def is_user_permitted_to_validate(project_id, user_id):
""" Check if the user is allowed to validate on the project in scope """
if UserService.is_user_blocked(user_id):
return False, ValidatingNotAllowed.USER_NOT_ON_ALLOWED_LIST
project = ProjectService.get_project_by_id(project_id)
if project.license_id:
if not UserService.has_user_accepted_license(user_id, project.license_id):
return False, ValidatingNotAllowed.USER_NOT_ACCEPTED_LICENSE
validation_permission = project.validation_permission
# is_admin or is_author or is_org_manager or is_manager_team
is_manager_permission = False
if ProjectAdminService.is_user_action_permitted_on_project(user_id, project_id):
is_manager_permission = True
# Draft (public/private) accessible only for is_manager_permission
if (
ProjectStatus(project.status) == ProjectStatus.DRAFT
and not is_manager_permission
):
return False, ValidatingNotAllowed.PROJECT_NOT_PUBLISHED
is_restriction = None
if not is_manager_permission and validation_permission:
is_restriction = ProjectService.evaluate_validation_permission(
project_id, user_id, validation_permission
)
tasks = Task.get_locked_tasks_for_user(user_id)
if len(tasks.locked_tasks) > 0:
return False, ValidatingNotAllowed.USER_ALREADY_HAS_TASK_LOCKED
is_allowed_user = None
if project.private and not is_manager_permission:
# Check if user is in allowed user list
is_allowed_user = ProjectService.is_user_in_the_allowed_list(
project.allowed_users, user_id
)
if is_allowed_user:
return True, "User allowed to validate"
if not is_manager_permission and is_restriction:
return is_restriction
elif project.private and not (
is_manager_permission or is_allowed_user or not is_restriction
):
return False, ValidatingNotAllowed.USER_NOT_ON_ALLOWED_LIST
return True, "User allowed to validate"
def is_user_permitted_to_validate(project_id, user_id):
""" Check if the user is allowed to validate on the project in scope """
if UserService.is_user_blocked(user_id):
return False, ValidatingNotAllowed.USER_NOT_ON_ALLOWED_LIST
project = ProjectService.get_project_by_id(project_id)
if project.license_id:
if not UserService.has_user_accepted_license(user_id, project.license_id):
return False, ValidatingNotAllowed.USER_NOT_ACCEPTED_LICENSE
validation_permission = project.validation_permission
is_manager_permission = False
# is_admin or is_author or is_org_manager or is_manager_team
if ProjectAdminService.is_user_action_permitted_on_project(user_id, project_id):
is_manager_permission = True
if (
ProjectStatus(project.status) != ProjectStatus.PUBLISHED
and not is_manager_permission
):
return False, ValidatingNotAllowed.PROJECT_NOT_PUBLISHED
tasks = Task.get_locked_tasks_for_user(user_id)
if len(tasks.locked_tasks) > 0:
return False, ValidatingNotAllowed.USER_ALREADY_HAS_TASK_LOCKED
if project.private and not is_manager_permission:
# Check user is in allowed users
try:
next(user for user in project.allowed_users if user.id == user_id)
except StopIteration:
return False, ValidatingNotAllowed.USER_NOT_ON_ALLOWED_LIST
is_restriction = ProjectService.evaluate_validation_permission(
project_id, user_id, validation_permission
)
if is_restriction:
return is_restriction
if project.validation_permission and not is_manager_permission:
is_restriction = ProjectService.evaluate_validation_permission(
project_id, user_id, validation_permission
)
if is_restriction:
return is_restriction
return True, "User allowed to validate"
def post_message(chat_dto: ChatMessageDTO, project_id: int,
authenticated_user_id: int) -> ProjectChatDTO:
""" Save message to DB and return latest chat"""
current_app.logger.debug("Posting Chat Message")
if UserService.is_user_blocked(authenticated_user_id):
raise ValueError("User is on read only mode")
project = ProjectService.get_project_by_id(project_id)
is_allowed_user = True
is_manager_permission = ProjectAdminService.is_user_action_permitted_on_project(
authenticated_user_id, project_id)
is_team_member = False
# Draft (public/private) accessible only for is_manager_permission
if (ProjectStatus(project.status) == ProjectStatus.DRAFT
and not is_manager_permission):
raise ValueError("User not permitted to post Comment")
if project.private:
is_allowed_user = False
if not is_manager_permission:
allowed_roles = [
TeamRoles.PROJECT_MANAGER.value,
TeamRoles.VALIDATOR.value,
TeamRoles.MAPPER.value,
]
is_team_member = TeamService.check_team_membership(
project_id, allowed_roles, authenticated_user_id)
if not is_team_member:
is_allowed_user = (len([
user for user in project.allowed_users
if user.id == authenticated_user_id
]) > 0)
if is_manager_permission or is_team_member or is_allowed_user:
chat_message = ProjectChat.create_from_dto(chat_dto)
MessageService.send_message_after_chat(chat_dto.user_id,
chat_message.message,
chat_dto.project_id)
db.session.commit()
# Ensure we return latest messages after post
return ProjectChat.get_messages(chat_dto.project_id, 1)
else:
raise ValueError("User not permitted to post Comment")
def is_user_permitted_to_map(project_id: int, user_id: int):
""" Check if the user is allowed to map the on the project in scope """
if UserService.is_user_blocked(user_id):
return False, MappingNotAllowed.USER_NOT_ON_ALLOWED_LIST
project = ProjectService.get_project_by_id(project_id)
mapping_permission = project.mapping_permission
if ProjectStatus(
project.status
) != ProjectStatus.PUBLISHED and not ProjectAdminService.is_user_action_permitted_on_project(
user_id, project_id):
return False, MappingNotAllowed.PROJECT_NOT_PUBLISHED
tasks = Task.get_locked_tasks_for_user(user_id)
if len(tasks.locked_tasks) > 0:
return False, MappingNotAllowed.USER_ALREADY_HAS_TASK_LOCKED
if project.private:
# Check user is in allowed users
try:
next(user for user in project.allowed_users
if user.id == user_id)
except StopIteration:
return False, MappingNotAllowed.USER_NOT_ON_ALLOWED_LIST
is_restriction = ProjectService.evaluate_mapping_permission(
project_id, user_id, mapping_permission)
if is_restriction:
return is_restriction
if project.mapping_permission:
is_restriction = ProjectService.evaluate_mapping_permission(
project_id, user_id, mapping_permission)
if is_restriction:
return is_restriction
if project.license_id:
if not UserService.has_user_accepted_license(
user_id, project.license_id):
return False, MappingNotAllowed.USER_NOT_ACCEPTED_LICENSE
return True, "User allowed to map"