class CategoryProtectionForm(IndicoForm):
_event_creation_fields = ('event_creation_restricted', 'event_creators',
'event_creation_notification_emails')
protection_mode = IndicoProtectionField(
_('Protection mode'),
protected_object=lambda form: form.protected_object)
acl = AccessControlListField(_('Access control list'),
groups=True,
allow_external=True,
allow_networks=True)
managers = PrincipalListField(_('Managers'), groups=True)
own_no_access_contact = StringField(
_('No access contact'),
description=_(
'Contact information shown when someone lacks access to the '
'category'))
event_creation_restricted = BooleanField(
_('Restricted event creation'),
widget=SwitchWidget(),
description=_('Whether the event creation should be restricted '
'to a list of specific persons'))
event_creators = PrincipalListField(
_('Event creators'),
groups=True,
allow_external=True,
description=_('Users allowed to create events in this category'))
def __init__(self, *args, **kwargs):
self.protected_object = kwargs.pop('category')
super(CategoryProtectionForm, self).__init__(*args, **kwargs)
class AttachmentFolderForm(IndicoForm):
title = HiddenField(_("Name"), [DataRequired()], widget=TypeaheadWidget(),
description=_("The name of the folder."))
description = TextAreaField(_("Description"), description=_("Description of the folder and its content"))
protected = BooleanField(_("Protected"), widget=SwitchWidget())
acl = AccessControlListField(_("Access control list"), [UsedIf(lambda form, field: form.protected.data)],
groups=True, allow_external=True, default_text=_('Restrict access to this folder'),
description=_("The list of users and groups allowed to access the folder"))
is_always_visible = BooleanField(_("Always Visible"), widget=SwitchWidget(),
description=_("By default, folders are always visible, even if a user cannot "
"access them. You can disable this behavior here, hiding the folder "
"for anyone who does not have permission to access it."))
def __init__(self, *args, **kwargs):
self.linked_object = kwargs.pop('linked_object')
super(AttachmentFolderForm, self).__init__(*args, **kwargs)
self.title.choices = self._get_title_suggestions()
def _get_title_suggestions(self):
query = db.session.query(AttachmentFolder.title).filter_by(is_deleted=False, is_default=False,
object=self.linked_object)
existing = set(x[0] for x in query)
suggestions = set(get_default_folder_names()) - existing
if self.title.data:
suggestions.add(self.title.data)
return sorted(suggestions)
@generated_data
def protection_mode(self):
return ProtectionMode.protected if self.protected.data else ProtectionMode.inheriting
class ContributionProtectionForm(IndicoForm):
protection_mode = IndicoProtectionField(
_('Protection mode'),
protected_object=lambda form: form.protected_object,
acl_message_url=lambda form: url_for('contributions.acl_message', form.
protected_object))
acl = AccessControlListField(
_('Access control list'),
[UsedIf(lambda form, field: form.protected_object.is_protected)],
groups=True,
allow_emails=True,
default_text=_('Restrict access to this contribution'),
description=_('List of users allowed to access the contribution'))
managers = PrincipalListField(
_('Managers'),
groups=True,
allow_emails=True,
description=_('List of users allowed to modify the contribution'))
submitters = PrincipalListField(
_('Submitters'),
groups=True,
allow_emails=True,
description=_(
'List of users allowed to submit materials for this contribution'))
def __init__(self, *args, **kwargs):
self.protected_object = kwargs.pop('contrib')
super(ContributionProtectionForm, self).__init__(*args, **kwargs)
class AttachmentFormBase(IndicoForm):
protected = BooleanField(_("Protected"), widget=SwitchWidget())
folder = QuerySelectField(
_("Folder"),
allow_blank=True,
blank_text=_("No folder selected"),
get_label='title',
description=_(
"Adding materials to folders allow grouping and easier permission "
"management."))
acl = AccessControlListField(
_("Access control list"),
[UsedIf(lambda form, field: form.protected.data)],
groups=True,
allow_external=True,
default_text=_('Restrict access to this material'),
description=_(
"The list of users and groups allowed to access the material"))
def __init__(self, *args, **kwargs):
linked_object = kwargs.pop('linked_object')
super(AttachmentFormBase, self).__init__(*args, **kwargs)
self.folder.query = (AttachmentFolder.find(
object=linked_object, is_default=False,
is_deleted=False).order_by(db.func.lower(AttachmentFolder.title)))
@generated_data
def protection_mode(self):
return ProtectionMode.protected if self.protected.data else ProtectionMode.inheriting
class EventProtectionForm(IndicoForm):
protection_mode = IndicoProtectionField(_('Protection mode'),
protected_object=lambda form: form.protected_object,
acl_message_url=lambda form: url_for('event_management.acl_message',
form.protected_object))
acl = AccessControlListField(_('Access control list'), groups=True, allow_emails=True, allow_networks=True,
allow_external=True, default_text=_('Restrict access to this event'),
description=_('List of users allowed to access the event.'))
