def get_users(obj, context, all_perms=True): if all_perms: users = cache.get('{}{}'.format(PROJ_PERM_CACHE, obj.pk)) if users: return users data = {} for perm in obj.projectuserobjectpermission_set.all(): if perm.user_id not in data: user = perm.user if all_perms or user in [context['request'].user, obj.organization]: data[perm.user_id] = { 'permissions': [], 'is_org': is_organization(user.profile), 'metadata': user.profile.metadata, 'first_name': user.first_name, 'last_name': user.last_name, 'user': user.username } if perm.user_id in data: data[perm.user_id]['permissions'].append(perm.permission.codename) for k in data.keys(): data[k]['permissions'].sort() data[k]['role'] = get_role(data[k]['permissions'], obj) del(data[k]['permissions']) results = data.values() if all_perms: cache.set('{}{}'.format(PROJ_PERM_CACHE, obj.pk), results) return results
def get_xform_users(xform): """ Utility function that returns users and their roles in a form. :param xform: :return: """ data = {} for perm in xform.xformuserobjectpermission_set.all(): if perm.user not in data: user = perm.user data[user] = { 'permissions': [], 'is_org': is_organization(user.profile), 'metadata': user.profile.metadata, 'first_name': user.first_name, 'last_name': user.last_name, 'user': user.username } if perm.user in data: data[perm.user]['permissions'].append(perm.permission.codename) for k in data: data[k]['permissions'].sort() data[k]['role'] = get_role(data[k]['permissions'], xform) del data[k]['permissions'] return data
def update(self, instance, validated_data): metadata = JsonField.to_json(validated_data.get('metadata')) if metadata is None: metadata = dict() owner = validated_data.get('organization') if self.partial and metadata: if not isinstance(instance.metadata, dict): instance.metadata = {} instance.metadata.update(metadata) validated_data['metadata'] = instance.metadata if self.partial and owner: # give the new owner permissions set_owners_permission(owner, instance) if is_organization(owner.profile): owners_team = get_organization_owners_team(owner.profile) members_team = get_organization_members_team(owner.profile) OwnerRole.add(owners_team, instance) ReadOnlyRole.add(members_team, instance) # clear cache safe_delete('{}{}'.format(PROJ_PERM_CACHE, instance.pk)) project = super(ProjectSerializer, self)\ .update(instance, validated_data) project.xform_set.exclude(shared=project.shared)\ .update(shared=project.shared, shared_data=project.shared) return instance
def update(self, instance, validated_data): metadata = JsonField.to_json(validated_data.get('metadata')) if metadata is None: metadata = dict() owner = validated_data.get('organization') if self.partial and metadata: if not isinstance(instance.metadata, dict): instance.metadata = {} instance.metadata.update(metadata) validated_data['metadata'] = instance.metadata if self.partial and owner: # give the new owner permissions set_owners_permission(owner, instance) if is_organization(owner.profile): owners_team = get_or_create_organization_owners_team( owner.profile) members_team = get_organization_members_team(owner.profile) OwnerRole.add(owners_team, instance) ReadOnlyRole.add(members_team, instance) # clear cache safe_delete('{}{}'.format(PROJ_PERM_CACHE, instance.pk)) project = super(ProjectSerializer, self)\ .update(instance, validated_data) project.xform_set.exclude(shared=project.shared)\ .update(shared=project.shared, shared_data=project.shared) return instance
def is_organization(self, obj): if obj: is_org = cache.get('{}{}'.format(IS_ORG, obj.pk)) if is_org: return is_org is_org = is_organization(obj) cache.set('{}{}'.format(IS_ORG, obj.pk), is_org) return is_org
def get_is_org(self, obj): if obj: is_org = cache.get('{}{}'.format(IS_ORG, obj.pk)) if is_org: return is_org is_org = is_organization(obj) cache.set('{}{}'.format(IS_ORG, obj.pk), is_org) return is_org
def get_xform_users(xform): """ Utility function that returns users and their roles in a form. :param xform: :return: """ data = {} org_members = [] for perm in xform.xformuserobjectpermission_set.all(): if perm.user not in data: user = perm.user if is_organization(user.profile): org_members = get_team_members(user.username) data[user] = { 'permissions': [], 'is_org': is_organization(user.profile), 'metadata': user.profile.metadata, 'first_name': user.first_name, 'last_name': user.last_name, 'user': user.username } if perm.user in data: data[perm.user]['permissions'].append(perm.permission.codename) for user in org_members: if user not in data: data[user] = { 'permissions': get_perms(user, xform), 'is_org': is_organization(user.profile), 'metadata': user.profile.metadata, 'first_name': user.first_name, 'last_name': user.last_name, 'user': user.username } for k in data: data[k]['permissions'].sort() data[k]['role'] = get_role(data[k]['permissions'], xform) del data[k]['permissions'] return data
