def get(self, uri_path, query_params=None):
headers = {'Accept': 'application/json'}
if query_params is None:
query_params = {}
if uri_path[0] == '/':
uri_path = uri_path[1:]
url = 'https://api.trello.com/1/%s' % uri_path
response = requests.get(url,
params=query_params,
headers=headers,
auth=self.oauth)
if response.status_code == 400:
raise exc.WrongArguments(
_("Invalid Request: %s at %s") % (response.text, url))
if response.status_code == 401:
raise exc.AuthenticationFailed(
_("Unauthorized: %s at %s") % (response.text, url))
if response.status_code == 403:
raise exc.PermissionDenied(
_("Unauthorized: %s at %s") % (response.text, url))
if response.status_code == 404:
raise exc.NotFound(
_("Resource Unavailable: %s at %s") % (response.text, url))
if response.status_code != 200:
raise exc.WrongArguments(
_("Resource Unavailable: %s at %s") % (response.text, url))
return response.json()
def permission_denied(self, request):
"""
If request is not permitted, determine what kind of exception to raise.
"""
if not request.successful_authenticator:
raise exceptions.NotAuthenticated()
raise exceptions.PermissionDenied()
def bulk_update_order(self, request, **kwargs):
# bulkStories should be:
# [[1,1],[23, 2], ...]
# TODO: Generate the histoy snaptshot when change the uss order in the backlog.
# Implement order with linked lists \o/.
bulk_stories = request.DATA.get("bulkStories", None)
if bulk_stories is None:
raise exc.BadRequest(_("bulkStories parameter is mandatory"))
project_id = request.DATA.get('projectId', None)
if project_id is None:
raise exc.BadRequest(_("projectId parameter ir mandatory"))
project = get_object_or_404(Project, id=project_id)
if request.user != project.owner and not has_project_perm(
request.user, project, 'change_userstory'):
raise exc.PermissionDenied(
_("You don't have permisions to create user stories."))
service = services.UserStoriesService()
service.bulk_update_order(project, request.user, bulk_stories)
return Response(data=None, status=status.HTTP_204_NO_CONTENT)
def bulk_create(self, request, **kwargs):
bulk_stories = request.DATA.get('bulkStories', None)
if bulk_stories is None:
raise exc.BadRequest(_('bulkStories parameter is mandatory'))
project_id = request.DATA.get('projectId', None)
if project_id is None:
raise exc.BadRequest(_('projectId parameter is mandatory'))
project = get_object_or_404(Project, id=project_id)
if request.user != project.owner and not has_project_perm(
request.user, project, 'add_userstory'):
raise exc.PermissionDenied(
_("You don't have permisions to create user stories."))
service = services.UserStoriesService()
user_stories = service.bulk_insert(project,
request.user,
bulk_stories,
callback_on_success=self.post_save)
user_stories_serialized = self.serializer_class(user_stories,
many=True)
return Response(data=user_stories_serialized.data)
def pre_conditions_on_save(self, obj):
super().pre_conditions_on_save(obj)
if (obj.project.owner != self.request.user
and obj.project.memberships.filter(
user=self.request.user).count() == 0):
raise exc.PermissionDenied(
_("You don't have permissions for add/modify this user story"))
if obj.milestone and obj.milestone.project != obj.project:
raise exc.PermissionDenied(
_("You don't have permissions for add/modify this user story"))
if obj.status and obj.status.project != obj.project:
raise exc.PermissionDenied(
_("You don't have permissions for add/modify this user story"))
def pre_conditions_on_save(self, obj):
super().pre_conditions_on_save(obj)
if obj.milestone_id and obj.milestone.project != obj.project:
raise exc.PermissionDenied(
_("You don't have permissions to set this sprint "
"to this user story."))
if obj.status_id and obj.status.project != obj.project:
raise exc.PermissionDenied(
_("You don't have permissions to set this status "
"to this user story."))
if obj.swimlane_id and obj.swimlane.project != obj.project:
raise exc.PermissionDenied(
_("You don't have permissions to set this swimlane "
"to this user story."))
def pre_conditions_on_save(self, obj):
super().pre_conditions_on_save(obj)
if obj.milestone and obj.milestone.project != obj.project:
raise exc.PermissionDenied(_("You don't have permissions to set this milestone to this issue."))
if obj.status and obj.status.project != obj.project:
raise exc.PermissionDenied(_("You don't have permissions to set this status to this issue."))
if obj.severity and obj.severity.project != obj.project:
raise exc.PermissionDenied(_("You don't have permissions to set this severity to this issue."))
if obj.priority and obj.priority.project != obj.project:
raise exc.PermissionDenied(_("You don't have permissions to set this priority to this issue."))
if obj.type and obj.type.project != obj.project:
raise exc.PermissionDenied(_("You don't have permissions to set this type to this issue."))
def check_permissions(self, request, view, obj=None):
if not obj or not request.user.is_authenticated():
return False
if not services.can_user_join_project(request.user, obj):
raise exc.PermissionDenied(
_("Can't join project '%s' because it is private" % obj.slug))
return True
def pre_conditions_on_save(self, obj):
super().pre_conditions_on_save(obj)
if (obj.project.owner != self.request.user
and obj.project.memberships.filter(
user=self.request.user).count() == 0):
raise exc.PermissionDenied(
_("You don't haver permissions for add/modify "
"this wiki page."))
