215
218
Semester.id == Offering.semester_id,
216
219
(not active_only) or (Semester.state == u'current'),
217
220
Enrolment.offering_id == Offering.id,
218
Enrolment.user_id == self.id)
221
Enrolment.user_id == self.id,
222
Enrolment.active == True)
221
225
def hash_password(password):
227
231
"""Find a user in a store by login name."""
228
232
return store.find(cls, cls.login == unicode(login)).one()
230
def get_permissions(self, user):
234
def get_svn_url(self, config):
235
"""Get the subversion repository URL for this user or group."""
236
url = config['urls']['svn_addr']
237
path = 'users/%s' % self.login
238
return urlparse.urljoin(url, path)
240
def get_permissions(self, user, config):
231
241
"""Determine privileges held by a user over this object.
233
243
If the user requesting privileges is this user or an admin,
234
244
they may do everything. Otherwise they may do nothing.
236
246
if user and user.admin or user is self:
237
return set(['view', 'edit', 'submit_project'])
247
return set(['view_public', 'view', 'edit', 'submit_project'])
249
return set(['view_public'])
241
251
# SUBJECTS AND ENROLMENTS #
258
267
def __repr__(self):
259
268
return "<%s '%s'>" % (type(self).__name__, self.short_name)
261
def get_permissions(self, user):
270
def get_permissions(self, user, config):
262
271
"""Determine privileges held by a user over this object.
264
273
If the user requesting privileges is an admin, they may edit.
322
331
subject = Reference(subject_id, Subject.id)
323
332
semester_id = Int(name="semesterid")
324
333
semester = Reference(semester_id, Semester.id)
334
description = Unicode()
336
show_worksheet_marks = Bool()
337
worksheet_cutoff = DateTime()
325
338
groups_student_permissions = Unicode()
327
340
enrolments = ReferenceSet(id, 'Enrolment.offering_id')
366
383
Enrolment.offering_id == self.id).one()
367
384
Store.of(enrolment).remove(enrolment)
369
def get_permissions(self, user):
386
def get_permissions(self, user, config):
371
388
if user is not None:
372
389
enrolment = self.get_enrolment(user)
373
390
if enrolment or user.admin:
374
391
perms.add('view')
375
if (enrolment and enrolment.role in (u'tutor', u'lecturer')) \
392
if enrolment and enrolment.role == u'tutor':
393
perms.add('view_project_submissions')
394
# Site-specific policy on the role of tutors
395
if config['policy']['tutors_can_enrol_students']:
397
perms.add('enrol_student')
398
if config['policy']['tutors_can_edit_worksheets']:
399
perms.add('edit_worksheets')
400
if config['policy']['tutors_can_admin_groups']:
401
perms.add('admin_groups')
402
if (enrolment and enrolment.role in (u'lecturer')) or user.admin:
403
perms.add('view_project_submissions')
404
perms.add('admin_groups')
405
perms.add('edit_worksheets')
406
perms.add('view_worksheet_marks')
407
perms.add('edit') # Can edit projects & details
408
perms.add('enrol') # Can see enrolment screen at all
409
perms.add('enrol_student') # Can enrol students
410
perms.add('enrol_tutor') # Can enrol tutors
412
perms.add('enrol_lecturer') # Can enrol lecturers
380
415
def get_enrolment(self, user):
391
426
Enrolment.user_id == User.id,
392
427
Enrolment.offering_id == self.id,
393
428
Enrolment.role == role
429
).order_by(User.login)
397
432
def students(self):
398
433
return self.get_members_by_role(u'student')
435
def get_open_projects_for_user(self, user):
436
"""Find all projects currently open to submissions by a user."""
437
# XXX: Respect extensions.
438
return self.projects.find(Project.deadline > datetime.datetime.now())
440
def has_worksheet_cutoff_passed(self, user):
441
"""Check whether the worksheet cutoff has passed.
442
A user is required, in case we support extensions.
444
if self.worksheet_cutoff is None:
447
return self.worksheet_cutoff < datetime.datetime.now()
449
def clone_worksheets(self, source):
450
"""Clone all worksheets from the specified source to this offering."""
