def setup_usersummary(view_id):
""" Show an account summary for the given user account. """
user_id = session['user_id']
if not check_perm(user_id, -1, "useradmin"):
flash("You do not have User Administration access.")
return redirect(url_for('setup_top'))
is_sysadmin = check_perm(user_id, -1, 'sysadmin')
user = Users2.get_user(view_id)
examids = Exams.get_exams_done(view_id)
exams = []
for examid in examids:
exam = Exams.get_exam_struct(examid)
started = General.human_date(exam['start'])
exam['started'] = started
exam['viewable'] = satisfy_perms(user_id, exam['cid'], ("viewmarks", ))
exams.append(exam)
exams.sort(key=lambda x: x['start_epoch'], reverse=True)
course_ids = Users2.get_courses(view_id)
courses = []
for course_id in course_ids:
courses.append(Courses2.get_course(course_id))
user_is_admin = check_perm(view_id, 0, 'sysadmin')
return render_template('setup_usersummary.html',
user=user,
exams=exams,
courses=courses,
is_sysadmin=is_sysadmin,
user_is_admin=user_is_admin)
def setup_usersearch():
""" Show a page allowing the admin search for users, or create new ones"""
user_id = session['user_id']
if not check_perm(user_id, -1, "useradmin"):
flash("You do not have User Administration access.")
return redirect(url_for('setup_top'))
users = []
nonefound = False
if request.method == "POST":
if 'usersearch_name' in request.form:
needle = request.form['usersearch_name']
if len(needle) < 2:
flash("Search term too short, please try something longer")
else:
uids = Users2.find(needle)
users = [Users2.get_user(uid) for uid in uids]
if len(users) == 0:
nonefound = True
else:
users.sort(key=lambda x: x['uname'])
return render_template('setup_usersearch.html',
users=users,
nonefound=nonefound)
def practice_choose_topic(course_id):
""" Present a list of topics for them to choose from the given course """
user_id = session['user_id']
try:
course = Courses2.get_course(course_id)
except KeyError:
course = None
abort(404)
try:
topics = Courses2.get_topics_list(course_id)
except KeyError:
topics = []
abort(404)
members = None
for topic in topics:
if topic['visibility'] == 2: # course only
if not members:
members = Courses.get_users(course_id)
if user_id not in members:
topics.remove(topic)
return render_template(
"practicecourse.html",
courses=Setup.get_sorted_courselist(),
canpreview=check_perm(user_id, course_id, "questionpreview"),
topics=topics,
course=course
)
def cadmin_top(course_id):
""" Present top level course admin page """
course = Courses2.get_course(course_id)
if not course:
abort(404)
user_id = session['user_id']
is_sysadmin = check_perm(user_id, -1, 'sysadmin')
topics = Courses2.get_topics_list(course_id)
exams = [
Exams.get_exam_struct(exam_id, course_id)
for exam_id in Courses.get_exams(course_id, prev_years=False)
]
exams.sort(key=lambda y: y['start_epoch'], reverse=True)
groups = Courses.get_groups(course_id)
choosegroups = [
group for group in Groups.all_groups() if group.id not in groups
]
return render_template("courseadmin_top.html",
course=course,
topics=topics,
exams=exams,
choosegroups=choosegroups,
groups=groups,
is_sysadmin=is_sysadmin)
def cadmin_top(course_id):
""" Present top level course admin page """
course = Courses2.get_course(course_id)
if not course:
abort(404)
user_id = session['user_id']
is_sysadmin = check_perm(user_id, -1, 'sysadmin')
topics = Courses2.get_topics_list(course_id)
exams = [Exams.get_exam_struct(exam_id, course_id)
for exam_id in Courses.get_exams(course_id, prev_years=False)]
exams.sort(key=lambda y: y['start_epoch'], reverse=True)
groups = Courses.get_groups(course_id)
choosegroups = [group
for group in Groups.all_groups()
if group.id not in groups]
return render_template(
"courseadmin_top.html",
course=course,
topics=topics,
exams=exams,
choosegroups=choosegroups,
groups=groups,
is_sysadmin=is_sysadmin
)
def get_sorted_questions(course_id, topic_id, user_id=None):
""" Return a list of questions, sorted by position
"""
def cmp_question_position(a, b):
"""Order questions by the absolute value of their positions
since we use -'ve to indicate hidden.
