231
221
"""Find a user in a store by login name."""
232
222
return store.find(cls, cls.login == unicode(login)).one()
234
def get_svn_url(self, config):
235
"""Get the subversion repository URL for this user or group."""
236
url = config['urls']['svn_addr']
237
path = 'users/%s' % self.login
238
return urlparse.urljoin(url, path)
240
def get_permissions(self, user, config):
224
def get_permissions(self, user):
241
225
"""Determine privileges held by a user over this object.
243
227
If the user requesting privileges is this user or an admin,
244
228
they may do everything. Otherwise they may do nothing.
246
230
if user and user.admin or user is self:
247
return set(['view_public', 'view', 'edit', 'submit_project'])
231
return set(['view', 'edit', 'submit_project'])
249
return set(['view_public'])
251
235
# SUBJECTS AND ENROLMENTS #
385
360
Enrolment.offering_id == self.id).one()
386
361
Store.of(enrolment).remove(enrolment)
388
def get_permissions(self, user, config):
363
def get_permissions(self, user):
390
365
if user is not None:
391
366
enrolment = self.get_enrolment(user)
392
367
if enrolment or user.admin:
393
368
perms.add('view')
394
if enrolment and enrolment.role == u'tutor':
395
perms.add('view_project_submissions')
396
# Site-specific policy on the role of tutors
397
if config['policy']['tutors_can_enrol_students']:
399
perms.add('enrol_student')
400
if config['policy']['tutors_can_edit_worksheets']:
401
perms.add('edit_worksheets')
402
if config['policy']['tutors_can_admin_groups']:
403
perms.add('admin_groups')
404
if (enrolment and enrolment.role in (u'lecturer')) or user.admin:
405
perms.add('view_project_submissions')
406
perms.add('admin_groups')
407
perms.add('edit_worksheets')
408
perms.add('view_worksheet_marks')
409
perms.add('edit') # Can edit projects & details
410
perms.add('enrol') # Can see enrolment screen at all
411
perms.add('enrol_student') # Can enrol students
412
perms.add('enrol_tutor') # Can enrol tutors
414
perms.add('enrol_lecturer') # Can enrol lecturers
369
if (enrolment and enrolment.role in (u'tutor', u'lecturer')) \
417
374
def get_enrolment(self, user):
428
385
Enrolment.user_id == User.id,
429
386
Enrolment.offering_id == self.id,
430
387
Enrolment.role == role
431
).order_by(User.login)
434
391
def students(self):
435
392
return self.get_members_by_role(u'student')
437
def get_open_projects_for_user(self, user):
438
"""Find all projects currently open to submissions by a user."""
439
# XXX: Respect extensions.
440
return self.projects.find(Project.deadline > datetime.datetime.now())
442
def has_worksheet_cutoff_passed(self, user):
443
"""Check whether the worksheet cutoff has passed.
444
A user is required, in case we support extensions.
446
if self.worksheet_cutoff is None:
449
return self.worksheet_cutoff < datetime.datetime.now()
451
def clone_worksheets(self, source):
452
"""Clone all worksheets from the specified source to this offering."""
453
import ivle.worksheet.utils
454
for worksheet in source.worksheets:
456
newws.seq_no = worksheet.seq_no
457
newws.identifier = worksheet.identifier
458
newws.name = worksheet.name
459
newws.assessable = worksheet.assessable
460
newws.published = worksheet.published
461
newws.data = worksheet.data
462
newws.format = worksheet.format
463
newws.offering = self
464
Store.of(self).add(newws)
465
ivle.worksheet.utils.update_exerciselist(newws)
468
394
class Enrolment(Storm):
469
395
"""An enrolment of a user in an offering.
534
447
return "<%s %d in %r>" % (type(self).__name__, self.id,
537
def get_permissions(self, user, config):
538
return self.offering.get_permissions(user, config)
540
def get_groups_for_user(self, user):
541
"""List all groups in this offering of which the user is a member."""
