returns True if valid
(
task_id: int,
apis_user_list: list = ["builder_or_trainer"],
user_id: int = None)
| 45 | |
| 46 | @staticmethod |
| 47 | def by_task_id_core( |
| 48 | task_id: int, |
| 49 | apis_user_list: list = ["builder_or_trainer"], |
| 50 | user_id: int = None): |
| 51 | """ |
| 52 | returns True if valid |
| 53 | """ |
| 54 | |
| 55 | if task_id and isinstance(task_id, int): |
| 56 | |
| 57 | with sessionMaker.session_scope() as session: |
| 58 | |
| 59 | if task_id in ["null", "undefined"]: |
| 60 | raise Forbidden("No access.") |
| 61 | |
| 62 | # TODO handle for API member calls |
| 63 | |
| 64 | task = Task.get_by_id(session = session, |
| 65 | task_id = task_id) |
| 66 | |
| 67 | if task is None: |
| 68 | raise Forbidden("No access to this task.") |
| 69 | |
| 70 | # For testing we may want to pass a user id |
| 71 | if not user_id: |
| 72 | user_id = getUserID(session = session) |
| 73 | if user_id is None: |
| 74 | raise Unauthorized("Please login [No user_id].") |
| 75 | |
| 76 | user = User.get_by_id(session = session, |
| 77 | user_id = user_id) |
| 78 | |
| 79 | if user is None: |
| 80 | raise Unauthorized("Please login [No user Found].") |
| 81 | |
| 82 | if user.is_super_admin == True: |
| 83 | return True |
| 84 | |
| 85 | User_Permissions.general(user = user, |
| 86 | apis_user_list = apis_user_list) |
| 87 | |
| 88 | # Over ride case |
| 89 | |
| 90 | # Job owner check |
| 91 | # TODO share better with existing job permissions |
| 92 | if user.api_enabled_builder is True: |
| 93 | |
| 94 | project_string_id = get_project_string_from_job_id(session, task.job_id) |
| 95 | |
| 96 | # TODO review use of admin / editor setup here |
| 97 | result = Project_permissions.check_permissions(session = session, |
| 98 | project_string_id = project_string_id, |
| 99 | Roles = ['admin', 'Editor', 'annotator']) |
| 100 | |
| 101 | if result is True: |
| 102 | return True |
| 103 | else: |
| 104 | raise Forbidden("Project access invalid") |
no test coverage detected