def pre_conditions_on_save(self, obj):
super().pre_conditions_on_save(obj)
if (obj.project.owner != self.request.user
and obj.project.memberships.filter(
user=self.request.user).count() == 0):
raise exc.PermissionDenied(
_("You don't have permissions for "
"add attachments to this user story"))
def check_permissions(self, request, view, obj=None):
if not obj or not request.user.is_authenticated():
return False
try:
if not services.can_user_leave_project(request.user, obj):
raise exc.PermissionDenied(_("You can't leave the project if there are no "
"more owners"))
return True
except Membership.DoesNotExist:
return False
def filter_queryset(self, request, queryset, view):
project_id = request.QUERY_PARAMS.get('project', None)
if project_id:
Project = apps.get_model('projects', 'Project')
project = get_object_or_404(Project, pk=project_id)
if request.user.is_authenticated() and project.memberships.filter(user=request.user).exists():
return queryset.filter(memberships__project=project).distinct()
else:
raise exc.PermissionDenied(_("You don't have permisions to see this project users."))
if request.user.is_superuser:
return queryset
return []
def _validate_response(self, response):
if response.status_code == 400:
raise exc.WrongArguments(
_("Invalid Request: %s at %s") % (response.text, response.url))
if response.status_code == 401:
raise exc.AuthenticationFailed(
_("Unauthorized: %s at %s") % (response.text, response.url))
if response.status_code == 403:
raise exc.PermissionDenied(
_("Unauthorized: %s at %s") % (response.text, response.url))
if response.status_code == 404:
raise exc.NotFound(
_("Resource Unavailable: %s at %s") %
(response.text, response.url))
if response.status_code != 200:
raise exc.WrongArguments(
_("Resource Unavailable: %s at %s") %
(response.text, response.url))
def bulk_update_order(self, request, **kwargs):
bulk_data = request.DATA.get(self.bulk_update_param, None)
if bulk_data is None:
raise exc.BadRequest(
_("%s parameter is mandatory") % self.bulk_update_param)
project_id = request.DATA.get('project', None)
if project_id is None:
raise exc.BadRequest(_("project parameter ir mandatory"))
project = get_object_or_404(models.Project, id=project_id)
if request.user != project.owner and not has_project_perm(
request.user, project, self.bulk_update_perm):
raise exc.PermissionDenied(
_("You don't have permisions %s.") % self.bulk_update_perm)
self.bulk_update_order(project, request.user, bulk_data)
return Response(data=None, status=status.HTTP_204_NO_CONTENT)
def list(self, request, **kwargs):
project_model = get_model("projects", "Project")
text = request.QUERY_PARAMS.get('text', "")
get_all = request.QUERY_PARAMS.get('get_all', False)
project_id = request.QUERY_PARAMS.get('project', None)
try:
project = self._get_project(project_id)
except (project_model.DoesNotExist, TypeError):
raise excp.PermissionDenied({"detail": "Wrong project id"})
result = {
"userstories": self._search_user_stories(project, text, get_all),
"tasks": self._search_tasks(project, text, get_all),
"issues": self._search_issues(project, text, get_all),
"wikipages": self._search_wiki_pages(project, text, get_all)
}
result["count"] = sum(map(lambda x: len(x), result.values()))
return Response(result)
def github_login_func(request):
logger.debug(
"Attempting login using taiga_contrib_github_extended_auth plugin....")
code = request.DATA.get('code', None)
token = request.DATA.get('token', None)
auth_info = login(code)
headers = connector.HEADERS.copy()
headers["Authorization"] = "token {}".format(auth_info.access_token)
user_info = connector.get_user_profile(headers=headers)
username = user_info.username
logger.debug("username: {0}".format(username))
organization = getattr(settings, "TAIGA_GITHUB_EXTENDED_AUTH_ORG", None)
logger.debug("organization: {0}".format(organization))
if organization and check_org_membership(
username, organization, headers=headers):
logger.debug("confirmed membership...")
emails = connector.get_user_emails(headers=headers)
primary_email = next(filter(lambda x: x.is_primary, emails))
user = github_register(username=username,
email=primary_email,
full_name=user_info.full_name,
github_id=user_info.id,
bio=user_info.bio,
token=token)
return make_auth_response_data(user)
else:
raise exc.PermissionDenied(
detail=
"User {0} was not a member of GitHub organization {1} and is not permitted to register for access to this Taiga instance."
.format(username, organization))
def list(self, request, **kwargs):
project_model = apps.get_model("projects", "Project")
text = request.QUERY_PARAMS.get('text', "")
project_id = request.QUERY_PARAMS.get('project', None)
try:
project = self._get_project(project_id)
except (project_model.DoesNotExist, TypeError):
raise excp.PermissionDenied({"detail": "Wrong project id"})
result = {}
if user_has_perm(request.user, "view_us", project):
result["userstories"] = self._search_user_stories(project, text)
if user_has_perm(request.user, "view_tasks", project):
result["tasks"] = self._search_tasks(project, text)
if user_has_perm(request.user, "view_issues", project):
result["issues"] = self._search_issues(project, text)
if user_has_perm(request.user, "view_wiki_pages", project):
result["wikipages"] = self._search_wiki_pages(project, text)
result["count"] = sum(map(lambda x: len(x), result.values()))
return Response(result)
def list(self, *args, **kwargs):
raise exc.PermissionDenied(_("You don't have permisions to see that."))
