def get_governance_data(request, target):
client = Client(actor=request.user)
default_target = client.Community.get_community(community_pk=target)
client.update_target_on_all(target=default_target)
roles = [{
'name': role_name,
'current_members': role_data
} for role_name, role_data in client.Community.get_custom_roles().items()]
governance_data = {
# leadership info
"owners":
client.Community.target.roles.get_owners(),
"governors":
client.Community.target.roles.get_governors(),
"governance_info":
json.dumps(client.Community.get_governance_info_as_text()),
# role/member info
"roles":
roles,
"current_members":
[member.pk for member in client.Community.get_members()],
"users": [{
'name': person.username,
'pk': person.pk
} for person in User.objects.all()]
}
return JsonResponse({"governance_data": governance_data})
def add_permission(request,
target,
permission_type,
item_or_role,
permission_actors=None,
permission_roles=None,
item_id=None,
item_model=None,
condition_data=None):
if item_or_role == "item": # If an item has been passed in, make it the target
model_class = get_model(item_model)
target = model_class.objects.get(pk=item_id)
if item_or_role == "role": # Otherwise the role the community is set on is the target
target = Client(actor=request.user).Community.get_community(
community_pk=target)
client = Client(actor=request.user, target=target)
action, result = client.PermissionResource.add_permission(
change_type=permission_type,
actors=permission_actors,
roles=permission_roles,
condition_data=condition_data)
action_dict = get_action_dict(action)
permission_info = get_permission_info(
result) if action.status == "implemented" else None
action_dict.update({
"permission": permission_info,
"item_id": item_id,
"item_model": item_model
})
return JsonResponse(action_dict)
def has_permission(action):
"""has_permission directs the flow of logic in the permissions pipeline. It returns information about
whether the action has permsision to take the action and if there are any conditions that need to be
triggered. It does not change the database or alter the action; instead, all information is passed back
via a list of dictionaries (one for each pipeline).
We preferentially enter the foundational pipeline if applicable. Otherwise we try the governing pipeline.
If not approved by governing pipeline, we try the specific pipeline."""
client = Client()
community = client.Community.get_owner(owned_object=action.target)
client.update_target_on_all(target=community)
if is_foundational(action):
return [foundational_permission_pipeline(action, client, community)]
if action.target.governing_permission_enabled:
governing_dict = governing_permission_pipeline(action, client,
community)
if governing_dict.status == "approved":
return [governing_dict]
else:
return [
governing_dict,
specific_permission_pipeline(action, client)
]
return [specific_permission_pipeline(action, client)]
def get_lists(request, target):
client = Client(actor=request.user)
target = client.Community.get_community(community_pk=target)
client.update_target_on_all(target=target)
lists = client.List.get_all_lists_given_owner(owner=target)
serialized_lists = serialize_lists_for_vue(lists)
return JsonResponse({"lists": serialized_lists})
def get_forum_data(request, target):
client = Client(actor=request.user)
default_target = client.Community.get_community(community_pk=target)
client.update_target_on_all(target=default_target)
return JsonResponse({
"forums":
serialize_forums_for_vue(client.Forum.get_forums_owned_by_target())
})
def get_forums(request, target):
client = Client(actor=request.user)
target = client.Community.get_community(community_pk=target)
client.update_target_on_all(target=target)
forums = client.Forum.get_forums_owned_by_target()
forum_list = serialize_forums_for_vue(forums)
return JsonResponse({"forums": forum_list})
def get_documents(request, target):
client = Client(actor=request.user)
target = client.Community.get_community(community_pk=target)
client.update_target_on_all(target=target)
docs = client.Document.get_all_documents_given_owner(owner=target)
serialized_docs = serialize_documents_for_vue(docs)
return JsonResponse({"documents": serialized_docs})
def delete_permission(request, target, permission_id):
client = Client(actor=request.user, target=target)
permission = client.PermissionResource.get_permission(pk=permission_id)
client.update_target_on_all(permission)
# now remove permission
action, result = client.PermissionResource.remove_permission()
action_dict = get_action_dict(action)
action_dict.update({"removed_permission_pk": permission_id})
return JsonResponse(action_dict)
def update_vote_condition(request):
request_data = json.loads(request.body.decode('utf-8'))
condition_pk = request_data.get("condition_pk", None)
action_to_take = request_data.get("action_to_take", None)
voteClient = Client(actor=request.user).Conditional.\
get_condition_as_client(condition_type="VoteCondition", pk=condition_pk)
action, result = voteClient.vote(vote=action_to_take)
return JsonResponse(get_action_dict(action))
def create_group(request):
request_data = json.loads(request.body.decode('utf-8'))
group_name = request_data.get("group_name")
group_description = request_data.get("group_description")
client = Client(actor=request.user)
community = client.Community.create_community(name=group_name)
# add description - need to do this separately as create_community is a Concord method that doesn't know about the
# Group description field
client.update_target_on_all(community)
client.Group.edit_group(description=group_description)
return JsonResponse({"group_pk": community.pk})
def check_permissions(request, target, permissions):
"""
Recieves a list of dicts, permissions. Each has a method name and, optionally, parameters and
an alias. For each permission, check if we have it. Store result under alias if supplied.
