def _authenticate(request, application): """ Check the authentication of the current user. """ if not request.user.is_authenticated(): return { 'is_applicant': False, 'is_leader': False, 'is_delegate': False, 'is_admin': common.is_admin(request), } person = request.user auth = application.authenticate(person) auth["is_admin"] = common.is_admin(request) return auth
def can_edit(self, request): # The same as can_view, except normal project members cannot edit person = request.user if not person.is_authenticated(): return False if is_admin(request): return True if not self.is_active: return False if not person.is_active: return False if person.is_locked(): return False # Institute delegate==person can edit any member of institute if self.institute.is_active: if person in self.institute.delegates.all(): return True # Leader==person can edit projects they lead if self.projectmembership_set.filter( person=person, is_project_leader=True, ).exists(): return True return False
def user_list(request, queryset=None, title=None): if queryset is None: queryset = Person.objects.all() if not common.is_admin(request): queryset = queryset.filter(pk=request.user.pk) queryset = queryset.select_related() q_filter = PersonFilter(request.GET, queryset=queryset) table = PersonTable(q_filter.qs) tables.RequestConfig(request).configure(table) spec = [] for name, value in six.iteritems(q_filter.form.cleaned_data): if value is not None and value != "": name = name.replace('_', ' ').capitalize() spec.append((name, value)) context = { 'table': table, 'filter': q_filter, 'spec': spec, 'title': title or "Person list", } return render(template_name="karaage/people/person_list.html", context=context, request=request)
def institute_list(request): queryset = Institute.objects.all() if not is_admin(request): queryset = institute_list.filter(is_active=True, delegates=request.user) q_filter = InstituteFilter(request.GET, queryset=queryset) table = InstituteTable(q_filter.qs) tables.RequestConfig(request).configure(table) spec = [] for name, value in six.iteritems(q_filter.form.cleaned_data): if value is not None and value != "": name = name.replace('_', ' ').capitalize() spec.append((name, value)) return render(template_name='karaage/institutes/institute_list.html', context={ 'table': table, 'filter': q_filter, 'spec': spec, 'title': "Institute list", }, request=request)
def project_list(request, queryset=None): if queryset is None: queryset = Project.objects.all() if not util.is_admin(request): queryset = queryset.filter( Q(leaders=request.user, is_active=True) | Q(institute__delegates=request.user, is_active=True) | Q(group__members=request.user, is_active=True)).distinct() queryset = queryset.select_related() q_filter = ProjectFilter(request.GET, queryset=queryset) table = ProjectTable(q_filter.qs) tables.RequestConfig(request).configure(table) spec = [] for name, value in six.iteritems(q_filter.form.cleaned_data): if value is not None and value != "": name = name.replace('_', ' ').capitalize() spec.append((name, value)) return render_to_response('karaage/projects/project_list.html', { 'table': table, 'filter': q_filter, 'spec': spec, 'title': "Project list", }, context_instance=RequestContext(request))
def can_view(self, request): person = request.user if not person.is_authenticated: return False if is_admin(request): return True if not self.is_active: return False if not person.is_active: return False if person.is_locked(): return False # Institute delegate==person can view any member of institute if self.institute.is_active: if person in self.institute.delegates.all(): return True # Leader==person can view projects they lead tmp = self.leaders.filter(pk=person.pk) if tmp.count() > 0: return True # person can view own projects tmp = self.group.members.filter(pk=person.pk) if tmp.count() > 0: return True return False
def can_view(self, request): # if user not authenticated, no access if not request.user.is_authenticated(): return False # ensure person making request isn't deleted. if not request.user.is_active: return False # ensure person making request isn't locked. if request.user.is_locked(): return False # if user is admin, full access if is_admin(request): return True # ensure this account is not locked if self.is_locked(): return False # ensure this account is not deleted if self.date_deleted is not None: return False # ensure person owning account isn't locked. if self.person.is_locked(): return False # ensure person owning account isn't deleted. if not self.person.is_active: return False return True
def user_list(request, queryset=None, title=None): if queryset is None: queryset = Person.objects.all() if not common.is_admin(request): queryset = queryset.filter(pk=request.user.pk) queryset = queryset.select_related() filter = PersonFilter(request.GET, queryset=queryset) table = PersonTable(filter.qs) tables.RequestConfig(request).configure(table) spec = [] for name, value in six.iteritems(filter.form.cleaned_data): if value is not None and value != "": name = name.replace('_', ' ').capitalize() spec.append((name, value)) context = { 'table': table, 'filter': filter, 'spec': spec, 'title': title or "Person list", } return render_to_response( "karaage/people/person_list.html", context, context_instance=RequestContext(request))
