From f2d65592affd34bc60cf4a3a2c72de1d84c934c0 Mon Sep 17 00:00:00 2001 From: jayparikh111 Date: Wed, 22 Feb 2012 16:02:07 +0530 Subject: Changes related to Authentication of Moderator --- testapp/exam/urls.py | 21 +++++----- testapp/exam/views.py | 76 ++++++++++++++++++++++------------- testapp/templates/exam/monitor.html | 4 +- testapp/templates/exam/show_quiz.html | 1 + testapp/templates/exam/showusers.html | 2 +- testapp/templates/manage.html | 4 +- 6 files changed, 68 insertions(+), 40 deletions(-) (limited to 'testapp') diff --git a/testapp/exam/urls.py b/testapp/exam/urls.py index 2187e58..d4ebe50 100644 --- a/testapp/exam/urls.py +++ b/testapp/exam/urls.py @@ -3,23 +3,26 @@ from django.conf.urls.defaults import patterns, include, url urlpatterns = patterns('exam.views', url(r'^$', 'index'), url(r'^login/$', 'user_login'), + url(r'^start/$', 'start'), + url(r'^quit/$', 'quit'), + url(r'^complete/$', 'complete'), + url(r'^register/$', 'user_register'), + url(r'^(?P\d+)/$', 'question'), + url(r'^(?P\d+)/check/$', 'check'), + url(r'^manage/$', 'prof_manage'), url(r'^manage/addquestion/$', 'add_question'), url(r'^manage/addquestion/(?P\d+)/$', 'add_question'), url(r'^manage/addquiz/$', 'add_quiz'), url(r'^manage/addquiz/(?P\d+)/$', 'add_quiz'), url(r'^manage/gradeuser/$', 'show_all_users'), + url(r'^manage/gradeuser/(?P[a-zA-Z0-9_.]+)/$', 'grade_user'), url(r'^manage/questions/$', 'show_all_questions'), - url(r'^manage/showquiz/$','show_all_quiz'), - url(r'^register/$', 'user_register'), - url(r'^start/$', 'start'), - url(r'^quit/$', 'quit'), - url(r'^complete/$', 'complete'), + url(r'^manage/showquiz/$','show_all_quiz'), url(r'^manage/monitor/$', 'monitor'), url(r'^manage/monitor/(?P\d+)/$', 'monitor'), - url(r'^user_data/(?P[a-zA-Z0-9_.]+)/$', 'user_data'), - url(r'^manage/grade_user/(?P[a-zA-Z0-9_.]+)/$', 'grade_user'), - url(r'^(?P\d+)/$', 'question'), - url(r'^(?P\d+)/check/$', 'check'), + url(r'^manage/user_data/(?P[a-zA-Z0-9_.]+)/$', 'user_data'), + + ) diff --git a/testapp/exam/views.py b/testapp/exam/views.py index c2296f3..bc2290b 100644 --- a/testapp/exam/views.py +++ b/testapp/exam/views.py @@ -58,6 +58,8 @@ def index(request): """ user = request.user if user.is_authenticated(): + if user.groups.filter(name='moderator').count() > 0: + return my_redirect('/exam/manage/') return my_redirect("/exam/start/") return my_redirect("/exam/login/") @@ -92,7 +94,9 @@ def user_register(request): def add_question(request,question_id=None): """To add a new question in the database. Create a new question and store it.""" - + user = request.user + if not user.is_authenticated() or user.groups.filter(name='moderator').count() == 0 : + raise Http404('You are not allowed to view this page!') if request.method == "POST": form = QuestionForm(request.POST) if form.is_valid(): @@ -140,6 +144,9 @@ def add_question(request,question_id=None): def add_quiz(request,quiz_id=None): + user = request.user + if not user.is_authenticated() or user.groups.filter(name='moderator').count() == 0 : + raise Http404('You are not allowed to view this page!') if request.method == "POST": form = QuizForm(request.POST) if form.is_valid(): @@ -182,14 +189,18 @@ def add_quiz(request,quiz_id=None): def prof_manage(request): """Take credentials of the user with professor/moderator rights/permissions and log in.""" - - return render_to_response('manage.html',{}) + user = request.user + if user.is_authenticated() and user.groups.filter(name='moderator').count() > 0: + return render_to_response('manage.html',{}) + return my_redirect('/exam/login/') def user_login(request): """Take the credentials of the user and log the user in.""" user = request.user if user.is_authenticated(): + if user.groups.filter(name='moderator').count() > 0 : + return my_redirect('/exam/manage/') return my_redirect("/exam/start/") if request.method == "POST": @@ -197,7 +208,9 @@ def user_login(request): if form.is_valid(): user = form.cleaned_data login(request, user) - return my_redirect("/exam/start/") + if user.groups.filter(name='moderator').count() > 0 : + return my_redirect('/exam/manage/') + return my_redirect('/exam/start/') else: context = {"form": form} return my_render_to_response('exam/login.html', context, @@ -358,6 +371,8 @@ def complete(request,reason = None): user = request.user no = False message = reason or 'The quiz has been completed. Thank you.' + if user.groups.filter(name='moderator').count() > 0: + message = 'You are successfully Logged out. Thanks for spending some time with the application' if request.method == 'POST' and 'no' in request.POST: no = True if not no: @@ -372,7 +387,7 @@ def monitor(request, quiz_id=None): """Monitor the progress of the papers taken so far.""" user = request.user - if not user.is_authenticated() and not