def home():
if 'csrf_token' not in session:
session['csrf_token'] = app.secret_key
if request.method == 'POST':
# Only save the grade if the form submission includes a CSRF token,
# and it matches the token in the session.
if request.form.get('csrf_token', None) == session['csrf_token']:
g = Grade(
student=request.form['student'],
assignment=request.form['assignment'],
grade=request.form['grade'],
)
#print("(" + request.form['grade'] + ")")
g.save()
body = """
<html>
<body>
<h1>Enter Grades</h1>
<h2>Enter a Grade</h2>
<form method="POST">
<label for="student">Student</label>
<input type="text" name="student"><br>
<label for="assignment">Assignment</label>
<input type="text" name="assignment"><br>
<label for="grade">Grade</label>
<input type="text" name="grade"><br>
<input type="hidden" name="csrf_token" value="{}"> <!-- Include the CSRF token in the form -->
<input type="submit" value="Submit">
</form>
<h2>Existing Grades</h2>
""".format(session['csrf_token'])
for g in Grade.select():
body += """
<div class="grade">
{}, {}: {}
</div>
""".format(g.student, g.assignment, g.grade)
return body
def home():
if 'csrf_token' not in session:
session['csrf_token'] = random.randint(10000000, 99999999)
if (request.method == 'POST') and (request.form.get('csrf_token', None)
== session['csrf_token']):
g = Grade(
student=request.form['student'],
assignment=request.form['assignment'],
grade=request.form['grade'],
)
#print("(" + request.form['grade'] + ")")
g.save()
body = """
<html>
<body>
<h1>Enter Grades</h1>
<h2>Enter a Grade</h2>
<form method="POST">
<label for="student">Student</label>
<input type="text" name="student"><br>
<label for="assignment">Assignment</label>
<input type="text" name="assignment"><br>
<label for="grade">Grade</label>
<input type="text" name="grade"><br>
<input type="hidden" name="csrf_token" value="{}">
<input type="submit" value="Submit">
</form>
<h2>Existing Grades</h2>
""".format(session['csrf_token'])
for g in Grade.select():
body += """
<div class="grade">
{}, {}: {}
</div>
""".format(g.student, g.assignment, g.grade)
return body
def home():
if 'csrftoken' not in session:
session['csrftoken'] = app.secret_key
if request.method == 'POST':
if str(request.form.get('_csrf_token', None)) == str(app.secret_key):
g = Grade(
student=request.form['student'],
assignment=request.form['assignment'],
grade=request.form['grade'],
)
g.save()
body = """
<html>
<body>
<h1>Enter Grades</h1>
<h2>Enter a Grade</h2>
<form method="POST">
<input name=_csrf_token type="hidden" value="{}">
<label for="student">Student</label>
<input type="text" name="student"><br>
<label for="assignment">Assignment</label>
<input type="text" name="assignment"><br>
<label for="grade">Grade</label>
<input type="text" name="grade"><br>
<input type="submit" value="Submit">
</form>
<h2>Existing Grades</h2>
""".format(session['csrftoken'])
for g in Grade.select():
body += """
<div class="grade">
{}, {}: {}
</div>
""".format(g.student, g.assignment, g.grade)
return body
def create_grades():
"""Add the list of grade levels for use in a child questionnaire form."""