def application_list(request): """ a user wants to see all applications possible. """ if util.is_admin(request): queryset = Application.objects.all() else: queryset = Application.objects.get_for_applicant(request.user) filter = ApplicationFilter(request.GET, queryset=queryset) table = ApplicationTable(filter.qs) tables.RequestConfig(request).configure(table) spec = [] for name, value in filter.form.cleaned_data.iteritems(): if value is not None and value != "": name = name.replace('_', ' ').capitalize() spec.append((name, value)) return render_to_response( "applications/application_list.html", { 'table': table, 'filter': filter, 'spec': spec, 'title': "Application list", }, context_instance=RequestContext(request))
def can_edit(self, request): # The same as can_view, except normal project members cannot edit person = request.user if not person.is_authenticated: return False if is_admin(request): return True if not self.is_active: return False if not person.is_active: return False if person.is_locked(): return False # Institute delegate==person can edit any member of institute if self.institute.is_active: if person in self.institute.delegates.all(): return True # Leader==person can edit projects they lead tmp = self.leaders.filter(pk=person.pk) if tmp.count() > 0: return True return False
def institute_list(request): queryset = Institute.objects.all() if not is_admin(request): queryset = institute_list.filter( is_active=True, delegates=request.user) q_filter = InstituteFilter(request.GET, queryset=queryset) table = InstituteTable(q_filter.qs) tables.RequestConfig(request).configure(table) spec = [] for name, value in six.iteritems(q_filter.form.cleaned_data): if value is not None and value != "": name = name.replace('_', ' ').capitalize() spec.append((name, value)) return render( template_name='karaage/institutes/institute_list.html', context={ 'table': table, 'filter': q_filter, 'spec': spec, 'title': "Institute list", }, request=request)
def project_list(request, queryset=None): if queryset is None: queryset = Project.objects.all() if not util.is_admin(request): queryset = queryset.filter( Q(leaders=request.user, is_active=True) | Q(institute__delegates=request.user, is_active=True) | Q(group__members=request.user, is_active=True)).distinct() queryset = queryset.select_related() q_filter = ProjectFilter(request.GET, queryset=queryset) table = ProjectTable(q_filter.qs) tables.RequestConfig(request).configure(table) spec = [] for name, value in six.iteritems(q_filter.form.cleaned_data): if value is not None and value != "": name = name.replace('_', ' ').capitalize() spec.append((name, value)) return render( template_name='karaage/projects/project_list.html', context={ 'table': table, 'filter': q_filter, 'spec': spec, 'title': "Project list", }, request=request)
def edit_account(request, account_id): account = get_object_or_404(Account, pk=account_id) if not account.can_edit(request): return HttpResponseForbidden( '<h1>Access Denied</h1>' '<p>You do not have permission to edit details ' 'of this account.</p>') if common.is_admin(request): person = account.person username = account.username form = AdminAccountForm( data=request.POST or None, instance=account, person=person, initial={'username': username}) else: person = request.user assert account.person == person form = UserAccountForm( data=request.POST or None, instance=account) if request.method == 'POST': if form.is_valid(): account = form.save() person = account.person return HttpResponseRedirect(person.get_absolute_url()) return render_to_response( 'karaage/machines/account_form.html', {'form': form, 'person': person, 'account': account}, context_instance=RequestContext(request))
def edit_account(request, account_id): account = get_object_or_404(Account, pk=account_id) if not account.can_edit(request): return HttpResponseForbidden( '<h1>Access Denied</h1>' '<p>You do not have permission to edit details ' 'of this account.</p>') if common.is_admin(request): person = account.person username = account.username form = AdminAccountForm(data=request.POST or None, instance=account, person=person, initial={'username': username}) else: person = request.user assert account.person == person form = UserAccountForm(data=request.POST or None, instance=account) if request.method == 'POST': if form.is_valid(): account = form.save() person = account.person return HttpResponseRedirect(person.get_absolute_url()) return render_to_response('karaage/machines/account_form.html', { 'form': form, 'person': person, 'account': account }, context_instance=RequestContext(request))
def application_list(request): """ a user wants to see all applications possible. """ if util.is_admin(request): queryset = Application.objects.all() else: queryset = Application.objects.get_for_applicant(request.user) q_filter = ApplicationFilter(request.GET, queryset=queryset) table = ApplicationTable(q_filter.qs.order_by("-expires")) tables.RequestConfig(request).configure(table) spec = [] for name, value in six.iteritems(q_filter.form.cleaned_data): if value is not None and value != "": name = name.replace('_', ' ').capitalize() spec.append((name, value)) return render( template_name="kgapplications/application_list.html", context={ 'table': table, 'filter': q_filter, 'spec': spec, 'title': "Application list", }, request=request)
