diff options
| author | CruiseDevice | 2020-04-15 21:19:09 +0530 |
|---|---|---|
| committer | CruiseDevice | 2020-04-15 21:19:09 +0530 |
| commit | 169228186d8c9ad880ee33c5190e49203d2c5243 (patch) | |
| tree | 4638c2069208b259375429a635b3f40545d75419 /yaksh/views.py | |
| parent | 508e0e78bb0bd3e8ebbad81e948f13de5c01b20f (diff) | |
| download | online_test-169228186d8c9ad880ee33c5190e49203d2c5243.tar.gz online_test-169228186d8c9ad880ee33c5190e49203d2c5243.tar.bz2 online_test-169228186d8c9ad880ee33c5190e49203d2c5243.zip | |
Resolve comments
- Fix "'image' attribute has no file associated with it" issue.
- Don't allow users who are not part of a course to see the discussion
forum of that course.
- Add Discussion forum link in moderator interface under course_details
page.
- Remove custom css for post and comments in Discussion forum. Use
bootstrap 'img-fluid' class instead. 'img-fluid' fills the height and
width of the card.
- Use instance.uid instead of just instance in get_image_dir.
Diffstat (limited to 'yaksh/views.py')
| -rw-r--r-- | yaksh/views.py | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/yaksh/views.py b/yaksh/views.py index 197891c..c154d4e 100644 --- a/yaksh/views.py +++ b/yaksh/views.py @@ -3198,6 +3198,9 @@ def download_course_progress(request, course_id): def course_forum(request, course_id): user = request.user course = get_object_or_404(Course, id=course_id) + if (not course.is_creator(user) and not course.is_teacher(user) + and not course.is_student(user)): + raise Http404('You are not enrolled in {0} course'.format(course.name)) posts = course.post.filter(active=True).order_by('-modified_at') if request.method == "POST": form = PostForm(request.POST, request.FILES) @@ -3225,6 +3228,10 @@ def post_comments(request, course_id, uuid): user = request.user post = get_object_or_404(Post, uid=uuid) comments = post.comment.filter(active=True) + course = get_object_or_404(Course, id=course_id) + if (not course.is_creator(user) and not course.is_teacher(user) + and not course.is_student(user)): + raise Http404('You are not enrolled in {0} course'.format(course.name)) form = CommentForm() if request.method == "POST": form = CommentForm(request.POST, request.FILES) @@ -3245,6 +3252,10 @@ def post_comments(request, course_id, uuid): @login_required @email_verified def hide_post(request, course_id, uuid): + course = get_object_or_404(Course, id=course_id) + if (not course.is_creator(user) and not course.is_teacher(user) + and not course.is_student(user)): + raise Http404('You are not enrolled in {0} course'.format(course.name)) post = get_object_or_404(Post, uid=uuid) post.comment.active = False post.active = False @@ -3253,6 +3264,10 @@ def hide_post(request, course_id, uuid): def hide_comment(request, course_id, uuid): + course = get_object_or_404(Course, id=course_id) + if (not course.is_creator(user) and not course.is_teacher(user) + and not course.is_student(user)): + raise Http404('You are not enrolled in {0} course'.format(course.name)) comment = get_object_or_404(Comment, uid=uuid) post_uid = comment.post_field.uid comment.active = False |