diff options
author | jayparikh111 | 2012-02-22 16:02:07 +0530 |
---|---|---|
committer | jayparikh111 | 2012-02-22 16:02:07 +0530 |
commit | f2d65592affd34bc60cf4a3a2c72de1d84c934c0 (patch) | |
tree | 907639272648fd5976c052a8635c40aee8d53cbd /testapp/exam/views.py | |
parent | 2b6b595ca8652696ab9059add8ea54661cab5f31 (diff) | |
download | online_test-f2d65592affd34bc60cf4a3a2c72de1d84c934c0.tar.gz online_test-f2d65592affd34bc60cf4a3a2c72de1d84c934c0.tar.bz2 online_test-f2d65592affd34bc60cf4a3a2c72de1d84c934c0.zip |
Changes related to Authentication of Moderator
Diffstat (limited to 'testapp/exam/views.py')
-rw-r--r-- | testapp/exam/views.py | 76 |
1 files changed, 49 insertions, 27 deletions
diff --git a/testapp/exam/views.py b/testapp/exam/views.py index c2296f3..bc2290b 100644 --- a/testapp/exam/views.py +++ b/testapp/exam/views.py @@ -58,6 +58,8 @@ def index(request): """ user = request.user if user.is_authenticated(): + if user.groups.filter(name='moderator').count() > 0: + return my_redirect('/exam/manage/') return my_redirect("/exam/start/") return my_redirect("/exam/login/") @@ -92,7 +94,9 @@ def user_register(request): def add_question(request,question_id=None): """To add a new question in the database. Create a new question and store it.""" - + user = request.user + if not user.is_authenticated() or user.groups.filter(name='moderator').count() == 0 : + raise Http404('You are not allowed to view this page!') if request.method == "POST": form = QuestionForm(request.POST) if form.is_valid(): @@ -140,6 +144,9 @@ def add_question(request,question_id=None): def add_quiz(request,quiz_id=None): + user = request.user + if not user.is_authenticated() or user.groups.filter(name='moderator').count() == 0 : + raise Http404('You are not allowed to view this page!') if request.method == "POST": form = QuizForm(request.POST) if form.is_valid(): @@ -182,14 +189,18 @@ def add_quiz(request,quiz_id=None): def prof_manage(request): """Take credentials of the user with professor/moderator rights/permissions and log in.""" - - return render_to_response('manage.html',{}) + user = request.user + if user.is_authenticated() and user.groups.filter(name='moderator').count() > 0: + return render_to_response('manage.html',{}) + return my_redirect('/exam/login/') def user_login(request): """Take the credentials of the user and log the user in.""" user = request.user if user.is_authenticated(): + if user.groups.filter(name='moderator').count() > 0 : + return my_redirect('/exam/manage/') return my_redirect("/exam/start/") if request.method == "POST": @@ -197,7 +208,9 @@ def user_login(request): if form.is_valid(): user = form.cleaned_data login(request, user) - return my_redirect("/exam/start/") + if user.groups.filter(name='moderator').count() > 0 : + return my_redirect('/exam/manage/') + return my_redirect('/exam/start/') else: context = {"form": form} return my_render_to_response('exam/login.html', context, @@ -358,6 +371,8 @@ def complete(request,reason = None): user = request.user no = False message = reason or 'The quiz has been completed. Thank you.' + if user.groups.filter(name='moderator').count() > 0: + message = 'You are successfully Logged out. Thanks for spending some time with the application' if request.method == 'POST' and 'no' in request.POST: no = True if not no: @@ -372,7 +387,7 @@ def monitor(request, quiz_id=None): """Monitor the progress of the papers taken so far.""" user = request.user - if not user.is_authenticated() and not user.is_staff: + if not user.is_authenticated() or user.groups.filter(name='moderator').count() == 0: raise Http404('You are not allowed to view this page!') if quiz_id is None: @@ -416,7 +431,9 @@ def get_user_data(username): def show_all_users(request): """Shows all the users who have taken various exams/quiz.""" - + user = request.user + if not user.is_authenticated() or user.groups.filter(name='moderator').count() == 0: + raise Http404('You are not allowed to view this page !') user = User.objects.filter(username__contains="") context = { 'user':user } print context @@ -424,6 +441,9 @@ def show_all_users(request): def show_all_quiz(request): """Generates a list of all the quizzes that are currently in the database.""" + user = request.user + if not user.is_authenticated() or user.groups.filter(name='moderator').count() == 0: + raise Http404('You are not allowed to view this page !') if request.method == 'POST': data = request.POST.getlist('quiz') @@ -453,39 +473,41 @@ def show_all_quiz(request): def show_all_questions(request): - """Show a list of all the questions currently in the databse.""" + """Show a list of all the questions currently in the databse.""" + user = request.user + if not user.is_authenticated() or user.groups.filter(name='moderator').count() == 0 : + raise Http404("You are not allowed to view this page !") - if request.method == 'POST': - data = request.POST.getlist('question') - if data == None: - questions = Question.objects.all() - context = {'papers': [], - 'question': None, - 'questions':questions} - return my_render_to_response('exam/showquestions.html', context, + if request.method == 'POST': + data = request.POST.getlist('question') + if data == None: + questions = Question.objects.all() + context = {'papers': [], + 'question': None, + 'questions':questions} + return my_render_to_response('exam/showquestions.html', context, context_instance=RequestContext(request)) - for i in data: - question = Question.objects.get(id=i).delete() - questions = Question.objects.all() - context = {'papers': [], + for i in data: + question = Question.objects.get(id=i).delete() + questions = Question.objects.all() + context = {'papers': [], 'question': None, 'questions':questions} - return my_render_to_response('exam/showquestions.html', context, + return my_render_to_response('exam/showquestions.html', context, context_instance=RequestContext(request)) - else: - - questions = Question.objects.all() - context = {'papers': [], + else: + questions = Question.objects.all() + context = {'papers': [], 'question': None, 'questions':questions} - return my_render_to_response('exam/showquestions.html', context, + return my_render_to_response('exam/showquestions.html', context, context_instance=RequestContext(request)) def user_data(request, username): """Render user data.""" current_user = request.user - if not current_user.is_authenticated() and not current_user.is_staff: + if not current_user.is_authenticated() or current_user.groups.filter(name='moderator').count() == 0: raise Http404('You are not allowed to view this page!') data = get_user_data(username) @@ -499,7 +521,7 @@ def grade_user(request, username): and update all their marks and also give comments for each paper. """ current_user = request.user - if not current_user.is_authenticated() and not current_user.is_staff: + if not current_user.is_authenticated() or current_user.groups.filter(name='moderator').count() == 0: raise Http404('You are not allowed to view this page!') data = get_user_data(username) |