source: main/waeup.kofa/trunk/src/waeup/kofa/students/student.py @ 15799

Last change on this file since 15799 was 15609, checked in by Henrik Bettermann, 5 years ago

Finalize parents access.

  • Property svn:keywords set to Id
File size: 22.8 KB
Line 
1## $Id: student.py 15609 2019-09-26 11:38:36Z henrik $
2##
3## Copyright (C) 2011 Uli Fouquet & Henrik Bettermann
4## This program is free software; you can redistribute it and/or modify
5## it under the terms of the GNU General Public License as published by
6## the Free Software Foundation; either version 2 of the License, or
7## (at your option) any later version.
8##
9## This program is distributed in the hope that it will be useful,
10## but WITHOUT ANY WARRANTY; without even the implied warranty of
11## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
12## GNU General Public License for more details.
13##
14## You should have received a copy of the GNU General Public License
15## along with this program; if not, write to the Free Software
16## Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
17##
18"""
19Container for the various objects owned by students.
20"""
21import os
22import re
23import shutil
24import grok
25from datetime import datetime, timedelta
26from hurry.workflow.interfaces import IWorkflowState, IWorkflowInfo
27from zope.password.interfaces import IPasswordManager
28from zope.component import getUtility, createObject
29from zope.component.interfaces import IFactory
30from zope.interface import implementedBy
31from zope.securitypolicy.interfaces import IPrincipalRoleManager
32from zope.schema.interfaces import ConstraintNotSatisfied
33from zope.event import notify
34
35from waeup.kofa.authentication import LocalRoleSetEvent
36from waeup.kofa.image import KofaImageFile
37from waeup.kofa.imagestorage import DefaultFileStoreHandler
38from waeup.kofa.interfaces import (
39    IObjectHistory, IUserAccount, IFileStoreNameChooser, IFileStoreHandler,
40    IKofaUtils, registration_states_vocab, IExtFileStore,
41    CREATED, ADMITTED, CLEARANCE, PAID, REGISTERED, VALIDATED, RETURNING,
42    GRADUATED, TRANSVAL, TRANSREL)
43from waeup.kofa.students.accommodation import StudentAccommodation
44from waeup.kofa.students.interfaces import (
45    IStudent, IStudentNavigation, IStudentPersonalEdit, ICSVStudentExporter,
46    IStudentsUtils)
47from waeup.kofa.students.payments import StudentPaymentsContainer
48from waeup.kofa.students.utils import generate_student_id
49from waeup.kofa.utils.helpers import attrs_to_fields, now, copy_filesystem_tree
50
51RE_STUDID_NON_NUM = re.compile('[^\d]+')
52
53class Student(grok.Container):
54    """This is a student container for the various objects
55    owned by students.
56    """
57    grok.implements(IStudent, IStudentNavigation, IStudentPersonalEdit)
58    grok.provides(IStudent)
59
60    def __init__(self):
61        super(Student, self).__init__()
62        # The site doesn't exist in unit tests
63        try:
64            self.student_id = generate_student_id()
65        except TypeError:
66            self.student_id = u'Z654321'
67        self.password = None
68        self.temp_password = None
69        self.parents_password = None
70        return
71
72    def setTempPassword(self, user, password):
73        """Set a temporary password (LDAP-compatible) SSHA encoded for
74        officers.
75        """
76        passwordmanager = getUtility(IPasswordManager, 'SSHA')
77        self.temp_password = {}
78        self.temp_password[
79            'password'] = passwordmanager.encodePassword(password)
80        self.temp_password['user'] = user
81        self.temp_password['timestamp'] = datetime.utcnow() # offset-naive datetime
82
83    def getTempPassword(self):
84        """Check if a temporary password has been set and if it
85        is not expired.
86
87        Return the temporary password if valid,
88        None otherwise. Unset the temporary password if expired.
89        """
90        temp_password_dict = getattr(self, 'temp_password', None)
91        kofa_utils = getUtility(IKofaUtils)
92        temp_password_minutes =  kofa_utils.TEMP_PASSWORD_MINUTES
93        if temp_password_dict is not None:
94            delta = timedelta(minutes=temp_password_minutes)
95            now = datetime.utcnow()
96            if now < temp_password_dict.get('timestamp') + delta:
97                return temp_password_dict.get('password')
98            else:
99                # Unset temporary password if expired
100                self.temp_password = None
101        return None
102
103    def setParentsPassword(self, password):
104        """Set a temporary password (LDAP-compatible) SSHA encoded for
105        parents.
