def get(self, granted):
basic_info = granted.department.getBasic()
all_svals = granted.department.all_score_values()
response_areas = [\
{'name' : a.name,\
'id' : a.id,\
'abbr' : a.abbr,\
'del' : bcap.grant('area-delete', a)\
} for a in granted.department.my(Area)]
basic_info['areas'] = response_areas
basic_info['svcs'] = dict([(sv.id, sv.category.to_json()) for sv in all_svals])
response_scores = [\
{'name' : s.name,\
'shortform' : s.shortform,\
'values' : [\
{'id' : v.id,\
'number' : v.number,\
'explanation' : v.explanation,\
'change' : bcap.grant('scorevalue-change', v)} for v in s.getValues()],\
'del' : bcap.grant('scorecategory-delete', s),\
'id' : s.id,\
'change' : bcap.grant('scorecategory-change', s)\
} for s in granted.department.my(ScoreCategory)]
basic_info['scores'] = response_scores
basic_info['svnum'] = dict([(s.id, s.number) for s in all_svals])
basic_info['contact'] = granted.department.shortname
return bcap.bcapResponse(basic_info)
def testUnverifiedUser(self):
rev1data = {\
'email' : '*****@*****.**',\
'role' : 'reviewer',\
'name' : 'Matt'\
}
addRevCap = bcap.grant('unverifieduser-addrev', self.department)
response = addRevCap.post(rev1data)
self.assertTrue(response.has_key('success'))
self.assertTrue(response['success'])
for (k, v) in rev1data.iteritems():
self.assertTrue(response.has_key(k))
self.assertEqual(response[k], v)
uus = UnverifiedUser.objects.filter(name=rev1data['name'],\
role=rev1data['role'], email=rev1data['email'])
self.assertEqual(len(uus), 1)
getPenCap = bcap.grant('unverifieduser-getpending', self.department)
response = getPenCap.get()
self.assertEqual(len(response), 1)
p = response[0]
self.assertTrue(p.has_key('del'))
for (k, v) in rev1data.iteritems():
self.assertTrue(p.has_key(k))
self.assertEqual(p[k], v)
delCap = p['del']
delCap.delete()
uus = UnverifiedUser.objects.filter(name=rev1data['name'],\
role=rev1data['role'], email=rev1data['email'])
self.assertEqual(len(uus), 0)
def post(self, grantable, args):
email = args['email']
name = args['name']
role = args['role']
dept = grantable.department
uu = UnverifiedUser(email=email, name=name, role=role, department=dept)
try:
uu.save()
except:
resp = {'success' : False, 'message' : 'failed to create UnverifiedUser'}
return bcap.bcapResponse(resp)
create_belay = bcap.Capability(settings.BELAY_CREATE)
response = create_belay.post(bcap.dataPreProcess({'email': args['email']}))
logger.error('Successfully got response for account creation: %s' % response)
create_cap = response['create']
ub = UnverifiedBelayAccount(uu=uu, create=create_cap.serialize())
ub.save()
if role == 'admin': create_cap = bcap.grant('get-admin-email-and-create', uu)
elif role == 'reviewer': create_cap = bcap.grant('get-reviewer-email-and-create', uu)
else: return logWith404(logger, 'UnverifiedUserAddRevHandler: role type not allowed: %s' % role)
activate_url = '%s/new-account/#%s' % \
(bcap.this_server_url_prefix(), create_cap.serialize())
return_url = bcap.this_server_url_prefix()
emailstr = u"""Dear %s,
A new Resume account is being created for you. To activate it, visit:
%s
To regain access your account once it has been created, visit:
%s
"""
emailstr = emailstr % (name, activate_url, return_url)
fromaddr = fromAddr(dept)
emailResponse = sendLogEmail('[Resume] New Account', emailstr, email, fromaddr)
if emailResponse: return emailResponse
resp = {\
'success' : True,\
'email' : email,\
'name' : name,\
'role' : role,\
}
return bcap.bcapResponse(resp)
def post(self, station, args):
domain = args['domain']
url = args['url']
private_data = bcap.dataPreProcess(args['private_data'])
public_data = bcap.dataPreProcess(args['public_data'])
try:
launch_info = LaunchInfo(domain=domain, \
url=url, \
private_data=private_data, \
