示例#1
0
def create_token(username):
    token_id = uuid.uuid4().hex
    # tokens[token_id] = username
    currentUser = get_user(username)
    db.session.add(Token(token_id, currentUser))
    db.session.commit()
    return token_id
示例#2
0
文件: admin.py 项目: danwinkler/dtext
def admin(mongodb):
    user = helper.get_user(mongodb)

    if not user or "admin" not in user.get("roles", []):
        redirect("/")

    return helper.template("admin/admin", user=user)
示例#3
0
文件: user.py 项目: danwinkler/dtext
def post_login( mongodb ):
	if helper.get_user( mongodb ):
		redirect( "/" )
	username = request.forms.get('username')
	password = request.forms.get('password')

	errors = []

	user = mongodb['users'].find_one( { 'name': username } )
	
	#Show same error for both: username does not exist AND incorrect password
	if not user or user['password'] != bcrypt.hashpw( password, user['password'] ):
		errors.append( "badpass" )
	
	if len( errors ) > 0:
		return helper.template( 'user/login', errors=errors, form=request.forms, errorMap=loginErrors )

	session_key = binascii.hexlify( os.urandom( 32 ) )

	mongodb['users'].update(
		{ "name": username },
		{
			"$set": { "session_key": session_key }
		}
	)

	helper.c_set( "session_key", session_key )

	redirect( "/" )
示例#4
0
def create_session(username):
    session_id = uuid.uuid4().hex
    # sessions[session_id] = username
    currentUser = get_user(username)
    db.session.add(Session(session_id, currentUser))
    db.session.commit()
    return session_id
示例#5
0
文件: user.py 项目: danwinkler/dtext
def profile( mongodb ):
	user = helper.get_user( mongodb )

	if not user:
		redirect( "/" )

	return helper.template( 'user/profile', user=user )
示例#6
0
文件: user.py 项目: danwinkler/dtext
def resend_email( mongodb ):
	user = helper.get_user( mongodb )
	email = request.query.get( 'email' )
	if not user or not email:
		redirect( "/" )
		
	if user:
		helper.send_verification_email( mongodb, user['name'], email )
		
	return redirect( "/profile" )
示例#7
0
def list_assignments(db, course_id):
    '''
		GET /api/assignments/<course_id>
		List all assignments for a course (students+instructors)
	'''
    user = get_user(db)
    course = find_course(db, course_id)
    check_course_user(db, course, user)
    assignments = course.assignments
    return json_success(assignments=list(map(lambda x: x.id, assignments)))
示例#8
0
def change_read_status():
    # Delete a message.

    message_id = request.form.get('message_id')
    message = Message.query.get(message_id)
    message.delete_message()

    user = get_user()
    new_messages = get_new_messages(session['user_id'])

    return jsonify(new_messages=new_messages)
示例#9
0
def download_assignment(db, course_id, assignment_id):
    '''
		GET /api/assignment/<course_id>/<assignment_id>
		Download a copy of an assignment (students+instructors)
	'''
    user = get_user(db)
    course = find_course(db, course_id)
    check_course_user(db, course, user)
    assignment = find_assignment(db, course, assignment_id)
    list_only = request.args.get('list_only', 'false') == 'true'
    return json_success(files=json_files_pack(assignment.files, list_only))
示例#10
0
def list_courses(db):
    '''
		GET /api/courses
		List all available courses the user is taking or teaching (anyone)
	'''
    user = get_user(db)
    courses = set()
    for i in user.teaching:
        courses.add(i.id)
    for i in user.taking:
        courses.add(i.id)
    return json_success(courses=sorted(courses))
示例#11
0
def add_course(db, course_id):
    '''
		POST /api/course/<course_id>
		Add a course (anyone)
	'''
    user = get_user(db)
    if db.query(Course).filter(Course.id == course_id).one_or_none():
        raise JsonError('Course already exists')
    course = Course(course_id, user)
    db.add(course)
    db.commit()
    return json_success()
示例#12
0
文件: admin.py 项目: danwinkler/dtext
def admin_users(mongodb, search="", index=0, count=10):
    user = helper.get_user(mongodb)

    if not user or "admin" not in user.get("roles", []):
        redirect("/")

    if len(search) == 0:
        users = mongodb["users"].find().skip(index).limit(count)
    else:
        users = mongodb["users"].find({"name": search}).skip(index).limit(count)

