30
29
from storm.locals import create_database, Store, Int, Unicode, DateTime, \
31
30
Reference, ReferenceSet, Bool, Storm, Desc
216
215
Semester.id == Offering.semester_id,
217
216
(not active_only) or (Semester.state == u'current'),
218
217
Enrolment.offering_id == Offering.id,
219
Enrolment.user_id == self.id,
220
Enrolment.active == True)
218
Enrolment.user_id == self.id)
223
221
def hash_password(password):
229
227
"""Find a user in a store by login name."""
230
228
return store.find(cls, cls.login == unicode(login)).one()
232
def get_permissions(self, user, config):
230
def get_permissions(self, user):
233
231
"""Determine privileges held by a user over this object.
235
233
If the user requesting privileges is this user or an admin,
236
234
they may do everything. Otherwise they may do nothing.
238
236
if user and user.admin or user is self:
239
return set(['view_public', 'view', 'edit', 'submit_project'])
237
return set(['view', 'edit', 'submit_project'])
241
return set(['view_public'])
243
241
# SUBJECTS AND ENROLMENTS #
251
249
code = Unicode(name="subj_code")
252
250
name = Unicode(name="subj_name")
253
251
short_name = Unicode(name="subj_short_name")
255
254
offerings = ReferenceSet(id, 'Offering.subject_id')
259
258
def __repr__(self):
260
259
return "<%s '%s'>" % (type(self).__name__, self.short_name)
262
def get_permissions(self, user, config):
261
def get_permissions(self, user):
263
262
"""Determine privileges held by a user over this object.
265
264
If the user requesting privileges is an admin, they may edit.
323
322
subject = Reference(subject_id, Subject.id)
324
323
semester_id = Int(name="semesterid")
325
324
semester = Reference(semester_id, Semester.id)
326
description = Unicode()
328
show_worksheet_marks = Bool()
329
worksheet_cutoff = DateTime()
330
325
groups_student_permissions = Unicode()
332
327
enrolments = ReferenceSet(id, 'Enrolment.offering_id')
335
330
'Enrolment.user_id',
337
332
project_sets = ReferenceSet(id, 'ProjectSet.offering_id')
338
projects = ReferenceSet(id,
339
'ProjectSet.offering_id',
341
'Project.project_set_id')
343
334
worksheets = ReferenceSet(id,
344
335
'Worksheet.offering_id',
375
366
Enrolment.offering_id == self.id).one()
376
367
Store.of(enrolment).remove(enrolment)
378
def get_permissions(self, user, config):
369
def get_permissions(self, user):
380
371
if user is not None:
381
372
enrolment = self.get_enrolment(user)
382
373
if enrolment or user.admin:
383
374
perms.add('view')
384
if enrolment and enrolment.role == u'tutor':
385
perms.add('view_project_submissions')
386
# Site-specific policy on the role of tutors
387
if config['policy']['tutors_can_enrol_students']:
389
perms.add('enrol_student')
390
if config['policy']['tutors_can_edit_worksheets']:
391
perms.add('edit_worksheets')
392
if config['policy']['tutors_can_admin_groups']:
393
perms.add('admin_groups')
394
if (enrolment and enrolment.role in (u'lecturer')) or user.admin:
395
perms.add('view_project_submissions')
396
perms.add('admin_groups')
397
perms.add('edit_worksheets')
398
perms.add('view_worksheet_marks')
399
perms.add('edit') # Can edit projects & details
400
perms.add('enrol') # Can see enrolment screen at all
401
perms.add('enrol_student') # Can enrol students
402
perms.add('enrol_tutor') # Can enrol tutors
404
perms.add('enrol_lecturer') # Can enrol lecturers
375
if (enrolment and enrolment.role in (u'tutor', u'lecturer')) \
407
380
def get_enrolment(self, user):
418
391
Enrolment.user_id == User.id,
419
392
Enrolment.offering_id == self.id,
420
393
Enrolment.role == role
421
).order_by(User.login)
424
397
def students(self):
425
398
return self.get_members_by_role(u'student')
427
def get_open_projects_for_user(self, user):
428
"""Find all projects currently open to submissions by a user."""
429
# XXX: Respect extensions.
430
return self.projects.find(Project.deadline > datetime.datetime.now())
432
def clone_worksheets(self, source):
433
"""Clone all worksheets from the specified source to this offering."""
434
import ivle.worksheet.utils
435
for worksheet in source.worksheets:
437
newws.seq_no = worksheet.seq_no
438
newws.identifier = worksheet.identifier
439
newws.name = worksheet.name
440
newws.assessable = worksheet.assessable
441
newws.published = worksheet.published
442
newws.data = worksheet.data
443
newws.format = worksheet.format
444
newws.offering = self
445
Store.of(self).add(newws)
446
ivle.worksheet.utils.update_exerciselist(newws)
449
400
class Enrolment(Storm):
450
401
"""An enrolment of a user in an offering.
