def orgchart_get_by_username(request, path, username):
"""Internal routing to expose orgchart service by user_id."""
try:
user = User.objects.get(username=username)
except User.DoesNotExist:
user = None
# if there is a user and the user is not a staff member
# then we don't need to search for a profile in orgchart
if user and not user.userprofile.is_staff and path == 'trace':
return JsonResponse(None, safe=False)
scope = UserAccessLevel.get_privacy(request, user)
if scope not in [UserAccessLevel.STAFF, UserAccessLevel.PRIVATE]:
return DinoErrorResponse.get_error(DinoErrorResponse.PERMISSION_ERROR)
url_parts = urlparse.ParseResult(
scheme='http',
netloc=settings.DINO_PARK_ORGCHART_SVC,
path='/orgchart/{0}/{1}'.format(path, escape_uri_path(username)),
params='',
query='',
fragment=''
)
url = urlparse.urlunparse(url_parts)
resp = requests.get(url)
return JsonResponse(resp.json(), safe=False)
def test_staff_access_scope(self):
request = self.factory.get('/')
user = UserFactory.create()
user.userprofile.is_staff = True
user.userprofile.save()
request.user = user
eq_(UserAccessLevel.get_privacy(request), 'staff')
def test_staff_access_scope(self):
request = self.factory.get('/')
user = UserFactory.create()
user.userprofile.is_staff = True
user.userprofile.save()
request.user = user
eq_(UserAccessLevel.get_privacy(request), 'staff')
def orgchart_get_by_username(request, path, username):
"""Internal routing to expose orgchart service by user_id."""
try:
user = User.objects.get(username=username)
except User.DoesNotExist:
user = None
# if there is a user and the user is not a staff member
# then we don't need to search for a profile in orgchart
if user and not user.userprofile.is_staff and path == 'trace':
return JsonResponse(None, safe=False)
scope = UserAccessLevel.get_privacy(request, user)
if scope not in [UserAccessLevel.STAFF, UserAccessLevel.PRIVATE]:
return DinoErrorResponse.get_error(DinoErrorResponse.PERMISSION_ERROR)
url_parts = urlparse.ParseResult(scheme='http',
netloc=settings.DINO_PARK_ORGCHART_SVC,
path='/orgchart/{0}/{1}'.format(
path, escape_uri_path(username)),
params='',
query='',
fragment='')
url = urlparse.urlunparse(url_parts)
resp = requests.get(url)
return JsonResponse(resp.json(), safe=False)
def test_nda_access_scope(self):
request = self.factory.get('/')
user = UserFactory.create(vouched=True)
request.user = user
nda = GroupFactory.create(name='nda')
GroupMembership.objects.create(userprofile=user.userprofile, group=nda,
status=GroupMembership.MEMBER)
eq_(UserAccessLevel.get_privacy(request), 'nda')
def test_nda_access_scope(self):
request = self.factory.get('/')
user = UserFactory.create(vouched=True)
request.user = user
nda = GroupFactory.create(name='nda')
GroupMembership.objects.create(userprofile=user.userprofile,
group=nda,
status=GroupMembership.MEMBER)
eq_(UserAccessLevel.get_privacy(request), 'nda')
def search_simple(request):
"""Internal routing to expose simple search."""
scope = UserAccessLevel.get_privacy(request)
url_parts = urlparse.ParseResult(scheme='http',
netloc=settings.DINO_PARK_SEARCH_SVC,
path='/search/simple/{}'.format(scope),
params='',
query=request.GET.urlencode(),
fragment='')
url = urlparse.urlunparse(url_parts)
resp = requests.get(url)
resp.raise_for_status()
return JsonResponse(resp.json(), safe=False)
def search_get_profile(request, username, scope=None):
"""Internal routing to expose search by user ID."""
if not scope:
scope = UserAccessLevel.get_privacy(request)
url_parts = urlparse.ParseResult(scheme='http',
netloc=settings.DINO_PARK_SEARCH_SVC,
path='/search/get/{}/{}'.format(
scope, username),
params='',
query='',
fragment='')
url = urlparse.urlunparse(url_parts)
resp = requests.get(url)
resp.raise_for_status()
return JsonResponse(resp.json(), safe=False)
def search_simple(request):
"""Internal routing to expose simple search."""
scope = UserAccessLevel.get_privacy(request)
url_parts = urlparse.ParseResult(
scheme='http',
netloc=settings.DINO_PARK_SEARCH_SVC,
path='/search/simple/{}'.format(scope),
params='',
query=request.GET.urlencode(),
fragment=''
)
url = urlparse.urlunparse(url_parts)
resp = requests.get(url)
resp.raise_for_status()
return JsonResponse(resp.json(), safe=False)
def orgchart(request):
"""Internal routing to expose orgchart service."""
