def post(self, task_id, comment_id, preview_file_id):
task = tasks_service.get_task(task_id)
user_service.check_project_access(task["project_id"])
tasks_service.get_comment(comment_id)
person = persons_service.get_current_user()
related_preview_file = files_service.get_preview_file(preview_file_id)
preview_file = tasks_service.add_preview_file_to_comment(
comment_id, person["id"], task_id,
related_preview_file["revision"])
return preview_file, 201
def delete(self, instance_id):
"""
Delete a comment corresponding at given ID.
"""
comment = tasks_service.get_comment(instance_id)
# TODO: only the self user or a manager can delete a commentary
if comment["object_type"] == "Task":
task = tasks_service.get_task(comment["object_id"])
user_service.check_project_access(task["project_id"])
self.pre_delete(comment)
tasks_service.reset_task_data(comment["object_id"])
self.post_delete(comment)
elif comment["object_type"] == "OutputFile":
output_file = files_service.get_output_file(comment["object_id"])
if output_file.get("entity_id"):
instance = entities_service.get_entity(
output_file["entity_id"])
elif output_file.get("asset_instance_id"):
instance = assets_service.get_asset_instance(
output_file["asset_instance_id"])
user_service.check_project_access(instance["project_id"])
else:
current_app.logger.warn("Not yet implemented")
return "", 404
deletion_service.remove_comment(comment["id"])
tasks_service.clear_comment_cache(comment["id"])
return "", 204
def post(self, task_id, comment_id):
is_movie = self.get_arguments()
task = tasks_service.get_task(task_id)
if not permissions.has_manager_permissions():
user_service.check_assigned(task_id)
comment = tasks_service.get_comment(comment_id)
task_status = tasks_service.get_task_status(comment.task_status_id)
person = persons_service.get_current_user()
if not task_status["is_reviewable"]:
return {
"error":
"Comment status is not reviewable, you cannot link a "
"preview to it."
}, 400
revision = tasks_service.get_next_preview_revision(task_id)
preview = files_service.create_preview_file(task["name"], revision,
task["id"], person["id"],
is_movie)
comment.update({"preview_file_id": preview["id"]})
events.emit("preview:add", {
"comment_id": comment_id,
"task_id": task_id,
"preview": preview
})
return preview, 201
def delete(self, task_id, comment_id):
"""
Delete a comment corresponding at given ID.
---
tags:
- Tasks
parameters:
- in: path
name: task_id
required: True
schema:
type: UUID
example: a24a6ea4-ce75-4665-a070-57453082c25
- in: path
name: comment_id
required: True
schema:
type: UUID
example: a24a6ea4-ce75-4665-a070-57453082c25
responses:
204:
description: Comment corresponding at given ID deleted
"""
comment = tasks_service.get_comment(comment_id)
task = tasks_service.get_task(comment["object_id"])
if permissions.has_manager_permissions():
user_service.check_project_access(task["project_id"])
else:
user_service.check_person_access(comment["person_id"])
self.pre_delete(comment)
deletion_service.remove_comment(comment_id)
tasks_service.reset_task_data(comment["object_id"])
tasks_service.clear_comment_cache(comment_id)
self.post_delete(comment)
return "", 204
def post(self, task_id, comment_id):
"""
Add a preview to given task.
---
tags:
- Tasks
description: "Revision is automatically set: it is equal to last revision + 1."
parameters:
- in: path
name: task_id
required: True
schema:
type: UUID
example: a24a6ea4-ce75-4665-a070-57453082c25
- in: path
name: comment_id
required: True
schema:
type: UUID
example: a24a6ea4-ce75-4665-a070-57453082c25
responses:
201:
description: Preview added to given task
"""
task = tasks_service.get_task(task_id)
user_service.check_project_access(task["project_id"])
user_service.check_entity_access(task["entity_id"])
comment = tasks_service.get_comment(comment_id)
tasks_service.get_task_status(comment["task_status_id"])
person = persons_service.get_current_user()
preview_file = tasks_service.add_preview_file_to_comment(
comment_id, person["id"], task_id)
return preview_file, 201
def check_read_permissions(self, instance):
attachment_file = instance
comment = tasks_service.get_comment(attachment_file["comment_id"])
task = tasks_service.get_task(comment["object_id"])
user_service.check_project_access(task["project_id"])
user_service.check_entity_access(task["entity_id"])
return True
def get(self, task_id, comment_id):
"""
Get comment corresponding at given ID.
---
tags:
- Tasks
parameters:
- in: path
name: task_id
required: True
schema:
type: UUID
example: a24a6ea4-ce75-4665-a070-57453082c25
- in: path
name: comment_id
required: True
schema:
type: UUID
example: a24a6ea4-ce75-4665-a070-57453082c25
responses:
200:
description: Comment corresponding at given ID
"""
comment = tasks_service.get_comment(comment_id)
user_service.check_comment_access(comment)
return comment
def remove_comment_and_related(self, comment_id):
comment = tasks_service.get_comment(comment_id)
if comment["preview_file_id"] is not None:
files_service.delete_preview_file(comment["preview_file_id"])
notifs = notifications_service.delete_notifications_for_comment(
comment["id"])
current_app.logger.info(notifs)
tasks_service.delete_comment(comment["id"])
def delete(self, instance_id):
"""
Delete a comment corresponding at given ID.
