1 files changed, 46 insertions, 66 deletions
diff --git a/yaksh/views.py b/yaksh/views.py
index 616c3cc..bfa36fd 100644
--- a/yaksh/views.py
+++ b/yaksh/views.py
@@ -35,6 +35,7 @@ from yaksh.forms import UserRegisterForm, UserLoginForm, QuizForm,\
 from yaksh.xmlrpc_clients import code_server
 from settings import URL_ROOT
 from yaksh.models import AssignmentUpload
+from file_utils import extract_files
 
 # The directory where user data can be saved.
 OUTPUT_DIR = abspath(join(dirname(__file__), 'output'))
@@ -83,21 +84,6 @@ def add_to_group(users):
             user.groups.add(group)
 
 
-def extract_files(questions_file):
-    if zipfile.is_zipfile(questions_file):
-        zip_file = zipfile.ZipFile(questions_file, 'r')
-        zip_file.extractall()
-
-
-def read_json(json_file, user):
-    question = Question()
-    if os.path.exists(json_file):
-        with open(json_file, 'r') as q_file:
-            questions_list = q_file.read()
-            question.load_questions(questions_list, user)
-            os.remove(json_file)
-
-
 def index(request):
     """The start page.
     """
@@ -472,16 +458,22 @@ def skip(request, q_id, next_q=None, attempt_num=None, questionpaper_id=None):
     paper = get_object_or_404(AnswerPaper, user=request.user, attempt_number=attempt_num,
             question_paper=questionpaper_id)
     question = get_object_or_404(Question, pk=q_id)
+    if question in paper.questions_answered.all():
+        next_q = paper.next_question(q_id)
+        return show_question(request, next_q, paper)
+
     if request.method == 'POST' and question.type == 'code':
         user_code = request.POST.get('answer')
         new_answer = Answer(question=question, answer=user_code,
                             correct=False, skipped=True)
         new_answer.save()
         paper.answers.add(new_answer)
-    if next_q is None:
-        next_q = paper.skip(q_id) if paper.skip(q_id) else question
-    else:
+    if next_q is not None:
         next_q = get_object_or_404(Question, pk=next_q)
+        if next_q not in paper.questions_unanswered.all():
+            return show_question(request, question,  paper)
+    else:
+        next_q = paper.next_question(q_id)
     return show_question(request, next_q, paper)
 
 
@@ -493,7 +485,7 @@ def check(request, q_id, attempt_num=None, questionpaper_id=None):
             question_paper=questionpaper_id)
     question = get_object_or_404(Question, pk=q_id)
     if question in paper.questions_answered.all():
-        next_q = paper.skip(q_id)
+        next_q = paper.next_question(q_id)
         return show_question(request, next_q, paper)
 
     if request.method == 'POST':
@@ -522,7 +514,9 @@ def check(request, q_id, attempt_num=None, questionpaper_id=None):
                             correct=False)
         new_answer.save()
         paper.answers.add(new_answer)
-
+        if not user_answer:
+            msg = "Please submit a valid option or code"
+            return show_question(request, question, paper, msg)
         # If we were not skipped, we were asked to check.  For any non-mcq
         # questions, we obtain the results via XML-RPC with the code executed
         # safely in a separate process (the code_server.py) running as nobody.
@@ -543,17 +537,8 @@ def check(request, q_id, attempt_num=None, questionpaper_id=None):
             new_answer.save()
             return show_question(request, question, paper, result.get('error'))
         else:
-            # Display the same question if user_answer is None
-            if not user_answer:
-                msg = "Please submit a valid option or code"
-                return show_question(request, question, paper, msg)
-            elif question.type == 'code' and user_answer:
-                msg = "Correct Output"
-                paper.completed_question(question.id)
-                return show_question(request, question, paper, msg)
-            else:
-                next_q = paper.completed_question(question.id)
-                return show_question(request, next_q, paper)
+            next_q = paper.completed_question(question.id)
+            return show_question(request, next_q, paper)
     else:
         return show_question(request, question, paper)
 
