def get(self): if self.username in config_domain.BANNED_USERNAMES.value: raise self.UnauthorizedUserException("You do not have the credentials to access this page.") elif user_services.has_user_registered_as_editor(self.user_id): self.values.update({"nav_mode": feconf.NAV_MODE_HOME}) self.render_template("dashboard/my_explorations.html", redirect_url_on_logout="/") else: self.redirect(utils.set_url_query_parameter(feconf.SIGNUP_URL, "return_url", "/my_explorations"))
def get(self, story_id, node_id): """Handles GET requests.""" (_, _, classroom_url_fragment, topic_url_fragment, story_url_fragment, node_id) = self.request.path.split('/') story = story_fetchers.get_story_by_id(story_id) completed_nodes = story_fetchers.get_completed_nodes_in_story( self.user_id, story_id) ordered_nodes = story.story_contents.get_ordered_nodes() # In case the user is a returning user and has completed nodes in the # past, redirect to the story page so that the user can continue from # where they had left off. # If the node id is not the first node in the story, redirect to # the story page. if completed_nodes or node_id != ordered_nodes[0].id: self.redirect('/learn/%s/%s/story/%s' % (classroom_url_fragment, topic_url_fragment, story_url_fragment)) return (next_exp_ids, next_node_id, _) = (self._record_node_completion(story_id, node_id, [], ordered_nodes)) if next_node_id is None: self.redirect('/learn/%s/%s/story/%s' % (classroom_url_fragment, topic_url_fragment, story_url_fragment)) return redirect_url = '%s/%s' % (feconf.EXPLORATION_URL_PREFIX, next_exp_ids[0]) redirect_url = utils.set_url_query_parameter(redirect_url, 'classroom_url_fragment', classroom_url_fragment) redirect_url = utils.set_url_query_parameter(redirect_url, 'topic_url_fragment', topic_url_fragment) redirect_url = utils.set_url_query_parameter(redirect_url, 'story_url_fragment', story_url_fragment) redirect_url = utils.set_url_query_parameter(redirect_url, 'node_id', next_node_id) self.redirect(redirect_url)
def test_editor(self, exploration_id, escaped_state_name=None, **kwargs): """Gets the user and exploration id if the user can edit it. Args: self: the handler instance exploration_id: the exploration id escaped_state_name: the URL-escaped state name, if it exists **kwargs: any other arguments passed to the handler Returns: The relevant handler, if the user is authorized to edit this exploration. Raises: self.PageNotFoundException: if no such exploration or state exists. self.UnauthorizedUserException: if the user exists but does not have the right credentials. """ if not self.user_id: self.redirect(current_user_services.create_login_url( self.request.uri)) return if self.username in config_domain.BANNED_USERNAMES.value: raise self.UnauthorizedUserException( 'You do not have the credentials to access this page.') redirect_url = feconf.EDITOR_PREREQUISITES_URL if not user_services.has_user_registered_as_editor(self.user_id): redirect_url = utils.set_url_query_parameter( redirect_url, 'return_url', self.request.uri) self.redirect(redirect_url) return try: exploration = exp_services.get_exploration_by_id(exploration_id) except: raise self.PageNotFoundException if not (rights_manager.Actor(self.user_id).can_edit(exploration_id) or self.is_super_admin): raise self.UnauthorizedUserException( 'You do not have the credentials to edit this exploration.', self.user_id) if not escaped_state_name: return handler(self, exploration_id, **kwargs) state_name = self.unescape_state_name(escaped_state_name) if state_name not in exploration.states: logging.error('Could not find state: %s' % state_name) logging.error('Available states: %s' % exploration.states.keys()) raise self.PageNotFoundException return handler(self, exploration_id, state_name, **kwargs)
def test_editor(self, exploration_id, escaped_state_name=None, **kwargs): """Gets the user and exploration id if the user can edit it. Args: self: the handler instance exploration_id: the exploration id escaped_state_name: the URL-escaped state name, if it exists **kwargs: any other arguments passed to the handler Returns: The relevant handler, if the user is authorized to edit this exploration. Raises: self.PageNotFoundException: if no such exploration or state exists. self.UnauthorizedUserException: if the user exists but does not have the right credentials. """ if not self.user_id: self.redirect( current_user_services.create_login_url(self.request.uri)) return if self.username in