def _available_badges(self): ''' Return the badges that are editable by a user. ''' c.groups = [{'permission': 'global.admin', 'label': _('In all instances'), 'show_label': True}] if c.instance: c.groups.append( {'permission': 'instance.admin', 'label': _('In instance "%s"') % c.instance.label, 'show_label': h.has_permission('global.admin')}) badges = {} if has('global.admin'): badges['global.admin'] = { 'instance': InstanceBadge.all(instance=None), 'user': UserBadge.all(instance=None), 'delegateable': DelegateableBadge.all(instance=None), 'category': CategoryBadge.all(instance=None), 'thumbnail': ThumbnailBadge.all(instance=None)} if has('instance.admin') and c.instance is not None: badges['instance.admin'] = { 'instance': InstanceBadge.all(instance=c.instance), 'user': UserBadge.all(instance=c.instance), 'delegateable': DelegateableBadge.all(instance=c.instance), 'category': CategoryBadge.all(instance=c.instance), 'thumbnail': ThumbnailBadge.all(instance=c.instance)} return badges
def edit(m): if not c.instance.milestones: return False if has('instance.admin'): return True if not (has('milestone.edit') and show(m)): return False return False
def supervise(check, u=None): """ Supervise users on instance level """ check.readonly() check.other('not_in_instance', not c.instance) if u is not None: check.other('no_member_in_instance', not u.is_member(c.instance)) check.other('not_user.manage_or_instance.admin', not (has('user.manage') or has('instance.admin')))
def edit(p): if not p.is_mutable(): return False if has('instance.admin'): return True if not (has('proposal.edit') and show(p)): return False if (p.description.head.wiki or is_own(p)): return True return False
def _to_python(self, value, state): from adhocracy.model import Instance if has('global.admin'): if value: instance = Instance.find(value) if instance is None: raise AssertionError("Could not find instance %s" % value) return instance return None elif has('instance.admin') and c.instance: return c.instance raise formencode.Invalid(_("You're not allowed to edit global badges"), value, state)
def _to_python(self, value, state): from adhocracy.model import Instance if has('global.admin'): if value: instance = Instance.find(value) if instance is None: raise AssertionError("Could not find instance %s" % value) return instance return None elif has('instance.admin') and c.instance: return c.instance raise formencode.Invalid( _("You're not allowed to edit global badges"), value, state)
def edit(check, p): if has('instance.admin') or has('global.admin'): # Admins can always edit proposals. return show(check, p) check.other('proposal_not_mutable', not p.is_mutable()) if has('proposal.edit'): # having proposal.edit is enough return check.other('user_is_no_member', not c.user or not c.user.is_member(c.instance)) check.other('proposal_head_not_wiki_or_own', not is_own(p) and not p.description.head.wiki)
def edit(check, m): check.valid_email() check.other('instance_without_milestones', not c.instance.milestones) if has('instance.admin'): return check.perm('milestone.edit') show(check, m)
def row(proposal): global_admin = authorization.has('global.admin') if not proposal: return "" return render_tile('/proposal/tiles.html', 'row', ProposalTile(proposal), proposal=proposal, cached=True, badgesglobal_admin=global_admin)
def update_badges(self, id): user = get_entity_or_abort(model.User, id) badges = self.form_result.get('badge') if not has('global.admin'): # instance admins may only add user badges limited to this instance for badge in badges: if not badge.instance == c.instance: h.flash(_(u'Invalid badge choice.'), u'error') redirect(h.entity_url(user)) creator = c.user added = [] removed = [] for badge in user.badges: if badge not in badges: removed.append(badge) user.badges.remove(badge) for badge in badges: if badge not in user.badges: badge.assign(user, creator) added.append(badge) model.meta.Session.flush() # FIXME: needs commit() cause we do an redirect() which raises # an Exception. model.meta.Session.commit() post_update(user, model.update.UPDATE) redirect(h.entity_url(user, instance=c.instance))
def adopt(check, p): check.valid_email() if c.instance.allow_adopt and has('instance.admin'): return show(check, p) poll.create(check) check.other('proposal_cannot_adopt', not p.can_adopt())
def edit(check, u): check.readonly() if has('user.manage'): return show(check, u) check.other('user_not_self', u != c.user) check.other(NOT_LOGGED_IN, not c.user)
def delete(check, p): check.readonly() check.valid_email() if has('instance.admin'): return check.perm('proposal.delete') show(check, p) check.other('proposal_not_mutable', not p.is_mutable())