Returns a list of permission names with boolean values indicating whether user has the permissions."""
client = Client(actor=request.user)
default_target = client.Community.get_community(community_pk=target)
client.update_target_on_all(target=default_target)
permission_dict = {}
for permission_name, params in permissions.items():
pass_in_client = Client(actor=request.user, target=default_target)
alt_target = get_alt_target(client, params)
if alt_target == "action":
permission_dict.update({permission_name: True})
continue
if alt_target is not None:
pass_in_client.update_target_on_all(alt_target)
result = client.PermissionResource.has_permission(
pass_in_client, permission_name, params, exclude_conditional=True)
permission_dict.update({permission_name: result})
return JsonResponse({"user_permissions": permission_dict})
def get_conditional_data(request):
request_data = json.loads(request.body.decode('utf-8'))
condition_pk = request_data.get("condition_pk", None)
condition_type = request_data.get("condition_type", None)
client = Client(actor=request.user)
condition = client.Conditional.get_condition_item(
condition_pk=condition_pk, condition_type=condition_type)
# for permission on condition, does user have permission?
permission_details = {}
for permission in client.PermissionResource.get_permissions_on_object(
target_object=condition):
has_permission = client.PermissionResource.actor_satisfies_permission(
actor=request.user, permission=permission)
permission_details.update({permission.change_type: has_permission})
permission_details.update({
'user_condition_status':
condition.user_condition_status(user=request.user)
})
return JsonResponse({
"permission_details": permission_details,
"condition_details": {
"status": condition.condition_status(),
"display_status": condition.display_status(),
"fields": condition.display_fields()
}
})
def update_permission(request,
target,
permission_id,
permission_actors=None,
permission_roles=None):
client = Client(actor=request.user)
target_permission = client.PermissionResource.get_permission(
pk=permission_id)
actions = []
if permission_actors:
actor_actions = client.PermissionResource.update_actors_on_permission(
actor_data=permission_actors, permission=target_permission)
actions += actor_actions
if permission_roles:
role_actions = client.PermissionResource.update_roles_on_permission(
role_data=permission_roles, permission=target_permission)
actions += role_actions
action_dict = get_multiple_action_dicts(actions)
permission = client.PermissionResource.get_permission(
pk=permission_id) # get refreshed version
permission_info = get_permission_info(permission)
action_dict.update({"permission": permission_info})
return JsonResponse(action_dict)
def update_consensus_condition(request):
request_data = json.loads(request.body.decode('utf-8'))
condition_pk = request_data.get("condition_pk", None)
action_to_take = request_data.get("action_to_take", None)
response = request_data.get("response", None)
consensusClient = Client(actor=request.user).Conditional.\
get_condition_as_client(condition_type="ConsensusCondition", pk=condition_pk)
if action_to_take == "respond":
action, result = consensusClient.respond(response=response)
elif action_to_take == "resolve":
action, result = consensusClient.resolve()
return JsonResponse(get_action_dict(action))
def process_action(action):
"""Method for getting action data. The action provided is always valid."""
