19 See soc.views.helper.access module. |
19 See soc.views.helper.access module. |
20 """ |
20 """ |
21 |
21 |
22 __authors__ = [ |
22 __authors__ = [ |
23 '"Madhusudan.C.S" <madhusudancs@gmail.com>', |
23 '"Madhusudan.C.S" <madhusudancs@gmail.com>', |
|
24 '"Daniel Hans" <daniel.m.hans@gmail.com>', |
24 '"Lennard de Rijk" <ljvderijk@gmail.com>', |
25 '"Lennard de Rijk" <ljvderijk@gmail.com>', |
25 ] |
26 ] |
26 |
27 |
27 |
28 |
28 from django.utils.translation import ugettext |
29 from django.utils.translation import ugettext |
29 |
30 |
30 from soc.logic.helper import timeline as timeline_helper |
31 from soc.logic.helper import timeline as timeline_helper |
31 from soc.logic.models import host as host_logic |
32 from soc.logic.models import host as host_logic |
32 from soc.logic.models import user as user_logic |
33 from soc.logic.models import user as user_logic |
33 from soc.views import out_of_band |
34 from soc.views import out_of_band |
34 from soc.views.helper import access |
35 from soc.views.helper import access |
35 |
36 |
36 from soc.modules.ghop.logic.models import mentor as ghop_mentor_logic |
37 from soc.modules.ghop.logic.models import mentor as ghop_mentor_logic |
70 """See soc.views.helper.access.Checker. |
71 """See soc.views.helper.access.Checker. |
71 """ |
72 """ |
72 |
73 |
73 @access.allowDeveloper |
74 @access.allowDeveloper |
74 @access.denySidebar |
75 @access.denySidebar |
75 def checkCanOrgAdminOrMentorEdit(self, django_args, |
76 def checkCanOrgAdminOrMentorEdit(self, django_args, |
76 key_location, check_limit): |
77 key_location, check_limit): |
77 """Checks if the mentors can create task for this program, |
78 """Checks if the mentors can create task for this program, |
78 and obeys the task quota limit assigned for their org when check_limit is |
79 and obeys the task quota limit assigned for their org when check_limit is |
79 True. |
80 True. |
80 |
81 |
81 Args: |
82 Args: |
82 django_args: a dictionary with django's arguments |
83 django_args: a dictionary with django's arguments |
83 key_location: the key for django_args in which the key_name |
84 key_location: the key for django_args in which the key_name |
84 from the mentor is stored |
85 from the mentor is stored |
85 check_limit: iff true checks if the organization reached the |
86 check_limit: iff true checks if the organization reached the |
86 task quota limit for the given program. |
87 task quota limit for the given program. |
87 """ |
88 """ |
88 |
89 |
89 self.checkIsUser(django_args) |
90 self.checkIsUser(django_args) |
90 |
91 |
94 'user': user_account, |
95 'user': user_account, |
95 'scope_path': django_args[key_location], |
96 'scope_path': django_args[key_location], |
96 'status': 'active' |
97 'status': 'active' |
97 } |
98 } |
98 |
99 |
99 role_entity = ghop_org_admin_logic.logic.getForFields( |
100 role_entity = ghop_org_admin_logic.logic.getForFields(filter, unique=True) |
100 filter, unique=True) |
|
101 if not role_entity: |
101 if not role_entity: |
102 role_entity = ghop_mentor_logic.logic.getForFields( |
102 role_entity = ghop_mentor_logic.logic.getForFields(filter, unique=True) |
103 filter, unique=True) |
|
104 |
103 |
105 if not role_entity: |
104 if not role_entity: |
106 raise out_of_band.AccessViolation( |
105 raise out_of_band.AccessViolation( |
107 message_fmt=DEF_SIGN_UP_AS_OA_MENTOR_MSG) |
106 message_fmt=DEF_SIGN_UP_AS_OA_MENTOR_MSG) |
108 |
107 |
109 program_entity = role_entity.program |
108 program_entity = role_entity.program |
110 |
109 |
111 if not timeline_helper.isActivePeriod(program_entity.timeline, |
110 if not timeline_helper.isActivePeriod(program_entity.timeline, 'program'): |
112 'program'): |
|
113 raise out_of_band.AccessViolation(message_fmt=DEF_PAGE_INACTIVE_MSG) |
111 raise out_of_band.AccessViolation(message_fmt=DEF_PAGE_INACTIVE_MSG) |
114 |
