def test_get_user_from_id(app): with app.app_context(): user = get_user_from_id(1) assert (user) assert (user.email == TEST_EMAIL) assert (user_is_admin(user)) assert (user_is_admin(None) is False) assert (user_is_admin_or_coordinator(user)) assert (user_is_admin_or_coordinator(None) is False)
def is_admin(): """ Determines if the user is an admin given their assigned accRoles. :return: true if the user is an administrator, false otherwise """ result = user_is_admin(current_user) return dict(user_is_admin=result)
def respond_coordinator_privileges(request_id, decision): """ Handles a request for coordinator privileges. :return: """ if user_is_admin(current_user): coordinator_request = CoordinatorRequest.query.filter_by( id=request_id).one() if coordinator_request: coordinator_request.in_queue = False if decision == 'approve': coordinator_request.approved = True coordinator_role = Role.query.filter_by( name='coordinator').one() if coordinator_role: user = get_user_from_id(coordinator_request.user) if user: user.roles.append(coordinator_role) db.session.add(user) send_coordinator_approved_email(coordinator_request) else: return render_template( 'hepdata_records/error_page.html', recid=None, message= "Unable to find a user with id {0} in the system.". format(coordinator_request.user), errors={}) else: return render_template( 'hepdata_records/error_page.html', recid=None, message= "Unable to find the role coordinator in the system.", errors={}) db.session.add(coordinator_request) db.session.commit() return redirect(url_for('hep_dashboard.dashboard')) return render_template('hepdata_records/error_page.html', recid=None, message="No request found with that ID.", errors={}) abort(403)
def respond_coordinator_privileges(request_id, decision): """ Handles a request for coordinator privileges. :return: """ if user_is_admin(current_user): coordinator_request = CoordinatorRequest.query.filter_by( id=request_id).one() if coordinator_request: coordinator_request.in_queue = False if decision == 'approve': coordinator_request.approved = True coordinator_role = Role.query.filter_by(name='coordinator').one() if coordinator_role: user = get_user_from_id(coordinator_request.user) if user: user.roles.append(coordinator_role) db.session.add(user) else: return render_template('hepdata_records/error_page.html', recid=None, message="Unable to find a user with id {0} in the system.".format( coordinator_request.user), errors={}) else: return render_template('hepdata_records/error_page.html', recid=None, message="Unable to find the role coordinator in the system.", errors={}) db.session.add(coordinator_request) db.session.commit() send_coordinator_approved_email(coordinator_request) return redirect(url_for('hep_dashboard.dashboard')) return render_template('hepdata_records/error_page.html', recid=None, message="No request found with that ID.", errors={}) abort(403)
def user_allowed_to_perform_action(recid): """Determines if a user is allowed to perform an action on a record.""" if not current_user.is_authenticated: return False if user_is_admin(current_user): return True is_participant = SubmissionParticipant.query.filter_by( user_account=int(current_user.get_id()), publication_recid=recid, status='primary').count() > 0 if is_participant: return True is_coordinator = HEPSubmission.query.filter_by(publication_recid=recid, coordinator=int(current_user.get_id())).count() > 0 return is_coordinator
def user_allowed_to_perform_action(recid): """Determines if a user is allowed to perform an action on a record""" if not current_user.is_authenticated: return False if user_is_admin(current_user): return True is_participant = SubmissionParticipant.query.filter_by( user_account=int(current_user.get_id()), publication_recid=recid).count() > 0 if is_participant: return True is_coordinator = HEPSubmission.query.filter_by(publication_recid=recid, coordinator=int(current_user.get_id())).count() > 0 return is_coordinator