scope = UserAccessLevel.get_privacy(request)
if scope not in [UserAccessLevel.STAFF, UserAccessLevel.PRIVATE]:
return DinoErrorResponse.get_error(DinoErrorResponse.PERMISSION_ERROR)
url_parts = urlparse.ParseResult(scheme='http',
netloc=settings.DINO_PARK_ORGCHART_SVC,
path='/orgchart',
params='',
query='',
fragment='')
url = urlparse.urlunparse(url_parts)
resp = requests.get(url)
resp.raise_for_status()
return JsonResponse(resp.json(), safe=False)
def orgchart_get_by_username(request, path, username):
"""Internal routing to expose orgchart service by user_id."""
scope = UserAccessLevel.get_privacy(request)
if scope not in [UserAccessLevel.STAFF, UserAccessLevel.PRIVATE]:
return HttpResponseForbidden()
url_parts = urlparse.ParseResult(scheme='http',
netloc=settings.DINO_PARK_ORGCHART_SVC,
path='/orgchart/{0}/{1}'.format(
path, username),
params='',
query='',
fragment='')
url = urlparse.urlunparse(url_parts)
resp = requests.get(url)
resp.raise_for_status()
return JsonResponse(resp.json(), safe=False)
def orgchart(request):
"""Internal routing to expose orgchart service."""
scope = UserAccessLevel.get_privacy(request)
if scope not in [UserAccessLevel.STAFF, UserAccessLevel.PRIVATE]:
return DinoErrorResponse.get_error(DinoErrorResponse.PERMISSION_ERROR)
url_parts = urlparse.ParseResult(
scheme='http',
netloc=settings.DINO_PARK_ORGCHART_SVC,
path='/orgchart',
params='',
query='',
fragment=''
)
url = urlparse.urlunparse(url_parts)
resp = requests.get(url)
resp.raise_for_status()
return JsonResponse(resp.json(), safe=False)
def search_get_profile(request, username, scope=None):
"""Internal routing to expose search by user ID."""
try:
user = User.objects.get(username=username)
except User.DoesNotExist:
user = None
if not scope:
scope = UserAccessLevel.get_privacy(request, user)
url_parts = urlparse.ParseResult(scheme='http',
netloc=settings.DINO_PARK_SEARCH_SVC,
path='/search/get/{}/{}'.format(
scope, escape_uri_path(username)),
params='',
query='',
fragment='')
url = urlparse.urlunparse(url_parts)
resp = requests.get(url)
return JsonResponse(resp.json(), safe=False)
def search_get_profile(request, username, scope=None):
"""Internal routing to expose search by user ID."""
try:
user = User.objects.get(username=username)
except User.DoesNotExist:
user = None
if not scope:
scope = UserAccessLevel.get_privacy(request, user)
url_parts = urlparse.ParseResult(
scheme='http',
netloc=settings.DINO_PARK_SEARCH_SVC,
path='/search/get/{}/{}'.format(scope, escape_uri_path(username)),
params='',
query='',
fragment=''
)
url = urlparse.urlunparse(url_parts)
resp = requests.get(url)
return JsonResponse(resp.json(), safe=False)
def test_public_access_scope(self):
request = self.factory.get('/')
request.user = AnonymousUser()
eq_(UserAccessLevel.get_privacy(request), 'public')
def test_vouched_access_scope(self):
request = self.factory.get('/')
request.user = UserFactory(vouched=True)
eq_(UserAccessLevel.get_privacy(request), 'vouched')
def test_authenticated_access_scope(self):
request = self.factory.get('/')
request.user = UserFactory(vouched=False)
eq_(UserAccessLevel.get_privacy(request), 'authenticated')
def test_private_access_scope_superuser(self):
request = self.factory.get('/')
request.user = UserFactory(is_superuser=True)
user = request.user
eq_(UserAccessLevel.get_privacy(request, user), 'private')
def test_public_access_scope(self):
request = self.factory.get('/')
request.user = AnonymousUser()
eq_(UserAccessLevel.get_privacy(request), 'public')
def test_private_access_scope_superuser(self):
request = self.factory.get('/')
request.user = UserFactory(is_superuser=True)
user = request.user
eq_(UserAccessLevel.get_privacy(request, user), 'private')
def test_vouched_access_scope(self):
request = self.factory.get('/')
request.user = UserFactory(vouched=True)
eq_(UserAccessLevel.get_privacy(request), 'vouched')
def test_authenticated_access_scope(self):
request = self.factory.get('/')
request.user = UserFactory(vouched=False)
eq_(UserAccessLevel.get_privacy(request), 'authenticated')