def test_get_user_from_id(app):
with app.app_context():
user = get_user_from_id(1)
assert (user)
assert (user.email == TEST_EMAIL)
assert (user_is_admin(user))
assert (user_is_admin(None) is False)
assert (user_is_admin_or_coordinator(user))
assert (user_is_admin_or_coordinator(None) is False)
def is_admin():
"""
Determines if the user is an admin given their
assigned accRoles.
:return: true if the user is an administrator,
false otherwise
"""
result = user_is_admin(current_user)
return dict(user_is_admin=result)
def is_admin():
"""
Determines if the user is an admin given their
assigned accRoles.
:return: true if the user is an administrator,
false otherwise
"""
result = user_is_admin(current_user)
return dict(user_is_admin=result)
def respond_coordinator_privileges(request_id, decision):
"""
Handles a request for coordinator privileges.
:return:
"""
if user_is_admin(current_user):
coordinator_request = CoordinatorRequest.query.filter_by(
id=request_id).one()
if coordinator_request:
coordinator_request.in_queue = False
if decision == 'approve':
coordinator_request.approved = True
coordinator_role = Role.query.filter_by(
name='coordinator').one()
if coordinator_role:
user = get_user_from_id(coordinator_request.user)
if user:
user.roles.append(coordinator_role)
db.session.add(user)
send_coordinator_approved_email(coordinator_request)
else:
return render_template(
'hepdata_records/error_page.html',
recid=None,
message=
"Unable to find a user with id {0} in the system.".
format(coordinator_request.user),
errors={})
else:
return render_template(
'hepdata_records/error_page.html',
recid=None,
message=
"Unable to find the role coordinator in the system.",
errors={})
db.session.add(coordinator_request)
db.session.commit()
return redirect(url_for('hep_dashboard.dashboard'))
return render_template('hepdata_records/error_page.html',
recid=None,
message="No request found with that ID.",
errors={})
abort(403)
def respond_coordinator_privileges(request_id, decision):
"""
Handles a request for coordinator privileges.
:return:
"""
if user_is_admin(current_user):
coordinator_request = CoordinatorRequest.query.filter_by(
id=request_id).one()
if coordinator_request:
coordinator_request.in_queue = False
if decision == 'approve':
coordinator_request.approved = True
coordinator_role = Role.query.filter_by(name='coordinator').one()
if coordinator_role:
user = get_user_from_id(coordinator_request.user)
if user:
user.roles.append(coordinator_role)
db.session.add(user)
else:
return render_template('hepdata_records/error_page.html',
recid=None,
message="Unable to find a user with id {0} in the system.".format(
coordinator_request.user),
errors={})
else:
return render_template('hepdata_records/error_page.html', recid=None,
message="Unable to find the role coordinator in the system.",
errors={})
db.session.add(coordinator_request)
db.session.commit()
send_coordinator_approved_email(coordinator_request)
return redirect(url_for('hep_dashboard.dashboard'))
return render_template('hepdata_records/error_page.html', recid=None,
message="No request found with that ID.",
errors={})
abort(403)
def user_allowed_to_perform_action(recid):
"""Determines if a user is allowed to perform an action on a record."""
if not current_user.is_authenticated:
return False
if user_is_admin(current_user):
return True
is_participant = SubmissionParticipant.query.filter_by(
user_account=int(current_user.get_id()), publication_recid=recid, status='primary').count() > 0
if is_participant:
return True
is_coordinator = HEPSubmission.query.filter_by(publication_recid=recid,
coordinator=int(current_user.get_id())).count() > 0
return is_coordinator
def user_allowed_to_perform_action(recid):
"""Determines if a user is allowed to perform an action on a record"""
if not current_user.is_authenticated:
return False
if user_is_admin(current_user):
return True
is_participant = SubmissionParticipant.query.filter_by(
user_account=int(current_user.get_id()), publication_recid=recid).count() > 0
if is_participant:
return True
is_coordinator = HEPSubmission.query.filter_by(publication_recid=recid,
coordinator=int(current_user.get_id())).count() > 0
return is_coordinator