def application_list(request): """ a user wants to see all applications possible. """ if util.is_admin(request): queryset = Application.objects.all() else: queryset = Application.objects.get_for_applicant(request.user) q_filter = ApplicationFilter(request.GET, queryset=queryset) table = ApplicationTable(q_filter.qs.order_by("-expires")) tables.RequestConfig(request).configure(table) spec = [] for name, value in six.iteritems(q_filter.form.cleaned_data): if value is not None and value != "": name = name.replace('_', ' ').capitalize() spec.append((name, value)) return render(template_name="kgapplications/application_list.html", context={ 'table': table, 'filter': q_filter, 'spec': spec, 'title': "Application list", }, request=request)
def _get_roles_for_request(request, application): """ Check the authentication of the current user. """ roles = application.get_roles_for_person(request.user) if common.is_admin(request): roles.add("is_admin") roles.add('is_authorised') return roles
def project_application_partc(request, token): if is_admin(request): try: project_application = get_object_or_404(ProjectApplication, id=token) except ValueError: project_application = get_object_or_404(ProjectApplication, secret_token=token) else: try: project_application = ProjectApplication.objects.get( secret_token=token, state__in=[ProjectApplication.NEW, ProjectApplication.OPEN], expires__gte=datetime.datetime.now()) except ProjectApplication.DoesNotExist: return render( request, 'project_application/old_userapplication.html', { 'help_email': settings.ACCOUNTS_EMAIL, }, ) if request.method == 'POST': form = ProjectApplicationPartCForm(request.POST, instance=project_application) if form.is_valid(): project_application = form.save() messages.info(request, 'Resources: Saved') if 'menu' in request.POST: return HttpResponseRedirect( reverse('project_application_submit', args=[project_application.secret_token])) if 'parta' in request.POST: return HttpResponseRedirect( reverse('project_application_parta', args=[project_application.secret_token])) if 'partb' in request.POST: return HttpResponseRedirect( reverse('project_application_partb', args=[project_application.secret_token])) if 'partc' in request.POST: return HttpResponseRedirect( reverse('project_application_partc', args=[project_application.secret_token])) else: form = ProjectApplicationPartCForm(instance=project_application) return render( request, 'project_application/project_application_partc_form.html', { 'form': form, 'project_application': project_application, }, )
def software_detail(request, software_id): if not util.is_admin(request): return join_package(request, software_id) software = get_object_or_404(Software, pk=software_id) return render_to_response( 'software/software_detail.html', locals(), context_instance=RequestContext(request))
def common(request): """ Set context with common variables. """ ctx = {} ctx['SHIB_SUPPORTED'] = settings.SHIB_SUPPORTED ctx['org_name'] = settings.ACCOUNTS_ORG_NAME ctx['accounts_email'] = settings.ACCOUNTS_EMAIL ctx['is_admin'] = is_admin(request) return ctx
def common(request): """ Set context with common variables. """ ctx = { 'SHIB_SUPPORTED': settings.SHIB_SUPPORTED, 'org_name': settings.ACCOUNTS_ORG_NAME, 'accounts_email': settings.ACCOUNTS_EMAIL, 'is_admin': is_admin(request) } return ctx
def requires_attention(self, request): person = request.user query = Q(projectapplication__project__in=person.leads.all(), state=ProjectApplication.WAITING_FOR_LEADER) query = query | Q( projectapplication__institute__in=person.delegate_for.all(), state=ProjectApplication.WAITING_FOR_DELEGATE ) if is_admin(request): query = query | Q(state=Application.WAITING_FOR_ADMIN) query = query | Q(state=ProjectApplication.DUPLICATE, projectapplication__isnull=False) return self.get_queryset().filter(query)
def project_application_list(request, queryset=None): if not is_admin(request): return HttpResponseRedirect(reverse('linkto_project_application'), {'custom_footer': custom_footer}) if queryset == None: queryset = ProjectApplication.objects.all() q_filter = ProjectApplicationFilter(request.GET, queryset=queryset) # Want to show application ID but link to use secret token # so have to remap to 'application_id' here and in tables.py app_ids = ProjectApplication.objects.values('id', 'secret_token').order_by() token_ids = {item['id']: item['secret_token'] for item in app_ids} proj_ids = Project.objects.values('pid', 'id').order_by() proj_to_id = {item['pid']: item['id'] for item in proj_ids} results = list(q_filter.qs.all()) # get a copy for item in results: if item.id in token_ids: # monkey patch 'application_id' item.application_id = token_ids[item.id] if item.project: item.project_id = item.project.id item.pid = item.project.pid try: item.supervisor = ProjectApplicationMember.objects.get( project_application=item.id, is_supervisor=True).__unicode__() except ProjectApplicationMemebers.DoesNotExist: pass table = ProjectApplicationTable(results) tables.RequestConfig(request).configure(table) spec = [] for name, value in six.iteritems(q_filter.form.cleaned_data): if value is not None and value != "": name = name.replace('_', ' ').capitalize() spec.append((name, value)) return render( request, 'project_application/admin_project_application_list.html', { 'table': table, 'filter': q_filter, 'spec': spec, 'title': "Project Application list", 'custom_footer': custom_footer, }, )
