@@ -24,7 +24,7 @@ def check_data(data, required_fields):
|
||||
def instructor_required(func):
|
||||
@wraps(func)
|
||||
def dec(*args, **kwargs):
|
||||
if current_user.role != "instructor":
|
||||
if not current_user.role in ["instructor", "admin"]:
|
||||
return error_response(400, "User is not instructor!")
|
||||
return func(*args, **kwargs)
|
||||
|
||||
@@ -95,6 +95,7 @@ def register():
|
||||
|
||||
@bp.route("/course", methods=["POST"])
|
||||
@login_required
|
||||
@admin_required
|
||||
def create_course():
|
||||
data = request.get_json()
|
||||
|
||||
@@ -125,12 +126,60 @@ def create_course():
|
||||
return jsonify(c.to_dict())
|
||||
|
||||
|
||||
@bp.route("/course/<string:username>", methods=["POST"])
|
||||
@login_required
|
||||
@admin_required
|
||||
def create_course_by_username(username):
|
||||
data = request.get_json()
|
||||
|
||||
required_fields = ["name", "course_code", "description"]
|
||||
|
||||
u = User.query.filter_by(username=username).first()
|
||||
if not u:
|
||||
return error_response(400, f"User with username {username} does not exist")
|
||||
|
||||
if f := check_data(data, required_fields):
|
||||
return error_response(400, f"Must supply {f}")
|
||||
|
||||
c = Course.query.filter_by(course_code=data["course_code"]).first()
|
||||
if c:
|
||||
return error_response(
|
||||
400, f"Course with course code {data['course_code']} already exists"
|
||||
)
|
||||
|
||||
if u.role != "instructor":
|
||||
return error_response(400, "User is not instructor")
|
||||
|
||||
data["instructor"] = str(u.id)
|
||||
c = Course()
|
||||
c.from_dict(data)
|
||||
u.enroll(c)
|
||||
db.session.add(c)
|
||||
db.session.commit()
|
||||
|
||||
return jsonify(c.to_dict())
|
||||
|
||||
|
||||
@bp.route("/course/<int:id>", methods=["DELETE"])
|
||||
@login_required
|
||||
@admin_required
|
||||
def delete_course(id):
|
||||
c = Course.query.get(id)
|
||||
if not c:
|
||||
return error_response(400, f"Course with id {id} does not exist")
|
||||
|
||||
db.session.delete(c)
|
||||
db.session.commit()
|
||||
return jsonify(c.to_dict())
|
||||
|
||||
|
||||
@bp.route("/user/<int:id>/courses", methods=["GET"])
|
||||
@login_required
|
||||
def get_courses(id):
|
||||
u = User.query.get(id)
|
||||
d = {"courses": []}
|
||||
for c in u.enrolled_courses.all():
|
||||
courses = Course.query.all() if u.role == "admin" else u.enrolled_courses.all()
|
||||
for c in courses:
|
||||
d["courses"].append(c.to_dict())
|
||||
resp = jsonify(d)
|
||||
return resp
|
||||
|
||||
Reference in New Issue
Block a user