def _can_view(trip, request): """Leaders, chairs, and a trip WIMP can view this page.""" return (perm_utils.in_any_group(request.user, ['WIMP']) or (trip.wimp and request.participant == trip.wimp) or perm_utils.leader_on_trip(request.participant, trip, True) or perm_utils.chair_or_admin(request.user, trip.required_activity_enum()))
def dispatch(self, request, *args, **kwargs): """ Only allow creator, leaders of the trip, and chairs. """ trip = self.get_object() chair = perm_utils.chair_or_admin(request.user, trip.activity) trip_leader = perm_utils.leader_on_trip(request.participant, trip, True) if not (chair or trip_leader): return render(request, 'not_your_trip.html', {'trip': trip}) return super().dispatch(request, *args, **kwargs)
def dispatch(self, request, *args, **kwargs): activity = kwargs.get('activity') if not perm_utils.chair_or_admin(request.user, activity): raise PermissionDenied if not models.LeaderApplication.can_apply(self.activity): context = {'missing_form': True, 'activity': self.activity} return render(request, self.template_name, context) return super().dispatch(request, *args, **kwargs)
def trip_edit_buttons(trip, participant, user, hide_approve=False): return { 'trip': trip, 'is_chair': perm_utils.chair_or_admin(user, trip.activity), 'is_creator': trip.creator == participant, 'is_trip_leader': perm_utils.leader_on_trip(participant, trip, False), 'hide_approve': hide_approve # Hide approval even if user is a chair }
def _can_view(self, trip, request): """ Leaders, chairs, and a trip WIMP can view this page. """ return ( perm_utils.in_any_group(request.user, ['WIMP']) or (trip.wimp and request.participant == trip.wimp) or perm_utils.leader_on_trip(request.participant, trip, True) or perm_utils.chair_or_admin(request.user, trip.activity) )
def dispatch(self, request, *args, **kwargs): try: activity_enum = enums.Activity(kwargs.get('activity')) except ValueError: raise Http404 if not perm_utils.chair_or_admin(request.user, activity_enum): raise PermissionDenied return super().dispatch(request, *args, **kwargs)
def dispatch(self, request, *args, **kwargs): trip = self.get_object() activity_enum = trip.required_activity_enum() if activity_enum is None: return JsonResponse( {'message': f'No chair for {trip.program_enum.label}'}, status=400) if not perm_utils.chair_or_admin(request.user, activity_enum): return JsonResponse({}, status=403) return super().dispatch(request, *args, **kwargs)
def dispatch(self, request, *args, **kwargs): """Redirect if anonymous, but deny permission if not a chair.""" try: activity_enum = enums.Activity(self.activity) except ValueError: raise Http404 # pylint: disable=raise-missing-from if not perm_utils.chair_or_admin(request.user, activity_enum): raise PermissionDenied return super().dispatch(request, *args, **kwargs)
def _allowed_to_modify_trip(trip: models.Trip, request: HttpRequest) -> bool: activity_enum = trip.required_activity_enum() if activity_enum: is_chair = perm_utils.chair_or_admin(request.user, activity_enum) else: # (There is no required activity, so no chairs. Allow superusers, though) is_chair = request.user.is_superuser participant: models.Participant = request.participant # type: ignore trip_leader = perm_utils.leader_on_trip(participant, trip, True) return is_chair or trip_leader
def get_context_data(self, **kwargs): context = super().get_context_data() trip = self.object context['leader_on_trip'] = perm_utils.leader_on_trip( self.request.participant, trip, True) context['can_admin'] = context[ 'leader_on_trip'] or perm_utils.chair_or_admin( self.request.user, trip.required_activity_enum()) if context['can_admin'] or perm_utils.is_leader(self.request.user): context['rentals_by_par'] = list(self.rentals_by_participant(trip)) return context
def trip_edit_buttons(trip, participant, user, hide_approve=False): available_at = date_utils.itinerary_available_at(trip.trip_date) return { 'trip': trip, 'is_chair': perm_utils.chair_or_admin(user, trip.activity), 'is_creator': trip.creator == participant, 'is_trip_leader': perm_utils.leader_on_trip(participant, trip, False), 'hide_approve': hide_approve, # Hide approval even if user is a chair 'itinerary_available_at': available_at, 'available_today': available_at.date() == date_utils.local_date(), 'info_form_available': date_utils.local_now() >= available_at, }