def can_edit(self, request): # if we can't view this account, we can't edit it either if not self.can_view(request): return False if not is_admin(request): # if not admin, ensure we are the person being altered if self.person != request.user: return False return True
def can_view(self, request): from karaage.projects.models import Project person = request.user if not person.is_authenticated(): return False # ensure person making request isn't deleted. if not person.is_active: return False # ensure person making request isn't locked. if person.is_locked(): return False # staff members can view everything if is_admin(request): return True # we don't allow people to see inactive accounts. if not self.is_active: return False # person can view own self if self.id == person.id: return True # Institute delegate==person can view any member of institute if self.institute.is_active: if person in self.institute.delegates.all(): return True # Institute delegate==person can view people in projects that are a # member of institute if Project.objects.filter(group__members=self.id) \ .filter(institute__delegates=person): return True # person can view people in projects they belong to tmp = Project.objects.filter(group__members=self.id) \ .filter(group__members=person.id) \ .filter(is_active=True) if tmp.count() > 0: return True # Leader==person can view people in projects they lead if Project.objects.filter( projectmembership__is_project_leader=True, projectmembership__person=person, is_active=True, ).exists(): return True return False
def check_auth(self, request): """ to ensure that nobody can get your data via json simply by knowing the URL. public facing forms should write a custom LookupChannel to implement as you wish. also you could choose to return HttpResponseForbidden("who are you?") instead of raising PermissionDenied (401 response) """ if not request.user.is_authenticated(): raise PermissionDenied if not is_admin(request): raise PermissionDenied
def requires_attention(self, request): person = request.user query = Q(projectapplication__project__in=person.leads.all(), state=ProjectApplication.WAITING_FOR_LEADER) query = query | Q( projectapplication__institute__in=person.delegate_for.all(), state=ProjectApplication.WAITING_FOR_DELEGATE) if is_admin(request): query = query | Q(state=Application.WAITING_FOR_ADMIN) query = query | Q(state=ProjectApplication.DUPLICATE, projectapplication__isnull=False) return self.get_queryset().filter(query)
def check_auth(self, request): """ to ensure that nobody can get your data via json simply by knowing the URL. public facing forms should write a custom LookupChannel to implement as you wish. also you could choose to return HttpResponseForbidden("who are you?") instead of raising PermissionDenied (401 response) """ if not request.user.is_authenticated: raise PermissionDenied if not is_admin(request): raise PermissionDenied
def can_view(self, request): from karaage.projects.models import Project person = request.user if not person.is_authenticated(): return False # ensure person making request isn't deleted. if not person.is_active: return False # ensure person making request isn't locked. if person.is_locked(): return False # staff members can view everything if is_admin(request): return True # we don't allow people to see inactive accounts. if not self.is_active: return False # person can view own self if self.id == person.id: return True # Institute delegate==person can view any member of institute if self.institute.is_active: if person in self.institute.delegates.all(): return True # Institute delegate==person can view people in projects that are a # member of institute if Project.objects.filter(group__members=self.id) \ .filter(institute__delegates=person): return True # person can view people in projects they belong to tmp = Project.objects.filter(group__members=self.id) \ .filter(group__members=person.id) \ .filter(is_active=True) if tmp.count() > 0: return True # Leader==person can view people in projects they lead tmp = Project.objects.filter(group__members=self.id) \ .filter(leaders=person.id) \ .filter(is_active=True) if tmp.count() > 0: return True return False
def common(request): """ Set context with common variables. """ ctx = { 'SHIB_SUPPORTED': settings.SHIB_SUPPORTED, 'org_name': settings.ACCOUNTS_ORG_NAME, 'accounts_email': settings.ACCOUNTS_EMAIL, 'is_admin': is_admin(request), 'kgversion': __version__, 'BUILD_DATE': settings.BUILD_DATE, 'VCS_REF': settings.VCS_REF, 'SLURM_VER': settings.SLURM_VER, } return ctx
