def wrapper(*args, **kwargs): if not is_user_sources_admin(current_user): return iroko_json_response(IrokoResponseStatus.ERROR, 'Need to be source administrator.', None, None) else: return fn(*args, **kwargs)
def get_users_term(uuid): """ get the lists of user with permission of term manager :param uuid: term uuid :return: """ try: term = Term.query.filter_by(uuid=uuid).first() if not term: raise Exception('Term not found') if is_user_sources_admin(current_user) or \ user_is_term_manager(term.uuid, current_user): ids = get_user_ids_for_source_from_action( 'source_term_manager_actions', uuid) users = User.query.filter(User.id.in_(ids)).all() return iroko_json_response( IrokoResponseStatus.SUCCESS, 'ok', 'permission', { 'action': 'manager', 'term': uuid, 'users': user_schema_many.dump(users) }) except Exception as e: return iroko_json_response(IrokoResponseStatus.ERROR, str(e), None, None)
def get_users_organization(uuid): """ get the list of user with permission of organization manager :param uuid: organization uuid :return: """ try: org = CuorHelper.query_cuor_by_uuid(uuid) if not org: raise Exception('Organization not found') if is_user_sources_admin(current_user) or \ user_is_organization_manager(org['id'], current_user): ids = get_user_ids_for_source_from_action( 'source_organization_manager_actions', uuid) users = User.query.filter(User.id.in_(ids)).all() return iroko_json_response( IrokoResponseStatus.SUCCESS, 'ok', 'permission', { 'action': 'manager', 'organization': uuid, 'users': user_schema_many.dump(users) }) except Exception as e: return iroko_json_response(IrokoResponseStatus.ERROR, str(e), None, None)
def set_organization_manager(user, uuid, allow=False): """ Set user as manager of a organization :param uuid: organization or term uuid :param user: user id :param allow: if allow or deny :return: """ try: userObj = User.query.filter_by(id=user).first() if not userObj: raise Exception('User not found') org = CuorHelper.query_cuor_by_uuid(uuid) if not org: raise Exception('Organization not found') parents = CuorHelper.get_relationships_parent(org) print(parents) allow_parent = False for p in parents: try: allow_parent = user_is_organization_manager( p['id'], current_user) except PermissionDenied: pass if is_user_sources_admin(current_user) or \ allow_parent or \ user_is_organization_manager(org['id'], current_user): with db.session.begin_nested(): ActionUsers.query.filter_by( user_id=user, action='source_organization_manager_actions', argument=uuid).delete() if allow: db.session.add( ActionUsers.allow( ObjectSourceOrganizationManager(uuid), user=userObj)) else: db.session.add( ActionUsers.deny(ObjectSourceOrganizationManager(uuid), user=userObj)) db.session.commit() return iroko_json_response(IrokoResponseStatus.SUCCESS, 'ok', 'permission', { 'org': uuid, 'user': user, 'permission': 'manager', 'allow': allow }) raise PermissionDenied() except PermissionDenied as err: msg = 'Permission denied' return iroko_json_response(IrokoResponseStatus.ERROR, msg, None, None) except Exception as e: return iroko_json_response(IrokoResponseStatus.ERROR, str(e), None, None)
def set_term_manager(user, uuid, allow=False): """ Set user as manager of a organization :param uuid: organization or term uuid :param user: user id :param allow: if allow or deny :return: """ try: userObj = User.query.filter_by(id=user).first() if not userObj: raise Exception('User not found') term = Term.query.filter_by(uuid=uuid).first() if not term: raise Exception('Term not found') parent = None if term.parent_id: parent = Term.query.filter_by(id=term.parent_id).first() if is_user_sources_admin(current_user) or \ user_is_term_manager(term.uuid, current_user) or \ (parent and user_is_term_manager(parent.uuid, current_user)): with db.session.begin_nested(): ActionUsers.query.filter_by( user_id=user, action='source_term_manager_actions', argument=uuid).delete() if allow: db.session.add( ActionUsers.allow(ObjectSourceTermManager(uuid), user=userObj)) else: db.session.add( ActionUsers.deny(ObjectSourceTermManager(uuid), user=userObj)) db.session.commit() return iroko_json_response( IrokoResponseStatus.SUCCESS, 'ok', 'permission', { 'term': uuid, 'user': user, 'permission': 'manager', 'allow': allow }) raise PermissionDenied() except PermissionDenied as err: msg = 'Permission denied' return iroko_json_response(IrokoResponseStatus.ERROR, msg, None, None) except Exception as e: return iroko_json_response(IrokoResponseStatus.ERROR, str(e), None, None)
def get_current_user_sources(status): """ returns the sources of wich current_user is manager param status: 'ALL', 'APPROVED', 'TO_REVIEW', 'UNOFFICIAL' """ # print("## start get sources {0}".format(datetime.datetime.now().strftime("%H:%M:%S"))) try: # count = int(request.args.get('size')) if request.args.get('size') else 10 # page = int(request.args.get('page')) if request.args.get('page') else 1 # # if page < 1: # page = 1 # offset = count * (page - 1) # limit = offset + count # # print(offset) # # print(limit) # print(status) if status == 'ALL': status = None # if role == 'manager': search = SourceRecord.get_sources_search_of_user_as_manager( current_user, status=status) manager = [] if search is not None: # [offset: limit].execute() search_result = search.scan() # TODO: hay que buscar una manera de hacerlo por aqui: # source_v1.serialize_search( # iroko_source_uuid_fetcher, ss # ) # por alguna razon esto no funciona, # la forma en que invenio lo hace incluye en los hits '_version', pero por defecto # eso no esta. # # print(search_result) # # print(source_data_schema_many.dump(search_result)) for hit in search_result: manager.append({ 'id': hit['id'], 'name': hit['name'], 'source_status': hit['source_status'], 'version_to_review': True }) # elif role == 'editor': sources = SourceRecord.get_sources_search_of_user_as_editor( current_user, status=status) editor = [] for hit in sources: editor.append({ 'id': hit['id'], 'name': hit['name'], 'source_status': hit['source_status'], 'version_to_review': True }) sources_terms = get_arguments_for_source_from_action( current_user, 'source_term_manager_actions') terms = Term.query.filter(Term.uuid.in_(sources_terms)).all() sources_orgs = get_arguments_for_source_from_action( current_user, 'source_organization_manager_actions') orgs = [] for org in sources_orgs: orgs.append(CuorHelper.query_cuor_by_uuid(org)) response = iroko_json_response( IrokoResponseStatus.SUCCESS, 'ok', 'sources', { 'manager': manager, 'editor': editor, 'terms': term_schema_many.dump(terms), 'organizations': orgs, 'admin': is_user_sources_admin(current_user) }) # else: # raise Exception("role should be manager or editor") # # print("## iroko_json_response {0}".format(datetime.datetime.now().strftime("%H:%M:%S"))) return response except Exception as e: msg = str(e) return iroko_json_response(IrokoResponseStatus.ERROR, msg, None, None)