def canStudentUpdateProposal(self):
"""Checks if the student is eligible to submit a proposal.
"""
assert isSet(self.data.proposal)
self.isActiveStudent()
self.isProposalInURLValid()
# check if the timeline allows updating proposals
self.studentSignupActive()
if self.data.proposal.status == 'invalid':
error_msg = DEF_ID_BASED_ENTITY_INVALID_MSG_FMT % {
'model': 'GSoCProposal',
'id': id,
}
raise AccessViolation(error_msg)
# check if the proposal belongs to the current user
expected_profile = self.data.proposal.parent()
if expected_profile.key().name() != self.data.profile.key().name():
error_msg = DEF_ENTITY_DOES_NOT_BELONG_TO_YOU % {
'model': 'GSoCProposal'
}
raise AccessViolation(error_msg)
def canRespondToInvite(self):
"""Checks if the current user can accept/reject the invitation.
"""
assert isSet(self.data.invite)
assert isSet(self.data.invited_user)
# check if the entity represents an invitation
if self.data.invite.type != 'Invitation':
raise AccessViolation(DEF_NOT_VALID_INVITATION_MSG)
# check if the entity can be responded
if self.data.invite.status not in ['pending', 'rejected']:
raise AccessViolation(DEF_NOT_VALID_INVITATION_MSG)
# check if the entity is addressed to the current user
if self.data.invited_user.key() != self.data.user.key():
error_msg = DEF_ENTITY_DOES_NOT_BELONG_TO_YOU % {
'model': 'Request'
}
raise AccessViolation(error_msg)
# check if the user does not have this role
if self.data.invite.role == 'org_admin':
self.notOrgAdmin()
else:
self.notMentor()
def canAccessProposalEntity(self):
"""Checks if the current user is allowed to access a Proposal entity.
"""
assert isSet(self.data.proposal)
assert isSet(self.data.proposal_org)
assert isSet(self.data.proposer_user)
# if the proposal is public, everyone may access it
if self.data.proposal.is_publicly_visible:
return
if not self.data.user:
raise AccessViolation(DEF_PROPOSAL_NOT_PUBLIC_MSG)
self.isProfileActive()
# if the current user is the proposer, he or she may access it
if self.data.user.key() == self.data.proposer_user.key():
return
# all the mentors and org admins from the organization may access it
if self.data.mentorFor(self.data.proposal_org):
return
raise AccessViolation(DEF_PROPOSAL_NOT_PUBLIC_MSG)
def isProgramActive(self):
"""Checks that the program is active.
Active means 'visible' or 'inactive'.
"""
if not self.data.program:
raise AccessViolation(DEF_NO_SUCH_PROGRAM_MSG)
if self.data.program.status in ['visible', 'inactive']:
return
raise AccessViolation(DEF_PROGRAM_INACTIVE_MSG_FMT %
self.data.program.name)
def canRespondToRequest(self):
"""Checks if the current user can accept/reject the request.
"""
assert isSet(self.data.request_entity)
assert isSet(self.data.requester)
# check if the entity represents an invitation
if self.data.request_entity.type != 'Request':
raise AccessViolation(DEF_NOT_VALID_REQUEST_MSG)
# check if the entity can be responded
if self.data.request_entity.status not in ['pending', 'rejected']:
raise AccessViolation(DEF_NOT_VALID_REQUEST_MSG)
# check if the user is an admin for the organization
self.isOrgAdmin()
def jsonContext(self):
list_content = AcceptedOrgsList(self.request, self.data).getListData()
if not list_content:
raise AccessViolation(
'You do not have access to this data')
return list_content.content()
def jsonContext(self):
"""Handler for JSON requests.
"""
list_content = ProjectList(self.request, self.data).getListData()
if not list_content:
raise AccessViolation('You do not have access to this data')
return list_content.content()
def isMentorForOrganization(self, org):
"""Checks if the user is a mentor for the specified organiztaion.
