Exemplo n.º 1
0
    def members(self, request, *args, **kwargs):
        team = self.get_object()
        data = {}
        status_code = status.HTTP_200_OK

        if request.method in ['DELETE', 'POST']:
            username = request.DATA.get('username') or\
                request.QUERY_PARAMS.get('username')

            if username:
                try:
                    user = User.objects.get(username__iexact=username)
                except User.DoesNotExist:
                    status_code = status.HTTP_400_BAD_REQUEST
                    data['username'] = [
                        _(u"User `%(username)s` does not exist."
                          % {'username': username})]
                else:
                    if request.method == 'POST':
                        add_user_to_team(team, user)
                    elif request.method == 'DELETE':
                        remove_user_from_team(team, user)
                    status_code = status.HTTP_201_CREATED
            else:
                status_code = status.HTTP_400_BAD_REQUEST
                data['username'] = [_(u"This field is required.")]

        if status_code in [status.HTTP_200_OK, status.HTTP_201_CREATED]:
            data = [u.username for u in team.user_set.all()]

        return Response(data, status=status_code)
Exemplo n.º 2
0
    def members(self, request, *args, **kwargs):
        team = self.get_object()
        data = {}
        status_code = status.HTTP_200_OK

        if request.method in ['DELETE', 'POST']:
            username = request.DATA.get('username') or\
                request.QUERY_PARAMS.get('username')

            if username:
                try:
                    user = User.objects.get(username__iexact=username)
                except User.DoesNotExist:
                    status_code = status.HTTP_400_BAD_REQUEST
                    data['username'] = [
                        _(u"User `%(username)s` does not exist."
                          % {'username': username})]
                else:
                    if request.method == 'POST':
                        add_user_to_team(team, user)
                    elif request.method == 'DELETE':
                        remove_user_from_team(team, user)
                    status_code = status.HTTP_201_CREATED
            else:
                status_code = status.HTTP_400_BAD_REQUEST
                data['username'] = [_(u"This field is required.")]

        if status_code in [status.HTTP_200_OK, status.HTTP_201_CREATED]:
            data = [u.username for u in team.user_set.all()]

        return Response(data, status=status_code)
Exemplo n.º 3
0
def _set_organization_role_to_user(organization, user, role):
    role_cls = ROLES.get(role)
    role_cls.add(user, organization)

    owners_team = get_organization_owners_team(organization)

    # add the owner to owners team
    if role == OwnerRole.name:
        add_user_to_team(owners_team, user)

    if role != OwnerRole.name:
        remove_user_from_team(owners_team, user)
Exemplo n.º 4
0
    def test_add_project_perms_to_team(self):
        # create an org, user, team
        organization = self._create_organization("test org", self.user)
        user_deno = self._create_user('deno', 'deno')

        # add a member to the team
        team = tools.create_organization_team(organization, "test team")
        tools.add_user_to_team(team, user_deno)

        project = Project.objects.create(name="Test Project",
                                         organization=organization,
                                         created_by=user_deno,
                                         metadata='{}')

        # confirm that the team has no permissions
        self.assertFalse(team.groupobjectpermission_set.all())
        # set DataEntryRole role of project on team
        DataEntryRole.add(team, project)

        content_type = ContentType.objects.get(
            model=project.__class__.__name__.lower(),
            app_label=project.__class__._meta.app_label)

        object_permissions = team.groupobjectpermission_set.filter(
            object_pk=project.pk, content_type=content_type)

        permission_names = sorted(
            [p.permission.codename for p in object_permissions])
        self.assertEqual([
            CAN_EXPORT_PROJECT, CAN_ADD_SUBMISSIONS_PROJECT, CAN_VIEW_PROJECT
        ], permission_names)

        self.assertEqual(get_team_project_default_permissions(team, project),
                         DataEntryRole.name)

        # Add a new user
        user_sam = self._create_user('Sam', 'sammy_')

        self.assertFalse(user_sam.has_perm(CAN_VIEW_PROJECT, project))
        self.assertFalse(user_sam.has_perm(CAN_ADD_XFORM, project))

        # Add the user to the group
        tools.add_user_to_team(team, user_sam)

        # assert that team member has default perm set on team
        self.assertTrue(user_sam.has_perm(CAN_VIEW_PROJECT, project))