access_key = IndicoPasswordField(_('Access key'), toggle=True,
description=_('It is more secure to use only the ACL and not set an access key. '
'<strong>It will have no effect if the event is not '
'protected</strong>'))
own_no_access_contact = StringField(_('No access contact'),
description=_('Contact information shown when someone lacks access to the '
'event'))
managers = PrincipalListField(_('Managers'), groups=True, allow_emails=True, allow_external=True,
description=_('List of users allowed to modify the event'))
submitters = PrincipalListField(_('Submitters'), allow_emails=True, allow_external=True,
description=_('List of users with submission rights'))
priv_fields = set()
def __init__(self, *args, **kwargs):
self.protected_object = kwargs.pop('event')
super(EventProtectionForm, self).__init__(*args, **kwargs)
@classmethod
def _create_coordinator_priv_fields(cls):
for name, title in sorted(COORDINATOR_PRIV_TITLES.iteritems(), key=itemgetter(1)):
setattr(cls, name, BooleanField(title, widget=SwitchWidget(), description=COORDINATOR_PRIV_DESCS[name]))
cls.priv_fields.add(name)
class CategoryProtectionForm(IndicoForm):
_event_creation_fields = ('event_creation_restricted', 'event_creators', 'event_creation_notification_emails')
protection_mode = IndicoProtectionField(_('Protection mode'), protected_object=lambda form: form.protected_object)
acl = AccessControlListField(_('Access control list'), groups=True, allow_external=True, allow_networks=True,
default_text=_('Restrict access to this category'),
description=_('List of users allowed to access the category.'))
managers = PrincipalListField(_('Managers'), groups=True)
own_no_access_contact = StringField(_('No access contact'),
description=_('Contact information shown when someone lacks access to the '
'category'))
visibility = SelectField(_("Event visibility"), [Optional()], coerce=lambda x: None if x == '' else int(x),
description=_("""From which point in the category tree contents will be visible from """
"""(number of categories upwards). Applies to "Today's events" and """
"""Calendar. If the category is moved, this number will be preserved."""))
event_creation_restricted = BooleanField(_('Restricted event creation'), widget=SwitchWidget(),
description=_('Whether the event creation should be restricted '
'to a list of specific persons'))
event_creators = PrincipalListField(_('Event creators'), groups=True, allow_external=True,
description=_('Users allowed to create events in this category'))
def __init__(self, *args, **kwargs):
self.protected_object = category = kwargs.pop('category')
super(CategoryProtectionForm, self).__init__(*args, **kwargs)
self._init_visibility(category)
def _init_visibility(self, category):
self.visibility.choices = get_visibility_options(category, allow_invisible=False)
# Check if category visibility would be affected by any of the parents
real_horizon = category.real_visibility_horizon
own_horizon = category.own_visibility_horizon
if real_horizon and real_horizon.is_descendant_of(own_horizon):
self.visibility.warning = _("This category's visibility is currently limited by that of '{}'.").format(
real_horizon.title)
class AttachmentFormBase(IndicoForm):
protected = BooleanField(_('Protected'), widget=SwitchWidget())
folder = QuerySelectField(
_('Folder'),
allow_blank=True,
blank_text=_('No folder selected'),
get_label='title',
description=_(
'Adding materials to folders allow grouping and easier permission '
'management.'))
acl = AccessControlListField(
_('Access control list'),
[UsedIf(lambda form, field: form.protected.data)],
allow_groups=True,
allow_external_users=True,
allow_event_roles=True,
allow_category_roles=True,
allow_registration_forms=True,
event=lambda form: form.event,
description=_(
'The list of users and groups allowed to access the material'))
def __init__(self, *args, **kwargs):
linked_object = kwargs.pop('linked_object')
self.event = getattr(linked_object, 'event',
None) # not present in categories
super().__init__(*args, **kwargs)
self.folder.query = (AttachmentFolder.query.filter_by(
object=linked_object, is_default=False,
is_deleted=False).order_by(db.func.lower(AttachmentFolder.title)))
@generated_data
def protection_mode(self):
return ProtectionMode.protected if self.protected.data else ProtectionMode.inheriting
class AttachmentFolderForm(IndicoForm):
title = HiddenField(_('Name'), [DataRequired()],
widget=TypeaheadWidget(),
description=_('The name of the folder.'))
description = TextAreaField(
_('Description'),
description=_('Description of the folder and its content'))
protected = BooleanField(_('Protected'), widget=SwitchWidget())
acl = AccessControlListField(
_('Access control list'),
[UsedIf(lambda form, field: form.protected.data)],
allow_groups=True,
allow_external_users=True,
allow_event_roles=True,
allow_category_roles=True,
allow_registration_forms=True,
event=lambda form: form.event,
description=_(
'The list of users and groups allowed to access the folder'))
is_always_visible = BooleanField(
_('Always Visible'), [HiddenUnless('is_hidden', value=False)],
widget=SwitchWidget(),
description=_(
'By default, folders are always visible, even if a user cannot '
'access them. You can disable this behavior here, hiding the folder '
'for anyone who does not have permission to access it.'))