def common(request): """ Set context with common variables. """ ctx = {} ctx['GRAPH_URL'] = settings.GRAPH_URL ctx['SHIB_SUPPORTED'] = settings.SHIB_SUPPORTED ctx['org_name'] = settings.ACCOUNTS_ORG_NAME ctx['accounts_email'] = settings.ACCOUNTS_EMAIL ctx['is_admin'] = is_admin(request) for hook in get_hooks("context"): context = hook(request) ctx.update(context) return ctx
def add_edit_project(request, project_id=None): if project_id is None: project = None old_pid = None flag = 1 else: project = get_object_or_404(Project, id=project_id) old_pid = project.pid flag = 2 if util.is_admin(request): # JH add initial pid initial_pid = cutil.getDefaultProjectPid() form = ProjectForm(instance=project, data=request.POST or None, pid_initial=initial_pid) else: if not project.can_edit(request): return HttpResponseForbidden('<h1>Access Denied</h1>') form = UserProjectForm(instance=project, data=request.POST or None) if request.method == 'POST': if form.is_valid(): project = form.save(commit=False) if project_id is not None: # if project is being edited, project_id cannot change. project.pid = old_pid elif not project.pid: # if project was being created, did the user give a project_id # we should use? If not, then we have to generate one # ourselves. project.pid = get_new_pid(project.institute) project.save() approved_by = request.user project.activate(approved_by) form.save_m2m() if flag == 1: messages.success(request, "Project '%s' created succesfully" % project) else: messages.success(request, "Project '%s' edited succesfully" % project) return HttpResponseRedirect(project.get_absolute_url()) return render_to_response('karaage/projects/project_form.html', locals(), context_instance=RequestContext(request))
def common(request): """ Set context with common variables. """ ctx = { 'AAF_RAPID_CONNECT_ENABLED': settings.AAF_RAPID_CONNECT_ENABLED, 'org_name': settings.ACCOUNTS_ORG_NAME, 'accounts_email': settings.ACCOUNTS_EMAIL, 'is_admin': is_admin(request), 'kgversion': __version__, 'VERSION': settings.VERSION, 'BUILD_DATE': settings.BUILD_DATE, 'VCS_REF': settings.VCS_REF, 'SLURM_VER': settings.SLURM_VER, } return ctx
def add_edit_project(request, project_id=None): if project_id is None: project = None old_pid = None flag = 1 else: project = get_object_or_404(Project, id=project_id) old_pid = project.pid flag = 2 if util.is_admin(request): # JH add initial pid initial_pid = cutil.getDefaultProjectPid() form = ProjectForm(instance=project, data=request.POST or None, pid_initial = initial_pid) else: if not project.can_edit(request): return HttpResponseForbidden('<h1>Access Denied</h1>') form = UserProjectForm(instance=project, data=request.POST or None) if request.method == 'POST': if form.is_valid(): project = form.save(commit=False) if project_id is not None: # if project is being edited, project_id cannot change. project.pid = old_pid elif not project.pid: # if project was being created, did the user give a project_id # we should use? If not, then we have to generate one # ourselves. project.pid = get_new_pid(project.institute) project.save() approved_by = request.user project.activate(approved_by) form.save_m2m() if flag == 1: messages.success( request, "Project '%s' created succesfully" % project) else: messages.success( request, "Project '%s' edited succesfully" % project) return HttpResponseRedirect(project.get_absolute_url()) return render_to_response( 'karaage/projects/project_form.html', locals(), context_instance=RequestContext(request))
def software_detail(request, software_id): software = get_object_or_404(Software, pk=software_id) software_license = software.get_current_license() person = request.user license_agreements = SoftwareLicenseAgreement.objects \ .filter(person=person, license=software_license) agreement = None if license_agreements.count() > 0: agreement = license_agreements.latest() # we only list applications for current software license applications = SoftwareApplication.objects.filter( software_license__software=software_license) applications = applications.exclude(state='C') applications_table = ApplicationTable(applications) config = tables.RequestConfig(request, paginate={"per_page": 5}) config.configure(applications_table) open_applications = SoftwareApplication.objects.get_for_applicant(person) open_applications = open_applications.filter( software_license=software_license) if agreement is None and software_license is not None \ and len(open_applications) == 0 and request.method == 'POST': if software.restricted and not util.is_admin(request): log.add(software, "New application created for %s" % request.user) return new_application(request, software_license) SoftwareLicenseAgreement.objects.create( person=person, license=software_license, date=datetime.datetime.today(), ) person.add_group(software.group) log.add( software, "Approved join (not restricted) for %s" % request.user) messages.success(request, "Approved access to %s." % software) return HttpResponseRedirect(reverse('kg_profile_software')) return render_to_response( 'kgsoftware/software_detail.html', locals(), context_instance=RequestContext(request))
