def canStudentUpdateProposal(self): """Checks if the student is eligible to submit a proposal. """ assert isSet(self.data.proposal) self.isActiveStudent() self.isProposalInURLValid() # check if the timeline allows updating proposals self.studentSignupActive() if self.data.proposal.status == 'invalid': error_msg = DEF_ID_BASED_ENTITY_INVALID_MSG_FMT % { 'model': 'GSoCProposal', 'id': id, } raise AccessViolation(error_msg) # check if the proposal belongs to the current user expected_profile = self.data.proposal.parent() if expected_profile.key().name() != self.data.profile.key().name(): error_msg = DEF_ENTITY_DOES_NOT_BELONG_TO_YOU % { 'model': 'GSoCProposal' } raise AccessViolation(error_msg)
def canRespondToInvite(self): """Checks if the current user can accept/reject the invitation. """ assert isSet(self.data.invite) assert isSet(self.data.invited_user) # check if the entity represents an invitation if self.data.invite.type != 'Invitation': raise AccessViolation(DEF_NOT_VALID_INVITATION_MSG) # check if the entity can be responded if self.data.invite.status not in ['pending', 'rejected']: raise AccessViolation(DEF_NOT_VALID_INVITATION_MSG) # check if the entity is addressed to the current user if self.data.invited_user.key() != self.data.user.key(): error_msg = DEF_ENTITY_DOES_NOT_BELONG_TO_YOU % { 'model': 'Request' } raise AccessViolation(error_msg) # check if the user does not have this role if self.data.invite.role == 'org_admin': self.notOrgAdmin() else: self.notMentor()
def canAccessProposalEntity(self): """Checks if the current user is allowed to access a Proposal entity. """ assert isSet(self.data.proposal) assert isSet(self.data.proposal_org) assert isSet(self.data.proposer_user) # if the proposal is public, everyone may access it if self.data.proposal.is_publicly_visible: return if not self.data.user: raise AccessViolation(DEF_PROPOSAL_NOT_PUBLIC_MSG) self.isProfileActive() # if the current user is the proposer, he or she may access it if self.data.user.key() == self.data.proposer_user.key(): return # all the mentors and org admins from the organization may access it if self.data.mentorFor(self.data.proposal_org): return raise AccessViolation(DEF_PROPOSAL_NOT_PUBLIC_MSG)
def isProgramActive(self): """Checks that the program is active. Active means 'visible' or 'inactive'. """ if not self.data.program: raise AccessViolation(DEF_NO_SUCH_PROGRAM_MSG) if self.data.program.status in ['visible', 'inactive']: return raise AccessViolation(DEF_PROGRAM_INACTIVE_MSG_FMT % self.data.program.name)
def canRespondToRequest(self): """Checks if the current user can accept/reject the request. """ assert isSet(self.data.request_entity) assert isSet(self.data.requester) # check if the entity represents an invitation if self.data.request_entity.type != 'Request': raise AccessViolation(DEF_NOT_VALID_REQUEST_MSG) # check if the entity can be responded if self.data.request_entity.status not in ['pending', 'rejected']: raise AccessViolation(DEF_NOT_VALID_REQUEST_MSG) # check if the user is an admin for the organization self.isOrgAdmin()
def jsonContext(self): list_content = AcceptedOrgsList(self.request, self.data).getListData() if not list_content: raise AccessViolation( 'You do not have access to this data') return list_content.content()
def jsonContext(self): """Handler for JSON requests. """ list_content = ProjectList(self.request, self.data).getListData() if not list_content: raise AccessViolation('You do not have access to this data') return list_content.content()
def isMentorForOrganization(self, org): """Checks if the user is a mentor for the specified organiztaion. """ self.isProfileActive() if self.data.mentorFor(org): return raise AccessViolation(DEF_NOT_MENTOR_MSG % org.name)
def isProfileActive(self): """Checks if the profile of the current user is active. """ self.isLoggedIn() if self.data.profile and self.data.profile.status == 'active': return raise AccessViolation(DEF_ROLE_INACTIVE_MSG)
def isHost(self): """Checks whether the current user has a host role. """ self.isLoggedIn() if self.data.is_host: return raise AccessViolation(DEF_NOT_HOST_MSG)
def notStudent(self): """Checks if the current user has a non-student profile. """ self.isProfileActive() if not self.data.student_info: return raise AccessViolation(DEF_IS_STUDENT_MSG)
def isOrgAdminForOrganization(self, org): """Checks if the user is an admin for the specified organiztaion. """ self.isProfileActive() if self.data.orgAdminFor(org): return raise AccessViolation(DEF_NOT_ADMIN_MSG % org.name)
def isProposalInURLValid(self): """Checks if the proposal in URL exists. """ assert isSet(self.data.proposal) if not self.data.proposal: error_msg = DEF_ID_BASED_ENTITY_NOT_EXISTS_MSG_FMT % { 'model': 'GSoCProposal', 'id': self.data.kwargs['id'] } raise AccessViolation(error_msg) if self.data.proposal.status == 'invalid': error_msg = DEF_ID_BASED_ENTITY_INVALID_MSG_FMT % { 'model': 'GSoCProposal', 'id': self.data.kwargs['id'], } raise AccessViolation(error_msg)
def isActiveStudent(self): """Checks if the user is an active student. """ self.isProfileActive() if self.data.student_info: return raise AccessViolation(DEF_IS_NOT_STUDENT_MSG)
def isUser(self): """Checks if the current user has an User entity. """ self.isLoggedIn() if self.data.user: return raise AccessViolation(DEF_NO_USER_LOGIN_MSG)
