exam.py

# -*- coding: utf-8 -*-

from __future__ import division

__copyright__ = "Copyright (C) 2015 Andreas Kloeckner"

__license__ = """
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in
all copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
THE SOFTWARE.
"""

import six

from django.contrib.auth import get_user_model
import django.forms as forms
from django.utils.translation import ugettext, ugettext_lazy as _
from django.shortcuts import (  # noqa
        render, get_object_or_404, redirect)
from django.core.exceptions import (  # noqa
        PermissionDenied, ObjectDoesNotExist, SuspiciousOperation)
from django.contrib import messages  # noqa
from django.contrib.auth.decorators import permission_required
from django.db import transaction

from crispy_forms.layout import Submit

from course.models import Exam, ExamTicket, Participation, FlowSession
from course.utils import course_view, render_course_page
from course.constants import (
        exam_ticket_states,
        participation_status,
        participation_role)
from course.views import get_now_or_fake_time

from relate.utils import StyledForm


ticket_alphabet = "ABCDEFGHJKLPQRSTUVWXYZabcdefghjkpqrstuvwxyz23456789"


def gen_ticket_code():
    from random import choice
    return "".join(choice(ticket_alphabet) for i in range(8))


# {{{ issue ticket

class UserChoiceField(forms.ModelChoiceField):
    def label_from_instance(self, obj):
        user = obj
        return (
                _("%(user_email)s - %(user_lastname)s, "
                    "%(user_firstname)s")
                % {
                    "user_email": user.email,
                    "user_lastname": user.last_name,
                    "user_firstname": user.first_name})


class IssueTicketForm(StyledForm):
    def __init__(self, *args, **kwargs):
        initial_exam = kwargs.pop("initial_exam", None)

        super(IssueTicketForm, self).__init__(*args, **kwargs)

        self.fields["user"] = UserChoiceField(
                queryset=(get_user_model().objects
                    .filter(
                        is_active=True,
                        )
                    .order_by("last_name")),
                required=True,
                help_text=_("Select participant for whom exception is to "
                "be granted."),
                label=_("Participant"))
        self.fields["exam"] = forms.ModelChoiceField(
                queryset=(
                    Exam.objects.filter(
                        active=True)),
                required=True,
                initial=initial_exam,
                label=_("Exam"))

        self.fields["revoke_prior"] = forms.BooleanField(
                label=_("Revoke prior exam tickets for this user"),
                required=False,
                initial=True)

        self.helper.add_input(
                Submit(
                    "issue",
                    _("Issue ticket"),
                    css_class="col-lg-offset-2"))


@permission_required("course.can_issue_exam_tickets")
def issue_exam_ticket(request):
    if request.method == "POST":
        form = IssueTicketForm(request.POST)

        if form.is_valid():
            exam = form.cleaned_data["exam"]
            try:
                participation = Participation.objects.get(
                                course=exam.course,
                                user=form.cleaned_data["user"],
                                status=participation_status.active,
                                )

            except ObjectDoesNotExist:
                messages.add_message(request, messages.ERROR,
                        _("User is not enrolled in course."))
                participation = None

            if participation is not None:
                if form.cleaned_data["revoke_prior"]:
                    ExamTicket.objects.filter(
                            exam=exam,
                            participation=participation,
                            state=exam_ticket_states.valid,
                            ).update(state=exam_ticket_states.revoked)

                ticket = ExamTicket()
                ticket.exam = exam
                ticket.participation = participation
                ticket.creator = request.user
                ticket.state = exam_ticket_states.valid
                ticket.code = gen_ticket_code()
                ticket.save()

                messages.add_message(request, messages.SUCCESS,
                        _(
                            "Ticket issued for <b>%s</b>. "
                            "The ticket code is <b>%s</b>."
                            ) % (participation, ticket.code))

                form = IssueTicketForm(initial_exam=exam)

    else:
        form = IssueTicketForm()

    return render(request, "generic-form.html", {
        "form_description":
            _("Issue Exam Ticket"),
        "form": form,
        })

