def _has_access(request, report): try: return (has_role('SYSA', request) or AccessRule.objects.filter( report=report, person__userid=request.user.username).exists() or has_role('REPV', request)) except AccessRule.DoesNotExist: return False
def _has_access(request, report): try: return (has_role('SYSA', request) or AccessRule.objects.filter(report=report, person__userid=request.user.username).exists() or has_role('REPV', request) ) except AccessRule.DoesNotExist: return False
def view_reports(request): if has_role('SYSA', request): reports = Report.objects.filter(hidden=False).order_by('name') readonly = False elif has_role('REPV', request): reports = Report.objects.filter(hidden=False).order_by('name') readonly = True else: readonly = True access_rules = AccessRule.objects.filter(person__userid=request.user.username).order_by('report__name') reports = [rule.report for rule in access_rules if not rule.report.hidden] return render(request, 'reports/view_reports.html', {'readonly':readonly, 'reports':reports})
def view_reports(request): if has_role('SYSA', request): reports = Report.objects.filter(hidden=False).order_by('name') readonly = False elif has_role('REPV', request): reports = Report.objects.filter(hidden=False).order_by('name') readonly = True else: readonly = True access_rules = AccessRule.objects.filter(person__userid=request.user.username).order_by('report__name') reports = [rule.report for rule in access_rules if not rule.report.hidden] return render(request, 'reports/view_reports.html', {'readonly':readonly, 'reports':reports})
def _can_view_student(request, grad_slug, funding=False): """ Return GradStudent object and authorization type if user is either (1) admin for the student's unit, (2) the student him-/herself, (3) a senior supervisor of the student, (4) is a grad director in the student's unit. Return None if no condition is met """ # grad admins can view within their unit if has_role('GRAD', request): grad = get_object_or_404(GradStudent, slug=grad_slug, program__unit__in=request.units) return grad, 'admin', request.units # funding admins can view some pages within their unit if funding and has_role('FUND', request): grad = get_object_or_404(GradStudent, slug=grad_slug, program__unit__in=request.units) return grad, 'admin', request.units # grad directors can ONLY view within their unit if request.method == 'GET' and has_role('GRPD', request): grad = get_object_or_404(GradStudent, slug=grad_slug, program__unit__in=request.units) return grad, 'graddir', request.units # senior supervisors can see their students supervisors = Supervisor.objects.filter( supervisor__userid=request.user.username, student__slug=grad_slug, supervisor_type__in=['SEN', 'POT'], removed=False).select_related('student') supervisors = [sup for sup in supervisors if sup.can_view_details()] if request.method == 'GET' and supervisors: grad = supervisors[0].student return grad, 'supervisor', [grad.program.unit] # students can see their own page students = GradStudent.objects.filter(slug=grad_slug, person__userid=request.user.username) if request.method == 'GET' and students: return students[0], 'student', [students[0].program.unit] return None, None, None
def config(request): users = Person.objects.filter(userid=request.user.username) if users.count() == 1: user = users[0] else: return NotFoundResponse(request, errormsg="Your account is not known to this system. There is nothing to configure.") # calendar config config = _get_calendar_config(user) if 'token' not in config: caltoken = None else: caltoken = config['token'] # feed config configs = UserConfig.objects.filter(user=user, key="feed-token") if not configs: newstoken = None else: newstoken = configs[0].value['token'] # news config configs = UserConfig.objects.filter(user=user, key="newsitems") # By default, users get emails for news items unless they specifically opted-out. The value here doesn't # change any data, it just displays the same thing as if someone had a UserConfig where they specifically set # email to True. if not configs: newsconfig = {'email': True} else: newsconfig = configs[0].value # advisor note API config advisortoken = None advisor = False if has_role('ADVS', request): advisor = True configs = UserConfig.objects.filter(user=user, key='advisor-token') if len(configs) > 0: advisortoken = configs[0].value['token'] # ID photo agreement instructor = False photo_agreement = False if Member.objects.filter(person=user, role__in=['INST', 'TA']).count() > 0: instructor = True configs = UserConfig.objects.filter(user=user, key='photo-agreement') if len(configs) > 0: photo_agreement = configs[0].value['agree'] # privacy config roles = Role.all_roles(user.userid) roles_with_privacy = [r for r in roles if r in PRIVACY_ROLES] privacy_visible = len(roles_with_privacy) > 0 context={'caltoken': caltoken, 'newstoken': newstoken, 'newsconfig': newsconfig, 'advisor': advisor, 'advisortoken': advisortoken, 'instructor': instructor, 'photo_agreement': photo_agreement, 'userid': user.userid, 'server_url': settings.BASE_ABS_URL, 'privacy_visible': privacy_visible} return render(request, "dashboard/config.html", context)
