def _can_view(trip, request):
"""Leaders, chairs, and a trip WIMP can view this page."""
return (perm_utils.in_any_group(request.user, ['WIMP'])
or (trip.wimp and request.participant == trip.wimp)
or perm_utils.leader_on_trip(request.participant, trip, True)
or perm_utils.chair_or_admin(request.user,
trip.required_activity_enum()))
def dispatch(self, request, *args, **kwargs):
""" Only allow creator, leaders of the trip, and chairs. """
trip = self.get_object()
chair = perm_utils.chair_or_admin(request.user, trip.activity)
trip_leader = perm_utils.leader_on_trip(request.participant, trip, True)
if not (chair or trip_leader):
return render(request, 'not_your_trip.html', {'trip': trip})
return super().dispatch(request, *args, **kwargs)
def dispatch(self, request, *args, **kwargs):
activity = kwargs.get('activity')
if not perm_utils.chair_or_admin(request.user, activity):
raise PermissionDenied
if not models.LeaderApplication.can_apply(self.activity):
context = {'missing_form': True, 'activity': self.activity}
return render(request, self.template_name, context)
return super().dispatch(request, *args, **kwargs)
def trip_edit_buttons(trip, participant, user, hide_approve=False):
return {
'trip': trip,
'is_chair': perm_utils.chair_or_admin(user, trip.activity),
'is_creator': trip.creator == participant,
'is_trip_leader': perm_utils.leader_on_trip(participant, trip, False),
'hide_approve': hide_approve # Hide approval even if user is a chair
}
def _can_view(self, trip, request):
""" Leaders, chairs, and a trip WIMP can view this page. """
return (
perm_utils.in_any_group(request.user, ['WIMP'])
or (trip.wimp and request.participant == trip.wimp)
or perm_utils.leader_on_trip(request.participant, trip, True)
or perm_utils.chair_or_admin(request.user, trip.activity)
)
def dispatch(self, request, *args, **kwargs):
activity = kwargs.get('activity')
if not perm_utils.chair_or_admin(request.user, activity):
raise PermissionDenied
if not models.LeaderApplication.can_apply(self.activity):
context = {'missing_form': True, 'activity': self.activity}
return render(request, self.template_name, context)
return super().dispatch(request, *args, **kwargs)
def dispatch(self, request, *args, **kwargs):
try:
activity_enum = enums.Activity(kwargs.get('activity'))
except ValueError:
raise Http404
if not perm_utils.chair_or_admin(request.user, activity_enum):
raise PermissionDenied
return super().dispatch(request, *args, **kwargs)
def dispatch(self, request, *args, **kwargs):
""" Only allow creator, leaders of the trip, and chairs. """
trip = self.get_object()
chair = perm_utils.chair_or_admin(request.user, trip.activity)
trip_leader = perm_utils.leader_on_trip(request.participant, trip,
True)
if not (chair or trip_leader):
return render(request, 'not_your_trip.html', {'trip': trip})
return super().dispatch(request, *args, **kwargs)
def dispatch(self, request, *args, **kwargs):
trip = self.get_object()
activity_enum = trip.required_activity_enum()
if activity_enum is None:
return JsonResponse(
{'message': f'No chair for {trip.program_enum.label}'},
status=400)
if not perm_utils.chair_or_admin(request.user, activity_enum):
return JsonResponse({}, status=403)
return super().dispatch(request, *args, **kwargs)
def dispatch(self, request, *args, **kwargs):
"""Redirect if anonymous, but deny permission if not a chair."""
try:
activity_enum = enums.Activity(self.activity)
except ValueError:
raise Http404 # pylint: disable=raise-missing-from
if not perm_utils.chair_or_admin(request.user, activity_enum):
raise PermissionDenied
return super().dispatch(request, *args, **kwargs)
def _allowed_to_modify_trip(trip: models.Trip, request: HttpRequest) -> bool:
activity_enum = trip.required_activity_enum()
if activity_enum:
is_chair = perm_utils.chair_or_admin(request.user, activity_enum)
else: # (There is no required activity, so no chairs. Allow superusers, though)
is_chair = request.user.is_superuser
participant: models.Participant = request.participant # type: ignore
trip_leader = perm_utils.leader_on_trip(participant, trip, True)
return is_chair or trip_leader
def get_context_data(self, **kwargs):
context = super().get_context_data()
trip = self.object
context['leader_on_trip'] = perm_utils.leader_on_trip(
self.request.participant, trip, True)
context['can_admin'] = context[
'leader_on_trip'] or perm_utils.chair_or_admin(
self.request.user, trip.required_activity_enum())
if context['can_admin'] or perm_utils.is_leader(self.request.user):
context['rentals_by_par'] = list(self.rentals_by_participant(trip))
return context
def trip_edit_buttons(trip, participant, user, hide_approve=False):
available_at = date_utils.itinerary_available_at(trip.trip_date)
return {
'trip': trip,
'is_chair': perm_utils.chair_or_admin(user, trip.activity),
'is_creator': trip.creator == participant,
'is_trip_leader': perm_utils.leader_on_trip(participant, trip, False),
'hide_approve': hide_approve, # Hide approval even if user is a chair
'itinerary_available_at': available_at,
'available_today': available_at.date() == date_utils.local_date(),
'info_form_available': date_utils.local_now() >= available_at,
}
def trip_edit_buttons(trip, participant, user, hide_approve=False):