"""
self.isProfileActive()
if self.data.mentorFor(org):
return
raise AccessViolation(DEF_NOT_MENTOR_MSG % org.name)
def isProfileActive(self):
"""Checks if the profile of the current user is active.
"""
self.isLoggedIn()
if self.data.profile and self.data.profile.status == 'active':
return
raise AccessViolation(DEF_ROLE_INACTIVE_MSG)
def isHost(self):
"""Checks whether the current user has a host role.
"""
self.isLoggedIn()
if self.data.is_host:
return
raise AccessViolation(DEF_NOT_HOST_MSG)
def notStudent(self):
"""Checks if the current user has a non-student profile.
"""
self.isProfileActive()
if not self.data.student_info:
return
raise AccessViolation(DEF_IS_STUDENT_MSG)
def isOrgAdminForOrganization(self, org):
"""Checks if the user is an admin for the specified organiztaion.
"""
self.isProfileActive()
if self.data.orgAdminFor(org):
return
raise AccessViolation(DEF_NOT_ADMIN_MSG % org.name)
def isProposalInURLValid(self):
"""Checks if the proposal in URL exists.
"""
assert isSet(self.data.proposal)
if not self.data.proposal:
error_msg = DEF_ID_BASED_ENTITY_NOT_EXISTS_MSG_FMT % {
'model': 'GSoCProposal',
'id': self.data.kwargs['id']
}
raise AccessViolation(error_msg)
if self.data.proposal.status == 'invalid':
error_msg = DEF_ID_BASED_ENTITY_INVALID_MSG_FMT % {
'model': 'GSoCProposal',
'id': self.data.kwargs['id'],
}
raise AccessViolation(error_msg)
def isActiveStudent(self):
"""Checks if the user is an active student.
"""
self.isProfileActive()
if self.data.student_info:
return
raise AccessViolation(DEF_IS_NOT_STUDENT_MSG)
def isUser(self):
"""Checks if the current user has an User entity.
"""
self.isLoggedIn()
if self.data.user:
return
raise AccessViolation(DEF_NO_USER_LOGIN_MSG)
def isOrganizationInURLActive(self):
"""Checks if the organization in URL exists and if its status is active.
"""
assert isSet(self.data.organization)
if not self.data.organization:
error_msg = DEF_ORG_DOES_NOT_EXISTS_MSG_FMT % {
'link_id': self.data.kwargs['organization'],
'program': self.data.program.name
}
raise AccessViolation(error_msg)
if self.data.organization.status != 'active':
error_msg = DEF_ORG_NOT_ACTIVE_MSG_FMT % {
'name': self.data.organization.name,
'program': self.data.program.name
}
raise AccessViolation(error_msg)
def studentSignupActive(self):
"""Checks if the student signup period is active.
"""
self.isProgramActive()
if self.data.timeline.studentSignup():
return
raise AccessViolation(DEF_PAGE_INACTIVE_OUTSIDE_MSG_FMT %
self.data.timeline.studentsSignupBetween())
def acceptedStudentsAnnounced(self):
"""Checks if the accepted students have been announced.
"""
self.isProgramActive()
if self.data.timeline.studentsAnnounced():
return
period = self.data.timeline.studentsAnnouncedOn()
raise AccessViolation(DEF_PAGE_INACTIVE_BEFORE_MSG_FMT % period)
def notMentor(self):
"""Checks if the user is not a mentor.
"""
self.isProfileActive()
assert isSet(self.data.organization)
if not self.data.mentorFor(self.data.organization):
return
raise AccessViolation(DEF_ALREADY_MENTOR_MSG %
self.data.organization.name)
def notOrgAdmin(self):
"""Checks if the user is not an admin.
"""
self.isProfileActive()
assert isSet(self.data.organization)
if not self.data.orgAdminFor(self.data.organization):
return
raise AccessViolation(DEF_ALREADY_ADMIN_MSG %
self.data.organization.name)
def _isIdBasedEntityPresent(self, entity, id, model_name):
"""Checks if the entity is not None.
