def edit_page(request, course_slug, page_slug): ''' This view verifies that a valid course/page pair is given, then verifies that the user has edit permissions, finally it calls the quiz/lesson edit view depending on what kind of page is given. @author Russell Mezzetta @author Evan Kleist ''' #check if the course is a real course in the database try: c = Course.objects.get(slug=course_slug) except Course.DoesNotExist: raise Http404 #check if the page is a real page in the database try: page = c.pages.get(slug=page_slug) except Page.DoesNotExist: raise Http404 #check that user has permissions (edit) if not request.user.is_authenticated(): return master_rtr(request, 'page/denied.html', {'course':course_slug, 'enrolled':False, 'edit':True, 'loggedIn':False}) try: #get user's enrollment to check permissions e = request.user.enrollments.get(course = c) except ObjectDoesNotExist: return master_rtr(request, 'page/denied.html', {'course':course_slug, 'enrolled':False, 'edit':True, 'loggedIn':True}) if not e.edit: return master_rtr(request, 'page/denied.html', {'course':course_slug, 'enrolled':True, 'edit':True, 'loggedIn':True}) #cast the page to a lesson or quiz then call show on it try: page = page.lesson #save this data to UserLastViewed object saveLastViewed(request.user, course_slug, page_slug, True) return edit_lesson(request, course_slug, page_slug) except Lesson.DoesNotExist: try: page = page.quiz #save this data to UserLastViewed object saveLastViewed(request.user, course_slug, page_slug, True) return edit_quiz(request, course_slug, page_slug) except Quiz.DoesNotExist: return Http404
def show_page(request, course_slug, page_slug, preview=False): ''' This "view" does error checking to verify that the input course/page exist Then it checks that the user has view permissions if they are required Finally it invokes the lesson or quiz view depending on the type of page @author Russell Mezzetta @author Evan Kleist ''' #check if the course is a real course in the database try: course = Course.objects.get(slug=course_slug) except Course.DoesNotExist: #return HttpResponse("ERROR: BAD URL: The course: %s does not exist" % (course_slug)) raise Http404 #check if the page is a real page in the database try: page = Page.objects.get(slug=page_slug, course=course) except Page.DoesNotExist: #return HttpResponse("ERROR: BAD URL: The course: %s does not contain the page: %s." % (course_slug, page_slug)) raise Http404 #if the course is private then check that the user is enrolled and has view permissions if course.private: if not request.user.is_authenticated(): return master_rtr(request, 'page/denied.html', {'course':course, 'enrolled':False, 'edit':False, 'loggedIn':False}) try:#try to get the enrollment for this user and check view permission e = page.course.roster.get(user=request.user) if not e.view: return master_rtr(request, 'page/denied.html', {'course':course, 'enrolled':True, 'edit':False, 'loggedIn':True}) except ObjectDoesNotExist: # user is not enrolled in this course return master_rtr(request, 'page/denied.html', {'course':course, 'enrolled':False, 'edit':False, 'loggedIn':True}) #if preview is set to true then the user MUST have edit permissions to view #b/c this is viewing the working copy, also user must be logged in if preview == True: try: e = course.roster.get(user=request.user) except ObjectDoesNotExist: return master_rtr(request, 'page/denied.html', {'course':course_slug, 'enrolled':False, 'edit':False, 'loggedIn':True}) #make sure user has view and edit permissions if not e.view or not e.edit: return master_rtr(request, 'page/denied.html', {'course':course_slug, 'enrolled':True, 'edit':False, 'loggedIn':True}) #cast the page to a lesson or quiz then call show on it try: page = page.lesson if request.user.is_authenticated(): #save this data to UserLastViewed object saveLastViewed(request.user, course_slug, page_slug, False) return show_lesson(request, course_slug, page_slug, page, preview) except Lesson.DoesNotExist: try: page = page.quiz if request.user.is_authenticated(): #save this data to UserLastViewed object saveLastViewed(request.user, course_slug, page_slug, False) return show_quiz(request, course_slug, page_slug) except Quiz.DoesNotExist: raise Http404