public_data=public_data)
launch_info.save()
except Exception as e:
logger.error("Exception: %s" % e)
logger.error("PD: %s, PUD: %s" % (private_data, public_data))
instance_uuid = uuid.uuid4()
instance_id = str(instance_uuid)
logger.error("iid: %s" % instance_id)
instance = Relationship(station=station, \
instance_id =instance_id, \
launch_info = launch_info)
instance.save()
return bcap.bcapResponse(bcap.grant('instance', instance))
def testGetBasic(self):
getBasicCap = bcap.grant('get-basic', self.department)
response = getBasicCap.get()
self.assertTrue(response.has_key('info'))
i = response['info']
self.assertEqual(i['name'], self.department.name)
self.assertEqual(i['shortname'], self.department.shortname)
self.assertEqual(i['lastChange'], self.department.lastChange)
self.assertEqual(i['brandColor'], self.department.brandColor)
self.assertEqual(i['contactName'], self.department.contactName)
self.assertEqual(i['contactEmail'], self.department.contactEmail)
self.assertEqual(i['techEmail'], self.department.techEmail)
self.assertTrue(response.has_key('countries'))
self.assertEqual(len(response['countries']), 1)
self.assertEqual(response['countries'][0], 'usa')
self.assertTrue(response.has_key('areas'))
self.assertEqual(len(response['areas']), 1)
a = response['areas'][0]
self.assertEqual(a['name'], 'area')
self.assertEqual(a['abbr'], 'ar')
self.assertTrue(response.has_key('positions'))
self.assertEqual(len(response['positions']), 1)
p = response['positions'][0]
self.assertEqual(p['name'], 'thepos')
self.assertEqual(p['shortform'], 'tp')
self.assertEqual(p['autoemail'], True)
self.assertTrue(response.has_key('components'))
self.assertEqual(len(response['components']), 1)
c = response['components'][0]
self.assertEqual(c['type'], 'type')
self.assertEqual(c['value'], 'value')
self.assertEqual(c['lastSubmitted'], 0)
self.assertEqual(c['date'], str(date.today()))
self.assertTrue(response.has_key('scores'))
s = response['scores'][0]
self.assertEqual(len(response['scores']), 1)
self.assertTrue(s.has_key('values'))
svals = s['values']
self.assertEqual(len(svals), 1)
self.assertEqual(svals[0]['explanation'], 'exp')
self.assertEqual(svals[0]['number'], 0)
self.assertTrue(svals[0].has_key('change'))
self.assertTrue(s.has_key('del'))
self.assertTrue(s.has_key('name'))
self.assertEquals(s['name'], 'scorecategory')
self.assertTrue(s.has_key('change'))
self.assertTrue(s.has_key('shortform'))
self.assertEquals(s['shortform'], 'sc')
self.assertTrue(response.has_key('degrees'))
self.assertEqual(len(response['degrees']), 1)
d = response['degrees'][0]
self.assertEqual(d['name'], 'degree')
self.assertEqual(d['shortform'], 'dg')
def get(self, granted):
pair = granted.apprevpair
applicant = pair.applicant
components = applicant.get_component_objects()
component_caps = dict(\
[(c.type.id, bcap.grant('get-statement', c))\
for c in components if c.type.type == 'statement'])
resp = {\
'getBasic' : bcap.cachegrant('get-basic', applicant.department),\
'getApplicant' : bcap.cachegrant('apprev-get-applicant', pair),\
'getReviewers' : bcap.cachegrant('appreview-get-reviewers', applicant),\
'getReview' : bcap.cachegrant('get-review', pair),\
'setAreas' : bcap.cachegrant('set-areas', applicant),\
# setGender/Ethnicity mapped to changeApplicant
'changeApplicant' : bcap.cachegrant('change-applicant', applicant),\
'setPosition' : bcap.cachegrant('set-position', applicant),\
'componentCaps' : component_caps,\
'getCombined' : bcap.cachegrant('get-combined', applicant),\
'uploadMaterial' : bcap.cachegrant('upload-material', applicant),\
'revertReview' : bcap.cachegrant('revert-review', pair),\
'submitReview' : bcap.cachegrant('submit-review', pair),\
'getHighlightStatus' : bcap.cachegrant('get-highlight-status', pair),\
