def orgs_team_members(request, org, team_id, template="orgs/orgs_team_members.html"):
#organization and teams
organization = Organization.get_by_name(org)
teams = Team.get_by_org(org)
current_domains = Domain.get_by_organization(org)
#check that the team exists
team = Team.get(team_id)
if team is None:
raise Http404("Group %s does not exist" % team_id)
#inspect the members of the team
member_ids = team.get_member_ids()
members = WebUser.view("_all_docs", keys=member_ids, include_docs=True).all()
members.sort(key=lambda user: user.username)
#inspect the domains of the team
domain_names = team.get_domains()
domains = list()
for name in domain_names:
domains.append([Domain.get_by_name(name), team.role_label(domain=name)])
all_org_domains = Domain.get_by_organization(org)
non_domains = [domain for domain in all_org_domains if domain.name not in domain_names]
all_org_member_ids = organization.members
all_org_members = WebUser.view("_all_docs", keys=all_org_member_ids, include_docs=True).all()
non_members = [member for member in all_org_members if member.user_id not in member_ids]
vals = dict(org=organization, team=team, teams=teams, members=members, nonmembers=non_members, domains=current_domains, team_domains=domains, team_nondomains=non_domains)
return render_to_response(request, template, vals)
def orgs_add_team(request, org):
if request.method == "POST":
form = AddTeamForm(org, request.POST)
if form.is_valid():
team_name = form.cleaned_data['team']
team = Team(name=team_name, organization=org)
team.save()
messages.success(request, "Team Added!")
else:
messages.error(request, "Unable to add team")
return orgs_landing(request, org, add_team_form=form)
return HttpResponseRedirect(reverse('orgs_landing', args=[org]))
def orgs_team_members(request, org, team_id, template="orgs/orgs_team_members.html"):
class TeamMembersNotification(Notification):
doc_type = 'OrgTeamMembersNotification'
def template(self):
return 'orgs/partials/team_members_notification.html'
MainNotification.display_if_needed(messages, request, ctxt={"org": request.organization})
TeamMembersNotification.display_if_needed(messages, request)
ctxt = base_context(request, request.organization)
ctxt["tab"] = "teams"
try:
team = Team.get(team_id)
except ResourceNotFound:
raise Http404("Team %s does not exist" % team_id)
team_members = team.get_members()
team_members.sort(key=lambda user: user.username)
#inspect the domains of the team
domain_names = team.get_domains()
team_domains = list()
for name in domain_names:
team_domains.append([Domain.get_by_name(name), team.role_label(domain=name), UserRole.by_domain(name)])
nonmembers = filter(lambda m: m.username not in [tm.username for tm in team_members], ctxt["members"])
nondomains = filter(lambda d: d.name not in [td[0].name for td in team_domains], ctxt["domains"])
ctxt.update(dict(team=team, team_members=team_members, nonmembers=nonmembers,
team_domains=team_domains, nondomains=nondomains))
return render(request, template, ctxt)
def org_settings(request, domain):
domain = Domain.get_by_name(domain)
org_users = []
teams = Team.get_by_domain(domain.name)
for team in teams:
for user in team.get_members():
user.team_id = team.get_id
user.team = team.name
org_users.append(user)
for user in org_users:
user.current_domain = domain.name
all_orgs = Organization.get_all()
return render(
request, 'domain/orgs_settings.html', {
"project":
domain,
'domain':
domain.name,
"organization":
Organization.get_by_name(getattr(domain, "organization", None)),
"org_users":
org_users,
"all_orgs":
all_orgs,
})
def remove_all_from_team(request, org, team_id):
team = Team.get(team_id)
members = team.get_members()
for member in members:
member.remove_from_team(org, team_id)
member.save()
return HttpResponseRedirect(reverse(request.POST.get('redirect_url', 'orgs_team_members'), args=(org, team_id)))
def remove_domain_from_team(request, org, team_id, domain):
team = Team.get(team_id)
if team:
team.delete_domain_membership(domain)
team.save()
if 'redirect_url' in request.POST:
return HttpResponseRedirect(reverse(request.POST['redirect_url'], args=(org, team_id)))
def orgs_add_team(request, org):
team_name = request.POST.get("team", None)
if not team_name:
messages.error(request, 'You must specify a team name')
return HttpResponseRedirect(reverse('orgs_teams', args=[org]))
org_teams = Team.get_by_org(org)
for t in org_teams:
if t.name == team_name:
messages.error(request, 'A team with that name already exists.')
