149 |
149 |
150 DEF_NOT_ALLOWED_PROJECT_FOR_SURVEY_MSG = ugettext( |
150 DEF_NOT_ALLOWED_PROJECT_FOR_SURVEY_MSG = ugettext( |
151 'You are not allowed to take this Survey for the specified Student' |
151 'You are not allowed to take this Survey for the specified Student' |
152 ' Project.') |
152 ' Project.') |
153 |
153 |
|
154 DEF_NO_VALID_RECORD_ID = ugettext('No valid numeric record ID given.') |
|
155 |
|
156 DEF_NOT_YOUR_RECORD = ugettext( |
|
157 'This is not your Survey Record. If you feel you should have access to ' |
|
158 'this page please notify the administrators.') |
|
159 |
154 DEF_USER_ACCOUNT_INVALID_MSG_FMT = ugettext( |
160 DEF_USER_ACCOUNT_INVALID_MSG_FMT = ugettext( |
155 'The <b><i>%(email)s</i></b> account cannot be used with this site, for' |
161 'The <b><i>%(email)s</i></b> account cannot be used with this site, for' |
156 ' one or more of the following reasons:' |
162 ' one or more of the following reasons:' |
157 '<ul>' |
163 '<ul>' |
158 ' <li>the account is invalid</li>' |
164 ' <li>the account is invalid</li>' |
1601 get_dict = django_args['GET'] |
1607 get_dict = django_args['GET'] |
1602 record_id = get_dict.get(id_field) |
1608 record_id = get_dict.get(id_field) |
1603 |
1609 |
1604 if not record_id or not record_id.isdigit(): |
1610 if not record_id or not record_id.isdigit(): |
1605 raise out_of_band.AccessViolation( |
1611 raise out_of_band.AccessViolation( |
1606 message_fmt='No valid numeric record ID given') |
1612 message_fmt=DEF_NO_VALID_RECORD_ID) |
1607 else: |
1613 else: |
1608 record_id = int(record_id) |
1614 record_id = int(record_id) |
1609 |
1615 |
1610 record_logic = survey_logic.getRecordLogic() |
1616 record_logic = survey_logic.getRecordLogic() |
1611 record_entity = record_logic.getFromIDOr404(record_id) |
1617 record_entity = record_logic.getFromIDOr404(record_id) |
1612 |
1618 |
1613 if record_entity.user.key() != user_entity.key(): |
1619 if record_entity.user.key() != user_entity.key(): |
1614 raise out_of_band.AccessViolation( |
1620 raise out_of_band.AccessViolation( |
1615 message_fmt='This is not your SurveyRecord') |
1621 message_fmt=DEF_NOT_YOUR_RECORD) |
1616 |
1622 |
1617 @denySidebar |
1623 @denySidebar |
1618 @allowDeveloper |
1624 @allowDeveloper |
1619 def checkIsSurveyWritable(self, django_args, survey_logic, |
1625 def checkIsSurveyWritable(self, django_args, survey_logic, |
1620 key_name_field=None): |
1626 key_name_field=None): |
1729 # check if the current user is signed up |
1735 # check if the current user is signed up |
1730 self.checkIsUser(django_args) |
1736 self.checkIsUser(django_args) |
1731 user_entity = self.user |
1737 user_entity = self.user |
1732 |
1738 |
1733 # get the project keyname from the GET dictionary |
1739 # get the project keyname from the GET dictionary |
1734 get_dict= django_args['GET'] |
1740 get_dict = django_args['GET'] |
1735 key_name = get_dict.get(project_key_location) |
1741 key_name = get_dict.get(project_key_location) |
1736 |
1742 |
1737 if not key_name: |
1743 if not key_name: |
1738 # no key name present so no need to deny access |
1744 # no key name present so no need to deny access |
1739 return |
1745 return |
1751 role_entity = project_entity.student |
1757 role_entity = project_entity.student |
1752 elif role_name == 'mentor': |
1758 elif role_name == 'mentor': |
1753 role_entity = project_entity.mentor |
1759 role_entity = project_entity.mentor |
1754 |
1760 |
1755 # check if the role matches the current user |
1761 # check if the role matches the current user |
1756 if role_entity.user.key() != user_entity.key(): |
1762 if role_entity.user.key() != user_entity.key() and ( |
|
1763 role_entity.status == 'active'): |
1757 if role_name == 'student': |
1764 if role_name == 'student': |
1758 raise out_of_band.AccessViolation( |
1765 raise out_of_band.AccessViolation( |