'unhighlightApplicant' : bcap.cachegrant('unhighlight-applicant', pair),\
'rejectApplicant' : bcap.cachegrant('reject-applicant', applicant),\
'hideApplicant' : bcap.cachegrant('hide-applicant', pair),\
}
return bcap.bcapResponse(resp)
def setup(adminName):
cses = Department.objects.filter(shortname='cs')
if len(cses) == 0:
cs = Department(name='Computer Science', shortname='cs', lastChange=0,\
headerImage='', logoImage='', resumeImage='', headerBgImage='',\
brandColor='blue', contactName='Donald Knuth', contactEmail='*****@*****.**',\
techEmail='*****@*****.**')
cs.save()
else:
cs = cses[0]
make_some_applicants(cs)
unverified_user = UnverifiedUser( \
role='admin',
name=adminName,
email='%s@fake' % adminName,
department=cs)
unverified_user.save()
ResumeInit().process_request(None)
create_account = bcap.grant('get-admin-email-and-create', unverified_user)
print("To get started, go here: %s/static/new_account.html#%s" % \
(bcap.this_server_url_prefix(), create_account.serialize()))
def testSetBasic(self):
setBasicCap = bcap.grant('set-basic', self.department)
newinfo = {\
'name' : 'updated name',\
'shortname' : 'un',\
'lastChange' : 1,\
'brandColor' : 'updated color',\
'contactName' : 'updated contactName',\
'contactEmail' : '*****@*****.**',\
'techEmail' : '*****@*****.**'\
}
response = setBasicCap.post(newinfo)
self.assertTrue(response.has_key('success'))
self.assertTrue(response['success'])
old = Department.objects.filter(name='Computer Science', shortname='CS', lastChange=0,\
headerImage='', logoImage='', resumeImage='', headerBgImage='',\
brandColor='blue', contactName='Donald Knuth', contactEmail='*****@*****.**',\
techEmail='*****@*****.**')
self.assertEqual(len(old), 0)
new = Department.objects.filter(name='updated name', shortname='un',\
lastChange=1, brandColor='updated color', contactName='updated contactName',\
contactEmail='*****@*****.**', techEmail='*****@*****.**')
self.assertEqual(len(new), 1)
self.department = new[0]
def post(self, granted, args):
if granted is None:
return HttpResponseNotFound()
ua = granted.unverifiedapplicant
auth_info = AuthInfo(
email=ua.email, \
# TODO(matt): fix or remove name from AuthInfo?
name='',\
role='applicant', \
department=ua.department)
auth_info.save()
applicant = Applicant(\
auth = auth_info,\
firstname='',\
lastname='',\
country='',\
department=ua.department,\
position=ua.position\
)
applicant.save()
ua.delete()
launch = bcap.grant('launch-applicant', applicant)
return bcap.bcapResponse({
'public_data': 'Edit application for %s' % ua.email,
'private_data': launch,
'domain': bcap.this_server_url_prefix(),
'url': '/applicant/'
})
def get(self, granted):
dept = granted.department
positions = dept.getPositions()
caps = {}
for p in positions:
caps[p.name] = bcap.grant('add-applicant-with-position', p)
return bcap.bcapResponse(caps)
def post(self, granted, args):
unverified_user = granted.unverifieduser
if granted is None:
return HttpResponseNotFound()
auth_info = AuthInfo(
email=unverified_user.email, \
name=unverified_user.name, \
role='reviewer', \
department=unverified_user.department)
auth_info.save()
reviewer = Reviewer(auth=auth_info, department=unverified_user.department)
reviewer.save()
# Remove the unverified_user---this is a one-shot request
unverified_user.delete()
# This is the capability to put in launch_info
launch = bcap.grant('launch-reviewer', reviewer)
return bcap.bcapResponse({
'public_data': 'Reviewer account for %s' % auth_info.name,
'private_data': launch,
'domain': bcap.this_server_url_prefix(),
'url': '/review'
})
def request_plt_account_silent(request):
"""Allows requests only from those listed in settings.REQUESTING_DOMAINS
Currently, used by Resume as a trusted channel to ask for new accounts
