def checkIsStudentProposalPubliclyVisible(self, django_args): """Checks whether the proposal's content can be seen by everyone. Args: django_args: a dictionary with django's arguments Raises: AccessViolationResponse: - If there is no proposal found - If the proposal cannot be publicly seen """ proposal_entity = student_proposal_logic.getFromKeyFieldsOr404( django_args) user = self.user proposal_owner = proposal_entity.scope.user.key().id_or_name() # student may see his own proposal even if public view is not available if user and user.key().id_or_name() == proposal_owner: return if not proposal_entity.is_publicly_visible: raise out_of_band.AccessViolation( message_fmt=DEF_PROPOSAL_NOT_PUBLIC) return
def checkIsStudentProposalPubliclyVisible(self, django_args): """Checks whether the proposal's content can be seen by everyone. Args: django_args: a dictionary with django's arguments Raises: AccessViolationResponse: - If there is no proposal found - If the proposal cannot be publicly seen """ proposal_entity = student_proposal_logic.getFromKeyFieldsOr404(django_args) user = self.user proposal_owner = proposal_entity.scope.user.key().id_or_name() # student may see his own proposal even if public view is not available if user and user.key().id_or_name() == proposal_owner: return if not proposal_entity.is_publicly_visible: raise out_of_band.AccessViolation( message_fmt=DEF_PROPOSAL_NOT_PUBLIC) return
def checkRoleAndStatusForStudentProposal(self, django_args, allowed_roles, role_status, proposal_status): """Checks if the current user has access to the given proposal. Args: django_args: a dictionary with django's arguments allowed_roles: list with names for the roles allowed to pass access check role_status: list with states allowed for the role proposal_status: a list with states allowed for the proposal Raises: AccessViolationResponse: - If there is no proposal found - If the proposal is not in one of the required states. - If the user does not have any ofe the required roles """ self.checkIsUser(django_args) # bail out with 404 if no proposal is found proposal_entity = student_proposal_logic.getFromKeyFieldsOr404( django_args) if not proposal_entity.status in proposal_status: # this proposal can not be accessed at the moment raise out_of_band.AccessViolation( message_fmt=access.DEF_NO_ACTIVE_ENTITY_MSG) user_entity = self.user if 'proposer' in allowed_roles: # check if this proposal belongs to the current user student_entity = proposal_entity.scope if (user_entity.key() == student_entity.user.key()) and (student_entity.status in role_status): return filter = {'user': user_entity, 'status': role_status} if 'host' in allowed_roles: # check if the current user is a host for this proposal's program filter['scope'] = proposal_entity.program.scope if host_logic.getForFields(filter, unique=True): return if 'org_admin' in allowed_roles: # check if the current user is an admin for this proposal's org filter['scope'] = proposal_entity.org if org_admin_logic.getForFields(filter, unique=True): return if 'mentor' in allowed_roles: # check if the current user is a mentor for this proposal's org filter['scope'] = proposal_entity.org if mentor_logic.getForFields(filter, unique=True): return # no roles found, access denied raise out_of_band.AccessViolation(message_fmt=access.DEF_NEED_ROLE_MSG)
def checkRoleAndStatusForStudentProposal(self, django_args, allowed_roles, role_status, proposal_status): """Checks if the current user has access to the given proposal. Args: django_args: a dictionary with django's arguments allowed_roles: list with names for the roles allowed to pass access check role_status: list with states allowed for the role proposal_status: a list with states allowed for the proposal Raises: AccessViolationResponse: - If there is no proposal found - If the proposal is not in one of the required states. - If the user does not have any ofe the required roles """ self.checkIsUser(django_args) # bail out with 404 if no proposal is found proposal_entity = student_proposal_logic.getFromKeyFieldsOr404(django_args) if not proposal_entity.status in proposal_status: # this proposal can not be accessed at the moment raise out_of_band.AccessViolation( message_fmt=access.DEF_NO_ACTIVE_ENTITY_MSG) user_entity = self.user if 'proposer' in allowed_roles: # check if this proposal belongs to the current user student_entity = proposal_entity.scope if (user_entity.key() == student_entity.user.key()) and ( student_entity.status in role_status): return filter = {'user': user_entity, 'status': role_status} if 'host' in allowed_roles: # check if the current user is a host for this proposal's program filter['scope'] = proposal_entity.program.scope if host_logic.getForFields(filter, unique=True): return if 'org_admin' in allowed_roles: # check if the current user is an admin for this proposal's org filter['scope'] = proposal_entity.org if org_admin_logic.getForFields(filter, unique=True): return if 'mentor' in allowed_roles: # check if the current user is a mentor for this proposal's org filter['scope'] = proposal_entity.org if mentor_logic.getForFields(filter, unique=True): return # no roles found, access denied raise out_of_band.AccessViolation( message_fmt=access.DEF_NEED_ROLE_MSG)