func roster(w http.ResponseWriter, r *http.Request) *webapp.Error { id, err := strconv.ParseInt(r.FormValue("class"), 10, 64) if err != nil { return invalidData(w, "Invalid class ID") } c := appengine.NewContext(r) class, err := classes.ClassWithID(c, id) if err != nil { return invalidData(w, "No such class.") } acct, ok := userContext(r) if !ok { return badRequest(w, "Must be logged in.") } staff, _ := staff.WithID(c, acct.ID) if !canViewRoster(staff, acct, class.TeacherEntity(c)) { return webapp.UnauthorizedError(fmt.Errorf("only staff or teachers can view rosters")) } classStudents := students.In(c, class, time.Now()) sort.Sort(students.ByName(classStudents)) token, err := storeNewToken(c, acct.ID, "/register/paper") if err != nil { return webapp.InternalError(fmt.Errorf("Failed to store token: %s", err)) } data := map[string]interface{}{ "Class": class, "Students": classStudents, "Token": token.Encode(), } if err := rosterPage.Execute(w, data); err != nil { return webapp.InternalError(err) } return nil }
func maybeOldStaff(c appengine.Context, a *account.Account, u *user.User) (*staff.Staff, error) { switch staffer, err := staff.WithID(c, a.ID); err { case nil: return staffer, nil case staff.ErrUserIsNotStaff: break default: return nil, err } staffer, err := staff.WithID(c, u.ID) if err != nil { return nil, err } c.Warningf("Found staff account under old ID %q", u.ID) if err := staffer.Delete(c); err != nil { return nil, fmt.Errorf("failed to delete old staff %q: %s", staffer.ID, err) } staffer.ID = a.ID if err := staffer.Store(c); err != nil { return nil, fmt.Errorf("failed to store new staff for %s: %s", a.Email, err) } return staffer, nil }