Mercurial Mercurial > py_tasks_melange / changeset
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | raw | zip | gz | bz2 | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Added check to prevent students from submitting more proposals then allowed by the program settings.
authorLennard de Rijk <ljvderijk@gmail.com>
Mon, 23 Mar 2009 20:05:00 +0000
changeset 1995 768f533d91e3
parent 1994 bf64992d08c4
child 1996 ae53f21abb9b
Added check to prevent students from submitting more proposals then allowed by the program settings. Patch by: Lennard de Rijk Reviewed by: to-be-reviewed
app/soc/views/helper/access.py file | annotate | diff | comparison | revisions
app/soc/views/models/student_proposal.py file | annotate | diff | comparison | revisions 
--- a/app/soc/views/helper/access.py	Mon Mar 23 08:44:29 2009 +0000
+++ b/app/soc/views/helper/access.py	Mon Mar 23 20:05:00 2009 +0000
@@ -124,6 +124,10 @@
 DEF_SIGN_UP_AS_STUDENT_MSG = ugettext(
     'You need to sign up as a Student first.')
 
+DEF_MAX_PROPOSALS_REACHED = ugettext(
+    'You have reached the maximum number of Proposals allowed '
+    'for this program.')
+
 DEF_NO_LIST_ACCESS_MSG = ugettext('You do not have the required rights to '
     'list documents for this scope and prefix.')
 
@@ -1286,13 +1290,15 @@
         message_fmt=DEF_NEED_ROLE_MSG)
 
   @allowDeveloper
-  def checkCanStudentPropose(self, django_args, key_location):
+  def checkCanStudentPropose(self, django_args, key_location, check_limit):
     """Checks if the program for this student accepts proposals.
 
     Args:
       django_args: a dictionary with django's arguments
       key_location: the key for django_args in which the key_name
                     from the student is stored
+      check_limit: iff true checks if the student reached the apps_tasks_limit
+                   for the given program.
     """
 
     self.checkIsUser(django_args)
@@ -1314,6 +1320,15 @@
                                           'student_signup'):
       raise out_of_band.AccessViolation(message_fmt=DEF_PAGE_INACTIVE_MSG)
 
+    if check_limit:
+      # count all studentproposals by the student
+      fields = {'scope': student_entity}
+      proposal_query = student_proposal_logic.getQueryForFields(fields)
+
+      if proposal_query.count() >= program_entity.apps_tasks_limit:
+        # too many proposals access denied
+        raise out_of_band.AccessViolation(message_fmt=DEF_MAX_PROPOSALS_REACHED)
+
     return
 
   @allowDeveloper
--- a/app/soc/views/models/student_proposal.py	Mon Mar 23 08:44:29 2009 +0000
+++ b/app/soc/views/models/student_proposal.py	Mon Mar 23 20:05:00 2009 +0000
@@ -64,7 +64,7 @@
 
     rights = access.Checker(params)
     rights['create'] = ['checkIsDeveloper']
-    rights['edit'] = [('checkCanStudentPropose', 'scope_path'),
+    rights['edit'] = [('checkCanStudentPropose', ['scope_path', False]),
         ('checkRoleAndStatusForStudentProposal',
             [['proposer'], ['active'], ['new', 'pending']])]
     rights['delete'] = ['checkIsDeveloper']
@@ -76,12 +76,12 @@
     rights['list'] = ['checkIsDeveloper']
     rights['list_orgs'] = [
         ('checkIsStudent', ['scope_path', ['active']]),
-        ('checkCanStudentPropose', 'scope_path')]
+        ('checkCanStudentPropose', ['scope_path', False])]
     rights['list_self'] = [
         ('checkIsStudent', ['scope_path', ['active', 'inactive']])]
     rights['apply'] = [
         ('checkIsStudent', ['scope_path', ['active']]),
-        ('checkCanStudentPropose', 'scope_path')]
+        ('checkCanStudentPropose', ['scope_path', True])]
     rights['review'] = [('checkRoleAndStatusForStudentProposal',
             [['org_admin', 'mentor', 'host'], 
             ['active'], ['new', 'pending']])]
py_tasks_melange