def handle(self, *args, **options):
username_or_email = options["user"]
dump_format = options["format"]
project_slugs = options["project_slugs"]
try:
user = User.objects.get(Q(username=username_or_email) | Q(email=username_or_email))
except Exception:
raise CommandError("Error loading user".format(username_or_email))
for project_slug in project_slugs:
try:
project = Project.objects.get(slug=project_slug)
except Project.DoesNotExist:
raise CommandError("Project '{}' does not exist".format(project_slug))
if not is_project_admin(user, project):
self.stderr.write(self.style.ERROR(
"ERROR: Not sending task because user '{}' doesn't have permissions to export '{}' project".format(
username_or_email,
project_slug
)
))
continue
task = tasks.dump_project.delay(user, project, dump_format)
tasks.delete_project_dump.apply_async(
(project.pk, project.slug, task.id, dump_format),
countdown=settings.EXPORTS_TTL
)
print("-> Sent task for dump of project '{}' as user {}".format(project.name, username_or_email))
def get_serializer_class(self):
use_admin_serializer = False
if self.action == "create":
use_admin_serializer = True
if self.action == "retrieve":
use_admin_serializer = permissions_services.is_project_admin(
self.request.user, self.object.project)
project_id = self.request.QUERY_PARAMS.get("project", None)
if self.action == "list" and project_id is not None:
project = get_object_or_404(models.Project, pk=project_id)
use_admin_serializer = permissions_services.is_project_admin(
self.request.user, project)
if use_admin_serializer:
return self.admin_serializer_class
else:
return self.serializer_class
def to_value(self, instance):
# Name attributes must be translated
for attr in [
"epic_statuses_attr", "userstory_statuses_attr",
"userstory_duedates_attr", "points_attr", "task_statuses_attr",
"task_duedates_attr", "issue_statuses_attr",
"issue_types_attr", "issue_duedates_attr", "priorities_attr",
"severities_attr", "epic_custom_attributes_attr",
"userstory_custom_attributes_attr",
"task_custom_attributes_attr", "issue_custom_attributes_attr",
"roles_attr"
]:
assert hasattr(
instance,
attr), "instance must have a {} attribute".format(attr)
val = getattr(instance, attr)
if val is None:
continue
for elem in val:
elem["name"] = _(elem["name"])
ret = super().to_value(instance)
admin_fields = [
"epics_csv_uuid",
"userstories_csv_uuid",
"tasks_csv_uuid",
"issues_csv_uuid",
"is_private_extra_info",
"max_memberships",
"transfer_token",
]
is_admin_user = False
if "request" in self.context:
user = self.context["request"].user
is_admin_user = permissions_services.is_project_admin(
user, instance)
if not is_admin_user:
for admin_field in admin_fields:
del (ret[admin_field])
return ret
def check_permissions(self, request, view, obj=None):
return is_project_admin(request.user, obj.webhook.project)
def check_permissions(self, request, view, obj=None):
model = get_model_from_key(obj.key)
pk = get_pk_from_key(obj.key)
project = model.objects.get(pk=pk)
return is_project_admin(request.user, project)
def get_i_am_admin(self, obj):
if "request" in self.context:
return is_project_admin(self.context["request"].user, obj)
return False