def post(self, task_id, comment_id, preview_file_id): task = tasks_service.get_task(task_id) user_service.check_project_access(task["project_id"]) tasks_service.get_comment(comment_id) person = persons_service.get_current_user() related_preview_file = files_service.get_preview_file(preview_file_id) preview_file = tasks_service.add_preview_file_to_comment( comment_id, person["id"], task_id, related_preview_file["revision"]) return preview_file, 201
def delete(self, instance_id): """ Delete a comment corresponding at given ID. """ comment = tasks_service.get_comment(instance_id) # TODO: only the self user or a manager can delete a commentary if comment["object_type"] == "Task": task = tasks_service.get_task(comment["object_id"]) user_service.check_project_access(task["project_id"]) self.pre_delete(comment) tasks_service.reset_task_data(comment["object_id"]) self.post_delete(comment) elif comment["object_type"] == "OutputFile": output_file = files_service.get_output_file(comment["object_id"]) if output_file.get("entity_id"): instance = entities_service.get_entity( output_file["entity_id"]) elif output_file.get("asset_instance_id"): instance = assets_service.get_asset_instance( output_file["asset_instance_id"]) user_service.check_project_access(instance["project_id"]) else: current_app.logger.warn("Not yet implemented") return "", 404 deletion_service.remove_comment(comment["id"]) tasks_service.clear_comment_cache(comment["id"]) return "", 204
def post(self, task_id, comment_id): is_movie = self.get_arguments() task = tasks_service.get_task(task_id) if not permissions.has_manager_permissions(): user_service.check_assigned(task_id) comment = tasks_service.get_comment(comment_id) task_status = tasks_service.get_task_status(comment.task_status_id) person = persons_service.get_current_user() if not task_status["is_reviewable"]: return { "error": "Comment status is not reviewable, you cannot link a " "preview to it." }, 400 revision = tasks_service.get_next_preview_revision(task_id) preview = files_service.create_preview_file(task["name"], revision, task["id"], person["id"], is_movie) comment.update({"preview_file_id": preview["id"]}) events.emit("preview:add", { "comment_id": comment_id, "task_id": task_id, "preview": preview }) return preview, 201
def delete(self, task_id, comment_id): """ Delete a comment corresponding at given ID. --- tags: - Tasks parameters: - in: path name: task_id required: True schema: type: UUID example: a24a6ea4-ce75-4665-a070-57453082c25 - in: path name: comment_id required: True schema: type: UUID example: a24a6ea4-ce75-4665-a070-57453082c25 responses: 204: description: Comment corresponding at given ID deleted """ comment = tasks_service.get_comment(comment_id) task = tasks_service.get_task(comment["object_id"]) if permissions.has_manager_permissions(): user_service.check_project_access(task["project_id"]) else: user_service.check_person_access(comment["person_id"]) self.pre_delete(comment) deletion_service.remove_comment(comment_id) tasks_service.reset_task_data(comment["object_id"]) tasks_service.clear_comment_cache(comment_id) self.post_delete(comment) return "", 204
def post(self, task_id, comment_id): """ Add a preview to given task. --- tags: - Tasks description: "Revision is automatically set: it is equal to last revision + 1." parameters: - in: path name: task_id required: True schema: type: UUID example: a24a6ea4-ce75-4665-a070-57453082c25 - in: path name: comment_id required: True schema: type: UUID example: a24a6ea4-ce75-4665-a070-57453082c25 responses: 201: description: Preview added to given task """ task = tasks_service.get_task(task_id) user_service.check_project_access(task["project_id"]) user_service.check_entity_access(task["entity_id"]) comment = tasks_service.get_comment(comment_id) tasks_service.get_task_status(comment["task_status_id"]) person = persons_service.get_current_user() preview_file = tasks_service.add_preview_file_to_comment( comment_id, person["id"], task_id) return preview_file, 201
def check_read_permissions(self, instance): attachment_file = instance comment = tasks_service.get_comment(attachment_file["comment_id"]) task = tasks_service.get_task(comment["object_id"]) user_service.check_project_access(task["project_id"]) user_service.check_entity_access(task["entity_id"]) return True
def get(self, task_id, comment_id): """ Get comment corresponding at given ID. --- tags: - Tasks parameters: - in: path name: task_id required: True schema: type: UUID example: a24a6ea4-ce75-4665-a070-57453082c25 - in: path name: comment_id required: True schema: type: UUID example: a24a6ea4-ce75-4665-a070-57453082c25 responses: 200: description: Comment corresponding at given ID """ comment = tasks_service.get_comment(comment_id) user_service.check_comment_access(comment) return comment
def remove_comment_and_related(self, comment_id): comment = tasks_service.get_comment(comment_id) if comment["preview_file_id"] is not None: files_service.delete_preview_file(comment["preview_file_id"]) notifs = notifications_service.delete_notifications_for_comment( comment["id"]) current_app.logger.info(notifs) tasks_service.delete_comment(comment["id"])
