def _deserialize(self, value, attr, data):
try:
return set(principal_from_identifier(identifier,
allow_groups=self.allow_groups,
allow_external_users=self.allow_external_users)
for identifier in value)
except ValueError as exc:
raise ValidationError(unicode(exc))
def _deserialize(self, value, attr, data):
if value is None:
return None
try:
return principal_from_identifier(value,
allow_groups=self.allow_groups,
allow_external_users=self.allow_external_users)
except ValueError as exc:
raise ValidationError(unicode(exc))
def _deserialize(self, value, attr, data):
if value is None:
return None
try:
return principal_from_identifier(
value,
allow_groups=self.allow_groups,
allow_external_users=self.allow_external_users)
except ValueError as exc:
raise ValidationError(unicode(exc))
def _deserialize(self, value, attr, data):
try:
return set(
principal_from_identifier(
identifier,
allow_groups=self.allow_groups,
allow_external_users=self.allow_external_users,
allow_event_roles=self.allow_event_roles,
event_id=self.event_id) for identifier in value)
except ValueError as exc:
raise ValidationError(unicode(exc))
def _deserialize(self, value, attr, data):
try:
return {
identifier: principal_from_identifier(
identifier,
allow_groups=self.allow_groups,
allow_external_users=self.allow_external_users)
for identifier in value
}
except ValueError as exc:
raise ValidationError(unicode(exc))
def _convert_principal(self, principal):
event_id = self._event.id if self._event else None
return principal_from_identifier(
principal,
event_id=event_id,
allow_groups=self.allow_groups,
allow_external_users=self.allow_external_users,
allow_event_roles=self.allow_event_roles,
allow_category_roles=self.allow_category_roles,
allow_registration_forms=self.allow_registration_forms,
allow_emails=self.allow_emails)
def _deserialize(self, value, attr, data):
try:
return {identifier: principal_from_identifier(identifier,
allow_groups=self.allow_groups,
allow_external_users=self.allow_external_users,
allow_event_roles=self.allow_event_roles,
allow_category_roles=self.allow_category_roles,
event_id=self.event_id,
soft_fail=True)
for identifier in value}
except ValueError as exc:
raise ValidationError(unicode(exc))
def notify_host_start_url(vc_room):
from indico_vc_zoom.plugin import ZoomPlugin
user = principal_from_identifier(vc_room.data['host'])
to_list = {user.email}
template_module = get_template_module(
'vc_zoom:emails/notify_start_url.html',
plugin=ZoomPlugin.instance,
vc_room=vc_room,
user=user)
email = make_email(to_list, template=template_module, html=True)
send_email(email)
def _deserialize(self, value, attr, data):
event_id = None
if self.allow_event_roles or self.allow_category_roles:
event_id = self.context['event'].id
try:
return set(
principal_from_identifier(
identifier,
allow_groups=self.allow_groups,
allow_external_users=self.allow_external_users,
allow_event_roles=self.allow_event_roles,
allow_category_roles=self.allow_category_roles,
event_id=event_id) for identifier in value)
except ValueError as exc:
raise ValidationError(unicode(exc))
def validate_permissions(self, field):
for principal_fossil, permissions in field.data:
principal = principal_from_identifier(
principal_fossil['identifier'],
allow_groups=True,
allow_networks=True,
allow_category_roles=True,
category_id=self.category.id)
if isinstance(principal, IPNetworkGroup
) and set(permissions) - {READ_ACCESS_PERMISSION}:
msg = _('IP networks cannot have management permissions: {}'
).format(principal.name)
raise ValidationError(msg)
if FULL_ACCESS_PERMISSION in permissions and len(permissions) != 1:
# when full access permission is set, discard rest of permissions
permissions[:] = [FULL_ACCESS_PERMISSION]
def _deserialize(self, value, attr, data, **kwargs):
event_id = None
if self.allow_event_roles or self.allow_category_roles:
event_id = self.context['event'].id
try:
return {principal_from_identifier(identifier,
allow_groups=self.allow_groups,
allow_external_users=self.allow_external_users,
allow_event_roles=self.allow_event_roles,
allow_category_roles=self.allow_category_roles,
allow_registration_forms=self.allow_registration_forms,
allow_emails=self.allow_emails,
event_id=event_id)
for identifier in value}
except ValueError as exc:
raise ValidationError(str(exc))
def check_permissions(event, field, allow_networks=False):
for principal_fossil, permissions in field.data:
principal = principal_from_identifier(principal_fossil['identifier'],
allow_groups=True,
allow_category_roles=True,
allow_event_roles=True,
allow_emails=True,
allow_registration_forms=True,
allow_networks=allow_networks,
event_id=event.id)
if isinstance(principal, IPNetworkGroup) and set(permissions) - {READ_ACCESS_PERMISSION}:
msg = _('IP networks cannot have management permissions: {}').format(principal.name)
return msg
if isinstance(principal, RegistrationForm) and set(permissions) - {READ_ACCESS_PERMISSION}:
msg = _('Registrants cannot have management permissions: {}').format(principal.name)
return msg
if FULL_ACCESS_PERMISSION in permissions and len(permissions) != 1:
# when full access permission is set, discard rest of permissions
permissions[:] = [FULL_ACCESS_PERMISSION]
def __init__(self, *args, **kwargs):
defaults = kwargs['obj']
if defaults.host_user is None and defaults.host is not None:
host = principal_from_identifier(defaults.host)
defaults.host_choice = 'myself' if host == session.user else 'someone_else'
defaults.host_user = None if host == session.user else host
allow_webinars = current_plugin.settings.get('allow_webinars')
if allow_webinars:
for field_name in {
'mute_audio', 'mute_participant_video', 'waiting_room'
}:
inject_validators(self, field_name,
[HiddenUnless('meeting_type', 'regular')])
super().__init__(*args, **kwargs)
if not allow_webinars:
del self.meeting_type
def update_permissions(obj, form):
"""Update the permissions of an object, based on the corresponding WTForm."""
