From b07bf188556142f3a0636a53397900caa010c46f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20P=C3=A9ters?= <fpeters@entrouvert.com>
Date: Mon, 31 Aug 2015 13:11:39 +0200
Subject: [PATCH] backoffice: only display submission pages to relevant users
 (#8134)

---
 tests/test_backoffice_pages.py | 13 ++++---------
 wcs/backoffice/management.py   |  3 +++
 wcs/backoffice/root.py         | 11 +++++------
 wcs/backoffice/submission.py   | 10 ++++++++++
 wcs/formdef.py                 |  1 +
 wcs/qommon/storage.py          |  2 ++
 6 files changed, 25 insertions(+), 15 deletions(-)

diff --git a/tests/test_backoffice_pages.py b/tests/test_backoffice_pages.py
index 170db4d..e800007 100644
--- a/tests/test_backoffice_pages.py
+++ b/tests/test_backoffice_pages.py
@@ -461,14 +461,14 @@ def test_backoffice_submission(pub):
 
     app = login(get_app(pub))
     resp = app.get('/backoffice/')
-    assert 'Submission' in resp.body
+    assert not 'Submission' in resp.body
+    app.get('/backoffice/submission/', status=403)
 
-    resp = resp.click('Submission', index=0)
     formdef = FormDef.select()[0]
-    assert not formdef.url_name in resp.body
-
     formdef.backoffice_submission_roles = user.roles[:]
     formdef.store()
+    resp = app.get('/backoffice/')
+    assert 'Submission' in resp.body
     resp = app.get('/backoffice/submission/')
     assert formdef.url_name in resp.body
 
@@ -518,13 +518,8 @@ def test_backoffice_submission_tracking_code(pub):
     create_environment(pub)
 
     app = login(get_app(pub))
-    resp = app.get('/backoffice/')
-    assert 'Submission' in resp.body
 
-    resp = resp.click('Submission', index=0)
     formdef = FormDef.select()[0]
-    assert not formdef.url_name in resp.body
-
     formdef.enable_tracking_codes = True
     formdef.backoffice_submission_roles = user.roles[:]
     formdef.store()
diff --git a/wcs/backoffice/management.py b/wcs/backoffice/management.py
index 3fdb8c2..f9bb0db 100644
--- a/wcs/backoffice/management.py
+++ b/wcs/backoffice/management.py
@@ -47,6 +47,9 @@ from wcs.formdef import FormDef
 class ManagementDirectory(Directory):
     _q_exports = ['', 'statistics']
 
+    def is_accessible(self, user):
+        return user.can_go_in_backoffice()
+
     def _q_traverse(self, path):
         get_response().breadcrumb.append(('management/', _('Management')))
         return super(ManagementDirectory, self)._q_traverse(path)
diff --git a/wcs/backoffice/root.py b/wcs/backoffice/root.py
index 5ac0313..adc3ce9 100644
--- a/wcs/backoffice/root.py
+++ b/wcs/backoffice/root.py
@@ -105,13 +105,12 @@ class RootDirectory(BackofficeRootDirectory):
             # access is governed by roles set in the settings panel
             return user_roles.intersection(authorised_roles)
 
-        # for some subdirectories, the user needs to be part of a role allowed
-        # to go in the backoffice
-        if subdirectory in ('management', 'submission'):
-            return get_request().user.can_go_in_backoffice()
+        # if the directory defines a is_accessible method, use it.
+        if hasattr(getattr(cls, subdirectory), 'is_accessible'):
+            return getattr(cls, subdirectory).is_accessible(get_request().user)
 
-        # for the other directories, an extra level is required, the user needs
-        # to be marked as admin
+        # as a last resort, for the other directories, the user needs to be
+        # marked as admin
         return get_request().user.can_go_in_admin()
 
     def check_admin_for_all(self):
diff --git a/wcs/backoffice/submission.py b/wcs/backoffice/submission.py
index fc4cb61..efe500c 100644
--- a/wcs/backoffice/submission.py
+++ b/wcs/backoffice/submission.py
@@ -95,6 +95,16 @@ class FormFillPage(PublicFormFillPage):
 class SubmissionDirectory(Directory):
     _q_exports = ['']
 
+    def is_accessible(self, user):
+        if not user.can_go_in_backoffice():
+            return False
+        # check user has at least one role set for backoffice submission
+        for role_id in (user.roles or []):
+            ids = FormDef.get_ids_with_indexed_value('backoffice_submission_roles', role_id)
+            if ids:
+                return True
+        return False
+
     def _q_index(self):
         get_response().breadcrumb.append(('submission/', _('Submission')))
         html_top('submission', _('Submission'))
diff --git a/wcs/formdef.py b/wcs/formdef.py
index 4ff7182..efee079 100644
--- a/wcs/formdef.py
+++ b/wcs/formdef.py
@@ -55,6 +55,7 @@ def lax_int(s):
 class FormDef(StorableObject):
     _names = 'formdefs'
     _indexes = ['url_name']
+    _hashed_indexes = ['backoffice_submission_roles']
 
     name = None
     description = None
diff --git a/wcs/qommon/storage.py b/wcs/qommon/storage.py
index 8972a56..e211f73 100644
--- a/wcs/qommon/storage.py
+++ b/wcs/qommon/storage.py
@@ -597,6 +597,8 @@ class StorableObject(object):
                 new_value = getattr(self, index)
                 if previous_object_value:
                     old_value = getattr(previous_object_value, index)
+                    if old_value is None:
+                        old_value = []
             else:
                 new_value = [getattr(self, index)]
                 if previous_object_value:
-- 
2.5.1