def testIsHostForProgram(self):
"""Tests that True is returned for a program host."""
# seed a couple of programs
program_one = program_utils.seedProgram()
program_two = program_utils.seedProgram()
# make the user a host for the first program but not for the other
self.user.host_for = [ndb.Key.from_old_key(program_one.key())]
self.user.put()
# check that the user is a host only for the first program
self.assertTrue(user_logic.isHostForProgram(self.user, program_one.key()))
self.assertFalse(user_logic.isHostForProgram(self.user, program_two.key()))
def testIsHostForProgram(self):
"""Tests that True is returned for a program host."""
# seed a couple of programs
program_one = program_utils.seedProgram()
program_two = program_utils.seedProgram()
# make the user a host for the first program but not for the other
self.user.host_for = [ndb.Key.from_old_key(program_one.key())]
self.user.put()
# check that the user is a host only for the first program
self.assertTrue(
user_logic.isHostForProgram(self.user, program_one.key()))
self.assertFalse(
user_logic.isHostForProgram(self.user, program_two.key()))
def _isUpdateLinkVisible(data):
"""Determines whether the current user is allowed to update the project
and therefore if the project update link should visible or not.
Args:
data: a RequestData object
Returns: True if the update link should be visible, False otherwise.
"""
# program hosts are able to edit project details
if user_logic.isHostForProgram(data.ndb_user, data.program.key()):
return True
# users without active profiles cannot definitely update projects
if (not data.ndb_profile or
data.ndb_profile.status != profile_model.Status.ACTIVE):
return False
# only passed and valid project can be updated
if data.url_project.status in ['invalid', 'withdrawn', 'failed']:
return False
# a student who own the project can update it
if data.url_project.parent_key() == data.ndb_profile.key.to_old_key():
return True
# org admins of the organization that manages the project can update it
org_key = ndb.Key.from_old_key(
GSoCProject.org.get_value_for_datastore(data.url_project))
if data.orgAdminFor(org_key):
return True
# no other users are permitted to update project
return False
def _isUpdateLinkVisible(data):
"""Determines whether the current user is allowed to update the project
and therefore if the project update link should visible or not.
Args:
data: a RequestData object
Returns: True if the update link should be visible, False otherwise.
"""
# program hosts are able to edit project details
if user_logic.isHostForProgram(data.ndb_user, data.program.key()):
return True
# users without active profiles cannot definitely update projects
if (not data.ndb_profile
or data.ndb_profile.status != profile_model.Status.ACTIVE):
return False
# only passed and valid project can be updated
if data.url_project.status in ['invalid', 'withdrawn', 'failed']:
return False
# a student who own the project can update it
if data.url_project.parent_key() == data.ndb_profile.key.to_old_key():
return True
# org admins of the organization that manages the project can update it
org_key = ndb.Key.from_old_key(
GSoCProject.org.get_value_for_datastore(data.url_project))
if data.orgAdminFor(org_key):
return True
# no other users are permitted to update project
return False
def checkAccess(self, data, check, mutator):
mutator.studentEvaluationFromKwargs()
mutator.studentEvaluationRecordFromKwargs()
assert isSet(data.student_evaluation)
if user_logic.isHostForProgram(data.ndb_user, data.program.key()):
return
show_url = data.redirect.survey_record(
data.student_evaluation.link_id).urlOf(
'gsoc_show_student_evaluation')
check.isStudentSurveyActive(
data.student_evaluation, data.url_ndb_profile, show_url=show_url)
check.isProfileActive()
# TODO(dcrodman): When GSoCProject is converted to NDB, this Key
# conversion will need to be removed.
org_key = project_model.GSoCProject.org.get_value_for_datastore(
data.url_project)
org_key = ndb.Key.from_old_key(org_key)
if data.orgAdminFor(org_key):
raise exception.Redirect(show_url)
check.canUserTakeSurvey(data.student_evaluation, 'student')
check.isStudentForSurvey()
def is_org_admin(self):
"""Returns the is_org_admin field."""
if not self._isSet(self._is_org_admin):
if not self.ndb_profile:
self._is_org_admin = False
else:
self._is_org_admin = (self.ndb_profile.is_admin or
user_logic.isHostForProgram(self.ndb_user, self.program.key()))
return self._is_org_admin
def isHost(self):
"""Checks whether the current user has a host role.
"""
self.isLoggedIn()
if user_logic.isHostForProgram(self.data.ndb_user, self.data.program.key()):
return
raise exception.Forbidden(message=DEF_NOT_HOST)
def checkAccess(self, data, check):
"""See AccessChecker.checkAccess for specification."""
if data.is_developer:
# NOTE(nathaniel): Developers are given all the powers of
# program administrators.
return
elif not data.gae_user:
raise exception.LoginRequired()
elif not user_logic.isHostForProgram(data.ndb_user, data.program.key()):
raise exception.Forbidden(message=_MESSAGE_NOT_PROGRAM_ADMINISTRATOR)
def isHost(self):
"""Checks whether the current user has a host role.
