Hide keyboard shortcuts

Hot-keys on this page

r m x p   toggle line displays

j k   next/prev highlighted chunk

0   (zero) top of page

1   (one) first highlighted chunk

1#!/usr/bin/env python 

2 

3""" 

4camcops_server/cc_modules/cc_membership.py 

5 

6=============================================================================== 

7 

8 Copyright (C) 2012-2020 Rudolf Cardinal (rudolf@pobox.com). 

9 

10 This file is part of CamCOPS. 

11 

12 CamCOPS is free software: you can redistribute it and/or modify 

13 it under the terms of the GNU General Public License as published by 

14 the Free Software Foundation, either version 3 of the License, or 

15 (at your option) any later version. 

16 

17 CamCOPS is distributed in the hope that it will be useful, 

18 but WITHOUT ANY WARRANTY; without even the implied warranty of 

19 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 

20 GNU General Public License for more details. 

21 

22 You should have received a copy of the GNU General Public License 

23 along with CamCOPS. If not, see <https://www.gnu.org/licenses/>. 

24 

25=============================================================================== 

26 

27**Represents a user's membership of a group.** 

28 

29""" 

30 

31import logging 

32from typing import Optional 

33 

34from cardinal_pythonlib.logs import BraceStyleAdapter 

35from sqlalchemy.orm import relationship, Session as SqlASession 

36from sqlalchemy.sql.schema import Column, ForeignKey 

37from sqlalchemy.sql.sqltypes import Boolean, Integer 

38 

39from camcops_server.cc_modules.cc_sqlalchemy import Base 

40 

41log = BraceStyleAdapter(logging.getLogger(__name__)) 

42 

43 

44# ============================================================================= 

45# User-to-group association table 

46# ============================================================================= 

47# This is many-to-many: 

48# A user can [be in] many groups. 

49# A group can [contain] many users. 

50 

51# ----------------------------------------------------------------------------- 

52# First version: 

53# ----------------------------------------------------------------------------- 

54# http://docs.sqlalchemy.org/en/latest/orm/basic_relationships.html#many-to-many 

55# user_group_table = Table( 

56# "_security_user_group", 

57# Base.metadata, 

58# Column("user_id", Integer, ForeignKey("_security_users.id"), 

59# primary_key=True), 

60# Column("group_id", Integer, ForeignKey("_security_groups.id"), 

61# primary_key=True) 

62# ) 

63 

64 

65# ----------------------------------------------------------------------------- 

66# Second version, when we want more information in the relationship: 

67# ----------------------------------------------------------------------------- 

68# https://stackoverflow.com/questions/7417906/sqlalchemy-manytomany-secondary-table-with-additional-fields # noqa 

69# ... no, association_proxy isn't quite what we want 

70# ... http://docs.sqlalchemy.org/en/latest/orm/extensions/associationproxy.html 

71# http://docs.sqlalchemy.org/en/latest/orm/basic_relationships.html#association-object # noqa 

72# ... yes 

73# ... ah, but that AND association_proxy: 

74# http://docs.sqlalchemy.org/en/latest/orm/extensions/associationproxy.html#simplifying-association-objects # noqa 

75# ... no, not association_proxy! 

76 

77class UserGroupMembership(Base): 

78 """ 

79 Represents a user's membership of a group, and associated per-group 

80 permissions. 

81 """ 

82 __tablename__ = "_security_user_group" 

83 

84 # PK, so we can use this object easily on its own via the ORM. 

85 id = Column( 

86 "id", Integer, primary_key=True, autoincrement=True, 

87 ) 

88 

89 # Many-to-many mapping between User and Group 

90 user_id = Column( 

91 "user_id", Integer, ForeignKey("_security_users.id") 

92 ) 

93 group_id = Column( 

94 "group_id", Integer, ForeignKey("_security_groups.id"), 

95 ) 

96 

97 # User attributes that are specific to their group membership 

98 groupadmin = Column( 

99 "groupadmin", Boolean, 

100 default=False, 

101 comment="Is the user a privileged administrator for this group?" 

102 ) 

103 may_upload = Column( 

104 "may_upload", Boolean, 

105 default=False, 

106 comment="May the user upload data from a tablet device?" 

107 ) 

108 may_register_devices = Column( 

109 "may_register_devices", Boolean, 

110 default=False, 

111 comment="May the user register tablet devices?" 

112 ) 

113 may_use_webviewer = Column( 

114 "may_use_webviewer", Boolean, 

115 default=False, 

116 comment="May the user use the web front end to view " 

117 "CamCOPS data?" 

118 ) 

119 view_all_patients_when_unfiltered = Column( 

120 "view_all_patients_when_unfiltered", Boolean, 

121 default=False, 

122 comment="When no record filters are applied, can the user see " 

123 "all records? (If not, then none are shown.)" 

124 ) 

125 may_dump_data = Column( 

126 "may_dump_data", Boolean, 

127 default=False, 

128 comment="May the user run database data dumps via the web interface?" 

129 ) 

130 may_run_reports = Column( 

131 "may_run_reports", Boolean, 

132 default=False, 

133 comment="May the user run reports via the web interface? " 

134 "(Overrides other view restrictions.)" 

135 ) 

136 may_add_notes = Column( 

137 "may_add_notes", Boolean, 

138 default=False, 

139 comment="May the user add special notes to tasks?" 

140 ) 

141 

142 group = relationship("Group", back_populates="user_group_memberships") 

143 user = relationship("User", back_populates="user_group_memberships") 

144 

145 def __init__(self, user_id: int, group_id: int): 

146 self.user_id = user_id 

147 self.group_id = group_id 

148 

149 @classmethod 

150 def get_ugm_by_id(cls, 

151 dbsession: SqlASession, 

152 ugm_id: Optional[int]) -> Optional['UserGroupMembership']: 

153 """ 

154 Fetches a :class:`UserGroupMembership` by its ID. 

155 """ 

156 if ugm_id is None: 

157 return None 

158 return dbsession.query(cls).filter(cls.id == ugm_id).first()