def _deserialize(self, value, attr, data): try: return set(principal_from_identifier(identifier, allow_groups=self.allow_groups, allow_external_users=self.allow_external_users) for identifier in value) except ValueError as exc: raise ValidationError(unicode(exc))
def _deserialize(self, value, attr, data): if value is None: return None try: return principal_from_identifier(value, allow_groups=self.allow_groups, allow_external_users=self.allow_external_users) except ValueError as exc: raise ValidationError(unicode(exc))
def _deserialize(self, value, attr, data): if value is None: return None try: return principal_from_identifier( value, allow_groups=self.allow_groups, allow_external_users=self.allow_external_users) except ValueError as exc: raise ValidationError(unicode(exc))
def _deserialize(self, value, attr, data): try: return set( principal_from_identifier( identifier, allow_groups=self.allow_groups, allow_external_users=self.allow_external_users, allow_event_roles=self.allow_event_roles, event_id=self.event_id) for identifier in value) except ValueError as exc: raise ValidationError(unicode(exc))
def _deserialize(self, value, attr, data): try: return { identifier: principal_from_identifier( identifier, allow_groups=self.allow_groups, allow_external_users=self.allow_external_users) for identifier in value } except ValueError as exc: raise ValidationError(unicode(exc))
def _convert_principal(self, principal): event_id = self._event.id if self._event else None return principal_from_identifier( principal, event_id=event_id, allow_groups=self.allow_groups, allow_external_users=self.allow_external_users, allow_event_roles=self.allow_event_roles, allow_category_roles=self.allow_category_roles, allow_registration_forms=self.allow_registration_forms, allow_emails=self.allow_emails)
def _deserialize(self, value, attr, data): try: return {identifier: principal_from_identifier(identifier, allow_groups=self.allow_groups, allow_external_users=self.allow_external_users, allow_event_roles=self.allow_event_roles, allow_category_roles=self.allow_category_roles, event_id=self.event_id, soft_fail=True) for identifier in value} except ValueError as exc: raise ValidationError(unicode(exc))
def notify_host_start_url(vc_room): from indico_vc_zoom.plugin import ZoomPlugin user = principal_from_identifier(vc_room.data['host']) to_list = {user.email} template_module = get_template_module( 'vc_zoom:emails/notify_start_url.html', plugin=ZoomPlugin.instance, vc_room=vc_room, user=user) email = make_email(to_list, template=template_module, html=True) send_email(email)
def _deserialize(self, value, attr, data): event_id = None if self.allow_event_roles or self.allow_category_roles: event_id = self.context['event'].id try: return set( principal_from_identifier( identifier, allow_groups=self.allow_groups, allow_external_users=self.allow_external_users, allow_event_roles=self.allow_event_roles, allow_category_roles=self.allow_category_roles, event_id=event_id) for identifier in value) except ValueError as exc: raise ValidationError(unicode(exc))
def validate_permissions(self, field): for principal_fossil, permissions in field.data: principal = principal_from_identifier( principal_fossil['identifier'], allow_groups=True, allow_networks=True, allow_category_roles=True, category_id=self.category.id) if isinstance(principal, IPNetworkGroup ) and set(permissions) - {READ_ACCESS_PERMISSION}: msg = _('IP networks cannot have management permissions: {}' ).format(principal.name) raise ValidationError(msg) if FULL_ACCESS_PERMISSION in permissions and len(permissions) != 1: # when full access permission is set, discard rest of permissions permissions[:] = [FULL_ACCESS_PERMISSION]
def _deserialize(self, value, attr, data, **kwargs): event_id = None if self.allow_event_roles or self.allow_category_roles: event_id = self.context['event'].id try: return {principal_from_identifier(identifier, allow_groups=self.allow_groups, allow_external_users=self.allow_external_users, allow_event_roles=self.allow_event_roles, allow_category_roles=self.allow_category_roles, allow_registration_forms=self.allow_registration_forms, allow_emails=self.allow_emails, event_id=event_id) for identifier in value} except ValueError as exc: raise ValidationError(str(exc))
def check_permissions(event, field, allow_networks=False): for principal_fossil, permissions in field.data: principal = principal_from_identifier(principal_fossil['identifier'], allow_groups=True, allow_category_roles=True, allow_event_roles=True, allow_emails=True, allow_registration_forms=True, allow_networks=allow_networks, event_id=event.id) if isinstance(principal, IPNetworkGroup) and set(permissions) - {READ_ACCESS_PERMISSION}: msg = _('IP networks cannot have management permissions: {}').format(principal.name) return msg if isinstance(principal, RegistrationForm) and set(permissions) - {READ_ACCESS_PERMISSION}: msg = _('Registrants cannot have management permissions: {}').format(principal.name) return msg if FULL_ACCESS_PERMISSION in permissions and len(permissions) != 1: # when full access permission is set, discard rest of permissions permissions[:] = [FULL_ACCESS_PERMISSION]
