Ignore:
Timestamp:
15 Feb 2013, 09:21:12 (12 years ago)
Author:
Henrik Bettermann
Message:

Some universities bypass access code validation. We can now easily configure this by setting with_ac False.

Location:
main/waeup.kofa/trunk/src/waeup/kofa/students
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • main/waeup.kofa/trunk/src/waeup/kofa/students/browser.py

    r9938 r9952  
    20712071    pnav = 4
    20722072    buttonname = _('Start clearance now')
     2073    with_ac = True
    20732074
    20742075    @property
     
    20982099            self.redirect(self.url(self.context, 'edit_base'))
    20992100            return
    2100         self.ac_series = self.request.form.get('ac_series', None)
    2101         self.ac_number = self.request.form.get('ac_number', None)
    2102 
     2101        if self.with_ac:
     2102            self.ac_series = self.request.form.get('ac_series', None)
     2103            self.ac_number = self.request.form.get('ac_number', None)
    21032104        if SUBMIT is None:
    21042105            return
    2105         pin = '%s-%s-%s' % (self.ac_prefix, self.ac_series, self.ac_number)
    2106         code = get_access_code(pin)
    2107         if not code:
    2108             self.flash(_('Activation code is invalid.'))
    2109             return
    2110         if code.state == USED:
    2111             self.flash(_('Activation code has already been used.'))
    2112             return
    2113         # Mark pin as used (this also fires a pin related transition)
    2114         # and fire transition start_clearance
    2115         comment = _(u"invalidated")
    2116         # Here we know that the ac is in state initialized so we do not
    2117         # expect an exception, but the owner might be different
    2118         if not invalidate_accesscode(pin, comment, self.context.student_id):
    2119             self.flash(_('You are not the owner of this access code.'))
    2120             return
    2121         self.context.clr_code = pin
     2106        if self.with_ac:
     2107            pin = '%s-%s-%s' % (self.ac_prefix, self.ac_series, self.ac_number)
     2108            code = get_access_code(pin)
     2109            if not code:
     2110                self.flash(_('Activation code is invalid.'))
     2111                return
     2112            if code.state == USED:
     2113                self.flash(_('Activation code has already been used.'))
     2114                return
     2115            # Mark pin as used (this also fires a pin related transition)
     2116            # and fire transition start_clearance
     2117            comment = _(u"invalidated")
     2118            # Here we know that the ac is in state initialized so we do not
     2119            # expect an exception, but the owner might be different
     2120            if not invalidate_accesscode(pin, comment, self.context.student_id):
     2121                self.flash(_('You are not the owner of this access code.'))
     2122                return
     2123            self.context.clr_code = pin
    21222124        IWorkflowInfo(self.context).fireTransition('start_clearance')
    21232125        self.flash(_('Clearance process has been started.'))
     
    21942196    pnav = 4
    21952197    buttonname = _('Request clearance now')
     2198    with_ac = True
    21962199
    21972200    def update(self, SUBMIT=None):
    2198         self.ac_series = self.request.form.get('ac_series', None)
    2199         self.ac_number = self.request.form.get('ac_number', None)
     2201        if self.with_ac:
     2202            self.ac_series = self.request.form.get('ac_series', None)
     2203            self.ac_number = self.request.form.get('ac_number', None)
    22002204        if SUBMIT is None:
    22012205            return
    2202         pin = '%s-%s-%s' % (self.ac_prefix, self.ac_series, self.ac_number)
    2203         if self.context.clr_code and self.context.clr_code != pin:
    2204             self.flash(_("This isn't your CLR access code."))
    2205             return
     2206        if self.with_ac:
     2207            pin = '%s-%s-%s' % (self.ac_prefix, self.ac_series, self.ac_number)
     2208            if self.context.clr_code and self.context.clr_code != pin:
     2209                self.flash(_("This isn't your CLR access code."))
     2210                return
    22062211        state = IWorkflowState(self.context).getState()
    22072212        if state != CLEARANCE:
     
    22252230    pnav = 4
    22262231    buttonname = _('Start now')
     2232    with_ac = True
    22272233
    22282234    def update(self, SUBMIT=None):
     
    22352241            self.redirect(self.url(self.context))
    22362242            return
    2237         self.ac_series = self.request.form.get('ac_series', None)
    2238         self.ac_number = self.request.form.get('ac_number', None)
    2239 
     2243        if self.with_ac:
     2244            self.ac_series = self.request.form.get('ac_series', None)
     2245            self.ac_number = self.request.form.get('ac_number', None)
    22402246        if SUBMIT is None:
    22412247            return
    2242         pin = '%s-%s-%s' % (self.ac_prefix, self.ac_series, self.ac_number)
    2243         code = get_access_code(pin)
    2244         if not code:
    2245             self.flash(_('Activation code is invalid.'))
    2246             return
    2247         # Mark pin as used (this also fires a pin related transition)
    2248         if code.state == USED:
    2249             self.flash(_('Activation code has already been used.'))
    2250             return
    2251         else:
    2252             comment = _(u"invalidated")
    2253             # Here we know that the ac is in state initialized so we do not
    2254             # expect an error, but the owner might be different
    2255             if not invalidate_accesscode(
    2256                 pin,comment,self.context.student.student_id):
    2257                 self.flash(_('You are not the owner of this access code.'))
     2248        if self.with_ac:
     2249            pin = '%s-%s-%s' % (self.ac_prefix, self.ac_series, self.ac_number)
     2250            code = get_access_code(pin)
     2251            if not code:
     2252                self.flash(_('Activation code is invalid.'))
    22582253                return
     2254            # Mark pin as used (this also fires a pin related transition)
     2255            if code.state == USED:
     2256                self.flash(_('Activation code has already been used.'))
     2257                return
     2258            else:
     2259                comment = _(u"invalidated")
     2260                # Here we know that the ac is in state initialized so we do not
     2261                # expect an error, but the owner might be different
     2262                if not invalidate_accesscode(
     2263                    pin,comment,self.context.student.student_id):
     2264                    self.flash(_('You are not the owner of this access code.'))
     2265                    return
    22592266        try:
    22602267            if self.context.student.state == CLEARED:
  • main/waeup.kofa/trunk/src/waeup/kofa/students/browser_templates/enterpin.pt

    r9321 r9952  
    11<form method="POST" i18n:domain="waeup.kofa">
    2   <table class="form-table">
     2  <table class="form-table" tal:condition="view/with_ac">
    33    <tbody>
    44      <tr>
     
    3030    </tbody>
    3131  </table>
     32
     33  <span tal:omit-tag="" tal:condition="not: view/with_ac">
     34    <p i18n:translate="">
     35      Your data have been approved. You can continue by
     36      clicking the button below.
     37    </p>
     38    <input type="submit" name="SUBMIT" class="btn primary"
     39           tal:attributes="value view/buttonname" />
     40  </span>
    3241</form>
Note: See TracChangeset for help on using the changeset viewer.