"""
comment = tasks_service.get_comment(instance_id)
task = tasks_service.get_task(comment["object_id"])
user_service.check_project_access(task["project_id"])
deletion_service.remove_comment(comment["id"])
return '', 204
def post(self, task_id, comment_id):
task = tasks_service.get_task(task_id)
user_service.check_project_access(task["project_id"])
comment = tasks_service.get_comment(comment_id)
tasks_service.get_task_status(comment["task_status_id"])
person = persons_service.get_current_user()
preview_file = tasks_service.add_preview_file_to_comment(
comment_id, person["id"], task_id)
return preview_file, 201
def post(self, task_id, comment_id, preview_file_id):
"""
Add a preview to given comment.
---
tags:
- Tasks
parameters:
- in: path
name: task_id
required: True
schema:
type: UUID
example: a24a6ea4-ce75-4665-a070-57453082c25
- in: path
name: comment_id
required: True
schema:
type: UUID
example: a24a6ea4-ce75-4665-a070-57453082c25
- in: path
name: preview_file_id
required: True
schema:
type: UUID
example: a24a6ea4-ce75-4665-a070-57453082c25
responses:
201:
description: Preview added to given comment
"""
task = tasks_service.get_task(task_id)
user_service.check_project_access(task["project_id"])
user_service.check_entity_access(task["entity_id"])
tasks_service.get_comment(comment_id)
person = persons_service.get_current_user()
related_preview_file = files_service.get_preview_file(preview_file_id)
preview_file = tasks_service.add_preview_file_to_comment(
comment_id, person["id"], task_id,
related_preview_file["revision"])
return preview_file, 201
def delete(self, instance_id):
"""
Delete a comment corresponding at given ID.
"""
comment = tasks_service.get_comment(instance_id)
task = tasks_service.get_task(comment["object_id"])
user_service.check_manager_project_access(task["project_id"])
self.pre_delete(comment)
deletion_service.remove_comment(comment["id"])
tasks_service.reset_task_data(comment["object_id"])
tasks_service.clear_comment_cache(comment["id"])
self.post_delete(comment)
return "", 204
def delete(self, task_id, comment_id):
"""
Delete a comment corresponding at given ID.
"""
comment = tasks_service.get_comment(comment_id)
task = tasks_service.get_task(comment["object_id"])
if permissions.has_manager_permissions():
user_service.check_project_access(task["project_id"])
else:
user_service.check_person_access(comment["person_id"])
self.pre_delete(comment)
deletion_service.remove_comment(comment_id)
tasks_service.reset_task_data(comment["object_id"])
tasks_service.clear_comment_cache(comment_id)
self.post_delete(comment)
return "", 204
def get(self, attachment_file_id):
attachment_file = comments_service.get_attachment_file(
attachment_file_id)
comment = tasks_service.get_comment(attachment_file["comment_id"])
task = tasks_service.get_task(comment["object_id"])
user_service.check_project_access(task["project_id"])
file_path = comments_service.get_attachment_file_path(attachment_file)
try:
return flask_send_file(
file_path,
conditional=True,
mimetype=attachment_file["mimetype"],
as_attachment=False,
attachment_filename=attachment_file["name"],
)
except:
abort(404)
def check_comment_access(comment_id):
"""
Return true if current user can have access to a comment.
"""
if permissions.has_admin_permissions():
return True
else:
comment = tasks_service.get_comment(comment_id)
person_id = comment["person_id"]
task_id = comment["object_id"]
task = tasks_service.get_task(task_id)
if task is None:
tasks_service.clear_task_cache(task_id)
task = tasks_service.get_task(task_id)
check_project_access(task["project_id"])
check_entity_access(task["entity_id"])
if (
permissions.has_supervisor_permissions()
or permissions.has_manager_permissions()
):
return True
elif permissions.has_client_permissions():
current_user = persons_service.get_current_user()
project = projects_service.get_project(task["project_id"])
if project.get("is_clients_isolated", False):
if not comment["person_id"] == current_user["id"]:
raise permissions.PermissionDenied
if persons_service.get_person(person_id)["role"] == "client":
return True
else:
raise permissions.PermissionDenied
elif persons_service.get_person(person_id)["role"] == "client":
raise permissions.PermissionDenied
return True
def post(self, task_id, comment_id):
files = request.files
permissions.check_admin_permissions()
comment = tasks_service.get_comment(comment_id)
comment = comments_service.add_attachments_to_comment(comment, files)
return comment["attachment_files"], 201
def remove_comment_and_related(self, comment_id):
comment = tasks_service.get_comment(comment_id)
notifications_service.delete_notifications_for_comment(comment["id"])
tasks_service.delete_comment(comment["id"])
if comment["preview_file_id"] is not None:
files_service.remove_preview_file(comment["preview_file_id"])