451
import ivle.worksheet.utils
452
for worksheet in source.worksheets:
454
newws.seq_no = worksheet.seq_no
455
newws.identifier = worksheet.identifier
456
newws.name = worksheet.name
457
newws.assessable = worksheet.assessable
458
newws.published = worksheet.published
459
newws.data = worksheet.data
460
newws.format = worksheet.format
461
newws.offering = self
462
Store.of(self).add(newws)
463
ivle.worksheet.utils.update_exerciselist(newws)
400
466
class Enrolment(Storm):
401
467
"""An enrolment of a user in an offering.
428
494
return "<%s %r in %r>" % (type(self).__name__, self.user,
497
def get_permissions(self, user, config):
498
# A user can edit any enrolment that they could have created.
500
if ('enrol_' + str(self.role)) in self.offering.get_permissions(
506
"""Delete this enrolment."""
507
Store.of(self).remove(self)
433
512
class ProjectSet(Storm):
453
532
return "<%s %d in %r>" % (type(self).__name__, self.id,
456
def get_permissions(self, user):
457
return self.offering.get_permissions(user)
535
def get_permissions(self, user, config):
536
return self.offering.get_permissions(user, config)
538
def get_groups_for_user(self, user):
539
"""List all groups in this offering of which the user is a member."""
541
return Store.of(self).find(
543
ProjectGroupMembership.user_id == user.id,
544
ProjectGroupMembership.project_group_id == ProjectGroup.id,
545
ProjectGroup.project_set_id == self.id)
547
def get_submission_principal(self, user):
548
"""Get the principal on behalf of which the user can submit.
550
If this is a solo project set, the given user is returned. If
551
the user is a member of exactly one group, all the group is
552
returned. Otherwise, None is returned.
555
groups = self.get_groups_for_user(user)
556
if groups.count() == 1:
565
return self.max_students_per_group is not None
460
568
def assigned(self):
463
571
This will be a Storm ResultSet.
465
573
#If its a solo project, return everyone in offering
466
if self.max_students_per_group is None:
575
return self.project_groups
467
577
return self.offering.students
469
return self.project_groups
579
class DeadlinePassed(Exception):
580
"""An exception indicating that a project cannot be submitted because the
581
deadline has passed."""
585
return "The project deadline has passed"
471
587
class Project(Storm):
472
588
"""A student project for which submissions can be made."""
494
610
return "<%s '%s' in %r>" % (type(self).__name__, self.short_name,
495
611
self.project_set.offering)
497
def can_submit(self, principal):
613
def can_submit(self, principal, user):
498
614
return (self in principal.get_projects() and
499
self.deadline > datetime.datetime.now())
615
not self.has_deadline_passed(user))
501
617
def submit(self, principal, path, revision, who):
502
618
"""Submit a Subversion path and revision to a project.
508
624
@param who: The user who is actually making the submission.
511
if not self.can_submit(principal):
512
raise Exception('cannot submit')
627
if not self.can_submit(principal, who):
628
raise DeadlinePassed()
514
630
a = Assessed.get(Store.of(self), principal, self)
515
631
ps = ProjectSubmission()
632
# Raise SubmissionError if the path is illegal
633
ps.path = ProjectSubmission.test_and_normalise_path(path)
517
634
ps.revision = revision
518
635
ps.date_submitted = datetime.datetime.now()
524
def get_permissions(self, user):
525
return self.project_set.offering.get_permissions(user)
641
def get_permissions(self, user, config):
642
return self.project_set.offering.get_permissions(user, config)
528
645
def latest_submissions(self):
657
def has_deadline_passed(self, user):
658
"""Check whether the deadline has passed."""
659
# XXX: Need to respect extensions.
660
return self.deadline < datetime.datetime.now()
662
def get_submissions_for_principal(self, principal):
663
"""Fetch a ResultSet of all submissions by a particular principal."""
664
assessed = Assessed.get(Store.of(self), principal, self)
667
return assessed.submissions
670
def can_delete(self):
671
"""Can only delete if there are no submissions."""
672
return self.submissions.count() == 0
675
"""Delete the project. Fails if can_delete is False."""