    return helper.template("admin/admin", user=user, main=template("admin/users", users=users))
示例#13
0
def templates( mongodb, search="", index=0, count=10 ):
    user = helper.get_user( mongodb )

    if not user:
        redirect("/")

    if len( search ) == 0:
        templates = mongodb['templates'].find( { "owner": user['_id'] }).skip( index ).limit( count )
    else:
        templates = mongodb['templates'].find( { "owner": user['_id'], "name": { "$regex": search } } ).skip( index ).limit( count )

    return helper.template( 'templates/templates', user=user, templates=templates )
示例#14
0
def submit_assignment(db, course_id, assignment_id):
    '''
		POST /api/submission/<course_id>/<assignment_id>
		Submit a copy of an assignment (students+instructors)
	'''
    user = get_user(db)
    course = find_course(db, course_id)
    check_course_user(db, course, user)
    assignment = find_assignment(db, course, assignment_id)
    submission = Submission(user, assignment)
    json_files_unpack(request.form.get('files'), submission.files)
    db.commit()
    return json_success()
示例#15
0
文件: user.py 项目: danwinkler/dtext
def addemail( mongodb ):
	user = helper.get_user( mongodb )
	email = request.forms.get( 'email' )
	if not user:
		redirect( "/" )
	
	for uemail in user.get( 'emails', [] ):
		if uemail['address'] == email:
			redirect( "/profile" )
	
	helper.add_email( mongodb, user['name'], email )
	
	helper.send_verification_email( mongodb, user['name'], email )
	
	redirect( "/profile" )
示例#16
0
def food_info(food_id):
    # Display information about a specific food listing.

    if check_login('Please login to view listing details.') == 'not_logged_in':
        return redirect('/login')
    else:
        # get specific listing from db.
        food_listing = Food.query.get(food_id)
        user = get_user()
        new_messages = get_new_messages(session['user_id'])

        return render_template('food_info.html',
                               food_listing=food_listing,
                               user=user,
                               new_messages=new_messages)
示例#17
0
def release_assignment(db, course_id, assignment_id):
    '''
		POST /api/assignment/<course_id>/<assignment_id>
		Release an assignment (instructors only)
	'''
    user = get_user(db)
    course = find_course(db, course_id)
    check_course_instructor(db, course, user)
    if db.query(Assignment).filter(Assignment.id == assignment_id,
                                   Assignment.course == course).one_or_none():
        raise JsonError('Assignment already exists')
    assignment = Assignment(assignment_id, course)
    json_files_unpack(request.form.get('files'), assignment.files)
    db.commit()
    return json_success()
示例#18
0
def download_submission(db, course_id, assignment_id, student_id):
    '''
		GET /api/submission/<course_id>/<assignment_id>/<student_id>
		Download a student's submitted assignment (instructors only)
		TODO: maybe allow student to see their own submissions?
	'''
    user = get_user(db)
    course = find_course(db, course_id)
    check_course_instructor(db, course, user)
    assignment = find_assignment(db, course, assignment_id)
    student = find_course_user(db, course, student_id)
    submission = find_student_latest_submission(db, assignment, student)
    list_only = request.args.get('list_only', 'false') == 'true'
    return json_success(files=json_files_pack(submission.files, list_only),
                        timestamp=strftime(submission.timestamp))
示例#19
0
def listings():
    # Lists all the food listings, putting the user's friends'
    # listings first.

    if check_login('Please login to view listings.') == 'not_logged_in':
        return redirect('/login')

    else:
        user = get_user()
        new_messages = get_new_messages(session['user_id'])
        user_friends = user.friendships

        if user_friends:
            friend_ids = [friend.friend_id for friend in user_friends]

            # get all their friend's listings
            friends_listings = Food.query.filter_by(active=True
                                                    ).filter(
                                                    Food.user_id.in_(friend_ids)
                                                    ).order_by(
                                                    desc('post_date')
                                                    ).all()

            # get the food ids so they can be filtered out
            friends_food_ids = [food.food_id for food in friends_listings]

            # get all the other active listings
            other_listings = Food.query.filter_by(active=True
                                                  ).filter(~Food.food_id.in_(
                                                   friends_food_ids)
                                                   ).order_by(desc('post_date')
                                                              ).all()

