def base_context(request):
"""
Provide context variables for use across all views.
"""
if not hasattr(request, 'user'):
return {}
return {
'is_project_admin': is_project_admin(request.user)
}
def validate(self, data):
"""
Handle a request received from slack. First we validate the
request and then pass the message to the appropriate handler.
"""
slack_user_id = data.get('user_id')
username = data.get('user_name')
worker = get_object_or_None(Worker, slack_user_id=slack_user_id)
if worker is None:
raise SlackUserUnauthorized(
'Worker {} not found. slack_user_id: {}'.format(
username, slack_user_id))
elif not is_project_admin(worker.user):
raise SlackUserUnauthorized(self.not_authorized_error)
data = super().validate(data)
return data
def project_information_api(request):
"""
This function is used by both the project management interface
(project admins only) and for providing project information to
experts (only to experts associated with a project). We enforce
both of these permissions in the view below.
"""
project_id = load_encoded_json(request.body)['project_id']
worker = get_object_or_404(Worker, user=request.user)
if not (is_project_admin(request.user)
or worker.assignments.filter(task__project=project_id).exists()):
raise PermissionDenied
try:
return project_management.project_management_information(project_id)
except Project.DoesNotExist:
raise BadRequest('Project not found for the given id.')
def validate(self, data):
"""
Handle a request received from slack. First we validate the
request and then pass the message to the appropriate handler.
"""
slack_user_id = data.get('user_id')
username = data.get('user_name')
workers = Worker.objects.filter(slack_user_id=slack_user_id)
worker = workers.first()
if workers.count() > 1:
raise SlackUserUnauthorized(
self.nonunique_slack_id.format(slack_user_id))
elif worker is None:
raise SlackUserUnauthorized(
'Worker {} not found. slack_user_id: {}'.format(
username, slack_user_id))
elif not is_project_admin(worker.user):
raise SlackUserUnauthorized(self.not_authorized_error)
data = super().validate(data)
return data
def has_permission(self, request, view):
return is_project_admin(request.user)
def has_permission(self, request, view):
return is_project_admin(request.user)
def is_project_admin(self):
from orchestra.interface_api.project_management.decorators import (
is_project_admin)
return is_project_admin(self.user)
