def obj_create(self, bundle, **kwargs):
#validator not being called
data = bundle.data
user = bundle.request.user
thegroup = Group.objects.create(name=data['name'])
thegroup.save()
#creator of the group can edit by default
assign_perm(UserProfile.get_permission_name('edit'), user, thegroup)
assign_perm(UserProfile.get_permission_name('view'), user, thegroup)
bundle.obj = thegroup
# User always has edit permissions for group he made
user.groups.add(thegroup)
user.save()
# Users are in the group
if 'users' in data:
thegroup.user_set = []
users = [User.objects.get(pk=userid) for userid in data['users']]
thegroup.user_set = users
if 'request_id' in data and data['request_id']:
req = Request.objects.get(id=data['request_id'])
assign_perm(Request.get_permission_name('view'), thegroup, req)
thegroup.save()
return bundle
def obj_create(self, bundle, **kwargs):
#validator not being called
data = bundle.data
user = bundle.request.user
thegroup = Group.objects.create(name=data['name'])
thegroup.save()
#creator of the group can edit by default
assign_perm(UserProfile.get_permission_name('edit'), user, thegroup)
assign_perm(UserProfile.get_permission_name('view'), user, thegroup)
bundle.obj = thegroup
# User always has edit permissions for group he made
user.groups.add(thegroup)
user.save()
# Users are in the group
if 'users' in data:
thegroup.user_set = []
users = [User.objects.get(pk=userid) for userid in data['users']]
thegroup.user_set = users
if 'request_id' in data and data['request_id']:
req = Request.objects.get(id=data['request_id'])
assign_perm(Request.get_permission_name('view'), thegroup, req)
thegroup.save()
return bundle
def handle(self, *args, **options):
excluded = ['public', 'AnonymousUser']
for user in User.objects.all():
group = Group.objects.get(name=user.username)
assign_perm(UserProfile.get_permission_name('edit'), user, group)
print '1 set %s %s' % (group.name, user.username)
#retroactive support for editing permissions on groups
#make everyone an editor of the group because we can't track who created the group
for group in Group.objects.all().exclude(name__in=excluded):
for user in group.user_set.all():
assign_perm(UserProfile.get_permission_name('edit'), user, group)
assign_perm(UserProfile.get_permission_name('view'), user, group)
print '2 set %s %s' % (group.name, user.username)
def dehydrate(self, bundle):
if 'request_id' not in bundle.data.keys():
bundle.data['request_id'] = bundle.request.GET.get("request_id", None)
bundle.data['toggle_to_edit'] = bundle.request.user.has_perm(UserProfile.get_permission_name('edit'), bundle.obj)
if bundle.data['request_id']:
checker = ObjectPermissionChecker(bundle.obj)
bundle.data['toggle_to_edit'] = checker.has_perm(Request.get_permission_name('edit'), Request.objects.get(id=bundle.data['request_id']))
if not bundle.request.user.is_authenticated():
bundle.data['can_edit'] = False
bundle.data['can_edit'] = bundle.request.user.has_perm(UserProfile.get_permission_name('edit'), bundle.obj)
bundle.data['type'] = 'group'
for usr in bundle.data['users']:
usr.data['toggle_to_edit'] = usr.obj.has_perm(UserProfile.get_permission_name('edit'), bundle.obj)
return bundle
def test_add_user_to_group(self):
self.add_user_to_group(self.usertwo)
self.assertEqual(self.usertwo.groups.filter(name=self.post_data['name']).count(), 1)
#user who created a group has ownership over it
self.assertEqual(self.user.has_perm(UserProfile.get_permission_name('edit'), self.group), True)
self.assertEqual(self.usertwo.has_perm(UserProfile.get_permission_name('edit'), self.group), False)
self.assertEqual(self.user.has_perm(UserProfile.get_permission_name('view'), self.group), True)
self.assertEqual(self.usertwo.has_perm(UserProfile.get_permission_name('view'), self.group), True)
#user two didn't create the group but is part of it, usertwo shouldn't be able to add userthree to the group in this case
self.get_credentials_other(self.usertwo.username)
users = self.get_user_json(self.userthree)
groupjson = self.groupJSON.copy()
groupjson['users'].append(users)
update_resp = self.api_client.put(groupjson['resource_uri'], format='json', data=groupjson, authentication=self.get_credentials_other(self.usertwo.username))
self.assertEqual(self.userthree.groups.filter(name=self.post_data['name']).count(), 0)
#remove a user from the group
groupjson['users'] = [self.get_user_json(self.user)]
update_resp = self.api_client.put(groupjson['resource_uri'], format='json', data=groupjson, authentication=self.get_credentials())
self.assertEqual(self.usertwo.groups.filter(name=self.post_data['name']).count(), 0)
self.assertEqual(self.user.has_perm(UserProfile.get_permission_name('edit'), self.group), True)
self.assertEqual(self.user.has_perm(UserProfile.get_permission_name('view'), self.group), True)
self.assertEqual(self.usertwo.has_perm(UserProfile.get_permission_name('edit'), self.group), False)
self.assertEqual(self.usertwo.has_perm(UserProfile.get_permission_name('view'), self.group), False)
def handle(self, *args, **options):
excluded = ['public', 'AnonymousUser']
for user in User.objects.all():
group = Group.objects.get(name=user.username)
assign_perm(UserProfile.get_permission_name('edit'), user, group)
print '1 set %s %s' % (group.name, user.username)
#retroactive support for editing permissions on groups
#make everyone an editor of the group because we can't track who created the group
for group in Group.objects.all().exclude(name__in=excluded):
for user in group.user_set.all():
assign_perm(UserProfile.get_permission_name('edit'), user,
group)
assign_perm(UserProfile.get_permission_name('view'), user,
