Mercurial Mercurial > py_tasks_melange / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
app/soc/views/helper/access.py
changeset 2732 16ba61efc108
parent 2717 fdde098394a7
child 2733 054a2227249c
equal deleted inserted replaced
2731:4d143278f9a0 2732:16ba61efc108 
  1667   @allowDeveloper
 
  1667   @allowDeveloper
 
  1668   def checkIsAllowedToTakeProjectSurveyAs(self, django_args, survey_logic,
 
  1668   def checkIsAllowedToTakeProjectSurveyAs(self, django_args, survey_logic,
 
  1669                                           role_name, project_key_location):
 
  1669                                           role_name, project_key_location):
 
  1670     """Checks whether a ProjectSurvey can be taken by the current User.
 
  1670     """Checks whether a ProjectSurvey can be taken by the current User.
 
  1671 
  1671 
  1672     role_name argument determines wether the current user should be the
 
  1672     role_name argument determines wether the current user is taking the survey
 
  1673     student or mentor specified by the project in GET dict.
 
  1673     as a student or mentor specified by the project in GET dict.
 
       
  1674 
       
  1675     If the survey is taken as a mentor, org admins for the Organization in
 
       
  1676     which the project resides will also have access.
 
  1674 
  1677 
  1675     However if the project entry is not present in the dictionary this access
 
  1678     However if the project entry is not present in the dictionary this access
 
  1676     check passes.
 
  1679     check passes.
 
  1677 
  1680 
  1678     Args:
 
  1681     Args:
 
  1684     """
 
  1687     """
 
  1685 
  1688 
  1686     if not role_name in ['mentor', 'student']:
 
  1689     if not role_name in ['mentor', 'student']:
 
  1687       raise InvalidArgumentError('role_name is not mentor or student')
 
  1690       raise InvalidArgumentError('role_name is not mentor or student')
 
  1688 
  1691 
       
  1692     # check if the current user is signed up
 
       
  1693     self.checkIsUser(django_args)
 
       
  1694     user_entity = self.user
 
       
  1695 
  1689     # get the project keyname from the GET dictionary
 
  1696     # get the project keyname from the GET dictionary
 
  1690     get_dict= django_args['GET']
 
  1697     get_dict= django_args['GET']
 
  1691     key_name = get_dict.get(project_key_location)
 
  1698     key_name = get_dict.get(project_key_location)
 
  1692 
  1699 
  1693     if not key_name:
 
  1700     if not key_name:
 
  1694       # no key name present so no need to deny access
 
  1701       # no key name present so no need to deny access
 
  1695       return
 
  1702       return
 
  1696 
  1703 
  1697     # retrieve the Student Project for the key
 
  1704     # retrieve the Student Project for the key
 
  1698     entity = student_project_logic.getFromKeyNameOr404(key_name)
 
  1705     project_entity = student_project_logic.getFromKeyNameOr404(key_name)
 
  1699 
  1706 
  1700     # TODO(ljvderijk) change this to cope with multiple surveys for one project
 
       
  1701     # check if a survey can be conducted about this project
 
  1707     # check if a survey can be conducted about this project
 
  1702     if entity.status != 'accepted':
 
  1708     if project_entity.status != 'accepted':
 
  1703       raise out_of_band.AccessViolation(
 
  1709       raise out_of_band.AccessViolation(
 
  1704           message_fmt=DEF_NOT_ALLOWED_PROJECT_FOR_SURVEY_MSG)
 
  1710           message_fmt=DEF_NOT_ALLOWED_PROJECT_FOR_SURVEY_MSG)
 
  1705 
  1711 
  1706     # get the correct role depending on the role_name
 
  1712     # get the correct role depending on the role_name
 
  1707     role_entity = getattr(entity, role_name)
 
  1713     if role_name == 'student':
 
  1708     user_entity = user_logic.getForCurrentAccount()
 
  1714       role_entity = project_entity.student
 
       
  1715     elif role_name == 'mentor':
 
       
  1716       role_entity = project_entity.mentor
 
  1709 
  1717 
  1710     # check if the role matches the current user
 
  1718     # check if the role matches the current user
 
  1711     if (not user_entity) or (role_entity.user.key() != user_entity.key()):
 
  1719     if role_entity.user.key() != user_entity.key():
 
  1712       raise out_of_band.AccessViolation(
 
  1720       if role_name == 'student':
 
  1713           message_fmt=DEF_NOT_ALLOWED_PROJECT_FOR_SURVEY_MSG)
 
  1721         raise out_of_band.AccessViolation(
 
  1714 
  1722             message_fmt=DEF_NOT_ALLOWED_PROJECT_FOR_SURVEY_MSG)
 
  1715     # check if the role is active
 
  1723       elif role_name == 'mentor':
 
  1716     if role_entity.status != 'active':
 
  1724         # check if the current user is an Org Admin for this Student Project
 
       
  1725         fields = {'user': user_entity,
 
       
  1726                   'scope': project_entity.scope,
 
       
  1727                   'status': 'active'}
 
       
  1728         admin_entity = org_admin_logic.getForFields(fields, unique=True)
 
       
  1729         if not admin_entity:
 
       
  1730           # this user is no Org Admin or Mentor for this project
 
       
  1731           raise out_of_band.AccessViolation(
 
       
  1732               message_fmt=DEF_NOT_ALLOWED_PROJECT_FOR_SURVEY_MSG)
 
       
  1733     elif role_entity.status != 'active':
 
       
  1734       # this role is not active
 
  1717       raise out_of_band.AccessViolation(message_fmt=DEF_NEED_ROLE_MSG)
 
  1735       raise out_of_band.AccessViolation(message_fmt=DEF_NEED_ROLE_MSG)
 
  1718 
  1736 
  1719     return
 
  1737     return
 
  1720 
  1738 
  1721   @allowSidebar
 
  1739   @allowSidebar
py_tasks_melange