Python principals.EventPrincipal类代码示例

def test_has_management_permission_explicit_fail():
    p = EventPrincipal(permissions=['foo'])
    # no permission specified
    with pytest.raises(ValueError):
        p.has_management_permission(explicit=True)
    with pytest.raises(ValueError):
        EventPrincipal.has_management_permission(explicit=True)

def _merge_users(target, source, **kwargs):
    from indico.modules.events.models.persons import EventPerson
    from indico.modules.events.models.principals import EventPrincipal
    EventPerson.merge_users(target, source)
    EventPrincipal.merge_users(target, source, 'event')
    target.event_roles |= source.event_roles
    source.event_roles.clear()

def test_has_management_role_explicit_fail():
    p = EventPrincipal(roles=['foo'])
    # no role specified
    with pytest.raises(ValueError):
        p.has_management_role(explicit=True)
    with pytest.raises(ValueError):
        EventPrincipal.has_management_role(explicit=True)

    def _associate_users_by_email(self, event):
        # link objects to users by email where possible
        # event principals
        emails = [p.email for p in EventPrincipal.query.with_parent(event).filter_by(type=PrincipalType.email)]
        for user in User.query.filter(~User.is_deleted, User.all_emails.in_(emails)):
            EventPrincipal.replace_email_with_user(user, 'event')

        # session principals
        query = (SessionPrincipal.query
                 .filter(SessionPrincipal.session.has(Session.event == event),
                         SessionPrincipal.type == PrincipalType.email))
        emails = [p.email for p in query]
        for user in User.query.filter(~User.is_deleted, User.all_emails.in_(emails)):
            SessionPrincipal.replace_email_with_user(user, 'session')

        # contribution principals
        query = (ContributionPrincipal.query
                 .filter(ContributionPrincipal.contribution.has(Contribution.event == event),
                         ContributionPrincipal.type == PrincipalType.email))
        emails = [p.email for p in query]
        for user in User.query.filter(~User.is_deleted, User.all_emails.in_(emails)):
            ContributionPrincipal.replace_email_with_user(user, 'contribution')

        # event persons
        query = EventPerson.query.with_parent(event).filter(EventPerson.user_id.is_(None), EventPerson.email != '')
        for person in query:
            person.user = get_user_by_email(person.email)

        # registrations
        for registration in Registration.query.with_parent(event).filter(Registration.user_id.is_(None)):
            registration.user = get_user_by_email(registration.email)

def test_has_management_permission_explicit(explicit):
    p = EventPrincipal(full_access=True, permissions=['foo'])
    assert p.has_management_permission('foo', explicit=explicit)
    assert p.has_management_permission('ANY', explicit=explicit)
    assert p.has_management_permission('bar', explicit=explicit) == (not explicit)
    assert (EventPrincipal(full_access=True, permissions=[]).has_management_permission('ANY', explicit=explicit) ==
            (not explicit))

 def process_principal(self, event, principals, legacy_principal, name, color, full_access=None, roles=None):
     if isinstance(legacy_principal, basestring):
         user = self.all_users_by_email.get(legacy_principal)
         principal = user or EmailPrincipal(legacy_principal)
     else:
         principal = self.convert_principal(legacy_principal)
     if principal is None:
         self.print_warning(
             cformat("%%{%s}{}%%{reset}%%{yellow} does not exist:%%{reset} {}" % color).format(
                 name, legacy_principal
             ),
             event_id=event.id,
         )
         return
     try:
         entry = principals[principal]
     except KeyError:
         entry = EventPrincipal(event_id=event.id, principal=principal, full_access=False, roles=[])
         principals[principal] = entry
     if full_access:
         entry.full_access = True
     if roles:
         entry.roles = sorted(set(entry.roles) | set(roles))
     if not self.quiet:
         self.print_msg(cformat("    - %%{%s}[{}]%%{reset} {}" % color).format(name.lower(), principal))
     return principal

    def _process(self):
        event_principal_query = (EventPrincipal.query.with_parent(self.event)
                                 .filter(EventPrincipal.type == PrincipalType.email,
                                         EventPrincipal.has_management_role('submit')))

        contrib_principal_query = (ContributionPrincipal.find(Contribution.event == self.event,
                                                              ContributionPrincipal.type == PrincipalType.email,
                                                              ContributionPrincipal.has_management_role('submit'))
                                   .join(Contribution)
                                   .options(contains_eager('contribution')))

        session_principal_query = (SessionPrincipal.find(Session.event == self.event,
                                                         SessionPrincipal.type == PrincipalType.email,
                                                         SessionPrincipal.has_management_role())
                                   .join(Session).options(joinedload('session').joinedload('acl_entries')))

        persons = self.get_persons()
        person_list = sorted(persons.viewvalues(), key=lambda x: x['person'].display_full_name.lower())

        num_no_account = 0
        for principal in itertools.chain(event_principal_query, contrib_principal_query, session_principal_query):
            if principal.email not in persons:
                continue
            if not persons[principal.email].get('no_account'):
                persons[principal.email]['roles']['no_account'] = True
                num_no_account += 1

        return WPManagePersons.render_template('management/person_list.html', self.event,
                                               persons=person_list, num_no_account=num_no_account)

