def _get_config_for_search(self, domain, index_type, account):
# load the query route config and the path we are being requested for
qrs = app.config.get("QUERY_ROUTE", {})
# get the configuration for this url route
route_cfg = None
for key in qrs:
if domain == key:
route_cfg = qrs.get(key)
break
if route_cfg is None:
raise exceptions.AuthoriseException(
exceptions.AuthoriseException.NOT_AUTHORISED)
cfg = route_cfg.get(index_type)
if cfg is None:
raise exceptions.AuthoriseException(
exceptions.AuthoriseException.NOT_AUTHORISED)
# does the user have to be authenticated
if cfg.get("auth", True):
if account is None:
raise exceptions.AuthoriseException(
exceptions.AuthoriseException.NOT_AUTHORISED)
# if so, does the user require a role
role = cfg.get("role")
if role is not None and not account.has_role(role):
raise exceptions.AuthoriseException(
exceptions.AuthoriseException.WRONG_ROLE)
return cfg
def can_view_application(self, account, application):
"""
Is the given account allowed to view the update request application
:param account: the account doing the action
:param application: the application the account wants to edit
:return:
"""
# first validate the incoming arguments to ensure that we've got the right thing
argvalidate("can_edit_update_request", [
{
"arg": account,
"instance": models.Account,
"allow_none": False,
"arg_name": "account"
},
{
"arg": application,
"instance": models.Suggestion,
"allow_none": False,
"arg_name": "application"
},
], exceptions.ArgumentException)
# if this is the super user, they have all rights
if account.is_super:
return True
if not account.has_role("publisher"):
raise exceptions.AuthoriseException(
reason=exceptions.AuthoriseException.WRONG_ROLE)
if account.id != application.owner:
raise exceptions.AuthoriseException(
reason=exceptions.AuthoriseException.NOT_OWNER)
return True
def _get_query(self, cfg, raw_query):
query = Query()
if raw_query is not None:
query = Query(raw_query)
# validate the query, to make sure it is of a permitted form
if not self._validate_query(cfg, query):
raise exceptions.AuthoriseException()
# add any required filters to the query
query = self._pre_filter_search_query(cfg, query)
return query
def can_create_update_request(self, account, journal):
"""
Is the given account allowed to create an update request from the given journal
:param account: the account doing the action
:param journal: the journal the account wants to create an update request from
:return:
"""
# first validate the incoming arguments to ensure that we've got the right thing
argvalidate("can_create_update_request", [
{
"arg": account,
"instance": models.Account,
"allow_none": False,
"arg_name": "account"
},
{
"arg": journal,
"instance": models.Journal,
"allow_none": False,
"arg_name": "journal"
},
], exceptions.ArgumentException)
# if this is the super user, they have all rights
if account.is_super:
return True
if not account.has_role("publisher"):
raise exceptions.AuthoriseException(
reason=exceptions.AuthoriseException.WRONG_ROLE)
if account.id != journal.owner:
raise exceptions.AuthoriseException(
reason=exceptions.AuthoriseException.NOT_OWNER)
return True
def search(self, domain, index_type, raw_query, account,
additional_parameters):
cfg = self._get_config_for_search(domain, index_type, account)
# check that the request values permit a query to this endpoint
required_parameters = cfg.get("required_parameters")
if required_parameters is not None:
for k, vs in required_parameters.iteritems():
val = additional_parameters.get(k)
if val is None or val not in vs:
raise exceptions.AuthoriseException()
dao_klass = self._get_dao_klass(cfg)
# get the query
query = self._get_query(cfg, raw_query)
# send the query
res = dao_klass.query(q=query.as_dict())
# filter the results as needed
res = self._post_filter_search_results(cfg, res)
return res
def accept_application(self,
application,
account,
manual_update=True,
provenance=True,
save_journal=True,
save_application=True):
"""
Take the given application and create the Journal object in DOAJ for it.
The account provided must have permission to create journals from applications.
