def _available_badges(self):
'''
Return the badges that are editable by a user.
'''
c.groups = [{'permission': 'global.admin',
'label': _('In all instances'),
'show_label': True}]
if c.instance:
c.groups.append(
{'permission': 'instance.admin',
'label': _('In instance "%s"') % c.instance.label,
'show_label': h.has_permission('global.admin')})
badges = {}
if has('global.admin'):
badges['global.admin'] = {
'instance': InstanceBadge.all(instance=None),
'user': UserBadge.all(instance=None),
'delegateable': DelegateableBadge.all(instance=None),
'category': CategoryBadge.all(instance=None),
'thumbnail': ThumbnailBadge.all(instance=None)}
if has('instance.admin') and c.instance is not None:
badges['instance.admin'] = {
'instance': InstanceBadge.all(instance=c.instance),
'user': UserBadge.all(instance=c.instance),
'delegateable': DelegateableBadge.all(instance=c.instance),
'category': CategoryBadge.all(instance=c.instance),
'thumbnail': ThumbnailBadge.all(instance=c.instance)}
return badges
def edit(m):
if not c.instance.milestones:
return False
if has('instance.admin'):
return True
if not (has('milestone.edit') and show(m)):
return False
return False
def supervise(check, u=None):
""" Supervise users on instance level """
check.readonly()
check.other('not_in_instance', not c.instance)
if u is not None:
check.other('no_member_in_instance', not u.is_member(c.instance))
check.other('not_user.manage_or_instance.admin',
not (has('user.manage') or has('instance.admin')))
def edit(m):
if not c.instance.milestones:
return False
if has('instance.admin'):
return True
if not (has('milestone.edit') and show(m)):
return False
return False
def edit(p):
if not p.is_mutable():
return False
if has('instance.admin'):
return True
if not (has('proposal.edit') and show(p)):
return False
if (p.description.head.wiki or is_own(p)):
return True
return False
def _to_python(self, value, state):
from adhocracy.model import Instance
if has('global.admin'):
if value:
instance = Instance.find(value)
if instance is None:
raise AssertionError("Could not find instance %s" % value)
return instance
return None
elif has('instance.admin') and c.instance:
return c.instance
raise formencode.Invalid(_("You're not allowed to edit global badges"),
value, state)
def _to_python(self, value, state):
from adhocracy.model import Instance
if has('global.admin'):
if value:
instance = Instance.find(value)
if instance is None:
raise AssertionError("Could not find instance %s" % value)
return instance
return None
elif has('instance.admin') and c.instance:
return c.instance
raise formencode.Invalid(
_("You're not allowed to edit global badges"),
value, state)
def edit(check, p):
if has('instance.admin') or has('global.admin'):
# Admins can always edit proposals.
return
show(check, p)
check.other('proposal_not_mutable', not p.is_mutable())
if has('proposal.edit'):
# having proposal.edit is enough
return
check.other('user_is_no_member', not c.user or
not c.user.is_member(c.instance))
check.other('proposal_head_not_wiki_or_own',
not is_own(p) and not p.description.head.wiki)
def edit(check, p):
if has('instance.admin') or has('global.admin'):
# Admins can always edit proposals.
return
show(check, p)
check.other('proposal_not_mutable', not p.is_mutable())
if has('proposal.edit'):
# having proposal.edit is enough
return
check.other('user_is_no_member', not c.user
or not c.user.is_member(c.instance))
check.other('proposal_head_not_wiki_or_own', not is_own(p)
and not p.description.head.wiki)
def edit(check, m):
check.valid_email()
check.other('instance_without_milestones', not c.instance.milestones)
if has('instance.admin'):
return
check.perm('milestone.edit')
show(check, m)
def row(proposal):
global_admin = authorization.has('global.admin')
if not proposal:
return ""
return render_tile('/proposal/tiles.html', 'row', ProposalTile(proposal),
proposal=proposal, cached=True,
badgesglobal_admin=global_admin)
def row(proposal):
global_admin = authorization.has('global.admin')
if not proposal:
return ""
return render_tile('/proposal/tiles.html', 'row', ProposalTile(proposal),
proposal=proposal, cached=True,
badgesglobal_admin=global_admin)
def update_badges(self, id):
user = get_entity_or_abort(model.User, id)
badges = self.form_result.get('badge')
if not has('global.admin'):
# instance admins may only add user badges limited to this instance
for badge in badges:
if not badge.instance == c.instance:
h.flash(_(u'Invalid badge choice.'), u'error')
redirect(h.entity_url(user))
creator = c.user
added = []
removed = []
for badge in user.badges:
if badge not in badges:
removed.append(badge)
user.badges.remove(badge)
for badge in badges:
if badge not in user.badges:
badge.assign(user, creator)
added.append(badge)
model.meta.Session.flush()