def trip_edit_buttons(trip, participant, user, hide_approve=False): available_at = date_utils.itinerary_available_at(trip.trip_date) return { 'trip': trip, 'is_chair': perm_utils.chair_or_admin(user, trip.activity), 'is_creator': trip.creator == participant, 'is_trip_leader': perm_utils.leader_on_trip(participant, trip, False), 'hide_approve': hide_approve, # Hide approval even if user is a chair 'itinerary_available_at': available_at, 'available_today': available_at.date() == date_utils.local_date(), 'info_form_available': date_utils.local_now() >= available_at }
def test_activity_chair(self): """ The admin can be considered an activity chair in some contexts. """ self.assertTrue( perm_utils.chair_or_admin(self.admin, enums.Activity.HIKING)) self.assertTrue(perm_utils.is_chair(self.admin, enums.Activity.HIKING)) self.assertTrue( perm_utils.is_chair(self.admin, enums.Activity.HIKING, allow_superusers=True)) self.assertFalse( perm_utils.is_chair(self.admin, enums.Activity.HIKING, allow_superusers=False))
def dispatch(self, request, *args, **kwargs): """ Only allow creator, leaders of the trip, and chairs. """ trip = self.get_object() activity_enum = trip.required_activity_enum() if activity_enum: is_chair = perm_utils.chair_or_admin(request.user, activity_enum) else: # (There is no required activity, so no chairs. Allow superusers, though) is_chair = request.user.is_superuser trip_leader = perm_utils.leader_on_trip(request.participant, trip, True) if not (is_chair or trip_leader): return render(request, 'not_your_trip.html', {'trip': trip}) return super().dispatch(request, *args, **kwargs)
def test_activity_chair(self): """ The admin can be considered an activity chair in some contexts. """ self.assertTrue(perm_utils.chair_or_admin(self.admin, models.BaseRating.HIKING)) self.assertTrue(perm_utils.is_chair(self.admin, models.BaseRating.HIKING)) self.assertTrue( perm_utils.is_chair( self.admin, models.BaseRating.HIKING, allow_superusers=True ) ) self.assertFalse( perm_utils.is_chair( self.admin, models.BaseRating.HIKING, allow_superusers=False ) )
def dispatch(self, request, *args, **kwargs): try: activity_enum = enums.Activity(kwargs.get('activity')) except ValueError: raise Http404 # pylint: disable=raise-missing-from if not perm_utils.chair_or_admin(request.user, activity_enum): raise PermissionDenied if not models.LeaderApplication.can_apply_for_activity(self.activity): context = { 'missing_form': True, 'activity': self.activity, 'activity_enum': enums.Activity(self.activity), } return render(request, self.template_name, context) return super().dispatch(request, *args, **kwargs)
def test_make_chair(self): """ Users can be promoted to being activity chairs. """ # To begin with, our user is not a chair (nobody is, for that matter) climbing = models.BaseRating.CLIMBING user = UserFactory.create() self.assertFalse(perm_utils.is_chair(user, climbing)) self.assertEqual(perm_utils.num_chairs(climbing), 0) # We promote them to be a climbing chair perm_utils.make_chair(user, climbing) self.assertTrue(perm_utils.is_chair(user, climbing)) self.assertEqual(perm_utils.num_chairs(climbing), 1) # chair_or_admin works now too, and the user is definitely not a superuser self.assertTrue(perm_utils.chair_or_admin(user, climbing)) self.assertFalse(user.is_superuser) # Sanity check: The user wasn't accidentally made the chair of other activities self.assertFalse(perm_utils.is_chair(user, models.BaseRating.BOATING))
def test_make_chair(self): """ Users can be promoted to being activity chairs. """ # To begin with, our user is not a chair (nobody is, for that matter) user = UserFactory.create() self.assertFalse(perm_utils.is_chair(user, enums.Activity.CLIMBING)) self.assertEqual(perm_utils.num_chairs(enums.Activity.CLIMBING), 0) # We promote them to be a climbing chair perm_utils.make_chair(user, enums.Activity.CLIMBING) self.assertTrue(perm_utils.is_chair(user, enums.Activity.CLIMBING)) self.assertEqual(perm_utils.num_chairs(enums.Activity.CLIMBING), 1) # chair_or_admin works now too, and the user is definitely not a superuser self.assertTrue( perm_utils.chair_or_admin(user, enums.Activity.CLIMBING)) self.assertFalse(user.is_superuser) # Sanity check: The user wasn't accidentally made the chair of other activities self.assertFalse(perm_utils.is_chair(user, enums.Activity.BOATING))
def dispatch(self, request, *args, **kwargs): """ Redirect if anonymous, but deny permission if not a chair. """ if not perm_utils.chair_or_admin(request.user, self.activity): raise PermissionDenied return super().dispatch(request, *args, **kwargs)
def dispatch(self, request, *args, **kwargs): activity = kwargs.get('activity') if not perm_utils.chair_or_admin(request.user, activity): raise PermissionDenied return super().dispatch(request, *args, **kwargs)