def _convert_email_principals(user, **kwargs):
    from indico.modules.events.models.principals import EventPrincipal
    events = EventPrincipal.replace_email_with_user(user, 'event')
    if events:
        num = len(events)
        flash(ngettext("You have been granted manager/submission privileges for an event.",
                       "You have been granted manager/submission privileges for {} events.", num).format(num), 'info')

def test_convert_email_principals_merge(db, create_event, create_user):
    event = create_event()
    user = create_user(123, email='[email protected]')
    principal = EmailPrincipal('[email protected]')
    entry1 = event.update_principal(user, full_access=True, roles={'foo', 'foobar'})
    entry2 = event.update_principal(principal, read_access=True, roles={'foo', 'bar'})
    # different emails for now -> nothing updated
    assert not EventPrincipal.replace_email_with_user(user, 'event_new')
    assert set(event.acl_entries) == {entry1, entry2}
    user.secondary_emails.add(principal.email)
    assert EventPrincipal.replace_email_with_user(user, 'event_new') == {event}
    assert len(event.acl_entries) == 1
    entry = list(event.acl_entries)[0]
    assert entry.full_access
    assert entry.read_access
    assert set(entry.roles) == {'foo', 'bar', 'foobar'}

def test_convert_email_principals(db, create_event, create_user, dummy_user):
    event = create_event()
    user = create_user(123, email='[email protected]')
    principal = EmailPrincipal('[email protected]')
    other_entry = event.update_principal(dummy_user, full_access=True, roles={'foo', 'foobar'})
    entry = event.update_principal(principal, read_access=True, roles={'foo', 'bar'})
    other_entry_data = other_entry.current_data
    entry_data = entry.current_data
    # different emails for now -> nothing updated
    assert not EventPrincipal.replace_email_with_user(user, 'event_new')
    assert set(event.acl_entries) == {entry, other_entry}
    user.secondary_emails.add(principal.email)
    assert EventPrincipal.replace_email_with_user(user, 'event_new') == {event}
    assert set(event.acl_entries) == {entry, other_entry}
    assert all(x.type == PrincipalType.user for x in event.acl_entries)
    db.session.expire(other_entry)
    db.session.expire(entry)
    assert entry.current_data == entry_data
    assert other_entry.current_data == other_entry_data

def get_events_managed_by(user, dt=None):
    """Gets the IDs of events where the user has management privs.

    :param user: A `User`
    :param dt: Only include events taking place on/after that date
    :return: A set of event ids
    """
    query = (user.in_event_acls
             .join(Event)
             .options(noload('user'), noload('local_group'), load_only('event_id'))
             .filter(~Event.is_deleted, Event.ends_after(dt))
             .filter(EventPrincipal.has_management_permission('ANY')))
    return {principal.event_id for principal in query}

def get_events_managed_by(user, from_dt=None, to_dt=None):
    """Gets the IDs of events where the user has management privs.

    :param user: A `User`
    :param from_dt: The earliest event start time to look for
    :param to_dt: The latest event start time to look for
    :return: A set of event ids
    """
    query = (user.in_event_acls
             .join(Event)
             .options(noload('user'), noload('local_group'), load_only('event_id'))
             .filter(~Event.is_deleted, Event.starts_between(from_dt, to_dt))
             .filter(EventPrincipal.has_management_role('ANY')))
    return {principal.event_id for principal in query}

def get_events_with_paper_roles(user, dt=None):
    """
    Get the IDs and PR roles of events where the user has any kind
    of paper reviewing privileges.

    :param user: A `User`
    :param dt: Only include events taking place on/after that date
    :return: A dict mapping event IDs to a set of roles
    """
    paper_roles = {'paper_manager', 'paper_judge', 'paper_content_reviewer', 'paper_layout_reviewer'}
    role_criteria = [EventPrincipal.has_management_role(role, explicit=True) for role in paper_roles]
    query = (user.in_event_acls
             .join(Event)
             .options(noload('user'), noload('local_group'), load_only('event_id', 'roles'))
             .filter(~Event.is_deleted, Event.ends_after(dt))
             .filter(db.or_(*role_criteria)))
    return {principal.event_id: set(principal.roles) & paper_roles for principal in query}

def get_events_managed_by(user, from_dt=None, to_dt=None):
    """Gets the IDs of events where the user has management privs.

    :param user: A `User`
    :param from_dt: The earliest event start time to look for
    :param to_dt: The latest event start time to look for
    :return: A set of event ids
    """
    event_date_filter = None
    if from_dt and to_dt:
        event_date_filter = IndexedEvent.start_date.between(from_dt, to_dt)
    elif from_dt:
        event_date_filter = IndexedEvent.start_date >= from_dt
    elif to_dt:
        event_date_filter = IndexedEvent.start_date <= to_dt
    query = (user.in_event_acls
             .join(Event)
             .options(noload('user'), noload('local_group'), load_only('event_id'))
             .filter(~Event.is_deleted)
             .filter(EventPrincipal.has_management_role('ANY')))
    if event_date_filter is not None:
        query = query.join(IndexedEvent, IndexedEvent.id == EventPrincipal.event_id)
        query = query.filter(event_date_filter)
    return {principal.event_id for principal in query}

def test_merge_privs():
    p = EventPrincipal(read_access=True, roles={'foo', 'bar'})
    p.merge_privs(EventPrincipal(roles={'bar', 'foobar'}, full_access=True))
    assert p.read_access
    assert p.full_access
    assert set(p.roles) == {'foo', 'bar', 'foobar'}