# FIXME: needs commit() cause we do an redirect() which raises
# an Exception.
model.meta.Session.commit()
post_update(user, model.update.UPDATE)
redirect(h.entity_url(user, instance=c.instance))
def adopt(check, p):
check.valid_email()
if c.instance.allow_adopt and has('instance.admin'):
return
show(check, p)
poll.create(check)
check.other('proposal_cannot_adopt', not p.can_adopt())
def edit(check, u):
check.readonly()
if has('user.manage'):
return
show(check, u)
check.other('user_not_self', u != c.user)
check.other(NOT_LOGGED_IN, not c.user)
def adopt(check, p):
check.valid_email()
if c.instance.allow_adopt and has('instance.admin'):
return
show(check, p)
poll.create(check)
check.other('proposal_cannot_adopt', not p.can_adopt())
def delete(check, p):
check.readonly()
check.valid_email()
if has('instance.admin'):
return
check.perm('proposal.delete')
show(check, p)
check.other('proposal_not_mutable', not p.is_mutable())
def delete(check, p):
check.readonly()
check.valid_email()
if has('instance.admin'):
return
check.perm('proposal.delete')
show(check, p)
check.other('proposal_not_mutable', not p.is_mutable())
def edit(check, u):
check.readonly()
if has('user.manage'):
return
show(check, u)
check.other('user_not_self', u != c.user)
check.other(NOT_LOGGED_IN, not c.user)
is_not_demo(check, c.user)
def edit(check, m):
check.readonly()
check.valid_email()
check.other('instance_without_milestones', not c.instance.milestones)
if has('instance.admin'):
return
check.perm('milestone.edit')
show(check, m)
def wrapper(self):
allowed_sender_options = self._get_allowed_sender_options(c.user)
sender_email = self.form_result.get('sender_email')
if ((sender_email not in allowed_sender_options)
or (not allowed_sender_options[sender_email]['enabled'])):
return ret_abort(_("Sorry, but you're not allowed to set these "
"message options"),
code=403)
sender_name = None
if has('global.message'):
sender_name = self.form_result.get('sender_name')
if not sender_name:
sender_name = c.user.name
recipients = User.all_q()
filter_instances = self.form_result.get('filter_instances')
recipients = recipients.join(Membership).filter(
Membership.instance_id.in_(filter_instances))
filter_badges = self.form_result.get('filter_badges')
if filter_badges:
recipients = recipients.join(UserBadges,
UserBadges.user_id == User.id)
recipients = recipients.filter(
UserBadges.badge_id.in_([fb.id for fb in filter_badges]))
if has('global.admin'):
include_footer = self.form_result.get('include_footer')
else:
include_footer = True
if len(filter_instances) == 1:
instance = Instance.find(filter_instances[0])
else:
instance = None
return func(
self,
self.form_result.get('subject'),
self.form_result.get('body'),
recipients.all(),
sender_email=allowed_sender_options[sender_email]['email'],
sender_name=sender_name,
instance=instance,
include_footer=include_footer,
)
def wrapper(self):
allowed_sender_options = self._get_allowed_sender_options(c.user)
sender_email = self.form_result.get('sender_email')
if ((sender_email not in allowed_sender_options) or
(not allowed_sender_options[sender_email]['enabled'])):
return ret_abort(_("Sorry, but you're not allowed to set these "
"message options"), code=403)
sender_name = None
if has('global.message'):
sender_name = self.form_result.get('sender_name')
if not sender_name:
sender_name = c.user.name
recipients = User.all_q()
filter_instances = self.form_result.get('filter_instances')
recipients = recipients.join(Membership).filter(
Membership.instance_id.in_(filter_instances))
filter_badges = self.form_result.get('filter_badges')
if filter_badges:
recipients = recipients.join(UserBadges,
UserBadges.user_id == User.id)
recipients = recipients.filter(
UserBadges.badge_id.in_([fb.id for fb in filter_badges]))
if has('global.admin'):