106        """
107        passwordmanager = getUtility(IPasswordManager, 'SSHA')
108        self.parents_password = {}
109        self.parents_password[
110            'password'] = passwordmanager.encodePassword(password)
111        self.parents_password['timestamp'] = datetime.utcnow() # offset-naive datetime
112
113    def getParentsPassword(self):
114        """Check if a parents password has been set and if it
115        is not expired.
116
117        Return the parents password if valid,
118        None otherwise. Unset the parents password and replace roles
119        if expired.
120        """
121        parents_password_dict = getattr(self, 'parents_password', None)
122        kofa_utils = getUtility(IKofaUtils)
123        temp_password_minutes =  kofa_utils.TEMP_PASSWORD_MINUTES
124        if parents_password_dict is not None:
125            delta = timedelta(minutes=temp_password_minutes)
126            now = datetime.utcnow()
127            if now < parents_password_dict.get('timestamp') + delta:
128                return parents_password_dict.get('password')
129            else:
130                # Unset parents password if expired
131                self.parents_password = None
132                # Replace roles if expired
133                role_manager = IPrincipalRoleManager(self)
134                role_manager.removeRoleFromPrincipal(
135                    'waeup.local.Parents', self.student_id)
136                notify(LocalRoleSetEvent(
137                    self, 'waeup.local.Parents',
138                    self.student_id, granted=False))
139                role_manager.assignRoleToPrincipal(
140                    'waeup.local.StudentRecordOwner', self.student_id)
141                notify(LocalRoleSetEvent(
142                    self, 'waeup.local.StudentRecordOwner',
143                    self.student_id, granted=True))
144        return None
145
146    def writeLogMessage(self, view, message):
147        ob_class = view.__implemented__.__name__.replace('waeup.kofa.','')
148        self.__parent__.logger.info(
149            '%s - %s - %s' % (ob_class, self.__name__, message))
150        return
151
152    @property
153    def display_fullname(self):
154        middlename = getattr(self, 'middlename', None)
155        kofa_utils = getUtility(IKofaUtils)
156        return kofa_utils.fullname(self.firstname, self.lastname, middlename)
157
158    @property
159    def fullname(self):
160        middlename = getattr(self, 'middlename', None)
161        if middlename:
162            return '%s-%s-%s' % (self.firstname.lower(),
163                middlename.lower(), self.lastname.lower())
164        else:
165            return '%s-%s' % (self.firstname.lower(), self.lastname.lower())
166
167    @property
168    def state(self):
169        state = IWorkflowState(self).getState()
170        return state
171
172    @property
173    def translated_state(self):
174        try:
175            state = registration_states_vocab.getTermByToken(
176                self.state).title
177        except LookupError:  # in unit tests
178            return
179        return state
180
181    @property
182    def history(self):
183        history = IObjectHistory(self)
184        return history
185
186    @property
187    def student(self):
188        return self
189
190    @property
191    def certcode(self):
192        cert = getattr(self.get('studycourse', None), 'certificate', None)
193        if cert is not None:
194            return cert.code
195        return
196
197    @property
198    def faccode(self):
199        cert = getattr(self.get('studycourse', None), 'certificate', None)
200        if cert is not None:
201            return cert.__parent__.__parent__.__parent__.code
202        return
203
204    @property
205    def depcode(self):
206        cert = getattr(self.get('studycourse', None), 'certificate', None)
207        if cert is not None:
208            return cert.__parent__.__parent__.code
209        return
210
211    @property
212    def current_session(self):
213        session = getattr(
214            self.get('studycourse', None), 'current_session', None)
215        return session
216
217    @property
218    def entry_session(self):
219        session = getattr(
220            self.get('studycourse', None), 'entry_session', None)
221        return session
222
223    @property
224    def entry_mode(self):
225        session = getattr(
226            self.get('studycourse', None), 'entry_mode', None)
227        return session
228
229    @property
230    def current_level(self):
231        level = getattr(
232            self.get('studycourse', None), 'current_level', None)
233        return level
234
235    @property
236    def current_verdict(self):
237        level = getattr(
238            self.get('studycourse', None), 'current_verdict', None)
239        return level
240
241    @property
242    def current_mode(self):
243        certificate = getattr(
244            self.get('studycourse', None), 'certificate', None)
245        if certificate is not None:
246            return certificate.study_mode
247        return None
248
249    @property
250    def is_postgrad(self):
251        is_postgrad = getattr(
252            self.get('studycourse', None), 'is_postgrad', False)
253        return is_postgrad
254
255    @property
256    def is_special_postgrad(self):
257        is_special_postgrad = getattr(
258            self.get('studycourse', None), 'is_special_postgrad', False)
259        return is_special_postgrad
260
261    @property
262    def is_fresh(self):
263        return self.current_session == self.entry_session
264
265    @property
266    def before_payment(self):
267        non_fresh_states = (PAID, REGISTERED, VALIDATED, RETURNING, GRADUATED)
268        if self.is_fresh and self.state not in non_fresh_states:
269            return True
270        return False
271
272    @property
273    def personal_data_expired(self):
274        if self.state in (CREATED, ADMITTED,):
275            return False
276        now = datetime.utcnow()
277        if self.personal_updated is None:
278            return True
279        days_ago = getattr(now - self.personal_updated, 'days')
280        if days_ago > 180:
281            return True
282        return False
283
284    @property
285    def transcript_enabled(self):
286        return True
287
288    @property
289    def studycourse_locked(self):
290        return self.state in (GRADUATED, TRANSREL, TRANSVAL)
291
292    @property
293    def clearance_locked(self):
294        return self.state != CLEARANCE
295
296    def transfer(self, certificate, current_session=None,
297        current_level=None, current_verdict=None, previous_verdict=None):
298        """ Creates a new studycourse and backups the old one.
