Produits Entr'ouvert » w.c.s.

                raise AccessForbiddenError('no user set for backoffice submission')

            if not self.formdef.backoffice_submission_roles:

                raise AccessForbiddenError('no backoffice submission roles')

                raise AccessForbiddenError('not cleared for backoffice submit')

            formdata.backoffice_submission = True

        elif 'user' in json_input:

                        continue

                    authentication_required = True

                elif logged_users_role().id not in formdef.roles:

                        if q in formdef.roles:

                            break

                    else:

                if not formdef.backoffice_submission_roles:

                    continue

                if not list_all_forms:

                        if role in formdef.backoffice_submission_roles:

                            break

                    else:

                if not query_user.can_go_in_backoffice():

                    raise AccessForbiddenError('user not allowed to query data from others')

                # mark forms that are readable by querying user

                if get_publisher().is_using_postgresql():

                    # use concerned_roles_array attribute that was saved in the

                    # table.

            return False

        # only include data management if there are accessible cards

        for carddef in CardDef.select(ignore_errors=True, lightweight=True, iterator=True):

                if role_id in (carddef.backoffice_submission_roles or []):

                    return True

                if role_id in (carddef.workflow_roles or {}).values():

    def listing_top_actions(self):

        if not self.formdef.backoffice_submission_roles:

            return ''

            if role in self.formdef.backoffice_submission_roles:

                break

        else:

        html_top('management', _('Management'))

        # display list of open formdata for the user

        formdefs = [x for x in FormDef.select(lightweight=True) if not x.skip_from_360_view]

        criterias = [Equal('is_at_endpoint', False),

                     Equal('user_id', str(self.user.id)),

                     Contains('formdef_id', [x.id for x in formdefs]),

        r += get_session().display_message()

        user = get_request().user

        forms_without_pending_stuff = []

        forms_with_pending_stuff = []

    def get_global_listing_criterias(self, ignore_user_roles=False):

        parsed_values = {}

        user_roles = [logged_users_role().id]

        criterias = get_global_criteria(get_request(), parsed_values)

        query_parameters = (get_request().form or {}).copy()

        query_parameters.pop('callback', None) # when using jsonp

    def _q_index(self):

        if self.filled.status == 'draft':

            if self.filled.backoffice_submission:

                    if role in self.formdef.backoffice_submission_roles:

                        return redirect('../../../submission/%s/%s' % (

                            self.formdef.url_name, self.filled.id))

        if not visitors or me_in_visitors:

            related_user_forms = getattr(self.filled, 'related_user_forms', None) or []

            for user_formdata in related_user_forms:

                if user_roles.intersection(user_formdata.actions_roles):

                    user_formdata.mark_as_being_visited()

        from wcs import sql

        formdata = self.filled

        r = TemplateIO(html=True)

        criterias = [Equal('is_at_endpoint', False),

                     Equal('user_id', str(formdata.user_id)),

                     Intersects('concerned_roles_array', user_roles),

                return subdirectory in ('settings', 'users')

            return False

        authorised_roles = set(get_cfg('admin-permissions', {}).get(subdirectory) or [])

        if authorised_roles:

            # access is governed by roles set in the settings panel

            # user connecting.

            user_roles = set()

        else:

        menu_items = []

        backoffice_url = get_publisher().get_backoffice_url()

        if not backoffice_url.endswith('/'):

            return True

        if not self.formdef.backoffice_submission_roles:

            raise errors.AccessUnauthorizedError()

            if role in self.formdef.backoffice_submission_roles:

                break

        else:

                continue

            if not formdef.backoffice_submission_roles:

                continue

                if role in formdef.backoffice_submission_roles:

                    break

            else:

        # if the formdef itself has some function attributed to the user, grant

        # access.

        for role_id in self.workflow_roles.values():

                return True

        # if there was some redispatching of function, values will be different

        # in formdata, check them.

        if formdata and formdata.workflow_roles:

            for role_id in formdata.workflow_roles.values():

                    return True

        # if no formdata was given, lookup if there are some existing formdata

        # where the user has access.

        if not formdata:

            data_class = self.data_class()

                if data_class.get_ids_with_indexed_value('workflow_roles', role_id):

                    return True

        if user.is_admin:

            return True

        user_roles.add(logged_users_role().id)

        def ensure_role_are_strings(roles):

        if user and user.is_admin:

            return True

        else:

            user_roles = set([])

            drafts = {x: True for x in formdata_class.get_ids_with_indexed_value('status', 'draft')}

            item_ids = [x for x in item_ids if x not in drafts]

        elif selected_filter == 'waiting':

            item_ids = formdata_class.get_actionable_ids(user_roles)

        else:

            applied_filters = []

            # situation where the user is the submitter, and we limit ourselves

            # to consider treating roles.

            if not user.is_admin:

                concerned_ids = set()

                for role in user_roles:

                    concerned_ids |= set(formdata_class.get_ids_with_indexed_value(

                raise errors.AccessUnauthorizedError()

            if logged_users_role().id not in self.formdef.roles and not (

                    self.user and self.user.is_admin):

                else:

                    user_roles = set([])

                other_roles = (self.formdef.roles or [])

                        advertised_forms.append(formdef)

                    continue

                if logged_users_role().id not in formdef.roles:

                        if q in formdef.roles:

                            break

                    else:

                    break

                if not user:

                    continue

                    break

            else:

                raise errors.AccessForbiddenError('insufficient roles')

        return _('Unknown User')

    display_name = property(get_display_name)

    def set_attributes_from_formdata(self, formdata):

        users_cfg = get_cfg('users', {})

                        break

                    roles = [get_role_translation(formdata, x)

                             for x in (trigger.roles or []) if x != '_submitter']

                        actions.append(action)

                        break

        return actions

                    if user is None:

                        continue

                    role = get_role_translation(filled, role)

                        break

                else:

                    continue

            return True

        if user:

            user_roles.add(logged_users_role().id)

        else:

            user_roles = set([])

            if not user:

                continue

            role = get_role_translation(formdata, role)

                return True

        return False

                    return True

            elif user:

                role = get_role_translation(filled, role)

                    return True

        return False