def __init__(self, *args, **kwargs): defaults = kwargs['obj'] if defaults.host_user is None and defaults.host is not None: host = principal_from_identifier(defaults.host) defaults.host_choice = 'myself' if host == session.user else 'someone_else' defaults.host_user = None if host == session.user else host allow_webinars = current_plugin.settings.get('allow_webinars') if allow_webinars: for field_name in { 'mute_audio', 'mute_participant_video', 'waiting_room' }: inject_validators(self, field_name, [HiddenUnless('meeting_type', 'regular')]) super().__init__(*args, **kwargs) if not allow_webinars: del self.meeting_type
def update_permissions(obj, form): """Update the permissions of an object, based on the corresponding WTForm.""" from indico.modules.categories import Category from indico.modules.events import Event from indico.util.user import principal_from_identifier event_id = category_id = None if isinstance(obj, Category): category_id = obj.id elif isinstance(obj, Event): event_id = obj.id else: event_id = obj.event.id category_id = obj.event.category.id if obj.event.category else None current_principal_permissions = { p.principal: get_principal_permissions(p, type(obj)) for p in obj.acl_entries } current_principal_permissions = { k: v for k, v in current_principal_permissions.items() if v } new_principal_permissions = { principal_from_identifier( fossil['identifier'], allow_external_users=True, allow_groups=True, allow_networks=True, allow_emails=True, allow_registration_forms=(event_id is not None), allow_event_roles=(event_id is not None), allow_category_roles=(event_id is not None or category_id is not None), event_id=event_id, category_id=category_id, ): set(permissions) for fossil, permissions in form.permissions.data } update_principals_permissions(obj, current_principal_permissions, new_principal_permissions)
def get_event_person(event, data, create_untrusted_persons=False, allow_external=False): """Get an EventPerson from dictionary data. If there is already an event person in the same event and for the same user, it will be returned. Matching is done with the e-mail. """ person_type = data.get('_type') if person_type is None: if data.get('email'): email = data['email'].lower() user = User.query.filter(~User.is_deleted, User.all_emails == email).first() if user: return get_event_person_for_user( event, user, create_untrusted_persons=create_untrusted_persons) elif event: person = event.persons.filter_by(email=email).first() if person: return person # We have no way to identify an existing event person with the provided information return create_event_person( event, create_untrusted_persons=create_untrusted_persons, **data) elif person_type == 'Avatar': principal = principal_from_identifier( data['identifier'], allow_external_users=allow_external) return get_event_person_for_user( event, principal, create_untrusted_persons=create_untrusted_persons) elif person_type == 'EventPerson': return event.persons.filter_by(id=data['id']).one() elif person_type == 'PersonLink': return event.persons.filter_by(id=data['personId']).one() else: raise ValueError(f"Unknown person type '{person_type}'")
def process_formdata(self, valuelist): if valuelist: self._submitted_data = valuelist[0] self.data = principal_from_identifier(self._submitted_data, allow_external_users=self.allow_external_users)
def get_notification_cc_list(self, action, vc_room, event): return {principal_from_identifier(vc_room.data['host']).email}
def can_manage_vc_room(self, user, room): return (user == principal_from_identifier(room.data['host']) or super().can_manage_vc_room(user, room))
def create_room(self, vc_room, event): """Create a new Zoom room for an event, given a VC room. In order to create the Zoom room, the function will try to get a valid e-mail address for the user in question, which can be use with the Zoom API. :param vc_room: the VC room from which to create the Zoom room :param event: the event to the Zoom room will be attached """ client = ZoomIndicoClient() host = principal_from_identifier(vc_room.data['host']) host_email = find_enterprise_email(host) # get the object that this booking is linked to vc_room_assoc = vc_room.events[0] link_obj = vc_room_assoc.link_object is_webinar = vc_room.data.setdefault('meeting_type', 'regular') == 'webinar' scheduling_args = get_schedule_args( link_obj) if link_obj.start_dt else {} try: settings = { 'host_video': not vc_room.data['mute_host_video'], } kwargs = {} if is_webinar: kwargs['type'] = (ZoomMeetingType.webinar if scheduling_args else ZoomMeetingType.recurring_webinar_no_time) settings['alternative_hosts'] = host_email else: kwargs = { 'type': (ZoomMeetingType.scheduled_meeting if scheduling_args else ZoomMeetingType.recurring_meeting_no_time), 'schedule_for': host_email } settings.update({ 'mute_upon_entry': vc_room.data['mute_audio'], 'participant_video': not vc_room.data['mute_participant_video'], 'waiting_room': vc_room.data['waiting_room'], 'join_before_host': self.settings.get('join_before_host'), }) kwargs.update({ 'topic': vc_room.name, 'agenda': vc_room.data['description'], 'password': vc_room.data['password'], 'timezone': event.timezone, 'settings': settings }) kwargs.update(scheduling_args) if is_webinar: meeting_obj = client.create_webinar(host_email, **kwargs) else: meeting_obj = client.create_meeting(host_email, **kwargs) except HTTPError as e: self.logger.exception('Error creating Zoom Room: %s', e.response.content) raise VCRoomError( _('Could not create the room in Zoom. Please contact support if the error persists' )) vc_room.data.update({ 'zoom_id': str(meeting_obj['id']), 'start_url': meeting_obj['start_url'], 'host': host.identifier, 'alternative_hosts': process_alternative_hosts(meeting_obj['settings'].get( 'alternative_hosts', '')) }) vc_room.data.update(get_url_data_args(meeting_obj['join_url'])) flag_modified(vc_room, 'data') # e-mail Host URL to meeting host if self.settings.get('send_host_url'): notify_host_start_url(vc_room)
def get_extra_delete_msg(self, vc_room, event_vc_room): host = principal_from_identifier(vc_room.data['host']) if host == session.user or len(vc_room.events) <= 1: return '' return render_plugin_template('vc_zoom:extra_delete_msg.html', host=host.full_name)
def decodeprincipal(value, **kwargs): """Decode a principal into an actual object.""" from indico.util.user import principal_from_identifier return principal_from_identifier(value, soft_fail=True, **kwargs)
def _process(self): roles = {} event_permissions = event_permissions_schema.dump(self.event).get( 'acl_entries', {}) roles['global'] = self._map_event_to_track_permissions( event_permissions) tracks = Track.query.with_parent(self.event).options( subqueryload('acl_entries')) tracks_by_id = {str(track.id): track for track in tracks} for track in tracks: roles[str(track.id)] = track_permissions_schema.dump(track).get( 'acl_entries', {}) form = AbstractReviewingRolesForm(event=self.event, obj=FormDefaults(roles=roles)) if form.validate_on_submit(): role_data = form.data['roles'] # Update global permissions global_conveners = [] global_reviewers = [] global_roles = role_data.pop('global') for identifier, permissions in global_roles: principal = principal_from_identifier( identifier, allow_groups=True, allow_event_roles=True, allow_category_roles=True, event_id=self.event.id) if 'convene' in permissions: global_conveners.append(principal) if 'review' in permissions: global_reviewers.append(principal) update_object_principals(self.event, global_conveners, permission='convene_all_abstracts') update_object_principals(self.event, global_reviewers, permission='review_all_abstracts') # Update track specific permissions track_conveners = [] track_reviewers = [] for (track_id, track_roles) in role_data.items(): acl_entries = {} for identifier, permissions in track_roles: principal = principal_from_identifier( identifier, allow_groups=True, allow_event_roles=True, allow_category_roles=True, event_id=self.event.id) acl_entries[principal] = set(permissions) if 'convene' in permissions: track_conveners.append(principal) if 'review' in permissions: track_reviewers.append(principal) track = tracks_by_id[track_id] current = { e.principal: get_unified_permissions(e) for e in track.acl_entries } update_principals_permissions(track, current, acl_entries) # Update event ACL for track and global permissions all_conveners = set(global_conveners + track_conveners) all_reviewers = set(global_reviewers + track_reviewers) update_object_principals(self.event, all_conveners, permission='track_convener') update_object_principals(self.event, all_reviewers, permission='abstract_reviewer') flash(_("Abstract reviewing roles have been updated."), 'success') logger.info( "Abstract reviewing roles of %s have been updated by %s", self.event, session.user) return jsonify_data() return jsonify_form(form, skip_labels=True, form_header_kwargs={'id': 'reviewing-role-form'}, disabled_until_change=False)
def _deserialize(self, value, attr, data): try: return set(principal_from_identifier(x, allow_groups=self.allow_groups) for x in value) except ValueError as exc: raise ValidationError(unicode(exc))