299        """
300        newcourse = createObject(u'waeup.StudentStudyCourse')
301        try:
302            newcourse.certificate = certificate
303            newcourse.entry_mode = 'transfer'
304            newcourse.current_session = current_session
305            newcourse.current_level = current_level
306            newcourse.current_verdict = current_verdict
307            newcourse.previous_verdict = previous_verdict
308        except ConstraintNotSatisfied:
309            return -1
310        oldcourse = self['studycourse']
311        if getattr(oldcourse, 'entry_session', None) is None or\
312            getattr(oldcourse, 'certificate', None) is None:
313            return -2
314        newcourse.entry_session = oldcourse.entry_session
315        # Students can be transferred only two times.
316        if 'studycourse_1' in self.keys():
317            if 'studycourse_2' in self.keys():
318                return -3
319            self['studycourse_2'] = oldcourse
320        else:
321            self['studycourse_1'] = oldcourse
322        del self['studycourse']
323        self['studycourse'] = newcourse
324        self.__parent__.logger.info(
325            '%s - transferred from %s to %s' % (
326            self.student_id,
327            oldcourse.certificate.code,
328            newcourse.certificate.code))
329        history = IObjectHistory(self)
330        history.addMessage('Transferred from %s to %s' % (
331            oldcourse.certificate.code, newcourse.certificate.code))
332        return
333
334    def revert_transfer(self):
335        """ Revert previous transfer.
336
337        """
338        if not self.has_key('studycourse_1'):
339            return -1
340        del self['studycourse']
341        if 'studycourse_2' in self.keys():
342            studycourse = self['studycourse_2']
343            self['studycourse'] = studycourse
344            del self['studycourse_2']
345        else:
346            studycourse = self['studycourse_1']
347            self['studycourse'] = studycourse
348            del self['studycourse_1']
349        self.__parent__.logger.info(
350            '%s - transfer reverted' % self.student_id)
351        history = IObjectHistory(self)
352        history.addMessage('Transfer reverted')
353        return
354
355# Set all attributes of Student required in IStudent as field
356# properties. Doing this, we do not have to set initial attributes
357# ourselves and as a bonus we get free validation when an attribute is
358# set.
359Student = attrs_to_fields(Student)
360
361class StudentFactory(grok.GlobalUtility):
362    """A factory for students.
363    """
364    grok.implements(IFactory)
365    grok.name(u'waeup.Student')
366    title = u"Create a new student.",
367    description = u"This factory instantiates new student instances."
368
369    def __call__(self, *args, **kw):
370        return Student()
371
372    def getInterfaces(self):
373        return implementedBy(Student)
374
375@grok.subscribe(IStudent, grok.IObjectAddedEvent)
376def handle_student_added(student, event):
377    """If a student is added all subcontainers are automatically added
378    and the transition create is fired. The latter produces a logging
379    message.
380    """
381    studycourse = createObject(u'waeup.StudentStudyCourse')
382    student['studycourse'] = studycourse
383    payments = StudentPaymentsContainer()
384    student['payments'] = payments
385    accommodation = StudentAccommodation()
386    student['accommodation'] = accommodation
387    # Assign global student role for new student
388    account = IUserAccount(student)
389    account.roles = ['waeup.Student']
390    # Assign local StudentRecordOwner role
391    role_manager = IPrincipalRoleManager(student)
392    role_manager.assignRoleToPrincipal(
393        'waeup.local.StudentRecordOwner', student.student_id)
394    if student.state is None:
395        IWorkflowInfo(student).fireTransition('create')
396    return
397
398def path_from_studid(student_id):
399    """Convert a student_id into a predictable relative folder path.
