def search_students():
params = request.get_json()
if is_unauthorized_search(params):
raise ForbiddenRequestError(
'You are unauthorized to access student data managed by other departments'
)
search_phrase = util.get(params, 'searchPhrase', '').strip()
if not len(search_phrase):
raise BadRequestError('Invalid or empty search input')
results = search_for_students(
include_profiles=True,
search_phrase=search_phrase.replace(',', ' '),
is_active_asc=_convert_asc_inactive_arg(
util.get(params, 'isInactiveAsc')),
order_by=util.get(params, 'orderBy', None),
offset=util.get(params, 'offset', 0),
limit=util.get(params, 'limit', 50),
)
alert_counts = Alert.current_alert_counts_for_viewer(current_user.id)
students = results['students']
add_alert_counts(alert_counts, students)
return tolerant_jsonify({
'students': students,
'totalStudentCount': results['totalStudentCount'],
})
def create_cohort():
params = request.get_json()
if is_unauthorized_search(params):
raise ForbiddenRequestError(
'You are unauthorized to access student data managed by other departments'
)
label = util.get(params, 'label', None)
if not label:
raise BadRequestError('Cohort creation requires \'label\'')
cohort = CohortFilter.create(
advisor_ldap_uids=util.get(params, 'advisorLdapUids'),
coe_prep_statuses=util.get(params, 'coePrepStatuses'),
ethnicities=util.get(params, 'ethnicities'),
genders=util.get(params, 'genders'),
gpa_ranges=util.get(params, 'gpaRanges'),
group_codes=util.get(params, 'groupCodes'),
in_intensive_cohort=util.to_bool_or_none(
params.get('inIntensiveCohort')),
is_inactive_asc=util.to_bool_or_none(params.get('isInactiveAsc')),
label=label,
last_name_range=util.get(params, 'lastNameRange'),
levels=util.get(params, 'levels'),
majors=util.get(params, 'majors'),
uid=current_user.get_id(),
underrepresented=util.get(params, 'underrepresented'),
unit_ranges=util.get(params, 'unitRanges'),
)
return tolerant_jsonify(decorate_cohort(cohort))
def get_cohort(cohort_id):
if is_unauthorized_search(request.args):
raise ForbiddenRequestError(
'You are unauthorized to access student data managed by other departments'
)
include_students = util.to_bool_or_none(
util.get(request.args, 'includeStudents'))
include_students = True if include_students is None else include_students
order_by = util.get(request.args, 'orderBy', None)
offset = util.get(request.args, 'offset', 0)
limit = util.get(request.args, 'limit', 50)
cohort = CohortFilter.find_by_id(int(cohort_id))
if cohort and can_view_cohort(current_user, cohort):
cohort = decorate_cohort(
cohort,
order_by=order_by,
offset=int(offset),
limit=int(limit),
include_alerts_for_uid=current_user.uid,
include_profiles=True,
include_students=include_students,
)
return tolerant_jsonify(cohort)
else:
raise ResourceNotFoundError(
f'No cohort found with identifier: {cohort_id}')
def get_cohort_per_filters():
benchmark = get_benchmarker('cohort get_students_per_filters')
benchmark('begin')
params = request.get_json()
filters = get_param(params, 'filters', [])
if not filters:
raise BadRequestError('API requires \'filters\'')
include_students = to_bool(get_param(params, 'includeStudents'))
include_students = True if include_students is None else include_students
order_by = get_param(params, 'orderBy', None)
offset = get_param(params, 'offset', 0)
limit = get_param(params, 'limit', 50)
filter_keys = list(map(lambda f: f['key'], filters))
if is_unauthorized_search(filter_keys, order_by):
raise ForbiddenRequestError(
'You are unauthorized to access student data managed by other departments'
)
benchmark('begin phantom cohort query')
cohort = _construct_phantom_cohort(
filters=filters,
order_by=order_by,
offset=int(offset),
limit=int(limit),
include_alerts_for_user_id=current_user.get_id(),
include_profiles=True,
include_students=include_students,
)
_decorate_cohort(cohort)
benchmark('end')
return tolerant_jsonify(cohort)
def update_cohort():
params = request.get_json()
cohort_id = int(params.get('id'))
name = params.get('name')
filters = params.get('filters')
# Validation
if not name and not filters:
raise BadRequestError('Invalid request')
if not CohortFilter.is_cohort_owned_by(cohort_id, current_user.get_id()):
