def check_draft_project_visibility(self, authenticated_user_id: int):
"""" Check if a User is allowed to see a Draft Project """
is_allowed_user = False
if authenticated_user_id:
is_team_manager = False
user = User.get_by_id(authenticated_user_id)
user_orgs = Organisation.get_organisations_managed_by_user(
authenticated_user_id
)
if self.teams:
for project_team in self.teams:
team_members = Team.get(project_team.team_id)._get_team_members()
for member in team_members:
if (
user.username == member["username"]
and member["function"] == TeamMemberFunctions.MANAGER.name
):
is_team_manager = True
break
if (
UserRole(user.role) == UserRole.ADMIN
or authenticated_user_id == self.author_id
or self.organisation in user_orgs
or is_team_manager
):
is_allowed_user = True
return is_allowed_user
def as_dto_for_mapping(
self, authenticated_user_id: int = None, locale: str = "en", abbrev: bool = True
) -> Optional[ProjectDTO]:
""" Creates a Project DTO suitable for transmitting to mapper users """
# Check for project visibility settings
is_allowed_user = True
if self.status == ProjectStatus.DRAFT.value:
if not self.check_draft_project_visibility(authenticated_user_id):
is_allowed_user = False
if self.private:
is_allowed_user = False
if authenticated_user_id:
user = User.get_by_id(authenticated_user_id)
if (
UserRole(user.role) == UserRole.ADMIN
or authenticated_user_id == self.author_id
):
is_allowed_user = True
for user in self.allowed_users:
if user.id == authenticated_user_id:
is_allowed_user = True
break
if is_allowed_user:
project, project_dto = self._get_project_and_base_dto()
if abbrev is False:
project_dto.tasks = Task.get_tasks_as_geojson_feature_collection(
self.id, None
)
else:
project_dto.tasks = Task.get_tasks_as_geojson_feature_collection_no_geom(
self.id
)
project_dto.project_info = ProjectInfo.get_dto_for_locale(
self.id, locale, project.default_locale
)
if project.organisation_id:
project_dto.organisation = project.organisation.id
project_dto.organisation_name = project.organisation.name
project_dto.organisation_logo = project.organisation.logo
project_dto.project_info_locales = ProjectInfo.get_dto_for_all_locales(
self.id
)
return project_dto
def as_dto(self, logged_in_username: str) -> UserDTO:
""" Create DTO object from user in scope """
user_dto = UserDTO()
user_dto.id = self.id
user_dto.username = self.username
user_dto.role = UserRole(self.role).name
user_dto.mapping_level = MappingLevel(self.mapping_level).name
user_dto.projects_mapped = (len(self.projects_mapped)
if self.projects_mapped else None)
user_dto.is_expert = self.is_expert or False
user_dto.date_registered = self.date_registered
user_dto.twitter_id = self.twitter_id
user_dto.linkedin_id = self.linkedin_id
user_dto.facebook_id = self.facebook_id
user_dto.skype_id = self.skype_id
user_dto.slack_id = self.slack_id
user_dto.irc_id = self.irc_id
user_dto.city = self.city
user_dto.country = self.country
user_dto.name = self.name
user_dto.picture_url = self.picture_url
user_dto.osm_profile = self.osm_profile_url
user_dto.missing_maps_profile = self.missing_maps_profile_url
user_dto.default_editor = self.default_editor
user_dto.mentions_notifications = self.mentions_notifications
user_dto.projects_notifications = self.projects_notifications
user_dto.comments_notifications = self.comments_notifications
user_dto.tasks_notifications = self.tasks_notifications
user_dto.teams_notifications = self.teams_notifications
if self.username == logged_in_username:
# Only return email address and gender information when logged in user is looking at their own profile
user_dto.email_address = self.email_address
user_dto.is_email_verified = self.is_email_verified
gender = None
if self.gender is not None:
gender = UserGender(self.gender).name
user_dto.gender = gender
user_dto.self_description_gender = self.self_description_gender
return user_dto
def get_all_users(query: UserSearchQuery) -> UserSearchDTO:
""" Search and filter all users """
# Base query that applies to all searches
base = db.session.query(User.id, User.username, User.mapping_level,
User.role, User.picture_url)
# Add filter to query as required
if query.mapping_level:
mapping_levels = query.mapping_level.split(",")
mapping_level_array = []
for mapping_level in mapping_levels:
mapping_level_array.append(MappingLevel[mapping_level].value)
base = base.filter(User.mapping_level.in_(mapping_level_array))
if query.username:
base = base.filter(
User.username.ilike(query.username.lower() + "%"))
if query.role:
roles = query.role.split(",")
role_array = []
for role in roles:
role_array.append(UserRole[role].value)
base = base.filter(User.role.in_(role_array))
results = base.order_by(User.username).paginate(query.page, 20, True)
dto = UserSearchDTO()
for result in results.items:
listed_user = ListedUser()
listed_user.id = result.id
listed_user.mapping_level = MappingLevel(result.mapping_level).name
listed_user.username = result.username
listed_user.picture_url = result.picture_url
listed_user.role = UserRole(result.role).name
dto.users.append(listed_user)
dto.pagination = Pagination(results)
return dto