def get_specification_privacy_filter(user):
# Circular imports.
from lp.registry.model.accesspolicy import AccessPolicyGrant
public_spec_filter = (
Specification.information_type.is_in(PUBLIC_INFORMATION_TYPES))
if user is None:
return [public_spec_filter]
elif IPersonRoles.providedBy(user):
user = user.person
artifact_grant_query = Coalesce(
ArrayIntersects(
SQL('Specification.access_grants'),
Select(
ArrayAgg(TeamParticipation.teamID),
tables=TeamParticipation,
where=(TeamParticipation.person == user)
)), False)
policy_grant_query = Coalesce(
ArrayIntersects(
Array(SQL('Specification.access_policy')),
Select(
ArrayAgg(AccessPolicyGrant.policy_id),
tables=(AccessPolicyGrant,
Join(TeamParticipation,
TeamParticipation.teamID ==
AccessPolicyGrant.grantee_id)),
where=(TeamParticipation.person == user)
)), False)
return [Or(public_spec_filter, artifact_grant_query, policy_grant_query)]
def canBeUnsubscribedByUser(self, user):
"""See `ISpecificationSubscription`."""
if user is None:
return False
if not IPersonRoles.providedBy(user):
user = IPersonRoles(user)
if (
user.inTeam(self.specification.owner) or
user.inTeam(self.person) or
user.in_admin):
return True
# XXX Abel Deuring 2012-11-21, bug=1081677
# People who subscribed users should be able to unsubscribe
# them again, similar to branch subscriptions. This is
# essential if somebody was erroneuosly subscribed to a
# proprietary or embargoed specification. Unfortunately,
# SpecificationSubscription does not record who subscribed
# somebody else, but if the specification is private, we can
# check who issued the artifact grant.
artifacts = getUtility(IAccessArtifactSource).find(
[self.specification])
wanted = [(artifact, self.person) for artifact in artifacts]
if len(wanted) == 0:
return False
for grant in getUtility(IAccessArtifactGrantSource).find(wanted):
if user.inTeam(grant.grantor):
return True
return False
def canBeUnsubscribedByUser(self, user):
"""See `ISpecificationSubscription`."""
if user is None:
return False
if not IPersonRoles.providedBy(user):
user = IPersonRoles(user)
if (user.inTeam(self.specification.owner) or user.inTeam(self.person)
or user.in_admin):
return True
# XXX Abel Deuring 2012-11-21, bug=1081677
# People who subscribed users should be able to unsubscribe
# them again, similar to branch subscriptions. This is
# essential if somebody was erroneuosly subscribed to a
# proprietary or embargoed specification. Unfortunately,
# SpecificationSubscription does not record who subscribed
# somebody else, but if the specification is private, we can
# check who issued the artifact grant.
artifacts = getUtility(IAccessArtifactSource).find(
[self.specification])
wanted = [(artifact, self.person) for artifact in artifacts]
if len(wanted) == 0:
return False
for grant in getUtility(IAccessArtifactGrantSource).find(wanted):
if user.inTeam(grant.grantor):
return True
return False
def get_specification_privacy_filter(user):
# Circular imports.
from lp.registry.model.accesspolicy import AccessPolicyGrant
public_spec_filter = (
Specification.information_type.is_in(PUBLIC_INFORMATION_TYPES))
if user is None:
return [public_spec_filter]
elif IPersonRoles.providedBy(user):
user = user.person
artifact_grant_query = Coalesce(
ArrayIntersects(
SQL('Specification.access_grants'),
Select(ArrayAgg(TeamParticipation.teamID),
tables=TeamParticipation,
where=(TeamParticipation.person == user))), False)
policy_grant_query = Coalesce(
ArrayIntersects(
Array(SQL('Specification.access_policy')),
Select(ArrayAgg(AccessPolicyGrant.policy_id),
tables=(AccessPolicyGrant,
Join(
TeamParticipation, TeamParticipation.teamID ==
AccessPolicyGrant.grantee_id)),
where=(TeamParticipation.person == user))), False)
return [Or(public_spec_filter, artifact_grant_query, policy_grant_query)]