group)
print '2 set %s %s' % (group.name, user.username)
def apply_filters(self, request, applicable_filters):
filters = applicable_filters
if 'groups__name' in filters:
groups_name = filters.pop('groups__name')
else:
groups_name = None
if 'groups__id' in filters:
groups_id = filters.pop('groups__id')
else:
groups_id = None
filtered = super(RequestResource,
self).apply_filters(request, applicable_filters)
group = None
if groups_id:
try:
group = Group.objects.get(id=groups_id)
except:
pass
if groups_name:
try:
group = Group.objects.get(name=groups_name)
except:
pass
if group and request.user.has_perm(
UserProfile.get_permission_name('view'), group):
return get_objects_for_group(
group,
Request.get_permissions_path('view')).filter(~Q(status='X'))
return filtered
def apply_filters(self, request, applicable_filters):
filters = applicable_filters
if 'groups__name' in filters:
groups_name = filters.pop('groups__name')
else:
groups_name = None
if 'groups__id' in filters:
groups_id = filters.pop('groups__id')
else:
groups_id = None
filtered = super(RequestResource, self).apply_filters(request, applicable_filters)
group = None
if groups_id:
try:
group = Group.objects.get(id = groups_id)
except:
pass
if groups_name:
try:
group = Group.objects.get(name = groups_name)
except:
pass
if group and request.user.has_perm(UserProfile.get_permission_name('view'), group):
return get_objects_for_group(group, Request.get_permissions_path('view')).filter(~Q(status='X'))
return filtered
def test_add_user_to_group(self):
self.add_user_to_group(self.usertwo)
self.assertEqual(
self.usertwo.groups.filter(name=self.post_data['name']).count(), 1)
#user who created a group has ownership over it
self.assertEqual(
self.user.has_perm(UserProfile.get_permission_name('edit'),
self.group), True)
self.assertEqual(
self.usertwo.has_perm(UserProfile.get_permission_name('edit'),
self.group), False)
self.assertEqual(
self.user.has_perm(UserProfile.get_permission_name('view'),
self.group), True)
self.assertEqual(
self.usertwo.has_perm(UserProfile.get_permission_name('view'),
self.group), True)
#user two didn't create the group but is part of it, usertwo shouldn't be able to add userthree to the group in this case
self.get_credentials_other(self.usertwo.username)
users = self.get_user_json(self.userthree)
groupjson = self.groupJSON.copy()
groupjson['users'].append(users)
update_resp = self.api_client.put(
groupjson['resource_uri'],
format='json',
data=groupjson,
authentication=self.get_credentials_other(self.usertwo.username))
self.assertEqual(
self.userthree.groups.filter(name=self.post_data['name']).count(),
0)
#remove a user from the group
groupjson['users'] = [self.get_user_json(self.user)]
update_resp = self.api_client.put(
groupjson['resource_uri'],
format='json',
data=groupjson,
authentication=self.get_credentials())
self.assertEqual(
self.usertwo.groups.filter(name=self.post_data['name']).count(), 0)
self.assertEqual(
self.user.has_perm(UserProfile.get_permission_name('edit'),
self.group), True)
self.assertEqual(
self.user.has_perm(UserProfile.get_permission_name('view'),
self.group), True)
self.assertEqual(
self.usertwo.has_perm(UserProfile.get_permission_name('edit'),
self.group), False)
self.assertEqual(
self.usertwo.has_perm(UserProfile.get_permission_name('view'),
self.group), False)
def dehydrate(self, bundle):
if 'request_id' not in bundle.data.keys():
bundle.data['request_id'] = bundle.request.GET.get(
"request_id", None)
bundle.data['toggle_to_edit'] = bundle.request.user.has_perm(
UserProfile.get_permission_name('edit'), bundle.obj)
if bundle.data['request_id']:
checker = ObjectPermissionChecker(bundle.obj)
bundle.data['toggle_to_edit'] = checker.has_perm(
Request.get_permission_name('edit'),
Request.objects.get(id=bundle.data['request_id']))
if not bundle.request.user.is_authenticated():
bundle.data['can_edit'] = False
bundle.data['can_edit'] = bundle.request.user.has_perm(
UserProfile.get_permission_name('edit'), bundle.obj)
bundle.data['type'] = 'group'
for usr in bundle.data['users']:
usr.data['toggle_to_edit'] = usr.obj.has_perm(
UserProfile.get_permission_name('edit'), bundle.obj)
return bundle
def obj_update(self, bundle, **kwargs):
data = bundle.data
user = bundle.request.user
bundle.obj = Group.objects.get(id=data['id'])
if 'data' in data.keys():
#if 'action' in data['data'].keys() and data['data']['action'] == 'chown':
#we are associating, disassociating... assuming the USER is taking action here
if 'request_id' in data.keys() and data['request_id']:
req = Request.objects.get(id=data['request_id'])
if 'action' in data['data'].keys() and req.author == bundle.request.user:
if data['data']['action'] == 'associate':
assign_perm(Request.get_permission_name('view'), bundle.obj, req)
bundle.data['data']['result'] = 'associated'
elif data['data']['action'] == 'disassociate':
remove_perm(Request.get_permission_name('view'), bundle.obj, req)
remove_perm(Request.get_permission_name('edit'), bundle.obj, req)
bundle.data['data']['result'] = 'disassociated'
elif data['data']['action'] == 'change-access':
#right now we are toggling between view and edit
checker = ObjectPermissionChecker(bundle.obj)
if checker.has_perm(Request.get_permission_name('view'), req) and not checker.has_perm(Request.get_permission_name('edit'), req):
assign_perm(Request.get_permission_name('edit'), bundle.obj, req)
elif user.has_perm(Request.get_permission_name('edit'), req):
remove_perm(Request.get_permission_name('edit'), bundle.obj, req)
else:
raise ImmediateHttpResponse(HttpForbidden("We couldn't determine the appropriate permissions to assign. Sorry."))