400
401    Used for storing files.
402
403    Returns the name of folder in which files for a particular student
404    should be stored. This is a relative path, relative to any general
405    students folder with 5 zero-padded digits (except when student_id
406    is overlong).
407
408    We normally map 1,000 different student ids into one single
409    path. For instance ``K1000000`` will give ``01000/K1000000``,
410    ``K1234567`` will give ``0123/K1234567`` and ``K12345678`` will
411    result in ``1234/K12345678``.
412
413    For lower numbers < 10**6 we return the same path for up to 10,000
414    student_ids. So for instance ``KM123456`` will result in
415    ``00120/KM123456`` (there will be no path starting with
416    ``00123``).
417
418    Works also with overlong number: here the leading zeros will be
419    missing but ``K123456789`` will give reliably
420    ``12345/K123456789`` as expected.
421    """
422    # remove all non numeric characters and turn this into an int.
423    num = int(RE_STUDID_NON_NUM.sub('', student_id))
424    if num < 10**6:
425        # store max. of 10000 studs per folder and correct num for 5 digits
426        num = num / 10000 * 10
427    else:
428        # store max. of 1000 studs per folder
429        num = num / 1000
430    # format folder name to have 5 zero-padded digits
431    folder_name = u'%05d' % num
432    folder_name = os.path.join(folder_name, student_id)
433    return folder_name
434
435def move_student_files(student, del_dir):
436    """Move files belonging to `student` to `del_dir`.
437
438    `del_dir` is expected to be the path to the site-wide directory
439    for storing backup data.
440
441    The current files of the student are removed after backup.
442
443    If the student has no associated files stored, nothing is done.
444    """
445    stud_id = student.student_id
446
447    src = getUtility(IExtFileStore).root
448    src = os.path.join(src, 'students', path_from_studid(stud_id))
449
450    dst = os.path.join(
451        del_dir, 'media', 'students', path_from_studid(stud_id))
452
453    if not os.path.isdir(src):
454        # Do not copy if no files were stored.
455        return
456    if not os.path.exists(dst):
457        os.makedirs(dst, 0755)
458    copy_filesystem_tree(src, dst)
459    shutil.rmtree(src)
460    return
461
462def update_student_deletion_csvs(student, del_dir):
463    """Update deletion CSV files with data from student.
464
465    `del_dir` is expected to be the path to the site-wide directory
466    for storing backup data.
467
468    Each exporter available for students (and their many subobjects)
469    is called in order to export CSV data of the given student to csv
470    files in the site-wide backup directory for object data (see
471    DataCenter).
472
473    Each exported row is appended a column giving the deletion date
474    (column `del_date`) as a UTC timestamp.
475    """
476
477    STUDENT_BACKUP_EXPORTER_NAMES = getUtility(
478        IStudentsUtils).STUDENT_BACKUP_EXPORTER_NAMES
479
480    for name in STUDENT_BACKUP_EXPORTER_NAMES:
481        exporter = getUtility(ICSVStudentExporter, name=name)
482        csv_data = exporter.export_student(student)
483        csv_data = csv_data.split('\r\n')
484
485        # append a deletion timestamp on each data row
486        timestamp = str(now().replace(microsecond=0)) # store UTC timestamp
487        for num, row in enumerate(csv_data[1:-1]):
488            csv_data[num+1] = csv_data[num+1] + ',' + timestamp
489        csv_path = os.path.join(del_dir, '%s.csv' % name)
490
491        # write data to CSV file
492        if not os.path.exists(csv_path):
493            # create new CSV file (including header line)
494            csv_data[0] = csv_data[0] + ',del_date'
495            open(csv_path, 'wb').write('\r\n'.join(csv_data))
496        else:
497            # append existing CSV file (omitting headerline)
498            open(csv_path, 'a').write('\r\n'.join(csv_data[1:]))
499    return
500
501@grok.subscribe(IStudent, grok.IObjectRemovedEvent)
502def handle_student_removed(student, event):
503    """If a student is removed a message is logged and data is put
504       into a backup location.
505
506    The data of the removed student is appended to CSV files in local
507    datacenter and any existing external files (passport images, etc.)
508    are copied over to this location as well.
509
510    Documents in the file storage refering to the given student are
511    removed afterwards (if they exist). Please make no assumptions
512    about how the deletion takes place. Files might be deleted
513    individually (leaving the students file directory intact) or the
514    whole student directory might be deleted completely.
