def test_has_management_permission_explicit(explicit):
p = EventPrincipal(full_access=True, permissions=['foo'])
assert p.has_management_permission('foo', explicit=explicit)
assert p.has_management_permission('ANY', explicit=explicit)
assert p.has_management_permission('bar', explicit=explicit) == (not explicit)
assert (EventPrincipal(full_access=True, permissions=[]).has_management_permission('ANY', explicit=explicit) ==
(not explicit))
def test_has_management_permission_explicit_fail():
p = EventPrincipal(permissions=['foo'])
# no permission specified
with pytest.raises(ValueError):
p.has_management_permission(explicit=True)
with pytest.raises(ValueError):
EventPrincipal.has_management_permission(explicit=True)
def test_has_management_permission_explicit_fail():
p = EventPrincipal(permissions=['foo'])
# no permission specified
with pytest.raises(ValueError):
p.has_management_permission(explicit=True)
with pytest.raises(ValueError):
EventPrincipal.has_management_permission(explicit=True)
def test_has_management_permission_explicit(explicit):
p = EventPrincipal(full_access=True, permissions=['foo'])
assert p.has_management_permission('foo', explicit=explicit)
assert p.has_management_permission('ANY', explicit=explicit)
assert p.has_management_permission('bar', explicit=explicit) == (not explicit)
assert (EventPrincipal(full_access=True, permissions=[]).has_management_permission('ANY', explicit=explicit) ==
(not explicit))
def _process(self):
event_principal_query = (EventPrincipal.query.with_parent(self.event)
.filter(EventPrincipal.type == PrincipalType.email,
EventPrincipal.has_management_permission('submit')))
contrib_principal_query = (ContributionPrincipal.find(Contribution.event == self.event,
ContributionPrincipal.type == PrincipalType.email,
ContributionPrincipal.has_management_permission('submit'))
.join(Contribution)
.options(contains_eager('contribution')))
session_principal_query = (SessionPrincipal.find(Session.event == self.event,
SessionPrincipal.type == PrincipalType.email,
SessionPrincipal.has_management_permission())
.join(Session).options(joinedload('session').joinedload('acl_entries')))
persons = self.get_persons()
person_list = sorted(persons.viewvalues(), key=lambda x: x['person'].display_full_name.lower())
num_no_account = 0
for principal in itertools.chain(event_principal_query, contrib_principal_query, session_principal_query):
if principal.email not in persons:
continue
if not persons[principal.email].get('no_account'):
persons[principal.email]['roles']['no_account'] = True
num_no_account += 1
custom_roles = {'custom_{}'.format(r.id): {'name': r.name, 'code': r.code, 'color': r.color}
for r in self.event.roles}
return WPManagePersons.render_template('management/person_list.html', self.event, persons=person_list,
num_no_account=num_no_account, builtin_roles=BUILTIN_ROLES,
custom_roles=custom_roles)
def _process(self):
event_principal_query = (EventPrincipal.query.with_parent(self.event)
.filter(EventPrincipal.type == PrincipalType.email,
EventPrincipal.has_management_permission('submit')))
contrib_principal_query = (ContributionPrincipal.find(Contribution.event == self.event,
ContributionPrincipal.type == PrincipalType.email,
ContributionPrincipal.has_management_permission('submit'))
.join(Contribution)
.options(contains_eager('contribution')))
session_principal_query = (SessionPrincipal.find(Session.event == self.event,
SessionPrincipal.type == PrincipalType.email,
SessionPrincipal.has_management_permission())
.join(Session).options(joinedload('session').joinedload('acl_entries')))
persons = self.get_persons()
person_list = sorted(persons.values(), key=lambda x: x['person'].display_full_name.lower())
num_no_account = 0
for principal in itertools.chain(event_principal_query, contrib_principal_query, session_principal_query):
if principal.email not in persons:
continue
if not persons[principal.email].get('no_account'):
persons[principal.email]['roles']['no_account'] = True
num_no_account += 1
custom_roles = {f'custom_{r.id}': {'name': r.name, 'code': r.code, 'color': r.color}
for r in self.event.roles}
return WPManagePersons.render_template('management/person_list.html', self.event, persons=person_list,
num_no_account=num_no_account, builtin_roles=BUILTIN_ROLES,
custom_roles=custom_roles)
def get_events_managed_by(user, dt=None):
"""Gets the IDs of events where the user has management privs.