"""
return cmp(abs(a['position']), abs(b['position']))
questionlist = General.get_q_list(topic_id, user_id, numdone=False)
if questionlist:
# Filter out the questions without a positive position unless
# the user has prevew permission.
canpreview = check_perm(user_id, course_id, "questionpreview")
if not canpreview:
questionlist = [question for question in questionlist
if question['position'] > 0]
else:
# At the moment we use -'ve positions to indicate that a question
# is hidden but when displaying them we want to maintain the sort
# order.
for question in questionlist:
# Usually questions with position 0 are broken or
# uninteresting so put them at the bottom.
if question['position'] == 0:
question['position'] = -10000
questionlist.sort(cmp_question_position)
else:
questionlist = []
return questionlist
def practice_choose_topic(course_id):
""" Present a list of topics for them to choose from the given course """
user_id = session['user_id']
try:
course = Courses2.get_course(course_id)
except KeyError:
course = None
abort(404)
try:
topics = Courses2.get_topics_list(course_id)
except KeyError:
topics = []
abort(404)
members = None
for topic in topics:
if topic['visibility'] == 2: # course only
if not members:
members = Courses.get_users(course_id)
if not user_id in members:
topics.remove(topic)
return render_template(
"practicecourse.html",
courses=Setup.get_sorted_courselist(),
canpreview=check_perm(user_id, course_id, "questionpreview"),
topics=topics,
course=course
)
def get_sorted_questions(course_id, topic_id, user_id=None):
""" Return a list of questions, sorted by position
"""
def cmp_question_position(a, b):
"""Order questions by the absolute value of their positions
since we use -'ve to indicate hidden.
"""
return cmp(abs(a['position']), abs(b['position']))
questionlist = General.get_q_list(topic_id, user_id, numdone=False)
if questionlist:
# Filter out the questions without a positive position unless
# the user has prevew permission.
canpreview = check_perm(user_id, course_id, "questionpreview")
if not canpreview:
questionlist = [question for question in questionlist
if question['position'] > 0]
else:
# At the moment we use -'ve positions to indicate that a question
# is hidden but when displaying them we want to maintain the sort
# order.
for question in questionlist:
# Usually questions with position 0 are broken or
# uninteresting so put them at the bottom.
if question['position'] == 0:
question['position'] = -10000
questionlist.sort(cmp_question_position)
else:
questionlist = []
return questionlist
def setup_usersearch():
""" Show a page allowing the admin search for users, or create new ones"""
user_id = session['user_id']
if not check_perm(user_id, -1, "useradmin"):
flash("You do not have User Administration access.")
return redirect(url_for('setup_top'))
users = []
nonefound = False
if request.method == "POST":
if 'usersearch_name' in request.form:
needle = request.form['usersearch_name']
if len(needle) < 2:
flash("Search term too short, please try something longer")
else:
uids = Users2.find(needle)
users = [Users2.get_user(uid) for uid in uids]
if len(users) == 0:
nonefound = True
else:
users.sort(key=lambda x: x['uname'])
return render_template(
'setup_usersearch.html',
users=users,
nonefound=nonefound
)
def setup_courses():
""" Let the user choose a course to administer """
user_id = session['user_id']
is_sysadmin = check_perm(user_id, -1, 'sysadmin')
return render_template(
"setupchoosecourse.html",
courses=Setup.get_sorted_courselist(only_active=False),
is_sysadmin=is_sysadmin)
def setup_courses():
""" Let the user choose a course to administer """
user_id = session['user_id']
is_sysadmin = check_perm(user_id, -1, 'sysadmin')
return render_template(
"setupchoosecourse.html",
courses=Setup.get_sorted_courselist(only_active=False),
is_sysadmin=is_sysadmin
)
def setup_useraudit(audit_id):
""" Show all the audit entries for the given user account. """
user_id = session['user_id']
if not check_perm(user_id, -1, "useradmin"):
flash("You do not have User Administration access.")