:param application: The application to be converted
:param account: The account doing the conversion
:param manual_update: Whether to record this update as a manual update on both the application and journal objects
:param provenance: Whether to write provenance records for this operation
:param save_journal: Whether to save the journal that is produced
:param save_application: Whether to save the application after it has been modified
:return: The journal that was created
"""
# first validate the incoming arguments to ensure that we've got the right thing
argvalidate("accept_application", [{
"arg": application,
"instance": models.Suggestion,
"allow_none": False,
"arg_name": "application"
}, {
"arg": account,
"instance": models.Account,
"allow_none": False,
"arg_name": "account"
}, {
"arg": manual_update,
"instance": bool,
"allow_none": False,
"arg_name": "manual_update"
}, {
"arg": provenance,
"instance": bool,
"allow_none": False,
"arg_name": "provenance"
}, {
"arg": save_journal,
"instance": bool,
"allow_none": False,
"arg_name": "save_journal"
}, {
"arg": save_application,
"instance": bool,
"allow_none": False,
"arg_name": "save_application"
}], exceptions.ArgumentException)
if app.logger.isEnabledFor("debug"):
app.logger.debug("Entering accept_application")
# ensure that the account holder has a suitable role
if not account.has_role("accept_application"):
raise exceptions.AuthoriseException(
message="User {x} is not permitted to accept application {y}".
format(x=account.id, y=application.id),
reason=exceptions.AuthoriseException.WRONG_ROLE)
# ensure the application status is "accepted"
if application.application_status != constants.APPLICATION_STATUS_ACCEPTED:
application.set_application_status(
constants.APPLICATION_STATUS_ACCEPTED)
# make the resulting journal (and save it if requested)
j = self.application_2_journal(application,
manual_update=manual_update)
if save_journal is True:
saved = j.save()
if saved is None:
raise exceptions.SaveException(
"Save of resulting journal in accept_application failed")
# retrieve the id of the current journal if there is one
cj = application.current_journal
# if there is a current_journal record, remove it
if cj is not None:
application.remove_current_journal()
# set the relationship with the journal
application.set_related_journal(j.id)
# if we were asked to record this as a manual update, record that on the application
# (the journal is done implicitly above)
if manual_update:
application.set_last_manual_update()
if provenance:
# record the event in the provenance tracker
models.Provenance.make(account,
constants.PROVENANCE_STATUS_ACCEPTED,
application)
# save the application if requested
if save_application is True:
application.save()
if app.logger.isEnabledFor("debug"):
app.logger.debug("Completed accept_application")
return j
def reject_application(self,
application,
account,
provenance=True,
note=None,
manual_update=True):
"""
Reject an application. This will:
* set the application status to "rejected" (if not already)
* remove the current_journal field, and move it to related_journal (if needed)
* remove the current_application field from the related journal (if needed)
* save the application
* write a provenance record for the rejection (if requested)
:param application:
:param account:
:param provenance:
:param manual_update:
:return:
"""
# first validate the incoming arguments to ensure that we've got the right thing
argvalidate("reject_application", [{
"arg": application,
"instance": models.Suggestion,
"allow_none": False,
"arg_name": "application"
}, {
"arg": account,
"instance": models.Account,
"allow_none": False,
"arg_name": "account"
}, {
"arg": provenance,
"instance": bool,
"allow_none": False,
"arg_name": "provenance"
}, {
"arg": note,
"instance": basestring,
"allow_none": True,
"arg_name": "note"
}, {
"arg": manual_update,
"instance": bool,
"allow_none": False,
"arg_name": "manual_update"
}], exceptions.ArgumentException)
if app.logger.isEnabledFor("debug"):
app.logger.debug("Entering reject_application")
journalService = DOAJ.journalService()
# check we're allowed to carry out this action
if not account.has_role("reject_application"):
raise exceptions.AuthoriseException(
message="This user is not allowed to reject applications",
reason=exceptions.AuthoriseException.WRONG_ROLE)
# ensure the application status is "rejected"
if application.application_status != constants.APPLICATION_STATUS_REJECTED:
application.set_application_status(
constants.APPLICATION_STATUS_REJECTED)
# add the note to the application
if note is not None:
application.add_note(note)
# retrieve the id of the current journal if there is one
cj_id = application.current_journal
cj = None
# if there is a current_journal record, remove it, and record
# it as a related journal. This will let us come back later and know
# which journal record this was intended as an update against if needed.
if cj_id is not None:
cj, _ = journalService.journal(cj_id)
application.remove_current_journal()
if cj is not None:
application.set_related_journal(cj_id)
cj.remove_current_application()
# if there is a current journal, we will have modified it above, so save it
if cj is not None:
saved = cj.save()
if saved is None:
raise exceptions.SaveException(
"Save on current_journal in reject_application failed")
# if we were asked to record this as a manual update, record that on the application
if manual_update:
application.set_last_manual_update()
saved = application.save()
if saved is None:
raise exceptions.SaveException(
"Save on application in reject_application failed")
# record a provenance record that this action took place
if provenance:
models.Provenance.make(account,
constants.PROVENANCE_STATUS_REJECTED,
application)
if app.logger.isEnabledFor("debug"):
app.logger.debug("Completed reject_application")