grades = ["Preschool", "Kindergarten", "1st grade", "2nd grade", "3rd grade", "4th grade", "5th grade", "6th grade", "7th grade", "8th grade", "9th grade", "10th grade", "11th trade", "12th grade"]
for grade in grades:
grade_name = grade
#print("Gr name:", grade_name)
gr = Grade(grade_name=grade_name)
db.session.add(gr)
db.session.commit()
def home():
if request.method == 'POST':
g = Grade(
student=request.form['student'],
assignment=request.form['assignment'],
grade=request.form['grade'],
)
#print("(" + request.form['grade'] + ")")
g.save()
body = """
<html>
<body>
<h1>Enter Grades</h1>
<h2>Enter a Grade</h2>
<form method="POST">
<label for="student">Student</label>
<input type="text" name="student"><br>
<label for="assignment">Assignment</label>
<input type="text" name="assignment"><br>
<label for="grade">Grade</label>
<input type="text" name="grade"><br>
<input type="submit" value="Submit">
</form>
<h2>Existing Grades</h2>
"""
for g in Grade.select():
body += """
<div class="grade">
{}, {}: {}
</div>
""".format(g.student, g.assignment, g.grade)
return body
def save( self ):
# get the assignment values from the ui
index = self.view.get_index()
name = self.view.get_name()
due = float(self.view.get_due())
max = float(self.view.get_max())
rcv = float(self.view.get_received())
grade = Grade(max,rcv)
notes = self.view.get_notes()
# store the new values in the assignment variable
assignment = Assignment(-1,self.criteria,index,name,due,grade,notes)
# save the changes into the db
BGModelController.add_assignment( assignment )
def assignment_grades_update(assignment_pk):
assignment = Assignment.get(pk=assignment_pk)
students = Student.all()
grades = assignment.get_grades()
# We decorate the student's with their grades.
# Ideally, this would be done with a select_related type thing in the
# model. At the SQL level. TODO
g_by_student_pk = dict([(grade.student_pk, grade) for grade in grades])
for s in students:
s.grade = g_by_student_pk.get(s.pk)
if request.method == 'GET':
return render_template("assignment_grades_update.html",
assignment=assignment,
students=students)
# TODO: This POSt method seems cumbersome. Can it be fixed?
if request.method == 'POST':
for student in students:
# These keys are first generated in the template as input tag
# name attributes.
points_key = "student_{0}_points".format(student.pk)
comment_key = "student_{0}_comment".format(student.pk)
try:
points = request.form[points_key].strip()
comment = request.form[comment_key].strip()
except KeyError:
# This will prevent a 400 status code from being returned if we
# try to get data from the form about a student that didn't
# exist when the form was created.
continue
try:
points = int(points.strip())
except ValueError:
points = None
comment = comment.strip()
if student.grade is None:
student.grade = Grade(student_pk=student.pk,
assignment_pk=assignment.pk,
points=points,
comment=comment)
else:
student.grade.points = points
student.grade.comment = comment
student.grade.save()
return redirect(url_for('assignment_view',
assignment_pk=assignment_pk))
def save( self ):
# get the assignment values from the ui
index = self.view.get_index()
name = self.view.get_name()
due = float(self.view.get_due())
max = float(self.view.get_max())
rcv = float(self.view.get_received())
notes = self.view.get_notes()
# store the new values in the assignment variable
self.assignment.index(index)
self.assignment.name(name)
self.assignment.due(due)
self.assignment.notes(notes)
self.assignment.grade(Grade(max,rcv))
# save the changes into the db
BGModelController.set_assignment( self.assignment )
def add_grade_():
form = AddGradeForm()
if form.validate_on_submit():
try:
with db.transaction():
grade = Grade.create(
student=Student.get(Student.username == form.student_select.data),
subject=Subject.get(Subject.name == form.subject_select.data),
teacher=get_current_user(),
grade=form.grade.data
)
except DatabaseError:
flash('An error occurred while adding a grade')
else:
flash('Grade ' + str(grade.grade) + ' assigned to student ' + str(grade.student))
return redirect(url_for('groups', group=grade.student.username))
flash_errors(form)
students = Student.select()
subjects = Subject.select()
return render_template('add_grade.html', students=students, subjects=subjects, form=form)
def student_profile_foreign_(username):
student = Student.get(Student.username == username)
subjects = Subject.select()
grades = Grade.select().where(Grade.student == student)
return render_template('student_profile.html', student=student, subjects=subjects, grades=grades)
def student_profile_():
student = get_current_user()
subjects = Subject.select()
grades = Grade.select().where(Grade.student == student)
return render_template('student_profile.html', student=student, subjects=subjects, grades=grades)