def is_user_permitted_to_validate(project_id, user_id):
""" Check if the user is allowed to validate on the project in scope """
if UserService.is_user_blocked(user_id):
return False, ValidatingNotAllowed.USER_NOT_ON_ALLOWED_LIST
project = ProjectService.get_project_by_id(project_id)
if project.license_id:
if not UserService.has_user_accepted_license(user_id, project.license_id):
return False, ValidatingNotAllowed.USER_NOT_ACCEPTED_LICENSE
validation_permission = project.validation_permission
# is_admin or is_author or is_org_manager or is_manager_team
is_manager_permission = False
if ProjectAdminService.is_user_action_permitted_on_project(user_id, project_id):
is_manager_permission = True
# Draft (public/private) accessible only for is_manager_permission
if (
ProjectStatus(project.status) == ProjectStatus.DRAFT
and not is_manager_permission
):
return False, ValidatingNotAllowed.PROJECT_NOT_PUBLISHED
is_restriction = None
if not is_manager_permission and validation_permission:
is_restriction = ProjectService.evaluate_validation_permission(
project_id, user_id, validation_permission
)
tasks = Task.get_locked_tasks_for_user(user_id)
if len(tasks.locked_tasks) > 0:
return False, ValidatingNotAllowed.USER_ALREADY_HAS_TASK_LOCKED
is_allowed_user = None
if project.private and not is_manager_permission:
# Check if user is in allowed user list
is_allowed_user = ProjectService.is_user_in_the_allowed_list(
project.allowed_users, user_id
)
if is_allowed_user:
return True, "User allowed to validate"
if not is_manager_permission and is_restriction:
return is_restriction
elif project.private and not (
is_manager_permission or is_allowed_user or not is_restriction
):
return False, ValidatingNotAllowed.USER_NOT_ON_ALLOWED_LIST
return True, "User allowed to validate"
def is_user_permitted_to_validate(project_id, user_id):
""" Check if the user is allowed to validate on the project in scope """
if UserService.is_user_blocked(user_id):
return False, ValidatingNotAllowed.USER_NOT_ON_ALLOWED_LIST
project = ProjectService.get_project_by_id(project_id)
if project.license_id:
if not UserService.has_user_accepted_license(user_id, project.license_id):
return False, ValidatingNotAllowed.USER_NOT_ACCEPTED_LICENSE
validation_permission = project.validation_permission
is_manager_permission = False
# is_admin or is_author or is_org_manager or is_manager_team
if ProjectAdminService.is_user_action_permitted_on_project(user_id, project_id):
is_manager_permission = True
if (
ProjectStatus(project.status) != ProjectStatus.PUBLISHED
and not is_manager_permission
):
return False, ValidatingNotAllowed.PROJECT_NOT_PUBLISHED
tasks = Task.get_locked_tasks_for_user(user_id)
if len(tasks.locked_tasks) > 0:
return False, ValidatingNotAllowed.USER_ALREADY_HAS_TASK_LOCKED
if project.private and not is_manager_permission:
# Check user is in allowed users
try:
next(user for user in project.allowed_users if user.id == user_id)
except StopIteration:
return False, ValidatingNotAllowed.USER_NOT_ON_ALLOWED_LIST
is_restriction = ProjectService.evaluate_validation_permission(
project_id, user_id, validation_permission
)
if is_restriction:
return is_restriction
if project.validation_permission and not is_manager_permission:
is_restriction = ProjectService.evaluate_validation_permission(
project_id, user_id, validation_permission
)
if is_restriction:
return is_restriction
return True, "User allowed to validate"
def post_message(chat_dto: ChatMessageDTO, project_id: int,
authenticated_user_id: int) -> ProjectChatDTO:
""" Save message to DB and return latest chat"""
current_app.logger.debug("Posting Chat Message")
if UserService.is_user_blocked(authenticated_user_id):
raise ValueError("User is on read only mode")
project = ProjectService.get_project_by_id(project_id)
is_allowed_user = True
is_manager_permission = ProjectAdminService.is_user_action_permitted_on_project(
authenticated_user_id, project_id)
is_team_member = False
# Draft (public/private) accessible only for is_manager_permission
if (ProjectStatus(project.status) == ProjectStatus.DRAFT
and not is_manager_permission):
raise ValueError("User not permitted to post Comment")
if project.private:
is_allowed_user = False
if not is_manager_permission:
allowed_roles = [
TeamRoles.PROJECT_MANAGER.value,
TeamRoles.VALIDATOR.value,
TeamRoles.MAPPER.value,
]
is_team_member = TeamService.check_team_membership(
project_id, allowed_roles, authenticated_user_id)
if not is_team_member:
is_allowed_user = (len([
user for user in project.allowed_users
if user.id == authenticated_user_id
]) > 0)
if is_manager_permission or is_team_member or is_allowed_user:
chat_message = ProjectChat.create_from_dto(chat_dto)
MessageService.send_message_after_chat(chat_dto.user_id,
chat_message.message,
chat_dto.project_id)
db.session.commit()
# Ensure we return latest messages after post
return ProjectChat.get_messages(chat_dto.project_id, 1)
else:
raise ValueError("User not permitted to post Comment")
def is_user_permitted_to_map(project_id: int, user_id: int):