"""
if entity is not None:
return
error_msg = DEF_ID_BASED_ENTITY_NOT_EXISTS_MSG_FMT % {
'model': model_name,
'id': id,
}
raise AccessViolation(error_msg)
def isDeveloper(self):
"""Checks if the current user is a Developer.
"""
self.isUser()
if self.data.user.is_developer:
return
if users.is_current_user_admin():
return
raise AccessViolation(DEF_NOT_DEVELOPER_MSG)
def canViewDocument(self):
"""Checks if the specified user can see the document.
"""
assert isSet(self.data.document)
if not self.data.document:
raise NotFound(DEF_NO_DOCUMENT)
if self.data.document.read_access == 'public':
return
raise AccessViolation(DEF_NOT_PUBLIC_DOCUMENT)
def canResubmitRequest(self):
"""Checks if the current user can resubmit the request.
"""
assert isSet(self.data.request_entity)
assert isSet(self.data.requester)
# check if the entity represents an invitation
if self.data.request_entity.type != 'Request':
raise AccessViolation(DEF_NOT_VALID_REQUEST_MSG)
# only withdrawn requests may be resubmitted
if self.data.request_entity.status != 'withdrawn':
raise AccessViolation(DEF_NOT_VALID_REQUEST_MSG)
# check if the request belongs to the current user
if self.data.requester.key() != self.data.user.key():
error_msg = DEF_ENTITY_DOES_NOT_BELONG_TO_YOU % {
'model': 'Request'
}
raise AccessViolation(error_msg)
def canApplyNonStudent(self, role, edit_url):
"""Checks if the user can apply as a mentor or org admin.
"""
self.isLoggedIn()
if self.data.profile and not self.data.profile.student_info:
raise RedirectRequest(edit_url)
if not self.data.profile:
return
raise AccessViolation(DEF_ALREADY_PARTICIPATING_AS_STUDENT_MSG %
(role, self.data.program.name))
def jsonContext(self):
"""Handler for JSON requests.
"""
components = self._getActiveComponents()
list_content = None
for component in components:
list_content = component.getListData()
if list_content:
break
if not list_content:
raise AccessViolation('You do not have access to this data')
return list_content.content()
def canStudentPropose(self):
"""Checks if the student is eligible to submit a proposal.
"""
# check if the timeline allows submitting proposals
self.studentSignupActive()
# check how many proposals the student has already submitted
fields = {'scope': self.data.profile}
query = db.Query(StudentProposal)
query.filter('scope = ', self.data.profile).ancestor(self.data.user)
if query.count() >= self.data.program.apps_tasks_limit:
# too many proposals access denied
raise AccessViolation(DEF_MAX_PROPOSALS_REACHED)
def canApplyStudent(self, edit_url):
"""Checks if the user can apply as a student.
"""
self.isLoggedIn()
if self.data.profile and self.data.profile.student_info:
raise RedirectRequest(edit_url)
self.studentSignupActive()
if not self.data.profile:
return
raise AccessViolation(DEF_ALREADY_PARTICIPATING_AS_NON_STUDENT_MSG %
self.data.program.name)
def checkAccess(self):
"""Access checks for GSoC Invite page.
"""
self.check.isProgramActive()
# check if the current user has a profile, but is not a student
self.check.notStudent()
# check if the organization exists
self.mutator.organizationFromKwargs()
self.check.isOrganizationInURLActive()
# check if the user is not already mentor role for the organization
self.check.notMentor()
# check if there is already a request
query = db.Query(Request)
query.filter('type = ', 'Request')
query.filter('user = '******'group = ', self.data.organization)
if query.get():
raise AccessViolation(
'You have already sent a request to this organization.')
def fail(self, message):
"""Raises an AccessViolation with the specified message.
"""
raise AccessViolation(message)
