215
218
Semester.id == Offering.semester_id,
216
219
(not active_only) or (Semester.state == u'current'),
217
220
Enrolment.offering_id == Offering.id,
218
Enrolment.user_id == self.id)
221
Enrolment.user_id == self.id,
222
Enrolment.active == True)
221
225
def hash_password(password):
227
231
"""Find a user in a store by login name."""
228
232
return store.find(cls, cls.login == unicode(login)).one()
230
def get_permissions(self, user):
234
def get_svn_url(self, config):
235
"""Get the subversion repository URL for this user or group."""
236
url = config['urls']['svn_addr']
237
path = 'users/%s' % self.login
238
return urlparse.urljoin(url, path)
240
def get_permissions(self, user, config):
231
241
"""Determine privileges held by a user over this object.
233
243
If the user requesting privileges is this user or an admin,
234
244
they may do everything. Otherwise they may do nothing.
236
246
if user and user.admin or user is self:
237
return set(['view', 'edit', 'submit_project'])
247
return set(['view_public', 'view', 'edit', 'submit_project'])
249
return set(['view_public'])
241
251
# SUBJECTS AND ENROLMENTS #
322
333
subject = Reference(subject_id, Subject.id)
323
334
semester_id = Int(name="semesterid")
324
335
semester = Reference(semester_id, Semester.id)
336
description = Unicode()
338
show_worksheet_marks = Bool()
339
worksheet_cutoff = DateTime()
325
340
groups_student_permissions = Unicode()
327
342
enrolments = ReferenceSet(id, 'Enrolment.offering_id')
366
385
Enrolment.offering_id == self.id).one()
367
386
Store.of(enrolment).remove(enrolment)
369
def get_permissions(self, user):
388
def get_permissions(self, user, config):
371
390
if user is not None:
372
391
enrolment = self.get_enrolment(user)
373
392
if enrolment or user.admin:
374
393
perms.add('view')
375
if (enrolment and enrolment.role in (u'tutor', u'lecturer')) \
394
if enrolment and enrolment.role == u'tutor':
395
perms.add('view_project_submissions')
396
# Site-specific policy on the role of tutors
397
if config['policy']['tutors_can_enrol_students']:
399
perms.add('enrol_student')
400
if config['policy']['tutors_can_edit_worksheets']:
401
perms.add('edit_worksheets')
402
if config['policy']['tutors_can_admin_groups']:
403
perms.add('admin_groups')
404
if (enrolment and enrolment.role in (u'lecturer')) or user.admin:
405
perms.add('view_project_submissions')
406
perms.add('admin_groups')
407
perms.add('edit_worksheets')
408
perms.add('view_worksheet_marks')
409
perms.add('edit') # Can edit projects & details
410
perms.add('enrol') # Can see enrolment screen at all
411
perms.add('enrol_student') # Can enrol students
412
perms.add('enrol_tutor') # Can enrol tutors
414
perms.add('enrol_lecturer') # Can enrol lecturers
380
417
def get_enrolment(self, user):
391
428
Enrolment.user_id == User.id,
392
429
Enrolment.offering_id == self.id,
393
430
Enrolment.role == role
431
).order_by(User.login)
397
434
def students(self):
398
435
return self.get_members_by_role(u'student')
437
def get_open_projects_for_user(self, user):
438
"""Find all projects currently open to submissions by a user."""
439
# XXX: Respect extensions.
440
return self.projects.find(Project.deadline > datetime.datetime.now())
442
def has_worksheet_cutoff_passed(self, user):
443
"""Check whether the worksheet cutoff has passed.
444
A user is required, in case we support extensions.
446
if self.worksheet_cutoff is None:
449
return self.worksheet_cutoff < datetime.datetime.now()
451
def clone_worksheets(self, source):
452
"""Clone all worksheets from the specified source to this offering."""
453
import ivle.worksheet.utils
454
for worksheet in source.worksheets:
456
newws.seq_no = worksheet.seq_no
457
newws.identifier = worksheet.identifier
458
newws.name = worksheet.name
459
newws.assessable = worksheet.assessable
460
newws.published = worksheet.published
461
newws.data = worksheet.data
462
newws.format = worksheet.format
463
newws.offering = self
464
Store.of(self).add(newws)
465
ivle.worksheet.utils.update_exerciselist(newws)
400
468
class Enrolment(Storm):
401
469
"""An enrolment of a user in an offering.
