def test_admin_level_of_access(self): logout('localhost') user = login_user('z1', 'adminPass', 'localhost') self.assertEqual(has_access('localhost', Student), True) self.assertEqual(has_access('localhost', Staff), True) self.assertEqual(has_access('localhost', Admin), True)
def test_student_level_of_access(self): logout('localhost') user = login_user('z100', 'student228', 'localhost') self.assertEqual(has_access('localhost', Student), True) self.assertEqual(has_access('localhost', Staff), False) self.assertEqual(has_access('localhost', Admin), False)
def viewResults(course, semester): if (not (has_access(request.remote_addr, Student) or has_access(request.remote_addr, Staff))): return redirect("/login/Staff/@2Fresults@2F"+course+"@2F"+semester) update(request.remote_addr) survey = Survey() survey = survey.load_course_from_db(DATABASE_FILENAME, course, semester) responses = get_all_survey_responses(survey) return render_template('metrics.html', survey = survey, responses = responses)
def login(role = None, page = None): if page == None: if (has_access(request.remote_addr, Admin)): return redirect("/adminHome") if (has_access(request.remote_addr, Student)): return redirect("/studentHome") if (has_access(request.remote_addr, Staff)): return redirect("/staffHome") update(request.remote_addr) return login_page(request, role, page)
def edit_survey(course, semester): if (not has_access(request.remote_addr, Admin)): return redirect("/login/Admin/@2Fcreate@2F" + course + "@2F" + semester) update(request.remote_addr) saved_questions = read_all_questions() return render_template("edit_survey.html", course = course, semester = semester, saved_questions = saved_questions)
def publish_survey(): if (not has_access(request.remote_addr, Admin, overrideTime = True)): return redirect("/login/Admin/@2Fcreate@2F" + request.form['course'] + "@2F" + request.form['semester']) update(request.remote_addr) response = save_survey(request.form) return response
def staffHome(): if (not has_access(request.remote_addr, Staff)): return redirect("/login/Staff/@2FstaffHome") update(request.remote_addr) user = get_user(request.remote_addr) all_review_surveys = get_surveys(state = 0) review_surveys = [] for survey in all_review_surveys: if (user.is_enrolled_in(survey.course)): review_surveys.append(survey) all_active_surveys = get_surveys(state = 1) active_surveys = [] for survey in all_active_surveys: if (user.is_enrolled_in(survey.course)): active_surveys.append(survey) all_closed_surveys = get_surveys(state = 2) closed_surveys = [] for survey in all_closed_surveys: if (user.is_enrolled_in(survey.course)): closed_surveys.append(survey) root = request.url_root return render_template("staffHome.html", review_surveys = review_surveys, active_surveys = active_surveys, closed_surveys = closed_surveys, root = root)
def delete_question(): if (not has_access(request.remote_addr, Admin, overrideTime = True)): return redirect("/login/Admin/@2Fcreate@2F" + course + "@2F" + semester) update(request.remote_addr) remove_question(request.form.get('id')) return "Question deleted."
def review_saved_questions(): if (not has_access(request.remote_addr, Admin)): return redirect("/login/Admin/@2Freview_questions") update(request.remote_addr) saved_questions = read_all_questions() return render_template("viewQuestions.html", saved_questions = saved_questions)
def test_admin_login(self): user = login_user('z1', 'adminPass', 'localhost') self.assertNotEqual(user, None) self.assertEqual(type(user), Admin) self.assertEqual(user, get_user('localhost')) self.assertEqual(has_access('localhost', Admin), True)
def test_student_login(self): user = login_user('z100', 'student228', 'localhost') self.assertNotEqual(user, None) self.assertEqual(type(user), Student) self.assertEqual(user, get_user('localhost')) self.assertEqual(has_access('localhost', Student), True)
def test_staff_login(self): user = login_user('z50', 'staff670', 'localhost') self.assertNotEqual(user, None) self.assertEqual(type(user), Staff) self.assertEqual(user, get_user('localhost')) self.assertEqual(has_access('localhost', Staff), True)
def closeSurvey(course, semester): if (not has_access(request.remote_addr, Staff)): return redirect("/login/Staff/@2Fclose_survey@2F" + course + "@2F" + semester) update(request.remote_addr) survey = Survey() survey.load_course_from_db(DATABASE_FILENAME, course, semester) db_execute(DATABASE_FILENAME, 'UPDATE SURVEYS SET STATE = "2" WHERE ID = ' + str(survey.id)) return redirect('/login')
def save_question(): if (not has_access(request.remote_addr, Admin, overrideTime = True)): return redirect("/login/Admin/@2Fcreate") update(request.remote_addr) return str(write_question({'questionText': request.form.get('questionText'), 'options': json.loads(request.form.get('options')), 'multi': request.form.get('multi'), 'text': request.form.get('text'), 'mandatory': request.form.get('mandatory'), 'saved_id': request.form.get('saved_id')}))
def metrics(course, semester): if (not has_access(request.remote_addr, Admin)): return redirect("/login/Admin/@2Fmetrics@2F"+course+"@2F"+semester) update(request.remote_addr) survey = Survey() survey = survey.load_course_from_db(DATABASE_FILENAME, course, semester) responses = get_all_survey_responses(survey) return render_template('metrics.html', survey = survey, responses = responses)
def studentResults(): if (not has_access(request.remote_addr, Student)): return redirect("/login/Student/@2FstudentResults") update(request.remote_addr) user = get_user(request.remote_addr) all_closed_surveys = get_surveys(state = 2) closed_surveys = [] for survey in all_closed_surveys: if user.is_enrolled_in(survey.course): closed_surveys.append(survey) return render_template("studentResults.html", closed_surveys = closed_surveys)