return redirect(url_for('setup_top'))
user = Users2.get_user(audit_id)
audits = get_records_by_user(audit_id)
for aud in audits:
aud['humantime'] = General.human_date(aud['time'])
return render_template('setup_useraudit.html', user=user, audits=audits)
def setup_usersummary(view_id):
""" Show an account summary for the given user account. """
user_id = session['user_id']
if not check_perm(user_id, -1, "useradmin"):
flash("You do not have User Administration access.")
return redirect(url_for('setup_top'))
is_sysadmin = check_perm(user_id, -1, 'sysadmin')
user = Users2.get_user(view_id)
examids = Exams.get_exams_done(view_id)
exams = []
for examid in examids:
exam = Exams.get_exam_struct(examid)
started = General.human_date(exam['start'])
exam['started'] = started
exam['viewable'] = satisfy_perms(user_id, exam['cid'], ("viewmarks", ))
exams.append(exam)
exams.sort(key=lambda x: x['start_epoch'], reverse=True)
course_ids = Users2.get_courses(view_id)
courses = []
for course_id in course_ids:
courses.append(Courses.get_course(course_id))
user_is_admin = check_perm(view_id, 0, 'sysadmin')
return render_template(
'setup_usersummary.html',
user=user,
exams=exams,
courses=courses,
is_sysadmin=is_sysadmin,
user_is_admin=user_is_admin
)
def is_q_blocked(user_id, course_id, topic_id, qt_id):
""" Is the user blocked from seeing the practice question?
False if they can view it
True, or a (str) error message indicating why it's blocked.
"""
topicvisibility = Topics.get_vis(topic_id)
canpreview = check_perm(user_id, course_id, "questionpreview")
# They're trying to go directly to a hidden question?
position = DB.get_qtemplate_practice_pos(qt_id)
if position <= 0 and not canpreview:
return "Access denied to question."
# They're trying to go directly to a question in an invisible category?
if topicvisibility <= 1 and not canpreview:
return "Access denied to question."
return False
def is_q_blocked(user_id, course_id, topic_id, qt_id):
""" Is the user blocked from seeing the practice question?
False if they can view it
True, or a (str) error message indicating why it's blocked.
"""
topicvisibility = Topics.get_vis(topic_id)
canpreview = check_perm(user_id, course_id, "questionpreview")
# They're trying to go directly to a hidden question?
position = DB.get_qtemplate_topic_pos(qt_id, topic_id)
if position <= 0 and not canpreview:
return "Access denied to question."
# They're trying to go directly to a question in an invisible category?
if topicvisibility <= 1 and not canpreview:
return "Access denied to question."
return False
def setup_user_remove_sysadmin():
""" Remove sysadmin"""
user_id = session['user_id']
if not check_perm(user_id, 0, 1):
flash("You do not have User Administration access.")
return redirect(url_for('setup_top'))
new_user = request.form.get('userid', None)
if not new_user:
abort(400)
user = Users2.get_user(new_user)
delete_perm(new_user, 0, 1)
flash("%s is no longer a system admin on OASIS" % user['uname'])
return redirect(url_for("setup_usersearch"))
def setup_user_remove_sysadmin():
""" Remove sysadmin"""
user_id = session['user_id']
if not check_perm(user_id, 0, 1):
flash("You do not have User Administration access.")
return redirect(url_for('setup_top'))
new_user = request.form.get('userid', None)
if not new_user:
abort(400)
user = Users2.get_user(new_user)
delete_perm(new_user, 0, 1)
flash("%s is no longer a system admin on OASIS" % user['uname'])
return redirect(url_for("setup_usersearch"))
def setup_useraudit(audit_id):
""" Show all the audit entries for the given user account. """
user_id = session['user_id']
if not check_perm(user_id, -1, "useradmin"):
flash("You do not have User Administration access.")