543
return Store.of(self).find(
545
ProjectGroupMembership.user_id == user.id,
546
ProjectGroupMembership.project_group_id == ProjectGroup.id,
547
ProjectGroup.project_set_id == self.id)
549
def get_submission_principal(self, user):
550
"""Get the principal on behalf of which the user can submit.
552
If this is a solo project set, the given user is returned. If
553
the user is a member of exactly one group, all the group is
554
returned. Otherwise, None is returned.
557
groups = self.get_groups_for_user(user)
558
if groups.count() == 1:
567
return self.max_students_per_group is not None
450
def get_permissions(self, user):
451
return self.offering.get_permissions(user)
570
454
def assigned(self):
573
457
This will be a Storm ResultSet.
575
459
#If its a solo project, return everyone in offering
460
if self.max_students_per_group is None:
461
return self.offering.students
577
463
return self.project_groups
579
return self.offering.students
581
class DeadlinePassed(Exception):
582
"""An exception indicating that a project cannot be submitted because the
583
deadline has passed."""
587
return "The project deadline has passed"
589
465
class Project(Storm):
590
466
"""A student project for which submissions can be made."""
612
488
return "<%s '%s' in %r>" % (type(self).__name__, self.short_name,
613
489
self.project_set.offering)
615
def can_submit(self, principal, user, late=False):
617
@param late: If True, does not take the deadline into account.
491
def can_submit(self, principal):
619
492
return (self in principal.get_projects() and
620
(late or not self.has_deadline_passed(user)))
493
self.deadline > datetime.datetime.now())
622
def submit(self, principal, path, revision, who, late=False):
495
def submit(self, principal, path, revision, who):
623
496
"""Submit a Subversion path and revision to a project.
625
498
@param principal: The owner of the Subversion repository, and the
627
500
@param path: A path within that repository to submit.
628
501
@param revision: The revision of that path to submit.
629
502
@param who: The user who is actually making the submission.
630
@param late: If True, will not raise a DeadlinePassed exception even
631
after the deadline. (Default False.)
634
if not self.can_submit(principal, who, late=late):
635
raise DeadlinePassed()
505
if not self.can_submit(principal):
506
raise Exception('cannot submit')
637
508
a = Assessed.get(Store.of(self), principal, self)
638
509
ps = ProjectSubmission()
639
# Raise SubmissionError if the path is illegal
640
ps.path = ProjectSubmission.test_and_normalise_path(path)
641
511
ps.revision = revision
642
512
ps.date_submitted = datetime.datetime.now()
664
def has_deadline_passed(self, user):
665
"""Check whether the deadline has passed."""
666
# XXX: Need to respect extensions.
667
return self.deadline < datetime.datetime.now()
669
def get_submissions_for_principal(self, principal):
670
"""Fetch a ResultSet of all submissions by a particular principal."""
671
assessed = Assessed.get(Store.of(self), principal, self)
674
return assessed.submissions
677
def can_delete(self):
678
"""Can only delete if there are no submissions."""
679
return self.submissions.count() == 0
682
"""Delete the project. Fails if can_delete is False."""
683
if not self.can_delete:
684
raise IntegrityError()
685
for assessed in self.assesseds:
687
Store.of(self).remove(self)
689
535
class ProjectGroup(Storm):
690
536
"""A group of students working together on a project."""
740
580
Semester.id == Offering.semester_id,
741
581
(not active_only) or (Semester.state == u'current'))
743
def get_svn_url(self, config):
744
"""Get the subversion repository URL for this user or group."""
