def block_access_to_vendor():
"""
Raise PermissionDenied if current user has a vendor role.
"""
if permissions.has_vendor_permissions():
raise permissions.PermissionDenied
return True
def add_project_permission_filter(self, query):
if permissions.has_vendor_permissions():
query = query.filter(user_service.build_assignee_filter())
elif not permissions.has_admin_permissions():
query = query.join(Project) \
.filter(user_service.build_related_projects_filter())
return query
def get(self, person_id):
"""
Return task assigned to given user of which status has is_done flag sets to true.
---
tags:
- Tasks
description: It return only tasks related to open projects.
parameters:
- in: path
name: person_id
required: True
schema:
type: UUID
example: a24a6ea4-ce75-4665-a070-57453082c25
responses:
200:
description: Tasks assigned to user that are done
"""
if not permissions.has_admin_permissions():
projects = user_service.related_projects()
else:
projects = projects_service.open_projects()
if permissions.has_vendor_permissions():
person = persons_service.get(person_id)
if person["role"] == "vendor":
return []
elif permissions.has_client_permissions():
return []
return tasks_service.get_person_done_tasks(person_id, projects)
def get(self, project_id, asset_type_id):
"""
Retrieve all assets for given project and entity type.
---
tags:
- Assets
parameters:
- in: path
name: project_id
required: True
schema:
type: UUID
example: a24a6ea4-ce75-4665-a070-57453082c25
- in: path
name: asset_type_id
required: True
schema:
type: UUID
example: a24a6ea4-ce75-4665-a070-57453082c25
responses:
200:
description: All assets for given project and entity type
"""
user_service.check_project_access(project_id)
criterions = query.get_query_criterions_from_request(request)
criterions["project_id"] = project_id
criterions["entity_type_id"] = asset_type_id
if permissions.has_vendor_permissions():
criterions["assigned_to"] = persons_service.get_current_user(
)["id"]
return assets_service.get_assets(criterions)
def get(self, project_id):
"""
Retrieve all episodes related to a given project.
"""
projects_service.get_project(project_id)
user_service.check_project_access(project_id)
return shots_service.get_episodes_for_project(
project_id, only_assigned=permissions.has_vendor_permissions())
def get(self, project_id):
"""
Retrieve number of tasks by status, task_types and episodes
for given project.
"""
projects_service.get_project(project_id)
user_service.check_project_access(project_id)
return shots_service.get_episode_stats_for_project(
project_id, only_assigned=permissions.has_vendor_permissions())
def get(self):
"""
Retrieve all shots, adds project name and asset type name and all
related tasks.
"""
criterions = query.get_query_criterions_from_request(request)
user_service.check_project_access(criterions.get("project_id", None))
if permissions.has_vendor_permissions():
criterions["assigned_to"] = persons_service.get_current_user()["id"]
return shots_service.get_shots_and_tasks(criterions)
def get(self):
"""
Retrieve all edit entries. Filters can be specified in the query string.
"""
criterions = query.get_query_criterions_from_request(request)
if permissions.has_vendor_permissions():
criterions["assigned_to"] = persons_service.get_current_user(
)["id"]
user_service.check_project_access(criterions.get("project_id", None))
return edits_service.get_edits(criterions)
def get(self, person_id):
if not permissions.has_admin_permissions():
projects = user_service.related_projects()
else:
projects = projects_service.open_projects()
if permissions.has_vendor_permissions():
person = persons_service.get(person_id)
if person["role"] == "vendor":
return []
return tasks_service.get_person_done_tasks(person_id, projects)
def check_read_permissions(self, preview_file):
"""
If it's a vendor, check if the user is working on the task.
If it's an artist, check if preview file belongs to user projects.
"""
if permissions.has_vendor_permissions():
user_service.check_working_on_task(preview_file["task_id"])
else:
task = tasks_service.get_task(preview_file["task_id"])
user_service.check_project_access(task["project_id"])
return True
def get(self, project_id):
"""
Retrieve all assets for given project.
"""
user_service.check_project_access(project_id)
criterions = query.get_query_criterions_from_request(request)
criterions["project_id"] = project_id
if permissions.has_vendor_permissions():
criterions["assigned_to"] = persons_service.get_current_user(
)["id"]
return assets_service.get_assets(criterions)
def get(self):
"""
Retrieve all entities that are not shot or sequence.