# }}}


# {{{ batch-issue tickets

class BatchIssueTicketsForm(StyledForm):
    def __init__(self, course, *args, **kwargs):
        super(BatchIssueTicketsForm, self).__init__(*args, **kwargs)

        self.fields["exam"] = forms.ModelChoiceField(
                queryset=(
                    Exam.objects.filter(
                        course=course,
                        active=True
                        )),
                required=True,
                label=_("Exam"))
        self.fields["format"] = forms.ChoiceField(
                choices=(
                    ("list", _("List")),
                    ("cards", _("Cards")),
                    ),
                label=_("Ticket Format"),
                required=True)
        self.fields["revoke_prior"] = forms.BooleanField(
                label=_("Revoke prior exam tickets"),
                required=False,
                initial=False)

        self.helper.add_input(
                Submit(
                    "issue",
                    _("Issue tickets"),
                    css_class="col-lg-offset-2"))


@course_view
@transaction.atomic
def batch_issue_exam_tickets(pctx):
    if pctx.role not in [
            participation_role.instructor,
            ]:
        raise PermissionDenied(
                _("must be instructor or TA to batch-issue tickets"))

    form_text = ""

    request = pctx.request
    if request.method == "POST":
        form = BatchIssueTicketsForm(pctx.course, request.POST)

        if form.is_valid():
            exam = form.cleaned_data["exam"]

            if form.cleaned_data["revoke_prior"]:
                ExamTicket.objects.filter(
                        exam=exam,
                        state=exam_ticket_states.valid,
                        ).update(state=exam_ticket_states.revoked)

            tickets = []
            for participation in (
                    Participation.objects.filter(
                        course=pctx.course,
                        status=participation_status.active)
                    .order_by(
                        "user__username")):
                ticket = ExamTicket()
                ticket.exam = exam
                ticket.participation = participation
                ticket.creator = request.user
                ticket.state = exam_ticket_states.valid
                ticket.code = gen_ticket_code()
                ticket.save()

                tickets.append(ticket)

            from django.template.loader import render_to_string
            form_text = render_to_string(
                    "course/exam-ticket-%s.html" % form.cleaned_data["format"],
                    {"tickets": tickets})

            messages.add_message(request, messages.SUCCESS,
                    _("%d tickets issued.") % len(tickets))

            form = None

    else:
        form = BatchIssueTicketsForm(pctx.course)

    return render_course_page(pctx, "course/generic-course-form.html", {
        "form": form,
        "form_text": form_text,
        "form_description": ugettext("Batch-Issue Exam Tickets")
        })

# }}}


# {{{ check in

class ExamTicketBackend(object):
    def authenticate(self, username=None, code=None, now_datetime=None):
        try:
            user = get_user_model().objects.get(
                    username=username,
                    is_active=True)
            ticket = ExamTicket.objects.get(
                    participation__user=user,
                    code=code,
                    state=exam_ticket_states.valid,
                    )

            if ticket.exam.no_exams_before >= now_datetime:
                return None
            if (
                    ticket.exam.no_exams_after is not None
                    and
                    ticket.exam.no_exams_after <= now_datetime):
                return None

        except ObjectDoesNotExist:
            return None

        return user

    def get_user(self, user_id):
        try:
            return get_user_model().objects.get(pk=user_id)
        except get_user_model().DoesNotExist:
            return None


class ExamCheckInForm(StyledForm):
    username = forms.CharField(required=True, label=_("User name"),
            # For now, until we upgrade to a custom user model.
            max_length=30,
            help_text=_("This is typically your full email address."))
    code = forms.CharField(required=True, label=_("Code"),
            widget=forms.PasswordInput())

    def __init__(self, *args, **kwargs):
        super(ExamCheckInForm, self).__init__(*args, **kwargs)

        self.helper.add_input(
                Submit("submit", _("Check in"),
                    css_class="col-lg-offset-2"))


def check_in_for_exam(request):
    now_datetime = get_now_or_fake_time(request)

    if request.method == "POST":
        form = ExamCheckInForm(request.POST)
        if form.is_valid():
            username = form.cleaned_data["username"]
            code = form.cleaned_data["code"]

            from django.contrib.auth import authenticate, login
            user = authenticate(username=username, code=code,
                    now_datetime=now_datetime)

            if user is None:
                messages.add_message(request, messages.ERROR,
                        _("Invalid check-in data."))