return HttpResponseRedirect(reverse('orgs_teams', args=[org]))
team = Team(name=team_name, organization=org)
team.save()
messages.success(request, "Team Added!")
return HttpResponseRedirect(reverse('orgs_teams', args=[org]))
def orgs_add_team(request, org):
team_name = request.POST.get("team", None)
if not team_name:
messages.error(request, 'You must specify a team name')
return HttpResponseRedirect(reverse('orgs_teams', args=[org]))
org_teams = Team.get_by_org(org)
for t in org_teams:
if t.name == team_name:
messages.error(request, 'A team with that name already exists.')
return HttpResponseRedirect(reverse('orgs_teams', args=[org]))
team = Team(name=team_name, organization=org)
team.save()
messages.success(request, "Team Added!")
return HttpResponseRedirect(reverse('orgs_teams', args=[org]))
def base_context(request, organization, update_form=None):
return {
"org":
organization,
"teams":
Team.get_by_org(organization.name),
"domains":
sorted(Domain.get_by_organization(organization.name),
key=lambda x: x.name),
"members":
organization.get_members(),
"admin":
request.couch_user.is_org_admin(organization.name)
or request.couch_user.is_superuser,
"update_form_empty":
not update_form,
"update_form":
update_form or UpdateOrgInfo(
initial={
'org_title': organization.title,
'email': organization.email,
'url': organization.url,
'location': organization.location
})
}
def remove_all_from_team(request, org, team_id):
team = Team.get(team_id)
members = team.get_members()
for member in members:
member.remove_from_team(org, team_id)
member.save()
return HttpResponseRedirect(reverse(request.POST.get('redirect_url', 'orgs_team_members'), args=(org, team_id)))
def orgs_team_members(request, org, team_id, template="orgs/orgs_team_members.html"):
class TeamMembersNotification(Notification):
doc_type = 'OrgTeamMembersNotification'
def template(self):
return 'orgs/partials/team_members_notification.html'
MainNotification.display_if_needed(messages, request, ctxt={"org": request.organization})
TeamMembersNotification.display_if_needed(messages, request)
ctxt = base_context(request, request.organization)
ctxt["tab"] = "teams"
try:
team = Team.get(team_id)
except ResourceNotFound:
raise Http404("Team %s does not exist" % team_id)
team_members = team.get_members()
team_members.sort(key=lambda user: user.username)
#inspect the domains of the team
domain_names = team.get_domains()
team_domains = list()
for name in domain_names:
team_domains.append([Domain.get_by_name(name), team.role_label(domain=name), UserRole.by_domain(name)])
nonmembers = filter(lambda m: m.username not in [tm.username for tm in team_members], ctxt["members"])
nondomains = filter(lambda d: d.name not in [td[0].name for td in team_domains], ctxt["domains"])
ctxt.update(dict(team=team, team_members=team_members, nonmembers=nonmembers,
team_domains=team_domains, nondomains=nondomains))
return render(request, template, ctxt)
def get_role(self, domain=None):
"""
Get the role object for this user
"""
from corehq.apps.orgs.models import Team
if domain is None:
# default to current_domain for django templates
domain = self.current_domain
if self.is_global_admin():
return AdminUserRole(domain=domain)
dm_list = list()
dm = self.get_domain_membership(domain)
if dm:
dm_list.append([dm, ''])
for team_name, team_id in self.teams:
team = Team.get(team_id)
if team.get_domain_membership(domain) and team.get_domain_membership(domain).role:
dm_list.append([team.get_domain_membership(domain), ' (' + team_name + ')'])
#now find out which dm has the highest permissions
if dm_list:
return self.total_domain_membership(dm_list, domain)
else:
raise DomainMembershipError()
def clean_team(self):
data = self.cleaned_data["team"].strip()
org_teams = Team.get_by_org(self.org_name)
for t in org_teams:
if t.name == data:
raise forms.ValidationError("A team with that name already exists.")