if action.status == "implemented":
action_verb = ""
follow_up = f"They did so because they have the permission {action.approved_through()}."
else:
action_verb = "tried to "
follow_up = ""
action_time = action.created_at.strftime("%b %d %Y %I:%M%p")
if action.target:
action_description = f"{action.change.description_past_tense()} {action.target.get_name()}"
else:
action_description = action.change.description_past_tense()
action_string = f"At {action_time}, {action.actor.username} {action_verb}{action_description}. {follow_up}"
conditions = Client().Conditional.get_condition_items_for_action(
action_pk=action.pk)
is_template = action.change.get_change_type() == Changes(
).Actions.ApplyTemplate
template_info = action.get_template_info()
if is_template:
template_info["full_description"] = TemplateModel.objects.get(
name=template_info["name"]).user_description
return {
"action_pk": action.pk,
"action_target_pk": action.object_id,
"action_target_model":
action.target.__class__.__name__, # will this work???
"action_target_content_type": action.content_type.pk,
"description": action.get_description(with_actor=False,
with_target=False),
"created": str(action.created_at),
"change_type": action.change.short_name(),
"display_date": action_time,
"actor": action.actor.username,
"actor_pk": action.actor.pk,
"status": action.status,
"note": action.note,
"resolution_passed_by": action.approved_through(),
"display": action_string,
"is_template": is_template,
"template_description": template_info,
"has_condition": {
"exists":
True if conditions else False,
"conditions": [{
"pk":
condition.pk,
"type":
condition.__class__.__name__,
"passing_description":
condition.description_for_passing_condition()
} for condition in conditions]
}
}
def get_condition_as_client(self, *, condition_type: str, pk: int) -> BaseClient:
"""Given a condition type and pk, gets that condition object and returns it wrapped in a client.
Note: condition type MUST be capitalized to match the client name."""
client = getattr(Client(actor=self.actor), condition_type, None)
if not client:
raise ValueError(f"No client '{condition_type}', must be one of: {', '.join(Client().client_names)}")
client.set_target(target=self.get_condition_item(condition_pk=pk, condition_type=condition_type.lower()))
return client
def get_actions(self):
"""Provides a helper method for getting actions.
Returns all actions targeting the instance of the subclass which has inherited from
`PermissionedModel`."""
from concord.utils.helpers import Client
client = Client()
return client.Action.get_action_history_given_target(target=self)
def get_action_data(request):
request_data = json.loads(request.body.decode('utf-8'))
action_pk = request_data.get("action_pk", None)
action = Client(actor=request.user).Action.get_action_given_pk(action_pk)
return JsonResponse({"action_data": process_action(action)})
def take_action(request, target, request_data):
# request_data = json.loads(request.body.decode('utf-8'))
client = Client(actor=request.user)
# set target as community, unless alt_target is provided
alt_target = request_data.pop("alt_target", None)
if alt_target:
model, pk = alt_target.split("_")
target = client.Action.get_object_given_model_and_pk(
model, int(pk), include_actions=True)
client.update_target_on_all(target=target)
else:
target = client.Community.get_community(community_pk=target)
client.update_target_on_all(target=target)
data_to_return = request_data.pop("data_to_return", None)
extra_data = request_data.pop("extra_data", None)
proposed = extra_data.pop("proposed", None) if extra_data else None
# actually call backend method to take action
action_name = request_data.pop('action_name')
method = client.get_method(action_name)
action, result = method(proposed=proposed, **request_data)
note = extra_data.pop("note", None) if extra_data else None
if note:
action.note = note
action.save()
return JsonResponse(
process_taken_action(action, result, target, data_to_return))
def get_post(request, target):
request_data = json.loads(request.body.decode('utf-8'))
post_pk = request_data.get("post_pk")
client = Client(actor=request.user)
post = client.Forum.get_post_given_pk(pk=post_pk)
return JsonResponse({'post': serialize_post_for_vue(post)})
def get_forum(request, target):
request_data = json.loads(request.body.decode('utf-8'))
forum_pk = request_data.get("forum_pk")
client = Client(actor=request.user)
forum = client.Forum.get_forum_given_pk(forum_pk)
return JsonResponse({'forum_data': serialize_forum_for_vue(forum)})
def create_conditions(action, matches):
managers = []
for match in matches:
if match.unresolved:
managers += match.get_condition_managers()
Client().Conditional.create_conditions_for_action(
action=action, condition_managers=managers)
def get_templates_for_scope(request, target, scope):
client = Client(actor=request.user)
templates = client.Template.get_templates_for_scope(scope=scope)
template_dict = [
serialize_template_for_vue(template, pk_as_key=False)
for template in templates
]
response_dict = {'templates': template_dict, 'scope': scope}
return JsonResponse(response_dict)
def user_approval_match(user, action):
"""Checks if the given action has triggered a decision-making condition and, if so, checks whether the
given user is eligible to participate in that decision."""