""" Check if the user is allowed to map the on the project in scope """
if UserService.is_user_blocked(user_id):
return False, MappingNotAllowed.USER_NOT_ON_ALLOWED_LIST
project = ProjectService.get_project_by_id(project_id)
mapping_permission = project.mapping_permission
if ProjectStatus(
project.status
) != ProjectStatus.PUBLISHED and not ProjectAdminService.is_user_action_permitted_on_project(
user_id, project_id):
return False, MappingNotAllowed.PROJECT_NOT_PUBLISHED
tasks = Task.get_locked_tasks_for_user(user_id)
if len(tasks.locked_tasks) > 0:
return False, MappingNotAllowed.USER_ALREADY_HAS_TASK_LOCKED
if project.private:
# Check user is in allowed users
try:
next(user for user in project.allowed_users
if user.id == user_id)
except StopIteration:
return False, MappingNotAllowed.USER_NOT_ON_ALLOWED_LIST
is_restriction = ProjectService.evaluate_mapping_permission(
project_id, user_id, mapping_permission)
if is_restriction:
return is_restriction
if project.mapping_permission:
is_restriction = ProjectService.evaluate_mapping_permission(
project_id, user_id, mapping_permission)
if is_restriction:
return is_restriction
if project.license_id:
if not UserService.has_user_accepted_license(
user_id, project.license_id):
return False, MappingNotAllowed.USER_NOT_ACCEPTED_LICENSE
return True, "User allowed to map"
def post_message(
chat_dto: ChatMessageDTO, project_id: int, authenticated_user_id: int
) -> ProjectChatDTO:
""" Save message to DB and return latest chat"""
current_app.logger.debug("Posting Chat Message")
if UserService.is_user_blocked(authenticated_user_id):
return ValueError("User is on read only mode")
project = ProjectService.get_project_by_id(project_id)
if project.private:
author_id = project.author_id
allowed_roles = [
TeamRoles.PROJECT_MANAGER.value,
TeamRoles.VALIDATOR.value,
TeamRoles.MAPPER.value,
]
is_admin = UserService.is_user_an_admin(authenticated_user_id)
is_author = UserService.is_user_the_project_author(
authenticated_user_id, author_id
)
is_org_manager = False
if hasattr(project, "organisation_id") and project.organisation_id:
org_id = project.organisation_id
org = OrganisationService.get_organisation_by_id_as_dto(
org_id, authenticated_user_id
)
if org.is_manager:
is_org_manager = True
is_team_member = None
if hasattr(project, "project_teams") and project.project_teams:
teams_dto = TeamService.get_project_teams_as_dto(project_id)
if teams_dto.teams:
teams_allowed = [
team_dto
for team_dto in teams_dto.teams
if team_dto.role in allowed_roles
]
user_membership = [
team_dto.team_id
for team_dto in teams_allowed
if TeamService.is_user_member_of_team(
team_dto.team_id, authenticated_user_id
)
]
if user_membership:
is_team_member = True
for user in project.allowed_users:
if user.id == authenticated_user_id:
is_allowed_user = True
break
if (
is_admin
or is_author
or is_org_manager
or is_team_member
or is_allowed_user
):
chat_message = ProjectChat.create_from_dto(chat_dto)
MessageService.send_message_after_chat(
chat_dto.user_id, chat_message.message, chat_dto.project_id
)
db.session.commit()
# Ensure we return latest messages after post
return ProjectChat.get_messages(chat_dto.project_id, 1)
else:
raise ValueError("User not permitted to post Comment")
else:
chat_message = ProjectChat.create_from_dto(chat_dto)
MessageService.send_message_after_chat(
chat_dto.user_id, chat_message.message, chat_dto.project_id
)
db.session.commit()
# Ensure we return latest messages after post
return ProjectChat.get_messages(chat_dto.project_id, 1)
def post(self, project_id):
"""
Add a message to project chat
---
tags:
- comments
produces:
- application/json
parameters:
- in: header
name: Authorization
description: Base64 encoded session token
required: true
type: string
default: Token sessionTokenHere==
- name: project_id
in: path
description: Project ID to attach the chat message to
required: true
type: integer
default: 1
- in: body
name: body
required: true
description: JSON object for creating a new mapping license
schema:
properties:
message:
type: string
default: This is an awesome project
responses:
201:
description: Message posted successfully
400:
description: Invalid Request
500:
description: Internal Server Error
"""
if UserService.is_user_blocked(tm.authenticated_user_id):
return "User is on read only mode", 403
try:
chat_dto = ChatMessageDTO(request.get_json())
chat_dto.user_id = tm.authenticated_user_id
chat_dto.project_id = project_id
chat_dto.validate()
except DataError as e:
current_app.logger.error(f"Error validating request: {str(e)}")
return {"Error": "Unable to add chat message"}, 400
try:
project_messages = ChatService.post_message(
chat_dto, project_id, tm.authenticated_user_id)
return project_messages.to_primitive(), 201
except ValueError as e:
error_msg = f"CommentsProjectsRestAPI POST: {str(e)}"
return {"Error": error_msg}, 403
except Exception as e:
error_msg = f"Chat POST - unhandled error: {str(e)}"
current_app.logger.critical(error_msg)
return {"Error": "Unable to add chat message"}, 500