428
496
return "<%s %r in %r>" % (type(self).__name__, self.user,
499
def get_permissions(self, user, config):
500
# A user can edit any enrolment that they could have created.
502
if ('enrol_' + str(self.role)) in self.offering.get_permissions(
508
"""Delete this enrolment."""
509
Store.of(self).remove(self)
433
514
class ProjectSet(Storm):
453
534
return "<%s %d in %r>" % (type(self).__name__, self.id,
456
def get_permissions(self, user):
457
return self.offering.get_permissions(user)
537
def get_permissions(self, user, config):
538
return self.offering.get_permissions(user, config)
540
def get_groups_for_user(self, user):
541
"""List all groups in this offering of which the user is a member."""
543
return Store.of(self).find(
545
ProjectGroupMembership.user_id == user.id,
546
ProjectGroupMembership.project_group_id == ProjectGroup.id,
547
ProjectGroup.project_set_id == self.id)
549
def get_submission_principal(self, user):
550
"""Get the principal on behalf of which the user can submit.
552
If this is a solo project set, the given user is returned. If
553
the user is a member of exactly one group, all the group is
554
returned. Otherwise, None is returned.
557
groups = self.get_groups_for_user(user)
558
if groups.count() == 1:
567
return self.max_students_per_group is not None
460
570
def assigned(self):
463
573
This will be a Storm ResultSet.
465
575
#If its a solo project, return everyone in offering
466
if self.max_students_per_group is None:
577
return self.project_groups
467
579
return self.offering.students
469
return self.project_groups
581
class DeadlinePassed(Exception):
582
"""An exception indicating that a project cannot be submitted because the
583
deadline has passed."""
587
return "The project deadline has passed"
471
589
class Project(Storm):
472
590
"""A student project for which submissions can be made."""
494
612
return "<%s '%s' in %r>" % (type(self).__name__, self.short_name,
495
613
self.project_set.offering)
497
def can_submit(self, principal):
615
def can_submit(self, principal, user, late=False):
617
@param late: If True, does not take the deadline into account.
498
619
return (self in principal.get_projects() and
499
self.deadline > datetime.datetime.now())
620
(late or not self.has_deadline_passed(user)))
501
def submit(self, principal, path, revision, who):
622
def submit(self, principal, path, revision, who, late=False):
502
623
"""Submit a Subversion path and revision to a project.
504
625
@param principal: The owner of the Subversion repository, and the
506
627
@param path: A path within that repository to submit.
507
628
@param revision: The revision of that path to submit.
508
629
@param who: The user who is actually making the submission.
630
@param late: If True, will not raise a DeadlinePassed exception even
631
after the deadline. (Default False.)
511
if not self.can_submit(principal):
512
raise Exception('cannot submit')
634
if not self.can_submit(principal, who, late=late):
635
raise DeadlinePassed()
514
637
a = Assessed.get(Store.of(self), principal, self)
515
638
ps = ProjectSubmission()
639
# Raise SubmissionError if the path is illegal
640
ps.path = ProjectSubmission.test_and_normalise_path(path)
517
641
ps.revision = revision
518
642
ps.date_submitted = datetime.datetime.now()
664
def has_deadline_passed(self, user):
665
"""Check whether the deadline has passed."""
666
# XXX: Need to respect extensions.
667
return self.deadline < datetime.datetime.now()
669
def get_submissions_for_principal(self, principal):
670
"""Fetch a ResultSet of all submissions by a particular principal."""
671
assessed = Assessed.get(Store.of(self), principal, self)
674
return assessed.submissions
677
def can_delete(self):
678
"""Can only delete if there are no submissions."""
679
return self.submissions.count() == 0
682
"""Delete the project. Fails if can_delete is False."""
683
if not self.can_delete:
684
raise IntegrityError()
685
for assessed in self.assesseds:
687
Store.of(self).remove(self)
541
689
class ProjectGroup(Storm):
542
690
"""A group of students working together on a project."""
592
740
Semester.id == Offering.semester_id,
593
741
(not active_only) or (Semester.state == u'current'))
743
def get_svn_url(self, config):
744
"""Get the subversion repository URL for this user or group."""
