def test_is_chair_no_activity(self): """ When activity is None, `is_chair` is always false! """ self.assertFalse( perm_utils.is_chair(AnonymousUser(), activity_enum=None)) # Practical example: a trip with no required activity. par = factories.ParticipantFactory.create() trip = factories.TripFactory.create( program=enums.Program.SERVICE.value) self.assertFalse( perm_utils.is_chair(par, trip.required_activity_enum()))
def test_activity_chair(self): """ The admin can be considered an activity chair in some contexts. """ self.assertTrue( perm_utils.chair_or_admin(self.admin, enums.Activity.HIKING)) self.assertTrue(perm_utils.is_chair(self.admin, enums.Activity.HIKING)) self.assertTrue( perm_utils.is_chair(self.admin, enums.Activity.HIKING, allow_superusers=True)) self.assertFalse( perm_utils.is_chair(self.admin, enums.Activity.HIKING, allow_superusers=False))
def test_activity_chair(self): """ The admin can be considered an activity chair in some contexts. """ self.assertTrue(perm_utils.chair_or_admin(self.admin, models.BaseRating.HIKING)) self.assertTrue(perm_utils.is_chair(self.admin, models.BaseRating.HIKING)) self.assertTrue( perm_utils.is_chair( self.admin, models.BaseRating.HIKING, allow_superusers=True ) ) self.assertFalse( perm_utils.is_chair( self.admin, models.BaseRating.HIKING, allow_superusers=False ) )
def wimp(self): """ Return the current WIMP, if there is one & it's appropriate to display them. """ participant = self.object # Regardless of time of year, or any upcoming WS trips, admins always see WIMP if self.request.user.is_superuser: return wimp.current_wimp() # If there aren't any upcoming trips (or trips today), don't show WIMP # This will ensure that we hide the WIMP when: # - It's not Winter School # - Winter School just ended, but `is_currently_iap()` can't tell # - The weekend just ended, and we don't yet have a new WIMP ws_trips = models.Trip.objects.filter( program=enums.Program.WINTER_SCHOOL.value, trip_date__gte=date_utils.local_date(), ) if not ws_trips: return None # Participants don't need to know the WIMP, only leaders/chairs do if not (participant.can_lead(enums.Program.WINTER_SCHOOL) or perm_utils.is_chair(self.request.user, enums.Activity.WINTER_SCHOOL)): return None return wimp.current_wimp()
def update_rescinds_approval(self) -> bool: trip = self.object activity_enum = trip.required_activity_enum() if activity_enum is None: return False # No required activity, thus no chair to rescind" return (trip.chair_approved and trip.trip_date >= local_date() and not perm_utils.is_chair(self.request.user, activity_enum))
def test_open_activities_no_chair(self): """ Open activities never have a chair. """ user = AnonymousUser() # Won't ever be checked anyway # models.BaseRating.OPEN_ACTIVITIES for activity in ['circus', 'official_event', 'course']: self.assertFalse(perm_utils.is_chair(user, activity), False) with self.assertRaises(ValueError): perm_utils.chair_group(activity)
def dispatch(self, request, *args, **kwargs): try: activity_enum = enums.Activity(kwargs.get('activity')) except ValueError: raise Http404 # pylint: disable=raise-missing-from if not perm_utils.is_chair(request.user, activity_enum): raise PermissionDenied return super().dispatch(request, *args, **kwargs)
def activity_descriptors(participant, user): """ Yield a description for each activity the participant is a leader. Mentions if the person is a leader or a chair, but does not give their specific ranking. """ active_ratings = participant.leaderrating_set.filter(active=True) for activity in active_ratings.values_list('activity', flat=True): position = 'chair' if is_chair(user, activity, False) else 'leader' yield "{} {}".format(activity_name(activity), position)
def test_make_chair(self): """ Users can be promoted to being activity chairs. """ # To begin with, our user is not a chair (nobody is, for that matter) user = UserFactory.create() self.assertFalse(perm_utils.is_chair(user, enums.Activity.CLIMBING)) self.assertEqual(perm_utils.num_chairs(enums.Activity.CLIMBING), 0) # We promote them to be a climbing chair perm_utils.make_chair(user, enums.Activity.CLIMBING) self.assertTrue(perm_utils.is_chair(user, enums.Activity.CLIMBING)) self.assertEqual(perm_utils.num_chairs(enums.Activity.CLIMBING), 1) # chair_or_admin works now too, and the user is definitely not a superuser self.assertTrue( perm_utils.chair_or_admin(user, enums.Activity.CLIMBING)) self.assertFalse(user.is_superuser) # Sanity check: The user wasn't accidentally made the chair of other activities self.assertFalse(perm_utils.is_chair(user, enums.Activity.BOATING))
def test_make_chair(self): """ Users can be promoted to being activity chairs. """ # To begin with, our user is not a chair (nobody is, for that matter) climbing = models.BaseRating.CLIMBING user = UserFactory.create() self.assertFalse(perm_utils.is_chair(user, climbing)) self.assertEqual(perm_utils.num_chairs(climbing), 0) # We promote them to be a climbing chair perm_utils.make_chair(user, climbing) self.assertTrue(perm_utils.is_chair(user, climbing)) self.assertEqual(perm_utils.num_chairs(climbing), 1) # chair_or_admin works now too, and the user is definitely not a superuser self.assertTrue(perm_utils.chair_or_admin(user, climbing)) self.assertFalse(user.is_superuser) # Sanity check: The user wasn't accidentally made the chair of other activities self.assertFalse(perm_utils.is_chair(user, models.BaseRating.BOATING))
