# HG changeset patch # User Lennard de Rijk # Date 1250013296 25200 # Node ID e8b599ba7b37794f048fb9bfa57d6cd426dec71d # Parent efbce6839e90acf97ebb66c295083847570cdd7a Completed the proper filter for the GradingProjectSurvey results view. Also set the access check to checkIsUser. diff -r efbce6839e90 -r e8b599ba7b37 app/soc/views/models/grading_project_survey.py --- a/app/soc/views/models/grading_project_survey.py Tue Aug 11 10:22:01 2009 -0700 +++ b/app/soc/views/models/grading_project_survey.py Tue Aug 11 10:54:56 2009 -0700 @@ -60,7 +60,7 @@ [grading_survey_logic, 'mentor', 'id']), ('checkIsSurveyReadable', [grading_survey_logic]), ]])] - rights['results'] = ['checkIsDeveloper'] # TODO: proper access check + rights['results'] = ['checkIsUser'] rights['take'] = [('checkIsSurveyTakeable', grading_survey_logic), ('checkIsAllowedToTakeProjectSurveyAs', [grading_survey_logic, 'mentor', 'project'])] @@ -116,6 +116,62 @@ return fields + def _getResultsViewRecordFields(self, survey, allowed_to_read): + """Get the Results View filter for ProjectSurveyRecords. + + For args see survey.View()._getResultsViewRecordFields() + + Returns: + Returns the dictionary containing the fields to filter on + """ + + from soc.logic.models.mentor import logic as mentor_logic + from soc.logic.models.org_admin import logic as org_admin_logic + + if allowed_to_read: + return super(View, self)._getResultsViewRecordFields(survey, + allowed_to_read) + + fields = {'survey': survey} + + user_entity = user_logic.getForCurrentAccount() + program_entity = survey.scope + + role_fields = {'user': user_entity, + 'program': program_entity, + 'status': ['active', 'inactive']} + + org_admins = org_admin_logic.getForFields(role_fields) + mentors = mentor_logic.getForFields(role_fields) + + organizations = {} + + if org_admins: + for org_admin in org_admins: + # for each org admin store the organization + org_scope = org_admin.scope + org_key_name = org_scope.key().id_or_name() + organizations[org_key_name] = org_scope + + if mentors: + for mentor in mentors: + # for each mentor store the organization + # This will allow the user to view the GradingProjectSurvey Records + # listing for projects which he might have no further access to. + org_scope = mentor.scope + org_key_name = org_scope.key().id_or_name() + organizations[org_key_name] = org_scope + + if organizations: + # filter on all the found organizations + fields['org'] = organizations.values() + else: + # This user is no org admin or mentor and should only see + # his/her own records. + fields['user'] = user_entity + + return fields + class GradeSurveyTakeForm(surveys.SurveyTakeForm): """Extends SurveyTakeForm by adding a grade field.