else:
logger.info("%s tried to remove users from request %s owned by %s" % (bundle.request.user, req, req.author))
raise ImmediateHttpResponse(HttpBadRequest("It appears you don't have permission to change that user or group's permission."))
else:
can_edit = bundle.request.user.has_perm(UserProfile.get_permission_name('edit'), bundle.obj)
if not can_edit:
raise ImmediateHttpResponse(HttpForbidden("It doesn't appear you can edit this group."))
if 'action' in data['data'].keys() and data['data']['action'] == 'rename':
bundle.obj.name = data['name']
bundle.obj.save()
if 'action' in data['data'].keys() and data['data']['action'] == 'chown' and 'user_id' in data['data'].keys() and data['data']['user_id']:
#change user permission on a group object
other_user = User.objects.get(id=data['data']['user_id'])
o_can_edit = other_user.has_perm(UserProfile.get_permission_name('edit'), bundle.obj)
if o_can_edit:
#toggled to view
remove_perm(UserProfile.get_permission_name('edit'), other_user, bundle.obj)
else:
#toggled to edit
assign_perm(UserProfile.get_permission_name('edit'), other_user, bundle.obj)
else:
'''
NOTE about group permissions
The creator of the requst is the only one who can share a request with other users and groups
Otherwise the request could be shared with any number of people
'''
can_edit = bundle.request.user.has_perm(UserProfile.get_permission_name('edit'), bundle.obj)
if not can_edit:
raise ImmediateHttpResponse(HttpForbidden("It doesn't appear you can edit this group."))
#we are adding or removing users to the group on the group page
users = set([User.objects.get(pk=user['id']) for user in data['users']])
existing_users = set([usr for usr in bundle.obj.user_set.all()])
to_remove = existing_users - users
#need to remove and set permissions here
for usr in to_remove:
remove_perm(UserProfile.get_permission_name('edit'), usr, bundle.obj)
remove_perm(UserProfile.get_permission_name('view'), usr, bundle.obj)
for usr in users:
#users can view but not edit by default
assign_perm(UserProfile.get_permission_name('view'), usr, bundle.obj)
bundle.obj.user_set = users
bundle.obj.save()
data.pop('data', None)
data.pop('request_id', None)
return bundle
def test_change_user_group_perms(self):
self.add_user_to_group(self.usertwo)
self.assertEqual(self.usertwo.groups.filter(name=self.post_data['name']).count(), 1)
groupjson = self.groupJSON.copy()
groupjson['data'] = {'action': 'chown', 'user_id': self.usertwo.id}
update_resp = self.api_client.put(groupjson['resource_uri'], format='json', data=groupjson, authentication=self.get_credentials())
self.assertEqual(self.usertwo.has_perm(UserProfile.get_permission_name('edit'), self.group), True)
self.assertEqual(self.userthree.has_perm(UserProfile.get_permission_name('edit'), self.group), False)
self.assertEqual(self.user.has_perm(UserProfile.get_permission_name('edit'), self.group), True)
groupjson = self.groupJSON.copy()
groupjson['data'] = {'action': 'chown', 'user_id': self.userthree.id}
#attempt to grant permissions without using an editor user
update_resp = self.api_client.put(groupjson['resource_uri'], format='json', data=groupjson, authentication=self.get_credentials_other(self.userthree.username))
self.assertEqual(self.usertwo.has_perm(UserProfile.get_permission_name('edit'), self.group), True)
self.assertEqual(self.userthree.has_perm(UserProfile.get_permission_name('edit'), self.group), False)
self.assertEqual(self.user.has_perm(UserProfile.get_permission_name('edit'), self.group), True)
#grant permissions using an editor user
update_resp = self.api_client.put(groupjson['resource_uri'], format='json', data=groupjson, authentication=self.get_credentials_other(self.usertwo.username))
self.assertEqual(self.usertwo.has_perm(UserProfile.get_permission_name('edit'), self.group), True)
self.assertEqual(self.userthree.has_perm(UserProfile.get_permission_name('edit'), self.group), True)
self.assertEqual(self.user.has_perm(UserProfile.get_permission_name('edit'), self.group), True)
#take away edit permissions
update_resp = self.api_client.put(groupjson['resource_uri'], format='json', data=groupjson, authentication=self.get_credentials_other(self.usertwo.username))
self.assertEqual(self.usertwo.has_perm(UserProfile.get_permission_name('edit'), self.group), True)
self.assertEqual(self.userthree.has_perm(UserProfile.get_permission_name('edit'), self.group), False)
self.assertEqual(self.user.has_perm(UserProfile.get_permission_name('edit'), self.group), True)
def handle(self, *args, **options):
users = [
User.objects.get(username='******'),
#User.objects.get(username='******'),
#User.objects.get(username='******'),
#User.objects.get(username='******')