config_domain.BANNED_USERNAMES.value: raise self.UnauthorizedUserException( 'You do not have the credentials to access this page.') redirect_url = feconf.EDITOR_PREREQUISITES_URL if not user_services.has_user_registered_as_editor(self.user_id): redirect_url = utils.set_url_query_parameter( redirect_url, 'return_url', self.request.uri) self.redirect(redirect_url) return try: exploration = exp_services.get_exploration_by_id(exploration_id) except: raise self.PageNotFoundException if not (rights_manager.Actor(self.user_id).can_edit(exploration_id) or self.is_super_admin): raise self.UnauthorizedUserException( 'You do not have the credentials to edit this exploration.', self.user_id) if not escaped_state_name: return handler(self, exploration_id, **kwargs) state_name = self.unescape_state_name(escaped_state_name) if state_name not in exploration.states: logging.error('Could not find state: %s' % state_name) logging.error('Available states: %s' % exploration.states.keys()) raise self.PageNotFoundException return handler(self, exploration_id, state_name, **kwargs)
def test_set_url_query_parameter(self): # type: () -> None """Test set_url_query_parameter method.""" self.assertEqual( utils.set_url_query_parameter('http://www.test.com', 'a', 'b'), 'http://www.test.com?a=b') self.assertEqual( utils.set_url_query_parameter('http://www.test.com?a=b', 'c', 'd'), 'http://www.test.com?a=b&c=d') self.assertEqual( utils.set_url_query_parameter('http://test.com?a=b', 'redirectUrl', 'http://redirect.com'), 'http://test.com?a=b&redirectUrl=http%3A%2F%2Fredirect.com') with self.assertRaisesRegexp( # type: ignore[no-untyped-call] Exception, 'URL query parameter name must be a string'): utils.set_url_query_parameter('http://test.com?a=b', None, 'value') # type: ignore[arg-type]
def create_login_url(slug): """Creates a login url. Args: slug: str. The URL to redirect to after login. Returns: str. The correct login URL that includes the page to redirect to. """ return users.create_login_url(dest_url=utils.set_url_query_parameter( feconf.SIGNUP_URL, 'return_url', slug))
def create_logout_url(slug): """Creates a logout url. Args: slug: str. The URL to redirect to after logout. Returns: str. The correct logout URL that includes the page to redirect to. """ logout_url = utils.set_url_query_parameter('/logout', 'return_url', slug) return logout_url
def test_set_url_query_parameter(self): """Test set_url_query_parameter method.""" self.assertEqual( utils.set_url_query_parameter('http://www.test.com', 'a', 'b'), 'http://www.test.com?a=b' ) self.assertEqual( utils.set_url_query_parameter('http://www.test.com?a=b', 'c', 'd'), 'http://www.test.com?a=b&c=d' ) self.assertEqual( utils.set_url_query_parameter( 'http://test.com?a=b', 'redirectUrl', 'http://redirect.com'), 'http://test.com?a=b&redirectUrl=http%3A%2F%2Fredirect.com' ) with self.assertRaisesRegexp( Exception, 'URL query parameter name must be a string'): utils.set_url_query_parameter('http://test.com?a=b', None, 'value')
def get(self): if self.username in config_domain.BANNED_USERNAMES.value: raise self.UnauthorizedUserException( 'You do not have the credentials to access this page.') elif user_services.has_fully_registered(self.user_id): self.values.update({'nav_mode': feconf.NAV_MODE_LEARNER_DASHBOARD}) self.render_template( 'pages/learner_dashboard/learner_dashboard.html', redirect_url_on_logout='/') else: self.redirect( utils.set_url_query_parameter(feconf.SIGNUP_URL, 'return_url', feconf.LEARNER_DASHBOARD_URL))
def get(self): if self.username in config_domain.BANNED_USERNAMES.value: raise self.UnauthorizedUserException( 'You do not have the credentials to access this page.') elif user_services.has_user_registered_as_editor(self.user_id): self.values.update({ 'nav_mode': feconf.NAV_MODE_HOME, }) self.render_template( 'dashboard/timeline.html', redirect_url_on_logout='/') else: self.redirect(utils.set_url_query_parameter( feconf.SIGNUP_URL, 'return_url', '/timeline'))
def get(self): if self.username in config_domain.BANNED_USERNAMES.value: raise self.UnauthorizedUserException( 'You do not have the credentials to access this page.') elif user_services.has_user_registered_as_editor(self.user_id): self.values.update({ 'nav_mode': feconf.NAV_MODE_HOME, }) self.render_template( 'dashboard/my_explorations.html', redirect_url_on_logout='/') else: self.redirect(utils.set_url_query_parameter( feconf.SIGNUP_URL, 'return_url', '/my_explorations'))