so that service isn't exposed to arbitrary clients, and can be controlled
through emails sent from Resume"""
logger.error('Reached request_account')
def request_allowed():
return request.META['REMOTE_ADDR'] in settings.REQUESTING_DOMAINS
if request.method != 'POST':
return HttpResponseNotAllowed(['POST'])
args = bcap.dataPostProcess(request.read())
logger.error('Belay: got account request: %s' % args)
logger.error('Request is from: %s' % request.META['REMOTE_ADDR'])
if not request_allowed():
return logWith404(logger, 'request_silent: bad request %s' %\
request.META['REMOTE_ADDR'])
pa = PendingAccount(email = args['email'])
pa.save()
create_cap = bcap.grant('create-account', pa)
logger.error('Belay: successful create: %s' % create_cap.serialize())
return bcap.bcapResponse({'create': create_cap})
def testApplicantPosition(self):
addCap = bcap.grant('applicantposition-add', self.department)
response = addCap.post({'name' : 'Chairman', 'shortform' : 'CH',\
'autoemail' : False})
positions = ApplicantPosition.objects.filter(department=self.department,\
name='Chairman', shortform='CH', autoemail=False)
self.assertEquals(len(positions), 1)
positions.delete()
def testFindRefs(self):
findRefsCap = bcap.grant('find-refs', self.department)
response = findRefsCap.post({'email' : '*****@*****.**'})
self.assertEqual(len(response), 1)
ref = response[0]
self.assertEqual(ref['appname'],\
self.applicant.firstname + ' ' + self.applicant.lastname)
self.assertEqual(ref['appemail'], self.applicant.auth.email)
def post(self, grantable, args):
response = self.checkPostArgs(args)
if response != 'OK':
return response
email = args['email']
name = args['name']
role = args['role']
dept = grantable.department
uu = UnverifiedUser(email=email, name=name, role=role, department=dept)
try:
uu.save()
except:
resp = {'success' : False, 'message' : 'failed to create UnverifiedUser'}
return bcap.bcapResponse(resp)
if role == 'admin': create_cap = bcap.grant('add-admin', uu)
elif role == 'reviewer': create_cap = bcap.grant('add-reviewer', uu)
else: return logWith404(logger, 'UnverifiedUserAddRevHandler: role type not allowed: %s' % role)
activate_url = '%s/new-account/#%s' % \
(bcap.this_server_url_prefix(), create_cap.serialize())
return_url = bcap.this_server_url_prefix()
emailstr = u"""Dear %s,
A new Apply account is being created for you. To activate it, visit:
%s
To regain access your account once it has been created, visit:
%s
"""
emailstr = emailstr % (name, activate_url, return_url)
sendLogEmail(emailstr, email)
delCap = bcap.grant('unverifieduser-delete', uu)
resp = {\
'success' : True,\
'email' : email,\
'name' : name,\
'role' : role,\
}
return bcap.bcapResponse(resp)
def get(self, grantable):
pending = grantable.department.getPending()
result = [\
{'name' : u.name,\
'role' : u.role,\
'email' : u.email,\
'del' : bcap.grant('unverifieduser-delete', u)\
} for u in pending]
return bcap.bcapResponse(result)
def get(self, granted):
ref = granted.reference
launch_info = ref.to_json()
letter = bcap.grant('reference-letter', ref)
launch_info['currentLetter'] = letter
launch_info['appname'] = ref.applicant.fullname()
launch_info['contact'] = ref.department.shortname
return bcap.bcapResponse(launch_info)
def testGetReviewerHighlight(self):
get_reviewer = bcap.grant('get-reviewer', self.reviewer)
highlight = Highlight(applicant=self.applicant, department=self.department,\
highlightee=self.reviewer)
highlight.save()
result = get_reviewer.get()
self.assertEqual(result['hiddens'], [])
self.assertEqual(result['highlights'], [self.applicant.id])
self.assertEqual(result['drafts'], [])
def sendReferenceRequest(applicant, ref):
launch_cap = bcap.grant('launch-reference', ref)
orgname = applicant.department.name
shortname = applicant.department.shortname