raise ForbiddenRequestError(f'Invalid or unauthorized request')
filter_keys = list(map(lambda f: f['key'], filters))
if is_unauthorized_search(filter_keys):
raise ForbiddenRequestError(
'You are unauthorized to access student data managed by other departments'
)
filter_criteria = _translate_filters_to_cohort_criteria(filters)
updated = CohortFilter.update(
cohort_id=cohort_id,
name=name,
filter_criteria=filter_criteria,
include_students=False,
include_alerts_for_user_id=current_user.get_id(),
)
_decorate_cohort(updated)
return tolerant_jsonify(updated)
def create_cohort():
params = request.get_json()
domain = get_param(params, 'domain', 'default')
if is_unauthorized_domain(domain):
raise ForbiddenRequestError(
f'You are unauthorized to query the \'{domain}\' domain')
name = get_param(params, 'name', None)
filters = get_param(params, 'filters', None)
order_by = params.get('orderBy')
# Authorization check
filter_keys = list(map(lambda f: f['key'], filters))
if is_unauthorized_search(filter_keys, order_by):
raise ForbiddenRequestError(
'You are unauthorized to access student data managed by other departments'
)
filter_criteria = _translate_filters_to_cohort_criteria(filters, domain)
if not name or not filter_criteria:
raise BadRequestError(
'Cohort creation requires \'name\' and \'filters\'')
cohort = CohortFilter.create(
uid=current_user.get_uid(),
name=name,
filter_criteria=filter_criteria,
domain=domain,
order_by=order_by,
include_alerts_for_user_id=current_user.get_id(),
)
_decorate_cohort(cohort)
return tolerant_jsonify(cohort)
def get_cohort(cohort_id):
benchmark = get_benchmarker(f'cohort {cohort_id} get_cohort')
benchmark('begin')
filter_keys = list(request.args.keys())
order_by = get_param(request.args, 'orderBy', None)
if is_unauthorized_search(filter_keys, order_by):
raise ForbiddenRequestError(
'You are unauthorized to access student data managed by other departments'
)
include_students = to_bool(get_param(request.args, 'includeStudents'))
include_students = True if include_students is None else include_students
offset = get_param(request.args, 'offset', 0)
limit = get_param(request.args, 'limit', 50)
benchmark('begin cohort filter query')
cohort = CohortFilter.find_by_id(
int(cohort_id),
order_by=order_by,
offset=int(offset),
limit=int(limit),
include_alerts_for_user_id=current_user.get_id(),
include_profiles=True,
include_students=include_students,
)
if cohort and _can_current_user_view_cohort(cohort):
_decorate_cohort(cohort)
benchmark('end')
return tolerant_jsonify(cohort)
else:
raise ResourceNotFoundError(
f'No cohort found with identifier: {cohort_id}')
def download_csv_per_filters():
benchmark = get_benchmarker('cohort download_csv_per_filters')
benchmark('begin')
params = request.get_json()
filters = get_param(params, 'filters', [])
fieldnames = get_param(params, 'csvColumnsSelected', [])
domain = get_param(params, 'domain', 'default')
if (domain == 'default' and not filters) or filters is None:
raise BadRequestError('API requires \'filters\'')
filter_keys = list(map(lambda f: f['key'], filters))
if is_unauthorized_search(filter_keys):
raise ForbiddenRequestError(
'You are unauthorized to access student data managed by other departments'
)
domain = get_param(params, 'domain', 'default')
if is_unauthorized_domain(domain):
raise ForbiddenRequestError(
f'You are unauthorized to query the \'{domain}\' domain')
cohort = _construct_phantom_cohort(
domain=domain,
filters=filters,
offset=0,
limit=None,
include_profiles=False,
include_sids=True,
include_students=False,
)
return _response_with_csv_download(benchmark, domain, fieldnames,
cohort['sids'])
def search():
params = util.remove_none_values(request.get_json())
order_by = util.get(params, 'orderBy', None)
if is_unauthorized_search(list(params.keys()), order_by):
raise ForbiddenRequestError(
'You are unauthorized to access student data managed by other departments'
)
search_phrase = util.get(params, 'searchPhrase', '').strip()
domain = {
'students': util.get(params, 'students'),
'courses': util.get(params, 'courses'),
'notes': util.get(params, 'notes'),
}
if not domain['students'] and not domain['courses'] and not domain['notes']:
raise BadRequestError('No search domain specified')
