def test_access_right_embargo(app): """Test access right embargo.""" assert AccessRight.get(AccessRight.OPEN) == "open" assert AccessRight.get(AccessRight.EMBARGOED) == "embargoed" # Embargo just lifted today. assert AccessRight.get(AccessRight.EMBARGOED, embargo_date=date.today()) == "open" # Future embargo date. assert AccessRight.get(AccessRight.EMBARGOED, embargo_date=date.today() + timedelta(days=1)) == "embargoed"
def test_access_right_embargo(): """Test access right embargo.""" assert AccessRight.get(AccessRight.OPEN) == 'open' assert AccessRight.get(AccessRight.EMBARGOED) == 'embargoed' # Embargo just lifted today. assert AccessRight.get(AccessRight.EMBARGOED, embargo_date=date.today()) == 'open' # Future embargo date. assert AccessRight.get( AccessRight.EMBARGOED, embargo_date=date.today()+timedelta(days=1)) \ == 'embargoed'
def test_access_right_embargo(): """Test access right embargo.""" assert AccessRight.get(AccessRight.OPEN) == 'open' assert AccessRight.get(AccessRight.EMBARGOED) == 'embargoed' # Embargo just lifted today. today = datetime.utcnow().date() assert AccessRight.get( AccessRight.EMBARGOED, embargo_date=today) == 'open' # Future embargo date. assert AccessRight.get( AccessRight.EMBARGOED, embargo_date=today+timedelta(days=1)) \ == 'embargoed'
def get_access_right(self, obj): """Get access right information.""" dt = obj.get('embargo_date') return AccessRight.get( obj['access_right'], embargo_date=parse(dt).date() if dt else None )
def has_access(user=None, record=None): """Check whether the user has access to the record. The rules followed are: 1. Open Access records can be viewed by everyone. 2. Embargoed, Restricted and Closed records can be viewed by the record owners. 3. Administrators can view every record. """ if AccessRight.get(record['access_right'], record.get('embargo_date')) \ == AccessRight.OPEN: return True user_id = int(user.get_id()) if user.is_authenticated else None if user_id in record.get('owners', []): return True if DynamicPermission(ActionNeed('admin-access')): return True try: token = session['accessrequests-secret-token'] recid = record['recid'] if SecretLink.validate_token(token, dict(recid=int(recid))): return True else: del session['accessrequests-secret-token'] except KeyError: pass return False
def has_read_permission(user, record): """Check if user has read access to the record.""" # Allow if record is open access if AccessRight.get(record['access_right'], record.get('embargo_date')) \ == AccessRight.OPEN: return True # Allow token bearers token = session.get('accessrequests-secret-token') if token and SecretLink.validate_token( token, dict(recid=int(record['recid']))): return True return has_update_permission(user, record)
def has_access(user=None, record=None): """Check whether the user has access to the record. The rules followed are: 1. Open Access records can be viewed by everyone. 2. Embargoed, Restricted and Closed records can be viewed by the record owners. 3. Administrators can view every record. """ if AccessRight.get(record['access_right'], record.get('embargo_date')) \ == AccessRight.OPEN: return True user_id = int(user.get_id()) if user.is_authenticated else None if user_id in record.get('owners', []): return True if DynamicPermission(ActionNeed('admin-access')): return True return False
def test_access_right_embargo(): """Test access right embargo.""" assert AccessRight.get(AccessRight.OPEN) == 'open' assert AccessRight.get(AccessRight.EMBARGOED) == 'embargoed' # Embargo just lifted today. today = datetime.utcnow().date() assert AccessRight.get( AccessRight.EMBARGOED, embargo_date=today) == 'open' # Future embargo date. assert AccessRight.get( AccessRight.EMBARGOED, embargo_date=today+timedelta(days=1)) \ == 'embargoed' # Should work with strings as well assert AccessRight.get( AccessRight.EMBARGOED, embargo_date='1253-01-01') == AccessRight.OPEN assert AccessRight.get( AccessRight.EMBARGOED, embargo_date=str(today+timedelta(days=1))) == AccessRight.EMBARGOED