include_footer = self.form_result.get('include_footer')
else:
include_footer = True
if len(filter_instances) == 1:
instance = Instance.find(filter_instances[0])
else:
instance = None
return func(self,
self.form_result.get('subject'),
self.form_result.get('body'),
recipients.all(),
sender_email=allowed_sender_options[sender_email]['email'],
sender_name=sender_name,
instance=instance,
include_footer=include_footer,
)
def get_allowed_instances(cls, user):
"""
returns all instances in which the given user has permission to send a
message to all users
"""
if has('global.message'):
return Instance.all()
else:
return [m.instance for m in user.memberships
if (m.instance is not None
and m.instance.is_authenticated
and 'instance.message' in m.group.permissions)]
def breadcrumbs(user, dashboard=False):
from adhocracy.lib.helpers import base_url
items = []
if c.instance is not None:
items.append(_url.link(_("Members"), base_url(u'/user')))
elif has('user.index_all'):
items.append(_url.link(_("Members"), base_url(u'/user/all')))
if user is not None:
items.append(_url.link(user.name, url(user)))
if dashboard:
items.append(_url.link(_('Dashboard'), base_url('/user/dashboard')))
return _url.root() + _url.BREAD_SEP.join(items)
def row_inline(proposal):
global_admin = authorization.has("global.admin")
if not proposal:
return ""
return render_tile(
"/proposal/tiles.html",
"row_inline",
ProposalTile(proposal),
proposal=proposal,
cached=False,
badgesglobal_admin=global_admin,
)
def breadcrumbs(user, dashboard=False):
from adhocracy.lib.helpers import base_url
items = []
if c.instance is not None:
items.append(_url.link(_("Members"), base_url(u'/user')))
elif has('user.index_all'):
items.append(_url.link(_("Members"), base_url(u'/user/all')))
if user is not None:
items.append(_url.link(user.name, url(user)))
if dashboard:
items.append(_url.link(_('Dashboard'), base_url('/user/dashboard')))
return _url.root() + _url.BREAD_SEP.join(items)
def _get_badge_or_redirect(self, id):
'''
Get a badge. Redirect if it does not exist. Redirect if
the badge is not from the current instance, but the user is
only an instance admin, not a global admin
'''
badge = Badge.by_id(id, instance_filter=False)
if badge is None:
self._redirect_not_found(id)
if badge.instance != c.instance and not has('global.admin'):
self._redirect_not_found(id)
return badge
def _get_allowed_instances(cls, user):
"""
returns all instances in which the given user has permission to send a
message to all users
"""
if has('global.message'):
return Instance.all()
else:
perm = Permission.find('instance.message')
instances = [m.instance for m in user.memberships
if (m.instance is not None
and m.instance.is_authenticated
and perm in m.group.permissions)]
return sorted(instances, key=lambda i: i.label)
def _get_allowed_instances(cls, user):
"""
returns all instances in which the given user has permission to send a
message to all users
"""
if has('global.message'):
return Instance.all()
else:
perm = Permission.find('instance.message')
return [
m.instance for m in user.memberships
if (m.instance is not None and m.instance.is_authenticated
and perm in m.group.permissions)
]
def _get_allowed_instances(cls, user):
"""
returns all instances in which the given user has permission to send a
message to all users
"""
if has('global.message'):
return Instance.all(include_hidden=True)
else:
perm = Permission.find('instance.message')
instances = [
m.instance for m in user.memberships
if (m.instance is not None and m.instance.is_authenticated
and perm in m.group.permissions)
]
return sorted(instances, key=lambda i: i.label)
def badges(self, id, errors=None):
if has('global.admin'):
c.badges = model.UserBadge.all(instance=None)
else:
c.badges = None
c.page_user = get_entity_or_abort(model.User, id)