]
up = UserProfile.objects.get(user=users[0])
up.tags.add(ncaa_tag_name)
up.tags.add(coach_tag_name)
for user in users:
assign_perm(UserProfile.get_permission_name('edit'), user, ncaa_group)
assign_perm(UserProfile.get_permission_name('view'), user, ncaa_group)
assign_perm(UserProfile.get_permission_name('edit'), user, coach_group)
assign_perm(UserProfile.get_permission_name('view'), user, coach_group)
#Request.objects.all().delete()
ncaa_text_to_use = """
Pursuant to the %s, I am requesting the following documents:<br/><br/>\
The equity/revenue-and-expenses report completed by the athletic department for the \
National Collegiate Athletic Association for the 2014 fiscal year. This report is a \
multi-page document that had to be submitted to the NCAA by Jan. 15, 2015. \
It contains 38 revenue and expense categories, followed by specific breakdowns of \
each of those categories, by sport and gender. I am requesting the full report, \
including the detail tables and the Statement of Revenues and Expenses that appear at the end of the report. <br/><br/>\
PLEASE NOTE: The NCAA report is different than the equity report that is sent to the\
U.S. Department of Education for Title IX compliance. <br/><br/>\
%s
"""
coach_text_to_use = """
Pursuant to %s, I am requesting the following documents:<br/><br/>\
The current contracts for %s. If a contract is under negotiation, \
please forward the current contract but let me know that a new contract may be forthcoming. \
If there is no contact for one or both, please forward the letter(s) of intent or other \
document(s) outlining each employee's conditions of employment \
-- including bonus structure -- and/or a current statement of salary. <br/><br/>\
%s
"""
fname = settings.SITE_ROOT + "/apps/requests/data/NCAA-pio.csv"
#with codecs.open(fname, 'w', encoding="utf-8") as f:
# resp = requests.get("https://docs.google.com/spreadsheets/d/1kccaiCCYIHOTEvpUWQiKs51v6K2TNRX7-NN6l1WtzyM/pub?output=csv")
# f.write(resp.text)
reader = list(UnicodeReader(open(fname, 'rb')))
#create contacts
header = reader[0]
for idx, row in enumerate(reader[1:]):
user = users[0]
up = UserProfile.objects.get(user=user)
state = row[header.index('STATE')]
agency_name = row[header.index("UNIVERSITY")]
pio = row[header.index("PIO OFFICER")]
email = row[header.index("PIO Email")]
phone = row[header.index("PIO Phone")]
sid_pio = row[header.index("SID ")]
sid_email = row[header.index("SID Email")]
sid_phone = row[header.index("SID Phone")]
is_power = (row[header.index("Power Conference")] == 'TRUE')
is_private = (row[header.index("Is Private")] == 'TRUE')
if not is_private and state != '' and email != 'N/A' and pio != 'N/A' and agency_name != '':
govt = get_or_create_us_govt(state, 'state')
fname = pio.split(" ")[0]
lname = pio.split(" ")[-1]
middle = ''
#alter table `contacts_contact` convert to character set utf8 collate utf8_general_ci;
#alter table `agency_agency` convert to character set utf8 collate utf8_general_ci;
#alter table `requests_request` convert to character set utf8 collate utf8_general_ci;
try:
agency, acreated = Agency.objects.get_or_create(name=agency_name, government=govt)
except Exception as e:
print e
print "If more than one agency was returned, pick one!"
import pdb;pdb.set_trace()
try:
contact, ccreated = agency.contacts.get_or_create(first_name=fname, middle_name=middle, last_name=lname)
except Exception as e:
print e
print "If more than one contact was returned, pick one!"
import pdb;pdb.set_trace()
sid_contact = None
if phone != 'N/A':
contact.add_phone(phone)
contact.add_email(email)
#agency.contacts.add(contact)
if sid_pio != 'N/A' and sid_email != 'N/A':
fname = sid_pio.split(" ")[0]
lname = sid_pio.split(" ")[-1]
sid_contact, ccreated = Contact.objects.get_or_create(first_name=fname, middle_name='', last_name=lname)
sid_contact.add_title("SID")
sid_contact.add_email(sid_email)
if sid_phone != 'N/A':
sid_contact.add_phone(sid_phone)
agency.contacts.add(sid_contact)
contacts = [contact]
if sid_contact is not None:
contacts = [contact, sid_contact]
agency.save()
#logger.info('agency %s %s contact %s %s %s %s' % (agency_name, acreated, fname, middle, lname, ccreated))
law_texts = []
for l in govt.statutes.all():
law_texts.append('%s' % (l.short_title,))
misc_graf = """
Please advise me in advance of the estimated charges associated with fulfilling \
this request.</br></br>In the interest of expediency, and to minimize the research\
and/or duplication burden on your staff, please send records electronically if possible.\
If this is not possible, please notify me by phone at %s before sending to the address listed below.
