X-Git-Url: https://git.mdrn.pl/edumed.git/blobdiff_plain/4e108b153d4a15cb2641f25dc6dc506c77db9bca..b6836ce0cc2dce392a9f604b781d6430740ce1de:/stage2/views.py diff --git a/stage2/views.py b/stage2/views.py index 974e375..1116257 100644 --- a/stage2/views.py +++ b/stage2/views.py @@ -5,7 +5,10 @@ from django.http import Http404 from django.http.response import HttpResponseRedirect, HttpResponse, HttpResponseForbidden from django.shortcuts import get_object_or_404, render from django.utils import timezone +from django.utils.cache import patch_cache_control +from django.views.decorators.cache import never_cache from django.views.decorators.http import require_POST +from unidecode import unidecode from stage2.forms import AttachmentForm, MarkForm from stage2.models import Participant, Assignment, Answer, Attachment, Mark @@ -22,13 +25,17 @@ def all_assignments(participant): return assignments +@never_cache def participant_view(request, participant_id, key): participant = get_object_or_404(Participant, id=participant_id) if not participant.check(key): raise Http404 - return render(request, 'stage2/participant.html', { + response = render(request, 'stage2/participant.html', { 'participant': participant, 'assignments': all_assignments(participant)}) + # not needed in Django 1.8 + patch_cache_control(response, no_cache=True, no_store=True, must_revalidate=True) + return response @require_POST @@ -54,7 +61,8 @@ def upload(request, assignment_id, participant_id, key): def attachment_download(attachment): response = HttpResponse(content_type='application/force-download') response.write(attachment.file.read()) - response['Content-Disposition'] = 'attachment; filename="%s"' % attachment.filename() + # workaround to this: https://code.djangoproject.com/ticket/20889 + response['Content-Disposition'] = 'attachment; filename="%s"' % unidecode(attachment.filename().replace('\n', ' ')) response['Content-Length'] = response.tell() return response @@ -75,7 +83,7 @@ def get_file(request, assignment_id, file_no, participant_id, key): def assignment_list(request): assignments = request.user.stage2_assignments.all() if not assignments: - return HttpResponseForbidden() + return HttpResponseForbidden('Not allowed') for assignment in assignments: assignment.marked_count = Mark.objects.filter(expert=request.user, answer__assignment=assignment).count() assignment.to_mark_count = assignment.available_answers(request.user).count() @@ -109,7 +117,7 @@ def available_answers(assignment, expert, answer_with_errors=None, form_with_err def answer_list(request, assignment_id): assignment = get_object_or_404(Assignment, id=assignment_id) if request.user not in assignment.experts.all(): - return HttpResponseForbidden() + return HttpResponseForbidden('Not allowed') return render(request, 'stage2/answer_list.html', {'answers': available_answers(assignment, request.user), 'assignment': assignment}) @@ -118,7 +126,7 @@ def answer_list(request, assignment_id): def marked_answer_list(request, assignment_id): assignment = get_object_or_404(Assignment, id=assignment_id) if request.user not in assignment.experts.all(): - return HttpResponseForbidden() + return HttpResponseForbidden('Not allowed') return render(request, 'stage2/answer_list.html', { 'answers': available_answers(assignment, request.user, marked=True), 'assignment': assignment, @@ -137,9 +145,9 @@ def expert_download(request, attachment_id): def mark_answer(request, answer_id): answer = get_object_or_404(Answer, id=answer_id) if request.user not in answer.assignment.experts.all(): - return HttpResponseForbidden() + return HttpResponseForbidden('Not allowed') if answer.assignment.is_active(): - return HttpResponseForbidden() + return HttpResponseForbidden('Not allowed') mark, created = Mark.objects.get_or_create(answer=answer, expert=request.user, defaults={'points': 0}) form = MarkForm(data=request.POST, answer=answer, instance=mark, prefix='ans%s' % answer.id) if form.is_valid():