1667 @allowDeveloper |
1667 @allowDeveloper |
1668 def checkIsAllowedToTakeProjectSurveyAs(self, django_args, survey_logic, |
1668 def checkIsAllowedToTakeProjectSurveyAs(self, django_args, survey_logic, |
1669 role_name, project_key_location): |
1669 role_name, project_key_location): |
1670 """Checks whether a ProjectSurvey can be taken by the current User. |
1670 """Checks whether a ProjectSurvey can be taken by the current User. |
1671 |
1671 |
1672 role_name argument determines wether the current user should be the |
1672 role_name argument determines wether the current user is taking the survey |
1673 student or mentor specified by the project in GET dict. |
1673 as a student or mentor specified by the project in GET dict. |
|
1674 |
|
1675 If the survey is taken as a mentor, org admins for the Organization in |
|
1676 which the project resides will also have access. |
1674 |
1677 |
1675 However if the project entry is not present in the dictionary this access |
1678 However if the project entry is not present in the dictionary this access |
1676 check passes. |
1679 check passes. |
1677 |
1680 |
1678 Args: |
1681 Args: |
1684 """ |
1687 """ |
1685 |
1688 |
1686 if not role_name in ['mentor', 'student']: |
1689 if not role_name in ['mentor', 'student']: |
1687 raise InvalidArgumentError('role_name is not mentor or student') |
1690 raise InvalidArgumentError('role_name is not mentor or student') |
1688 |
1691 |
|
1692 # check if the current user is signed up |
|
1693 self.checkIsUser(django_args) |
|
1694 user_entity = self.user |
|
1695 |
1689 # get the project keyname from the GET dictionary |
1696 # get the project keyname from the GET dictionary |
1690 get_dict= django_args['GET'] |
1697 get_dict= django_args['GET'] |
1691 key_name = get_dict.get(project_key_location) |
1698 key_name = get_dict.get(project_key_location) |
1692 |
1699 |
1693 if not key_name: |
1700 if not key_name: |
1694 # no key name present so no need to deny access |
1701 # no key name present so no need to deny access |
1695 return |
1702 return |
1696 |
1703 |
1697 # retrieve the Student Project for the key |
1704 # retrieve the Student Project for the key |
1698 entity = student_project_logic.getFromKeyNameOr404(key_name) |
1705 project_entity = student_project_logic.getFromKeyNameOr404(key_name) |
1699 |
1706 |
1700 # TODO(ljvderijk) change this to cope with multiple surveys for one project |
|
1701 # check if a survey can be conducted about this project |
1707 # check if a survey can be conducted about this project |
1702 if entity.status != 'accepted': |
1708 if project_entity.status != 'accepted': |
1703 raise out_of_band.AccessViolation( |
1709 raise out_of_band.AccessViolation( |
1704 message_fmt=DEF_NOT_ALLOWED_PROJECT_FOR_SURVEY_MSG) |
1710 message_fmt=DEF_NOT_ALLOWED_PROJECT_FOR_SURVEY_MSG) |
1705 |
1711 |
1706 # get the correct role depending on the role_name |
1712 # get the correct role depending on the role_name |
1707 role_entity = getattr(entity, role_name) |
1713 if role_name == 'student': |
1708 user_entity = user_logic.getForCurrentAccount() |
1714 role_entity = project_entity.student |
|
1715 elif role_name == 'mentor': |
|
1716 role_entity = project_entity.mentor |
1709 |
1717 |
1710 # check if the role matches the current user |
1718 # check if the role matches the current user |
1711 if (not user_entity) or (role_entity.user.key() != user_entity.key()): |
1719 if role_entity.user.key() != user_entity.key(): |
1712 raise out_of_band.AccessViolation( |
1720 if role_name == 'student': |
1713 message_fmt=DEF_NOT_ALLOWED_PROJECT_FOR_SURVEY_MSG) |
1721 raise out_of_band.AccessViolation( |
1714 |
1722 message_fmt=DEF_NOT_ALLOWED_PROJECT_FOR_SURVEY_MSG) |
1715 # check if the role is active |
1723 elif role_name == 'mentor': |
1716 if role_entity.status != 'active': |
1724 # check if the current user is an Org Admin for this Student Project |
|
1725 fields = {'user': user_entity, |
|
1726 'scope': project_entity.scope, |
|
1727 'status': 'active'} |
|
1728 admin_entity = org_admin_logic.getForFields(fields, unique=True) |
|
1729 if not admin_entity: |
|
1730 # this user is no Org Admin or Mentor for this project |
|
1731 raise out_of_band.AccessViolation( |
|
1732 message_fmt=DEF_NOT_ALLOWED_PROJECT_FOR_SURVEY_MSG) |
|
1733 elif role_entity.status != 'active': |
|
1734 # this role is not active |
1717 raise out_of_band.AccessViolation(message_fmt=DEF_NEED_ROLE_MSG) |
1735 raise out_of_band.AccessViolation(message_fmt=DEF_NEED_ROLE_MSG) |
1718 |
1736 |
1719 return |
1737 return |
1720 |
1738 |
1721 @allowSidebar |
1739 @allowSidebar |