def create_audit_context(audit): # Create an audit context context = audit.build_object_context( context=audit.context, name='Audit Context {timestamp}'.format( timestamp=datetime.datetime.now()), description='', ) context.modified_by = get_current_user() db.session.add(context) db.session.flush() # Create the program -> audit implication db.session.add(ContextImplication( source_context=audit.context, context=context, source_context_scope='Program', context_scope='Audit', modified_by=get_current_user(), )) db.session.add(audit) # Create the role implication for Auditor from Audit for default context db.session.add(ContextImplication( source_context=context, context=None, source_context_scope='Audit', context_scope=None, modified_by=get_current_user(), )) db.session.flush() # Place the audit in the audit context audit.context = context
def handle_workflow_post(sender, obj=None, src=None, service=None): _validate_post_workflow_fields(obj) source_workflow = None if src.get('clone'): source_workflow_id = src.get('clone') source_workflow = models.Workflow.query.filter_by( id=source_workflow_id ).first() source_workflow.copy(obj, clone_people=src.get('clone_people', False)) obj.title = source_workflow.title + ' (copy ' + str(obj.id) + ')' # get the personal context for this logged in user user = get_current_user() personal_context = user.get_or_create_object_context(context=1) workflow_context = obj.get_or_create_object_context(personal_context) obj.context = workflow_context # ContextImplications linked only with `workflow_context` object, which # was created but not added to DB yet. ContextImlications should be added to # session explicitly due to SQLAlchemy Garbage collector deletes such # objects, and it will not be added to session. On the other hand # `workflow_context` was added to session automatically, because it is linked # to `personal_context` that is already in DB. # Create context implication for Workflow roles to default context. db.session.add(ContextImplication( source_context=workflow_context, context=None, source_context_scope='Workflow', context_scope=None, modified_by=get_current_user(), )) # Add role implication - global users can perform defined actions on workflow # and its related objects. db.session.add(ContextImplication( source_context=None, context=workflow_context, source_context_scope=None, context_scope='Workflow', modified_by=get_current_user(), )) if src.get('clone'): source_workflow.copy_task_groups( obj, clone_people=src.get('clone_people', False), clone_tasks=src.get('clone_tasks', False), clone_objects=src.get('clone_objects', False) )
def add_public_workflow_context_implication(context, check_exists=False): if check_exists and db.session.query(ContextImplication).filter( and_(ContextImplication.context_id == context.id, ContextImplication.source_context_id == None)).count() > 0: # noqa return db.session.add(ContextImplication( source_context=None, context=context, source_context_scope=None, context_scope='Workflow', modified_by=get_current_user(), ))
def add_public_program_context_implication(context, check_exists=False): if check_exists and db.session.query(ContextImplication)\ .filter( and_(ContextImplication.context_id == context.id, ContextImplication.source_context_id.is_(None))).count() > 0: return db.session.add(ContextImplication( source_context=None, context=context, source_context_scope=None, context_scope='Program', modified_by=get_current_user(), ))
def handle_program_post(sender, obj=None, src=None, service=None): db.session.flush() # get the personal context for this logged in user user = get_current_user() personal_context = _get_or_create_personal_context(user) context = obj.build_object_context( context=personal_context, name='{object_type} Context {timestamp}'.format( object_type=service.model.__name__, timestamp=datetime.datetime.now()), description='', ) context.modified_by = get_current_user() db.session.add(obj) db.session.flush() db.session.add(context) db.session.flush() obj.contexts.append(context) obj.context = context # add a user_roles mapping assigning the user creating the program # the ProgramOwner role in the program's context. program_owner_role = basic_roles.program_owner() user_role = UserRole( person=get_current_user(), role=program_owner_role, context=context, modified_by=get_current_user()) # pass along a temporary attribute for logging the events. user_role._display_related_title = obj.title db.session.add(user_role) db.session.flush() # Create the context implication for Program roles to default context db.session.add(ContextImplication( source_context=context, context=None, source_context_scope='Program', context_scope=None, modified_by=get_current_user())) if not src.get('private'): # Add role implication - all users can read a public program add_public_program_context_implication(context)