""" % (up.phone)
misc_graf += '<br/></br>Sincerly,<br/><br/>%s<br/>%s<br/>%s<br/>%s' % (user.first_name + ' ' + user.last_name, up.mailing_address, up.mailing_city + ', ' + up.mailing_state + ' ' + up.mailing_zip, up.phone)
if not is_power:
fields_to_use = {
'author': user,
'title': 'NCAA Report - %s' % agency_name,
'free_edit_body': ncaa_text_to_use % (' and '.join(law_texts), misc_graf),
'private': True,
'text': ncaa_text_to_use
}
therequest = Request(**fields_to_use)
therequest.date_added = datetime.now()
therequest.save()
therequest.contacts = contacts
therequest.government = govt
therequest.agency = agency
therequest.tags.add(ncaa_tag_name)
therequest.save()
assign_perm(Request.get_permission_name('view'), ncaa_group, therequest)
#assign_perm(Request.get_permission_name('edit'), thegroup, therequest)
coaches = [
'Football Coach',
'Offensive Coord.',
'Defensive Coord.',
"Men's BB Coach",
"Women's BB Coach"
]
coaches_str = []
for coach in coaches:
val = row[header.index(coach)].strip()
if val != 'N/A' and val != '':
coaches_str.append("%s (%s)" % (val, coach))
print val
fields_to_use = {
'author': user,
'title': 'Coach Contracts - %s' % agency_name,
'free_edit_body': coach_text_to_use % (' and '.join(law_texts), ', '.join(coaches_str), misc_graf),
'private': True,
'text': coach_text_to_use
}
therequest = Request(**fields_to_use)
therequest.date_added = datetime.now()
therequest.save()
therequest.contacts = contacts
therequest.government = govt
therequest.agency = agency
therequest.tags.add(coach_tag_name)
therequest.save()
assign_perm(Request.get_permission_name('view'), coach_group, therequest)
def handle(self, *args, **options):
users = [
User.objects.get(username='******'),
#User.objects.get(username='******'),
#User.objects.get(username='******'),
#User.objects.get(username='******')
]
up = UserProfile.objects.get(user=users[0])
up.tags.add(ncaa_tag_name)
up.tags.add(coach_tag_name)
for user in users:
assign_perm(UserProfile.get_permission_name('edit'), user,
ncaa_group)
assign_perm(UserProfile.get_permission_name('view'), user,
ncaa_group)
assign_perm(UserProfile.get_permission_name('edit'), user,
coach_group)
assign_perm(UserProfile.get_permission_name('view'), user,
coach_group)
#Request.objects.all().delete()
ncaa_text_to_use = """
Pursuant to the %s, I am requesting the following documents:<br/><br/>\
The equity/revenue-and-expenses report completed by the athletic department for the \
National Collegiate Athletic Association for the 2014 fiscal year. This report is a \
multi-page document that had to be submitted to the NCAA by Jan. 15, 2015. \
It contains 38 revenue and expense categories, followed by specific breakdowns of \
each of those categories, by sport and gender. I am requesting the full report, \
including the detail tables and the Statement of Revenues and Expenses that appear at the end of the report. <br/><br/>\
PLEASE NOTE: The NCAA report is different than the equity report that is sent to the\
U.S. Department of Education for Title IX compliance. <br/><br/>\
%s
"""
coach_text_to_use = """
Pursuant to %s, I am requesting the following documents:<br/><br/>\
The current contracts for %s. If a contract is under negotiation, \
please forward the current contract but let me know that a new contract may be forthcoming. \
If there is no contact for one or both, please forward the letter(s) of intent or other \
document(s) outlining each employee's conditions of employment \
-- including bonus structure -- and/or a current statement of salary. <br/><br/>\
%s
"""
fname = settings.SITE_ROOT + "/apps/requests/data/NCAA-pio.csv"
#with codecs.open(fname, 'w', encoding="utf-8") as f:
# resp = requests.get("https://docs.google.com/spreadsheets/d/1kccaiCCYIHOTEvpUWQiKs51v6K2TNRX7-NN6l1WtzyM/pub?output=csv")
# f.write(resp.text)
reader = list(UnicodeReader(open(fname, 'rb')))
#create contacts
header = reader[0]
for idx, row in enumerate(reader[1:]):
user = users[0]
up = UserProfile.objects.get(user=user)
state = row[header.index('STATE')]
agency_name = row[header.index("UNIVERSITY")]
pio = row[header.index("PIO OFFICER")]
email = row[header.index("PIO Email")]
phone = row[header.index("PIO Phone")]
sid_pio = row[header.index("SID ")]
sid_email = row[header.index("SID Email")]
sid_phone = row[header.index("SID Phone")]
is_power = (row[header.index("Power Conference")] == 'TRUE')
is_private = (row[header.index("Is Private")] == 'TRUE')
if not is_private and state != '' and email != 'N/A' and pio != 'N/A' and agency_name != '':
govt = get_or_create_us_govt(state, 'state')
fname = pio.split(" ")[0]
lname = pio.split(" ")[-1]
middle = ''
#alter table `contacts_contact` convert to character set utf8 collate utf8_general_ci;
#alter table `agency_agency` convert to character set utf8 collate utf8_general_ci;
#alter table `requests_request` convert to character set utf8 collate utf8_general_ci;
try:
agency, acreated = Agency.objects.get_or_create(
name=agency_name, government=govt)
except Exception as e:
print e
print "If more than one agency was returned, pick one!"