745
url = config['urls']['svn_addr']
746
path = 'groups/%s_%s_%s_%s' % (
747
self.project_set.offering.subject.short_name,
748
self.project_set.offering.semester.year,
749
self.project_set.offering.semester.url_name,
752
return urlparse.urljoin(url, path)
596
def get_permissions(self, user):
754
def get_permissions(self, user, config):
597
755
if user.admin or user in self.members:
598
756
return set(['submit_project'])
635
793
project = Reference(project_id, Project.id)
637
795
extensions = ReferenceSet(id, 'ProjectExtension.assessed_id')
638
submissions = ReferenceSet(id, 'ProjectSubmission.assessed_id')
796
submissions = ReferenceSet(
797
id, 'ProjectSubmission.assessed_id', order_by='date_submitted')
640
799
def __repr__(self):
641
800
return "<%s %r in %r>" % (type(self).__name__,
650
809
def principal(self):
651
810
return self.project_group or self.user
813
def checkout_location(self):
814
"""Returns the location of the Subversion workspace for this piece of
815
assessment, relative to each group member's home directory."""
816
subjectname = self.project.project_set.offering.subject.short_name
818
checkout_dir_name = self.principal.short_name
820
checkout_dir_name = "mywork"
821
return subjectname + "/" + checkout_dir_name
654
824
def get(cls, store, principal, project):
655
825
"""Find or create an Assessed for the given user or group and project.
689
867
id = Int(name="extensionid", primary=True)
690
868
assessed_id = Int(name="assessedid")
691
869
assessed = Reference(assessed_id, Assessed.id)
692
deadline = DateTime()
693
871
approver_id = Int(name="approver")
694
872
approver = Reference(approver_id, User.id)
695
873
notes = Unicode()
876
"""Delete the extension."""
877
Store.of(self).remove(self)
879
class SubmissionError(Exception):
880
"""Denotes a validation error during submission."""
697
883
class ProjectSubmission(Storm):
698
884
"""A submission from a user or group repository to a particular project.
715
901
submitter = Reference(submitter_id, User.id)
716
902
date_submitted = DateTime()
904
def get_verify_url(self, user):
905
"""Get the URL for verifying this submission, within the account of
907
# If this is a solo project, then self.path will be prefixed with the
908
# subject name. Remove the first path segment.
909
submitpath = self.path[1:] if self.path[:1] == '/' else self.path
910
if not self.assessed.is_group:
911
if '/' in submitpath:
912
submitpath = submitpath.split('/', 1)[1]
915
return "/files/%s/%s/%s?r=%d" % (user.login,
916
self.assessed.checkout_location, submitpath, self.revision)
918
def get_svn_url(self, config):
919
"""Get subversion URL for this submission"""
920
princ = self.assessed.principal
921
base = princ.get_svn_url(config)
922
if self.path.startswith(os.sep):
923
return os.path.join(base,
924
urllib.quote(self.path[1:].encode('utf-8')))
926
return os.path.join(base, urllib.quote(self.path.encode('utf-8')))
928
def get_svn_export_command(self, req):
929
"""Returns a Unix shell command to export a submission"""
930
svn_url = self.get_svn_url(req.config)
931
username = (req.user.login if req.user.login.isalnum() else
932
"'%s'"%req.user.login)
933
export_dir = self.assessed.principal.short_name
934
return "svn export --username %s -r%d '%s' %s"%(req.user.login,
935
self.revision, svn_url, export_dir)
938
def test_and_normalise_path(path):
939
"""Test that path is valid, and normalise it. This prevents possible
940
injections using malicious paths.
941
Returns the updated path, if successful.
942
Raises SubmissionError if invalid.
944
# Ensure the path is absolute to prevent being tacked onto working
946
# Prevent '\n' because it will break all sorts of things.
947
# Prevent '[' and ']' because they can be used to inject into the
949
# Normalise to avoid resulting in ".." path segments.
950
if not os.path.isabs(path):
951
raise SubmissionError("Path is not absolute")
952
if any(c in path for c in "\n[]"):
953
raise SubmissionError("Path must not contain '\\n', '[' or ']'")
954
return os.path.normpath(path)
958
"""True if the project was submitted late."""