fromaddr = fromAddr(applicant.department)
message = makeReferenceRequest(applicant, ref, launch_cap, orgname, shortname)
subject = "%s Reference Request (%s)" % (orgname, applicant.fullname())
emailResponse = sendLogEmail(subject, message, ref.email, fromaddr)
if emailResponse: return {'error': emailResponse}
return {'success': launch_cap}
def generate(request):
if request.method == 'GET':
station_uuid = uuid.uuid4()
station_id = str(station_uuid)
station = StationData(sid=station_id)
station.save()
cap = bcap.grant('launch', station)
return bcap.bcapResponse(cap)
else:
return HttpResponseNotAllowed(['GET'])
def get(self, granted):
basic_info = granted.department.getBasic()
response_areas = [\
{'name' : a.name,\
'abbr' : a.abbr,\
'del' : bcap.grant('area-delete', a)\
} for a in basic_info['areas']]
basic_info['areas'] = response_areas
response_scores = [\
{'name' : s.name,\
'shortform' : s.shortform,\
'values' : [\
{'number' : v.number,\
'explanation' : v.explanation,\
'change' : bcap.grant('scorevalue-change', v)} for v in s.getValues()],\
'del' : bcap.grant('scorecategory-delete', s),\
'change' : bcap.grant('scorecategory-change', s)\
} for s in basic_info['scores']]
basic_info['scores'] = response_scores
return bcap.bcapResponse(basic_info)
def testGetReviewers(self):
getReviewersCap = bcap.grant('get-reviewers', self.department)
reviewers = getReviewersCap.get()
self.assertEqual(len(reviewers), 1)
r = reviewers[0]
self.assertEqual(r['email'], self.auth.email)
self.assertEqual(r['name'], self.auth.name)
self.assertEqual(r['role'], self.auth.role)
self.reviewer.delete()
reviewers = getReviewersCap.get()
self.assertEqual(len(reviewers), 0)
def testScoreValue(self):
changeCap = bcap.grant('scorevalue-change', self.value)
change_resp = changeCap.post({'explanation' : 'because i said so'})
self.assertTrue(change_resp.has_key('success'))
self.assertTrue(change_resp['success'])
vals = ScoreValue.objects.filter(category=self.category, number=0,\
explanation='because')
self.assertEqual(len(vals), 0)
vals = ScoreValue.objects.filter(category=self.category, number=0,\
explanation='because i said so')
self.assertEqual(len(vals), 1)
vals.delete()
def testAdminLaunch(self):
adminLaunchCap = bcap.grant('launch-admin', self.auth)
response = adminLaunchCap.get()
self.assertTrue(response.has_key('getReviewers'))
self.assertTrue(response.has_key('UnverifiedUserAddRev'))
self.assertTrue(response.has_key('UnverifiedUserGetPending'))
self.assertTrue(response.has_key('ScoreCategoryAdd'))
self.assertTrue(response.has_key('ApplicantPositionAdd'))
self.assertTrue(response.has_key('AreaAdd'))
self.assertTrue(response.has_key('getBasic'))
self.assertTrue(response.has_key('setBasic'))
self.assertTrue(response.has_key('getCSV'))
def testScoreCategory(self):
args = {\
'name' : 'Category Uno',\
'shortform' : 'CU',\
'minval' : 0,\
'maxval' : 10\
}
addCap = bcap.grant('scorecategory-add', self.department)
response = addCap.post(args)
self.assertTrue(response.has_key('success'))
self.assertTrue(response['success'])
for k in args.keys():
self.assertTrue(response.has_key(k))
self.assertEqual(response[k], args[k])
scs = ScoreCategory.objects.filter(name=args['name'])
self.assertEqual(len(scs), 1)
sc = scs[0]
changeCap = bcap.grant('scorecategory-change', sc)
new_args = {'name' : 'changed name', 'shortform' : 'cn'}
response = changeCap.post(new_args)
self.assertTrue(response.has_key('success'))
self.assertTrue(response['success'])
for k in new_args.keys():
self.assertTrue(response.has_key(k), 'response missing key = ' + k)
self.assertEqual(response[k], new_args[k])
old_scs = ScoreCategory.objects.filter(name=args['name'],\
shortform=args['shortform'])
self.assertEqual(len(old_scs), 0)
new_scs = ScoreCategory.objects.filter(name=new_args['name'],\