"""
self.isLoggedIn()
if user_logic.isHostForProgram(self.data.ndb_user,
self.data.program.key()):
return
raise exception.Forbidden(message=DEF_NOT_HOST)
def is_org_admin(self):
"""Returns the is_org_admin field."""
if not self._isSet(self._is_org_admin):
if not self.ndb_profile:
self._is_org_admin = False
else:
self._is_org_admin = (self.ndb_profile.is_admin
or user_logic.isHostForProgram(
self.ndb_user, self.program.key()))
return self._is_org_admin
def checkAccess(self, data, check):
"""See AccessChecker.checkAccess for specification."""
if data.is_developer:
# NOTE(nathaniel): Developers are given all the powers of
# program administrators.
return
elif not data.gae_user:
raise exception.LoginRequired()
elif not user_logic.isHostForProgram(data.ndb_user,
data.program.key()):
raise exception.Forbidden(
message=_MESSAGE_NOT_PROGRAM_ADMINISTRATOR)
def mentorFor(self, org_key):
"""Returns true iff the user is mentor for the specified organization.
Args:
org_key: Organization key.
"""
if user_logic.isHostForProgram(self.ndb_user, self.program.key()):
return True
if not self.ndb_profile:
return False
return org_key in self.ndb_profile.mentor_for
def mentorFor(self, org_key):
"""Returns true iff the user is mentor for the specified organization.
Args:
org_key: Organization key.
"""
if user_logic.isHostForProgram(self.ndb_user, self.program.key()):
return True
if not self.ndb_profile:
return False
return org_key in self.ndb_profile.mentor_for
def canUpdateProject(self):
"""Checks if the current user is allowed to update project details."""
self.isLoggedIn()
if not user_logic.isHostForProgram(self.data.ndb_user,
self.data.program.key()):
self.hasProfile()
if self.data.ndb_profile.is_student:
# check if this is a student trying to update their project
self.canStudentUpdateProject()
elif self.data.is_org_admin:
# check if this is an organization admin trying to update a project
# belonging to one the students working for their organization
self.canOrgAdminUpdateProject()
else:
raise exception.Forbidden(
message=access_checker.DEF_CANNOT_UPDATE_ENTITY %
{'name': 'project'})
def canUpdateProject(self):
"""Checks if the current user is allowed to update project details."""
self.isLoggedIn()
if not user_logic.isHostForProgram(
self.data.ndb_user, self.data.program.key()):
self.hasProfile()
if self.data.ndb_profile.is_student:
# check if this is a student trying to update their project
self.canStudentUpdateProject()
elif self.data.is_org_admin:
# check if this is an organization admin trying to update a project
# belonging to one the students working for their organization
self.canOrgAdminUpdateProject()
else:
raise exception.Forbidden(
message=access_checker.DEF_CANNOT_UPDATE_ENTITY % {
'name': 'project'
})
def context(self):
context = siteMenuContext(self.data)
context.update({
'home_link': links.LINKER.program(self.data.program, 'gsoc_homepage'),
'search_link': links.LINKER.program(self.data.program, 'search_gsoc'),
})
if (self.data.ndb_profile
and self.data.ndb_profile.status == profile_model.Status.ACTIVE):
self.data.redirect.program()
context['profile_link'] = links.LINKER.program(
self.data.program, urls.UrlNames.PROFILE_SHOW)
if user_logic.isHostForProgram(self.data.ndb_user, self.data.program.key()):
self.data.redirect.program()
context['admin_link'] = self.data.redirect.urlOf('gsoc_admin_dashboard')
return context
def context(self, data, check, mutator):
record = data.org_app_record
context = {
'page_name': 'Organization application - %s' % (record.name),
'organization': record.name,
'css_prefix': OrgAppReadOnlyTemplate.Meta.css_prefix,
}
if record:
context['record'] = OrgAppReadOnlyTemplate(record)
# admin info should be available only to the hosts
if user_logic.isHostForProgram(data.ndb_user, data.program.key()):
context['main_admin_url'] = links.LINKER.profile(
record.main_admin, urls.UrlNames.PROFILE_ADMIN)
context['backup_admin_url'] = links.LINKER.profile(
record.backup_admin, urls.UrlNames.PROFILE_ADMIN)
return context
def context(self, data, check, mutator):
record = data.org_app_record
context = {
'page_name': 'Organization application - %s' % (record.name),
'organization': record.name,
'css_prefix': OrgAppReadOnlyTemplate.Meta.css_prefix,
}
if record:
context['record'] = OrgAppReadOnlyTemplate(record)
# admin info should be available only to the hosts
if user_logic.isHostForProgram(data.ndb_user, data.program.key()):
context['main_admin_url'] = links.LINKER.profile(
record.main_admin, urls.UrlNames.PROFILE_ADMIN)
context['backup_admin_url'] = links.LINKER.profile(
record.backup_admin, urls.UrlNames.PROFILE_ADMIN)
return context
def context(self):
context = siteMenuContext(self.data)
context.update({
'home_link':
links.LINKER.program(self.data.program, 'gsoc_homepage'),
'search_link':
links.LINKER.program(self.data.program, 'search_gsoc'),
})
if (self.data.ndb_profile and self.data.ndb_profile.status
== profile_model.Status.ACTIVE):
self.data.redirect.program()
context['profile_link'] = links.LINKER.program(
self.data.program, urls.UrlNames.PROFILE_SHOW)
if user_logic.isHostForProgram(self.data.ndb_user,
self.data.program.key()):
self.data.redirect.program()
context['admin_link'] = self.data.redirect.urlOf(
'gsoc_admin_dashboard')
return context
def is_host(self):
"""Returns the is_host field."""
if not self._isSet(self._is_host):
self._is_host = ndb_user_logic.isHostForProgram(
self.ndb_user, self.program.key())
return self._is_host