def search_rcis(search_string, logged_in_user):
"""
Performs a full-text-search for rcis using the rci_index table
"""
# Only those with the MODERATE_RCIS permission can do this
if not user_can(Permission.MODERATE_RCIS, logged_in_user):
raise Unauthorized('You do not have sufficient permissions '
'to perform an rci search')
# If they did not have a search term, return an empty list
if search_string is None or search_string.strip() == "":
return []
# Quote the search string. See https://sqlite.org/fts5.html
# Not doing this would treat the hyphen character `-` as a column modifier
search_string = '"{}"'.format(search_string)
search_results = datastore.query(
'select * '
'from rci_index '
'where rci_index = ?', (search_string, ))
rcis = []
for result in search_results:
rcis.append(get_rci_by_id(rci_id=result['rci_id'], full=True))
return rcis
def get_rcis_for_user(user_id, logged_in_user):
"""
Fetch the rcis for which the user `user_id` is a collaborator.
"""
throw_if_not_valid_uuid(user_id)
# You can only lookup rcis for a user if
# 1 - That user is you OR
# 2 - You have permissions to MODERATE_RCIS
if (user_can(Permission.MODERATE_RCIS, logged_in_user)):
pass
else:
if user_id != logged_in_user['user_id']:
raise Unauthorized('You do not have sufficient permissions '
'to lookup rcis for someone else.')
user = get_user_record(user_id)
rci_ids = [
x['rci_id'] for x in datastore.query(
'select rci_id '
'from rci_collabs '
'where user_id = ?', (user_id, ))
]
rcis = []
for rci_id in rci_ids:
rcis.append(get_rci_by_id(rci_id, full=True))
return rcis
def delete_damage(damage_id, logged_in_user):
"""
Delete a damage record
"""
damage = common.get_damage_record(damage_id)
rci = common.get_rci_record(damage['rci_id'])
rci_id = rci['rci_id']
# Cannot delete a damage if the rci is locked
if rci['is_locked']:
raise Unauthorized('rci {} is locked'.format(rci_id))
# Check that the user is one of the following
# (a) a collaborator on the rci OR
# (b) has Permission.MODERATE_DAMAGES
if (user_can(Permission.MODERATE_DAMAGES, logged_in_user)):
pass
else:
rci_collaborators = [
x['user_id'] for x in common.get_rci_collaborators(rci_id)
]
if logged_in_user['user_id'] not in rci_collaborators:
raise Unauthorized('You cannot delete damages from this rci.'
'Please ask to be added to the list of '
'collaborators')
datastore.query('delete from damages '
'where damage_id = ?', (damage_id, ))
return damage
def handle_admin_permission_check(*args, **kwargs):
user = g.user
if not user_can(permissions=Permission.MODERATE_SYSTEM, user=user):
return redirect(url_for('dashboard.main'))
else:
return func(*args, **kwargs)
def main():
"""
The "homepage". This is what a user sees when they first log-in.
"""
logged_in_user = g.user
# 1 - Fetch user settings for default buildings the user can view.
# 1.1 If such a setting does not exist, default to all buildings
# 2 - Try to fetch the rcis for the list of buildings we have.
# 2.1 - If the call fails with `Unauthorized`, the user has no such access
# Fetch their own rcis only
user_settings = libuser.get_user_settings(
user_id=logged_in_user['user_id'])
building_list = user_settings['default_buildings']
if building_list is None:
building_list = list(libroom.get_building_manifest().keys())
try:
rcis = librci.get_rcis_for_buildings(buildings=building_list,
logged_in_user=logged_in_user)
except Unauthorized:
rcis = librci.get_rcis_for_user(user_id=logged_in_user['user_id'],
logged_in_user=logged_in_user)
user_permissions = libuser.get_user_permissions(
user_id=logged_in_user['user_id'])
display_search = user_can(permissions=Permission.MODERATE_RCIS,
user=logged_in_user)
display_system_settings = user_can(permissions=Permission.MODERATE_SYSTEM,
user=logged_in_user)
return render_template('dashboard/main.html',
rcis=rcis,
display_search=display_search,
display_system_settings=display_system_settings)
def unlock_rci(rci_id, logged_in_user):
"""
Un-Freeze an rci, making it editable again
"""
# We will fail with a clear error here if the rci doesn't exist
rci = get_rci_record(rci_id)
# You can only unlock an rci if
# you have permission to MODERATE_RCIS
if not user_can(Permission.MODERATE_RCIS, logged_in_user):
raise Unauthorized('You do not have sufficient permissions '
'to unlock this rci')
# Go ahead and unlock it up
datastore.query('update rcis '
'set is_locked = 0 '
'where rci_id = ?', (rci_id, ))
def lock_rci(rci_id, logged_in_user):
"""
Freeze an rci, preventing it from being modified
"""
# We will fail with a clear error here if the rci doesn't exist
rci = get_rci_record(rci_id)
# You can only lock an rci if
# you have permission to MODERATE_RCIS
if not user_can(Permission.MODERATE_RCIS, logged_in_user):
raise Unauthorized('You do not have sufficient permissions '
'to lock this rci')
# Go ahead and lock it up
datastore.query('update rcis '
'set is_locked = 1 '
'where rci_id = ?', (rci_id, ))
def create_rci(user_id, building_name, room_name, logged_in_user):
"""
Creates a new rci record for a room.
