def test_rb_check_user_access(db, mocker, dummy_user, dummy_group, is_rb_admin, acl_empty, in_acl, expected):
if is_rb_admin:
mocker.patch('indico.modules.rb.util.rb_is_admin', return_value=True)
if not acl_empty:
rb_settings.acls.add_principal('authorized_principals', dummy_group)
if in_acl:
rb_settings.acls.add_principal('authorized_principals', dummy_user)
assert rb_check_user_access(dummy_user) == expected
def _hasAccess(self, aw):
if not Config.getInstance().getIsRoomBookingActive() or not rb_check_user_access(aw.getUser()):
return False
if self._room.can_be_booked(aw.getUser()):
return True
elif self._room.can_be_prebooked(aw.getUser()):
raise HTTPAPIError('The API only supports direct bookings but this room only allows pre-bookings.')
return False
def _has_access(self, user):
if not config.ENABLE_ROOMBOOKING or not rb_check_user_access(user):
return False
if self._room.can_book(user):
return True
elif self._room.can_prebook(user):
raise HTTPAPIError('The API only supports direct bookings but this room only allows pre-bookings.')
return False
def _checkSessionUser(self):
if not Config.getInstance().getIsRoomBookingActive():
raise AccessError()
if not session.user:
self._redirect(self._getLoginURL())
self._doProcess = False
return
if not rb_check_user_access(session.user):
raise AccessError()
def _can_be_booked(self, user, prebook=False, ignore_admin=False):
if not user or not rb_check_user_access(user):
return False
if (not ignore_admin and rb_is_admin(user)) or (self.is_owned_by(user) and self.is_active):
return True
if self.is_active and self.is_reservable and (prebook or not self.reservations_need_confirmation):
group_name = self.get_attribute_value('allowed-booking-group')
if not group_name or user in GroupProxy.get_named_default_group(group_name):
return True
return False
def _can_be_booked(self, user, prebook=False, ignore_admin=False):
if not user or not rb_check_user_access(user):
return False
if (not ignore_admin and rb_is_admin(user)) or (self.is_owned_by(user)
and self.is_active):
return True
if self.is_active and self.is_reservable and (
prebook or not self.reservations_need_confirmation):
group_name = self.get_attribute_value('allowed-booking-group')
if not group_name or user in GroupProxy.get_named_default_group(
group_name):
return True
return False
def _process(self):
if not request.is_xhr:
return redirect(
url_for_index(_anchor=f'create-event:{self.event_type.name}'))
form_cls = LectureCreationForm if self.event_type == EventType.lecture else EventCreationForm
form = form_cls(obj=self._get_form_defaults(),
prefix='event-creation-')
if form.validate_on_submit():
data = form.data
listing = data.pop('listing')
if not listing and can_create_unlisted_events(session.user):
del data['category']
if self.event_type == EventType.lecture:
events = self._create_series(data)
event = events[0]
if len(events) > 1:
flash(
Markup(
render_template('events/series_created_msg.html',
events=events)), 'info')
notify_event_creation(event, occurrences=events)
else:
event = self._create_event(data)
notify_event_creation(event)
return jsonify_data(flash=False,
redirect=url_for('event_management.settings',
event))
check_room_availability = rb_check_user_access(
session.user) and config.ENABLE_ROOMBOOKING
rb_excluded_categories = [
c.id for c in rb_settings.get('excluded_categories')
]
return jsonify_template(
'events/forms/event_creation_form.html',
form=form,
fields=form._field_order,
event_type=self.event_type.name,
single_category=(not self.root_category.has_children),
check_room_availability=check_room_availability,
rb_excluded_categories=rb_excluded_categories,
can_create_unlisted_events=can_create_unlisted_events(
session.user))
def _process(self):
if not request.is_xhr:
return redirect(url_for_index(_anchor='create-event:{}'.format(self.event_type.name)))
form_cls = LectureCreationForm if self.event_type == EventType.lecture else EventCreationForm
form = form_cls(obj=self._get_form_defaults(), prefix='event-creation-')
if form.validate_on_submit():
if self.event_type == EventType.lecture:
events = self._create_series(form.data)
event = events[0]
if len(events) > 1:
flash(Markup(render_template('events/series_created_msg.html', events=events)), 'info')
notify_event_creation(event, occurrences=events)
else:
event = self._create_event(form.data)
notify_event_creation(event)
return jsonify_data(flash=False, redirect=url_for('event_management.settings', event))
check_room_availability = rb_check_user_access(session.user) and config.ENABLE_ROOMBOOKING
rb_excluded_categories = [c.id for c in rb_settings.get('excluded_categories')]
return jsonify_template('events/forms/event_creation_form.html', form=form, fields=form._field_order,
event_type=self.event_type.name, single_category=self.single_category,
check_room_availability=check_room_availability,
rb_excluded_categories=rb_excluded_categories)
def _has_access(self, user):
return config.ENABLE_ROOMBOOKING and rb_check_user_access(user)
def _hasAccess(self, aw):
return Config.getInstance().getIsRoomBookingActive() and rb_check_user_access(aw.getUser())
def _require_user(self):
if not config.ENABLE_ROOMBOOKING:
raise NotFound(_('The room booking module is not enabled.'))
RHProtected._require_user(self)
if not rb_check_user_access(session.user):
raise Forbidden(_('You are not authorized to access the room booking system.'))
def _has_access(self, user):
return config.ENABLE_ROOMBOOKING and rb_check_user_access(user)
def _hasAccess(self, aw):
return Config.getInstance().getIsRoomBookingActive(
) and rb_check_user_access(aw.getUser())
def _checkSessionUser(self):
if not Config.getInstance().getIsRoomBookingActive():
raise NotFound(_('The room booking module is not enabled.'))
RHProtected._checkSessionUser(self)
if not rb_check_user_access(session.user):
raise Forbidden(_('Your are not authorized to access the room booking system.'))