def get_is_org(self, obj): # pylint: disable=no-self-use """ Returns True if it is an organization profile. """ if obj: is_org = cache.get('{}{}'.format(IS_ORG, obj.pk)) if is_org: return is_org is_org = is_organization(obj) cache.set('{}{}'.format(IS_ORG, obj.pk), is_org) return is_org
def validate_content_object(self, value): request = self.context.get('request') users = get_users_with_perms( value.project, attach_perms=False, with_group_users=False ) profile = value.project.organization.profile # Shared or an admin in the organization if request.user not in users and not\ is_organization(profile) and not\ OwnerRole.user_has_role(request.user, profile): raise serializers.ValidationError(_( u"You don't have permission to the Project." )) return value
def validate_username(self, value): """Check that the username exists""" user = None try: user = User.objects.get(username=value) except User.DoesNotExist: raise serializers.ValidationError( _(u"User '%(value)s' does not exist." % {"value": value})) else: if not user.is_active: raise serializers.ValidationError(_(u"User is not active")) if is_organization(user.profile): raise serializers.ValidationError( _(u"Cannot add org account `{}` as member.".format( user.username))) return value
def validate_username(self, value): """Check that the username exists""" user = None try: user = User.objects.get(username=value) except User.DoesNotExist: raise serializers.ValidationError(_( u"User '%(value)s' does not exist." % {"value": value} )) else: if not user.is_active: raise serializers.ValidationError(_(u"User is not active")) if is_organization(user.profile): raise serializers.ValidationError( _(u"Cannot add org account `{}` as member." .format(user.username))) return value
def get_users(project, context, all_perms=True): """ Return a list of users and organizations that have access to the project. """ if all_perms: users = cache.get('{}{}'.format(PROJ_PERM_CACHE, project.pk)) if users: return users data = {} for perm in project.projectuserobjectpermission_set.all(): if perm.user_id not in data: user = perm.user if all_perms or user in [ context['request'].user, project.organization ]: data[perm.user_id] = { 'permissions': [], 'is_org': is_organization(user.profile), 'metadata': user.profile.metadata, 'first_name': user.first_name, 'last_name': user.last_name, 'user': user.username } if perm.user_id in data: data[perm.user_id]['permissions'].append(perm.permission.codename) for k in list(data): data[k]['permissions'].sort() data[k]['role'] = get_role(data[k]['permissions'], project) del data[k]['permissions'] results = listvalues(data) if all_perms: cache.set('{}{}'.format(PROJ_PERM_CACHE, project.pk), results) return results
def get_users(self, obj): xform_perms = [] if obj: xform_perms = cache.get( '{}{}'.format(XFORM_PERMISSIONS_CACHE, obj.pk)) if xform_perms: return xform_perms cache.set('{}{}'.format(XFORM_PERMISSIONS_CACHE, obj.pk), xform_perms) data = {} for perm in obj.xformuserobjectpermission_set.all(): if perm.user_id not in data: user = perm.user data[perm.user_id] = { 'permissions': [], 'is_org': is_organization(user.profile), 'metadata': user.profile.metadata, 'first_name': user.first_name, 'last_name': user.last_name, 'user': user.username } if perm.user_id in data: data[perm.user_id]['permissions'].append( perm.permission.codename) for k in list(data): data[k]['permissions'].sort() data[k]['role'] = get_role(data[k]['permissions'], XForm) del (data[k]['permissions']) xform_perms = listvalues(data) cache.set('{}{}'.format(XFORM_PERMISSIONS_CACHE, obj.pk), xform_perms) return xform_perms
def get_users(self, obj): xform_perms = [] if obj: xform_perms = cache.get( '{}{}'.format(XFORM_PERMISSIONS_CACHE, obj.pk)) if xform_perms: return xform_perms cache.set('{}{}'.format(XFORM_PERMISSIONS_CACHE, obj.pk), xform_perms) data = {} for perm in obj.xformuserobjectpermission_set.all(): if perm.user_id not in data: user = perm.user data[perm.user_id] = { 'permissions': [], 'is_org': is_organization(user.profile), 'metadata': user.profile.metadata, 'first_name': user.first_name, 'last_name': user.last_name, 'user': user.username } if perm.user_id in data: data[perm.user_id]['permissions'].append( perm.permission.codename) for k in data.keys(): data[k]['permissions'].sort() data[k]['role'] = get_role(data[k]['permissions'], obj) del (data[k]['permissions']) xform_perms = data.values() cache.set('{}{}'.format(XFORM_PERMISSIONS_CACHE, obj.pk), xform_perms) return xform_perms
def is_organization(self, obj): return is_organization(obj)