def config(request): users = Person.objects.filter(userid=request.user.username) if users.count() == 1: user = users[0] else: return NotFoundResponse(request, errormsg="Your account is not known to this system. There is nothing to configure.") # calendar config config = _get_calendar_config(user) if 'token' not in config: caltoken = None else: caltoken = config['token'] # feed config configs = UserConfig.objects.filter(user=user, key="feed-token") if not configs: newstoken = None else: newstoken = configs[0].value['token'] # news config configs = UserConfig.objects.filter(user=user, key="newsitems") # By default, users get emails for news items unless they specifically opted-out. The value here doesn't # change any data, it just displays the same thing as if someone had a UserConfig where they specifically set # email to True. if not configs: newsconfig = {'email': True} else: newsconfig = configs[0].value # advisor note API config advisortoken = None advisor = False if has_role('ADVS', request): advisor = True configs = UserConfig.objects.filter(user=user, key='advisor-token') if len(configs) > 0: advisortoken = configs[0].value['token'] # ID photo agreement instructor = False photo_agreement = False if Member.objects.filter(person=user, role__in=['INST', 'TA']).count() > 0: instructor = True configs = UserConfig.objects.filter(user=user, key='photo-agreement') if len(configs) > 0: photo_agreement = configs[0].value['agree'] # privacy config roles = Role.all_roles(user.userid) roles_with_privacy = [r for r in roles if r in PRIVACY_ROLES] privacy_visible = len(roles_with_privacy) > 0 context={'caltoken': caltoken, 'newstoken': newstoken, 'newsconfig': newsconfig, 'advisor': advisor, 'advisortoken': advisortoken, 'instructor': instructor, 'photo_agreement': photo_agreement, 'userid': user.userid, 'server_url': settings.BASE_ABS_URL, 'privacy_visible': privacy_visible} return render(request, "dashboard/config.html", context)
def _can_view_student(request, grad_slug, funding=False): """ Return GradStudent object and authorization type if user is either (1) admin for the student's unit, (2) the student him-/herself, (3) a senior supervisor of the student, (4) is a grad director in the student's unit. Return None if no condition is met """ # grad admins can view within their unit if has_role('GRAD', request): grad = get_object_or_404(GradStudent, slug=grad_slug, program__unit__in=request.units) return grad, 'admin', request.units # funding admins can view some pages within their unit if funding and has_role('FUND', request): grad = get_object_or_404(GradStudent, slug=grad_slug, program__unit__in=request.units) return grad, 'admin', request.units # grad directors can ONLY view within their unit if request.method=='GET' and has_role('GRPD', request): grad = get_object_or_404(GradStudent, slug=grad_slug, program__unit__in=request.units) return grad, 'graddir', request.units # senior supervisors can see their students supervisors = Supervisor.objects.filter(supervisor__userid=request.user.username, student__slug=grad_slug, supervisor_type__in=['SEN','POT'], removed=False).select_related('student') supervisors = [sup for sup in supervisors if sup.can_view_details()] if request.method=='GET' and supervisors: grad = supervisors[0].student return grad, 'supervisor', [grad.program.unit] # students can see their own page students = GradStudent.objects.filter(slug=grad_slug, person__userid=request.user.username) if request.method=='GET' and students: return students[0], 'student', [students[0].program.unit] return None, None, None
def list_grade_sources(request): form = GradeSourceListForm(request.GET) country = request.GET.get('country', None) grade_sources = GradeSource.objects.filter(status='ACTI') is_admin = has_role('GPA', request) if country: grade_sources = grade_sources.filter(country=country) return { 'form': form, 'grade_sources': grade_sources, 'is_admin': is_admin, }
def list_grade_sources(request): form = GradeSourceListForm(request.GET) country = request.GET.get('country', None) grade_sources = GradeSource.objects.filter(status='ACTI') is_admin = has_role('GPA', request) if country: grade_sources = grade_sources.filter(country=country) return { 'form': form, 'grade_sources': grade_sources, 'is_admin': is_admin, }
def view_report(request, report): report = request.report readonly = True if has_role('SYSA', request): readonly = False access_rules = AccessRule.objects.filter(report=report) schedule_rules = ScheduleRule.objects.filter(report=report) components = HardcodedReport.objects.filter(report=report) queries = Query.objects.filter(report=report) runs = Run.objects.filter(report=report).order_by("-created_at") return render(request, 'reports/view_report.html', {'readonly':readonly, 'report':report, 'is_scheduled_to_run':report.is_scheduled_to_run(), 'queries':queries, 'schedule_rules':schedule_rules, 'access_rules':access_rules, 'runs':runs, 'components':components})
def view_report(request, report): report = request.report readonly = True if has_role('SYSA', request): readonly = False access_rules = AccessRule.objects.filter(report=report) schedule_rules = ScheduleRule.objects.filter(report=report) components = HardcodedReport.objects.filter(report=report) queries = Query.objects.filter(report=report) runs = Run.objects.filter(report=report).order_by("-created_at") return render(request, 'reports/view_report.html', {'readonly':readonly, 'report':report, 'is_scheduled_to_run':report.is_scheduled_to_run(), 'queries':queries, 'schedule_rules':schedule_rules, 'access_rules':access_rules, 'runs':runs, 'components':components})
def auth_test(request, **kwargs): supervisor = RAAppointment.objects.filter(hiring_faculty__userid=request.user.username).exists() request.is_supervisor = supervisor return has_role('FUND', request, **kwargs) or supervisor
def auth_test(request, **kwargs): supervisor = RAAppointment.objects.filter(hiring_faculty__userid=request.user.username).exists() request.is_supervisor = supervisor return has_role('FUND', request, **kwargs) or supervisor