def delete(self, instance_id): """ Delete a comment corresponding at given ID. """ comment = tasks_service.get_comment(instance_id) task = tasks_service.get_task(comment["object_id"]) user_service.check_project_access(task["project_id"]) deletion_service.remove_comment(comment["id"]) return '', 204
def post(self, task_id, comment_id): task = tasks_service.get_task(task_id) user_service.check_project_access(task["project_id"]) comment = tasks_service.get_comment(comment_id) tasks_service.get_task_status(comment["task_status_id"]) person = persons_service.get_current_user() preview_file = tasks_service.add_preview_file_to_comment( comment_id, person["id"], task_id) return preview_file, 201
def post(self, task_id, comment_id, preview_file_id): """ Add a preview to given comment. --- tags: - Tasks parameters: - in: path name: task_id required: True schema: type: UUID example: a24a6ea4-ce75-4665-a070-57453082c25 - in: path name: comment_id required: True schema: type: UUID example: a24a6ea4-ce75-4665-a070-57453082c25 - in: path name: preview_file_id required: True schema: type: UUID example: a24a6ea4-ce75-4665-a070-57453082c25 responses: 201: description: Preview added to given comment """ task = tasks_service.get_task(task_id) user_service.check_project_access(task["project_id"]) user_service.check_entity_access(task["entity_id"]) tasks_service.get_comment(comment_id) person = persons_service.get_current_user() related_preview_file = files_service.get_preview_file(preview_file_id) preview_file = tasks_service.add_preview_file_to_comment( comment_id, person["id"], task_id, related_preview_file["revision"]) return preview_file, 201
def delete(self, instance_id): """ Delete a comment corresponding at given ID. """ comment = tasks_service.get_comment(instance_id) task = tasks_service.get_task(comment["object_id"]) user_service.check_manager_project_access(task["project_id"]) self.pre_delete(comment) deletion_service.remove_comment(comment["id"]) tasks_service.reset_task_data(comment["object_id"]) tasks_service.clear_comment_cache(comment["id"]) self.post_delete(comment) return "", 204
def delete(self, task_id, comment_id): """ Delete a comment corresponding at given ID. """ comment = tasks_service.get_comment(comment_id) task = tasks_service.get_task(comment["object_id"]) if permissions.has_manager_permissions(): user_service.check_project_access(task["project_id"]) else: user_service.check_person_access(comment["person_id"]) self.pre_delete(comment) deletion_service.remove_comment(comment_id) tasks_service.reset_task_data(comment["object_id"]) tasks_service.clear_comment_cache(comment_id) self.post_delete(comment) return "", 204
def get(self, attachment_file_id): attachment_file = comments_service.get_attachment_file( attachment_file_id) comment = tasks_service.get_comment(attachment_file["comment_id"]) task = tasks_service.get_task(comment["object_id"]) user_service.check_project_access(task["project_id"]) file_path = comments_service.get_attachment_file_path(attachment_file) try: return flask_send_file( file_path, conditional=True, mimetype=attachment_file["mimetype"], as_attachment=False, attachment_filename=attachment_file["name"], ) except: abort(404)
def check_comment_access(comment_id): """ Return true if current user can have access to a comment. """ if permissions.has_admin_permissions(): return True else: comment = tasks_service.get_comment(comment_id) person_id = comment["person_id"] task_id = comment["object_id"] task = tasks_service.get_task(task_id) if task is None: tasks_service.clear_task_cache(task_id) task = tasks_service.get_task(task_id) check_project_access(task["project_id"]) check_entity_access(task["entity_id"]) if ( permissions.has_supervisor_permissions() or permissions.has_manager_permissions() ): return True elif permissions.has_client_permissions(): current_user = persons_service.get_current_user() project = projects_service.get_project(task["project_id"]) if project.get("is_clients_isolated", False): if not comment["person_id"] == current_user["id"]: raise permissions.PermissionDenied if persons_service.get_person(person_id)["role"] == "client": return True else: raise permissions.PermissionDenied elif persons_service.get_person(person_id)["role"] == "client": raise permissions.PermissionDenied return True
def post(self, task_id, comment_id): files = request.files permissions.check_admin_permissions() comment = tasks_service.get_comment(comment_id) comment = comments_service.add_attachments_to_comment(comment, files) return comment["attachment_files"], 201
def remove_comment_and_related(self, comment_id): comment = tasks_service.get_comment(comment_id) notifications_service.delete_notifications_for_comment(comment["id"]) tasks_service.delete_comment(comment["id"]) if comment["preview_file_id"] is not None: files_service.remove_preview_file(comment["preview_file_id"])