def base_context(request): """ Provide context variables for use across all views. """ if not hasattr(request, 'user'): return {} return { 'is_project_admin': is_project_admin(request.user) }
def validate(self, data): """ Handle a request received from slack. First we validate the request and then pass the message to the appropriate handler. """ slack_user_id = data.get('user_id') username = data.get('user_name') worker = get_object_or_None(Worker, slack_user_id=slack_user_id) if worker is None: raise SlackUserUnauthorized( 'Worker {} not found. slack_user_id: {}'.format( username, slack_user_id)) elif not is_project_admin(worker.user): raise SlackUserUnauthorized(self.not_authorized_error) data = super().validate(data) return data
def project_information_api(request): """ This function is used by both the project management interface (project admins only) and for providing project information to experts (only to experts associated with a project). We enforce both of these permissions in the view below. """ project_id = load_encoded_json(request.body)['project_id'] worker = get_object_or_404(Worker, user=request.user) if not (is_project_admin(request.user) or worker.assignments.filter(task__project=project_id).exists()): raise PermissionDenied try: return project_management.project_management_information(project_id) except Project.DoesNotExist: raise BadRequest('Project not found for the given id.')
def validate(self, data): """ Handle a request received from slack. First we validate the request and then pass the message to the appropriate handler. """ slack_user_id = data.get('user_id') username = data.get('user_name') workers = Worker.objects.filter(slack_user_id=slack_user_id) worker = workers.first() if workers.count() > 1: raise SlackUserUnauthorized( self.nonunique_slack_id.format(slack_user_id)) elif worker is None: raise SlackUserUnauthorized( 'Worker {} not found. slack_user_id: {}'.format( username, slack_user_id)) elif not is_project_admin(worker.user): raise SlackUserUnauthorized(self.not_authorized_error) data = super().validate(data) return data
def has_permission(self, request, view): return is_project_admin(request.user)
def is_project_admin(self): from orchestra.interface_api.project_management.decorators import ( is_project_admin) return is_project_admin(self.user)