if not len(search_phrase) and not domain['notes']:
raise BadRequestError('Invalid or empty search input')
feed = {}
if len(search_phrase) and domain['students']:
feed.update(_student_search(search_phrase, params, order_by))
if len(search_phrase) and domain['courses']:
feed.update(_course_search(search_phrase, params, order_by))
if domain['notes']:
feed.update(_notes_search(search_phrase, params))
return tolerant_jsonify(feed)
def _filters_to_filter_criteria(filters, order_by=None):
filter_keys = list(map(lambda f: f['key'], filters))
if is_unauthorized_search(filter_keys, order_by):
raise ForbiddenRequestError(
'You are unauthorized to access student data managed by other departments'
)
return CohortFilter.translate_filters_to_cohort_criteria(filters)
def download_csv_per_filters():
benchmark = get_benchmarker('cohort download_csv_per_filters')
benchmark('begin')
filters = get_param(request.get_json(), 'filters', [])
if not filters:
raise BadRequestError('API requires \'filters\'')
filter_keys = list(map(lambda f: f['key'], filters))
if is_unauthorized_search(filter_keys):
raise ForbiddenRequestError(
'You are unauthorized to access student data managed by other departments'
)
cohort = CohortFilter.construct_phantom_cohort(
filters=filters,
offset=0,
limit=None,
include_profiles=False,
include_sids=True,
include_students=False,
)
return response_with_students_csv_download(sids=cohort['sids'],
benchmark=benchmark)
def get_students():
params = request.get_json()
if is_unauthorized_search(params):
raise ForbiddenRequestError(
'You are unauthorized to access student data managed by other departments'
)
results = query_students(
advisor_ldap_uids=util.get(params, 'advisorLdapUids'),
coe_prep_statuses=util.get(params, 'coePrepStatuses'),
ethnicities=util.get(params, 'ethnicities'),
genders=util.get(params, 'genders'),
gpa_ranges=util.get(params, 'gpaRanges'),
group_codes=util.get(params, 'groupCodes'),
include_profiles=True,
is_active_asc=_convert_asc_inactive_arg(
util.get(params, 'isInactiveAsc')),
in_intensive_cohort=util.to_bool_or_none(
util.get(params, 'inIntensiveCohort')),
last_name_range=_get_name_range_boundaries(
util.get(params, 'lastNameRange')),
levels=util.get(params, 'levels'),
limit=util.get(params, 'limit', 50),
majors=util.get(params, 'majors'),
offset=util.get(params, 'offset', 0),
order_by=util.get(params, 'orderBy', None),
underrepresented=util.get(params, 'underrepresented'),
unit_ranges=util.get(params, 'unitRanges'),
)
if results is None:
raise BadRequestError('Invalid search criteria')
alert_counts = Alert.current_alert_counts_for_viewer(current_user.id)
students = results['students'] if results else []
add_alert_counts(alert_counts, students)
return tolerant_jsonify({
'students':
students,
'totalStudentCount':
results['totalStudentCount'] if results else 0,
})
def search():
params = util.remove_none_values(request.get_json())
order_by = util.get(params, 'orderBy', None)
if is_unauthorized_search(list(params.keys()), order_by):
raise ForbiddenRequestError(
'You are unauthorized to access student data managed by other departments'
)
search_phrase = util.get(params, 'searchPhrase', '').strip()
domain = {
'appointments': util.get(params, 'appointments'),
'students': util.get(params, 'students'),
'courses': util.get(params, 'courses'),
'notes': util.get(params, 'notes'),
}
if not domain['students'] and not domain['courses'] and not (
domain['notes'] or domain['appointments']):
raise BadRequestError('No search domain specified')
if not len(search_phrase) and not (domain['notes']
or domain['appointments']):
raise BadRequestError('Invalid or empty search input')
if domain['courses'] and not current_user.can_access_canvas_data:
raise ForbiddenRequestError('Unauthorized to search courses')
feed = {}
if domain['appointments'] and app.config[
'FEATURE_FLAG_ADVISOR_APPOINTMENTS']:
feed.update(_appointments_search(search_phrase, params))
if len(search_phrase) and domain['students']:
feed.update(_student_search(search_phrase, params, order_by))
if len(search_phrase) and domain['courses']:
feed.update(_course_search(search_phrase, params, order_by))
if domain['notes']:
feed.update(_notes_search(search_phrase, params))
return tolerant_jsonify(feed)