def get_user_MS(self, subject, region, period): member_states = [] if admin_perm.can() or sta_perm.can(): member_states = self.get_MS(subject, region, period) elif nat_perm.can() and current_user.MS: member_states = [(current_user.MS, current_user.MS)] return member_states + [(DEFAULT_MS, DEFAULT_MS)]
def can_touch(assessment): if current_user.is_anonymous() and not EU_ASSESSMENT_MODE: return False if not assessment: return EU_ASSESSMENT_MODE or admin_perm.can() or nat_perm.can() or etc_perm.can() or ( sta_perm.can() and not consultation_ended()) return EU_ASSESSMENT_MODE or admin_perm.can() or etc_perm.can() or ( assessment.user == current_user and not sta_cannot_change())
def can_touch(assessment): if current_user.is_anonymous() and not EU_ASSESSMENT_MODE: return False if not assessment: return EU_ASSESSMENT_MODE or admin_perm.can() or nat_perm.can( ) or etc_perm.can() or (sta_perm.can() and not consultation_ended()) return EU_ASSESSMENT_MODE or admin_perm.can() or etc_perm.can() or ( assessment.user == current_user and not sta_cannot_change())
def can_add_conclusion(dataset, zone, subject, region=None): """ Zone: one of 'species', 'habitat' """ from art17.summary.views import SpeciesSummary, HabitatSummary zone_cls_mapping = {'species': SpeciesSummary, 'habitat': HabitatSummary} can_add = False warning_message = '' if not dataset: warning_message = 'Please select a valid dataset in order to add ' + \ 'a conclusion.' elif dataset.is_readonly: warning_message = 'The current dataset is readonly, so you cannot ' + \ 'add a conclusion.' elif not region: warning_message = 'Please select a Bioregion in order to add a ' + \ 'conclusion.' elif not (admin_perm.can() or sta_perm.can() or nat_perm.can() or etc_perm.can() or EU_ASSESSMENT_MODE): warning_message = 'You do not have permission to add conclusions.' elif sta_cannot_change(): warning_message = 'The consultation period has ended; you cannont ' + \ 'add conclusions anymore.' else: if not EU_ASSESSMENT_MODE: record_exists = zone_cls_mapping[zone].get_manual_record( dataset.id, subject, region, current_user.id) if record_exists: warning_message = 'You have already added a conclusion for ' + \ 'the selected subject and region.' else: can_add = True else: can_add = True return can_add, warning_message
def can_post_comment(record): if EU_ASSESSMENT_MODE: return True if not current_user.is_authenticated: return False if record.dataset and record.dataset.is_readonly: return False can_add = False if sta_cannot_change(): can_add = False elif sta_perm.can() or nat_perm.can(): if (record.user.has_role('nat') and record.user_id == current_user.id) \ or not record.user or record.user.has_role('stakeholder'): can_add = True else: can_add = True if can_add: authors = [c.author_id for c in record.comments] if current_user.id in authors: return False return not record.deleted and can_add
def can_post_comment(record): if EU_ASSESSMENT_MODE: return True if not current_user.is_authenticated(): return False if record.dataset and record.dataset.is_readonly: return False can_add = False if sta_cannot_change(): can_add = False elif sta_perm.can() or nat_perm.can(): if (record.user.has_role('nat') and record.user_id == current_user.id) \ or not record.user or record.user.has_role('stakeholder'): can_add = True else: can_add = True if can_add: authors = [c.author_id for c in record.comments] if current_user.id in authors: return False return not record.deleted and can_add
def can_select_MS(): return admin_perm.can() or sta_perm.can() or nat_perm.can()
def dispatch_request(self): period = request.args.get('period') or get_default_period() subject = request.args.get('subject') group = request.args.get('group') region = request.args.get('region') action = request.args.get('action') rowid = request.args.get('rowid') fresh_new_record = False self.objects = [] self.restricted_countries = [] self.auto_objects = [] self.manual_objects = [] self.setup_objects_and_data(period, subject, region) group = group or self.get_group_for_subject(subject) regions = self.get_regions(period, subject) summary_filter_form = SummaryFilterForm( MultiDict( dict(period=period, group=group, subject=subject, region=region))) summary_filter_form.group.choices = self.get_groups(period) summary_filter_form.subject.choices = self.get_subjects(period, group) summary_filter_form.region.choices = regions manual_form, manual_assessment = self.get_manual_form( request.form, period=period, action=action, ) manual_form.region.choices = self.get_regions(period, subject, True) if period != '4': manual_form.region.choices = manual_form.region.choices[1:] if not request.form.get('region'): manual_form.region.process_data(region or manual_form.region.data) if hasattr(manual_form, 'MS'): manual_form.kwargs = dict(subject=subject, period=period) manual_form.MS.choices = self.get_user_MS(subject, region, period) if request.method == 'POST': home_url = url_for(self.summary_endpoint, period=period, subject=subject, region=region) if manual_form.validate(subject=subject, period=period): if not can_touch(manual_assessment): raise PermissionDenied() if not manual_assessment: manual_assessment = self.model_manual_cls(subject=subject) manual_form.populate_obj(manual_assessment) manual_assessment.last_update = datetime.now().strftime( DATE_FORMAT) if EU_ASSESSMENT_MODE: user = RegisteredUser.query.filter_by( id='test_for_eu_assessment').first() if not user: user = RegisteredUser( id='test_for_eu_assessment', name='Test_for_eu_assessment', account_date=datetime.now()) db.session.add(user) db.session.commit() manual_assessment.user_id = user.id else: manual_assessment.user_id = current_user.id manual_assessment.dataset_id = period db.session.flush() db.session.add(manual_assessment) try: db.session.commit() except IntegrityError: db.session.rollback() flash('A record with the same keys exist. Cannot add', 'error') else: flash('Conclusion added successfully') fresh_new_record = manual_assessment manual_assessment = None else: manual_form.populate_obj(manual_assessment) manual_assessment.last_update = datetime.now().strftime( DATE_FORMAT) db.session.add(manual_assessment) db.session.commit() flash('Conclusion edited successfully') if rowid: home_url += '#man-row-' + rowid return redirect(home_url) else: flash('Please correct the errors below and try again.') self.dataset = Dataset.query.get(period) period_name = self.dataset.name if self.dataset else '' current_selection = self.get_current_selection(period_name, group, subject, region, period) annexes = self.get_annexes(subject, period) default_ms = DEFAULT_MS if not nat_perm.can() else current_user.MS context = self.get_context() context.update({ 'objects': self.objects, 'auto_objects': self.auto_objects, 'manual_objects': self.filter_conclusions(self.manual_objects), 'restricted_countries': self.restricted_countries, 'regions': regions, 'summary_filter_form': summary_filter_form, 'manual_form': manual_form, 'manual_assessment': manual_assessment, 'edit_ref': must_edit_ref(manual_assessment), 'current_selection': current_selection, 'annexes': annexes, 'group': group, 'subject': subject, 'region': region, 'period_name': period_name, 'dataset': self.dataset, 'default_ms': default_ms, 'fresh_new_record': fresh_new_record, }) return render_template(self.template_name, **context)
def dispatch_request(self): period = request.args.get('period') or get_default_period() subject = request.args.get('subject') group = request.args.get('group') region = request.args.get('region') action = request.args.get('action') rowid = request.args.get('rowid') fresh_new_record = False self.objects = [] self.restricted_countries = [] self.auto_objects = [] self.manual_objects = [] self.setup_objects_and_data(period, subject, region) group = group or self.get_group_for_subject(subject) regions = self.get_regions(period, subject) summary_filter_form = SummaryFilterForm( MultiDict(dict(period=period, group=group, subject=subject, region=region) ) ) summary_filter_form.group.choices = self.get_groups(period) summary_filter_form.subject.choices = self.get_subjects(period, group) summary_filter_form.region.choices = regions manual_form, manual_assessment = self.get_manual_form( request.form, period=period, action=action, ) manual_form.region.choices = self.get_regions(period, subject, True) if period != '4': manual_form.region.choices = manual_form.region.choices[1:] if not request.form.get('region'): manual_form.region.process_data(region or manual_form.region.data) if hasattr(manual_form, 'MS'): manual_form.kwargs = dict(subject=subject, period=period) manual_form.MS.choices = self.get_user_MS(subject, region, period) if request.method == 'POST': home_url = url_for(self.summary_endpoint, period=period, subject=subject, region=region) if manual_form.validate(subject=subject, period=period): if not can_touch(manual_assessment): raise PermissionDenied() if not manual_assessment: manual_assessment = self.model_manual_cls(subject=subject) manual_form.populate_obj(manual_assessment) manual_assessment.last_update = datetime.now().strftime(DATE_FORMAT) if EU_ASSESSMENT_MODE: user = RegisteredUser.query.filter_by( id='test_for_eu_assessment').first() if not user: user = RegisteredUser(id='test_for_eu_assessment', name='Test_for_eu_assessment', account_date=datetime.now()) db.session.add(user) db.session.commit() manual_assessment.user_id = user.id else: manual_assessment.user_id = current_user.id manual_assessment.dataset_id = period db.session.flush() db.session.add(manual_assessment) try: db.session.commit() except IntegrityError: db.session.rollback() flash('A record with the same keys exist. Cannot add', 'error') else: flash('Conclusion added successfully') fresh_new_record = manual_assessment manual_assessment = None else: manual_form.populate_obj(manual_assessment) manual_assessment.last_update = datetime.now().strftime(DATE_FORMAT) db.session.add(manual_assessment) db.session.commit() flash('Conclusion edited successfully') if rowid: home_url += '#man-row-' + rowid return redirect(home_url) else: flash('Please correct the errors below and try again.') self.dataset = Dataset.query.get(period) period_name = self.dataset.name if self.dataset else '' current_selection = self.get_current_selection( period_name, group, subject, region, period) annexes = self.get_annexes(subject, period) default_ms = DEFAULT_MS if not nat_perm.can() else current_user.MS context = self.get_context() context.update({ 'objects': self.objects, 'auto_objects': self.auto_objects, 'manual_objects': self.filter_conclusions(self.manual_objects), 'restricted_countries': self.restricted_countries, 'regions': regions, 'summary_filter_form': summary_filter_form, 'manual_form': manual_form, 'manual_assessment': manual_assessment, 'edit_ref': must_edit_ref(manual_assessment), 'current_selection': current_selection, 'annexes': annexes, 'group': group, 'subject': subject, 'region': region, 'period_name': period_name, 'dataset': self.dataset, 'default_ms': default_ms, 'fresh_new_record': fresh_new_record, }) return render_template(self.template_name, **context)