def _get_logout_url(self, redirect_url_on_logout): """This overrides the method in base.BaseHandler. Returns logout url which will be handled by EditorLogoutHandler. Args: redirect_url_on_logout: str. URL to redirect to on logout. Returns: str. logout url. """ logout_url = utils.set_url_query_parameter( '/exploration_editor_logout', 'return_url', redirect_url_on_logout) return logout_url
def get(self): if self.username in config_domain.BANNED_USERNAMES.value: raise self.UnauthorizedUserException( 'You do not have the credentials to access this page.') elif user_services.has_fully_registered(self.user_id): self.values.update({ 'meta_description': feconf.DASHBOARD_PAGE_DESCRIPTION, 'nav_mode': feconf.NAV_MODE_DASHBOARD, }) self.render_template('dashboard/notifications_dashboard.html', redirect_url_on_logout='/') else: self.redirect( utils.set_url_query_parameter(feconf.SIGNUP_URL, 'return_url', '/notifications_dashboard'))
def get(self): if self.username in config_domain.BANNED_USERNAMES.value: raise self.UnauthorizedUserException( 'You do not have the credentials to access this page.') elif user_services.has_fully_registered(self.user_id): self.values.update({ 'meta_description': feconf.DASHBOARD_PAGE_DESCRIPTION, 'nav_mode': feconf.NAV_MODE_DASHBOARD, }) self.render_template( 'pages/notifications_dashboard/notifications_dashboard.html', redirect_url_on_logout='/') else: self.redirect(utils.set_url_query_parameter( feconf.SIGNUP_URL, 'return_url', '/notifications_dashboard'))
def get(self): if self.username in config_domain.BANNED_USERNAMES.value: raise self.UnauthorizedUserException( 'You do not have the credentials to access this page.') elif user_services.has_fully_registered(self.user_id): self.values.update({ 'nav_mode': feconf.NAV_MODE_HOME, 'can_create_collections': ( self.username in config_domain.WHITELISTED_COLLECTION_EDITOR_USERNAMES.value) }) self.render_template( 'dashboard/my_explorations.html', redirect_url_on_logout='/') else: self.redirect(utils.set_url_query_parameter( feconf.SIGNUP_URL, 'return_url', '/my_explorations'))
def get(self): if self.username in config_domain.BANNED_USERNAMES.value: raise self.UnauthorizedUserException( 'You do not have the credentials to access this page.') elif user_services.has_fully_registered(self.user_id): self.values.update({ 'nav_mode': feconf.NAV_MODE_DASHBOARD, 'allow_yaml_file_upload': feconf.ALLOW_YAML_FILE_UPLOAD, 'DEFAULT_TWITTER_SHARE_MESSAGE_DASHBOARD': ( DEFAULT_TWITTER_SHARE_MESSAGE_DASHBOARD.value) }) self.render_template( 'pages/dashboard/dashboard.html', redirect_url_on_logout='/') else: self.redirect(utils.set_url_query_parameter( feconf.SIGNUP_URL, 'return_url', feconf.DASHBOARD_URL))
def get(self): if self.username in config_domain.BANNED_USERNAMES.value: raise self.UnauthorizedUserException( 'You do not have the credentials to access this page.') elif user_services.has_fully_registered(self.user_id): self.values.update({ 'nav_mode': feconf.NAV_MODE_DASHBOARD, 'can_create_collections': ( self.username in config_domain.WHITELISTED_COLLECTION_EDITOR_USERNAMES.value ), 'allow_yaml_file_upload': ALLOW_YAML_FILE_UPLOAD.value, }) self.render_template( 'dashboard/dashboard.html', redirect_url_on_logout='/') else: self.redirect(utils.set_url_query_parameter( feconf.SIGNUP_URL, 'return_url', feconf.DASHBOARD_URL))
def get(self): if self.username in config_domain.BANNED_USERNAMES.value: raise self.UnauthorizedUserException( 'You do not have the credentials to access this page.') elif user_services.has_fully_registered(self.user_id): self.values.update({ 'nav_mode': feconf.NAV_MODE_HOME, 'can_create_collections': ( self.username in config_domain.WHITELISTED_COLLECTION_EDITOR_USERNAMES.value ), 'allow_yaml_file_upload': ALLOW_YAML_FILE_UPLOAD.value, }) self.render_template( 'dashboard/my_explorations.html', redirect_url_on_logout='/') else: self.redirect(utils.set_url_query_parameter( feconf.SIGNUP_URL, 'return_url', '/my_explorations'))
def get(self): if self.username in config_domain.BANNED_USERNAMES.value: raise self.UnauthorizedUserException( 'You do not have the credentials to access this page.') elif user_services.has_fully_registered(self.user_id): self.values.update({ 'nav_mode': feconf.NAV_MODE_DASHBOARD, 'allow_yaml_file_upload': feconf.ALLOW_YAML_FILE_UPLOAD, 'DEFAULT_TWITTER_SHARE_MESSAGE_DASHBOARD': (DEFAULT_TWITTER_SHARE_MESSAGE_DASHBOARD.value) }) self.render_template('pages/dashboard/dashboard.html', redirect_url_on_logout='/') else: self.redirect( utils.set_url_query_parameter(feconf.SIGNUP_URL, 'return_url', feconf.DASHBOARD_URL))