745
url = config['urls']['svn_addr']
746
path = 'groups/%s_%s_%s_%s' % (
747
self.project_set.offering.subject.short_name,
748
self.project_set.offering.semester.year,
749
self.project_set.offering.semester.url_name,
752
return urlparse.urljoin(url, path)
754
def get_permissions(self, user, config):
584
def get_permissions(self, user):
755
585
if user.admin or user in self.members:
756
586
return set(['submit_project'])
793
623
project = Reference(project_id, Project.id)
795
625
extensions = ReferenceSet(id, 'ProjectExtension.assessed_id')
796
submissions = ReferenceSet(
797
id, 'ProjectSubmission.assessed_id', order_by='date_submitted')
626
submissions = ReferenceSet(id, 'ProjectSubmission.assessed_id')
799
628
def __repr__(self):
800
629
return "<%s %r in %r>" % (type(self).__name__,
801
630
self.user or self.project_group, self.project)
805
"""True if the Assessed is a group, False if it is a user."""
806
return self.project_group is not None
809
633
def principal(self):
810
634
return self.project_group or self.user
813
def checkout_location(self):
814
"""Returns the location of the Subversion workspace for this piece of
815
assessment, relative to each group member's home directory."""
816
subjectname = self.project.project_set.offering.subject.short_name
818
checkout_dir_name = self.principal.short_name
820
checkout_dir_name = "mywork"
821
return subjectname + "/" + checkout_dir_name
824
637
def get(cls, store, principal, project):
825
638
"""Find or create an Assessed for the given user or group and project.
867
672
id = Int(name="extensionid", primary=True)
868
673
assessed_id = Int(name="assessedid")
869
674
assessed = Reference(assessed_id, Assessed.id)
675
deadline = DateTime()
871
676
approver_id = Int(name="approver")
872
677
approver = Reference(approver_id, User.id)
873
678
notes = Unicode()
876
"""Delete the extension."""
877
Store.of(self).remove(self)
879
class SubmissionError(Exception):
880
"""Denotes a validation error during submission."""
883
680
class ProjectSubmission(Storm):
884
681
"""A submission from a user or group repository to a particular project.
901
698
submitter = Reference(submitter_id, User.id)
902
699
date_submitted = DateTime()
904
def get_verify_url(self, user):
905
"""Get the URL for verifying this submission, within the account of
907
# If this is a solo project, then self.path will be prefixed with the
908
# subject name. Remove the first path segment.
909
submitpath = self.path[1:] if self.path[:1] == '/' else self.path
910
if not self.assessed.is_group:
911
if '/' in submitpath:
912
submitpath = submitpath.split('/', 1)[1]
915
return "/files/%s/%s/%s?r=%d" % (user.login,
916
self.assessed.checkout_location, submitpath, self.revision)
918
def get_svn_url(self, config):
919
"""Get subversion URL for this submission"""
920
princ = self.assessed.principal
921
base = princ.get_svn_url(config)
922
if self.path.startswith(os.sep):
923
return os.path.join(base,
924
urllib.quote(self.path[1:].encode('utf-8')))
926
return os.path.join(base, urllib.quote(self.path.encode('utf-8')))
928
def get_svn_export_command(self, req):
929
"""Returns a Unix shell command to export a submission"""
930
svn_url = self.get_svn_url(req.config)
931
_, ext = os.path.splitext(svn_url)
932
username = (req.user.login if req.user.login.isalnum() else
933
"'%s'"%req.user.login)
934
# Export to a file or directory relative to the current directory,
935
# with the student's login name, appended with the submitted file's
937
export_path = self.assessed.principal.short_name + ext
938
return "svn export --username %s -r%d '%s' %s"%(req.user.login,
939
self.revision, svn_url, export_path)
942
def test_and_normalise_path(path):
943
"""Test that path is valid, and normalise it. This prevents possible
944
injections using malicious paths.
945
Returns the updated path, if successful.
946
Raises SubmissionError if invalid.
948
# Ensure the path is absolute to prevent being tacked onto working
950
# Prevent '\n' because it will break all sorts of things.
951
# Prevent '[' and ']' because they can be used to inject into the
953
# Normalise to avoid resulting in ".." path segments.
954
if not os.path.isabs(path):
955
raise SubmissionError("Path is not absolute")
956
if any(c in path for c in "\n[]"):
957
raise SubmissionError("Path must not contain '\\n', '[' or ']'")
958
return os.path.normpath(path)
962
"""True if the project was submitted late."""
