Merge branch 'master' into SKIL-529

.gitignore

@@ -41,6 +41,7 @@ package-lock.json
 BackEndFlask/logs/all.log
 BackEndFlask/models/hidden.py
 BackEndFlask/logs/all.log
+BackEndFlask/.env
 .vscode
 
 # Nginx configuration files

BackEndFlask/.env

@@ -4,3 +4,7 @@ DEMO_ADMIN_PASSWORD=demo_admin
 DEMO_TA_INSTRUCTOR_PASSWORD=demo_ta
 DEMO_STUDENT_PASSWORD=demo_student
 SECRET_KEY=Thisissupposedtobesecret!
+MYSQL_HOST=localhost:3306
+MYSQL_USER=rubricapp_admin
+MYSQL_PASSWORD=ThisReallyNeedsToBeASecret1!
+MYSQL_DATABASE=rubricapp

BackEndFlask/.gitignore

@@ -17,4 +17,5 @@ Functions/test.py
 Models/hidden.py
 dump.rdb
 BackEndFlaskVenv
-Test
+Test
+.env

BackEndFlask/controller/Routes/Assessment_task_routes.py

@@ -8,8 +8,12 @@
 from models.role   import get_role
 from controller.Route_response import *
 from models.user_course import get_user_courses_by_user_id
+
 from flask_jwt_extended import jwt_required
-from controller.security.CustomDecorators import AuthCheck, bad_token_check
+from controller.security.CustomDecorators import (
+    AuthCheck, bad_token_check,
+    admin_check
+)
 
 from models.assessment_task import (
     get_assessment_tasks_by_course_id,
@@ -173,6 +177,7 @@ def get_one_assessment_task():
 @jwt_required()
 @bad_token_check()
 @AuthCheck()
+@admin_check()
 def add_assessment_task():
     try:
         new_assessment_task = create_assessment_task(request.json)
@@ -192,6 +197,7 @@ def add_assessment_task():
 @jwt_required()
 @bad_token_check()
 @AuthCheck()
+@admin_check()
 def update_assessment_task():
     try:
         if request.args and request.args.get("notification"):
@@ -256,6 +262,7 @@ def update_assessment_task():
 @jwt_required()
 @bad_token_check()
 @AuthCheck()
+@admin_check()
 def copy_course_assessments():
     try:
         source_course_id = request.args.get('source_course_id')

BackEndFlask/controller/Routes/Bulk_upload_routes.py

@@ -10,12 +10,17 @@
 import shutil
 from controller.Route_response import create_bad_response, create_good_response
 from flask_jwt_extended import jwt_required
-from controller.security.CustomDecorators import AuthCheck, bad_token_check
+
+from controller.security.CustomDecorators import (
+    AuthCheck, bad_token_check,
+    admin_check
+)
 
 @bp.route('/bulk_upload', methods = ['POST'])
 @jwt_required()
 @bad_token_check()
 @AuthCheck()
+@admin_check()
 def upload_CSV():
     try:
         file = request.files['csv_file']

BackEndFlask/controller/Routes/Checkin_routes.py

@@ -67,7 +67,7 @@ def get_checked_in():
     except Exception as e:
         return create_bad_response(f"An error occurred getting checked in user {e}", "checkin", 400)
 
-@bp.route('/checkin_events', methods = ['GET'])
+@bp.route('/checkin_events', methods = ['GET']) 
 @jwt_required()
 @bad_token_check()
 @AuthCheck()

BackEndFlask/controller/Routes/Completed_assessment_routes.py

@@ -3,7 +3,11 @@
 from controller.Route_response import *
 from flask_jwt_extended import jwt_required
 from models.assessment_task import get_assessment_task
-from controller.security.CustomDecorators import AuthCheck, bad_token_check
+
+from controller.security.CustomDecorators import (
+    AuthCheck, bad_token_check,
+    admin_check
+)
 
 from models.completed_assessment import (
     get_completed_assessments,
@@ -105,6 +109,10 @@ def get_all_completed_assessments():
 
             get_assessment_task(assessment_task_id)  # Trigger an error if not exists.
             completed_assessments = get_completed_assessment_with_team_name(assessment_task_id)
+
+            if not completed_assessments:
+                completed_assessments = get_completed_assessment_with_user_name(assessment_task_id)
+
             completed_count = get_completed_assessment_count(assessment_task_id)
             result = [
                 {**completed_assessment_schema.dump(assessment), 'completed_count': completed_count}
@@ -173,6 +181,7 @@ def add_completed_assessment():
 @jwt_required()
 @bad_token_check()
 @AuthCheck()
+@admin_check()
 def update_completed_assessment():
     try:
         completed_assessment_id = request.args.get("completed_assessment_id")