        # assert that removing team member revokes perms
        tools.remove_user_from_team(team, user_sam)
        self.assertFalse(user_sam.has_perm(CAN_VIEW_PROJECT, project))
        self.assertFalse(user_sam.has_perm(CAN_ADD_XFORM, project))
def _set_organization_role_to_user(organization, user, role):
    role_cls = ROLES.get(role)
    role_cls.add(user, organization)

    owners_team = get_organization_owners_team(organization)

    # add the owner to owners team
    if role == OwnerRole.name:
        add_user_to_team(owners_team, user)
        # add user to org projects
        for project in organization.user.project_org.all():
            ShareProject(project, user.username, role).save()

    if role != OwnerRole.name:
        remove_user_from_team(owners_team, user)
Exemplo n.º 6
0
    def test_add_project_perms_to_team(self):
        # create an org, user, team
        organization = self._create_organization("test org", self.user)
        user_deno = self._create_user("deno", "deno")

        # add a member to the team
        team = tools.create_organization_team(organization, "test team")
        tools.add_user_to_team(team, user_deno)

        project = Project.objects.create(
            name="Test Project", organization=organization, created_by=user_deno, metadata="{}"
        )

        # confirm that the team has no permissions
        self.assertFalse(team.groupobjectpermission_set.all())
        # set DataEntryRole role of project on team
        DataEntryRole.add(team, project)

        content_type = ContentType.objects.get(
            model=project.__class__.__name__.lower(), app_label=project.__class__._meta.app_label
        )

        object_permissions = team.groupobjectpermission_set.filter(object_pk=project.pk, content_type=content_type)

        permission_names = sorted([p.permission.codename for p in object_permissions])
        self.assertEqual([CAN_EXPORT_PROJECT, CAN_ADD_SUBMISSIONS_PROJECT, CAN_VIEW_PROJECT], permission_names)

        self.assertEqual(get_team_project_default_permissions(team, project), DataEntryRole.name)

        # Add a new user
        user_sam = self._create_user("Sam", "sammy_")

        self.assertFalse(user_sam.has_perm(CAN_VIEW_PROJECT, project))
        self.assertFalse(user_sam.has_perm(CAN_ADD_XFORM, project))

        # Add the user to the group
        tools.add_user_to_team(team, user_sam)

        # assert that team member has default perm set on team
        self.assertTrue(user_sam.has_perm(CAN_VIEW_PROJECT, project))

        # assert that removing team member revokes perms
        tools.remove_user_from_team(team, user_sam)
        self.assertFalse(user_sam.has_perm(CAN_VIEW_PROJECT, project))
        self.assertFalse(user_sam.has_perm(CAN_ADD_XFORM, project))
Exemplo n.º 7
0
def _check_set_role(request, organization, username, required=False):
    """
    Confirms the role and assigns the role to the organization
    """

    role = request.data.get('role')
    role_cls = ROLES.get(role)

    if not role or not role_cls:
        if required:
            message = (_(u"'%s' is not a valid role." %
                         role) if role else _(u"This field is required."))
        else:
            message = _(u"'%s' is not a valid role." % role)

        return status.HTTP_400_BAD_REQUEST, {'role': [message]}
    else:
        data, status_code = _update_username_role(organization, username,
                                                  role_cls)
        if status_code not in [status.HTTP_200_OK, status.HTTP_201_CREATED]:
            return (status_code, data)

        owners_team = get_organization_owners_team(organization)

        try:
            user = User.objects.get(username=username)
        except User.DoesNotExist:
            data = {
                'username': [
                    _(u"User `%(username)s` does not exist." %
                      {'username': username})
                ]
            }

            return (status.HTTP_400_BAD_REQUEST, data)

        # add the owner to owners team
        if role == OwnerRole.name:
            add_user_to_team(owners_team, user)

        if role != OwnerRole.name:
            remove_user_from_team(owners_team, user)

        return (status.HTTP_200_OK, []) if request.method == 'PUT' \
            else (status.HTTP_201_CREATED, [])
Exemplo n.º 8
0
    def test_add_project_perms_to_team(self):
        # create an org, user, team
        organization = self._create_organization("test org", self.user)
        user_deno = self._create_user('deno', 'deno')

        # add a member to the team
        team = tools.create_organization_team(organization, "test team")
        tools.add_user_to_team(team, user_deno)

        project = Project.objects.create(name="Test Project",
                                         organization=organization,
                                         created_by=user_deno,
                                         metadata='{}')

