53 from soc.logic.models.request import logic as request_logic |
53 from soc.logic.models.request import logic as request_logic |
54 from soc.logic.models.role import logic as role_logic |
54 from soc.logic.models.role import logic as role_logic |
55 from soc.logic.models.site import logic as site_logic |
55 from soc.logic.models.site import logic as site_logic |
56 from soc.logic.models.sponsor import logic as sponsor_logic |
56 from soc.logic.models.sponsor import logic as sponsor_logic |
57 from soc.logic.models.student import logic as student_logic |
57 from soc.logic.models.student import logic as student_logic |
|
58 from soc.logic.models.student_proposal import logic as student_proposal_logic |
58 from soc.logic.models.timeline import logic as timeline_logic |
59 from soc.logic.models.timeline import logic as timeline_logic |
59 from soc.logic.models.user import logic as user_logic |
60 from soc.logic.models.user import logic as user_logic |
60 from soc.views.helper import redirects |
61 from soc.views.helper import redirects |
61 from soc.views import helper |
62 from soc.views import helper |
62 from soc.views import out_of_band |
63 from soc.views import out_of_band |
990 raise out_of_band.AccessViolation( |
994 raise out_of_band.AccessViolation( |
991 message_fmt=DEF_ALREADY_STUDENT_ROLE_MSG) |
995 message_fmt=DEF_ALREADY_STUDENT_ROLE_MSG) |
992 |
996 |
993 return |
997 return |
994 |
998 |
|
999 @allowDeveloper |
|
1000 def checkRoleAndStatusForStudentProposal(self, django_args, allowed_roles, |
|
1001 role_status, proposal_status): |
|
1002 """Checks if the current user has access to the given proposal. |
|
1003 |
|
1004 Args: |
|
1005 django_args: a dictionary with django's arguments |
|
1006 allowed_roles: list with names for the roles allowed to pass access check |
|
1007 role_status: list with states allowed for the role |
|
1008 proposal_status: a list with states allowed for the proposal |
|
1009 |
|
1010 Raises: |
|
1011 AccessViolationResponse: |
|
1012 - If there is no proposal found |
|
1013 - If the proposal is not in one of the required states. |
|
1014 - If the user does not have any ofe the required roles |
|
1015 """ |
|
1016 |
|
1017 self.checkIsUser(django_args) |
|
1018 |
|
1019 # bail out with 404 if no proposal is found |
|
1020 proposal_entity = student_proposal_logic.getFromKeyFieldsOr404(django_args) |
|
1021 |
|
1022 if not proposal_entity.status in proposal_status: |
|
1023 # this proposal can not be accessed at the moment |
|
1024 raise out_of_band.AccessViolation( |
|
1025 message_fmt=DEF_NO_ACTIVE_ENTITY_MSG) |
|
1026 |
|
1027 user_entity = self.user |
|
1028 |
|
1029 if 'proposer' in allowed_roles: |
|
1030 # check if this proposal belongs to the current user |
|
1031 student_entity = proposal_entity.scope |
|
1032 if (user_entity.key() == student_entity.user.key()) and ( |
|
1033 student_entity.status in role_status): |
|
1034 return |
|
1035 |
|
1036 filter = {'user': user_entity, |
|
1037 'status': role_status} |
|
1038 |
|
1039 if 'host' in allowed_roles: |
|
1040 # check if the current user is a host for this proposal's program |
|
1041 filter['scope'] = proposal_entity.program |
|
1042 |
|
1043 if host_logic.getForFields(filter, unique=True): |
|
1044 return |
|
1045 |
|
1046 if 'org_admin' in allowed_roles: |
|
1047 # check if the current user is an admin for this proposal's org |
|
1048 filter['scope'] = proposal_entity.org |
|
1049 |
|
1050 if org_admin_logic.getForFields(filter, unique=True): |
|
1051 return |
|
1052 |
|
1053 if 'mentor' in allowed_roles: |
|
1054 # check if the current user is a mentor for this proposal's org |
|
1055 filter['scope'] = proposal_entity.org |
|
1056 |
|
1057 if mentor_logic.getForFields(filter, unique=True): |
|
1058 return |
|
1059 |
|
1060 # no roles found, access denied |
|
1061 raise out_of_band.AccessViolation( |
|
1062 message_fmt=DEF_NEED_ROLE_MSG) |
|
1063 |
|
1064 @allowDeveloper |
|
1065 def checkCanStudentPropose(self, django_args, key_location): |
|
1066 """Checks if the program for this student accepts proposals. |
|
1067 |
|
1068 Args: |
|
1069 django_args: a dictionary with django's arguments |
|
1070 key_location: the key for django_args in which the key_name |
|
1071 from the student is stored |
|
1072 """ |
|
1073 |
|
1074 self.checkIsUser(django_args) |
|
1075 |
|
1076 if 'seed' in django_args: |
|
1077 key_name = django_args['seed'][key_location] |
|
1078 else: |
|
1079 key_name = django_args[key_location] |
|
1080 |
|
1081 student_entity = student_logic.getFromKeyName(key_name) |
|
1082 |
|
1083 if not student_entity or student_entity.status == 'invalid': |
|
1084 raise out_of_band.AccessViolation( |
|
1085 message_fmt=DEF_SIGN_UP_AS_STUDENT_MSG) |
|
1086 |
|
1087 program_entity = student_entity.scope |
|
1088 |
|
1089 if not timeline_helper.isActivePeriod(program_entity.timeline, |
|
1090 'student_signup'): |
|
1091 raise out_of_band.AccessViolation(message_fmt=DEF_PAGE_INACTIVE_MSG) |
|
1092 |
|
1093 return |
|
1094 |
|
1095 @allowDeveloper |
|
1096 def checkIsStudent(self, django_args, key_location, status): |
|
1097 """Checks if the current user is the given student. |
|
1098 |
|
1099 Args: |
|
1100 django_args: a dictionary with django's arguments |
|
1101 key_location: the key for django_args in which the key_name |
|
1102 from the student is stored |
|
1103 status: the allowed status for the student |
|
1104 """ |
|
1105 |
|
1106 self.checkIsUser(django_args) |
|
1107 |
|
1108 if 'seed' in django_args: |
|
1109 key_name = django_args['seed'][key_location] |
|
1110 else: |
|
1111 key_name = django_args[key_location] |
|
1112 |
|
1113 student_entity = student_logic.getFromKeyName(key_name) |
|
1114 |
|
1115 if not student_entity or student_entity.status not in status: |
|
1116 raise out_of_band.AccessViolation( |
|
1117 message_fmt=DEF_SIGN_UP_AS_STUDENT_MSG) |
|
1118 |
|
1119 if student_entity.user.key() != self.user.key(): |
|
1120 # this is not the page for the current user |
|
1121 self.deny(django_args) |
|
1122 |
|
1123 return |
|
1124 |
|
1125 @allowDeveloper |
995 def checkIsMyEntity(self, django_args, logic, |
1126 def checkIsMyEntity(self, django_args, logic, |
996 field_name='user', user=False): |
1127 field_name='user', user=False): |
997 """Checks whether the entity belongs to the user. |
1128 """Checks whether the entity belongs to the user. |
998 """ |
1129 """ |
999 |
1130 |