def bulk_children_gen_allowed(obj):
"""Check if user has permissions to synchronize issuetracker issue.
Args:
obj: Assessment instance for which issue should be generated/updated.
Returns:
True if it's allowed, False if not allowed.
"""
return all([
permissions.is_allowed_update_for(obj),
permissions.is_allowed_update_for(obj.audit)
])
def _get_objects(self, object_query):
"""Get a set of objects described in the filters."""
object_name = object_query["object_name"]
expression = object_query.get("filters", {}).get("expression")
if expression is None:
return set()
object_class = self.object_map[object_name]
query = object_class.query
filter_expression = self._build_expression(
expression,
object_class,
object_query.get('fields', []),
)
if filter_expression is not None:
query = query.filter(filter_expression)
if object_query.get("order_by"):
query = self._apply_order_by(
object_class,
query,
object_query["order_by"],
)
requested_permissions = object_query.get("permissions", "read")
if requested_permissions == "update":
objs = [o for o in query if permissions.is_allowed_update_for(o)]
else:
objs = [o for o in query if permissions.is_allowed_read_for(o)]
return objs
def parse_item(self):
"""Parse a list of slugs to be mapped.
Parse a new line separated list of slugs and check if they are valid
objects.
Returns:
list of objects. During dry_run, the list can contain a slug instead of
an actual object if that object will be generated in the current import.
"""
# pylint: disable=protected-access
class_ = self.mapping_object
lines = set(self.raw_value.splitlines())
slugs = set([slug.lower() for slug in lines if slug.strip()])
objects = []
for slug in slugs:
obj = class_.query.filter_by(slug=slug).first()
if obj:
is_allowed_by_type = self._is_allowed_mapping_by_type(
source_type=self.row_converter.obj.__class__.__name__,
destination_type=class_.__name__,
)
if not is_allowed_by_type:
self._add_mapping_warning(
source=self.row_converter.obj,
destination=obj,
)
continue
if not permissions.is_allowed_update_for(obj):
self.add_warning(
errors.MAPPING_PERMISSION_ERROR,
object_type=class_._inflector.human_singular.title(),
slug=slug,
)
continue
if isinstance(self.row_converter.obj, WithCustomRestrictions):
if self.row_converter.obj.is_mapping_restricted(obj):
self.add_warning(
errors.MAPPING_PERMISSION_ERROR,
object_type=class_._inflector.human_singular.title(
),
slug=slug,
)
continue
objects.append(obj)
elif slug in self.new_slugs and not self.dry_run:
objects.append(self.new_slugs[slug])
elif slug in self.new_slugs and self.dry_run:
objects.append(slug)
else:
self.add_warning(
errors.UNKNOWN_OBJECT,
object_type=class_._inflector.human_singular.title(),
slug=slug)
if self.mandatory and not objects and self.row_converter.is_new:
self.add_error(errors.MISSING_VALUE_ERROR,
column_name=self.display_name)
return objects
def parse_item(self):
"""Parse a list of slugs to be mapped.
Parse a new line separated list of slugs and check if they are valid
objects.
Returns:
list of objects. During dry_run, the list can contain a slug instead of
an actual object if that object will be generated in the current import.
"""
class_ = self.mapping_object
lines = set(self.raw_value.splitlines())
slugs = set([slug.lower() for slug in lines if slug.strip()])
objects = []
for slug in slugs:
obj = class_.query.filter_by(slug=slug).first()
if obj:
if permissions.is_allowed_update_for(obj):
objects.append(obj)
else:
self.add_warning(
errors.MAPPING_PERMISSION_ERROR,
object_type=class_._inflector.human_singular.title(),
slug=slug,
)
elif slug in self.new_slugs and self.dry_run:
objects.append(slug)
else:
self.add_warning(errors.UNKNOWN_OBJECT,
object_type=class_._inflector.human_singular.title(),
slug=slug)
if self.mandatory and not objects:
self.add_error(errors.MISSING_VALUE_ERROR, column_name=self.display_name)
return objects
def get_object_by_key(self, key="slug"):
""" Get object if the slug is in the system or return a new object """
value = self.get_value(key)
self.is_new = False
if value:
obj = self.find_by_key(key, value)
if not value or not obj:
# We assume that 'get_importables()' returned value contains
# names of the objects that cannot be created via import but
# can be updated.
if self.block_converter.class_name.lower() not in get_importables(
):
self.add_error(errors.CREATE_INSTANCE_ERROR)
obj = self.object_class()
self.is_new = True
elif not permissions.is_allowed_update_for(obj):
self.ignore = True
self.add_error(errors.PERMISSION_ERROR)
elif self._has_readonly_access(obj):
self._is_obj_readonly = True
self.initial_state = dump_attrs(obj)
return obj
def get_object_by_key(self, key="slug"):
""" Get object if the slug is in the system or return a new object """
value = self.get_value(key)
self.is_new = False
if value:
obj = self.find_by_key(key, value)
if not value or not obj:
# We assume that 'get_importables()' returned value contains
# names of the objects that cannot be created via import but
# can be updated.
if self.block_converter.class_name.lower() not in get_importables() and \
not self._check_object_is_external():
self.add_error(errors.CREATE_INSTANCE_ERROR)
obj = self.object_class()
self.is_new = True
elif not permissions.is_allowed_update_for(obj):
self.ignore = True
self.add_error(errors.PERMISSION_ERROR)
elif self._has_readonly_access(obj):
self._is_obj_readonly = True
self.initial_state = dump_attrs(obj)
return obj
def bulk_sync_allowed(obj):
"""Check if user has permissions to synchronize issuetracker issue.
Args:
obj: instance for which issue should be generated/updated.
Returns:
True if it's allowed, False if not allowed.
"""
return permissions.is_allowed_update_for(obj)
def get_object_by_key(self, key="slug"):
""" Get object if the slug is in the system or return a new object """
value = self.get_value(key)
self.is_new = False
obj = self.find_by_key(key, value)
if not obj:
obj = self.object_class()
self.is_new = True
elif not permissions.is_allowed_update_for(obj):
self.ignore = True
self.add_error(errors.PERMISSION_ERROR)
return obj
def parse_item(self):
"""Parse a list of slugs to be mapped.
Parse a new line separated list of slugs and check if they are valid
objects.
Returns:
list of objects. During dry_run, the list can contain a slug instead of
an actual object if that object will be generated in the current import.
"""
# pylint: disable=protected-access
class_ = self.mapping_object
lines = set(self.raw_value.splitlines())
slugs = set([slug.lower() for slug in lines if slug.strip()])
objects = []
for slug in slugs:
obj = class_.query.filter_by(slug=slug).first()
if obj:
is_allowed_by_type = self._is_allowed_mapping_by_type(
source_type=self.row_converter.obj.__class__.__name__,
destination_type=class_.__name__,
)
if not is_allowed_by_type:
self._add_mapping_warning(
source=self.row_converter.obj,
destination=obj,
)
continue
if not permissions.is_allowed_update_for(obj):
self.add_warning(
errors.MAPPING_PERMISSION_ERROR,
object_type=class_._inflector.human_singular.title(),
slug=slug,
)
continue
objects.append(obj)
elif slug in self.new_slugs and not self.dry_run:
objects.append(self.new_slugs[slug])
elif slug in self.new_slugs and self.dry_run:
objects.append(slug)
else:
self.add_warning(
errors.UNKNOWN_OBJECT,
object_type=class_._inflector.human_singular.title(),
slug=slug
)
if self.mandatory and not objects and self.row_converter.is_new:
self.add_error(errors.MISSING_VALUE_ERROR, column_name=self.display_name)
return objects
def parse_item(self):
"""Parse a list of slugs to be mapped.
Parse a new line separated list of slugs and check if they are valid
objects.
Returns:
list of objects. During dry_run, the list can contain a slug instead of
an actual object if that object will be generated in the current import.