        # confirm that the team has no permissions on project
        self.assertFalse(get_perms(team, project))
        # set DataEntryRole role of project on team
        DataEntryRole.add(team, project)

        self.assertEqual([CAN_EXPORT_PROJECT, CAN_ADD_SUBMISSIONS_PROJECT,
                          CAN_VIEW_PROJECT, CAN_VIEW_PROJECT_ALL,
                          CAN_VIEW_PROJECT_DATA],
                         sorted(get_perms(team, project)))

        self.assertEqual(get_team_project_default_permissions(team, project),
                         DataEntryRole.name)

        # Add a new user
        user_sam = self._create_user('Sam', 'sammy_')

        self.assertFalse(user_sam.has_perm(CAN_VIEW_PROJECT, project))
        self.assertFalse(user_sam.has_perm(CAN_ADD_XFORM, project))

        # Add the user to the group
        tools.add_user_to_team(team, user_sam)

        # assert that team member has default perm set on team
        self.assertTrue(user_sam.has_perm(CAN_VIEW_PROJECT, project))

        # assert that removing team member revokes perms
        tools.remove_user_from_team(team, user_sam)
        self.assertFalse(user_sam.has_perm(CAN_VIEW_PROJECT, project))
        self.assertFalse(user_sam.has_perm(CAN_ADD_XFORM, project))
Exemplo n.º 9
0
    def test_add_project_perms_to_team(self):
        # create an org, user, team
        organization = self._create_organization("test org", self.user)
        user_deno = self._create_user('deno', 'deno')

        # add a member to the team
        team = tools.create_organization_team(organization, "test team")
        tools.add_user_to_team(team, user_deno)

        project = Project.objects.create(name="Test Project",
                                         organization=organization,
                                         created_by=user_deno,
                                         metadata='{}')

        # confirm that the team has no permissions on project
        self.assertFalse(get_perms(team, project))
        # set DataEntryRole role of project on team
        DataEntryRole.add(team, project)

        self.assertEqual([
            CAN_EXPORT_PROJECT, CAN_ADD_SUBMISSIONS_PROJECT, CAN_VIEW_PROJECT,
            CAN_VIEW_PROJECT_ALL, CAN_VIEW_PROJECT_DATA
        ], sorted(get_perms(team, project)))

        self.assertEqual(get_team_project_default_permissions(team, project),
                         DataEntryRole.name)

        # Add a new user
        user_sam = self._create_user('Sam', 'sammy_')

        self.assertFalse(user_sam.has_perm(CAN_VIEW_PROJECT, project))
        self.assertFalse(user_sam.has_perm(CAN_ADD_XFORM, project))

        # Add the user to the group
        tools.add_user_to_team(team, user_sam)

        # assert that team member has default perm set on team
        self.assertTrue(user_sam.has_perm(CAN_VIEW_PROJECT, project))

        # assert that removing team member revokes perms
        tools.remove_user_from_team(team, user_sam)
        self.assertFalse(user_sam.has_perm(CAN_VIEW_PROJECT, project))
        self.assertFalse(user_sam.has_perm(CAN_ADD_XFORM, project))
def _check_set_role(request, organization, username, required=False):
    """
    Confirms the role and assigns the role to the organization
    """

    role = request.DATA.get('role')
    role_cls = ROLES.get(role)

    if not role or not role_cls:
        if required:
            message = (_(u"'%s' is not a valid role." % role) if role
                       else _(u"This field is required."))
        else:
            message = _(u"'%s' is not a valid role." % role)

        return status.HTTP_400_BAD_REQUEST, {'role': [message]}
    else:
        _update_username_role(organization, username, role_cls)

        owners_team = get_organization_owners_team(organization)

        try:
            user = User.objects.get(username=username)
        except User.DoesNotExist:
            data = {'username': [_(u"User `%(username)s` does not exist."
                                   % {'username': username})]}

            return (status.HTTP_400_BAD_REQUEST, data)

        # add the owner to owners team
        if role == OwnerRole.name:
            add_user_to_team(owners_team, user)

        if role != OwnerRole.name:
            remove_user_from_team(owners_team, user)

        return (status.HTTP_200_OK, []) if request.method == 'PUT' \
            else (status.HTTP_201_CREATED, [])