return data
def has_permission(self, domain, permission, data=None):
# is_admin is the same as having all the permissions set
from corehq.apps.orgs.models import Team
if self.is_global_admin():
return True
elif self.is_domain_admin(domain):
return True
dm_list = list()
dm = self.get_domain_membership(domain)
if dm:
dm_list.append([dm, ''])
for team_name, team_id in self.teams:
team = Team.get(team_id)
if team.get_domain_membership(domain) and team.get_domain_membership(domain).role:
dm_list.append([team.get_domain_membership(domain), '(' + team_name + ')'])
#now find out which dm has the highest permissions
if dm_list:
role = self.total_domain_membership(dm_list, domain)
dm = CustomDomainMembership(domain=domain, custom_role=role)
return dm.has_permission(permission, data)
else:
return False
def orgs_team_members(request, org, team_id, template="orgs/orgs_team_members.html"):
organization = Organization.get_by_name(org)
ctxt = base_context(request, organization)
ctxt["tab"] = "teams"
try:
team = Team.get(team_id)
except ResourceNotFound:
raise Http404("Team %s does not exist" % team_id)
team_members = team.get_members()
team_members.sort(key=lambda user: user.username)
# inspect the domains of the team
domain_names = team.get_domains()
team_domains = list()
for name in domain_names:
team_domains.append([Domain.get_by_name(name), team.role_label(domain=name), UserRole.by_domain(name)])
nonmembers = [
m.username for m in filter(lambda m: m.username not in [tm.username for tm in team_members], ctxt["members"])
]
nondomains = [d.name for d in filter(lambda d: d.name not in [td[0].name for td in team_domains], ctxt["domains"])]
ctxt.update(
dict(
team=team,
team_members=team_members,
nonmembers=nonmembers,
team_domains=team_domains,
nondomains=nondomains,
)
)
return render(request, template, ctxt)
def remove_all_from_team(request, org, team_id):
team = Team.get(team_id)
if team:
member_ids = team.member_ids
for member in member_ids:
team.remove_member(member)
if 'redirect_url' in request.POST:
return HttpResponseRedirect(reverse(request.POST['redirect_url'], args=(org, team_id)))
def clean_team(self):
data = self.cleaned_data['team'].strip()
org_teams = Team.get_by_org(self.org_name)
for t in org_teams:
if t.name == data:
raise forms.ValidationError(
'A team with that name already exists.')
return data
def apply_teams_to_users(self, web_users):
teams = Team.get_by_domain(self.domain)
for team in teams:
for user in team.get_members():
if user.get_id not in [web_user.get_id for web_user in web_users]:
user.from_team = True
web_users.append(user)
for user in web_users:
user.current_domain = self.domain
def add_all_to_team(request, org, team_id):
team = Team.get(team_id)
if team:
organization = Organization.get_by_name(org)
members = organization.members
for member in members:
team.add_member(member)
if 'redirect_url' in request.POST:
return HttpResponseRedirect(reverse(request.POST['redirect_url'], args=(org, team_id)))
def delete_team(request, org, team_id):
team = Team.get(team_id)
if team.organization == org:
record = team.soft_delete()
messages.success(request, 'You have deleted a team. <a href="{url}" class="post-link">Undo</a>'.format(
url=reverse('undo_delete_team', args=[org, record.get_id])
), extra_tags="html")
return HttpResponseRedirect(reverse("orgs_teams", args=(org, )))
else:
return HttpResponseForbidden()
def base_context(request, organization, update_form=None):
return {
"org": organization,
"teams": Team.get_by_org(organization.name),
"domains": sorted(Domain.get_by_organization(organization.name), key=lambda x: x.name),
"members": organization.get_members(),
"admin": request.couch_user.is_org_admin(organization.name) or request.couch_user.is_superuser,
"update_form_empty": not update_form,
"update_form": update_form or UpdateOrgInfo(initial={'org_title': organization.title, 'email': organization.email,
'url': organization.url, 'location': organization.location})
}
def remove_domain_from_team(request, org, team_id):
domain = request.POST.get("project_name", None)
if not domain:
messages.error(request, "You must specify a project name")
else:
team = Team.get(team_id)
team.delete_domain_membership(domain)
team.save()
