def create_audit_context(audit):
# Create an audit context
context = audit.build_object_context(
context=audit.context,
name='Audit Context {timestamp}'.format(
timestamp=datetime.datetime.now()),
description='',
)
context.modified_by = get_current_user()
db.session.add(context)
db.session.flush()
# Create the program -> audit implication
db.session.add(ContextImplication(
source_context=audit.context,
context=context,
source_context_scope='Program',
context_scope='Audit',
modified_by=get_current_user(),
))
db.session.add(audit)
# Create the role implication for Auditor from Audit for default context
db.session.add(ContextImplication(
source_context=context,
context=None,
source_context_scope='Audit',
context_scope=None,
modified_by=get_current_user(),
))
db.session.flush()
# Place the audit in the audit context
audit.context = context
def handle_workflow_post(sender, obj=None, src=None, service=None):
_validate_post_workflow_fields(obj)
source_workflow = None
if src.get('clone'):
source_workflow_id = src.get('clone')
source_workflow = models.Workflow.query.filter_by(
id=source_workflow_id
).first()
source_workflow.copy(obj, clone_people=src.get('clone_people', False))
obj.title = source_workflow.title + ' (copy ' + str(obj.id) + ')'
# get the personal context for this logged in user
user = get_current_user()
personal_context = user.get_or_create_object_context(context=1)
workflow_context = obj.get_or_create_object_context(personal_context)
obj.context = workflow_context
# ContextImplications linked only with `workflow_context` object, which
# was created but not added to DB yet. ContextImlications should be added to
# session explicitly due to SQLAlchemy Garbage collector deletes such
# objects, and it will not be added to session. On the other hand
# `workflow_context` was added to session automatically, because it is linked
# to `personal_context` that is already in DB.
# Create context implication for Workflow roles to default context.
db.session.add(ContextImplication(
source_context=workflow_context,
context=None,
source_context_scope='Workflow',
context_scope=None,
modified_by=get_current_user(),
))
# Add role implication - global users can perform defined actions on workflow
# and its related objects.
db.session.add(ContextImplication(
source_context=None,
context=workflow_context,
source_context_scope=None,
context_scope='Workflow',
modified_by=get_current_user(),
))
if src.get('clone'):
source_workflow.copy_task_groups(
obj,
clone_people=src.get('clone_people', False),
clone_tasks=src.get('clone_tasks', False),
clone_objects=src.get('clone_objects', False)
)
def add_public_workflow_context_implication(context, check_exists=False):
if check_exists and db.session.query(ContextImplication).filter(
and_(ContextImplication.context_id == context.id,
ContextImplication.source_context_id == None)).count() > 0: # noqa
return
db.session.add(ContextImplication(
source_context=None,
context=context,
source_context_scope=None,
context_scope='Workflow',
modified_by=get_current_user(),
))
def add_public_program_context_implication(context, check_exists=False):
if check_exists and db.session.query(ContextImplication)\
.filter(
and_(ContextImplication.context_id == context.id,
ContextImplication.source_context_id.is_(None))).count() > 0:
return
db.session.add(ContextImplication(
source_context=None,
context=context,
source_context_scope=None,
context_scope='Program',
modified_by=get_current_user(),
))
def handle_program_post(sender, obj=None, src=None, service=None):
db.session.flush()
# get the personal context for this logged in user
user = get_current_user()
personal_context = _get_or_create_personal_context(user)
context = obj.build_object_context(
context=personal_context,
name='{object_type} Context {timestamp}'.format(
object_type=service.model.__name__,
timestamp=datetime.datetime.now()),
description='',
)
context.modified_by = get_current_user()
db.session.add(obj)
db.session.flush()
db.session.add(context)
db.session.flush()
obj.contexts.append(context)
obj.context = context
# add a user_roles mapping assigning the user creating the program
# the ProgramOwner role in the program's context.
program_owner_role = basic_roles.program_owner()
user_role = UserRole(
person=get_current_user(),
role=program_owner_role,
context=context,
modified_by=get_current_user())