def activity_descriptors(participant, user): """ Yield a description for each activity the participant is a leader. Mentions if the person is a leader or a chair, but does not give their specific ranking. """ active_ratings = participant.leaderrating_set.filter(active=True) for activity in active_ratings.values_list('activity', flat=True): activity_enum = enums.Activity(activity) position = 'chair' if is_chair(user, activity_enum, False) else 'leader' yield f"{activity_enum.label} {position}"
def can_set_attendance(self, participant): # WS chairs can set any time for any user if perm_utils.is_chair(self.request.user, 'winter_school', True): return True # Non-chairs are only allowed during WS when setting enabled if not is_winter_school(): return False settings = models.WinterSchoolSettings.load() if not settings.allow_setting_attendance: return False # Non-chairs may only set attendance for themselves return participant == self.request.participant
def can_set_attendance(self, participant_to_modify) -> bool: """Return if the requesting user can set the participant's WS attendance.""" # WS chairs can set any time for any user if perm_utils.is_chair(self.request.user, enums.Activity.WINTER_SCHOOL, True): return True # Non-chairs are only allowed during WS when setting enabled if not is_currently_iap(): return False settings = models.WinterSchoolSettings.load() if not settings.allow_setting_attendance: return False # Non-chairs may only set attendance for themselves return participant_to_modify.user_id == self.request.user.id
def test_chair_for_wrong_activity(self): perm_utils.make_chair(self.chair.user, enums.Activity.CLIMBING) # Not the biking chair, so can't make biking leaders! self.assertFalse( perm_utils.is_chair(self.chair.user, enums.Activity.BIKING)) resp = self.client.post( '/chair/leaders/', { 'participant': self.participant.pk, 'activity': enums.Activity.BIKING.value, 'rating': "Leader", 'notes': "", }, ) self.assertFalse(resp.context['form'].is_valid()) self.assertFalse(perm_utils.is_leader(self.participant.user))
def test_chair_for_wrong_activity(self): perm_utils.make_chair(self.participant.user, enums.Activity.CLIMBING) # Not the biking chair, so can't make biking leaders! other_par = factories.ParticipantFactory.create() self.assertFalse( perm_utils.is_chair(self.participant.user, enums.Activity.BIKING)) resp = self.client.post( '/biking/leaders/', { 'participant': other_par.pk, 'activity': enums.Activity.BIKING.value, 'rating': "Leader", 'notes': "", }, ) self.assertEqual(resp.status_code, 403) self.assertFalse(perm_utils.is_leader(other_par.user))
def form_valid(self, form): """ Ensure the leader can assign ratings, then apply assigned rating. Any existing ratings for this activity will be marked as inactive. """ activity = form.cleaned_data['activity'] participant = form.cleaned_data['participant'] # Sanity check on ratings (form hides dissallowed activities) if not perm_utils.is_chair(self.request.user, activity, True): not_chair = "You cannot assign {} ratings".format(activity) form.add_error("activity", not_chair) return self.form_invalid(form) ratings_utils.deactivate_ratings(participant, activity) rating = form.save(commit=False) rating.creator = self.request.participant msg = "Gave {} rating of '{}'".format(participant, rating.rating) messages.success(self.request, msg) return super().form_valid(form)
def dispatch(self, request, *args, **kwargs): activity = kwargs.get('activity') if not perm_utils.is_chair(request.user, activity): raise PermissionDenied return super().dispatch(request, *args, **kwargs)
def test_anonymous_leaders(self): """ Anonymous users are never leaders, chairs, etc.. """ anon = AnonymousUser() self.assertFalse(perm_utils.is_leader(anon), False) self.assertFalse(perm_utils.is_chair(anon, 'climbing'), False) self.assertFalse(perm_utils.in_any_group(anon, ['group_name']), False)
def test_anonymous_leaders(self): """ Anonymous users are never leaders, chairs, etc.. """ anon = AnonymousUser() self.assertFalse(perm_utils.is_leader(anon), False) self.assertFalse(perm_utils.is_chair(anon, enums.Activity.CLIMBING)) self.assertFalse(perm_utils.in_any_group(anon, ['group_name']))
def dispatch(self, request, *args, **kwargs): trip = self.get_object() if not perm_utils.is_chair(request.user, trip.activity, False): raise PermissionDenied return super(ApproveTripView, self).dispatch(request, *args, **kwargs)
def dispatch(self, request, *args, **kwargs): trip = self.get_object() if not perm_utils.is_chair(request.user, trip.activity): raise PermissionDenied return super().dispatch(request, *args, **kwargs)
def dispatch(self, request, *args, **kwargs): trip = self.get_object() if not perm_utils.is_chair(request.user, trip.activity, False): return JsonResponse({}, status=403) return super().dispatch(request, *args, **kwargs)
def update_rescinds_approval(self): trip = self.object return (trip.chair_approved and not perm_utils.is_chair(self.request.user, trip.activity) and trip.trip_date >= local_date() # Doesn't matter after trip )
def dispatch(self, request, *args, **kwargs): trip = self.get_object() if not perm_utils.is_chair(request.user, trip.required_activity_enum()): raise PermissionDenied return super().dispatch(request, *args, **kwargs)