func roster(w http.ResponseWriter, r *http.Request) *webapp.Error {
id, err := strconv.ParseInt(r.FormValue("class"), 10, 64)
if err != nil {
return invalidData(w, "Invalid class ID")
}
c := appengine.NewContext(r)
class, err := classes.ClassWithID(c, id)
if err != nil {
return invalidData(w, "No such class.")
}
acct, ok := userContext(r)
if !ok {
return badRequest(w, "Must be logged in.")
}
staff, _ := staff.WithID(c, acct.ID)
if !canViewRoster(staff, acct, class.TeacherEntity(c)) {
return webapp.UnauthorizedError(fmt.Errorf("only staff or teachers can view rosters"))
}
classStudents := students.In(c, class, time.Now())
sort.Sort(students.ByName(classStudents))
token, err := storeNewToken(c, acct.ID, "/register/paper")
if err != nil {
return webapp.InternalError(fmt.Errorf("Failed to store token: %s", err))
}
data := map[string]interface{}{
"Class": class,
"Students": classStudents,
"Token": token.Encode(),
}
if err := rosterPage.Execute(w, data); err != nil {
return webapp.InternalError(err)
}
return nil
}
func maybeOldStaff(c appengine.Context, a *account.Account, u *user.User) (*staff.Staff, error) {
switch staffer, err := staff.WithID(c, a.ID); err {
case nil:
return staffer, nil
case staff.ErrUserIsNotStaff:
break
default:
return nil, err
}
staffer, err := staff.WithID(c, u.ID)
if err != nil {
return nil, err
}
c.Warningf("Found staff account under old ID %q", u.ID)
if err := staffer.Delete(c); err != nil {
return nil, fmt.Errorf("failed to delete old staff %q: %s", staffer.ID, err)
}
staffer.ID = a.ID
if err := staffer.Store(c); err != nil {
return nil, fmt.Errorf("failed to store new staff for %s: %s", a.Email, err)
}
return staffer, nil
}
