def checkIsStudentProposalPubliclyVisible(self, django_args):
"""Checks whether the proposal's content can be seen by everyone.
Args:
django_args: a dictionary with django's arguments
Raises:
AccessViolationResponse:
- If there is no proposal found
- If the proposal cannot be publicly seen
"""
proposal_entity = student_proposal_logic.getFromKeyFieldsOr404(
django_args)
user = self.user
proposal_owner = proposal_entity.scope.user.key().id_or_name()
# student may see his own proposal even if public view is not available
if user and user.key().id_or_name() == proposal_owner:
return
if not proposal_entity.is_publicly_visible:
raise out_of_band.AccessViolation(
message_fmt=DEF_PROPOSAL_NOT_PUBLIC)
return
def checkIsStudentProposalPubliclyVisible(self, django_args):
"""Checks whether the proposal's content can be seen by everyone.
Args:
django_args: a dictionary with django's arguments
Raises:
AccessViolationResponse:
- If there is no proposal found
- If the proposal cannot be publicly seen
"""
proposal_entity = student_proposal_logic.getFromKeyFieldsOr404(django_args)
user = self.user
proposal_owner = proposal_entity.scope.user.key().id_or_name()
# student may see his own proposal even if public view is not available
if user and user.key().id_or_name() == proposal_owner:
return
if not proposal_entity.is_publicly_visible:
raise out_of_band.AccessViolation(
message_fmt=DEF_PROPOSAL_NOT_PUBLIC)
return
def checkRoleAndStatusForStudentProposal(self, django_args, allowed_roles,
role_status, proposal_status):
"""Checks if the current user has access to the given proposal.
Args:
django_args: a dictionary with django's arguments
allowed_roles: list with names for the roles allowed to pass access check
role_status: list with states allowed for the role
proposal_status: a list with states allowed for the proposal
Raises:
AccessViolationResponse:
- If there is no proposal found
- If the proposal is not in one of the required states.
- If the user does not have any ofe the required roles
"""
self.checkIsUser(django_args)
# bail out with 404 if no proposal is found
proposal_entity = student_proposal_logic.getFromKeyFieldsOr404(
django_args)
if not proposal_entity.status in proposal_status:
# this proposal can not be accessed at the moment
raise out_of_band.AccessViolation(
message_fmt=access.DEF_NO_ACTIVE_ENTITY_MSG)
user_entity = self.user
if 'proposer' in allowed_roles:
# check if this proposal belongs to the current user
student_entity = proposal_entity.scope
if (user_entity.key()
== student_entity.user.key()) and (student_entity.status
in role_status):
return
filter = {'user': user_entity, 'status': role_status}
if 'host' in allowed_roles:
# check if the current user is a host for this proposal's program
filter['scope'] = proposal_entity.program.scope
if host_logic.getForFields(filter, unique=True):
return
if 'org_admin' in allowed_roles:
# check if the current user is an admin for this proposal's org
filter['scope'] = proposal_entity.org
if org_admin_logic.getForFields(filter, unique=True):
return
if 'mentor' in allowed_roles:
# check if the current user is a mentor for this proposal's org
filter['scope'] = proposal_entity.org
if mentor_logic.getForFields(filter, unique=True):
return
# no roles found, access denied
raise out_of_band.AccessViolation(message_fmt=access.DEF_NEED_ROLE_MSG)
def checkRoleAndStatusForStudentProposal(self, django_args, allowed_roles,
role_status, proposal_status):
"""Checks if the current user has access to the given proposal.
Args:
django_args: a dictionary with django's arguments
allowed_roles: list with names for the roles allowed to pass access check
role_status: list with states allowed for the role
proposal_status: a list with states allowed for the proposal
Raises:
AccessViolationResponse:
- If there is no proposal found
- If the proposal is not in one of the required states.
- If the user does not have any ofe the required roles
"""
self.checkIsUser(django_args)
# bail out with 404 if no proposal is found
proposal_entity = student_proposal_logic.getFromKeyFieldsOr404(django_args)
if not proposal_entity.status in proposal_status:
# this proposal can not be accessed at the moment
raise out_of_band.AccessViolation(
message_fmt=access.DEF_NO_ACTIVE_ENTITY_MSG)
user_entity = self.user
if 'proposer' in allowed_roles:
# check if this proposal belongs to the current user
student_entity = proposal_entity.scope
if (user_entity.key() == student_entity.user.key()) and (
student_entity.status in role_status):
return
filter = {'user': user_entity,
'status': role_status}
if 'host' in allowed_roles:
# check if the current user is a host for this proposal's program
filter['scope'] = proposal_entity.program.scope
if host_logic.getForFields(filter, unique=True):
return
if 'org_admin' in allowed_roles:
# check if the current user is an admin for this proposal's org
filter['scope'] = proposal_entity.org
if org_admin_logic.getForFields(filter, unique=True):
return
if 'mentor' in allowed_roles:
# check if the current user is a mentor for this proposal's org
filter['scope'] = proposal_entity.org
if mentor_logic.getForFields(filter, unique=True):
return
# no roles found, access denied
raise out_of_band.AccessViolation(
message_fmt=access.DEF_NEED_ROLE_MSG)