user.is_staff: + if not user.is_authenticated() or user.groups.filter(name='moderator').count() == 0: raise Http404('You are not allowed to view this page!') if quiz_id is None: @@ -416,7 +431,9 @@ def get_user_data(username): def show_all_users(request): """Shows all the users who have taken various exams/quiz.""" - + user = request.user + if not user.is_authenticated() or user.groups.filter(name='moderator').count() == 0: + raise Http404('You are not allowed to view this page !') user = User.objects.filter(username__contains="") context = { 'user':user } print context @@ -424,6 +441,9 @@ def show_all_users(request): def show_all_quiz(request): """Generates a list of all the quizzes that are currently in the database.""" + user = request.user + if not user.is_authenticated() or user.groups.filter(name='moderator').count() == 0: + raise Http404('You are not allowed to view this page !') if request.method == 'POST': data = request.POST.getlist('quiz') @@ -453,39 +473,41 @@ def show_all_quiz(request): def show_all_questions(request): - """Show a list of all the questions currently in the databse.""" + """Show a list of all the questions currently in the databse.""" + user = request.user + if not user.is_authenticated() or user.groups.filter(name='moderator').count() == 0 : + raise Http404("You are not allowed to view this page !") - if request.method == 'POST': - data = request.POST.getlist('question') - if data == None: - questions = Question.objects.all() - context = {'papers': [], - 'question': None, - 'questions':questions} - return my_render_to_response('exam/showquestions.html', context, + if request.method == 'POST': + data = request.POST.getlist('question') + if data == None: + questions = Question.objects.all() + context = {'papers': [], + 'question': None, + 'questions':questions} + return my_render_to_response('exam/showquestions.html', context, context_instance=RequestContext(request)) - for i in data: - question = Question.objects.get(id=i).delete() - questions = Question.objects.all() - context = {'papers': [], + for i in data: + question = Question.objects.get(id=i).delete() + questions = Question.objects.all() + context = {'papers': [], 'question': None, 'questions':questions} - return my_render_to_response('exam/showquestions.html', context, + return my_render_to_response('exam/showquestions.html', context, context_instance=RequestContext(request)) - else: - - questions = Question.objects.all() - context = {'papers': [], + else: + questions = Question.objects.all() + context = {'papers': [], 'question': None, 'questions':questions} - return my_render_to_response('exam/showquestions.html', context, + return my_render_to_response('exam/showquestions.html', context, context_instance=RequestContext(request)) def user_data(request, username): """Render user data.""" current_user = request.user - if not current_user.is_authenticated() and not current_user.is_staff: + if not current_user.is_authenticated() or current_user.groups.filter(name='moderator').count() == 0: raise Http404('You are not allowed to view this page!') data = get_user_data(username) @@ -499,7 +521,7 @@ def grade_user(request, username): and update all their marks and also give comments for each paper. """ current_user = request.user - if not current_user.is_authenticated() and not current_user.is_staff: + if not current_user.is_authenticated() or current_user.groups.filter(name='moderator').count() == 0: raise Http404('You are not allowed to view this page!') data = get_user_data(username) diff --git a/testapp/templates/exam/monitor.html b/testapp/templates/exam/monitor.html index a802de2..60814c7 100644 --- a/testapp/templates/exam/monitor.html +++ b/testapp/templates/exam/monitor.html @@ -55,9 +55,9 @@ table tbody th { {% for paper in papers %} - + {{ paper.user.get_full_name.title }} - + {{ paper.user.username }} {{ paper.profile.roll_number }} {{ paper.profile.institute }} diff --git a/testapp/templates/exam/show_quiz.html b/testapp/templates/exam/show_quiz.html index 2e9059d..001b2fe 100644 --- a/testapp/templates/exam/show_quiz.html +++ b/testapp/templates/exam/show_quiz.html @@ -33,6 +33,7 @@ function my_confirm(frm)

Quiz List

{% csrf_token %} + {% for quiz in quizzes %}   {{ quiz.description }}
diff --git a/testapp/templates/exam/showusers.html b/testapp/templates/exam/showusers.html index 038cb8b..441b921 100644 --- a/testapp/templates/exam/showusers.html +++ b/testapp/templates/exam/showusers.html @@ -8,6 +8,6 @@ List of Users {% block manage %} {% for name in user %} -{{ name }}
+{{ name }}
{% endfor %} {% endblock %} diff --git a/testapp/templates/manage.html b/testapp/templates/manage.html index 0cc47ae..c7c6fa1 100644 --- a/testapp/templates/manage.html +++ b/testapp/templates/manage.html @@ -7,7 +7,9 @@
-- cgit