            # combine listings so that the friends listings come first
            foods = friends_listings + other_listings

        else:
            foods = Food.query.filter_by(active=True).order_by(desc
                                                               ('post_date')
                                                               ).all()

        API_KEY = google_api

        return render_template('listings.html',
                               foods=foods,
                               user=user,
                               new_messages=new_messages,
                               API_KEY=API_KEY)
示例#20
0
def edit_food(food_id):
    # Display information about a specific food listing
    # allow the user to edit listing.

    if check_login('Please login to edit your listings.') == 'not_logged_in':
        return redirect('/login')
    else:
        # show user listing and allow them to make changes.
        user = get_user()
        new_messages = get_new_messages(session['user_id'])
        food_listing = Food.query.get(food_id)

        return render_template('editfood.html',
                               food_listing=food_listing,
                               user=user,
                               new_messages=new_messages)
示例#21
0
文件: user.py 项目: danwinkler/dtext
def post_signup( mongodb ):
	if helper.get_user( mongodb ):
		redirect( "/" )
	username = request.forms.get('username')
	password1 = request.forms.get('password1')
	password2 = request.forms.get('password2')
	email = request.forms.get('email')

	errors = []

	if len( username ) == 0:
		errors.append( "usernameblank" )

	if len( password1 ) == 0:
		errors.append( "password1blank" )

	if len( password2 ) == 0:
		errors.append( "password2blank" )
	
	if options.email_required and len( email ) == 0:
		errors.append( "emailblank" )

	if mongodb['users'].find( { "name": username } ).count() > 0:
		errors.append( "nametaken" )

	if password1 != password2:
		errors.append( "nomatch" )

	if len( errors ) > 0:
		return helper.template( 'user/signup', errors=errors, form=request.forms, errorMap=signupErrors )

	salt = bcrypt.gensalt()
	hash = bcrypt.hashpw( password1, salt )
	
	user_obj = { 
		'name': username, 
		'password': hash 
	}
		
	mongodb['users'].insert( user_obj )
	
	if email and len(email) > 0:
		helper.add_email( mongodb, username, email )
		helper.send_verification_email( mongodb, username, email )

	redirect( "/login" )
示例#22
0
def list_submissions(db, course_id, assignment_id):
    '''
		GET /api/submissions/<course_id>/<assignment_id>
		List all submissions for an assignment from all students
		 (instructors only)
	'''
    user = get_user(db)
    course = find_course(db, course_id)
    check_course_instructor(db, course, user)
    assignment = find_assignment(db, course, assignment_id)
    submissions = []
    for submission in assignment.submissions:
        submissions.append({
            'student_id': submission.student.id,
            'timestamp': strftime(submission.timestamp),
            # TODO: "notebooks": [],
        })
    return json_success(submissions=submissions)
示例#23
0
def editor( mongodb, filename=None ):
    user = helper.get_user( mongodb )

    if not user:
        redirect( '/' )

    if filename:
        template = mongodb['templates'].find_one( { "owner": user['_id'], "name": filename } )
    else:
        template = helper.new_template( user )

    return helper.template(
        "templates/editor",
        user=user,
        template=template,
        js=['markdown','codemirror.min','jquery.ba-dotimeout.min', 'render','plugins/basic'],
        css=['codemirror','document']
    )
示例#24
0
def user_info(food_user_id):
    # Displays a specific user's active listings.

    if check_login("Please login to view\
                   this user's listings.") == 'not_logged_in':
        return redirect('/login')
    else:
        # get specific listing from db.
        user = get_user()
        new_messages = get_new_messages(session['user_id'])
        this_user = User.query.get(food_user_id)
        food_listings = Food.query.filter_by(user_id=food_user_id)

        return render_template('user_info.html',
                               this_user=this_user,
                               food_listings=food_listings,
                               user=user,
                               new_messages=new_messages)
示例#25
0
def editor( mongodb, template_name=None, document_name=None ):
    user = helper.get_user( mongodb )

    if not user:
        redirect("/")

    if template_name:
        template = mongodb['templates'].find_one( { "owner": user['_id'], "name": template_name } )
        if not template:
            redirect( "/documents" )
        document = { "raw": template['raw'], "name": "", "form": {} }
    elif document_name:
        document = mongodb['document'].find_one( { "owner": user['_id'], "name": document_name } )
        if not document:
            redirect( "/documents" )
    else:
        redirect( "/documents" )