available_at = date_utils.itinerary_available_at(trip.trip_date)
return {
'trip': trip,
'is_chair': perm_utils.chair_or_admin(user, trip.activity),
'is_creator': trip.creator == participant,
'is_trip_leader': perm_utils.leader_on_trip(participant, trip, False),
'hide_approve': hide_approve, # Hide approval even if user is a chair
'itinerary_available_at': available_at,
'available_today': available_at.date() == date_utils.local_date(),
'info_form_available': date_utils.local_now() >= available_at
}
def test_activity_chair(self):
""" The admin can be considered an activity chair in some contexts. """
self.assertTrue(
perm_utils.chair_or_admin(self.admin, enums.Activity.HIKING))
self.assertTrue(perm_utils.is_chair(self.admin, enums.Activity.HIKING))
self.assertTrue(
perm_utils.is_chair(self.admin,
enums.Activity.HIKING,
allow_superusers=True))
self.assertFalse(
perm_utils.is_chair(self.admin,
enums.Activity.HIKING,
allow_superusers=False))
def dispatch(self, request, *args, **kwargs):
""" Only allow creator, leaders of the trip, and chairs. """
trip = self.get_object()
activity_enum = trip.required_activity_enum()
if activity_enum:
is_chair = perm_utils.chair_or_admin(request.user, activity_enum)
else: # (There is no required activity, so no chairs. Allow superusers, though)
is_chair = request.user.is_superuser
trip_leader = perm_utils.leader_on_trip(request.participant, trip,
True)
if not (is_chair or trip_leader):
return render(request, 'not_your_trip.html', {'trip': trip})
return super().dispatch(request, *args, **kwargs)
def test_activity_chair(self):
""" The admin can be considered an activity chair in some contexts. """
self.assertTrue(perm_utils.chair_or_admin(self.admin, models.BaseRating.HIKING))
self.assertTrue(perm_utils.is_chair(self.admin, models.BaseRating.HIKING))
self.assertTrue(
perm_utils.is_chair(
self.admin, models.BaseRating.HIKING, allow_superusers=True
)
)
self.assertFalse(
perm_utils.is_chair(
self.admin, models.BaseRating.HIKING, allow_superusers=False
)
)
def dispatch(self, request, *args, **kwargs):
try:
activity_enum = enums.Activity(kwargs.get('activity'))
except ValueError:
raise Http404 # pylint: disable=raise-missing-from
if not perm_utils.chair_or_admin(request.user, activity_enum):
raise PermissionDenied
if not models.LeaderApplication.can_apply_for_activity(self.activity):
context = {
'missing_form': True,
'activity': self.activity,
'activity_enum': enums.Activity(self.activity),
}
return render(request, self.template_name, context)
return super().dispatch(request, *args, **kwargs)
def test_make_chair(self):
""" Users can be promoted to being activity chairs. """
# To begin with, our user is not a chair (nobody is, for that matter)
climbing = models.BaseRating.CLIMBING
user = UserFactory.create()
self.assertFalse(perm_utils.is_chair(user, climbing))
self.assertEqual(perm_utils.num_chairs(climbing), 0)
# We promote them to be a climbing chair
perm_utils.make_chair(user, climbing)
self.assertTrue(perm_utils.is_chair(user, climbing))
self.assertEqual(perm_utils.num_chairs(climbing), 1)
# chair_or_admin works now too, and the user is definitely not a superuser
self.assertTrue(perm_utils.chair_or_admin(user, climbing))
self.assertFalse(user.is_superuser)
# Sanity check: The user wasn't accidentally made the chair of other activities
self.assertFalse(perm_utils.is_chair(user, models.BaseRating.BOATING))
def test_make_chair(self):
""" Users can be promoted to being activity chairs. """
# To begin with, our user is not a chair (nobody is, for that matter)
user = UserFactory.create()
self.assertFalse(perm_utils.is_chair(user, enums.Activity.CLIMBING))
self.assertEqual(perm_utils.num_chairs(enums.Activity.CLIMBING), 0)
# We promote them to be a climbing chair
perm_utils.make_chair(user, enums.Activity.CLIMBING)
self.assertTrue(perm_utils.is_chair(user, enums.Activity.CLIMBING))
self.assertEqual(perm_utils.num_chairs(enums.Activity.CLIMBING), 1)
# chair_or_admin works now too, and the user is definitely not a superuser
self.assertTrue(
perm_utils.chair_or_admin(user, enums.Activity.CLIMBING))
self.assertFalse(user.is_superuser)
# Sanity check: The user wasn't accidentally made the chair of other activities
self.assertFalse(perm_utils.is_chair(user, enums.Activity.BOATING))
def dispatch(self, request, *args, **kwargs):
""" Redirect if anonymous, but deny permission if not a chair. """
if not perm_utils.chair_or_admin(request.user, self.activity):
raise PermissionDenied
return super().dispatch(request, *args, **kwargs)
def dispatch(self, request, *args, **kwargs):
""" Redirect if anonymous, but deny permission if not a chair. """
if not perm_utils.chair_or_admin(request.user, self.activity):
raise PermissionDenied
return super().dispatch(request, *args, **kwargs)
def dispatch(self, request, *args, **kwargs):
activity = kwargs.get('activity')
if not perm_utils.chair_or_admin(request.user, activity):
raise PermissionDenied
return super().dispatch(request, *args, **kwargs)
def dispatch(self, request, *args, **kwargs):
activity = kwargs.get('activity')
if not perm_utils.chair_or_admin(request.user, activity):
raise PermissionDenied
return super().dispatch(request, *args, **kwargs)