is_hidden = BooleanField(
_('Always hidden'), [HiddenUnless('is_always_visible', value=False)],
widget=SwitchWidget(),
description=
_('Always hide the folder and its contents from public display areas of '
'the event. You can use this for folders to store non-image files used '
'e.g. in download links. The access permissions still apply.'))
def __init__(self, *args, **kwargs):
self.linked_object = kwargs.pop('linked_object')
self.event = getattr(self.linked_object, 'event',
None) # not present in categories
super().__init__(*args, **kwargs)
self.title.choices = self._get_title_suggestions()
def _get_title_suggestions(self):
query = db.session.query(AttachmentFolder.title).filter_by(
is_deleted=False, is_default=False, object=self.linked_object)
existing = {x[0] for x in query}
suggestions = set(get_default_folder_names()) - existing
if self.title.data:
suggestions.add(self.title.data)
return sorted(suggestions)
def validate_is_always_visible(self, field):
if self.is_always_visible.data and self.is_hidden.data:
raise ValidationError(
'These two options cannot be used at the same time')
validate_is_hidden = validate_is_always_visible
@generated_data
def protection_mode(self):
return ProtectionMode.protected if self.protected.data else ProtectionMode.inheriting
class EventProtectionForm(IndicoForm):
protection_mode = IndicoProtectionField(_('Protection mode'),
protected_object=lambda form: form.protected_object,
acl_message_url=lambda form: url_for('event_management.acl_message',
form.protected_object))
acl = AccessControlListField(_('Access control list'), groups=True, allow_emails=True, allow_networks=True,
allow_external=True, default_text=_('Restrict access to this event'),
description=_('List of users allowed to access the event.'))
access_key = IndicoPasswordField(_('Access key'), toggle=True,
description=_('It is more secure to use only the ACL and not set an access key. '
'<strong>It will have no effect if the event is not '
'protected</strong>'))
own_no_access_contact = StringField(_('No access contact'),
description=_('Contact information shown when someone lacks access to the '
'event'))
managers = PrincipalListField(_('Managers'), groups=True, allow_emails=True, allow_external=True,
description=_('List of users allowed to modify the event'))
submitters = PrincipalListField(_('Submitters'), groups=True, allow_emails=True, allow_external=True,
description=_('List of users with submission rights'))
visibility = SelectField(_("Visibility"), [Optional()], coerce=lambda x: None if x == '' else int(x),
description=_("""From which point in the category tree this event will be visible from """
"""(number of categories upwards). Applies to "Today's events" and """
"""Calendar only. If the event is moved, this number will be preserved."""))
priv_fields = set()
def __init__(self, *args, **kwargs):
self.protected_object = event = kwargs.pop('event')
super(EventProtectionForm, self).__init__(*args, **kwargs)
self._init_visibility(event)
def _get_event_own_visibility_horizon(self, event):
if self.visibility.data is None: # unlimited
return Category.get_root()
elif self.visibility.data == 0: # invisible
return None
else:
return event.category.nth_parent(self.visibility.data - 1)
def _init_visibility(self, event):
self.visibility.choices = get_visibility_options(event, allow_invisible=True)
# Check if event visibility would be affected by any of the categories
real_horizon = event.category.real_visibility_horizon
own_horizon = self._get_event_own_visibility_horizon(event)
if own_horizon and real_horizon and real_horizon.is_descendant_of(own_horizon):
self.visibility.warning = _("This event's visibility is currently limited by that of '{}'.").format(
real_horizon.title)
@classmethod
def _create_coordinator_priv_fields(cls):
for name, title in sorted(COORDINATOR_PRIV_TITLES.iteritems(), key=itemgetter(1)):
setattr(cls, name, BooleanField(title, widget=SwitchWidget(), description=COORDINATOR_PRIV_DESCS[name]))
cls.priv_fields.add(name)
class SessionProtectionForm(IndicoForm):
protection_mode = IndicoProtectionField(
_('Protection mode'),
protected_object=lambda form: form.protected_object,
acl_message_url=lambda form: url_for('sessions.acl_message', form.
protected_object))
acl = AccessControlListField(
_('Access control list'),
[UsedIf(lambda form, field: form.protected_object.is_protected)],
groups=True,
allow_emails=True,
description=_('List of users allowed to access the session.'))
managers = PrincipalListField(
_('Managers'),
groups=True,
allow_emails=True,
description=_('List of users allowed to modify the session'))
coordinators = PrincipalListField(_('Coordinators'),
groups=True,
allow_emails=True)
def __init__(self, *args, **kwargs):
self.protected_object = kwargs.pop('session')
super(SessionProtectionForm, self).__init__(*args, **kwargs)