Permissions¶

`hepdata.modules.permissions.admin`
`hepdata.modules.permissions.api`
`hepdata.modules.permissions.models`	Models for the HEPData Permissions.
`hepdata.modules.permissions.views`

hepdata.modules.permissions.admin¶

class hepdata.modules.permissions.admin.SubmissionParticipantAdminView(model, session, name=None, category=None, endpoint=None, url=None, static_folder=None, menu_class_name=None, menu_icon_type=None, menu_icon_value=None)[source]¶

can_view_details = True¶: Setting this to true will enable the details view. This is recommended when there are too many columns to display in the list_view.

can_delete = False¶: Is model deletion allowed

column_list = ('publication_recid', 'full_name', 'email', 'affiliation', 'role', 'status')¶

Collection of the model field names for the list view. If set to None, will get them from the model.

For example:

class MyModelView(BaseModelView):
    column_list = ('name', 'last_name', 'email')

(Added in 1.4.0) SQLAlchemy model attributes can be used instead of strings:

class MyModelView(BaseModelView):
    column_list = ('name', User.last_name)

When using SQLAlchemy models, you can reference related columns like this::

class MyModelView(BaseModelView):: column_list = (‘<relationship>.<related column name>’,)

form_columns = ('publication_recid', 'full_name', 'email', 'affiliation', 'role', 'status')¶

Collection of the model field names for the form. If set to None will get them from the model.

Example:

class MyModelView(BaseModelView):
    form_columns = ('name', 'email')

(Added in 1.4.0) SQLAlchemy model attributes can be used instead of strings:

class MyModelView(BaseModelView):
    form_columns = ('name', User.last_name)

SQLA Note: Model attributes must be on the same model as your ModelView or you will need to use inline_models.

column_searchable_list = ('publication_recid', 'full_name', 'email', 'affiliation', 'role', 'status')¶

Collection of the searchable columns.

Example:

class MyModelView(ModelView):
    column_searchable_list = ('name', 'email')

You can also pass columns:

class MyModelView(ModelView):
    column_searchable_list = (User.name, User.email)

The following search rules apply:

If you enter ZZZ in the UI search field, it will generate ILIKE '%ZZZ%' statement against searchable columns.
If you enter multiple words, each word will be searched separately, but only rows that contain all words will be displayed. For example, searching for abc def will find all rows that contain abc and def in one or more columns.
If you prefix your search term with ^, it will find all rows that start with ^. So, if you entered ^ZZZ then ILIKE 'ZZZ%' will be used.
If you prefix your search term with =, it will perform an exact match. For example, if you entered =ZZZ, the statement ILIKE 'ZZZ' will be used.

column_filters = ('publication_recid', 'full_name', 'email', 'affiliation', 'role', 'status')¶

Collection of the column filters.

Can contain either field names or instances of flask_admin.contrib.sqla.filters.BaseSQLAFilter classes.

Filters will be grouped by name when displayed in the drop-down.

For example:

class MyModelView(BaseModelView):
    column_filters = ('user', 'email')

or:

from flask_admin.contrib.sqla.filters import BooleanEqualFilter

class MyModelView(BaseModelView):
    column_filters = (BooleanEqualFilter(column=User.name, name='Name'),)

or:

from flask_admin.contrib.sqla.filters import BaseSQLAFilter

class FilterLastNameBrown(BaseSQLAFilter):
    def apply(self, query, value, alias=None):
        if value == '1':
            return query.filter(self.column == "Brown")
        else:
            return query.filter(self.column != "Brown")

    def operation(self):
        return 'is Brown'

class MyModelView(BaseModelView):
    column_filters = [
        FilterLastNameBrown(
            User.last_name, 'Last Name', options=(('1', 'Yes'), ('0', 'No'))
        )
    ]

column_details_list = ('publication_recid', 'full_name', 'email', 'affiliation', 'role', 'status')¶: Collection of the field names included in the details view. If set to None, will get them from the model.

columns_sortable_list = ('publication_recid', 'full_name', 'email', 'affiliation', 'role', 'status')¶

column_labels = {'_displayname': 'Display Name'}¶

Dictionary where key is column name and value is string to display.