477
428
return "<%s %r in %r>" % (type(self).__name__, self.user,
480
def get_permissions(self, user, config):
481
# A user can edit any enrolment that they could have created.
483
if ('enrol_' + str(self.role)) in self.offering.get_permissions(
489
"""Delete this enrolment."""
490
Store.of(self).remove(self)
495
433
class ProjectSet(Storm):
515
453
return "<%s %d in %r>" % (type(self).__name__, self.id,
518
def get_permissions(self, user, config):
519
return self.offering.get_permissions(user, config)
521
def get_groups_for_user(self, user):
522
"""List all groups in this offering of which the user is a member."""
524
return Store.of(self).find(
526
ProjectGroupMembership.user_id == user.id,
527
ProjectGroupMembership.project_group_id == ProjectGroup.id,
528
ProjectGroup.project_set_id == self.id)
530
def get_submission_principal(self, user):
531
"""Get the principal on behalf of which the user can submit.
533
If this is a solo project set, the given user is returned. If
534
the user is a member of exactly one group, all the group is
535
returned. Otherwise, None is returned.
538
groups = self.get_groups_for_user(user)
539
if groups.count() == 1:
548
return self.max_students_per_group is not None
456
def get_permissions(self, user):
457
return self.offering.get_permissions(user)
551
460
def assigned(self):
554
463
This will be a Storm ResultSet.
556
465
#If its a solo project, return everyone in offering
466
if self.max_students_per_group is None:
467
return self.offering.students
558
469
return self.project_groups
560
return self.offering.students
562
class DeadlinePassed(Exception):
563
"""An exception indicating that a project cannot be submitted because the
564
deadline has passed."""
568
return "The project deadline has passed"
570
471
class Project(Storm):
571
472
"""A student project for which submissions can be made."""
593
494
return "<%s '%s' in %r>" % (type(self).__name__, self.short_name,
594
495
self.project_set.offering)
596
def can_submit(self, principal, user):
497
def can_submit(self, principal):
597
498
return (self in principal.get_projects() and
598
not self.has_deadline_passed(user))
499
self.deadline > datetime.datetime.now())
600
501
def submit(self, principal, path, revision, who):
601
502
"""Submit a Subversion path and revision to a project.
607
508
@param who: The user who is actually making the submission.
610
if not self.can_submit(principal, who):
611
raise DeadlinePassed()
511
if not self.can_submit(principal):
512
raise Exception('cannot submit')
613
514
a = Assessed.get(Store.of(self), principal, self)
614
515
ps = ProjectSubmission()
615
# Raise SubmissionError if the path is illegal
616
ps.path = ProjectSubmission.test_and_normalise_path(path)
617
517
ps.revision = revision
618
518
ps.date_submitted = datetime.datetime.now()
624
def get_permissions(self, user, config):
625
return self.project_set.offering.get_permissions(user, config)
524
def get_permissions(self, user):
525
return self.project_set.offering.get_permissions(user)
628
528
def latest_submissions(self):
640
def has_deadline_passed(self, user):
641
"""Check whether the deadline has passed."""
642
# XXX: Need to respect extensions.
643
return self.deadline < datetime.datetime.now()
645
def get_submissions_for_principal(self, principal):
646
"""Fetch a ResultSet of all submissions by a particular principal."""
647
assessed = Assessed.get(Store.of(self), principal, self)
650
return assessed.submissions
654
541
class ProjectGroup(Storm):
655
542
"""A group of students working together on a project."""
706
593
(not active_only) or (Semester.state == u'current'))
709
def get_permissions(self, user, config):
596
def get_permissions(self, user):
710
597
if user.admin or user in self.members:
711
598
return set(['submit_project'])
748
635
project = Reference(project_id, Project.id)
750
637
extensions = ReferenceSet(id, 'ProjectExtension.assessed_id')
751
submissions = ReferenceSet(
752
id, 'ProjectSubmission.assessed_id', order_by='date_submitted')
638
submissions = ReferenceSet(id, 'ProjectSubmission.assessed_id')
754
640
def __repr__(self):
755
641
return "<%s %r in %r>" % (type(self).__name__,
764
650
def principal(self):
765
651
return self.project_group or self.user
768
def checkout_location(self):
769
"""Returns the location of the Subversion workspace for this piece of
770
assessment, relative to each group member's home directory."""
771
subjectname = self.project.project_set.offering.subject.short_name
773
checkout_dir_name = self.principal.short_name
775
checkout_dir_name = "mywork"
776
return subjectname + "/" + checkout_dir_name
779
654
def get(cls, store, principal, project):
780
655
"""Find or create an Assessed for the given user or group and project.
