def _dictize_access_requests_list(_id, state, package=False):
if package:
reqs = AccessRequest.get_access_requests_for_pkg(_id, state)
else:
reqs = AccessRequest.get_access_requests_for_org(_id, state)
return [req.as_dict() for req in reqs]
def test_approve_request():
req = create_request()
assert req.state == "pending"
AccessRequest.set_access_request_state(
user_id='user', package_id='package', state='approved')
assert req.state == 'approved'
def _reject_or_approve(context, data_dict, state):
user = data_dict.get('user')
request_id = data_dict.get('request_id')
reject_reason = data_dict.get('reject_reason')
if not context.get('ignore_auth'):
check_access('manage_access_requests', context, data_dict)
if request_id:
access_request = AccessRequest.get_by_id(request_id)
if access_request:
pkg = get_package_by_id_or_bust({'id': access_request.package_id})
else:
pkg = get_package_by_id_or_bust(data_dict)
access_request = AccessRequest.get(user, pkg.id)
if not access_request:
raise ObjectNotFound
req = AccessRequest.set_access_request_state(user_id=user,
package_id=pkg.id,
state=state,
reason=reject_reason,
request_id=request_id)
_notify_on_state_change(req)
return req.as_dict()
def test_reject_request_by_request_id():
req = create_request(state='approved')
assert req.state == "approved"
AccessRequest.set_access_request_state(
user_id='user',
package_id='package',
state='rejected',
request_id=req.id
)
assert req.state == 'rejected'
def create_access_request(context, data_dict):
if not context.get('ignore_auth'):
check_access('create_access_request', context, data_dict)
pkg_id_or_name, reason, user = get_or_bust(data_dict,
['id', 'reason', 'user'])
user_org = data_dict.get('user_org')
# check if the package with such id exists to use it's ID
pkg = Package.get(pkg_id_or_name)
if not pkg:
raise ObjectNotFound()
req = AccessRequest.create_or_get_request(user_id=user,
package_id=pkg.id,
reason=reason,
org_id=pkg.owner_org)
# send email notifications to org custodians
if config.get('spc.access_request.send_admin_notification'):
notify_org_members(pkg.owner_org, {
'pkg': pkg,
'user': user,
'reason': reason,
'user_org': user_org
})
return req.as_dict()
def test_approve_not_existing_request():
req = AccessRequest.set_access_request_state(
user_id='user',
package_id='package',
state='rejected'
)
assert not req
def test_get_package_approved_requests():
create_request(user_id='user1')
create_request(user_id='user2', state='approved')
create_request(user_id='user3', state='approved')
reqs = AccessRequest.get_access_requests_for_pkg(
id='package', state='approved')
assert reqs.count() == 2
def test_get_org_pending_requests():
create_request(user_id='user1', package_id='package1')
create_request(user_id='user2', package_id='package2')
create_request(user_id='user3', package_id='package3', state='approved')
reqs = AccessRequest.get_access_requests_for_org(
id='org-name', state='pending')
assert reqs.count() == 2
def create_request(user_id='user',
package_id='package',
org_id='org-name',
state='pending',
reason='for fun'):
return AccessRequest.create_or_get_request(user_id=user_id,
package_id=package_id,
org_id=org_id,
state=state,
reason=reason)
def get_access_request(context, data_dict):
user = _get_or_bust(data_dict, 'user')
# check if the package with such id exists to use it's ID
pkg = get_package_by_id_or_bust(data_dict)
_check_access('get_access_request', context, data_dict)
req = AccessRequest.get(user_id=user, package_id=pkg.id)
if req:
return req.as_dict()
def restrict_dataset_show(context, data_dict):
if not context['user']:
return {'success': False}
is_member = _check_permission_for_org(context, data_dict)
is_accessed = AccessRequest.check_access_to_dataset(
context['user'], data_dict['id'])
restricted = data_dict.get('access', None) == 'restricted'
return {'success': is_member or is_accessed or not restricted}