    return helper.template( 'documents/editor', user=user, document=document, js=['jquery.ba-dotimeout.min','markdown','render','plugins/basic'] )
示例#26
0
def upload_feedback(db, course_id, assignment_id, student_id):
    '''
		POST /api/feedback/<course_id>/<assignment_id>/<student_id>
		Upload feedback on a student's assignment (instructors only)
	'''
    user = get_user(db)
    course = find_course(db, course_id)
    check_course_instructor(db, course, user)
    assignment = find_assignment(db, course, assignment_id)
    student = find_course_user(db, course, student_id)
    if 'timestamp' not in request.form:
        raise JsonError('Please supply timestamp')
    timestamp = strptime(request.form.get('timestamp'))
    submission = find_student_submission(db, assignment, student, timestamp)
    submission.feedbacks.clear()
    # TODO: does this automatically remove the files?
    json_files_unpack(request.form.get('files'), submission.feedbacks)
    db.commit()
    return json_success()
示例#27
0
def download_feedback(db, course_id, assignment_id, student_id):
    '''
		GET /api/feedback/<course_id>/<assignment_id>/<student_id>
		Download feedback on a student's assignment
		 (instructors+students, students restricted to their own submissions)
	'''
    user = get_user(db)
    course = find_course(db, course_id)
    if user.id != student_id:
        check_course_instructor(db, course, user)
    assignment = find_assignment(db, course, assignment_id)
    student = find_course_user(db, course, student_id)
    if 'timestamp' not in request.args:
        raise JsonError('Please supply timestamp')
    timestamp = strptime(request.args.get('timestamp'))
    submission = find_student_submission(db, assignment, student, timestamp)
    list_only = request.args.get('list_only', 'false') == 'true'
    return json_success(files=json_files_pack(submission.feedbacks, list_only),
                        timestamp=strftime(submission.timestamp))
示例#28
0
def list_student_submission(db, course_id, assignment_id, student_id):
    '''
		GET /api/submissions/<course_id>/<assignment_id>/<student_id>
		List all submissions for an assignment from a particular student 
		 (instructors+students, students restricted to their own submissions)
	'''
    user = get_user(db)
    course = find_course(db, course_id)
    if user.id != student_id:
        check_course_instructor(db, course, user)
    assignment = find_assignment(db, course, assignment_id)
    student = find_course_user(db, course, student_id)
    submissions = []
    for submission in find_student_submissions(db, assignment, student):
        submissions.append({
            'student_id': submission.student.id,
            'timestamp': strftime(submission.timestamp),
            # TODO: "notebooks": [],
        })
    return json_success(submissions=submissions)
示例#29
0
def save( mongodb ):
    user = helper.get_user( mongodb )

    if not user:
        return json.dumps( { "error": "not logged in" } )

    filename = request.forms.get( "name" )
    raw = request.forms.get( "raw" )

    mongodb['templates'].update(
        { "owner": user['_id'], "name": filename },
        {
            "owner": user['_id'],
            "name": filename,
            "raw": raw
        },
        upsert=True
    )

    return json.dumps( { "success": "File saved successfully" } )
示例#30
0
def messages():
    # Displays messages for that specific user.

    if check_login("Please login to view your messages.") == 'not_logged_in':
        return redirect('/login')
    else:
        # Get the messages for that particular user.
        user = get_user()
        new_messages = get_new_messages(session['user_id'])

        unread_messages = get_messages(session['user_id'], False)

        read_messages = get_messages(session['user_id'], True)

        all_messages = unread_messages + read_messages

        return render_template('messages.html',
                               all_messages=all_messages,
                               unread_messages=unread_messages,
                               read_messages=read_messages,
                               user=user,
                               new_messages=new_messages)
示例#31
0
    def get(self):
        logging.debug('GET')
        self.response.headers['Content-Type'] = 'text/html'