def edit(check, u): check.readonly() if has('user.manage'): return show(check, u) check.other('user_not_self', u != c.user) check.other(NOT_LOGGED_IN, not c.user) is_not_demo(check, c.user)
def edit(check, m): check.readonly() check.valid_email() check.other('instance_without_milestones', not c.instance.milestones) if has('instance.admin'): return check.perm('milestone.edit') show(check, m)
def wrapper(self): allowed_sender_options = self._get_allowed_sender_options(c.user) sender_email = self.form_result.get('sender_email') if ((sender_email not in allowed_sender_options) or (not allowed_sender_options[sender_email]['enabled'])): return ret_abort(_("Sorry, but you're not allowed to set these " "message options"), code=403) sender_name = None if has('global.message'): sender_name = self.form_result.get('sender_name') if not sender_name: sender_name = c.user.name recipients = User.all_q() filter_instances = self.form_result.get('filter_instances') recipients = recipients.join(Membership).filter( Membership.instance_id.in_(filter_instances)) filter_badges = self.form_result.get('filter_badges') if filter_badges: recipients = recipients.join(UserBadges, UserBadges.user_id == User.id) recipients = recipients.filter( UserBadges.badge_id.in_([fb.id for fb in filter_badges])) if has('global.admin'): include_footer = self.form_result.get('include_footer') else: include_footer = True if len(filter_instances) == 1: instance = Instance.find(filter_instances[0]) else: instance = None return func( self, self.form_result.get('subject'), self.form_result.get('body'), recipients.all(), sender_email=allowed_sender_options[sender_email]['email'], sender_name=sender_name, instance=instance, include_footer=include_footer, )
def wrapper(self): allowed_sender_options = self._get_allowed_sender_options(c.user) sender_email = self.form_result.get('sender_email') if ((sender_email not in allowed_sender_options) or (not allowed_sender_options[sender_email]['enabled'])): return ret_abort(_("Sorry, but you're not allowed to set these " "message options"), code=403) sender_name = None if has('global.message'): sender_name = self.form_result.get('sender_name') if not sender_name: sender_name = c.user.name recipients = User.all_q() filter_instances = self.form_result.get('filter_instances') recipients = recipients.join(Membership).filter( Membership.instance_id.in_(filter_instances)) filter_badges = self.form_result.get('filter_badges') if filter_badges: recipients = recipients.join(UserBadges, UserBadges.user_id == User.id) recipients = recipients.filter( UserBadges.badge_id.in_([fb.id for fb in filter_badges])) if has('global.admin'): include_footer = self.form_result.get('include_footer') else: include_footer = True if len(filter_instances) == 1: instance = Instance.find(filter_instances[0]) else: instance = None return func(self, self.form_result.get('subject'), self.form_result.get('body'), recipients.all(), sender_email=allowed_sender_options[sender_email]['email'], sender_name=sender_name, instance=instance, include_footer=include_footer, )
def get_allowed_instances(cls, user): """ returns all instances in which the given user has permission to send a message to all users """ if has('global.message'): return Instance.all() else: return [m.instance for m in user.memberships if (m.instance is not None and m.instance.is_authenticated and 'instance.message' in m.group.permissions)]
def breadcrumbs(user, dashboard=False): from adhocracy.lib.helpers import base_url items = [] if c.instance is not None: items.append(_url.link(_("Members"), base_url(u'/user'))) elif has('user.index_all'): items.append(_url.link(_("Members"), base_url(u'/user/all'))) if user is not None: items.append(_url.link(user.name, url(user))) if dashboard: items.append(_url.link(_('Dashboard'), base_url('/user/dashboard'))) return _url.root() + _url.BREAD_SEP.join(items)
def row_inline(proposal): global_admin = authorization.has("global.admin") if not proposal: return "" return render_tile( "/proposal/tiles.html", "row_inline", ProposalTile(proposal), proposal=proposal, cached=False, badgesglobal_admin=global_admin, )
def _get_badge_or_redirect(self, id): ''' Get a badge. Redirect if it does not exist. Redirect if the badge is not from the current instance, but the user is only an instance admin, not a global admin ''' badge = Badge.by_id(id, instance_filter=False) if badge is None: self._redirect_not_found(id) if badge.instance != c.instance and not has('global.admin'): self._redirect_not_found(id) return badge
