def get_rights_for_semester(user, semester_no, right_if_not_student=False):
"""
Check if the given user has enough privileges based on semester number for student maintainers
And if the user is a maintainer but not a student than it gives privileges according to the
requirements based on the value of param:right_if_not_student
:param user: the user whose privileges are being tested
:param semester_no: the minimum semester number in which rights are given
:param right_if_not_student: whether to give access to a maintainer user who is not a student
:return: True if the user has privileges, False otherwise
"""
student = get_role(person=user.person,
role_name='Student',
active_status=ActiveStatus.IS_ACTIVE,
silent=True)
maintainer = get_role(person=user.person,
role_name='Maintainer',
active_status=ActiveStatus.IS_ACTIVE,
silent=True)
if maintainer is not None:
if student is not None:
return student.current_semester > semester_no
return right_if_not_student
return False
def get_id(self, obj):
"""
Returns a unique identification ID for the logged in person
:param obj: an inst'isance of ResidentialInformation
:return: a unique identification ID for the logged in person
"""
role_student = get_role(
person=obj.person,
role_name='Student',
active_status=ActiveStatus.IS_ACTIVE,
silent=True,
)
role_faculty_member = get_role(
person=obj.person,
role_name='FacultyMember',
active_status=ActiveStatus.IS_ACTIVE,
silent=True,
)
if role_student is not None:
return obj.person.student.enrolment_number
elif role_faculty_member is not None:
return obj.person.facultymember.employee_id
else:
return obj.person.id
def get_object(self):
"""
Handles the object instance for displaying
"""
person = self.request.person
instance = None
if is_subscriber(person):
logger.info(
f'{person.user.username} requested profile information as subscriber'
)
instance = get_role(person,
'no_dues.Subscriber',
silent=True,
is_custom_role=True)
elif has_verifier_rights(person):
logger.info(
f'{person.user.username} requested profile information as verifier'
)
instance = get_role(person,
'no_dues.Verifier',
silent=True,
is_custom_role=True)
return instance
def get_queryset(self):
"""
This function overrides the default get_queryset function and displays
all the apt permissiond to the verifiers (who have verification rights).
Other users are displayed a list of their asked permissions.
:return: the corresponding queryset to the view accordingly
"""
result = []
person = self.request.person
if has_subscriber_rights(person):
logger.info(f'{person.user.username} get its permission list')
result = Permission.objects.filter(
subscriber__person=person).order_by('authority')
elif has_verifier_rights(person):
logger.info(
f'{person.user.username} gets all the no dues for its authority'
)
verifier = get_role(person,
'no_dues.Verifier',
silent=True,
is_custom_role=True)
result = Permission.objects.filter(
Q(authority=verifier.authority)
& ~(Q(status=NOT_REQUESTED))).order_by("-datetime_modified")
return result
def perform_update(self, serializer):
"""
This function overrides the perform_update function (invoked when PATCH
request is made). This handles the instance after it is updated.
"""
person = self.request.person
full_name = person.full_name
serializer.save()
instance = self.get_object()
status_display_name = instance.get_status_display()
verifier = get_role(person,
'no_dues.Verifier',
silent=True,
is_custom_role=True)
if verifier:
instance.last_modified_by = full_name
instance.save()
send_status_change_notification(instance)
# Add log for status update in form of a comment
comment = log_status_update(status_display_name, person)
instance.comments.add(comment)
instance.save()
def get_queryset(self):
"""
This function overrides the default get_queryset function and displays
all the queries to Maintainers (who have helpcentre rights). Other
users are displayed a list of their asked queries.