676
if not self.can_delete:
677
raise IntegrityError()
678
for assessed in self.assesseds:
680
Store.of(self).remove(self)
541
682
class ProjectGroup(Storm):
542
683
"""A group of students working together on a project."""
592
733
Semester.id == Offering.semester_id,
593
734
(not active_only) or (Semester.state == u'current'))
736
def get_svn_url(self, config):
737
"""Get the subversion repository URL for this user or group."""
738
url = config['urls']['svn_addr']
739
path = 'groups/%s_%s_%s_%s' % (
740
self.project_set.offering.subject.short_name,
741
self.project_set.offering.semester.year,
742
self.project_set.offering.semester.semester,
745
return urlparse.urljoin(url, path)
596
def get_permissions(self, user):
747
def get_permissions(self, user, config):
597
748
if user.admin or user in self.members:
598
749
return set(['submit_project'])
635
786
project = Reference(project_id, Project.id)
637
788
extensions = ReferenceSet(id, 'ProjectExtension.assessed_id')
638
submissions = ReferenceSet(id, 'ProjectSubmission.assessed_id')
789
submissions = ReferenceSet(
790
id, 'ProjectSubmission.assessed_id', order_by='date_submitted')
640
792
def __repr__(self):
641
793
return "<%s %r in %r>" % (type(self).__name__,
650
802
def principal(self):
651
803
return self.project_group or self.user
806
def checkout_location(self):
807
"""Returns the location of the Subversion workspace for this piece of
808
assessment, relative to each group member's home directory."""
809
subjectname = self.project.project_set.offering.subject.short_name
811
checkout_dir_name = self.principal.short_name
813
checkout_dir_name = "mywork"
814
return subjectname + "/" + checkout_dir_name
654
817
def get(cls, store, principal, project):
655
818
"""Find or create an Assessed for the given user or group and project.
694
865
approver = Reference(approver_id, User.id)
695
866
notes = Unicode()
869
"""Delete the extension."""
870
Store.of(self).remove(self)
872
class SubmissionError(Exception):
873
"""Denotes a validation error during submission."""
697
876
class ProjectSubmission(Storm):
698
877
"""A submission from a user or group repository to a particular project.
715
894
submitter = Reference(submitter_id, User.id)
716
895
date_submitted = DateTime()
897
def get_verify_url(self, user):
898
"""Get the URL for verifying this submission, within the account of
900
# If this is a solo project, then self.path will be prefixed with the
901
# subject name. Remove the first path segment.
902
submitpath = self.path[1:] if self.path[:1] == '/' else self.path
903
if not self.assessed.is_group:
904
if '/' in submitpath:
905
submitpath = submitpath.split('/', 1)[1]
908
return "/files/%s/%s/%s?r=%d" % (user.login,
909
self.assessed.checkout_location, submitpath, self.revision)
911
def get_svn_url(self, config):
912
"""Get subversion URL for this submission"""
913
princ = self.assessed.principal
914
base = princ.get_svn_url(config)
915
if self.path.startswith(os.sep):
916
return os.path.join(base,
917
urllib.quote(self.path[1:].encode('utf-8')))
919
return os.path.join(base, urllib.quote(self.path.encode('utf-8')))
921
def get_svn_export_command(self, req):
922
"""Returns a Unix shell command to export a submission"""
923
svn_url = self.get_svn_url(req.config)
924
username = (req.user.login if req.user.login.isalnum() else
925
"'%s'"%req.user.login)
926
export_dir = self.assessed.principal.short_name
927
return "svn export --username %s -r%d '%s' %s"%(req.user.login,
928
self.revision, svn_url, export_dir)
931
def test_and_normalise_path(path):
932
"""Test that path is valid, and normalise it. This prevents possible
933
injections using malicious paths.
934
Returns the updated path, if successful.
935
Raises SubmissionError if invalid.