def test_registered_as_editor(self, **kwargs): """Check that the user has registered as an editor.""" if not self.user_id: self.redirect( current_user_services.create_login_url(self.request.uri)) return if self.username in config_domain.BANNED_USERNAMES.value: raise self.UnauthorizedUserException( 'You do not have the credentials to access this page.') redirect_url = feconf.EDITOR_PREREQUISITES_URL if not user_services.has_user_registered_as_editor(self.user_id): redirect_url = utils.set_url_query_parameter( redirect_url, 'return_url', self.request.uri) self.redirect(redirect_url) return return handler(self, **kwargs)
def test_registered_as_editor(self, **kwargs): """Check that the user has registered as an editor.""" if not self.user_id: self.redirect(current_user_services.create_login_url( self.request.uri)) return if self.username in config_domain.BANNED_USERNAMES.value: raise self.UnauthorizedUserException( 'You do not have the credentials to access this page.') redirect_url = feconf.EDITOR_PREREQUISITES_URL if not user_services.has_user_registered_as_editor(self.user_id): redirect_url = utils.set_url_query_parameter( redirect_url, 'return_url', self.request.uri) self.redirect(redirect_url) return return handler(self, **kwargs)
def create_login_url(slug): """Creates a login url.""" return users.create_login_url( utils.set_url_query_parameter(feconf.SIGNUP_URL, 'return_url', slug))
def get(self, exploration_id): """Handles GET requests.""" try: exp_services.get_exploration_by_id(exploration_id) except: raise self.PageNotFoundException if not rights_manager.Actor(self.user_id).can_view(exploration_id): raise self.PageNotFoundException can_edit = ( bool(self.user_id) and self.username not in config_domain.BANNED_USERNAMES.value and rights_manager.Actor(self.user_id).can_edit(exploration_id)) if (can_edit and not user_services.has_user_registered_as_editor(self.user_id)): redirect_url = utils.set_url_query_parameter( feconf.EDITOR_PREREQUISITES_URL, 'return_url', self.request.uri) self.redirect(redirect_url) return # TODO(sll): Consider including the obj_generator html in a ng-template # to remove the need for an additional RPC? object_editors_js = OBJECT_EDITORS_JS.value value_generators_js = VALUE_GENERATORS_JS.value all_interactive_widget_ids = ( widget_registry.Registry.get_widget_ids_of_type( feconf.INTERACTIVE_PREFIX)) widget_dependency_ids = ( widget_registry.Registry.get_deduplicated_dependency_ids( all_interactive_widget_ids)) dependencies_html, additional_angular_modules = ( dependency_registry.Registry.get_deps_html_and_angular_modules( widget_dependency_ids + self.EDITOR_PAGE_DEPENDENCY_IDS)) widget_js_directives = ( widget_registry.Registry.get_noninteractive_widget_js() + widget_registry.Registry.get_interactive_widget_js( all_interactive_widget_ids)) self.values.update({ 'additional_angular_modules': additional_angular_modules, 'announcement': jinja2.utils.Markup( EDITOR_PAGE_ANNOUNCEMENT.value), 'can_delete': rights_manager.Actor( self.user_id).can_delete(exploration_id), 'can_edit': can_edit, 'can_modify_roles': rights_manager.Actor( self.user_id).can_modify_roles(exploration_id), 'can_publicize': rights_manager.Actor( self.user_id).can_publicize(exploration_id), 'can_publish': rights_manager.Actor(self.user_id).can_publish( exploration_id), 'can_release_ownership': rights_manager.Actor( self.user_id).can_release_ownership(exploration_id), 'can_unpublicize': rights_manager.Actor( self.user_id).can_unpublicize(exploration_id), 'can_unpublish': rights_manager.Actor(self.user_id).can_unpublish( exploration_id), 'dependencies_html': jinja2.utils.Markup(dependencies_html), 'moderator_request_forum_url': MODERATOR_REQUEST_FORUM_URL.value, 'nav_mode': feconf.NAV_MODE_CREATE, 'object_editors_js': jinja2.utils.Markup(object_editors_js), 'value_generators_js': jinja2.utils.Markup(value_generators_js), 'widget_js_directives': jinja2.utils.Markup(widget_js_directives), 'SHOW_SKIN_CHOOSER': feconf.SHOW_SKIN_CHOOSER, }) self.render_template('editor/exploration_editor.html')
def create_login_url(slug): """Creates a login url.""" return users.create_login_url(utils.set_url_query_parameter( feconf.SIGNUP_URL, 'return_url', slug))
def create_logout_url(slug): """Creates a logout url.""" logout_url = utils.set_url_query_parameter('/logout', 'return_url', slug) return logout_url