:return: the corresponding queryset to the view accordingly
"""
result = []
status = ''
person = self.request.user.person
if 'status' in self.request.query_params:
status = self.request.query_params['status']
if has_helpcentre_rights(self.request.user):
result = Query.objects.all().order_by('-datetime_modified')
if status == 'assigned':
maintainer = get_role(person, 'Maintainer', silent=True)
return result.filter(assignees=maintainer)
else:
result = Query.objects.filter(uploader=person).order_by(
'-datetime_modified'
)
if status == 'opened':
return result.filter(is_closed=False)
elif status == 'closed':
return result.filter(is_closed=True)
return result
def get_rights_for_semester(user, semester_no):
"""
Check if the given user has enough privileges based on semester number
:param user: the user whose privileges are being tested
:param semester_no: the minimum semester number in which rights are given
:return: True if the user has privileges, False otherwise
"""
student = get_role(person=user.person,
role_name='Student',
active_status=ActiveStatus.IS_ACTIVE,
silent=True)
maintainer = get_role(person=user.person,
role_name='Maintainer',
active_status=ActiveStatus.IS_ACTIVE,
silent=True)
if maintainer is not None:
return student.current_semester > semester_no
return False
def get_is_student(self, obj):
"""
Checks if the authenticated user is a student or not
:param obj: an instance of ResidentialInformation
:return: a boolean if the authenticated user is a student or not
"""
role_student = get_role(
person=obj.person,
role_name='Student',
active_status=ActiveStatus.IS_ACTIVE,
silent=True,
)
return role_student is not None
def latest_comment_by(self):
"""
Return if the last non-status change comment was by a subscriber or verifier
:return: the string to represent if the latest comment by a
subscriber or verifier
"""
latest_comment = self.comments.exclude(
text__startswith='Status changed').last()
if latest_comment is not None:
commenter = latest_comment.commenter
return 'verifier' if get_role(commenter, 'no_dues.Verifier',
silent=True, is_custom_role=True) \
is not None else 'subscriber'
return ''
def toggle_report(self, person):
"""
Toggle the report status of the given object for the given person
:param person: the person toggling his report against the object
"""
reported = False
if person in self.reporters.all():
self.reporters.remove(person)
else:
reported = True
self.reporters.add(person)
self.save()
if reported:
if get_role(person, "Maintainer", silent=True):
self.delete()
def post(self, request):
person = request.person
full_name = person.full_name
verifier = get_role(person,
'no_dues.Verifier',
silent=True,
is_custom_role=True)
authority = verifier.authority
enrolment_numbers = request.data.get('enrolment_numbers', [])
status = request.data.get('status', '')
if status not in [
APPROVED, NOT_APPLICABLE, APPROVED_ON_CONDITION, REPORTED
]:
logger.warn(
f'{person.user.username} tried to change the no dues to a not allowed status {status}'
)
return Response(
data={'Error': 'You cannot perform this operation.'},
status=HTTP_403_FORBIDDEN,
)
logger.info(
f'{person.user.username} started a mass status update to {status}')
report = list()
for enrolment_number in enrolment_numbers:
report_entity = dict()
report_entity['enrolment_number'] = enrolment_number
try:
subscriber = Subscriber.objects.get(
person__student__enrolment_number=enrolment_number)
except Exception as e:
report_entity['Status'] = 0
report_entity['Info'] = str(e)
report.append(report_entity)
continue
try:
permission, _ = Permission.objects.get_or_create(
subscriber=subscriber, authority=authority)
except Exception as e:
report_entity['Status'] = 0
report_entity['Info'] = str(e)
report.append(report_entity)
continue
permission.status = status
permission.last_modified_by = full_name
# Add log for status update in form of a comment
status_display_name = permission.get_status_display()
comment = log_status_update(status_display_name, person)
permission.comments.add(comment)
permission.save()
send_status_change_notification(permission)
report_entity['Status'] = 1
report_entity['Info'] = 'Success'
report.append(report_entity)
send_mass_change_report(report, verifier,
PERMISSION_STATUS_DICTIONARY[status])
total = len(report)
success = sum([report_entity['Status'] for report_entity in report])
failed = total - success
logger.info(f'Mass status update by {person.user.username} completed')
return Response(
data={
'total': total,
'success': success,
'failed': failed
},
status=HTTP_202_ACCEPTED,
)
def post(self, request):
person = request.person
subscriber = get_role(person,
'no_dues.Subscriber',
silent=True,
is_custom_role=True)
residences = request.data.get('residences', ['null_bhawan'])
mess = request.data.get('mess', 'null_mess')
logger.info(f'{request.user.username} requested to select authorities')
if not residences:
logger.warn(
f'{request.user.username} put a wrong format for residence')
return Response(
data={
'Error': 'Bad format for the required argument residences.'
},
status=HTTP_400_BAD_REQUEST,
)
for residence in residences:
if not [
item for item in RESIDENCES_EDITED_SLUG
if f'{item[0]}' == residence
]:
logger.warn(
f'{request.user.username} put a wrong key for residence')
return Response(
data={'Error': f'{residence} key not matched.'},
status=HTTP_400_BAD_REQUEST,
)
if mess and not [
item for item in MESS_EDITED_SLUG if f'{item[0]}' == mess
]:
logger.warn(f'{request.user.username} put a wrong key for mess')
return Response(
data={'Error': f'{mess} key not matched.'},
status=HTTP_400_BAD_REQUEST,
)
for residence in residences:
authority = Authority.objects.get(slug=residence)
permission, _ = Permission.objects.get_or_create(
subscriber=subscriber,
authority=authority,
)
if residence == 'null_bhawan':
permission.status = APPROVED
permission.save()
if mess:
authority = Authority.objects.get(slug=mess)
permission, _ = Permission.objects.get_or_create(
subscriber=subscriber,
authority=authority,
)
if mess == 'null_mess':
permission.status = APPROVED
permission.save()
subscriber.required_authorities_selected = True
subscriber.save()
logger.info(
f'{request.user.username} successfully set the residence and mess')
return Response(
data=SubscriberSerializer(subscriber).data,
status=HTTP_201_CREATED,
)
def has_permission(self, request, view):
return get_role(person=request.person,
role_name=role_name,
active_status=active_status,
silent=True) is not None