return redirect(url_for('setup_top'))
user = Users2.get_user(audit_id)
audits = get_records_by_user(audit_id)
for aud in audits:
aud['humantime'] = General.human_date(aud['time'])
return render_template(
'setup_useraudit.html',
user=user,
audits=audits
)
def practice_choose_question(topic_id):
""" Present a list of questions for them to choose from the given topic """
user_id = session['user_id']
try:
course_id = Topics.get_course_id(topic_id)
except KeyError:
course_id = None
abort(404)
topics = []
try:
topics = Courses2.get_topics_list(course_id)
except KeyError:
abort(404)
try:
course = Courses2.get_course(course_id)
except KeyError:
course = None
abort(404)
topictitle = Topics.get_name(topic_id)
questions = Practice.get_sorted_questions(course_id, topic_id, user_id)
thistopic = Topics.get_topic(topic_id)
members = []
if thistopic['visibility'] == 2: # course only
if not members:
members = Courses.get_users(course_id)
if not user_id in members:
abort(404)
for topic in topics:
if topic['visibility'] == 2: # course only
if not members:
members = Courses.get_users(course_id)
if not user_id in members:
topics.remove(topic)
return render_template(
"practicetopic.html",
canpreview=check_perm(user_id, course_id, "questionpreview"),
topics=topics,
topic_id=topic_id,
course=course,
topictitle=topictitle,
questions=questions
)
def practice_choose_question(topic_id):
""" Present a list of questions for them to choose from the given topic """
user_id = session['user_id']
try:
course_id = Topics.get_course_id(topic_id)
except KeyError:
course_id = None
abort(404)
topics = []
try:
topics = Courses2.get_topics_list(course_id)
except KeyError:
abort(404)
try:
course = Courses2.get_course(course_id)
except KeyError:
course = None
abort(404)
topictitle = Topics.get_name(topic_id)
questions = Practice.get_sorted_questions(course_id, topic_id, user_id)
thistopic = Topics.get_topic(topic_id)
members = []
if thistopic['visibility'] == 2: # course only
if not members:
members = Courses.get_users(course_id)
if user_id not in members:
abort(404)
for topic in topics:
if topic['visibility'] == 2: # course only
if not members:
members = Courses.get_users(course_id)
if user_id not in members:
topics.remove(topic)
return render_template(
"practicetopic.html",
canpreview=check_perm(user_id, course_id, "questionpreview"),
topics=topics,
topic_id=topic_id,
course=course,
topictitle=topictitle,
questions=questions
)
def cadmin_config(course_id):
""" Allow some course configuration """
course = Courses2.get_course(course_id)
if not course:
abort(404)
user_id = session["user_id"]
is_sysadmin = check_perm(user_id, -1, "sysadmin")
coords = [
Users2.get_user(perm[0]) for perm in Permissions.get_course_perms(course_id) if perm[1] == 3
] # course_coord
groups = Courses.get_groups(course_id)
choosegroups = [group for group in Groups.all_groups() if not group.id in groups]
return render_template(
"courseadmin_config.html",
course=course,
coords=coords,
choosegroups=choosegroups,
groups=groups,
is_sysadmin=is_sysadmin,
)
def cadmin_config(course_id):
""" Allow some course configuration """
course = Courses2.get_course(course_id)
if not course:
abort(404)
user_id = session['user_id']
is_sysadmin = check_perm(user_id, -1, 'sysadmin')
coords = [
Users2.get_user(perm[0])
for perm in Permissions.get_course_perms(course_id) if perm[1] == 3
] # course_coord
groups = Courses.get_groups(course_id)
choosegroups = [
group for group in Groups.all_groups() if group.id not in groups
]
return render_template("courseadmin_config.html",
course=course,
coords=coords,
choosegroups=choosegroups,
groups=groups,
is_sysadmin=is_sysadmin)
def practice_choose_question_stats(topic_id):
""" Present a list of questions for them to choose from the given topic,
and show some statistics on how they're doing.
"""
user_id = session['user_id']
course_id = Topics.get_course_id(topic_id)
if not course_id:
abort(404)
topics = Courses2.get_topics_list(course_id)
course = Courses2.get_course(course_id)
topictitle = Topics.get_name(topic_id)
questions = Practice.get_sorted_qlist_wstats(course_id, topic_id, user_id)
return render_template(
"practicetopicstats.html",
canpreview=check_perm(user_id, course_id, "questionpreview"),
topics=topics,
topic_id=topic_id,
course=course,
topictitle=topictitle,
questions=questions
)
def practice_choose_question_stats(topic_id):
""" Present a list of questions for them to choose from the given topic,
and show some statistics on how they're doing.