For example:

class MyModelView(BaseModelView):
    column_labels = dict(name='Name', last_name='Last Name')

action_view()¶: Mass-model action view.

ajax_lookup()¶

ajax_update()¶: Edits a single column of a record in list view.

create_view()¶: Create model view

delete_view()¶: Delete model view. Only POST method is allowed.

details_view()¶: Details model view

edit_view()¶: Edit model view

export(export_type)¶

index_view()¶: List view

class hepdata.modules.permissions.admin.CoordinatorRequestView(model, session, name=None, category=None, endpoint=None, url=None, static_folder=None, menu_class_name=None, menu_icon_type=None, menu_icon_value=None)[source]¶

can_view_details = True¶: Setting this to true will enable the details view. This is recommended when there are too many columns to display in the list_view.

can_delete = False¶: Is model deletion allowed

column_list = ('collaboration', 'approved', 'in_queue')¶

Collection of the model field names for the list view. If set to None, will get them from the model.

For example:

class MyModelView(BaseModelView):
    column_list = ('name', 'last_name', 'email')

(Added in 1.4.0) SQLAlchemy model attributes can be used instead of strings:

class MyModelView(BaseModelView):
    column_list = ('name', User.last_name)

When using SQLAlchemy models, you can reference related columns like this::

class MyModelView(BaseModelView):: column_list = (‘<relationship>.<related column name>’,)

form_columns = ('collaboration', 'approved', 'in_queue')¶

Collection of the model field names for the form. If set to None will get them from the model.

Example:

class MyModelView(BaseModelView):
    form_columns = ('name', 'email')

(Added in 1.4.0) SQLAlchemy model attributes can be used instead of strings:

class MyModelView(BaseModelView):
    form_columns = ('name', User.last_name)

SQLA Note: Model attributes must be on the same model as your ModelView or you will need to use inline_models.

column_searchable_list = ('collaboration', 'approved', 'in_queue')¶

Collection of the searchable columns.

Example:

class MyModelView(ModelView):
    column_searchable_list = ('name', 'email')

You can also pass columns:

class MyModelView(ModelView):
    column_searchable_list = (User.name, User.email)

The following search rules apply:

If you enter ZZZ in the UI search field, it will generate ILIKE '%ZZZ%' statement against searchable columns.
If you enter multiple words, each word will be searched separately, but only rows that contain all words will be displayed. For example, searching for abc def will find all rows that contain abc and def in one or more columns.
If you prefix your search term with ^, it will find all rows that start with ^. So, if you entered ^ZZZ then ILIKE 'ZZZ%' will be used.
If you prefix your search term with =, it will perform an exact match. For example, if you entered =ZZZ, the statement ILIKE 'ZZZ' will be used.

column_filters = ('collaboration', 'approved', 'in_queue')¶

Collection of the column filters.

Can contain either field names or instances of flask_admin.contrib.sqla.filters.BaseSQLAFilter classes.

Filters will be grouped by name when displayed in the drop-down.

For example:

class MyModelView(BaseModelView):
    column_filters = ('user', 'email')

or:

from flask_admin.contrib.sqla.filters import BooleanEqualFilter

class MyModelView(BaseModelView):
    column_filters = (BooleanEqualFilter(column=User.name, name='Name'),)

or:

from flask_admin.contrib.sqla.filters import BaseSQLAFilter

class FilterLastNameBrown(BaseSQLAFilter):
    def apply(self, query, value, alias=None):
        if value == '1':
            return query.filter(self.column == "Brown")
        else:
            return query.filter(self.column != "Brown")

    def operation(self):
        return 'is Brown'

class MyModelView(BaseModelView):
    column_filters = [
        FilterLastNameBrown(
            User.last_name, 'Last Name', options=(('1', 'Yes'), ('0', 'No'))
        )
    ]

column_details_list = ('collaboration', 'approved', 'in_queue')¶: Collection of the field names included in the details view. If set to None, will get them from the model.

columns_sortable_list = ('collaboration', 'approved', 'in_queue')¶

column_labels = {'_displayname': 'Display Name'}¶

Dictionary where key is column name and value is string to display.

For example:

class MyModelView(BaseModelView):
    column_labels = dict(name='Name', last_name='Last Name')

action_view()¶: Mass-model action view.

ajax_lookup()¶

ajax_update()¶: Edits a single column of a record in list view.

create_view()¶: Create model view

delete_view()¶: Delete model view. Only POST method is allowed.

details_view()¶: Details model view

edit_view()¶: Edit model view

export(export_type)¶

index_view()¶: List view

hepdata.modules.permissions.api¶

hepdata.modules.permissions.api.get_records_participated_in_by_user(user)[source]¶

hepdata.modules.permissions.api.get_pending_request(user=None)[source]¶

Returns True if given user has an existing request.