messages.success(request, render_to_string('orgs/partials/undo_remove_domain_from_team.html',
{"team_id": team_id, "org": org, "dom": domain}), extra_tags="html")
return HttpResponseRedirect(reverse(request.POST.get('redirect_url', 'orgs_team_members'), args=(org, team_id)))
def get_domains(self):
from corehq.apps.orgs.models import Team
domains = [dm.domain for dm in self.domain_memberships]
if self.teams:
for team_name, team_id in self.teams:
team = Team.get(team_id)
team_domains = [dm.domain for dm in team.domain_memberships]
for domain in team_domains:
if domain not in domains:
domains.append(domain)
return domains
def add_domain_to_team(request, org, team_id):
domain = request.POST.get("project_name", None)
if not domain:
messages.error(request, "You must specify a project name")
elif domain not in [d.name for d in Domain.get_by_organization(org)]:
messages.error(request, "You cannot add a domain that isn't managed by this organization")
else:
team = Team.get(team_id)
team.add_domain_membership(domain)
team.save()
return HttpResponseRedirect(reverse(request.POST.get("redirect_url", "orgs_team_members"), args=(org, team_id)))
def apply_teams_to_users(self, web_users):
teams = Team.get_by_domain(self.domain)
for team in teams:
for user in team.get_members():
if user.get_id not in [
web_user.get_id for web_user in web_users
]:
user.from_team = True
web_users.append(user)
for user in web_users:
user.current_domain = self.domain
def web_users(self):
web_users = WebUser.by_domain(self.domain)
teams = Team.get_by_domain(self.domain)
for team in teams:
for user in team.get_members():
if user.get_id not in [web_user.get_id for web_user in web_users]:
user.from_team = True
web_users.append(user)
for user in web_users:
user.current_domain = self.domain
return web_users
def remove_domain_from_team(request, org, team_id):
domain = request.POST.get("project_name", None)
if not domain:
messages.error(request, "You must specify a project name")
else:
team = Team.get(team_id)
team.delete_domain_membership(domain)
team.save()
messages.success(request, render_to_string('orgs/partials/undo_remove_domain_from_team.html',
{"team_id": team_id, "org": org, "dom": domain}), extra_tags="html")
return HttpResponseRedirect(reverse(request.POST.get('redirect_url', 'orgs_team_members'), args=(org, team_id)))
def set_team_permission_for_domain(request, org, team_id):
domain = request.POST.get('domain', None)
role_label = request.POST.get('role_label', None)
if domain and role_label:
team = Team.get(team_id)
team.set_role(domain, role_label)
team.save()
dm = team.get_domain_membership(domain)
return json_response(UserRole.get(dm.role_id).name if not dm.is_admin else 'Admin')
return HttpResponseRedirect(reverse('orgs_team_members', args=(org, team_id)))
def set_team_permission_for_domain(request, org, team_id):
domain = request.POST.get('domain', None)
role_label = request.POST.get('role_label', None)
if domain and role_label:
team = Team.get(team_id)
team.set_role(domain, role_label)
team.save()
dm = team.get_domain_membership(domain)
return json_response(UserRole.get(dm.role_id).name if not dm.is_admin else 'Admin')
return HttpResponseRedirect(reverse('orgs_team_members', args=(org, team_id)))
def web_users(self):
web_users = WebUser.by_domain(self.domain)
teams = Team.get_by_domain(self.domain)
for team in teams:
for user in team.get_members():
if user.get_id not in [web_user.get_id for web_user in web_users]:
user.from_team = True
web_users.append(user)
for user in web_users:
user.current_domain = self.domain
web_users.sort(key=lambda x: (x.role_label(), x.email))
return web_users
def web_users(self):
web_users = WebUser.by_domain(self.domain)
teams = Team.get_by_domain(self.domain)
for team in teams:
for user in team.get_members():
if user.get_id not in [web_user.get_id for web_user in web_users]:
user.from_team = True
web_users.append(user)
for user in web_users:
user.current_domain = self.domain
web_users.sort(key=lambda x: (x.role_label(), x.email))
return web_users
def orgs_update_team(request, org):
team_id = request.POST.get('team_id', "")
new_team_name = request.POST.get('team_name', "")
if team_id and new_team_name:
team = Team.get(team_id)
old_team_name = team.name
team.name = new_team_name
team.save()