time.sleep(
5) # give action time to go through pipeline & create conditions
for condition in Client().Conditional.get_condition_items_for_action(
action_pk=action.pk):
permissions = Client().PermissionResource.get_permissions_on_object(
target_object=condition)
for permission in permissions:
match = Client().PermissionResource.actor_satisfies_permission(
actor=user, permission=permission)
if match:
return True
return False
def apply_template(request,
target,
target_pk,
target_model,
template_model_pk,
supplied_fields=None):
client = Client(actor=request.user)
# get target
target = client.Action.get_object_given_model_and_pk(
target_model, int(target_pk))
client.update_target_on_all(target)
action, result = client.Template.apply_template(
template_model_pk=template_model_pk, supplied_fields=supplied_fields)
action_dict = get_action_dict(action)
return JsonResponse(action_dict)
def role_in_permissions(self, permission, actor):
"""Checks for role in permission and returns True if it exists. Checks in permissions
which are nested on this permission as well."""
role_references = []
if permission.has_role(role=self.role_name):
role_references.append(permission)
client = Client(actor=actor, target=permission)
for permission in client.PermissionResource.get_all_permissions():
role_references += self.role_in_permissions(permission, actor)
return role_references
def check_permission(request,
target,
permission_name,
alt_target=None,
params=None):
client = Client(actor=request.user)
if alt_target:
target_to_use = get_alt_target2(client, alt_target)
else:
target_to_use = client.Community.get_community(community_pk=target)
client.update_target_on_all(target=target_to_use)
result = client.PermissionResource.has_permission(client,
permission_name,
params,
exclude_conditional=True)
return JsonResponse({"user_permissions": {permission_name: result}})
def toggle_anyone(request, target):
request_data = json.loads(request.body.decode('utf-8'))
permission_id = request_data.get("permission_id")
enable_or_disable = request_data.get("enable_or_disable")
client = Client(actor=request.user)
target = client.PermissionResource.get_permission(pk=permission_id)
client.update_target_on_all(target=target)
if enable_or_disable == "enable":
action, result = client.PermissionResource.give_anyone_permission()
elif enable_or_disable == "disable":
action, result = client.PermissionResource.remove_anyone_from_permission(
)
action_dict = get_action_dict(action)
action_dict.update({"permission": get_permission_info(result)})
return JsonResponse(action_dict)
def get_json_data(self):
post_data = []
for post in self.post_set.all():
comment_data = [comment.export() for comment in Client(target=post).Comment.get_all_comments_on_target()]
post_data.append({
"title": post.title,
"content": post.content,
"created": str(post.created),
"author": post.author.username,
"comments": comment_data
})
return json.dumps({"name": self.name, "description": self.description, "posts": post_data})
def delete_permissions_on_target(target):
"""Given a target PermissionedModel object, find all permissions set on it and delete them."""
from concord.utils.helpers import Client
client = Client(target=target)
permissions = client.PermissionResource.get_permissions_on_object(target_object=target)
for permission in permissions:
delete_permissions_on_target(permission)
logging.info(f"Deleting {permission}")
permission.delete()