def send_invitation(request, project_id=None): """ The logged in project leader wants to invite somebody to their project. """ project = None if project_id is not None: project = get_object_or_404(Project, id=project_id) if project is None: if not is_admin(request): return HttpResponseForbidden('<h1>Access Denied</h1>') else: if not project.can_edit(request): return HttpResponseForbidden('<h1>Access Denied</h1>') return _send_invitation(request, project)
def send_invitation(request, project_id=None): """ The logged in project leader wants to invite somebody to their project. """ project = None if project_id is not None: project = get_object_or_404(Project, pid=project_id) if project is None: if not is_admin(request): return HttpResponseForbidden('<h1>Access Denied</h1>') else: if not project.can_edit(request): return HttpResponseForbidden('<h1>Access Denied</h1>') return _send_invitation(request, project)
def send_invitation(request, project_id=None): """ The logged in project leader wants to invite somebody to their project. """ if is_admin(request): project = None if project_id is not None: project = get_object_or_404(Project, pid=project_id) form = forms.AdminInviteUserApplicationForm else: person = request.user project = get_object_or_404(Project, pid=project_id) if project_id is None: return HttpResponseBadRequest("<h1>Bad Request</h1>") if person not in project.leaders.all(): return HttpResponseBadRequest("<h1>Bad Request</h1>") form = forms.LeaderInviteUserApplicationForm return _send_invitation(request, project, form)
def project_application_pdf(request, token): if is_admin(request): try: project_application = get_object_or_404(ProjectApplication, id=token) except ValueError: project_application = get_object_or_404(ProjectApplication, secret_token=token) else: try: project_application = ProjectApplication.objects.get( secret_token=token, expires__gte=datetime.datetime.now()) except ProjectApplication.DoesNotExist: return render( request, 'project_application/old_userapplication.html', { 'help_email': settings.ACCOUNTS_EMAIL, }, ) return project_application_to_pdf(project_application)
def software_detail(request, software_id): software = get_object_or_404(Software, pk=software_id) software_license = software.get_current_license() person = request.user license_agreements = SoftwareLicenseAgreement.objects \ .filter(person=person, license=software_license) agreement = None if license_agreements.count() > 0: agreement = license_agreements.latest() # we only list applications for current software license applications = get_applications(software_license) application_table = get_application_table(request, applications) open_applications = get_applications_for_person(person, software_license) if agreement is None and software_license is not None \ and len(open_applications) == 0 and request.method == 'POST': if software.restricted and not util.is_admin(request): log.add(software, "New application created for %s" % request.user) return new_application(request, software_license) SoftwareLicenseAgreement.objects.create( person=person, license=software_license, date=datetime.datetime.today(), ) person.add_group(software.group) log.add( software, "Approved join (not restricted) for %s" % request.user) messages.success(request, "Approved access to %s." % software) return HttpResponseRedirect(reverse('kg_profile_software')) return render( template_name='kgsoftware/software_detail.html', context=locals(), request=request)
def software_list(request): if not util.is_admin(request): return _software_list_non_admin(request) queryset = Software.objects.all().select_related() filter = SoftwareFilter(request.GET, queryset=queryset) table = SoftwareTable(filter.qs) tables.RequestConfig(request).configure(table) spec = [] for name, value in six.iteritems(filter.form.cleaned_data): if value is not None and value != "": name = name.replace('_', ' ').capitalize() spec.append((name, value)) return render_to_response('kgsoftware/software_list.html', { 'table': table, 'filter': filter, 'spec': spec, 'title': "Software list", }, context_instance=RequestContext(request))
def can_view(self, request): person = request.user if not person.is_authenticated(): return False # staff members can view everything if is_admin(request): return True if not self.is_active: return False if not person.is_active: return False if person.is_locked(): return False # Institute delegates==person can view institute if person in self.delegates.all(): return True return False
def software_list(request): if not util.is_admin(request): return _software_list_non_admin(request) queryset = Software.objects.all().select_related() q_filter = SoftwareFilter(request.GET, queryset=queryset) table = SoftwareTable(q_filter.qs) tables.RequestConfig(request).configure(table) spec = [] for name, value in six.iteritems(q_filter.form.cleaned_data): if value is not None and value != "": name = name.replace('_', ' ').capitalize() spec.append((name, value)) return render( template_name='kgsoftware/software_list.html', context={ 'table': table, 'filter': q_filter, 'spec': spec, 'title': "Software list", }, request=request)
