def set_default_permissions(actor, instance):
"""Given an actor, target, and model, set the default permissions associated with that model."""
from concord.utils.helpers import Client
client = Client(actor=actor)
if hasattr(instance, "is_community") and instance.is_community:
model_type = "community"
else:
model_type = instance.__class__.__name__.lower()
default_permissions = get_default_permissions()
for permission in default_permissions.get(model_type, []):
logger.debug(f"Adding permission with parameters {permission} to {instance}")
client.update_target_on_all(target=instance)
if "conditions" in permission:
permission_dict = copy.deepcopy(permission)
conditions = permission_dict.pop("conditions", [])
action, created_permission = client.PermissionResource.add_permission(**permission_dict)
client.update_target_on_all(target=created_permission)
for condition_data in conditions:
action, result = client.Conditional.add_condition(**condition_data)
else:
action, created_permission = client.PermissionResource.add_permission(**permission)
def has_permission(action):
"""has_permission directs the flow of logic in the permissions pipeline. It returns information about
whether the action has permsision to take the action and if there are any conditions that need to be
triggered. It does not change the database or alter the action; instead, all information is passed back
via a list of dictionaries (one for each pipeline).
We preferentially enter the foundational pipeline if applicable. Otherwise we try the governing pipeline.
If not approved by governing pipeline, we try the specific pipeline."""
client = Client()
community = client.Community.get_owner(owned_object=action.target)
client.update_target_on_all(target=community)
if is_foundational(action):
return [foundational_permission_pipeline(action, client, community)]
if action.target.governing_permission_enabled:
governing_dict = governing_permission_pipeline(action, client,
community)
if governing_dict.status == "approved":
return [governing_dict]
else:
return [
governing_dict,
specific_permission_pipeline(action, client)
]
return [specific_permission_pipeline(action, client)]
def remove_condition(request,
target,
permission_or_leadership,
target_permission_id=None,
leadership_type=None,
element_id=None):
client = Client(actor=request.user)
if permission_or_leadership == "permission":
target = client.PermissionResource.get_permission(
pk=target_permission_id)
client.update_target_on_all(target)
action, result = client.Conditional.remove_condition(
element_id=element_id)
elif permission_or_leadership == "leadership":
target = client.Community.get_community(community_pk=target)
client.update_target_on_all(target)
action, result = client.Conditional.remove_condition(
leadership_type=leadership_type, element_id=element_id)
# TODO: pass in permission to get form data, if it's set on a permission
result = result.get_condition_form_data() if result else result
action_dict = get_action_dict(action)
action_dict.update({
"permission_or_leadership": permission_or_leadership,
"leadership_type": leadership_type,
"target_permission_id": target_permission_id,
"condition_info": result
})
return JsonResponse(action_dict)
def get_governance_data(request, target):
client = Client(actor=request.user)
default_target = client.Community.get_community(community_pk=target)
client.update_target_on_all(target=default_target)
roles = [{
'name': role_name,
'current_members': role_data
} for role_name, role_data in client.Community.get_custom_roles().items()]
governance_data = {
# leadership info
"owners":
client.Community.target.roles.get_owners(),
"governors":
client.Community.target.roles.get_governors(),
"governance_info":
json.dumps(client.Community.get_governance_info_as_text()),
# role/member info
"roles":
roles,
"current_members":
[member.pk for member in client.Community.get_members()],
"users": [{
'name': person.username,
'pk': person.pk
} for person in User.objects.all()]
}
return JsonResponse({"governance_data": governance_data})
def take_action(request, target, request_data):
# request_data = json.loads(request.body.decode('utf-8'))
client = Client(actor=request.user)
# set target as community, unless alt_target is provided
alt_target = request_data.pop("alt_target", None)
if alt_target:
model, pk = alt_target.split("_")
target = client.Action.get_object_given_model_and_pk(
model, int(pk), include_actions=True)
client.update_target_on_all(target=target)
else:
target = client.Community.get_community(community_pk=target)
client.update_target_on_all(target=target)
data_to_return = request_data.pop("data_to_return", None)
extra_data = request_data.pop("extra_data", None)
proposed = extra_data.pop("proposed", None) if extra_data else None
# actually call backend method to take action
action_name = request_data.pop('action_name')
method = client.get_method(action_name)
action, result = method(proposed=proposed, **request_data)
note = extra_data.pop("note", None) if extra_data else None
if note:
action.note = note
action.save()
return JsonResponse(
process_taken_action(action, result, target, data_to_return))
def check_permissions(request, target, permissions):
"""
Recieves a list of dicts, permissions. Each has a method name and, optionally, parameters and
an alias. For each permission, check if we have it. Store result under alias if supplied.