515
516    All CSV rows created/appended contain a timestamp with the
517    datetime of removal in an additional `del_date` column.
518
519    XXX: blocking of used student_ids yet not implemented.
520    """
521    comment = 'Student record removed'
522    target = student.student_id
523    try:
524        site = grok.getSite()
525        site['students'].logger.info('%s - %s' % (
526            target, comment))
527    except KeyError:
528        # If we delete an entire university instance there won't be
529        # a students subcontainer
530        return
531
532    del_dir = site['datacenter'].deleted_path
533
534    if student.state == GRADUATED:
535        del_dir = site['datacenter'].graduated_path
536
537    # save files of the student
538    move_student_files(student, del_dir)
539
540    # update CSV files
541    update_student_deletion_csvs(student, del_dir)
542
543    # remove global role
544    role_manager = IPrincipalRoleManager(grok.getSite())
545    role_manager.unsetRoleForPrincipal('waeup.Student', student.student_id)
546    return
547
548#: The file id marker for student files
549STUDENT_FILE_STORE_NAME = 'file-student'
550
551class StudentFileNameChooser(grok.Adapter):
552    """A file id chooser for :class:`Student` objects.
553
554    `context` is an :class:`Student` instance.
555
556    The :class:`StudentImageNameChooser` can build/check file ids for
557    :class:`Student` objects suitable for use with
558    :class:`ExtFileStore` instances. The delivered file_id contains
559    the file id marker for :class:`Student` object and the student id
560    of the context student.
561
562    This chooser is registered as an adapter providing
563    :class:`waeup.kofa.interfaces.IFileStoreNameChooser`.
564
565    File store name choosers like this one are only convenience
566    components to ease the task of creating file ids for student
567    objects. You are nevertheless encouraged to use them instead of
568    manually setting up filenames for students.
569
570    .. seealso:: :mod:`waeup.kofa.imagestorage`
571
572    """
573    grok.context(IStudent)
574    grok.implements(IFileStoreNameChooser)
575
576    def checkName(self, name=None, attr=None):
577        """Check whether the given name is a valid file id for the context.
578
579        Returns ``True`` only if `name` equals the result of
580        :meth:`chooseName`.
581
582        """
583        return name == self.chooseName()
584
585    def chooseName(self, attr, name=None):
586        """Get a valid file id for student context.
587
588        *Example:*
589
590        For a student with student id ``'A123456'`` and
591        with attr ``'nice_image.jpeg'`` stored in
592        the students container this chooser would create:
593
594          ``'__file-student__students/A/A123456/nice_image_A123456.jpeg'``
595
596        meaning that the nice image of this applicant would be
597        stored in the site-wide file storage in path:
598
599          ``students/A/A123456/nice_image_A123456.jpeg``
600
601        """
602        basename, ext = os.path.splitext(attr)
603        stud_id = self.context.student_id
604        marked_filename = '__%s__%s/%s_%s%s' % (
605            STUDENT_FILE_STORE_NAME, path_from_studid(stud_id), basename,
606            stud_id, ext)
607        return marked_filename
608
609
610class StudentFileStoreHandler(DefaultFileStoreHandler, grok.GlobalUtility):
611    """Student specific file handling.
612
613    This handler knows in which path in a filestore to store student
614    files and how to turn this kind of data into some (browsable)
615    file object.
616
617    It is called from the global file storage, when it wants to
618    get/store a file with a file id starting with
619    ``__file-student__`` (the marker string for student files).
620
621    Like each other file store handler it does not handle the files
622    really (this is done by the global file store) but only computes
623    paths and things like this.
624    """
625    grok.implements(IFileStoreHandler)
626    grok.name(STUDENT_FILE_STORE_NAME)
627
628    def pathFromFileID(self, store, root, file_id):
629        """All student files are put in directory ``students``.
630        """
631        marker, filename, basename, ext = store.extractMarker(file_id)
632        sub_root = os.path.join(root, 'students')
633        return super(StudentFileStoreHandler, self).pathFromFileID(
634            store, sub_root, basename)
635
636    def createFile(self, store, root, filename, file_id, file):
637        """Create a browsable file-like object.
638        """
639        # call super method to ensure that any old files with
640        # different filename extension are deleted.
641        file, path, file_obj =  super(
642            StudentFileStoreHandler, self).createFile(
643            store, root,  filename, file_id, file)
644        return file, path, KofaImageFile(
645            file_obj.filename, file_obj.data)
Note: See TracBrowser for help on using the repository browser.