"""
# pylint: disable=protected-access
from ggrc.snapshotter.rules import Types
# TODO add a proper warning here!
# This is just a hack to prevent wrong mappings to assessments or issues.
if self.mapping_object.__name__ in Types.scoped | Types.parents and \
not self.allow:
if self.raw_value:
self.add_warning(errors.EXPORT_ONLY_WARNING,
column_name=self.display_name)
return []
class_ = self.mapping_object
lines = set(self.raw_value.splitlines())
slugs = set([slug.lower() for slug in lines if slug.strip()])
objects = []
for slug in slugs:
obj = class_.query.filter_by(slug=slug).first()
if obj:
if permissions.is_allowed_update_for(obj):
objects.append(obj)
else:
self.add_warning(
errors.MAPPING_PERMISSION_ERROR,
object_type=class_._inflector.human_singular.title(),
slug=slug,
)
elif slug in self.new_slugs and not self.dry_run:
objects.append(self.new_slugs[slug])
elif slug in self.new_slugs and self.dry_run:
objects.append(slug)
else:
self.add_warning(
errors.UNKNOWN_OBJECT,
object_type=class_._inflector.human_singular.title(),
slug=slug)
if self.mandatory and not objects and self.row_converter.is_new:
self.add_error(errors.MISSING_VALUE_ERROR,
column_name=self.display_name)
return objects
def _ensure_has_permissions(obj):
"""Ensure user has permissions, otherwise raise error"""
model_name = obj.__class__.__name__
if permissions.is_allowed_update(model_name, obj.id, obj.context_id):
return
if permissions.has_conditions('update', model_name):
return
if permissions.is_allowed_update_for(obj):
return
raise exceptions.Forbidden()
def _ensure_has_permissions(obj):
"""Ensure user has permissions, otherwise raise error"""
model_name = obj.__class__.__name__
if permissions.is_allowed_update(model_name, obj.id, obj.context_id):
return
if permissions.has_conditions('update', model_name):
return
if permissions.is_allowed_update_for(obj):
return
raise exceptions.Forbidden()
def parse_item(self):
"""Parse a list of slugs to be mapped.
Parse a new line separated list of slugs and check if they are valid
objects.
Returns:
list of objects. During dry_run, the list can contain a slug instead of
an actual object if that object will be generated in the current import.
"""
# pylint: disable=protected-access
from ggrc.snapshotter.rules import Types
# TODO add a proper warning here!
# This is just a hack to prevent wrong mappings to assessments or issues.
if self.mapping_object.__name__ in Types.scoped | Types.parents and \
not self.allow:
if self.raw_value:
self.add_warning(errors.EXPORT_ONLY_WARNING,
column_name=self.display_name)
return []
class_ = self.mapping_object
lines = set(self.raw_value.splitlines())
slugs = set([slug.lower() for slug in lines if slug.strip()])
objects = []
for slug in slugs:
obj = class_.query.filter_by(slug=slug).first()
if obj:
if permissions.is_allowed_update_for(obj):
objects.append(obj)
else:
self.add_warning(
errors.MAPPING_PERMISSION_ERROR,
object_type=class_._inflector.human_singular.title(),
slug=slug,
)
elif slug in self.new_slugs and not self.dry_run:
objects.append(self.new_slugs[slug])
elif slug in self.new_slugs and self.dry_run:
objects.append(slug)
else:
self.add_warning(errors.UNKNOWN_OBJECT,
object_type=class_._inflector.human_singular.title(),
slug=slug)
if self.mandatory and not objects and self.row_converter.is_new:
self.add_error(errors.MISSING_VALUE_ERROR, column_name=self.display_name)
return objects
def parse_item(self):
""" Remove multiple spaces and new lines from text """
class_ = self.mapping_object
lines = set(self.raw_value.splitlines())
slugs = set([slug.lower() for slug in lines if slug.strip()])
objects = []
for slug in slugs:
obj = class_.query.filter_by(slug=slug).first()
if obj:
if permissions.is_allowed_update_for(obj):
objects.append(obj)
else:
self.add_warning(
errors.MAPPING_PERMISSION_ERROR,
object_type=class_._inflector.human_singular.title(),
slug=slug,
)
elif not (slug in self.new_slugs and self.dry_run):
self.add_warning(errors.UNKNOWN_OBJECT,
object_type=class_._inflector.human_singular.title(),
slug=slug)
return objects