937
# Ensure the path is absolute to prevent being tacked onto working
939
# Prevent '\n' because it will break all sorts of things.
940
# Prevent '[' and ']' because they can be used to inject into the
942
# Normalise to avoid resulting in ".." path segments.
943
if not os.path.isabs(path):
944
raise SubmissionError("Path is not absolute")
945
if any(c in path for c in "\n[]"):
946
raise SubmissionError("Path must not contain '\\n', '[' or ']'")
947
return os.path.normpath(path)
719
949
# WORKSHEETS AND EXERCISES #
751
982
def __repr__(self):
752
983
return "<%s %s>" % (type(self).__name__, self.name)
754
def get_permissions(self, user):
985
def get_permissions(self, user, config):
986
return self.global_permissions(user, config)
989
def global_permissions(user, config):
990
"""Gets the set of permissions this user has over *all* exercises.
991
This is used to determine who may view the exercises list, and create
757
995
if user is not None:
761
999
elif u'lecturer' in set((e.role for e in user.active_enrolments)):
762
1000
perms.add('edit')
763
1001
perms.add('view')
764
elif u'tutor' in set((e.role for e in user.active_enrolments)):
1002
elif (config['policy']['tutors_can_edit_worksheets']
1003
and u'tutor' in set((e.role for e in user.active_enrolments))):
1004
# Site-specific policy on the role of tutors
765
1005
perms.add('edit')
766
1006
perms.add('view')
770
def get_description(self):
771
"""Return the description interpreted as reStructuredText."""
772
return rst(self.description)
1010
def _cache_description_xhtml(self, invalidate=False):
1011
# Don't regenerate an existing cache unless forced.
1012
if self._description_xhtml_cache is not None and not invalidate:
1015
if self.description:
1016
self._description_xhtml_cache = rst(self.description)
1018
self._description_xhtml_cache = None
1021
def description_xhtml(self):
1022
"""The XHTML exercise description, converted from reStructuredText."""
1023
self._cache_description_xhtml()
1024
return self._description_xhtml_cache
1026
def set_description(self, description):
1027
self.description = description
1028
self._cache_description_xhtml(invalidate=True)
774
1030
def delete(self):
775
1031
"""Deletes the exercise, providing it has no associated worksheets."""
828
1086
store.find(WorksheetExercise,
829
1087
WorksheetExercise.worksheet == self).remove()
831
def get_permissions(self, user):
832
return self.offering.get_permissions(user)
835
"""Returns the xml of this worksheet, converts from rst if required."""
836
if self.format == u'rst':
837
ws_xml = rst(self.data)
1089
def get_permissions(self, user, config):
1090
offering_perms = self.offering.get_permissions(user, config)
1094
# Anybody who can view an offering can view a published
1096
if 'view' in offering_perms and self.published:
1099
# Any worksheet editors can both view and edit.
1100
if 'edit_worksheets' in offering_perms:
1106
def _cache_data_xhtml(self, invalidate=False):
1107
# Don't regenerate an existing cache unless forced.
1108
if self._data_xhtml_cache is not None and not invalidate:
1111
if self.format == u'rst':
1112
self._data_xhtml_cache = rst(self.data)
1114
self._data_xhtml_cache = None
1117
def data_xhtml(self):
1118
"""The XHTML of this worksheet, converted from rST if required."""
1119
# Update the rST -> XHTML cache, if required.
1120
self._cache_data_xhtml()
1122
if self.format == u'rst':
1123
return self._data_xhtml_cache
840
1125
return self.data
1127
def set_data(self, data):
1129
self._cache_data_xhtml(invalidate=True)
842
1131
def delete(self):
843
1132
"""Deletes the worksheet, provided it has no attempts on any exercises.
880
1169
return "<%s %s in %s>" % (type(self).__name__, self.exercise.name,
881
1170
self.worksheet.identifier)
883
def get_permissions(self, user):
884
return self.worksheet.get_permissions(user)
1172
def get_permissions(self, user, config):
1173
return self.worksheet.get_permissions(user, config)
887
1176
class ExerciseSave(Storm):
907
1196
def __repr__(self):
908
1197
return "<%s %s by %s at %s>" % (type(self).__name__,
909
self.exercise.name, self.user.login, self.date.strftime("%c"))
1198
self.worksheet_exercise.exercise.name, self.user.login,
1199
self.date.strftime("%c"))
911
1201
class ExerciseAttempt(ExerciseSave):
912
1202
"""An attempt at solving an exercise.
added
removed
ivle/database.py