import pdb
pdb.set_trace()
try:
contact, ccreated = agency.contacts.get_or_create(
first_name=fname, middle_name=middle, last_name=lname)
except Exception as e:
print e
print "If more than one contact was returned, pick one!"
import pdb
pdb.set_trace()
sid_contact = None
if phone != 'N/A':
contact.add_phone(phone)
contact.add_email(email)
#agency.contacts.add(contact)
if sid_pio != 'N/A' and sid_email != 'N/A':
fname = sid_pio.split(" ")[0]
lname = sid_pio.split(" ")[-1]
sid_contact, ccreated = Contact.objects.get_or_create(
first_name=fname, middle_name='', last_name=lname)
sid_contact.add_title("SID")
sid_contact.add_email(sid_email)
if sid_phone != 'N/A':
sid_contact.add_phone(sid_phone)
agency.contacts.add(sid_contact)
contacts = [contact]
if sid_contact is not None:
contacts = [contact, sid_contact]
agency.save()
#logger.info('agency %s %s contact %s %s %s %s' % (agency_name, acreated, fname, middle, lname, ccreated))
law_texts = []
for l in govt.statutes.all():
law_texts.append('%s' % (l.short_title, ))
misc_graf = """
Please advise me in advance of the estimated charges associated with fulfilling \
this request.</br></br>In the interest of expediency, and to minimize the research\
and/or duplication burden on your staff, please send records electronically if possible.\
If this is not possible, please notify me by phone at %s before sending to the address listed below.
""" % (up.phone)
misc_graf += '<br/></br>Sincerly,<br/><br/>%s<br/>%s<br/>%s<br/>%s' % (
user.first_name + ' ' + user.last_name, up.mailing_address,
up.mailing_city + ', ' + up.mailing_state + ' ' +
up.mailing_zip, up.phone)
if not is_power:
fields_to_use = {
'author':
user,
'title':
'NCAA Report - %s' % agency_name,
'free_edit_body':
ncaa_text_to_use %
(' and '.join(law_texts), misc_graf),
'private':
True,
'text':
ncaa_text_to_use
}
therequest = Request(**fields_to_use)
therequest.date_added = datetime.now()
therequest.save()
therequest.contacts = contacts
therequest.government = govt
therequest.agency = agency
therequest.tags.add(ncaa_tag_name)
therequest.save()
assign_perm(Request.get_permission_name('view'),
ncaa_group, therequest)
#assign_perm(Request.get_permission_name('edit'), thegroup, therequest)
coaches = [
'Football Coach', 'Offensive Coord.', 'Defensive Coord.',
"Men's BB Coach", "Women's BB Coach"
]
coaches_str = []
for coach in coaches:
val = row[header.index(coach)].strip()
if val != 'N/A' and val != '':
coaches_str.append("%s (%s)" % (val, coach))
print val
fields_to_use = {
'author':
user,
'title':
'Coach Contracts - %s' % agency_name,
'free_edit_body':
coach_text_to_use % (' and '.join(law_texts),
', '.join(coaches_str), misc_graf),
'private':
True,
'text':
coach_text_to_use
}
therequest = Request(**fields_to_use)
therequest.date_added = datetime.now()
therequest.save()
therequest.contacts = contacts
therequest.government = govt
therequest.agency = agency
therequest.tags.add(coach_tag_name)
therequest.save()
assign_perm(Request.get_permission_name('view'), coach_group,
therequest)
def obj_update(self, bundle, **kwargs):
data = bundle.data
user = bundle.request.user
bundle.obj = Group.objects.get(id=data['id'])
if 'data' in data.keys():
#if 'action' in data['data'].keys() and data['data']['action'] == 'chown':
#we are associating, disassociating... assuming the USER is taking action here
if 'request_id' in data.keys() and data['request_id']:
req = Request.objects.get(id=data['request_id'])
if 'action' in data['data'].keys(
) and req.author == bundle.request.user:
if data['data']['action'] == 'associate':
assign_perm(Request.get_permission_name('view'),
bundle.obj, req)
bundle.data['data']['result'] = 'associated'
elif data['data']['action'] == 'disassociate':
remove_perm(Request.get_permission_name('view'),
bundle.obj, req)
remove_perm(Request.get_permission_name('edit'),
bundle.obj, req)
bundle.data['data']['result'] = 'disassociated'
elif data['data']['action'] == 'change-access':
#right now we are toggling between view and edit
checker = ObjectPermissionChecker(bundle.obj)
if checker.has_perm(
Request.get_permission_name('view'),
req) and not checker.has_perm(
Request.get_permission_name('edit'), req):
assign_perm(Request.get_permission_name('edit'),
bundle.obj, req)
elif user.has_perm(Request.get_permission_name('edit'),
req):
remove_perm(Request.get_permission_name('edit'),
bundle.obj, req)
else:
raise ImmediateHttpResponse(
HttpForbidden(
"We couldn't determine the appropriate permissions to assign. Sorry."
))
else:
logger.info(
"%s tried to remove users from request %s owned by %s"
% (bundle.request.user, req, req.author))
raise ImmediateHttpResponse(
HttpBadRequest(
"It appears you don't have permission to change that user or group's permission."