def software_list(request): if not util.is_admin(request): return join_package_list(request) queryset = Software.objects.all().select_related() filter = SoftwareFilter(request.GET, queryset=queryset) table = SoftwareTable(filter.qs) tables.RequestConfig(request).configure(table) spec = [] for name, value in filter.form.cleaned_data.iteritems(): if value is not None and value != "": name = name.replace('_', ' ').capitalize() spec.append((name, value)) return render_to_response( 'software/software_list.html', { 'table': table, 'filter': filter, 'spec': spec, 'title': "Software list", }, context_instance=RequestContext(request))
def project_application_view(request, token): if is_admin(request): try: project_application = get_object_or_404(ProjectApplication, id=token) except ValueError: project_application = get_object_or_404(ProjectApplication, secret_token=token) else: try: project_application = ProjectApplication.objects.get( secret_token=token, state__in=[ProjectApplication.WAITING_FOR_ADMIN], expires__gte=datetime.datetime.now()) except ProjectApplication.DoesNotExist: return render( request, 'project_application/old_userapplication.html', { 'help_email': settings.ACCOUNTS_EMAIL, }, ) members = ProjectApplicationMember.objects.filter( project_application=project_application) supervisor = members.get(is_supervisor=True) return render( request, 'project_application/project_application_view.html', { 'project_application': project_application, 'members': members, 'supervisor': supervisor, }, )
def application_list(request): """ a user wants to see all applications possible. """ if util.is_admin(request): queryset = Application.objects.all() else: queryset = Application.objects.get_for_applicant(request.user) q_filter = ApplicationFilter(request.GET, queryset=queryset) table = ApplicationTable(q_filter.qs) tables.RequestConfig(request).configure(table) spec = [] for name, value in six.iteritems(q_filter.form.cleaned_data): if value is not None and value != "": name = name.replace("_", " ").capitalize() spec.append((name, value)) return render_to_response( "kgapplications/application_list.html", {"table": table, "filter": q_filter, "spec": spec, "title": "Application list"}, context_instance=RequestContext(request), )
def index(request): if settings.ADMIN_REQUIRED or is_admin(request): return admin_index(request) return render( template_name='karaage/common/index.html', request=request)
def index(request): if settings.ADMIN_REQUIRED or is_admin(request): return admin_index(request) return render_to_response( 'karaage/common/index.html', context_instance=RequestContext(request))
def project_application_parta(request, token): if is_admin(request): try: project_application = get_object_or_404(ProjectApplication, id=token) except ValueError: project_application = get_object_or_404(ProjectApplication, secret_token=token) else: try: project_application = ProjectApplication.objects.get( secret_token=token, state__in=[ProjectApplication.NEW, ProjectApplication.OPEN], expires__gte=datetime.datetime.now()) except ProjectApplication.DoesNotExist: return render( request, 'project_application/old_userapplication.html', { 'help_email': settings.ACCOUNTS_EMAIL, }, ) queryset = ProjectApplicationMember.objects.filter( project_application=project_application) # use Selects for Institute, Faculty, Department # collect all known inst/fac/sch and any saved in application inst_choice = sorted( set([('', 'Type here or select from list')] + list(Institute.objects.values_list('name', 'name')) + list( queryset.exclude(institute__isnull=True).values_list( 'institute', 'institute')))) fac_choice = sorted( set([('', 'Type here or select from list')] + list( ProjectApplicationFaculty.objects.exclude( faculty__isnull=True).values_list('faculty', 'faculty')) + list( queryset.exclude( faculty__isnull=True).values_list('faculty', 'faculty')))) sch_choice = sorted( set([('', 'Type here or select from list')] + list( ProjectApplicationFaculty.objects.exclude( school__isnull=True).values_list('school', 'school')) + list( queryset.exclude(department__isnull=True).values_list( 'department', 'department')))) MemberInLineFormSet = inlineformset_factory( ProjectApplication, ProjectApplicationMember, formset=ProjectApplicationMemberFormSet, form=ProjectApplicationMemberForm, widgets={ 'institute': forms.Select(choices=inst_choice), 'faculty': forms.Select(choices=fac_choice), 'department': forms.Select(choices=sch_choice), }, can_order=True) # pass list to javascript inst_fac_sch = ProjectApplicationFaculty.objects.exclude( institute__isnull=True) all_choices = {} for item in inst_fac_sch: all_choices.setdefault(item.institute.name, {}).setdefault(item.faculty or '', []).append(item.school or '') # Add data entered from members for memb in queryset: inst = memb.institute or '' fac = memb.faculty or '' sch = memb.department or '' if ((inst not in all_choices) or (fac not in all_choices[inst]) or (sch not in all_choices[inst][fac])): all_choices.setdefault(inst, {}).setdefault(fac, []).append(sch) all_choices = json.dumps(all_choices) if request.method == 'POST': # is_supervisor are shown as one radio select group # need to convert back to checkbox