def handle_workflow_post(sender, obj=None, src=None, service=None): # noqa pylint: disable=unused-argument source_workflow = None if src.get('clone'): source_workflow_id = src.get('clone') source_workflow = models.Workflow.query.filter_by( id=source_workflow_id).first() source_workflow.copy(obj) db.session.add(obj) db.session.flush() obj.title = source_workflow.title + ' (copy ' + str(obj.id) + ')' db.session.flush() # get the personal context for this logged in user user = get_current_user() personal_context = _get_or_create_personal_context(user) context = obj.build_object_context( context=personal_context, name='{object_type} Context {timestamp}'.format( object_type=service.model.__name__, timestamp=datetime.now()), description='', ) context.modified_by = get_current_user() db.session.add(obj) db.session.flush() db.session.add(context) db.session.flush() obj.contexts.append(context) obj.context = context # add a user_roles mapping assigning the user creating the workflow # the WorkflowOwner role in the workflow's context. workflow_owner_role = _find_role('WorkflowOwner') user_role = UserRole( person=user, role=workflow_owner_role, context=context, modified_by=get_current_user(), ) db.session.add( models.WorkflowPerson( person=user, workflow=obj, context=context, modified_by=get_current_user(), )) # pass along a temporary attribute for logging the events. user_role._display_related_title = obj.title db.session.add(user_role) db.session.flush() # Create the context implication for Workflow roles to default context db.session.add( ContextImplication( source_context=context, context=None, source_context_scope='Workflow', context_scope=None, modified_by=get_current_user(), )) if not src.get('private'): # Add role implication - all users can read a public workflow add_public_workflow_context_implication(context) if src.get('clone'): source_workflow.copy_task_groups( obj, clone_people=src.get('clone_people', False), clone_tasks=src.get('clone_tasks', False), clone_objects=src.get('clone_objects', False)) if src.get('clone_people'): workflow_member_role = _find_role('WorkflowMember') for authorization in source_workflow.context.user_roles: # Current user has already been added as workflow owner if authorization.person != user: db.session.add( UserRole(person=authorization.person, role=workflow_member_role, context=context, modified_by=user)) for person in source_workflow.people: if person != user: db.session.add( models.WorkflowPerson(person=person, workflow=obj, context=context))
def handle_workflow_post(sender, obj=None, src=None, service=None): _validate_post_workflow_fields(obj) source_workflow = None if src.get('clone'): source_workflow_id = src.get('clone') source_workflow = models.Workflow.query.filter_by( id=source_workflow_id ).first() source_workflow.copy(obj) obj.title = source_workflow.title + ' (copy ' + str(obj.id) + ')' # get the personal context for this logged in user user = get_current_user() personal_context = user.get_or_create_object_context(context=1) context = obj.get_or_create_object_context(personal_context) obj.context = context if not obj.workflow_people: # add a user_roles mapping assigning the user creating the workflow # the WorkflowOwner role in the workflow's context. workflow_owner_role = _find_role('WorkflowOwner') user_role = UserRole( person=user, role=workflow_owner_role, context=context, modified_by=get_current_user(), ) models.WorkflowPerson( person=user, workflow=obj, context=context, modified_by=get_current_user(), ) # pass along a temporary attribute for logging the events. user_role._display_related_title = obj.title # Create the context implication for Workflow roles to default context ContextImplication( source_context=context, context=None, source_context_scope='Workflow', context_scope=None, modified_by=get_current_user(), ) if not src.get('private'): # Add role implication - all users can read a public workflow add_public_workflow_context_implication(context) if src.get('clone'): source_workflow.copy_task_groups( obj, clone_people=src.get('clone_people', False), clone_tasks=src.get('clone_tasks', False), clone_objects=src.get('clone_objects', False) ) if src.get('clone_people'): workflow_member_role = _find_role('WorkflowMember') for authorization in source_workflow.context.user_roles: # Current user has already been added as workflow owner if authorization.person != user: UserRole( person=authorization.person, role=workflow_member_role, context=context, modified_by=user) for person in source_workflow.people: if person != user: models.WorkflowPerson( person=person, workflow=obj, context=context)