963
return self.days_late > 0
967
"""The number of days the project was submitted late (rounded up), or
969
# XXX: Need to respect extensions.
971
(self.date_submitted - self.assessed.project.deadline).days + 1)
973
702
# WORKSHEETS AND EXERCISES #
1006
734
def __repr__(self):
1007
735
return "<%s %s>" % (type(self).__name__, self.name)
1009
def get_permissions(self, user, config):
1010
return self.global_permissions(user, config)
1013
def global_permissions(user, config):
1014
"""Gets the set of permissions this user has over *all* exercises.
1015
This is used to determine who may view the exercises list, and create
737
def get_permissions(self, user):
1019
740
if user is not None:
1023
744
elif u'lecturer' in set((e.role for e in user.active_enrolments)):
1024
745
perms.add('edit')
1025
746
perms.add('view')
1026
elif (config['policy']['tutors_can_edit_worksheets']
1027
and u'tutor' in set((e.role for e in user.active_enrolments))):
1028
# Site-specific policy on the role of tutors
747
elif u'tutor' in set((e.role for e in user.active_enrolments)):
1029
748
perms.add('edit')
1030
749
perms.add('view')
1034
def _cache_description_xhtml(self, invalidate=False):
1035
# Don't regenerate an existing cache unless forced.
1036
if self._description_xhtml_cache is not None and not invalidate:
1039
if self.description:
1040
self._description_xhtml_cache = rst(self.description)
1042
self._description_xhtml_cache = None
1045
def description_xhtml(self):
1046
"""The XHTML exercise description, converted from reStructuredText."""
1047
self._cache_description_xhtml()
1048
return self._description_xhtml_cache
1050
def set_description(self, description):
1051
self.description = description
1052
self._cache_description_xhtml(invalidate=True)
753
def get_description(self):
754
"""Return the description interpreted as reStructuredText."""
755
return rst(self.description)
1054
757
def delete(self):
1055
758
"""Deletes the exercise, providing it has no associated worksheets."""
1110
811
store.find(WorksheetExercise,
1111
812
WorksheetExercise.worksheet == self).remove()
1113
def get_permissions(self, user, config):
1114
offering_perms = self.offering.get_permissions(user, config)
1118
# Anybody who can view an offering can view a published
1120
if 'view' in offering_perms and self.published:
1123
# Any worksheet editors can both view and edit.
1124
if 'edit_worksheets' in offering_perms:
1130
def _cache_data_xhtml(self, invalidate=False):
1131
# Don't regenerate an existing cache unless forced.
1132
if self._data_xhtml_cache is not None and not invalidate:
1135
if self.format == u'rst':
1136
self._data_xhtml_cache = rst(self.data)
1138
self._data_xhtml_cache = None
1141
def data_xhtml(self):
1142
"""The XHTML of this worksheet, converted from rST if required."""
1143
# Update the rST -> XHTML cache, if required.
1144
self._cache_data_xhtml()
1146
if self.format == u'rst':
1147
return self._data_xhtml_cache
814
def get_permissions(self, user):
815
return self.offering.get_permissions(user)
818
"""Returns the xml of this worksheet, converts from rst if required."""
819
if self.format == u'rst':
820
ws_xml = rst(self.data)
1149
823
return self.data
1151
def set_data(self, data):
1153
self._cache_data_xhtml(invalidate=True)
1155
825
def delete(self):
1156
826
"""Deletes the worksheet, provided it has no attempts on any exercises.
1193
863
return "<%s %s in %s>" % (type(self).__name__, self.exercise.name,
1194
864
self.worksheet.identifier)
1196
def get_permissions(self, user, config):
1197
return self.worksheet.get_permissions(user, config)
866
def get_permissions(self, user):
867
return self.worksheet.get_permissions(user)
1200
870
class ExerciseSave(Storm):
added
removed
ivle/database.py