def studentHome(): if (not has_access(request.remote_addr, Student)): return redirect("/login/Student/@2FstudentHome") update(request.remote_addr) user = get_user(request.remote_addr) all_active_surveys = get_surveys(state = 1) active_surveys = [] for survey in all_active_surveys: if user.is_enrolled_in(survey.course) and not user.has_responded_to(DATABASE_FILENAME, survey): active_surveys.append(survey) return render_template("studentHome.html", active_surveys = active_surveys)
def login_page(request, role, page): if request.method == "GET": logged_in_as = None if (has_access(request.remote_addr, Student)): logged_in_as = 'Student' if (has_access(request.remote_addr, Staff)): logged_in_as = 'Staff' return render_template("login.html", page=page, role=role, logged_in_as=logged_in_as, attempt=request.args.get('attempt')) if request.method == "POST": user = login_user(request.form["username"], request.form["password"], request.remote_addr) if user == None: attempt = 1 if request.args.get('attempt'): attempt = int(request.args.get('attempt')) + 1 if page: return redirect("/login/" + page + "?attempt=" + str(attempt)) return redirect("/login" + "?attempt=" + str(attempt)) if type(user) is Admin: if page: return redirect(page.replace("@2F", "/")) return redirect("/adminHome") #Admin Homepage elif type(user) is Staff: if page: return redirect(page.replace("@2F", "/")) return redirect("/staffHome") #Staff Homepage elif type(user) is Student or type(user) is Guest: if page: return redirect(page.replace("@2F", "/")) return redirect("/studentHome") #Student Homepage else: return "Something went wrong"
def commit_review(): if (not has_access(request.remote_addr, Staff, overrideTime = True)): return redirect("/login/Staff/@2Fcommit_review") update(request.remote_addr) survey = Survey() survey.load_course_from_db(DATABASE_FILENAME, request.form.get('course'), request.form.get('semester')) survey.questions = [] for questionId in json.loads(request.form.get('ids')): question = Question() question.load_from_db(DATABASE_FILENAME, questionId) survey.questions.append(question) survey.update_db(DATABASE_FILENAME) return "Success"
def reviewSurvey(course, semester): if (not has_access(request.remote_addr, Staff)): return redirect("/login/Staff/@2Freview@2F" + course + "@2F" + semester) update(request.remote_addr) survey = get_survey(course, semester) num_questions = len(survey.questions) all_questions = read_all_questions() extra_questions = [] for question in all_questions: matches = False for survey_question in survey.questions: if question.matches(survey_question): matches = True break if not matches and question.get_visible() and not question.get_mandatory(): extra_questions.append(question) num_extra_questions = len(extra_questions) return render_template("reviewSurvey.html", survey = survey, num_questions = num_questions, extra_questions = extra_questions, num_extra_questions = num_extra_questions)
def home(): if (not has_access(request.remote_addr, Admin)): return redirect("/login/Admin/@2FadminHome") update(request.remote_addr) guest_was_approved = None if request.method == "POST": if request.form.get('approve'): approve_guest(request.form.get('approve')) guest_was_approved = True elif request.form.get('deny'): deny_guest(request.form.get('deny')) guest_was_approved = False pending_guests = get_pending_guests() review_surveys = get_surveys(state = 0) active_surveys = get_surveys(state = 1) closed_surveys = get_surveys(state = 2) root = request.url_root return render_template("home.html", review_surveys = review_surveys, active_surveys = active_surveys, closed_surveys = closed_surveys, root = root, pending_guests = pending_guests, guest_was_approved = guest_was_approved)
def view_survey(course, semester): if (not has_access(request.remote_addr, Student)): return redirect("/login/Student/@2Fsurvey@2F"+course+"@2F"+semester) user = get_user(request.remote_addr) survey = Survey() survey = survey.load_course_from_db(DATABASE_FILENAME, course, semester) if (not user.is_enrolled_in(survey.course)): return redirect("/login/Student/@2Fsurvey@2F"+course+"@2F"+semester) if (user.has_responded_to(DATABASE_FILENAME, survey)): return redirect("/login/Student/@2Fsurvey@2F"+course+"@2F"+semester) update(request.remote_addr) if request.method == "POST": return save_response(DATABASE_FILENAME, survey, request) numQuestions = len(survey.questions) if survey == None: return render_template("surveyFail.html") return render_template("survey.html", survey = survey, numQuestions = numQuestions)
def test_admin_logout(self): logout('localhost') self.assertEqual(get_user('localhost'), None) self.assertEqual(has_access('localhost', Admin), False)
def test_student_logout(self): logout('localhost') self.assertEqual(get_user('localhost'), None) self.assertEqual(has_access('localhost', Student), False)
def test_staff_incorrect_login(self): user = login_user('z10', 'adminPass', 'localhost') self.assertEqual(user, None) self.assertEqual(has_access('localhost', Admin), False)
def create(): if (not has_access(request.remote_addr, Admin)): return redirect("/login/Admin/@2Fcreate") update(request.remote_addr) return view_semesters(request, get_surveys())
def create_course(semester): if (not has_access(request.remote_addr, Admin)): return redirect("/login/Admin/@2Fselect_course@2F"+semester) update(request.remote_addr) return view_courses(request, get_surveys(), semester)