def block_access_to_vendor(): """ Raise PermissionDenied if current user has a vendor role. """ if permissions.has_vendor_permissions(): raise permissions.PermissionDenied return True
def add_project_permission_filter(self, query): if permissions.has_vendor_permissions(): query = query.filter(user_service.build_assignee_filter()) elif not permissions.has_admin_permissions(): query = query.join(Project) \ .filter(user_service.build_related_projects_filter()) return query
def get(self, person_id): """ Return task assigned to given user of which status has is_done flag sets to true. --- tags: - Tasks description: It return only tasks related to open projects. parameters: - in: path name: person_id required: True schema: type: UUID example: a24a6ea4-ce75-4665-a070-57453082c25 responses: 200: description: Tasks assigned to user that are done """ if not permissions.has_admin_permissions(): projects = user_service.related_projects() else: projects = projects_service.open_projects() if permissions.has_vendor_permissions(): person = persons_service.get(person_id) if person["role"] == "vendor": return [] elif permissions.has_client_permissions(): return [] return tasks_service.get_person_done_tasks(person_id, projects)
def get(self, project_id, asset_type_id): """ Retrieve all assets for given project and entity type. --- tags: - Assets parameters: - in: path name: project_id required: True schema: type: UUID example: a24a6ea4-ce75-4665-a070-57453082c25 - in: path name: asset_type_id required: True schema: type: UUID example: a24a6ea4-ce75-4665-a070-57453082c25 responses: 200: description: All assets for given project and entity type """ user_service.check_project_access(project_id) criterions = query.get_query_criterions_from_request(request) criterions["project_id"] = project_id criterions["entity_type_id"] = asset_type_id if permissions.has_vendor_permissions(): criterions["assigned_to"] = persons_service.get_current_user( )["id"] return assets_service.get_assets(criterions)
def get(self, project_id): """ Retrieve all episodes related to a given project. """ projects_service.get_project(project_id) user_service.check_project_access(project_id) return shots_service.get_episodes_for_project( project_id, only_assigned=permissions.has_vendor_permissions())
def get(self, project_id): """ Retrieve number of tasks by status, task_types and episodes for given project. """ projects_service.get_project(project_id) user_service.check_project_access(project_id) return shots_service.get_episode_stats_for_project( project_id, only_assigned=permissions.has_vendor_permissions())
def get(self): """ Retrieve all shots, adds project name and asset type name and all related tasks. """ criterions = query.get_query_criterions_from_request(request) user_service.check_project_access(criterions.get("project_id", None)) if permissions.has_vendor_permissions(): criterions["assigned_to"] = persons_service.get_current_user()["id"] return shots_service.get_shots_and_tasks(criterions)
def get(self): """ Retrieve all edit entries. Filters can be specified in the query string. """ criterions = query.get_query_criterions_from_request(request) if permissions.has_vendor_permissions(): criterions["assigned_to"] = persons_service.get_current_user( )["id"] user_service.check_project_access(criterions.get("project_id", None)) return edits_service.get_edits(criterions)
def get(self, person_id): if not permissions.has_admin_permissions(): projects = user_service.related_projects() else: projects = projects_service.open_projects() if permissions.has_vendor_permissions(): person = persons_service.get(person_id) if person["role"] == "vendor": return [] return tasks_service.get_person_done_tasks(person_id, projects)
def check_read_permissions(self, preview_file): """ If it's a vendor, check if the user is working on the task. If it's an artist, check if preview file belongs to user projects. """ if permissions.has_vendor_permissions(): user_service.check_working_on_task(preview_file["task_id"]) else: task = tasks_service.get_task(preview_file["task_id"]) user_service.check_project_access(task["project_id"]) return True
def get(self, project_id): """ Retrieve all assets for given project. """ user_service.check_project_access(project_id) criterions = query.get_query_criterions_from_request(request) criterions["project_id"] = project_id if permissions.has_vendor_permissions(): criterions["assigned_to"] = persons_service.get_current_user( )["id"] return assets_service.get_assets(criterions)