def _get_allowed_instances(cls, user): """ returns all instances in which the given user has permission to send a message to all users """ if has('global.message'): return Instance.all() else: perm = Permission.find('instance.message') instances = [m.instance for m in user.memberships if (m.instance is not None and m.instance.is_authenticated and perm in m.group.permissions)] return sorted(instances, key=lambda i: i.label)
def _get_allowed_instances(cls, user): """ returns all instances in which the given user has permission to send a message to all users """ if has('global.message'): return Instance.all() else: perm = Permission.find('instance.message') return [ m.instance for m in user.memberships if (m.instance is not None and m.instance.is_authenticated and perm in m.group.permissions) ]
def _get_allowed_instances(cls, user): """ returns all instances in which the given user has permission to send a message to all users """ if has('global.message'): return Instance.all(include_hidden=True) else: perm = Permission.find('instance.message') instances = [ m.instance for m in user.memberships if (m.instance is not None and m.instance.is_authenticated and perm in m.group.permissions) ] return sorted(instances, key=lambda i: i.label)
def badges(self, id, errors=None): if has('global.admin'): c.badges = model.UserBadge.all(instance=None) else: c.badges = None c.page_user = get_entity_or_abort(model.User, id) instances = c.page_user and c.page_user.instances or [] c.instance_badges = [ {"label": instance.label, "badges": model.UserBadge.all(instance=instance)} for instance in instances] defaults = {'badge': [str(badge.id) for badge in c.page_user.badges]} return formencode.htmlfill.render( render("/user/badges.html"), defaults=defaults, force_defaults=False)
def select(selected, name='milestone'): options = [('--', _('(no milestone)'), selected is None)] if has('milestone.edit'): milestones = model.Milestone.all(instance=c.instance) else: milestones = model.Milestone.all_future(instance=c.instance) # Add the currently selected milestone if it is in the past # so it will be shown and won't be overwritten on save if (selected is not None) and (selected not in milestones): milestones.insert(0, selected) for milestone in milestones: options.append((milestone.id, milestone.title, milestone == selected)) return render_tile('/milestone/tiles.html', 'select', None, options=options, name=name)
def _check_item(self, item, line): error_list = [] user_name = item.get(USER_NAME, '').strip() email = item.get(EMAIL, '') badges = item.get(USER_BADGES, '') if email is not None: email = email.strip() validated = {} USERBADGE_VALIDATOR = ValidUserBadgeNames( not_empty=False, if_empty=[], instance_filter=(not has('global.admin'))) for (validator, value) in ( (USERNAME_VALIDATOR, user_name), (EMAIL_VALIDATOR, email), (USERBADGE_VALIDATOR, badges), ): try: validated[validator] = validator.to_python(value, None) except formencode.Invalid, E: error_list.append(u'%s (%s)' % (E.msg, value))
def can_welcome(): """ Can the current user set welcome codes? """ return welcome_enabled() and has('global.admin')
def supervise(check, u): check.other('not_in_instance', not c.instance) check.other('no_member_in_instance', not u.is_member(c.instance)) check.other('not_user.manage_or_instance.admin', not (has('user.manage') or has('instance.admin')))
def vote(check): check.other('vote_prohibited', has('vote.prohibit')) check.other('not_in_instance', not c.instance) check.other('not_logged_in', not c.user) check.perm('vote.cast')
def vote(check): check.readonly() check.other('vote_prohibited', has('vote.prohibit')) check.other('not_in_instance', not c.instance) check.other(NOT_LOGGED_IN, not c.user) check.perm('vote.cast')
def edit(check, u): if has('user.manage'): return show(check, u) check.other('user_not_self', u != c.user)
def delete(m): return has('milestone.delete') and show(m)
def message(check, p): check.readonly() if has('global.message'): return check.perm('proposal.message')
def supervise(check, u): check.readonly() check.other('not_in_instance', not c.instance) check.other('no_member_in_instance', not u.is_member(c.instance)) check.other('not_user.manage_or_instance.admin', not (has('user.manage') or has('instance.admin')))
def show(p): return has('proposal.show') and not p.is_deleted()
def can_edit(): if not get_backend().is_editable(): return False return has('global.staticpage')
def create(): if c.instance.frozen: return False return has('proposal.create')
def show(m): return (has('milestone.show') and c.instance.milestones and not m.is_deleted())
def adopt(p): if c.instance.allow_adopt and has('instance.admin'): return True return show(p) and poll.create() and p.can_adopt()
def index(): return has('proposal.show')
def delete(p): return has('proposal.delete') and show(p) and p.is_mutable()
def index(): return has('milestone.show') and c.instance.milestones