def documents(request):
s = None
if request.DATA['signature']:
s = Signature(signature=request.DATA['signature'],
user_id=request.DATA['user'])
s.save()
if 'template' not in request.DATA:
d = Document(company_id=request.DATA['company'],
user_id=request.DATA['user'],
name=request.DATA['document']['name'],
signature=s,
content=request.DATA['document']['content'],
upload_id=request.DATA['document']['upload']
)
else:
d = Document(company_id=request.DATA['company'],
user_id=request.DATA['user'],
name=request.DATA['document']['name'],
content=_generate_content(request.DATA['template'],
request.DATA['document']['fields']),
upload_id=request.DATA['document']['upload'],
signature=s
)
d.save()
serializer = DocumentSerializer(d)
return Response(serializer.data)
def post(self, request, pk, format=None):
company_id = pk
name = request.DATA['document_name']
template_id = request.DATA['template_id']
signature = None
content = ''
template = self._get_template(template_id)
upload = template.upload
if (not name or not upload):
return Response(status.HTTP_400_BAD_REQUEST)
result_data = []
employees = CompanyUser.objects.filter(company=company_id, company_user_type=USER_TYPE_EMPLOYEE)
for employee in employees:
d = Document(company_id=company_id,
user_id=employee.user.id,
name=name,
signature=signature,
content=content,
upload_id=upload.id)
d.save()
serializer = DocumentSerializer(d)
result_data.append(serializer.data)
return Response(result_data, status=status.HTTP_201_CREATED)
def document_store():
form = DocumentCreateForm(request.form)
if form.validate():
document = Document()
document.create(data=form.data)
return Success(message="操作成功!")
return Fail(message=form.first_error)
def generate_all_document(self, field_values):
all_templates = self.template_service.get_templates_by_company(self.company)
for template in all_templates:
content = template.content
upload = template.upload
if upload:
# Template with upload mode
content = ''
elif content:
# Template with content mode
content = self.template_service.populate_content_with_field_values(content, field_values)
else:
# We cannot find the proper template, skip
continue
doc_name = "{} for employee".format(template.name)
# Create a new document based on type
doc = Document(company_id=self.company.id,
user_id=self.user.id,
name=doc_name,
content=content,
upload=upload,
signature=None)
doc.save()
def __init__(self):
loader = Loader()
document = Document(loader, "post", ["title", "content"])
fields = {"index": ["title", "content"], "show": ["_id", "title"]}
searcher = Searcher(document, fields)
searcher.fit()
while True:
query = input("Enter your query: ")
searcher.search(query)
def test_team_dataroom_roles(db: Session, data: Data, oso: Oso):
# make sure that a user that does not have direct
# room roles can still manage room because of a team
# role
user_roles_in_room_1: List = oso_roles.get_user_roles(
db, data.member_team_1, Dataroom, data.room_1.id)
# user does not have direct access to the room
count_of_roles = len(user_roles_in_room_1)
assert count_of_roles == 0
# but still gets it via his team role (which is a members role)
assert oso.is_allowed(data.member_team_1, "READ", data.room_1) is True
assert oso.is_allowed(data.member_team_1, "LIST_DOCUMENTS",
data.room_1) is True
assert oso.is_allowed(data.member_team_1, "DELETE", data.room_1) is False
assert oso.is_allowed(data.member_team_1, "UPDATE", data.room_1) is False
assert oso.is_allowed(data.member_team_1, "INVITE_GUESTS",
data.room_1) is False
# does not have access to other rooms
assert oso.is_allowed(data.member_team_1, "READ", data.room_2) is False
assert oso.is_allowed(data.member_team_1, "LIST_DOCUMENTS",
data.room_2) is False
# is allowed to create his own documents in a room
new_document_team_member_1 = Document(
name="New Doc Team Member 1",