1759 message_fmt=DEF_NOT_ALLOWED_PROJECT_FOR_SURVEY_MSG) |
1766 message_fmt=DEF_NOT_ALLOWED_PROJECT_FOR_SURVEY_MSG) |
1760 elif role_name == 'mentor': |
1767 elif role_name == 'mentor': |
1761 # check if the current user is an Org Admin for this Student Project |
1768 # check if the current user is an Org Admin for this Student Project |
1771 # this role is not active |
1778 # this role is not active |
1772 raise out_of_band.AccessViolation(message_fmt=DEF_NEED_ROLE_MSG) |
1779 raise out_of_band.AccessViolation(message_fmt=DEF_NEED_ROLE_MSG) |
1773 |
1780 |
1774 return |
1781 return |
1775 |
1782 |
|
1783 @denySidebar |
|
1784 @allowDeveloper |
|
1785 def checkIsAllowedToViewProjectSurveyRecordAs( |
|
1786 self, django_args, survey_logic, role_name, record_key_location): |
|
1787 """Checks wether the current user is allowed to view the record given in |
|
1788 the GET data by the record_key_location. |
|
1789 |
|
1790 Args: |
|
1791 django_args: a dictionary with django's arguments |
|
1792 survey_logic: Survey Logic instance that belongs to the SurveyRecord |
|
1793 type in question |
|
1794 role_name: string containing either "student" or "mentor". Determines |
|
1795 which of the roles the within the project the current user should have |
|
1796 to view the evaluation results. |
|
1797 record_key_location: string containing the name of the GET param which |
|
1798 contains the id for the SurveyRecord to retrieve |
|
1799 |
|
1800 Raises: |
|
1801 AccessViolation if: |
|
1802 - No valid numeric Record ID is given in the POST data. |
|
1803 - No Record could be retrieved for the given Record ID. |
|
1804 - The current user has not taken the survey, is not the Student/Mentor |
|
1805 (depending on the role_name) and is not an Org Admin for the project |
|
1806 to which the SurveyRecord belongs. |
|
1807 """ |
|
1808 |
|
1809 if not role_name in ['mentor', 'student']: |
|
1810 raise InvalidArgumentError('role_name is not mentor or student') |
|
1811 |
|
1812 self.checkIsUser(django_args) |
|
1813 user_entity = self.user |
|
1814 |
|
1815 get_dict = django_args['GET'] |
|
1816 record_id = get_dict.get(record_key_location) |
|
1817 |
|
1818 if not record_id or not record_id.isdigit(): |
|
1819 raise out_of_band.AccessViolation( |
|
1820 message_fmt=DEF_NO_VALID_RECORD_ID) |
|
1821 else: |
|
1822 record_id = int(record_id) |
|
1823 |
|
1824 record_logic = survey_logic.getRecordLogic() |
|
1825 record_entity = record_logic.getFromIDOr404(record_id) |
|
1826 |
|
1827 if record_entity.user.key() == user_entity.key(): |
|
1828 # this record belongs to the current user |
|
1829 return |
|
1830 |
|
1831 if role_name == 'student': |
|
1832 role_entity = record_entity.project.student |
|
1833 elif role_name == 'mentor': |
|
1834 role_entity = record_entity.project.mentor |
|
1835 |
|
1836 if role_entity.user.key() == user_entity.key() and ( |
|
1837 role_entity.status == 'active'): |
|
1838 # this user has the role required |
|
1839 return |
|
1840 |
|
1841 fields = {'user': user_entity, |
|
1842 'scope': record_entity.org, |
|
1843 'status': 'active'} |
|
1844 admin_entity = org_admin_logic.getForFields(fields, unique=True) |
|
1845 |
|
1846 if admin_entity: |
|
1847 # this user is org admin for the retrieved record's project |
|
1848 return |
|
1849 |
|
1850 # The current user is no Org Admin, has not taken the Survey and is not |
|
1851 # the one responsible for taking this survey. |
|
1852 raise out_of_band.AccessViolation(message_fmt=DEF_NOT_YOUR_RECORD) |
|
1853 |
1776 @allowSidebar |
1854 @allowSidebar |
1777 @allowDeveloper |
1855 @allowDeveloper |
1778 def checkIsDocumentReadable(self, django_args, key_name_field=None): |
1856 def checkIsDocumentReadable(self, django_args, key_name_field=None): |
1779 """Checks whether a document is readable by the current user. |
1857 """Checks whether a document is readable by the current user. |
1780 |
1858 |