POST format # Process: POST data needs renaming so member forset can # validate/clean/save. Form clean enforces change of state # Form validation prevents deleting selected item, so one must always # be selected (test for this?) post = request.POST.copy() if 'is_supervisor' in post.keys(): selected = post['is_supervisor'] post[selected + '-is_supervisor'] = u'on' member_formset = MemberInLineFormSet(post, instance=project_application, queryset=queryset) if member_formset.is_valid(): member_formset.save() # catch case where no one selected if not queryset.filter(is_supervisor=True).exists(): queryset.filter( email__iexact=project_application.created_by).update( is_supervisor=True) messages.info(request, 'Personnel: Saved') if 'menu' in request.POST: return HttpResponseRedirect( reverse('project_application_submit', args=[project_application.secret_token])) if 'parta' in request.POST: return HttpResponseRedirect( reverse('project_application_parta', args=[project_application.secret_token])) if 'partb' in request.POST: return HttpResponseRedirect( reverse('project_application_partb', args=[project_application.secret_token])) if 'partc' in request.POST: return HttpResponseRedirect( reverse('project_application_partc', args=[project_application.secret_token])) else: member_formset = MemberInLineFormSet(instance=project_application, queryset=queryset) return render( request, 'project_application/project_application_parta_form.html', { 'project_application': project_application, 'member_formset': member_formset, 'all_choices': all_choices, 'help_email': settings.ACCOUNTS_EMAIL, }, )
def submit_project_application(request, token): if is_admin(request): try: project_application = get_object_or_404(ProjectApplication, id=token) except ValueError: project_application = get_object_or_404(ProjectApplication, secret_token=token) else: try: project_application = ProjectApplication.objects.get( secret_token=token, state__in=[ ProjectApplication.NEW, ProjectApplication.OPEN, ProjectApplication.WAITING_FOR_ADMIN ], expires__gte=datetime.datetime.now()) except ProjectApplication.DoesNotExist: return render( request, 'project_application/old_userapplication.html', { 'help_email': settings.ACCOUNTS_EMAIL, }, ) if project_application.state == ProjectApplication.WAITING_FOR_ADMIN: return HttpResponseRedirect( reverse('view_project_application', args=[project_application.secret_token])) if project_application.state != ProjectApplication.OPEN: project_application.state = ProjectApplication.OPEN project_application.save() # completeness tests def partaOK(project_application): # ppl = project_application.project_application_project_application_member_set.select_related() ppl = ProjectApplicationMember.objects.filter( project_application=project_application) has_all = True has_supervisor = False has_leader = False for prs in ppl: if not (prs.email and prs.title and prs.first_name and prs.last_name and prs.institute and prs.faculty and prs.department and prs.telephone and prs.level and prs.role): has_all = False has_supervisor |= prs.is_supervisor has_leader |= prs.is_leader return (has_all and has_supervisor and has_leader) def partbOK(project_application): if not (project_application.title and project_application.summary and project_application.FOR): return False return True def partcOK(project_application): return True complete = { 'a': partaOK(project_application), 'b': partbOK(project_application), 'c': partcOK(project_application), } complete_all = complete['a'] and complete['b'] and complete['c'] if request.method == 'POST': form = ProjectApplicationTacForm(request.POST, instance=project_application, prefix='tac') if form.is_valid(): form.save() if complete_all and project_application.tac: # if user or admin, change state if 'action' in request.POST or 'adminsubmit' in request.POST: project_application.state = ProjectApplication.WAITING_FOR_ADMIN project_application.submitted_date = datetime.datetime.now( ) project_application.save() messages.info(request, 'Application marked as submitted') elif 'adminunsubmit' in request.POST: project_application.state = ProjectApplication.OPEN project_application.save() messages.info( request, 'Application has been unsubmitted (marked as open)') # notifications only if submitted by user if 'action' in request.POST: pdf = project_application_to_pdf_doc(project_application) send_submit_receipt(project_application, pdf) #TODO: WRONG need to derive url, not hardcode! link = '%s/apply/%s/' % (settings.REGISTRATION_BASE_URL, project_application.secret_token) send_notify_admin(project_application, link) #NOTE: could go to waiting for review? project_application.state = ProjectApplication.WAITING_FOR_ADMIN project_application.save() return HttpResponseRedirect( reverse('project_application_done', args=[project_application.secret_token])) else: form = ProjectApplicationTacForm(instance=project_application, prefix='tac') return render( request, 'project_application/submit_project_application_form.html', { 'help_email': settings.ACCOUNTS_EMAIL, 'project_application': project_application, 'form': form, 'complete': complete, 'complete_all': complete_all, }, )