description="Test",
file_name="new_doc_team_member_1",
extension="txt",
md5_sum=UUID("87a6909ab71ec463f013325dbf9f3543"),
mime_type="text/plain",
size=50,
creator=data.member_team_1,
dataroom=data.room_1,
)
assert (oso.is_allowed(data.member_team_1, "CREATE",
new_document_team_member_1) is True)
def test_dataroom_roles(db: Session, data: Data, oso: Oso):
# Guest can access the documents for the room in which he is guest
assert oso.is_allowed(data.guest_read_user_room_1, "READ",
data.room_1) is True
assert (oso.is_allowed(data.guest_read_user_room_1, "LIST_DOCUMENTS",
data.room_1) is True)
assert (oso.is_allowed(data.guest_read_user_room_1, "READ",
data.document_room_1) is True)
# Guest cannot see other datarooms
assert (oso.is_allowed(data.guest_read_user_room_1, "LIST_ROOMS",
data.first_org) is False)
assert oso.is_allowed(data.guest_read_user_room_1, "READ",
data.room_2) is False
assert (oso.is_allowed(data.guest_read_user_room_1, "READ",
data.document_room_2) is False)
new_document_guest_1 = Document(
name="Test Document",
description="Test",
file_name="hallo",
extension="txt",
md5_sum=UUID("87a6909ab71ec463f013325dbf9f3541"),
mime_type="text/plain",
size=50,
creator=data.guest_read_user_room_1,
dataroom=data.room_1,
)
new_document_guest_2 = Document(
name="New Doc Guest 2",
description="Test",
file_name="new_doc_guest_2",
extension="txt",
md5_sum=UUID("87a6909ab71ec463f013325dbf9f3541"),
mime_type="text/plain",
size=50,
creator=data.guest_write_user_room_1,
dataroom=data.room_1,
)
# Only guest with write access can create a new document
assert (oso.is_allowed(data.guest_write_user_room_1, "CREATE",
new_document_guest_2) is True)
assert (oso.is_allowed(data.guest_read_user_room_1, "CREATE",
new_document_guest_1) is False)
# add the second new document to db so that we can test edits
db.add(new_document_guest_2)
db.commit()
db.refresh(new_document_guest_2)
assert (oso.is_allowed(data.guest_write_user_room_1, "UPDATE",
new_document_guest_2) is True)
assert (oso.is_allowed(data.guest_write_user_room_1, "DELETE",
new_document_guest_2) is True)
assert (oso.is_allowed(data.guest_write_user_room_1, "UPDATE",
data.document_room_1) is False)
assert (oso.is_allowed(data.guest_write_user_room_1, "DELETE",
data.document_room_1) is False)
assert (oso.is_allowed(data.admin_user_room_1, "UPDATE",
data.document_room_1) is True)
assert (oso.is_allowed(data.admin_user_room_1, "DELETE",
data.document_room_1) is True)
# Only OWNERS can delete a dataroom
assert oso.is_allowed(data.member_user_org_1, "DELETE",
data.room_1) is True
assert oso.is_allowed(data.guest_read_user_room_1, "DELETE",
data.room_1) is False
assert oso.is_allowed(data.guest_write_user_room_1, "DELETE",
data.room_1) is False
# Admin are allowed to invite_guests
assert oso.is_allowed(data.admin_user_room_1, "INVITE_GUESTS",
data.room_1) is True
assert oso.is_allowed(data.admin_user_room_1, "INVITE_GUESTS",
data.room_2) is False
new_document_member_1 = Document(
name="New Doc Member 1",
description="Test",
file_name="new_doc_member_1",
extension="txt",
md5_sum=UUID("87a6909ab71ec463f013325dbf9f3543"),
mime_type="text/plain",
size=50,
creator=data.member_user_room_1,
dataroom=data.room_1,
)
# Members can create documents and edit and delete their own
assert (oso.is_allowed(data.member_user_room_1, "CREATE",
new_document_member_1) is True)
db.add(new_document_member_1)
db.commit()
db.refresh(new_document_member_1)
assert (oso.is_allowed(data.member_user_room_1, "UPDATE",
new_document_member_1) is True)
assert (oso.is_allowed(data.member_user_room_1, "DELETE",
new_document_member_1) is True)
assert (oso.is_allowed(data.member_user_room_1, "UPDATE",
new_document_guest_2) is False)
assert (oso.is_allowed(data.member_user_room_1, "DELETE",
new_document_guest_2) is False)