def isOrganizationInURLActive(self): """Checks if the organization in URL exists and if its status is active. """ assert isSet(self.data.organization) if not self.data.organization: error_msg = DEF_ORG_DOES_NOT_EXISTS_MSG_FMT % { 'link_id': self.data.kwargs['organization'], 'program': self.data.program.name } raise AccessViolation(error_msg) if self.data.organization.status != 'active': error_msg = DEF_ORG_NOT_ACTIVE_MSG_FMT % { 'name': self.data.organization.name, 'program': self.data.program.name } raise AccessViolation(error_msg)
def studentSignupActive(self): """Checks if the student signup period is active. """ self.isProgramActive() if self.data.timeline.studentSignup(): return raise AccessViolation(DEF_PAGE_INACTIVE_OUTSIDE_MSG_FMT % self.data.timeline.studentsSignupBetween())
def acceptedStudentsAnnounced(self): """Checks if the accepted students have been announced. """ self.isProgramActive() if self.data.timeline.studentsAnnounced(): return period = self.data.timeline.studentsAnnouncedOn() raise AccessViolation(DEF_PAGE_INACTIVE_BEFORE_MSG_FMT % period)
def notMentor(self): """Checks if the user is not a mentor. """ self.isProfileActive() assert isSet(self.data.organization) if not self.data.mentorFor(self.data.organization): return raise AccessViolation(DEF_ALREADY_MENTOR_MSG % self.data.organization.name)
def notOrgAdmin(self): """Checks if the user is not an admin. """ self.isProfileActive() assert isSet(self.data.organization) if not self.data.orgAdminFor(self.data.organization): return raise AccessViolation(DEF_ALREADY_ADMIN_MSG % self.data.organization.name)
def _isIdBasedEntityPresent(self, entity, id, model_name): """Checks if the entity is not None. """ if entity is not None: return error_msg = DEF_ID_BASED_ENTITY_NOT_EXISTS_MSG_FMT % { 'model': model_name, 'id': id, } raise AccessViolation(error_msg)
def isDeveloper(self): """Checks if the current user is a Developer. """ self.isUser() if self.data.user.is_developer: return if users.is_current_user_admin(): return raise AccessViolation(DEF_NOT_DEVELOPER_MSG)
def canViewDocument(self): """Checks if the specified user can see the document. """ assert isSet(self.data.document) if not self.data.document: raise NotFound(DEF_NO_DOCUMENT) if self.data.document.read_access == 'public': return raise AccessViolation(DEF_NOT_PUBLIC_DOCUMENT)
def canResubmitRequest(self): """Checks if the current user can resubmit the request. """ assert isSet(self.data.request_entity) assert isSet(self.data.requester) # check if the entity represents an invitation if self.data.request_entity.type != 'Request': raise AccessViolation(DEF_NOT_VALID_REQUEST_MSG) # only withdrawn requests may be resubmitted if self.data.request_entity.status != 'withdrawn': raise AccessViolation(DEF_NOT_VALID_REQUEST_MSG) # check if the request belongs to the current user if self.data.requester.key() != self.data.user.key(): error_msg = DEF_ENTITY_DOES_NOT_BELONG_TO_YOU % { 'model': 'Request' } raise AccessViolation(error_msg)
def canApplyNonStudent(self, role, edit_url): """Checks if the user can apply as a mentor or org admin. """ self.isLoggedIn() if self.data.profile and not self.data.profile.student_info: raise RedirectRequest(edit_url) if not self.data.profile: return raise AccessViolation(DEF_ALREADY_PARTICIPATING_AS_STUDENT_MSG % (role, self.data.program.name))
def jsonContext(self): """Handler for JSON requests. """ components = self._getActiveComponents() list_content = None for component in components: list_content = component.getListData() if list_content: break if not list_content: raise AccessViolation('You do not have access to this data') return list_content.content()
def canStudentPropose(self): """Checks if the student is eligible to submit a proposal. """ # check if the timeline allows submitting proposals self.studentSignupActive() # check how many proposals the student has already submitted fields = {'scope': self.data.profile} query = db.Query(StudentProposal) query.filter('scope = ', self.data.profile).ancestor(self.data.user) if query.count() >= self.data.program.apps_tasks_limit: # too many proposals access denied raise AccessViolation(DEF_MAX_PROPOSALS_REACHED)
def canApplyStudent(self, edit_url): """Checks if the user can apply as a student. """ self.isLoggedIn() if self.data.profile and self.data.profile.student_info: raise RedirectRequest(edit_url) self.studentSignupActive() if not self.data.profile: return raise AccessViolation(DEF_ALREADY_PARTICIPATING_AS_NON_STUDENT_MSG % self.data.program.name)
def checkAccess(self): """Access checks for GSoC Invite page. """ self.check.isProgramActive() # check if the current user has a profile, but is not a student self.check.notStudent() # check if the organization exists self.mutator.organizationFromKwargs() self.check.isOrganizationInURLActive() # check if the user is not already mentor role for the organization self.check.notMentor() # check if there is already a request query = db.Query(Request) query.filter('type = ', 'Request') query.filter('user = '******'group = ', self.data.organization) if query.get(): raise AccessViolation( 'You have already sent a request to this organization.')
def fail(self, message): """Raises an AccessViolation with the specified message. """ raise AccessViolation(message)