112 |
115 org_entity = role_entity.scope |
113 org_entity = role_entity.scope |
116 |
114 |
117 if check_limit: |
115 if check_limit: |
119 fields = {'scope': org_entity} |
117 fields = {'scope': org_entity} |
120 task_query = ghop_task_logic.logic.getQueryForFields(fields) |
118 task_query = ghop_task_logic.logic.getQueryForFields(fields) |
121 |
119 |
122 if task_query.count() >= org_entity.task_quota_limit: |
120 if task_query.count() >= org_entity.task_quota_limit: |
123 # too many tasks access denied |
121 # too many tasks access denied |
124 raise out_of_band.AccessViolation(message_fmt=DEF_MAX_TASKS_REACHED_MSG) |
122 raise out_of_band.AccessViolation( |
|
123 message_fmt=DEF_MAX_TASKS_REACHED_MSG) |
125 |
124 |
126 if 'link_id' in django_args: |
125 if 'link_id' in django_args: |
127 task_filter = { |
126 task_entity = ghop_task_logic.logic.getFromKeyFieldsOr404(django_args) |
128 'link_id': django_args['link_id'], |
|
129 'scope_path': django_args['scope_path'], |
|
130 } |
|
131 task_entity = ghop_task_logic.logic.getFromKeyFieldsOr404(task_filter) |
|
132 |
127 |
133 if task_entity.status not in ['Unapproved', 'Unpublished', 'Open']: |
128 if task_entity.status not in ['Unapproved', 'Unpublished', 'Open']: |
134 # task is claimed at least once |
129 # task is claimed at least once |
135 raise out_of_band.AccessViolation(message_fmt=DEF_CANT_EDIT_MSG) |
130 raise out_of_band.AccessViolation(message_fmt=DEF_CANT_EDIT_MSG) |
136 |
131 |
171 |
166 |
172 user_entity = self.user |
167 user_entity = self.user |
173 |
168 |
174 filter = { |
169 filter = { |
175 'user': user_entity, |
170 'user': user_entity, |
176 'status': role_status} |
171 'scope_path': django_args['scope_path'], |
|
172 'status': role_status |
|
173 } |
177 |
174 |
178 if 'host' in allowed_roles: |
175 if 'host' in allowed_roles: |
179 # check if the current user is a host for this proposal's program |
176 # check if the current user is a host for this proposal's program |
180 filter['scope'] = task_entity.program |
|
181 |
|
182 if host_logic.logic.getForFields(filter, unique=True): |
177 if host_logic.logic.getForFields(filter, unique=True): |
183 return |
178 return |
184 |
179 |
185 if 'ghop/org_admin' in allowed_roles: |
180 if 'ghop/org_admin' in allowed_roles: |
186 # check if the current user is an admin for this task's org |
181 # check if the current user is an admin for this task's org |
187 filter['scope_path'] = django_args['scope_path'] |
|
188 |
|
189 if ghop_org_admin_logic.logic.getForFields(filter, unique=True): |
182 if ghop_org_admin_logic.logic.getForFields(filter, unique=True): |
190 return |
183 return |
191 |
184 |
192 if 'ghop/mentor' in allowed_roles: |
185 if 'ghop/mentor' in allowed_roles: |
193 # check if the current user is a mentor for this task's org |
186 # check if the current user is a mentor for this task's org |
194 filter['scope_path'] = django_args['scope_path'] |
|
195 |
|
196 if ghop_mentor_logic.logic.getForFields(filter, unique=True): |
187 if ghop_mentor_logic.logic.getForFields(filter, unique=True): |
197 return |
188 return |
198 |
189 |
199 if 'public' in allowed_roles: |
190 if 'public' in allowed_roles: |
200 return |
191 return |
201 |
192 |
202 # no roles found, access denied |
193 # no roles found, access denied |
203 raise out_of_band.AccessViolation( |
194 raise out_of_band.AccessViolation(message_fmt=DEF_NEED_ROLE_MSG) |
204 message_fmt=DEF_NEED_ROLE_MSG) |
|
205 |
195 |
206 def checkStatusForTask(self, django_args): |
196 def checkStatusForTask(self, django_args): |
207 """Checks if the current user has access to the given task. |
197 """Checks if the current user has access to the given task. |
208 |
198 |
209 This method checks if the current user is either an GHOP Org Admin or a |
199 This method checks if the current user is either an GHOP Org Admin or a |