            else:
                login(request, user)

                ticket = ExamTicket.objects.get(
                        participation__user=user,
                        code=code,
                        state=exam_ticket_states.valid,
                        )
                ticket.state = exam_ticket_states.used
                ticket.usage_time = now_datetime
                ticket.save()

                request.session["relate_session_exam_ticket_pk"] = ticket.pk

                return redirect("relate-view_start_flow",
                        ticket.exam.course.identifier,
                        ticket.exam.flow_id)

    else:
        form = ExamCheckInForm()

    return render(request, "generic-form.html", {
        "form_description":
            _("Check in for Exam"),
        "form": form
        })

# }}}


def is_from_exams_only_facility(request):
    import ipaddr

    remote_address = ipaddr.IPAddress(request.META['REMOTE_ADDR'])

    exams_only = False

    from django.conf import settings
    for name, props in six.iteritems(settings.RELATE_FACILITIES):
        if not props.get("exams_only", False):
            continue

        ip_ranges = props.get("ip_ranges", [])
        for ir in ip_ranges:
            if remote_address in ipaddr.IPNetwork(ir):
                exams_only = True
                break

        if exams_only:
            break

    return exams_only


# {{{ lockdown middleware

class ExamFacilityMiddleware(object):
    def process_request(self, request):
        exams_only = is_from_exams_only_facility(request)

        if not exams_only:
            return None

        if (exams_only and
                "relate_session_exam_ticket_pk" in request.session):
            # ExamLockdownMiddleware is in control.
            return None

        from django.core.urlresolvers import resolve
        resolver_match = resolve(request.path)

        from course.exam import check_in_for_exam, issue_exam_ticket
        from course.auth import (user_profile, sign_in_by_email,
                sign_in_stage2_with_token, sign_in_by_user_pw)
        from django.contrib.auth.views import logout

        ok = False
        if resolver_match.func in [
                sign_in_by_email,
                sign_in_stage2_with_token,
                sign_in_by_user_pw,
                check_in_for_exam,
                user_profile,
                logout]:
            ok = True

        elif request.user.is_staff:
            ok = True

        elif (
                request.user.has_perm("course.can_issue_exam_tickets")
                and
                resolver_match.func == issue_exam_ticket):
            ok = True

        if not ok:
            return redirect("relate-check_in_for_exam")


class ExamLockdownMiddleware(object):
    def process_request(self, request):
        request.relate_exam_lockdown = False

        if "relate_session_exam_ticket_pk" in request.session:
            ticket_pk = request.session['relate_session_exam_ticket_pk']

            try:
                ticket = ExamTicket.objects.get(pk=ticket_pk)
            except ObjectDoesNotExist:
                messages.add_message(request, messages.ERROR,
                        _("Error while processing exam lockdown: ticket not found."))
                raise SuspiciousOperation()

            if not ticket.exam.lock_down_sessions:
                return None

            request.relate_exam_lockdown = True

            flow_session_ids = [fs.id for fs in FlowSession.objects.filter(
                    participation=ticket.participation,
                    flow_id=ticket.exam.flow_id)]

            from django.core.urlresolvers import resolve
            resolver_match = resolve(request.path)

            from course.views import (get_repo_file, get_current_repo_file)
            from course.flow import (view_start_flow, view_flow_page,
                    update_expiration_mode, finish_flow_session_view)
            from course.auth import user_profile
            from django.contrib.auth.views import logout

            ok = False
            if resolver_match.func in [
                    get_repo_file,
                    get_current_repo_file,

                    user_profile,
                    logout]:
                ok = True

            elif (resolver_match.func == view_start_flow
                    and
                    resolver_match.kwargs["course_identifier"]
                    == ticket.exam.course.identifier
                    and
                    resolver_match.kwargs["flow_id"]
                    == ticket.exam.flow_id):
                ok = True

            elif (
                    resolver_match.func in [
                        view_flow_page,
                        update_expiration_mode,
                        finish_flow_session_view]
                    and
                    int(resolver_match.kwargs["flow_session_id"])
                    in flow_session_ids):
                ok = True

            if not ok:
                raise PermissionDenied("not allowed in exam lock-down")

# }}}


# {{{ lockdown context processor

def exam_lockdown_context_processor(request):
    return {
            "relate_exam_lockdown": request.relate_exam_lockdown,
            }

# }}}


# {{{ lockdown sign-in checker

def may_sign_in(request, user):
    exams_only = is_from_exams_only_facility(request)

    if not exams_only:
        return True
    else:
        if user.is_staff:
            return True
        elif user.has_perm("course.can_issue_exam_tickets"):
            return True

    return False

# }}}


# vim: foldmethod=marker