from indico.modules.categories import Category
from indico.modules.events import Event
from indico.util.user import principal_from_identifier
event_id = category_id = None
if isinstance(obj, Category):
category_id = obj.id
elif isinstance(obj, Event):
event_id = obj.id
else:
event_id = obj.event.id
category_id = obj.event.category.id if obj.event.category else None
current_principal_permissions = {
p.principal: get_principal_permissions(p, type(obj))
for p in obj.acl_entries
}
current_principal_permissions = {
k: v
for k, v in current_principal_permissions.items() if v
}
new_principal_permissions = {
principal_from_identifier(
fossil['identifier'],
allow_external_users=True,
allow_groups=True,
allow_networks=True,
allow_emails=True,
allow_registration_forms=(event_id is not None),
allow_event_roles=(event_id is not None),
allow_category_roles=(event_id is not None
or category_id is not None),
event_id=event_id,
category_id=category_id,
): set(permissions)
for fossil, permissions in form.permissions.data
}
update_principals_permissions(obj, current_principal_permissions,
new_principal_permissions)
def get_event_person(event,
data,
create_untrusted_persons=False,
allow_external=False):
"""Get an EventPerson from dictionary data.
If there is already an event person in the same event and for the same user,
it will be returned. Matching is done with the e-mail.
"""
person_type = data.get('_type')
if person_type is None:
if data.get('email'):
email = data['email'].lower()
user = User.query.filter(~User.is_deleted,
User.all_emails == email).first()
if user:
return get_event_person_for_user(
event,
user,
create_untrusted_persons=create_untrusted_persons)
elif event:
person = event.persons.filter_by(email=email).first()
if person:
return person
# We have no way to identify an existing event person with the provided information
return create_event_person(
event, create_untrusted_persons=create_untrusted_persons, **data)
elif person_type == 'Avatar':
principal = principal_from_identifier(
data['identifier'], allow_external_users=allow_external)
return get_event_person_for_user(
event,
principal,
create_untrusted_persons=create_untrusted_persons)
elif person_type == 'EventPerson':
return event.persons.filter_by(id=data['id']).one()
elif person_type == 'PersonLink':
return event.persons.filter_by(id=data['personId']).one()
else:
raise ValueError(f"Unknown person type '{person_type}'")
def process_formdata(self, valuelist):
if valuelist:
self._submitted_data = valuelist[0]
self.data = principal_from_identifier(self._submitted_data, allow_external_users=self.allow_external_users)
def get_notification_cc_list(self, action, vc_room, event):
return {principal_from_identifier(vc_room.data['host']).email}
def can_manage_vc_room(self, user, room):
return (user == principal_from_identifier(room.data['host'])
or super().can_manage_vc_room(user, room))
def create_room(self, vc_room, event):
"""Create a new Zoom room for an event, given a VC room.
In order to create the Zoom room, the function will try to get
a valid e-mail address for the user in question, which can be
use with the Zoom API.