))
else:
can_edit = bundle.request.user.has_perm(
UserProfile.get_permission_name('edit'), bundle.obj)
if not can_edit:
raise ImmediateHttpResponse(
HttpForbidden(
"It doesn't appear you can edit this group."))
if 'action' in data['data'].keys(
) and data['data']['action'] == 'rename':
bundle.obj.name = data['name']
bundle.obj.save()
if 'action' in data['data'].keys(
) and data['data']['action'] == 'chown' and 'user_id' in data[
'data'].keys() and data['data']['user_id']:
#change user permission on a group object
other_user = User.objects.get(id=data['data']['user_id'])
o_can_edit = other_user.has_perm(
UserProfile.get_permission_name('edit'), bundle.obj)
if o_can_edit:
#toggled to view
remove_perm(UserProfile.get_permission_name('edit'),
other_user, bundle.obj)
else:
#toggled to edit
assign_perm(UserProfile.get_permission_name('edit'),
other_user, bundle.obj)
else:
'''
NOTE about group permissions
The creator of the requst is the only one who can share a request with other users and groups
Otherwise the request could be shared with any number of people
'''
can_edit = bundle.request.user.has_perm(
UserProfile.get_permission_name('edit'), bundle.obj)
if not can_edit:
raise ImmediateHttpResponse(
HttpForbidden(
"It doesn't appear you can edit this group."))
#we are adding or removing users to the group on the group page
users = set(
[User.objects.get(pk=user['id']) for user in data['users']])
existing_users = set([usr for usr in bundle.obj.user_set.all()])
to_remove = existing_users - users
#need to remove and set permissions here
for usr in to_remove:
remove_perm(UserProfile.get_permission_name('edit'), usr,
bundle.obj)
remove_perm(UserProfile.get_permission_name('view'), usr,
bundle.obj)
for usr in users:
#users can view but not edit by default
assign_perm(UserProfile.get_permission_name('view'), usr,
bundle.obj)
bundle.obj.user_set = users
bundle.obj.save()
data.pop('data', None)
data.pop('request_id', None)
return bundle
def handle(self, *args, **options):
letter_responses = {}
if len(args) < 1:
print "Please provide ID of Google Spreadsheet"
return -1
idd = args[0]
resp = requests.get("https://docs.google.com/spreadsheets/d/%s/pub?output=csv" % idd)
reader = list(csv.reader(resp.content.split('\n'), delimiter=','))
header = reader[0]
for row in reader[1:-1]:
#get user, contact and agency
user = User.objects.get(username=row[header.index('username')])
user_profile = UserProfile.objects.get(user=user)
govt = get_or_create_us_govt(row[header.index("state")], 'state')
agency, acreated = Agency.objects.get_or_create(name=row[header.index("agency")], government=govt)
contact, ccreated = agency.contacts.get_or_create(
first_name=row[header.index("contact.first.name")],
middle_name=row[header.index("contact.middle.name")],
last_name=row[header.index("contact.last.name")])
if row[header.index("contact.email")] != "":
contact.add_email(row[header.index("contact.email")])
if row[header.index("contact.phone")] != "":
contact.add_phone(row[header.index("contact.phone")])
#set up group and tags
group, created = Group.objects.get_or_create(name=row[header.index("group")])
assign_perm(UserProfile.get_permission_name('edit'), user, group)
assign_perm(UserProfile.get_permission_name('view'), user, group)
user.groups.add(group)
user_profile.tags.add(row[header.index("tag")])
#assemble law text
law_texts = []
for l in govt.statutes.all():
law_texts.append('%s' % (l.short_title,))
law_text = ' and '.join(law_texts)
#get the letter template
letter_url = row[header.index("letter.url")]
letter_template = ''
if letter_url in letter_responses.keys():
letter_template = letter_responses[letter_url]
else:
letter_resp = requests.get(letter_url)
letter_template = letter_resp.content
letter_responses[letter_url] = letter_template
#render the template
context = Context({
'contact': contact,
'user_profile': user_profile,
'user': user,
'law_text': law_text
})
template = Template(letter_template)
letter = template.render(context)
#create the request
fields_to_use = {
'author': user,
'title': row[header.index("request.title")],
'free_edit_body': letter,
'private': True if row[header.index("request.private")] == "TRUE" else False,
'text': letter#silly distinction leftover from old days but fill it in
}
#delete all requests that look like the one i'm about to make so we don't have duplicates floating around
Request.objects.filter(author=user, title=row[header.index("request.title")]).delete()
#create the request
therequest = Request(**fields_to_use)
therequest.date_added = datetime.now()
therequest.save()
therequest.contacts = [contact]
therequest.government = govt
therequest.agency = agency
therequest.tags.add(row[header.index("tag")])
therequest.save()
#assing permissions to the request
assign_perm(Request.get_permission_name('view'), group, therequest)
assign_perm(Request.get_permission_name('edit'), group, therequest)
if row[header.index("request.send")] == "TRUE":
therequest.send()
print "SENT request %s" % row[header.index("request.title")]
else:
print "STAGED request %s" % row[header.index("request.title")]
def test_change_user_group_perms(self):
self.add_user_to_group(self.usertwo)
self.assertEqual(
self.usertwo.groups.filter(name=self.post_data['name']).count(), 1)
