def is_user_action_permitted_on_project(authenticated_user_id: int,
project_id: int) -> bool:
""" Is user action permitted on project"""
project = Project.get(project_id)
author_id = project.author_id
allowed_roles = [TeamRoles.PROJECT_MANAGER.value]
is_admin = UserService.is_user_an_admin(authenticated_user_id)
is_author = UserService.is_user_the_project_author(
authenticated_user_id, author_id)
is_org_manager = False
if hasattr(project, "organisation_id") and project.organisation_id:
org_id = project.organisation_id
org = OrganisationService.get_organisation_by_id_as_dto(
org_id, authenticated_user_id)
if org.is_manager:
is_org_manager = True
is_manager_team = None
if hasattr(project, "project_teams") and project.project_teams:
teams_dto = TeamService.get_project_teams_as_dto(project_id)
if teams_dto.teams:
teams_allowed = [
team_dto for team_dto in teams_dto.teams
if team_dto.role in allowed_roles
]
user_membership = [
team_dto.team_id for team_dto in teams_allowed
if TeamService.is_user_member_of_team(
team_dto.team_id, authenticated_user_id)
]
if user_membership:
is_manager_team = True
return is_admin or is_author or is_org_manager or is_manager_team
def evaluate_mapping_permission(project_id: int, user_id: int,
mapping_permission: int):
allowed_roles = [
TeamRoles.MAPPER.value,
TeamRoles.VALIDATOR.value,
TeamRoles.PROJECT_MANAGER.value,
]
# mapping_permission = 1(level),2(teams),3(teamsAndLevel)
if mapping_permission == MappingPermission.TEAMS.value:
teams_dto = TeamService.get_project_teams_as_dto(project_id)
teams_allowed = [
team_dto for team_dto in teams_dto.teams
if team_dto.role in allowed_roles
]
user_membership = [
team_dto.team_id for team_dto in teams_allowed if
TeamService.is_user_member_of_team(team_dto.team_id, user_id)
]
if len(user_membership) == 0:
return False, MappingNotAllowed.USER_NOT_TEAM_MEMBER
elif mapping_permission == MappingPermission.LEVEL.value:
if not ProjectService._is_user_intermediate_or_advanced(user_id):
return False, MappingNotAllowed.USER_NOT_CORRECT_MAPPING_LEVEL
elif mapping_permission == MappingPermission.TEAMS_LEVEL.value:
if not ProjectService._is_user_intermediate_or_advanced(user_id):
return False, MappingNotAllowed.USER_NOT_CORRECT_MAPPING_LEVEL
teams_dto = TeamService.get_project_teams_as_dto(project_id)
teams_allowed = [
team_dto for team_dto in teams_dto.teams
if team_dto.role in allowed_roles
]
user_membership = [
team_dto.team_id for team_dto in teams_allowed if
TeamService.is_user_member_of_team(team_dto.team_id, user_id)
]
if len(user_membership) == 0:
return False, MappingNotAllowed.USER_NOT_TEAM_MEMBER
def check_team_membership(
project_id: int, allowed_roles: list, user_id: int, action: str
):
teams_dto = TeamService.get_project_teams_as_dto(project_id)
teams_allowed = [
team_dto for team_dto in teams_dto.teams if team_dto.role in allowed_roles
]
user_membership = [
team_dto.team_id
for team_dto in teams_allowed
if TeamService.is_user_member_of_team(team_dto.team_id, user_id)
]
if len(user_membership) == 0:
if action == "MAP":
return False, MappingNotAllowed.USER_NOT_TEAM_MEMBER
elif action == "VALIDATE":
return False, ValidatingNotAllowed.USER_NOT_TEAM_MEMBER
def post_message(
chat_dto: ChatMessageDTO, project_id: int, authenticated_user_id: int
) -> ProjectChatDTO:
""" Save message to DB and return latest chat"""
current_app.logger.debug("Posting Chat Message")
if UserService.is_user_blocked(authenticated_user_id):
return ValueError("User is on read only mode")
project = ProjectService.get_project_by_id(project_id)
if project.private:
author_id = project.author_id
allowed_roles = [
TeamRoles.PROJECT_MANAGER.value,
TeamRoles.VALIDATOR.value,
TeamRoles.MAPPER.value,
]
is_admin = UserService.is_user_an_admin(authenticated_user_id)
is_author = UserService.is_user_the_project_author(
authenticated_user_id, author_id
)
is_org_manager = False
if hasattr(project, "organisation_id") and project.organisation_id:
org_id = project.organisation_id
org = OrganisationService.get_organisation_by_id_as_dto(
org_id, authenticated_user_id
)
if org.is_manager:
is_org_manager = True
is_team_member = None
if hasattr(project, "project_teams") and project.project_teams:
teams_dto = TeamService.get_project_teams_as_dto(project_id)
if teams_dto.teams:
teams_allowed = [
team_dto
for team_dto in teams_dto.teams
if team_dto.role in allowed_roles
]
user_membership = [
team_dto.team_id
for team_dto in teams_allowed
if TeamService.is_user_member_of_team(
team_dto.team_id, authenticated_user_id
)
]
if user_membership:
is_team_member = True
for user in project.allowed_users:
if user.id == authenticated_user_id:
is_allowed_user = True
break
if (
is_admin
or is_author
or is_org_manager
or is_team_member
or is_allowed_user
):
chat_message = ProjectChat.create_from_dto(chat_dto)
MessageService.send_message_after_chat(
chat_dto.user_id, chat_message.message, chat_dto.project_id
)
db.session.commit()
# Ensure we return latest messages after post
return ProjectChat.get_messages(chat_dto.project_id, 1)
else:
raise ValueError("User not permitted to post Comment")
else:
chat_message = ProjectChat.create_from_dto(chat_dto)
MessageService.send_message_after_chat(
chat_dto.user_id, chat_message.message, chat_dto.project_id
)
db.session.commit()
# Ensure we return latest messages after post
return ProjectChat.get_messages(chat_dto.project_id, 1)