def acl_toggle(activity, _id, right, person_id): if person_id != app.globals.get('user_id'): # projection={'acl': 1}, right='read' status, acl, _ = get_acl('{}_observations'.format(activity), _id, projection={ 'acl': 1, 'reporter': 1 }, right='execute') if status is True: if request.method == 'POST': update = modify_user_acl('{}_observations'.format(activity), _id, person_id, right, 'add') elif request.method == 'DELETE': update = modify_user_acl('{}_observations'.format(activity), _id, person_id, right, 'remove') if update is True: return eve_response(True, 201) return eve_response(False, 409)
def get_users(collection, _id): status, acl, _ = acl_helper.get_acl(collection, _id) if status is True: res = acl_helper.parse_acl(acl) return eve_response(res) else: return eve_response({})
def get_users_flat(collection, _id): status, acl, _ = acl_helper.get_acl(collection, _id) if status is True: res = acl_helper.parse_acl(acl) k = [ p for p in list( set(res['read'] + res['write'] + res['execute'] + res['delete'])) if p != app.globals.get('user_id', 0) ] return eve_response(k) else: return eve_response({})
def message(): try: # ARGS args = request.get_json(force=True) # use force=True to do anyway! event_from = args.get('event_from', None) event_from_id = args.get('event_from_id', None) msg = strip_tags(args.get('message', None)) if event_from is None or event_from_id is None or msg is None: return eve_abort(422, 'Missing parameters') # Can't do if closed or withdrawn status, acl, rest = get_acl(event_from, event_from_id, projection={ 'acl': 1, 'workflow.state': 1, 'id': 1, 'discipline': 1, 'tags': 1 }) if rest.get('workflow', {}).get('state', 'closed') in ['closed', 'withdrawn']: return eve_response_pppd( { 'data': 'Observasjonen er {}'.format( rest.get('workflow', {}).get('state', 'closed')) }, 403, 'Observation is {}'.format( rest.get('workflow', {}).get('state', 'closed'))) k = parse_acl_flat(acl) # If not self too recepients = [x for x in k if x != app.globals.get('user_id', None)] ors_message(recepients=recepients, event_from=event_from, event_from_id=event_from_id, message=msg, ors_id=rest.get('id', None), org_id=rest.get('discipline', None), ors_tags=rest.get('tags', [])) return eve_response(recepients, 200) except Exception as e: app.logger.exception('Error creating message for observation') return eve_response({}, 500)
def acl_toggle(activity, _id, right, person_id): if person_id != app.globals.get('user_id'): # projection={'acl': 1}, right='read' status, acl, ors = acl_helper.get_acl( '{}_observations'.format(activity), _id, projection={ 'acl': 1, 'reporter': 1, 'id': 1, 'discipline': 1, 'tags': 1 }, right='execute') if status is True: if request.method == 'POST': verb = 'tildelte' update = acl_helper.modify_user_acl( '{}_observations'.format(activity), _id, person_id, right, 'add') elif request.method == 'DELETE': verb = 'fjernet' update = acl_helper.modify_user_acl( '{}_observations'.format(activity), _id, person_id, right, 'remove') if update is True: # recepients, event_from, event_from_id, right, verb, ors_acl(recepients=person_id, event_from='{}_observations'.format(activity), event_from_id=_id, right=right, verb='remove' if verb == 'fjernet' else 'add', ors_id=ors.get('id', None), org_id=ors.get('discipline', None), ors_tags=ors.get('tags', [])) return eve_response(True, 201) return eve_response(False, 409)
def reminder(): """ """ """ 1) Check if has access and if not X 2) Find the x'es 3) make sure sender not an x!! see 1... 4) make sure we're not trying to notify too soon after last one => get last notification for this x+event_from+event_from_id 5) find x'es user settings - says something about their transmission preferences (mail, aggregate, sms...) 6) Notify x'es! or both x and w - with users preferences! """ try: # Args args = request.get_json(force=True) # use force=True to do anyway! event_from = args.get('event_from', None) event_from_id = args.get('event_from_id', None) if event_from is None or event_from_id is None: return eve_response_pppd({}, 403, 'Observation is closed') if event_from is None or event_from_id is None or message is None: return eve_abort(422, 'Missing parameters') status, acl, rest = get_acl(event_from, event_from_id, projection={ 'acl': 1, 'workflow.state': 1, 'id': 1, 'discipline': 1, 'tags': 1 }) # print('ACLS', acl) if rest.get('workflow', {}).get('state', 'closed') in ['closed', 'withdrawn']: return eve_response_pppd( { 'data': 'Observasjonen er {}'.format( rest.get('workflow', {}).get('state', 'closed')) }, 403, 'Observation is {}'.format( rest.get('workflow', {}).get('state', 'closed'))) recepients = parse_acl_flat(acl) disapproved_users = get_within_delay( event_from_id, 'ors_reminder', recepients) if len(recepients) > 0 else [] # Check if same users # @TODO investigate if should be each user recepients.sort() disapproved_users.sort() if disapproved_users == recepients: return eve_response_pppd( { 'data': 'Please wait for the remaining graceperiod until {}'. format((datetime.datetime.utcnow() - datetime.timedelta(seconds=REMINDER_DELTA))) }, 429, 'Too soon to send notification') # Remove disapproved recepients = [ x for x in recepients if x not in disapproved_users and x != app.globals.get('user_id', None) ] if len(recepients) == 0: return eve_response_pppd({'data': 'Fant ingen å sende til'}, 404, 'Found no recepients!') # Create notification ors_reminder(recepients, event_from=event_from, event_from_id=event_from_id, ors_id=rest.get('id', None), org_id=rest.get('discipline', None), ors_tags=rest.get('tags', [])) return eve_response(recepients, 200) except Exception as e: app.logger.exception('Error creating reminder for observation') return eve_response({}, 500)