The user who created it is added to the list of collaborators on
this rci
Multiple rcis can exist for the same room
"""
# You can only create rcis for someone else if you have
# permissions to MODERATE_RCS or you are creating an
# rci for youself.
if (user_can(Permission.MODERATE_RCIS, logged_in_user)):
pass
else:
if user_id != logged_in_user['user_id']:
raise Unauthorized('You do not have permissions '
'to create an rci for someone else.')
new_rci_id = str(uuid.uuid4())
rci_insert_args = {
'rci_id': new_rci_id,
'room_name': room_name,
'building_name': building_name,
'created_at': datetime.utcnow(),
'created_by': logged_in_user['user_id']
}
rci_collab_insert_args = {'rci_id': new_rci_id, 'user_id': user_id}
# Create the rci document
datastore.query(
'insert into rcis '
'(rci_id, building_name, room_name, created_at, created_by) '
'values '
'(:rci_id,:building_name,:room_name,:created_at,:created_by)',
rci_insert_args)
# Add the user as an a collaborator for the rci
datastore.query(
'insert into rci_collabs(rci_id, user_id) '
'values(:rci_id, :user_id);', rci_collab_insert_args)
# Fetch the newly created rci
return get_rci_by_id(new_rci_id, full=True)
def create_damage(logged_in_user, rci_id, item, text, image_url):
"""
Record a damage on the rci
"""
rci = common.get_rci_record(rci_id)
# Cannot record a damage if the rci is locked
if rci['is_locked']:
raise Unauthorized('Rci {} is locked'.format(rci_id))
# Check that the user is one of the following
# (a) a collaborator on the rci OR
# (b) has Permission.MODERATE_DAMAGES
if (user_can(Permission.MODERATE_DAMAGES, logged_in_user)):
pass
else:
rci_collaborators = [
x['user_id'] for x in common.get_rci_collaborators(rci_id)
]
if logged_in_user['user_id'] not in rci_collaborators:
raise Unauthorized('You cannot record damage on this rci.'
'Please ask to be added to the list of '
'collaborators')
damage_insert_args = {
'damage_id': str(uuid.uuid4()),
'rci_id': rci_id,
'item': item,
'text': text,
'image_url': image_url,
'created_by': logged_in_user['user_id'],
'created_at': datetime.utcnow()
}
datastore.query(
'insert into '
'damages(damage_id, rci_id, item, text, image_url, created_by, created_at) '
'values(:damage_id,:rci_id,:item,:text,:image_url,:created_by,:created_at) ',
damage_insert_args)
return common.get_damage_record(damage_insert_args['damage_id'])
def get_rcis_for_buildings(buildings, logged_in_user):
"""
Fetch the rcis for the specified buildings
"""
# Only users that have the MODERATE_RCIS permission can do this
if not user_can(Permission.MODERATE_RCIS, logged_in_user):
raise Unauthorized('You do not have sufficient permissions '
'to lookup rcis for a building.')
rci_ids = [
x['rci_id'] for x in datastore.query(
'select rci_id '
'from rcis '
'where building_name in ({})'.format(', '.join(
'?' for i in buildings)), buildings)
]
rcis = []
for rci_id in rci_ids:
rcis.append(get_rci_by_id(rci_id, full=True))
return rcis