BackEndFlask/controller/Routes/Course_routes.py

@@ -2,7 +2,11 @@
 from controller import bp
 from controller.Route_response import *
 from flask_jwt_extended import jwt_required
-from controller.security.CustomDecorators import AuthCheck, bad_token_check
+
+from controller.security.CustomDecorators import( 
+    AuthCheck, bad_token_check,
+    admin_check
+)
 
 from models.course import(
     get_course,
@@ -76,6 +80,7 @@ def get_one_course():
 @jwt_required()
 @bad_token_check()
 @AuthCheck()
+@admin_check()
 def add_course():
     try:
         new_course = create_course(request.json)
@@ -98,6 +103,7 @@ def add_course():
 @jwt_required()
 @bad_token_check()
 @AuthCheck()
+@admin_check()
 def update_course():
     try:
         course_id = request.args.get("course_id")

BackEndFlask/controller/Routes/Csv_routes.py

@@ -8,16 +8,20 @@
 from controller import bp
 from controller.Route_response import *
 from flask_jwt_extended import jwt_required
-from controller.security.CustomDecorators import AuthCheck, bad_token_check
 from Functions.exportCsv import create_csv_strings
 from models.assessment_task import get_assessment_task
 from models.user import get_user
 
+from controller.security.CustomDecorators import (
+    AuthCheck, bad_token_check, 
+    admin_check
+)
 
 @bp.route('/csv_assessment_export', methods = ['GET'])
 @jwt_required()
 @bad_token_check()
 @AuthCheck()
+@admin_check()
 def get_completed_assessment_csv() -> dict:
     """
     Description:

BackEndFlask/controller/Routes/Rating_routes.py

@@ -6,12 +6,17 @@
 from models.completed_assessment import *
 from models.queries import get_individual_ratings
 from flask_jwt_extended import jwt_required
-from controller.security.CustomDecorators import AuthCheck, bad_token_check
+
+from controller.security.CustomDecorators import (
+    AuthCheck, bad_token_check,
+    admin_check
+)
 
 @bp.route("/rating", methods=["GET"])
 @jwt_required()
 @bad_token_check()
 @AuthCheck()
+@admin_check()
 def get_student_individual_ratings():
     """
         Description:
@@ -53,6 +58,7 @@ def get_student_individual_ratings():
 @jwt_required()
 @bad_token_check()
 @AuthCheck()
+@admin_check()
 def student_view_feedback(): 
     """
         Description:

BackEndFlask/controller/Routes/Refresh_route.py

@@ -5,6 +5,7 @@
 from controller.Route_response import *
 from flask_jwt_extended import jwt_required, create_access_token
 from controller.security.CustomDecorators import AuthCheck, bad_token_check
+import datetime
 
 @bp.route('/refresh', methods=['POST'])
 @jwt_required(refresh=True)
@@ -14,7 +15,7 @@ def refresh_token():
     try:
         user_id = int(request.args.get('user_id'))
         user = user_schema.dump(get_user(user_id))
-        jwt = create_access_token([user_id])
+        jwt = create_access_token([user_id], fresh=datetime.timedelta(minutes=60), expires_delta=datetime.timedelta(minutes=60))
         return create_good_response(user, 200, "user", jwt)
     except:
         return create_bad_response("Bad request: user_id must be provided", "user", 400)

BackEndFlask/controller/Routes/Rubric_routes.py

@@ -6,11 +6,15 @@
 from models.rubric   import get_rubric, get_rubrics, create_rubric, delete_rubric_by_id
 from models.category import get_categories_per_rubric, get_categories, get_ratings_by_category
 from models.suggestions import get_suggestions_per_category
-from controller.security.CustomDecorators import AuthCheck, bad_token_check
 from models.observable_characteristics import get_observable_characteristic_per_category
 from models.queries import get_rubrics_and_total_categories, get_rubrics_and_total_categories_for_user_id, get_categories_for_user_id
 from models.user import get_user
 