instances = c.page_user and c.page_user.instances or []
c.instance_badges = [
{"label": instance.label,
"badges": model.UserBadge.all(instance=instance)} for
instance in instances]
defaults = {'badge': [str(badge.id) for badge in c.page_user.badges]}
return formencode.htmlfill.render(
render("/user/badges.html"),
defaults=defaults,
force_defaults=False)
def select(selected, name='milestone'):
options = [('--', _('(no milestone)'), selected is None)]
if has('milestone.edit'):
milestones = model.Milestone.all(instance=c.instance)
else:
milestones = model.Milestone.all_future(instance=c.instance)
# Add the currently selected milestone if it is in the past
# so it will be shown and won't be overwritten on save
if (selected is not None) and (selected not in milestones):
milestones.insert(0, selected)
for milestone in milestones:
options.append((milestone.id, milestone.title,
milestone == selected))
return render_tile('/milestone/tiles.html', 'select',
None, options=options, name=name)
def _check_item(self, item, line):
error_list = []
user_name = item.get(USER_NAME, '').strip()
email = item.get(EMAIL, '')
badges = item.get(USER_BADGES, '')
if email is not None:
email = email.strip()
validated = {}
USERBADGE_VALIDATOR = ValidUserBadgeNames(
not_empty=False,
if_empty=[],
instance_filter=(not has('global.admin')))
for (validator, value) in (
(USERNAME_VALIDATOR, user_name),
(EMAIL_VALIDATOR, email),
(USERBADGE_VALIDATOR, badges),
):
try:
validated[validator] = validator.to_python(value, None)
except formencode.Invalid, E:
error_list.append(u'%s (%s)' % (E.msg, value))
def can_welcome():
""" Can the current user set welcome codes? """
return welcome_enabled() and has('global.admin')
def supervise(check, u):
check.other('not_in_instance', not c.instance)
check.other('no_member_in_instance', not u.is_member(c.instance))
check.other('not_user.manage_or_instance.admin',
not (has('user.manage') or has('instance.admin')))
def vote(check):
check.other('vote_prohibited', has('vote.prohibit'))
check.other('not_in_instance', not c.instance)
check.other('not_logged_in', not c.user)
check.perm('vote.cast')
def vote(check):
check.readonly()
check.other('vote_prohibited', has('vote.prohibit'))
check.other('not_in_instance', not c.instance)
check.other(NOT_LOGGED_IN, not c.user)
check.perm('vote.cast')
def edit(check, u):
if has('user.manage'):
return
show(check, u)
check.other('user_not_self', u != c.user)
def vote(check):
check.readonly()
check.other('vote_prohibited', has('vote.prohibit'))
check.other('not_in_instance', not c.instance)
check.other(NOT_LOGGED_IN, not c.user)
check.perm('vote.cast')
def delete(m):
return has('milestone.delete') and show(m)
def message(check, p):
check.readonly()
if has('global.message'):
return
check.perm('proposal.message')
def supervise(check, u):
check.readonly()
check.other('not_in_instance', not c.instance)
check.other('no_member_in_instance', not u.is_member(c.instance))
check.other('not_user.manage_or_instance.admin',
not (has('user.manage') or has('instance.admin')))
def show(p):
return has('proposal.show') and not p.is_deleted()
def can_edit():
if not get_backend().is_editable():
return False
return has('global.staticpage')
def create():
if c.instance.frozen:
return False
return has('proposal.create')
def can_welcome():
""" Can the current user set welcome codes? """
return welcome_enabled() and has('global.admin')
def show(m):
return (has('milestone.show') and c.instance.milestones
and not m.is_deleted())
def adopt(p):
if c.instance.allow_adopt and has('instance.admin'):
return True
return show(p) and poll.create() and p.can_adopt()
def index():
return has('proposal.show')
def delete(p):
return has('proposal.delete') and show(p) and p.is_mutable()
def index():
return has('milestone.show') and c.instance.milestones