shortform=new_args['shortform'])
self.assertEqual(len(new_scs), 1)
sc = new_scs[0]
delCap = bcap.grant('scorecategory-delete', sc)
delCap.delete()
new_scs = ScoreCategory.objects.filter(name=new_args['name'],\
shortform=new_args['shortform'])
def index_handler(request):
if request.method != 'GET':
return HttpResponseNotAllowed(['GET'])
try:
logger.info('Dept: %s' % dept_name)
dept = Department.departmentByName(dept_name)
cap = bcap.grant('add-applicant', dept)
except Exception as e:
return logWith404(logger, "Looked up bad department: %s, %s" % (dept_name, e), level='error')
return render_to_response(index_file, {
'create_applicant': cap.serialize(),
'contact': dept.shortname
})
def testUpdate(self):
applicant = self.applicant
update_cap = bcap.grant('update-applicant-name', applicant)
update_cap.post({'firstname' : 'updated foo'})
applicants = Applicant.objects.filter(firstname='foo')
self.assertEqual(len(applicants), 0)
applicants = Applicant.objects.filter(firstname='updated foo')
self.assertEqual(len(applicants), 1)
update_cap.post({'lastname' : 'updated foo2'})
applicants = Applicant.objects.filter(lastname='foo')
self.assertEqual(len(applicants), 0)
applicants = Applicant.objects.filter(lastname='updated foo2')
self.assertEqual(len(applicants), 1)
def testArea(self):
addCap = bcap.grant('area-add', self.department)
response = addCap.post({\
'name' : 'The Area',\
'abbr' : 'TA', \
})
self.assertTrue(response['success'] and response.has_key('delete'))
areas = Area.objects.filter(name='The Area', abbr='TA', \
department=self.department)
self.assertEqual(len(areas), 1)
delCap = response['delete']
delCap.delete()
areas = Area.objects.filter(name='The Area', abbr='TA', \
department=self.department)
self.assertEqual(len(areas), 0)
def testAdminAccount(self):
unverified_user = UnverifiedUser( \
role='admin',
name='Default Admin',
email='default@fake',
department=self.department)
unverified_user.save()
create_cap = bcap.grant('add-admin', unverified_user)
admin_info = create_cap.post({})
info = AuthInfo.objects.filter(email='default@fake')
self.assertEqual(len(info), 1)
self.assertEqual(info[0].email, 'default@fake')
self.assertEqual(info[0].role, 'admin')
self.assertTrue(isinstance(admin_info['private_data'], bcap.Capability))
def startDeptDefault(adminName, adminEmail, techEmail, deptname, shortname):
dept = Department(
name=deptname,
shortname=shortname,
lastChange=0,
headerImage='',
logoImage='',
resumeImage='',
headerBgImage='',
contactName=adminName,
contactEmail=adminEmail,
techEmail=techEmail)
dept.save()
unverified_user = UnverifiedUser( \
role='admin',
name=adminName,
email=adminEmail,
department=dept)
unverified_user.save()
ResumeInit().process_request(None)
create_account = bcap.grant('get-admin-email-and-create', unverified_user)
posn = ApplicantPosition(department=dept, name='Assistant Professor',
shortform='AsstProf', autoemail=True)
posn.save()
c = ComponentType(department=dept,type='statement',name='Cover Letter',short='Cover')
c.save()
c = ComponentType(department=dept,type='statement',name='Curriculum Vitae',short='CV')
c.save()
c = ComponentType(department=dept,type='statement',name='Research Statement',short='Research')
c.save()
c = ComponentType(department=dept,type='statement',name='Teaching Statement',short='Teaching')
c.save()
c = ComponentType(department=dept,type='contactweb',name='Home Page',short='home')
c.save()
c = ComponentType(department=dept,type='contactweb',name='Application Web Page',short='app')
c.save()
c = ComponentType(department=dept,type='contactlong',name='Optional Notes',short='addtl')
c.save()
return "To get started, go here: %s/new-account/#%s" % \
(bcap.this_server_url_prefix(), create_account.serialize())