"""
user_id = session['user_id']
course_id = Topics.get_course_id(topic_id)
if not course_id:
abort(404)
topics = Courses2.get_topics_list(course_id)
course = Courses2.get_course(course_id)
topictitle = Topics.get_name(topic_id)
questions = Practice.get_sorted_qlist_wstats(course_id, topic_id, user_id)
return render_template(
"practicetopicstats.html",
canpreview=check_perm(user_id, course_id, "questionpreview"),
topics=topics,
topic_id=topic_id,
course=course,
topictitle=topictitle,
questions=questions
)
def setup_usercreate():
""" Show a page allowing the admin to enter user details
to create an account.
"""
user_id = session['user_id']
if not check_perm(user_id, -1, "useradmin"):
flash("You do not have User Administration access.")
return redirect(url_for('setup_top'))
new_uname = ""
new_fname = ""
new_sname = ""
new_email = ""
new_pass = ""
new_confirm = ""
error = None
if request.method == "POST":
form = request.form
if "usercreate_cancel" in form:
flash("User Account Creation Cancelled")
return redirect(url_for('setup_usersearch'))
if "usercreate_save" in form:
new_uname = form.get('new_uname', "")
new_fname = form.get('new_fname', "")
new_sname = form.get('new_sname', "")
new_email = form.get('new_email', "")
new_pass = form.get('new_pass', "")
new_confirm = form.get('new_confirm', "")
if not all((new_uname, new_email, new_pass, new_confirm)):
error = "Please fill in all fields."
elif Users2.uid_by_uname(new_uname):
error = "ERROR: An account already exists with that name"
elif new_confirm == "" or not new_confirm == new_pass:
error = "Passwords don't match (or are empty)"
else: # yaay, it's ok
# uname, passwd, givenname, familyname, acctstatus,
# studentid, email=None, expiry=None, source="local"
Users2.create(new_uname,
"nologin-creation",
new_fname,
new_sname,
2,
'',
new_email)
Users2.set_password(Users2.uid_by_uname(new_uname), new_pass)
flash("New User Account Created for %s" % new_uname)
new_uname = ""
new_fname = ""
new_sname = ""
new_email = ""
new_pass = ""
new_confirm = ""
if error:
flash(error)
return render_template(
'setup_usercreate.html',
new_uname=new_uname,
new_fname=new_fname,
new_sname=new_sname,
new_email=new_email,
new_pass=new_pass,
new_confirm=new_confirm
)
def setup_usercreate():
""" Show a page allowing the admin to enter user details
to create an account.
"""
user_id = session['user_id']
if not check_perm(user_id, -1, "useradmin"):
flash("You do not have User Administration access.")
return redirect(url_for('setup_top'))
new_uname = ""
new_fname = ""
new_sname = ""
new_email = ""
new_pass = ""
new_confirm = ""
error = None
if request.method == "POST":
form = request.form
if "usercreate_cancel" in form:
flash("User Account Creation Cancelled")
return redirect(url_for('setup_usersearch'))
if "usercreate_save" in form:
new_uname = form.get('new_uname', "")
new_fname = form.get('new_fname', "")
new_sname = form.get('new_sname', "")
new_email = form.get('new_email', "")
new_pass = form.get('new_pass', "")
new_confirm = form.get('new_confirm', "")
if not all((new_uname, new_email, new_pass, new_confirm)):
error = "Please fill in all fields."
elif Users2.uid_by_uname(new_uname):
error = "ERROR: An account already exists with that name"
elif new_confirm == "" or not new_confirm == new_pass:
error = "Passwords don't match (or are empty)"
else: # yaay, it's ok
# uname, passwd, givenname, familyname, acctstatus,
# studentid, email=None, expiry=None, source="local"
Users2.create(new_uname, "nologin-creation", new_fname,
new_sname, 2, '', new_email)
Users2.set_password(Users2.uid_by_uname(new_uname), new_pass)
flash("New User Account Created for %s" % new_uname)
new_uname = ""
new_fname = ""
new_sname = ""
new_email = ""
new_pass = ""
new_confirm = ""
if error:
flash(error)
return render_template('setup_usercreate.html',
new_uname=new_uname,
new_fname=new_fname,
new_sname=new_sname,
new_email=new_email,
new_pass=new_pass,
new_confirm=new_confirm)