Parameters:: user (User) – user to check. Defaults to current user.
Returns:

hepdata.modules.permissions.api.process_coordinators(coordinators)[source]¶

hepdata.modules.permissions.api.get_pending_coordinator_requests()[source]¶

Returns pending coordinator requests.

Returns:

hepdata.modules.permissions.api.get_approved_coordinators()[source]¶

Returns approved coordinator requests.

Returns:

hepdata.modules.permissions.api.user_allowed_to_perform_action(recid)[source]¶: Determines if a user is allowed to perform an action on a record.

hepdata.modules.permissions.api.write_submissions_to_files()[source]¶: Writes some statistics on number of submissions per Coordinator to files.

hepdata.modules.permissions.api.verify_observer_key(submission_id, observer_key)[source]¶: Verifies the access key used to access a submission without login requirement. :param int submission_id: The requested HEPSubmission for access :param str observer_key: The access key used to access the submission :returns: Bool representing match status against database

hepdata.modules.permissions.models¶

Models for the HEPData Permissions.

class hepdata.modules.permissions.models.CoordinatorRequest(**kwargs)[source]¶

Stores coordinators, any text sent originally, and their collaboration.

id¶

user¶

collaboration¶

message¶

approved¶

in_queue¶

query: t.ClassVar[Query]¶: A SQLAlchemy query for a model. Equivalent to db.session.query(Model). Can be customized per-model by overriding query_class.

Warning

The query interface is considered legacy in SQLAlchemy. Prefer using session.execute(select()) instead.

class hepdata.modules.permissions.models.SubmissionParticipant(**kwargs)[source]¶

This table stores information about the reviewers and uploaders of a HEPData submission.

id¶

publication_recid¶

full_name¶

email¶

affiliation¶

invitation_cookie¶

user_account¶

role¶

status¶

action_date¶

query: t.ClassVar[Query]¶: A SQLAlchemy query for a model. Equivalent to db.session.query(Model). Can be customized per-model by overriding query_class.

Warning

The query interface is considered legacy in SQLAlchemy. Prefer using session.execute(select()) instead.

hepdata.modules.permissions.views¶

hepdata.modules.permissions.views.manage_participant_status(recid, action, status_action, participant_id)[source]¶

Handles actions received from the “Manage Submission” widget window buttons. Manages user promotion/demotion for uploader and reviewer roles, removal of reserve users, and email reminders to primary uploaders/reviewers. Request can contain an optional message (via ‘review_message’ form field) that will be included in promotion, demotion, and reminder emails.

status_action possibilities are:: promote: Promote a reserve uploader/reviewer to primary position demote: Demote a reserve uploader/reviewer from primary position email: Send reminder email to primary uploader/reviewer remove: Remove a reserve uploader/reviewer from the submission

Parameters:

recid – ID of target record to manage
action – (Unused) Target of the action (‘upload’, OR ‘review’)
status_action – The status of which action button was clicked.
participant_id – ID of target participant to update

Returns:

hepdata.modules.permissions.views.add_participant(recid)[source]¶

Adds a participant to a record.

Parameters:: recid
Returns:

hepdata.modules.permissions.views.change_coordinator_for_submission()[source]¶

Changes the coordinator for a record to that defined by a user id. Accepts a data object containing {‘recid’: record id to be acted upon, ‘coordinator’: id of user who will now be the coordinator}.

Returns:: dict

hepdata.modules.permissions.views.request_coordinator_privileges()[source]¶

Submits a request for coordinator privileges.

Returns:

hepdata.modules.permissions.views.respond_coordinator_privileges(request_id, decision)[source]¶

Handles a request for coordinator privileges.

Returns:

hepdata.modules.permissions.views.assign_role(cookie)[source]¶

hepdata.modules.permissions.views.check_is_sandbox_record(recid)[source]¶

hepdata.modules.permissions.views.get_permissions_list()[source]¶

Gets all permissions given for a user.

Returns:

hepdata.modules.permissions.views.get_coordinators()[source]¶

Returns a list of coordinators and their experiments in the system.

Returns:

Permissions¶

hepdata.modules.permissions.admin¶

hepdata.modules.permissions.api¶

hepdata.modules.permissions.models¶

hepdata.modules.permissions.views¶

HEPData

Navigation

Related Topics