959
return self.days_late > 0
963
"""The number of days the project was submitted late (rounded up), or
965
# XXX: Need to respect extensions.
967
(self.date_submitted - self.assessed.project.deadline).days + 1)
719
969
# WORKSHEETS AND EXERCISES #
751
1002
def __repr__(self):
752
1003
return "<%s %s>" % (type(self).__name__, self.name)
754
def get_permissions(self, user):
1005
def get_permissions(self, user, config):
1006
return self.global_permissions(user, config)
1009
def global_permissions(user, config):
1010
"""Gets the set of permissions this user has over *all* exercises.
1011
This is used to determine who may view the exercises list, and create
757
1015
if user is not None:
761
1019
elif u'lecturer' in set((e.role for e in user.active_enrolments)):
762
1020
perms.add('edit')
763
1021
perms.add('view')
764
elif u'tutor' in set((e.role for e in user.active_enrolments)):
1022
elif (config['policy']['tutors_can_edit_worksheets']
1023
and u'tutor' in set((e.role for e in user.active_enrolments))):
1024
# Site-specific policy on the role of tutors
765
1025
perms.add('edit')
766
1026
perms.add('view')
770
def get_description(self):
771
"""Return the description interpreted as reStructuredText."""
772
return rst(self.description)
1030
def _cache_description_xhtml(self, invalidate=False):
1031
# Don't regenerate an existing cache unless forced.
1032
if self._description_xhtml_cache is not None and not invalidate:
1035
if self.description:
1036
self._description_xhtml_cache = rst(self.description)
1038
self._description_xhtml_cache = None
1041
def description_xhtml(self):
1042
"""The XHTML exercise description, converted from reStructuredText."""
1043
self._cache_description_xhtml()
1044
return self._description_xhtml_cache
1046
def set_description(self, description):
1047
self.description = description
1048
self._cache_description_xhtml(invalidate=True)
774
1050
def delete(self):
775
1051
"""Deletes the exercise, providing it has no associated worksheets."""
828
1106
store.find(WorksheetExercise,
829
1107
WorksheetExercise.worksheet == self).remove()
831
def get_permissions(self, user):
832
return self.offering.get_permissions(user)
835
"""Returns the xml of this worksheet, converts from rst if required."""
836
if self.format == u'rst':
837
ws_xml = rst(self.data)
1109
def get_permissions(self, user, config):
1110
offering_perms = self.offering.get_permissions(user, config)
1114
# Anybody who can view an offering can view a published
1116
if 'view' in offering_perms and self.published:
1119
# Any worksheet editors can both view and edit.
1120
if 'edit_worksheets' in offering_perms:
1126
def _cache_data_xhtml(self, invalidate=False):
1127
# Don't regenerate an existing cache unless forced.
1128
if self._data_xhtml_cache is not None and not invalidate:
1131
if self.format == u'rst':
1132
self._data_xhtml_cache = rst(self.data)
1134
self._data_xhtml_cache = None
1137
def data_xhtml(self):
1138
"""The XHTML of this worksheet, converted from rST if required."""
1139
# Update the rST -> XHTML cache, if required.
1140
self._cache_data_xhtml()
1142
if self.format == u'rst':
1143
return self._data_xhtml_cache
840
1145
return self.data
1147
def set_data(self, data):
1149
self._cache_data_xhtml(invalidate=True)
842
1151
def delete(self):
843
1152
"""Deletes the worksheet, provided it has no attempts on any exercises.
880
1189
return "<%s %s in %s>" % (type(self).__name__, self.exercise.name,
881
1190
self.worksheet.identifier)
883
def get_permissions(self, user):
884
return self.worksheet.get_permissions(user)
1192
def get_permissions(self, user, config):
1193
return self.worksheet.get_permissions(user, config)
887
1196
class ExerciseSave(Storm):
907
1216
def __repr__(self):
908
1217
return "<%s %s by %s at %s>" % (type(self).__name__,
909
self.exercise.name, self.user.login, self.date.strftime("%c"))
1218
self.worksheet_exercise.exercise.name, self.user.login,
1219
self.date.strftime("%c"))
911
1221
class ExerciseAttempt(ExerciseSave):
912
1222
"""An attempt at solving an exercise.