+from controller.security.CustomDecorators import( 
+    AuthCheck, bad_token_check,
+    admin_check
+)
+
 @bp.route('/rubric', methods = ['GET'])
 @jwt_required()
 @bad_token_check()
@@ -103,6 +107,7 @@ def get_all_rubrics():
 @jwt_required()
 @bad_token_check()
 @AuthCheck()
+@admin_check()
 def add_rubric(): 
     # expects to recieve a json object with all two fields.
     # one named 'rubric' holds all the fields for a rubric (except rubric_id)
@@ -161,6 +166,7 @@ def get_all_categories():
 @jwt_required()
 @bad_token_check()
 @AuthCheck()
+@admin_check()
 def edit_rubric():
     try: 
         if request.args and request.args.get("rubric_id"):
@@ -197,6 +203,7 @@ def edit_rubric():
 @jwt_required()
 @bad_token_check()
 @AuthCheck()
+@admin_check()
 def delete_rubric():
     try:
         if request.args and request.args.get("rubric_id"):

BackEndFlask/controller/Routes/Team_bulk_upload_routes.py

@@ -10,12 +10,17 @@
 from Functions import customExceptions
 from controller.Route_response import *
 from flask_jwt_extended import jwt_required
-from controller.security.CustomDecorators import AuthCheck, bad_token_check
+
+from controller.security.CustomDecorators import (
+    AuthCheck, bad_token_check,
+    admin_check
+)
 
 @bp.route('/team_bulk_upload', methods=['POST'])
 @jwt_required()
 @bad_token_check()
 @AuthCheck()
+@admin_check()
 def upload_team_csv():
     try:
         file = request.files['csv_file']

BackEndFlask/controller/Routes/Team_routes.py

@@ -14,7 +14,12 @@
 from models.assessment_task import get_assessment_tasks_by_team_id
 from models.completed_assessment import completed_assessment_team_or_user_exists
 from models.team_user import *
-from controller.security.CustomDecorators import AuthCheck, bad_token_check
+
+from controller.security.CustomDecorators import(
+    AuthCheck, bad_token_check,
+    admin_check
+)
+
 from models.queries import (
     get_team_by_course_id_and_user_id,
     get_all_nonfull_adhoc_teams
@@ -110,6 +115,7 @@ def get_nonfull_adhoc_teams():
 @jwt_required()
 @bad_token_check()
 @AuthCheck()
+@admin_check()
 def add_team():
     try:
         new_team = create_team(request.json)
@@ -124,6 +130,7 @@ def add_team():
 @jwt_required()
 @bad_token_check()
 @AuthCheck()
+@admin_check()
 def update_team():
     try:
         team_id = request.args.get("team_id")
@@ -139,6 +146,7 @@ def update_team():
 @jwt_required()
 @bad_token_check()
 @AuthCheck()
+@admin_check()
 def update_team_user_by_edit():
     try:
         data = request.get_json()

BackEndFlask/controller/Routes/Upload_csv_routes.py

@@ -8,12 +8,17 @@
 from controller.Route_response import *
 from flask_jwt_extended import jwt_required
 import Functions.studentImport as studentImport
-from controller.security.CustomDecorators import AuthCheck, bad_token_check
+
+from controller.security.CustomDecorators import (
+    AuthCheck, bad_token_check,
+    admin_check
+)
 
 @bp.route('/studentbulkuploadcsv', methods = ['POST'])
 @jwt_required()
 @bad_token_check()
 @AuthCheck()
+@admin_check()
 def student_bulk_upload_csv():
     try:
         file = request.files['csv_file']

BackEndFlask/controller/Routes/User_routes.py

@@ -2,7 +2,11 @@
 from controller  import bp
 from controller.Route_response import *
 from flask_jwt_extended import jwt_required
-from controller.security.CustomDecorators import AuthCheck, bad_token_check
+
+from controller.security.CustomDecorators import( 
+    AuthCheck, bad_token_check, 
+    admin_check
+)
 
 from models.role import (
     get_role
@@ -186,6 +190,7 @@ def get_all_team_members():
 @jwt_required()
 @bad_token_check()
 @AuthCheck()
+@admin_check()
 def add_user():
     try:
         if(request.args and request.args.get("team_id")):
@@ -247,6 +252,7 @@ def add_user():
 @jwt_required()
 @bad_token_check()
 @AuthCheck()
+@admin_check()
 def update_user():
     try:
         if(request.args and request.args.get("uid") and request.args.get("course_id")):
@@ -305,6 +311,7 @@ def update_user():
 @jwt_required()
 @bad_token_check()
 @AuthCheck()
+@admin_check()
 def delete_user():
     try:
         if request.args and request.args.get("uid"):