def test_has_management_permission_explicit(explicit): p = EventPrincipal(full_access=True, permissions=['foo']) assert p.has_management_permission('foo', explicit=explicit) assert p.has_management_permission('ANY', explicit=explicit) assert p.has_management_permission('bar', explicit=explicit) == (not explicit) assert (EventPrincipal(full_access=True, permissions=[]).has_management_permission('ANY', explicit=explicit) == (not explicit))
def test_has_management_permission_explicit_fail(): p = EventPrincipal(permissions=['foo']) # no permission specified with pytest.raises(ValueError): p.has_management_permission(explicit=True) with pytest.raises(ValueError): EventPrincipal.has_management_permission(explicit=True)
def test_has_management_permission_explicit_fail(): p = EventPrincipal(permissions=['foo']) # no permission specified with pytest.raises(ValueError): p.has_management_permission(explicit=True) with pytest.raises(ValueError): EventPrincipal.has_management_permission(explicit=True)
def test_has_management_permission_explicit(explicit): p = EventPrincipal(full_access=True, permissions=['foo']) assert p.has_management_permission('foo', explicit=explicit) assert p.has_management_permission('ANY', explicit=explicit) assert p.has_management_permission('bar', explicit=explicit) == (not explicit) assert (EventPrincipal(full_access=True, permissions=[]).has_management_permission('ANY', explicit=explicit) == (not explicit))
def _process(self): event_principal_query = (EventPrincipal.query.with_parent(self.event) .filter(EventPrincipal.type == PrincipalType.email, EventPrincipal.has_management_permission('submit'))) contrib_principal_query = (ContributionPrincipal.find(Contribution.event == self.event, ContributionPrincipal.type == PrincipalType.email, ContributionPrincipal.has_management_permission('submit')) .join(Contribution) .options(contains_eager('contribution'))) session_principal_query = (SessionPrincipal.find(Session.event == self.event, SessionPrincipal.type == PrincipalType.email, SessionPrincipal.has_management_permission()) .join(Session).options(joinedload('session').joinedload('acl_entries'))) persons = self.get_persons() person_list = sorted(persons.viewvalues(), key=lambda x: x['person'].display_full_name.lower()) num_no_account = 0 for principal in itertools.chain(event_principal_query, contrib_principal_query, session_principal_query): if principal.email not in persons: continue if not persons[principal.email].get('no_account'): persons[principal.email]['roles']['no_account'] = True num_no_account += 1 custom_roles = {'custom_{}'.format(r.id): {'name': r.name, 'code': r.code, 'color': r.color} for r in self.event.roles} return WPManagePersons.render_template('management/person_list.html', self.event, persons=person_list, num_no_account=num_no_account, builtin_roles=BUILTIN_ROLES, custom_roles=custom_roles)
def _process(self): event_principal_query = (EventPrincipal.query.with_parent(self.event) .filter(EventPrincipal.type == PrincipalType.email, EventPrincipal.has_management_permission('submit'))) contrib_principal_query = (ContributionPrincipal.find(Contribution.event == self.event, ContributionPrincipal.type == PrincipalType.email, ContributionPrincipal.has_management_permission('submit')) .join(Contribution) .options(contains_eager('contribution'))) session_principal_query = (SessionPrincipal.find(Session.event == self.event, SessionPrincipal.type == PrincipalType.email, SessionPrincipal.has_management_permission()) .join(Session).options(joinedload('session').joinedload('acl_entries'))) persons = self.get_persons() person_list = sorted(persons.values(), key=lambda x: x['person'].display_full_name.lower()) num_no_account = 0 for principal in itertools.chain(event_principal_query, contrib_principal_query, session_principal_query): if principal.email not in persons: continue if not persons[principal.email].get('no_account'): persons[principal.email]['roles']['no_account'] = True num_no_account += 1 custom_roles = {f'custom_{r.id}': {'name': r.name, 'code': r.code, 'color': r.color} for r in self.event.roles} return WPManagePersons.render_template('management/person_list.html', self.event, persons=person_list, num_no_account=num_no_account, builtin_roles=BUILTIN_ROLES, custom_roles=custom_roles)
def get_events_managed_by(user, dt=None): """Gets the IDs of events where the user has management privs. :param user: A `User` :param dt: Only include events taking place on/after that date :return: A set of event ids """ query = (user.in_event_acls.join(Event).options( noload('user'), noload('local_group'), load_only('event_id')).filter( ~Event.is_deleted, Event.ends_after(dt)).filter( EventPrincipal.has_management_permission('ANY'))) return {principal.event_id for principal in query}
def get_events_managed_by(user, dt=None): """Gets the IDs of events where the user has management privs. :param user: A `User` :param dt: Only include events taking place on/after that date :return: A set of event ids """ query = (user.in_event_acls .join(Event) .options(noload('user'), noload('local_group'), load_only('event_id')) .filter(~Event.is_deleted, Event.ends_after(dt)) .filter(EventPrincipal.has_management_permission('ANY'))) return {principal.event_id for principal in query}
def get_events_with_paper_roles(user, dt=None): """ Get the IDs and PR roles of events where the user has any kind of paper reviewing privileges. :param user: A `User` :param dt: Only include events taking place on/after that date :return: A dict mapping event IDs to a set of roles """ paper_permissions = {'paper_manager', 'paper_judge', 'paper_content_reviewer', 'paper_layout_reviewer'} role_criteria = [EventPrincipal.has_management_permission(permission, explicit=True) for permission in paper_permissions] query = (user.in_event_acls .join(Event) .options(noload('user'), noload('local_group'), load_only('event_id', 'permissions')) .filter(~Event.is_deleted, Event.ends_after(dt)) .filter(db.or_(*role_criteria))) return {principal.event_id: set(principal.permissions) & paper_permissions for principal in query}
def _find(*args): return EventPrincipal.find( EventPrincipal.event == event, EventPrincipal.has_management_permission(*args))
def test_has_management_permission(): p = EventPrincipal(permissions=['foo']) assert p.has_management_permission('ANY') assert p.has_management_permission('foo') assert not p.has_management_permission('bar')
def test_has_management_permission_no_access(): p = EventPrincipal(read_access=True, permissions=[]) assert not p.has_management_permission() assert not p.has_management_permission('foo') assert not p.has_management_permission('ANY')
def _find(permission): return EventPrincipal.find( EventPrincipal.event == event, EventPrincipal.has_management_permission(permission, explicit=explicit))
def test_has_management_permission_no_access(): p = EventPrincipal(read_access=True, permissions=[]) assert not p.has_management_permission() assert not p.has_management_permission('foo') assert not p.has_management_permission('ANY')
def _query(*args): return (EventPrincipal.query.filter( EventPrincipal.event == event, EventPrincipal.has_management_permission(*args)))
def _query(permission): return (EventPrincipal.query.filter( EventPrincipal.event == event, EventPrincipal.has_management_permission(permission, explicit=explicit)))
def _find(*args): return EventPrincipal.find(EventPrincipal.event == event, EventPrincipal.has_management_permission(*args))
def test_has_management_permission(): p = EventPrincipal(permissions=['foo']) assert p.has_management_permission('ANY') assert p.has_management_permission('foo') assert not p.has_management_permission('bar')
def _find(permission): return EventPrincipal.find(EventPrincipal.event == event, EventPrincipal.has_management_permission(permission, explicit=explicit))