messages.success(request, "Team %s has been renamed to %s" % (old_team_name, team.name))
else:
messages.error(request, "Could not edit team information -- missing new team name")
return HttpResponseRedirect(reverse('orgs_team_members', args=(org, team_id)))
def web_users(self):
web_users = WebUser.by_domain(self.domain)
teams = Team.get_by_domain(self.domain)
for team in teams:
for user in team.get_members():
if user.get_id not in [
web_user.get_id for web_user in web_users
]:
user.from_team = True
web_users.append(user)
for user in web_users:
user.current_domain = self.domain
return web_users
def add_domain_to_team(request, org, team_id):
domain = request.POST.get("project_name", None)
if not domain:
messages.error(request, "You must specify a project name")
elif domain not in [d.name for d in Domain.get_by_organization(org)]:
messages.error(request, "You cannot add a domain that isn't managed by this organization")
else:
team = Team.get(team_id)
team.add_domain_membership(domain)
read_only_role = UserRole.by_domain_and_name(domain, 'Read Only').one()
team.set_role(domain, 'user-role:%s' % read_only_role.get_id)
team.save()
return HttpResponseRedirect(reverse(request.POST.get('redirect_url', 'orgs_team_members'), args=(org, team_id)))
def orgs_update_team(request, org):
team_id = request.POST.get('team_id', "")
new_team_name = request.POST.get('team_name', "")
if team_id and new_team_name:
team = Team.get(team_id)
old_team_name = team.name
team.name = new_team_name
team.save()
messages.success(request, "Team %s has been renamed to %s" % (old_team_name, team.name))
else:
messages.error(request, "Could not edit team information -- missing new team name")
return HttpResponseRedirect(reverse('orgs_team_members', args=(org, team_id)))
def add_domain_to_team(request, org, team_id):
domain = request.POST.get("project_name", None)
if not domain:
messages.error(request, "You must specify a project name")
elif domain not in [d.name for d in Domain.get_by_organization(org)]:
messages.error(request, "You cannot add a domain that isn't managed by this organization")
else:
team = Team.get(team_id)
team.add_domain_membership(domain)
read_only_role = UserRole.by_domain_and_name(domain, 'Read Only').one()
team.set_role(domain, 'user-role:%s' % read_only_role.get_id)
team.save()
return HttpResponseRedirect(reverse(request.POST.get('redirect_url', 'orgs_team_members'), args=(org, team_id)))
def add_team(request, org):
team_name = request.POST['team_name']
team = Team.get_by_org_and_name(org, team_name)
if not team:
team = Team(name=team_name, organization=org)
team.is_global_admin()
team.save()
return HttpResponseRedirect(reverse("orgs_team_members", args=(org, team.get_id)))
def _users_context(request, domain):
couch_user = request.couch_user
web_users = WebUser.by_domain(domain)
teams = Team.get_by_domain(domain)
for team in teams:
for user in team.get_members():
if user.get_id not in [web_user.get_id for web_user in web_users]:
user.from_team = True
web_users.append(user)
for user in [couch_user] + list(web_users):
user.current_domain = domain
return {"web_users": web_users, "domain": domain, "couch_user": couch_user}
def orgs_remove_project(request, org):
domain = request.POST.get("project_name", None)
if not domain:
messages.error(request, "You must specify a project name")
else:
domain = Domain.get_by_name(domain)
domain.organization = None
domain.save()
for team in Team.get_by_org(org):
team.delete_domain_membership(domain.name)
team.save()
messages.success(request, render_to_string('orgs/partials/undo_remove_project.html',
{"org": org, "dom": domain}), extra_tags="html")
return HttpResponseRedirect(reverse(request.POST.get('redirect_url', 'orgs_landing'), args=(org,)))
def delete_team(request, org):
team_id = request.POST.get("team_id", None)
if team_id:
team = Team.get(team_id)
# team_name = team.name
if team.organization == org:
record = team.soft_delete()
messages.success(request, 'You have deleted team <strong>{team_name}</strong>. <a href="{url}" class="post-link">Undo</a>'.format(
team_name=team.name, url=reverse('undo_delete_team', args=[org, record.get_id])
), extra_tags="html")
else:
messages.error(request, "This team doesn't exist")
else:
messages.error(request, "You must specify a team to delete")
return HttpResponseRedirect(reverse("orgs_teams", args=(org, )))
def delete_team(request, org):
team_id = request.POST.get("team_id", None)
if team_id:
team = Team.get(team_id)
# team_name = team.name
if team.organization == org:
record = team.soft_delete()
messages.success(request, 'You have deleted team <strong>{team_name}</strong>. <a href="{url}" class="post-link">Undo</a>'.format(
team_name=team.name, url=reverse('undo_delete_team', args=[org, record.get_id])
), extra_tags="html")
else:
messages.error(request, "This team doesn't exist")
else:
messages.error(request, "You must specify a team to delete")
return HttpResponseRedirect(reverse("orgs_teams", args=(org, )))
def base_context(request, organization, update_form=None):
return {
"org": organization,
"teams": Team.get_by_org(organization.name),
"domains": Domain.get_by_organization(organization.name).all(),
"members": organization.get_members(),
"admin": request.couch_user.is_org_admin(organization.name) or request.couch_user.is_superuser,
"update_form_empty": not update_form,
"update_form": update_form
or UpdateOrgInfo(
initial={
"org_title": organization.title,
"email": organization.email,
"url": organization.url,
"location": organization.location,
}
),
}
def _users_context(request, domain):
couch_user = request.couch_user
web_users = WebUser.by_domain(domain)
teams = Team.get_by_domain(domain)
for team in teams:
for user in team.get_members():
if user.get_id not in [web_user.get_id for web_user in web_users]:
user.from_team = True
web_users.append(user)
for user in [couch_user] + list(web_users):
user.current_domain = domain
return {
'web_users': web_users,
'domain': domain,
'couch_user': couch_user,
}
def _users_context(request, domain):
couch_user = request.couch_user
web_users = WebUser.by_domain(domain)
teams = Team.get_by_domain(domain)
for team in teams:
for member_id in team.member_ids:
team_user = WebUser.get(member_id)
if team_user.get_id not in [web_user.get_id for web_user in web_users]:
web_users.append(team_user)
for user in [couch_user] + list(web_users):
user.current_domain = domain
return {
'web_users': web_users,
'domain': domain,
'couch_user': couch_user,
}
def org_settings(request, domain):
domain = Domain.get_by_name(domain)
org_users = []
teams = Team.get_by_domain(domain.name)
for team in teams:
for user in team.get_members():
user.team_id = team.get_id
user.team = team.name
org_users.append(user)
for user in org_users:
user.current_domain = domain.name
return render(request, 'domain/orgs_settings.html', {
"project": domain, 'domain': domain.name,
"organization": Organization.get_by_name(getattr(domain, "organization", None)),
"org_users": org_users
})
def orgs_remove_project(request, org):
domain = request.POST.get("project_name", None)
if not domain:
messages.error(request, "You must specify a project name")
else:
domain = Domain.get_by_name(domain)
domain.organization = None
domain.save()
for team in Team.get_by_org(org):
team.delete_domain_membership(domain.name)
team.save()
messages.success(request,
render_to_string(
'orgs/partials/undo_remove_project.html', {
"org": org,
"dom": domain
}),
extra_tags="html")
return HttpResponseRedirect(
reverse(request.POST.get('redirect_url', 'orgs_landing'),
args=(org, )))
def orgs_team_members(request,
org,
team_id,
template="orgs/orgs_team_members.html"):
ctxt = base_context(request, request.organization)
ctxt["tab"] = "teams"
try:
team = Team.get(team_id)
except ResourceNotFound:
raise Http404("Team %s does not exist" % team_id)
team_members = team.get_members()
team_members.sort(key=lambda user: user.username)
#inspect the domains of the team
domain_names = team.get_domains()
team_domains = list()
for name in domain_names:
team_domains.append([
Domain.get_by_name(name),
team.role_label(domain=name),
UserRole.by_domain(name)
])
nonmembers = filter(
lambda m: m.username not in [tm.username for tm in team_members],
ctxt["members"])
nondomains = filter(
lambda d: d.name not in [td[0].name for td in team_domains],
ctxt["domains"])
ctxt.update(
dict(team=team,
team_members=team_members,
nonmembers=nonmembers,
team_domains=team_domains,
nondomains=nondomains))
return render(request, template, ctxt)