:param vc_room: the VC room from which to create the Zoom room
:param event: the event to the Zoom room will be attached
"""
client = ZoomIndicoClient()
host = principal_from_identifier(vc_room.data['host'])
host_email = find_enterprise_email(host)
# get the object that this booking is linked to
vc_room_assoc = vc_room.events[0]
link_obj = vc_room_assoc.link_object
is_webinar = vc_room.data.setdefault('meeting_type',
'regular') == 'webinar'
scheduling_args = get_schedule_args(
link_obj) if link_obj.start_dt else {}
try:
settings = {
'host_video': not vc_room.data['mute_host_video'],
}
kwargs = {}
if is_webinar:
kwargs['type'] = (ZoomMeetingType.webinar
if scheduling_args else
ZoomMeetingType.recurring_webinar_no_time)
settings['alternative_hosts'] = host_email
else:
kwargs = {
'type':
(ZoomMeetingType.scheduled_meeting if scheduling_args else
ZoomMeetingType.recurring_meeting_no_time),
'schedule_for':
host_email
}
settings.update({
'mute_upon_entry':
vc_room.data['mute_audio'],
'participant_video':
not vc_room.data['mute_participant_video'],
'waiting_room':
vc_room.data['waiting_room'],
'join_before_host':
self.settings.get('join_before_host'),
})
kwargs.update({
'topic': vc_room.name,
'agenda': vc_room.data['description'],
'password': vc_room.data['password'],
'timezone': event.timezone,
'settings': settings
})
kwargs.update(scheduling_args)
if is_webinar:
meeting_obj = client.create_webinar(host_email, **kwargs)
else:
meeting_obj = client.create_meeting(host_email, **kwargs)
except HTTPError as e:
self.logger.exception('Error creating Zoom Room: %s',
e.response.content)
raise VCRoomError(
_('Could not create the room in Zoom. Please contact support if the error persists'
))
vc_room.data.update({
'zoom_id':
str(meeting_obj['id']),
'start_url':
meeting_obj['start_url'],
'host':
host.identifier,
'alternative_hosts':
process_alternative_hosts(meeting_obj['settings'].get(
'alternative_hosts', ''))
})
vc_room.data.update(get_url_data_args(meeting_obj['join_url']))
flag_modified(vc_room, 'data')
# e-mail Host URL to meeting host
if self.settings.get('send_host_url'):
notify_host_start_url(vc_room)
def get_extra_delete_msg(self, vc_room, event_vc_room):
host = principal_from_identifier(vc_room.data['host'])
if host == session.user or len(vc_room.events) <= 1:
return ''
return render_plugin_template('vc_zoom:extra_delete_msg.html',
host=host.full_name)
def decodeprincipal(value, **kwargs):
"""Decode a principal into an actual object."""
from indico.util.user import principal_from_identifier
return principal_from_identifier(value, soft_fail=True, **kwargs)
def _process(self):
roles = {}
event_permissions = event_permissions_schema.dump(self.event).get(
'acl_entries', {})
roles['global'] = self._map_event_to_track_permissions(
event_permissions)
tracks = Track.query.with_parent(self.event).options(
subqueryload('acl_entries'))
tracks_by_id = {str(track.id): track for track in tracks}
for track in tracks:
roles[str(track.id)] = track_permissions_schema.dump(track).get(
'acl_entries', {})
form = AbstractReviewingRolesForm(event=self.event,
obj=FormDefaults(roles=roles))
if form.validate_on_submit():
role_data = form.data['roles']
# Update global permissions
global_conveners = []
global_reviewers = []
global_roles = role_data.pop('global')
for identifier, permissions in global_roles:
principal = principal_from_identifier(
identifier,
allow_groups=True,
allow_event_roles=True,
allow_category_roles=True,
event_id=self.event.id)
if 'convene' in permissions:
global_conveners.append(principal)
if 'review' in permissions:
global_reviewers.append(principal)
update_object_principals(self.event,
global_conveners,
permission='convene_all_abstracts')
update_object_principals(self.event,
global_reviewers,
permission='review_all_abstracts')
# Update track specific permissions
track_conveners = []
track_reviewers = []
for (track_id, track_roles) in role_data.items():
acl_entries = {}
for identifier, permissions in track_roles:
principal = principal_from_identifier(
identifier,
allow_groups=True,
allow_event_roles=True,
allow_category_roles=True,
event_id=self.event.id)
acl_entries[principal] = set(permissions)
if 'convene' in permissions:
track_conveners.append(principal)
if 'review' in permissions:
track_reviewers.append(principal)
track = tracks_by_id[track_id]
current = {
e.principal: get_unified_permissions(e)
for e in track.acl_entries
}
update_principals_permissions(track, current, acl_entries)
# Update event ACL for track and global permissions
all_conveners = set(global_conveners + track_conveners)
all_reviewers = set(global_reviewers + track_reviewers)
update_object_principals(self.event,
all_conveners,
permission='track_convener')
update_object_principals(self.event,
all_reviewers,
permission='abstract_reviewer')
flash(_("Abstract reviewing roles have been updated."), 'success')
logger.info(
"Abstract reviewing roles of %s have been updated by %s",
self.event, session.user)
return jsonify_data()
return jsonify_form(form,
skip_labels=True,
form_header_kwargs={'id': 'reviewing-role-form'},
disabled_until_change=False)
def _deserialize(self, value, attr, data):
try:
return set(principal_from_identifier(x, allow_groups=self.allow_groups) for x in value)
except ValueError as exc:
raise ValidationError(unicode(exc))