groupjson = self.groupJSON.copy()
groupjson['data'] = {'action': 'chown', 'user_id': self.usertwo.id}
update_resp = self.api_client.put(
groupjson['resource_uri'],
format='json',
data=groupjson,
authentication=self.get_credentials())
self.assertEqual(
self.usertwo.has_perm(UserProfile.get_permission_name('edit'),
self.group), True)
self.assertEqual(
self.userthree.has_perm(UserProfile.get_permission_name('edit'),
self.group), False)
self.assertEqual(
self.user.has_perm(UserProfile.get_permission_name('edit'),
self.group), True)
groupjson = self.groupJSON.copy()
groupjson['data'] = {'action': 'chown', 'user_id': self.userthree.id}
#attempt to grant permissions without using an editor user
update_resp = self.api_client.put(
groupjson['resource_uri'],
format='json',
data=groupjson,
authentication=self.get_credentials_other(self.userthree.username))
self.assertEqual(
self.usertwo.has_perm(UserProfile.get_permission_name('edit'),
self.group), True)
self.assertEqual(
self.userthree.has_perm(UserProfile.get_permission_name('edit'),
self.group), False)
self.assertEqual(
self.user.has_perm(UserProfile.get_permission_name('edit'),
self.group), True)
#grant permissions using an editor user
update_resp = self.api_client.put(
groupjson['resource_uri'],
format='json',
data=groupjson,
authentication=self.get_credentials_other(self.usertwo.username))
self.assertEqual(
self.usertwo.has_perm(UserProfile.get_permission_name('edit'),
self.group), True)
self.assertEqual(
self.userthree.has_perm(UserProfile.get_permission_name('edit'),
self.group), True)
self.assertEqual(
self.user.has_perm(UserProfile.get_permission_name('edit'),
self.group), True)
#take away edit permissions
update_resp = self.api_client.put(
groupjson['resource_uri'],
format='json',
data=groupjson,
authentication=self.get_credentials_other(self.usertwo.username))
self.assertEqual(
self.usertwo.has_perm(UserProfile.get_permission_name('edit'),
self.group), True)
self.assertEqual(
self.userthree.has_perm(UserProfile.get_permission_name('edit'),
self.group), False)
self.assertEqual(
self.user.has_perm(UserProfile.get_permission_name('edit'),
self.group), True)
def handle(self, *args, **options):
letter_responses = {}
if len(args) < 1:
print "Please provide ID of Google Spreadsheet"
return -1
idd = args[0]
resp = requests.get(
"https://docs.google.com/spreadsheets/d/%s/pub?output=csv" % idd)
reader = list(csv.reader(resp.content.split('\n'), delimiter=','))
header = reader[0]
for row in reader[1:-1]:
#get user, contact and agency
user = User.objects.get(username=row[header.index('username')])
user_profile = UserProfile.objects.get(user=user)
govt = get_or_create_us_govt(row[header.index("state")], 'state')
agency, acreated = Agency.objects.get_or_create(
name=row[header.index("agency")], government=govt)
contact, ccreated = agency.contacts.get_or_create(
first_name=row[header.index("contact.first.name")],
middle_name=row[header.index("contact.middle.name")],
last_name=row[header.index("contact.last.name")])
if row[header.index("contact.email")] != "":
contact.add_email(row[header.index("contact.email")])
if row[header.index("contact.phone")] != "":
contact.add_phone(row[header.index("contact.phone")])
#set up group and tags
group, created = Group.objects.get_or_create(
name=row[header.index("group")])
assign_perm(UserProfile.get_permission_name('edit'), user, group)
assign_perm(UserProfile.get_permission_name('view'), user, group)
user.groups.add(group)
user_profile.tags.add(row[header.index("tag")])
#assemble law text
law_texts = []
for l in govt.statutes.all():
law_texts.append('%s' % (l.short_title, ))
law_text = ' and '.join(law_texts)
#get the letter template
letter_url = row[header.index("letter.url")]
letter_template = ''
if letter_url in letter_responses.keys():
letter_template = letter_responses[letter_url]
else:
letter_resp = requests.get(letter_url)
letter_template = letter_resp.content
letter_responses[letter_url] = letter_template
#render the template
context = Context({
'contact': contact,
'user_profile': user_profile,
'user': user,
'law_text': law_text
})
template = Template(letter_template)
letter = template.render(context)
#create the request
fields_to_use = {
'author':
user,
'title':
row[header.index("request.title")],
'free_edit_body':
letter,
'private':
True
if row[header.index("request.private")] == "TRUE" else False,
'text':
letter #silly distinction leftover from old days but fill it in
}
#delete all requests that look like the one i'm about to make so we don't have duplicates floating around
Request.objects.filter(
author=user,
title=row[header.index("request.title")]).delete()
#create the request
therequest = Request(**fields_to_use)
therequest.date_added = datetime.now()
therequest.save()
therequest.contacts = [contact]
therequest.government = govt
therequest.agency = agency
therequest.tags.add(row[header.index("tag")])
therequest.save()
#assing permissions to the request
assign_perm(Request.get_permission_name('view'), group, therequest)
assign_perm(Request.get_permission_name('edit'), group, therequest)
if row[header.index("request.send")] == "TRUE":
therequest.send()
print "SENT request %s" % row[header.index("request.title")]
else:
print "STAGED request %s" % row[header.index("request.title")]
