ok()
def Update(id):
""" Updates a given module. """
# Verify user access
if not Authorization.canAccess(session.get('user'), ('scheduling_admin')):
return JsonResponse.unauthorized({
'message':
'no_access',
'nice_message':
'You do not have access to this page. Contact system administrator.'
})
# Get module object
module = ModuleModel.findById(id)
if not module:
return JsonResponse.notFound({
'message': 'not_found',
'nice_message': 'Module not found.'
})
# Save new values to database
name = request.form.get('module_name')
leader = request.form.get('leader')
if not name and not leader:
return JsonResponse.badRequest({
'message':
'missing_parameters',
'nice_message':
'Please enter a new name or module leader.'
})
if name:
module.setName(name)
if leader:
if not TeacherModel.findById(leader):
return JsonResponse.badRequest({
'message': 'not_found',
'nice_message': 'Teacher not found.'
})
module.setLeader(leader)
module.save()
return JsonResponse.ok()