Returns a list of permission names with boolean values indicating whether user has the permissions."""
client = Client(actor=request.user)
default_target = client.Community.get_community(community_pk=target)
client.update_target_on_all(target=default_target)
permission_dict = {}
for permission_name, params in permissions.items():
pass_in_client = Client(actor=request.user, target=default_target)
alt_target = get_alt_target(client, params)
if alt_target == "action":
permission_dict.update({permission_name: True})
continue
if alt_target is not None:
pass_in_client.update_target_on_all(alt_target)
result = client.PermissionResource.has_permission(
pass_in_client, permission_name, params, exclude_conditional=True)
permission_dict.update({permission_name: result})
return JsonResponse({"user_permissions": permission_dict})
def get_forums(request, target):
client = Client(actor=request.user)
target = client.Community.get_community(community_pk=target)
client.update_target_on_all(target=target)
forums = client.Forum.get_forums_owned_by_target()
forum_list = serialize_forums_for_vue(forums)
return JsonResponse({"forums": forum_list})
def get_forum_data(request, target):
client = Client(actor=request.user)
default_target = client.Community.get_community(community_pk=target)
client.update_target_on_all(target=default_target)
return JsonResponse({
"forums":
serialize_forums_for_vue(client.Forum.get_forums_owned_by_target())
})
def get_documents(request, target):
client = Client(actor=request.user)
target = client.Community.get_community(community_pk=target)
client.update_target_on_all(target=target)
docs = client.Document.get_all_documents_given_owner(owner=target)
serialized_docs = serialize_documents_for_vue(docs)
return JsonResponse({"documents": serialized_docs})
def get_lists(request, target):
client = Client(actor=request.user)
target = client.Community.get_community(community_pk=target)
client.update_target_on_all(target=target)
lists = client.List.get_all_lists_given_owner(owner=target)
serialized_lists = serialize_lists_for_vue(lists)
return JsonResponse({"lists": serialized_lists})
def delete_permission(request, target, permission_id):
client = Client(actor=request.user, target=target)
permission = client.PermissionResource.get_permission(pk=permission_id)
client.update_target_on_all(permission)
# now remove permission
action, result = client.PermissionResource.remove_permission()
action_dict = get_action_dict(action)
action_dict.update({"removed_permission_pk": permission_id})
return JsonResponse(action_dict)
def create_group(request):
request_data = json.loads(request.body.decode('utf-8'))
group_name = request_data.get("group_name")
group_description = request_data.get("group_description")
client = Client(actor=request.user)
community = client.Community.create_community(name=group_name)
# add description - need to do this separately as create_community is a Concord method that doesn't know about the
# Group description field
client.update_target_on_all(community)
client.Group.edit_group(description=group_description)
return JsonResponse({"group_pk": community.pk})
def edit_condition(request,
target,
permission_or_leadership,
element_id,
target_permission_id=None,
leadership_type=None,
condition_data=None,
permission_data=None):
client = Client(actor=request.user)
if permission_or_leadership == "permission":
target = client.PermissionResource.get_permission(
pk=target_permission_id)
client.update_target_on_all(target)
action, result = client.Conditional.edit_condition(
element_id=element_id,
condition_data=condition_data,
permission_data=permission_data)
if action.status == "implemented":
condition_data = target.get_condition_data()
elif permission_or_leadership == "leadership":
target = client.Community.get_community(community_pk=target)
client.update_target_on_all(target)
action, result = client.Conditional.edit_condition(
element_id=element_id,
leadership_type=leadership_type,
condition_data=condition_data,
permission_data=permission_data)
if action.status == "implemented":
condition_data = target.get_condition_data(
leadership_type=leadership_type)
action_dict = get_action_dict(action)
action_dict.update({
"condition_info": condition_data,
"permission_or_leadership": permission_or_leadership,
"leadership_type": leadership_type,
"target_permission_id": target_permission_id
})
return JsonResponse(action_dict)
def apply_template(request,
target,
target_pk,
target_model,
template_model_pk,
supplied_fields=None):
client = Client(actor=request.user)
# get target
target = client.Action.get_object_given_model_and_pk(
target_model, int(target_pk))
client.update_target_on_all(target)
action, result = client.Template.apply_template(
template_model_pk=template_model_pk, supplied_fields=supplied_fields)
action_dict = get_action_dict(action)
return JsonResponse(action_dict)
def toggle_anyone(request, target):
request_data = json.loads(request.body.decode('utf-8'))
permission_id = request_data.get("permission_id")
enable_or_disable = request_data.get("enable_or_disable")
client = Client(actor=request.user)
target = client.PermissionResource.get_permission(pk=permission_id)
client.update_target_on_all(target=target)
if enable_or_disable == "enable":
action, result = client.PermissionResource.give_anyone_permission()
elif enable_or_disable == "disable":
action, result = client.PermissionResource.remove_anyone_from_permission(
)
action_dict = get_action_dict(action)
action_dict.update({"permission": get_permission_info(result)})
return JsonResponse(action_dict)
def check_permission(request,
target,
permission_name,
alt_target=None,
params=None):
client = Client(actor=request.user)
if alt_target:
target_to_use = get_alt_target2(client, alt_target)
else:
target_to_use = client.Community.get_community(community_pk=target)
client.update_target_on_all(target=target_to_use)
result = client.PermissionResource.has_permission(client,
permission_name,
params,
exclude_conditional=True)
return JsonResponse({"user_permissions": {permission_name: result}})
def get_permission_data(request, target):
client = Client(actor=request.user)
default_target = client.Community.get_community(community_pk=target)
client.update_target_on_all(target=default_target)
permission_options = get_permission_options(client)
condition_options, condition_configuration_options = get_condition_options(
client)
dependent_field_options = get_all_dependent_fields()
owner_condition = client.Community.get_condition_data(
leadership_type="owner")
governor_condition = client.Community.get_condition_data(
leadership_type="governor")
return JsonResponse({
"permission_options": permission_options,
"condition_options": condition_options,
"condition_configuration_options": condition_configuration_options,
"dependent_field_options": dependent_field_options,
"owner_condition": owner_condition,
"governor_condition": governor_condition
})