789
664
a = store.find(cls,
790
665
(t is User) or (cls.project_group_id == principal.id),
791
666
(t is ProjectGroup) or (cls.user_id == principal.id),
792
cls.project_id == project.id).one()
667
Project.id == project.id).one()
819
694
approver = Reference(approver_id, User.id)
820
695
notes = Unicode()
822
class SubmissionError(Exception):
823
"""Denotes a validation error during submission."""
826
697
class ProjectSubmission(Storm):
827
698
"""A submission from a user or group repository to a particular project.
844
715
submitter = Reference(submitter_id, User.id)
845
716
date_submitted = DateTime()
847
def get_verify_url(self, user):
848
"""Get the URL for verifying this submission, within the account of
850
# If this is a solo project, then self.path will be prefixed with the
851
# subject name. Remove the first path segment.
852
submitpath = self.path[1:] if self.path[:1] == '/' else self.path
853
if not self.assessed.is_group:
854
if '/' in submitpath:
855
submitpath = submitpath.split('/', 1)[1]
858
return "/files/%s/%s/%s?r=%d" % (user.login,
859
self.assessed.checkout_location, submitpath, self.revision)
862
def test_and_normalise_path(path):
863
"""Test that path is valid, and normalise it. This prevents possible
864
injections using malicious paths.
865
Returns the updated path, if successful.
866
Raises SubmissionError if invalid.
868
# Ensure the path is absolute to prevent being tacked onto working
870
# Prevent '\n' because it will break all sorts of things.
871
# Prevent '[' and ']' because they can be used to inject into the
873
# Normalise to avoid resulting in ".." path segments.
874
if not os.path.isabs(path):
875
raise SubmissionError("Path is not absolute")
876
if any(c in path for c in "\n[]"):
877
raise SubmissionError("Path must not contain '\\n', '[' or ']'")
878
return os.path.normpath(path)
880
719
# WORKSHEETS AND EXERCISES #
912
751
def __repr__(self):
913
752
return "<%s %s>" % (type(self).__name__, self.name)
915
def get_permissions(self, user, config):
916
return self.global_permissions(user, config)
919
def global_permissions(user, config):
920
"""Gets the set of permissions this user has over *all* exercises.
921
This is used to determine who may view the exercises list, and create
754
def get_permissions(self, user):
925
757
if user is not None:
929
761
elif u'lecturer' in set((e.role for e in user.active_enrolments)):
930
762
perms.add('edit')
931
763
perms.add('view')
932
elif (config['policy']['tutors_can_edit_worksheets']
933
and u'tutor' in set((e.role for e in user.active_enrolments))):
934
# Site-specific policy on the role of tutors
764
elif u'tutor' in set((e.role for e in user.active_enrolments)):
935
765
perms.add('edit')
936
766
perms.add('view')
999
828
store.find(WorksheetExercise,
1000
829
WorksheetExercise.worksheet == self).remove()
1002
def get_permissions(self, user, config):
1003
offering_perms = self.offering.get_permissions(user, config)
1007
# Anybody who can view an offering can view a published
1009
if 'view' in offering_perms and self.published:
1012
# Any worksheet editors can both view and edit.
1013
if 'edit_worksheets' in offering_perms:
831
def get_permissions(self, user):
832
return self.offering.get_permissions(user)
1019
834
def get_xml(self):
1020
835
"""Returns the xml of this worksheet, converts from rst if required."""
1065
880
return "<%s %s in %s>" % (type(self).__name__, self.exercise.name,
1066
881
self.worksheet.identifier)
1068
def get_permissions(self, user, config):
1069
return self.worksheet.get_permissions(user, config)
883
def get_permissions(self, user):
884
return self.worksheet.get_permissions(user)
1072
887
class ExerciseSave(Storm):
1092
907
def __repr__(self):
1093
908
return "<%s %s by %s at %s>" % (type(self).__name__,
1094
self.worksheet_exercise.exercise.name, self.user.login,
1095
self.date.strftime("%c"))
909
self.exercise.name, self.user.login, self.date.strftime("%c"))
1097
911
class ExerciseAttempt(ExerciseSave):
1098
912
"""An attempt at solving an exercise.
1120
934
complete = Bool()
1123
def get_permissions(self, user, config):
937
def get_permissions(self, user):
1124
938
return set(['view']) if user is self.user else set()
1126
940
class TestSuite(Storm):
1146
960
def delete(self):
1147
961
"""Delete this suite, without asking questions."""
1148
for variable in self.variables:
962
for vaariable in self.variables:
1149
963
variable.delete()
1150
964
for test_case in self.test_cases:
1151
965
test_case.delete()
added
removed
ivle/database.py