Adds project name and asset type name.
"""
criterions = query.get_query_criterions_from_request(request)
user_service.check_project_access(criterions.get("project_id", None))
if permissions.has_vendor_permissions():
criterions["assigned_to"] = persons_service.get_current_user(
)["id"]
return assets_service.get_assets(criterions)
def get(self, sequence_id):
"""
Retrieve all shot entries for a given sequence.
Filters can be specified in the query string.
"""
sequence = shots_service.get_sequence(sequence_id)
user_service.check_project_access(sequence["project_id"])
criterions = query.get_query_criterions_from_request(request)
criterions["parent_id"] = sequence_id
if permissions.has_vendor_permissions():
criterions["assigned_to"] = persons_service.get_current_user()["id"]
return shots_service.get_shots(criterions)
def get(self, episode_id):
"""
Retrieve all tasks related to a given episode.
"""
episode = shots_service.get_episode(episode_id)
user_service.check_project_access(episode["project_id"])
user_service.check_entity_access(episode["id"])
if permissions.has_vendor_permissions():
raise permissions.PermissionDenied
relations = self.get_relations()
return tasks_service.get_shot_tasks_for_episode(episode_id,
relations=relations)
def check_entity_access(entity_id):
"""
Return true if current user is not vendor or has a task assigned for this
project.
"""
is_allowed = not permissions.has_vendor_permissions()
if not is_allowed:
nb_tasks = (Task.query.filter(Task.entity_id == entity_id).filter(
build_assignee_filter()).count())
if nb_tasks == 0:
raise permissions.PermissionDenied
is_allowed = True
return is_allowed
def get(self, episode_id):
"""
Retrieve all sequence entries for a given episode.
Filters can be specified in the query string.
"""
episode = shots_service.get_episode(episode_id)
user_service.check_project_access(episode["project_id"])
criterions = query.get_query_criterions_from_request(request)
criterions["parent_id"] = episode_id
if permissions.has_vendor_permissions():
return shots_service.get_sequences_for_episode(episode_id,
only_assigned=True)
else:
return shots_service.get_sequences(criterions)
def get(self):
"""
Retrieve all entities that are not shot or sequence.
Adds project name and asset type name and all related tasks.
If episode_id is given as parameter, it returns assets not linked
to an episode and assets linked to given episode.
"""
criterions = query.get_query_criterions_from_request(request)
page = query.get_page_from_request(request)
check_criterion_access(criterions)
if permissions.has_vendor_permissions():
criterions["assigned_to"] = persons_service.get_current_user(
)["id"]
return assets_service.get_assets_and_tasks(criterions, page)
def get(self):
"""
Retrieve all shot entries. Filters can be specified in the query string.
"""
criterions = query.get_query_criterions_from_request(request)
if "sequence_id" in criterions:
sequence = shots_service.get_sequence(criterions["sequence_id"])
criterions["project_id"] = sequence["project_id"]
criterions["parent_id"] = sequence["id"]
del criterions["sequence_id"]
if permissions.has_vendor_permissions():
criterions["assigned_to"] = persons_service.get_current_user()["id"]
user_service.check_project_access(criterions.get("project_id", None))
return shots_service.get_shots(criterions)
def get(self):
"""
Retrieve all entities that are not shot or sequence.
Adds project name and asset type name.
---
tags:
- Assets
responses:
200:
description: All assets
"""
criterions = query.get_query_criterions_from_request(request)
check_criterion_access(criterions)
if permissions.has_vendor_permissions():
criterions["assigned_to"] = persons_service.get_current_user(
)["id"]
return assets_service.get_assets(criterions)
def all_entries(self, query=None, relations=False):
"""
If the user has at least manager permissions, return all previews.
If he's a vendor, return only previews for the tasks he's assigned to.
If he's an artist, return only previews for projects he's a part of.
"""
if query is None:
query = self.model.query
if permissions.has_admin_permissions():
pass
elif permissions.has_vendor_permissions():
query = (PreviewFile.query.join(Task).filter(
user_service.build_assignee_filter()).filter(
user_service.build_open_project_filter()).filter(
Task.id == PreviewFile.task_id))
else:
query = (PreviewFile.query.join(Task, Project).filter(
user_service.build_related_projects_filter()).filter(
user_service.build_open_project_filter()))
previews = query.all()
return self.model.serialize_list(previews, relations=relations)