:param user: A `User`
:param dt: Only include events taking place on/after that date
:return: A set of event ids
"""
query = (user.in_event_acls.join(Event).options(
noload('user'), noload('local_group'), load_only('event_id')).filter(
~Event.is_deleted, Event.ends_after(dt)).filter(
EventPrincipal.has_management_permission('ANY')))
return {principal.event_id for principal in query}
def get_events_managed_by(user, dt=None):
"""Gets the IDs of events where the user has management privs.
:param user: A `User`
:param dt: Only include events taking place on/after that date
:return: A set of event ids
"""
query = (user.in_event_acls
.join(Event)
.options(noload('user'), noload('local_group'), load_only('event_id'))
.filter(~Event.is_deleted, Event.ends_after(dt))
.filter(EventPrincipal.has_management_permission('ANY')))
return {principal.event_id for principal in query}
def get_events_with_paper_roles(user, dt=None):
"""
Get the IDs and PR roles of events where the user has any kind
of paper reviewing privileges.
:param user: A `User`
:param dt: Only include events taking place on/after that date
:return: A dict mapping event IDs to a set of roles
"""
paper_permissions = {'paper_manager', 'paper_judge', 'paper_content_reviewer', 'paper_layout_reviewer'}
role_criteria = [EventPrincipal.has_management_permission(permission, explicit=True)
for permission in paper_permissions]
query = (user.in_event_acls
.join(Event)
.options(noload('user'), noload('local_group'), load_only('event_id', 'permissions'))
.filter(~Event.is_deleted, Event.ends_after(dt))
.filter(db.or_(*role_criteria)))
return {principal.event_id: set(principal.permissions) & paper_permissions for principal in query}
def _find(*args):
return EventPrincipal.find(
EventPrincipal.event == event,
EventPrincipal.has_management_permission(*args))
def test_has_management_permission():
p = EventPrincipal(permissions=['foo'])
assert p.has_management_permission('ANY')
assert p.has_management_permission('foo')
assert not p.has_management_permission('bar')
def test_has_management_permission_no_access():
p = EventPrincipal(read_access=True, permissions=[])
assert not p.has_management_permission()
assert not p.has_management_permission('foo')
assert not p.has_management_permission('ANY')
def _find(permission):
return EventPrincipal.find(
EventPrincipal.event == event,
EventPrincipal.has_management_permission(permission,
explicit=explicit))
def test_has_management_permission_no_access():
p = EventPrincipal(read_access=True, permissions=[])
assert not p.has_management_permission()
assert not p.has_management_permission('foo')
assert not p.has_management_permission('ANY')
def _query(*args):
return (EventPrincipal.query.filter(
EventPrincipal.event == event,
EventPrincipal.has_management_permission(*args)))
def _query(permission):
return (EventPrincipal.query.filter(
EventPrincipal.event == event,
EventPrincipal.has_management_permission(permission,
explicit=explicit)))
def _find(*args):
return EventPrincipal.find(EventPrincipal.event == event, EventPrincipal.has_management_permission(*args))
def test_has_management_permission():
p = EventPrincipal(permissions=['foo'])
assert p.has_management_permission('ANY')
assert p.has_management_permission('foo')
assert not p.has_management_permission('bar')
def _find(permission):
return EventPrincipal.find(EventPrincipal.event == event,
EventPrincipal.has_management_permission(permission, explicit=explicit))