        # check whether user is logged in
        if helper.is_user_logged_in():
            # if myuser object is None --> No user with key found --> new user --> make new user in datastore
            if not helper.user_exists():
                helper.add_new_user(helper.get_user())

            self.navigate()
            # get all directoriesin the current path
            directories_in_current_path = helper.get_directories_in_current_path(
            )
            files_in_current_path = helper.get_files_in_current_path()
            # extract directory names from the key list for showing only the names to display
            directories_in_current_path = helper.get_names_from_list(
                directories_in_current_path)
            files_in_current_path = helper.get_names_from_list(
                files_in_current_path)

            duplicate_files_in_current_path = helper.get_duplicate_names_from_list(
                files_in_current_path)
            duplicate_files_in_dropox = helper.get_duplicate_names_from_dropbox(
            )
            error_message = helper.get_error().error
            renderhtml.render_main(self, helper.get_logout_url(self),
                                   directories_in_current_path,
                                   files_in_current_path,
                                   helper.get_current_directory_object().path,
                                   helper.is_in_root_directory(),
                                   blobstore.create_upload_url('/upload'),
                                   error_message,
                                   duplicate_files_in_current_path,
                                   duplicate_files_in_dropox)

        # no login
        else:
            renderhtml.render_login(self, helper.get_login_url(self))
示例#32
0
def user_listings():
    # Shows a list of all of that particular user's listings.

    if check_login('Please login to view your listings.') == 'not_logged_in':
        return redirect('/login')
    else:
        # show user's listings.
        user = get_user()
        new_messages = get_new_messages(session['user_id'])
        user_id = session['user_id']
        question = Food.query
        user_listings = question.filter(Food.user_id == user_id,
                                        Food.active == True
                                        ).order_by(desc('post_date')).all()
        old_listings = question.filter(Food.user_id == user_id,
                                       Food.active == False
                                       ).order_by(desc('post_date')).all()

        return render_template('mylistings.html',
                               user_listings=user_listings,
                               old_listings=old_listings,
                               user=user,
                               new_messages=new_messages)
示例#33
0
文件: user.py 项目: danwinkler/dtext
def login( mongodb ):
	if helper.get_user( mongodb ):
		redirect( "/" )
	return helper.template('user/login')
示例#34
0
from helper import get_user, interface_with_user

while True:
    user = get_user()
    interface_with_user(user)
示例#35
0
文件: app.py 项目: danwinkler/dtext
def home( mongodb ):
	return helper.template('home', user=helper.get_user(mongodb) )
示例#36
0
文件: user.py 项目: danwinkler/dtext
def signup( mongodb ):
	if helper.get_user( mongodb ):
		redirect( "/" )
	return helper.template( 'user/signup' )
示例#37
0
def valid_credentials(username, password):
    currentUser = get_user(username)
    if currentUser:
        return bcrypt.check_password_hash(currentUser.password_hash, password)
示例#38
0
def home():
    # homepage

    if check_login('Please login.') == 'not_logged_in':
        return redirect('/login')

    else:
        user = get_user()
        new_messages = get_new_messages(session['user_id'])
        user_friends = user.friendships

        if user_friends:
            # get this user's friend ids
            friend_ids = [friend.friend_id for friend in user_friends]
            friends_fb_ids = db.session.query(User.user_id,
                                              User.fb_id).filter(
                                              User.user_id.in_(friend_ids)
                                              ).all()

            # get all their friend's listings
            friends_listings = []
            for friend in friend_ids:
                listing = Food.query.filter_by(active=True
                                               ).filter(
                                               Food.user_id == friend
                                               ).order_by(desc('post_date')
                                                          ).first()
                if listing:
                    friends_listings.append(listing)

            # get the food ids so they can be filtered out
            friends_food_ids = [food.food_id for food in friends_listings]

            user_id = session['user_id']

            # get all the other active listings,
            # leaving out friend and user listings
            other_listings = Food.query.filter_by(active=True
                                                  ).filter(
                                                  (~Food.user_id.in_(friend_ids)),
                                                  (~(Food.user_id == user_id))
                                                  ).order_by(desc('post_date')
                                                             ).all()

            # combine listings so that the friends listings come first
            this_users_listings = friends_listings + other_listings
            short_list = this_users_listings[:5]
        else:
            short_list = Food.query.filter_by(active=True
                                              ).order_by(desc('post_date')
                                                         ).limit(5).all()
            friends_fb_ids = None

        current_date = datetime.now()
        current_date = current_date.strftime("%Y-%m-%d")

        return render_template('index.html',
                               user_listings=short_list,
                               current_date=current_date,
                               user=user,
                               new_messages=new_messages,
                               user_friends=user_friends,
                               friends_fb_ids=friends_fb_ids)