# pass along a temporary attribute for logging the events.
user_role._display_related_title = obj.title
db.session.add(user_role)
db.session.flush()
# Create the context implication for Program roles to default context
db.session.add(ContextImplication(
source_context=context,
context=None,
source_context_scope='Program',
context_scope=None,
modified_by=get_current_user()))
if not src.get('private'):
# Add role implication - all users can read a public program
add_public_program_context_implication(context)
def handle_workflow_post(sender, obj=None, src=None, service=None): # noqa pylint: disable=unused-argument
source_workflow = None
if src.get('clone'):
source_workflow_id = src.get('clone')
source_workflow = models.Workflow.query.filter_by(
id=source_workflow_id).first()
source_workflow.copy(obj)
db.session.add(obj)
db.session.flush()
obj.title = source_workflow.title + ' (copy ' + str(obj.id) + ')'
db.session.flush()
# get the personal context for this logged in user
user = get_current_user()
personal_context = _get_or_create_personal_context(user)
context = obj.build_object_context(
context=personal_context,
name='{object_type} Context {timestamp}'.format(
object_type=service.model.__name__, timestamp=datetime.now()),
description='',
)
context.modified_by = get_current_user()
db.session.add(obj)
db.session.flush()
db.session.add(context)
db.session.flush()
obj.contexts.append(context)
obj.context = context
# add a user_roles mapping assigning the user creating the workflow
# the WorkflowOwner role in the workflow's context.
workflow_owner_role = _find_role('WorkflowOwner')
user_role = UserRole(
person=user,
role=workflow_owner_role,
context=context,
modified_by=get_current_user(),
)
db.session.add(
models.WorkflowPerson(
person=user,
workflow=obj,
context=context,
modified_by=get_current_user(),
))
# pass along a temporary attribute for logging the events.
user_role._display_related_title = obj.title
db.session.add(user_role)
db.session.flush()
# Create the context implication for Workflow roles to default context
db.session.add(
ContextImplication(
source_context=context,
context=None,
source_context_scope='Workflow',
context_scope=None,
modified_by=get_current_user(),
))
if not src.get('private'):
# Add role implication - all users can read a public workflow
add_public_workflow_context_implication(context)
if src.get('clone'):
source_workflow.copy_task_groups(
obj,
clone_people=src.get('clone_people', False),
clone_tasks=src.get('clone_tasks', False),
clone_objects=src.get('clone_objects', False))
if src.get('clone_people'):
workflow_member_role = _find_role('WorkflowMember')
for authorization in source_workflow.context.user_roles:
# Current user has already been added as workflow owner
if authorization.person != user:
db.session.add(
UserRole(person=authorization.person,
role=workflow_member_role,
context=context,
modified_by=user))
for person in source_workflow.people:
if person != user:
db.session.add(
models.WorkflowPerson(person=person,
workflow=obj,
context=context))
def handle_workflow_post(sender, obj=None, src=None, service=None):
_validate_post_workflow_fields(obj)
source_workflow = None
if src.get('clone'):
source_workflow_id = src.get('clone')
source_workflow = models.Workflow.query.filter_by(
id=source_workflow_id
).first()
source_workflow.copy(obj)
obj.title = source_workflow.title + ' (copy ' + str(obj.id) + ')'
# get the personal context for this logged in user
user = get_current_user()
personal_context = user.get_or_create_object_context(context=1)
context = obj.get_or_create_object_context(personal_context)
obj.context = context
if not obj.workflow_people:
# add a user_roles mapping assigning the user creating the workflow
# the WorkflowOwner role in the workflow's context.
workflow_owner_role = _find_role('WorkflowOwner')
user_role = UserRole(
person=user,
role=workflow_owner_role,
context=context,
modified_by=get_current_user(),
)
models.WorkflowPerson(
person=user,
workflow=obj,
context=context,
modified_by=get_current_user(),
)
# pass along a temporary attribute for logging the events.
user_role._display_related_title = obj.title
# Create the context implication for Workflow roles to default context
ContextImplication(
source_context=context,
context=None,
source_context_scope='Workflow',
context_scope=None,
modified_by=get_current_user(),
)
if not src.get('private'):
# Add role implication - all users can read a public workflow
add_public_workflow_context_implication(context)
if src.get('clone'):
source_workflow.copy_task_groups(
obj,
clone_people=src.get('clone_people', False),
clone_tasks=src.get('clone_tasks', False),
clone_objects=src.get('clone_objects', False)
)
if src.get('clone_people'):
workflow_member_role = _find_role('WorkflowMember')
for authorization in source_workflow.context.user_roles:
# Current user has already been added as workflow owner
if authorization.person != user:
UserRole(
person=authorization.person,
role=workflow_member_role,
context=context,
modified_by=user)
for person in source_workflow.people:
if person != user:
models.WorkflowPerson(
person=person,
workflow=obj,
context=context)