def get(self): """ Retrieve all entities that are not shot or sequence. Adds project name and asset type name. """ criterions = query.get_query_criterions_from_request(request) user_service.check_project_access(criterions.get("project_id", None)) if permissions.has_vendor_permissions(): criterions["assigned_to"] = persons_service.get_current_user( )["id"] return assets_service.get_assets(criterions)
def get(self, sequence_id): """ Retrieve all shot entries for a given sequence. Filters can be specified in the query string. """ sequence = shots_service.get_sequence(sequence_id) user_service.check_project_access(sequence["project_id"]) criterions = query.get_query_criterions_from_request(request) criterions["parent_id"] = sequence_id if permissions.has_vendor_permissions(): criterions["assigned_to"] = persons_service.get_current_user()["id"] return shots_service.get_shots(criterions)
def get(self, episode_id): """ Retrieve all tasks related to a given episode. """ episode = shots_service.get_episode(episode_id) user_service.check_project_access(episode["project_id"]) user_service.check_entity_access(episode["id"]) if permissions.has_vendor_permissions(): raise permissions.PermissionDenied relations = self.get_relations() return tasks_service.get_shot_tasks_for_episode(episode_id, relations=relations)
def check_entity_access(entity_id): """ Return true if current user is not vendor or has a task assigned for this project. """ is_allowed = not permissions.has_vendor_permissions() if not is_allowed: nb_tasks = (Task.query.filter(Task.entity_id == entity_id).filter( build_assignee_filter()).count()) if nb_tasks == 0: raise permissions.PermissionDenied is_allowed = True return is_allowed
def get(self, episode_id): """ Retrieve all sequence entries for a given episode. Filters can be specified in the query string. """ episode = shots_service.get_episode(episode_id) user_service.check_project_access(episode["project_id"]) criterions = query.get_query_criterions_from_request(request) criterions["parent_id"] = episode_id if permissions.has_vendor_permissions(): return shots_service.get_sequences_for_episode(episode_id, only_assigned=True) else: return shots_service.get_sequences(criterions)
def get(self): """ Retrieve all entities that are not shot or sequence. Adds project name and asset type name and all related tasks. If episode_id is given as parameter, it returns assets not linked to an episode and assets linked to given episode. """ criterions = query.get_query_criterions_from_request(request) page = query.get_page_from_request(request) check_criterion_access(criterions) if permissions.has_vendor_permissions(): criterions["assigned_to"] = persons_service.get_current_user( )["id"] return assets_service.get_assets_and_tasks(criterions, page)
def get(self): """ Retrieve all shot entries. Filters can be specified in the query string. """ criterions = query.get_query_criterions_from_request(request) if "sequence_id" in criterions: sequence = shots_service.get_sequence(criterions["sequence_id"]) criterions["project_id"] = sequence["project_id"] criterions["parent_id"] = sequence["id"] del criterions["sequence_id"] if permissions.has_vendor_permissions(): criterions["assigned_to"] = persons_service.get_current_user()["id"] user_service.check_project_access(criterions.get("project_id", None)) return shots_service.get_shots(criterions)
def get(self): """ Retrieve all entities that are not shot or sequence. Adds project name and asset type name. --- tags: - Assets responses: 200: description: All assets """ criterions = query.get_query_criterions_from_request(request) check_criterion_access(criterions) if permissions.has_vendor_permissions(): criterions["assigned_to"] = persons_service.get_current_user( )["id"] return assets_service.get_assets(criterions)
def all_entries(self, query=None, relations=False): """ If the user has at least manager permissions, return all previews. If he's a vendor, return only previews for the tasks he's assigned to. If he's an artist, return only previews for projects he's a part of. """ if query is None: query = self.model.query if permissions.has_admin_permissions(): pass elif permissions.has_vendor_permissions(): query = (PreviewFile.query.join(Task).filter( user_service.build_assignee_filter()).filter( user_service.build_open_project_filter()).filter( Task.id == PreviewFile.task_id)) else: query = (PreviewFile.query.join(Task, Project).filter( user_service.build_related_projects_filter()).filter( user_service.build_open_project_filter())) previews = query.all() return self.model.serialize_list(previews, relations=relations)