@@ -576,11 +561,13 @@ def validate_answer(user, user_answer, question, json_data=None):
             expected_answer = question.get_test_case(correct=True).options
             if user_answer.strip() == expected_answer.strip():
                 correct = True
+                result['error'] = 'Correct answer'
         elif question.type == 'mcc':
             expected_answers = []
             for opt in question.get_test_cases(correct=True):
                 expected_answers.append(opt.options)
             if set(user_answer) == set(expected_answers):
+                result['error'] = 'Correct answer'
                 correct = True
         elif question.type == 'code':
             user_dir = get_user_dir(user)
@@ -681,10 +668,15 @@ def courses(request):
     ci = RequestContext(request)
     if not is_moderator(user):
         raise Http404('You are not allowed to view this page')
-    demo_user = User.objects.get(username="demo_user")
+    try:
+        demo_user = User.objects.get(username="demo_user")
+    except User.DoesNotExist:
+        demo_user = None
     courses = Course.objects.filter(Q(creator=user) | Q(creator=demo_user),
                                     is_trial=False)
-    return my_render_to_response('yaksh/courses.html', {'courses': courses},
+    allotted_courses = Course.objects.filter(teachers=user, is_trial=False)
+    context = {'courses': courses, "allotted_courses": allotted_courses}
+    return my_render_to_response('yaksh/courses.html', context,
                                  context_instance=ci)
 
 
@@ -891,8 +883,9 @@ def show_all_questions(request):
                 questions_file = request.FILES['file']
                 file_name = questions_file.name.split('.')
                 if file_name[-1] == "zip":
+                    ques = Question()
                     extract_files(questions_file)
-                    read_json("questions_dump.json", user)
+                    ques.read_json("questions_dump.json", user)
                 else:
                     message = "Please Upload a ZIP file"
                     context['message'] = message
@@ -1186,25 +1179,24 @@ def search_teacher(request, course_id):
         raise Http404('You are not allowed to view this page!')
 
     context = {}
-    course = get_object_or_404(Course, creator=user, pk=course_id)
+    course = get_object_or_404(Course, pk=course_id)
     context['course'] = course
 
+    if user != course.creator and user not in course.teachers.all():
+       raise Http404('You are not allowed to view this page!')
+
     if request.method == 'POST':
         u_name = request.POST.get('uname')
-        if len(u_name) == 0:
-            return my_render_to_response('yaksh/addteacher.html', context,
-                                        context_instance=ci)
-        else:
+        if not len(u_name) == 0:
             teachers = User.objects.filter(Q(username__icontains=u_name)|
                 Q(first_name__icontains=u_name)|Q(last_name__icontains=u_name)|
-                Q(email__icontains=u_name)).exclude(Q(id=user.id)|Q(is_superuser=1))
+                Q(email__icontains=u_name)).exclude(Q(id=user.id)|Q(is_superuser=1)|
+                                                    Q(id=course.creator.id))
             context['success'] = True
             context['teachers'] = teachers
-            return my_render_to_response('yaksh/addteacher.html', context,
-                                        context_instance=ci)
-    else:
-        return my_render_to_response('yaksh/addteacher.html', context,
-                                    context_instance=ci)
+                                        
+    return my_render_to_response('yaksh/addteacher.html', context,
+                                 context_instance=ci)
 
 
 @login_required
@@ -1218,8 +1210,11 @@ def add_teacher(request, course_id):
         raise Http404('You are not allowed to view this page!')
 
     context = {}
-    course = get_object_or_404(Course, creator=user, pk=course_id)
-    context['course'] = course
+    course = get_object_or_404(Course, pk=course_id)
+    if user == course.creator or user in course.teachers.all():
+        context['course'] = course
+    else:
+        raise Http404('You are not allowed to view this page!')
 
     if request.method == 'POST':
         teacher_ids = request.POST.getlist('check')
@@ -1228,36 +1223,21 @@ def add_teacher(request, course_id):
         course.add_teachers(*teachers)
         context['status'] = True
         context['teachers_added'] = teachers
-        return my_render_to_response('yaksh/addteacher.html', context,
-                                    context_instance=ci)
-    else:
-        return my_render_to_response('yaksh/addteacher.html', context,
+        
+    return my_render_to_response('yaksh/addteacher.html', context,
                                     context_instance=ci)
 
 
-@login_required
-def allotted_courses(request):
-    """  show courses allotted to a user """
-
-    user = request.user
-    ci = RequestContext(request)
-    if not is_moderator(user):
-        raise Http404('You are not allowed to view this page!')
-
-    courses = Course.objects.filter(teachers=user)
-    return my_render_to_response('yaksh/courses.html', {'courses': courses},
-                                        context_instance=ci)
-
 
 @login_required
 def remove_teachers(request, course_id):
     """  remove user from a course """
  
     user = request.user
-    if not is_moderator(user):
+    course = get_object_or_404(Course, pk=course_id)
+    if not is_moderator(user) and (user != course.creator and user not in course.teachers.all()):
         raise Http404('You are not allowed to view this page!')
 
-    course = get_object_or_404(Course, creator=user, pk=course_id)
     if request.method == "POST":
         teacher_ids = request.POST.getlist('remove')
         teachers = User.objects.filter(id__in=teacher_ids)