From 001775da75c68b226b7742724e4da7c3c7e14bf6 Mon Sep 17 00:00:00 2001
From: Jorran de Wit <jorrandewit@outlook.com>
Date: Wed, 22 Nov 2017 21:04:05 +0100
Subject: [PATCH] Update permissions for guest fellows

---
 colleges/permissions.py | 16 +++++++++++++++-
 scipost/views.py        |  4 +++-
 submissions/views.py    | 31 ++++++++++++++++++++++++-------
 3 files changed, 42 insertions(+), 9 deletions(-)

diff --git a/colleges/permissions.py b/colleges/permissions.py
index 615d64571..0595f12a9 100644
--- a/colleges/permissions.py
+++ b/colleges/permissions.py
@@ -11,7 +11,21 @@ def fellowship_required():
                 # Fellow
                 return True
 
-            if u.has_perm('scipost.can_view_pool'):
+        return False
+    return user_passes_test(test)
+
+
+def fellowship_or_admin_required():
+    """
+    Require user to have any Fellowship or Administrational permissions.
+    """
+    def test(u):
+        if u.is_authenticated():
+            if hasattr(u, 'contributor') and u.contributor.fellowships.exists():
+                # Fellow
+                return True
+
+            if u.has_perm('scipost.can_oversee_refereeing'):
                 # Administrator
                 return True
         return False
diff --git a/scipost/views.py b/scipost/views.py
index a29e63996..a31485495 100644
--- a/scipost/views.py
+++ b/scipost/views.py
@@ -36,6 +36,7 @@ from .forms import AuthenticationForm, DraftInvitationForm, UnavailabilityPeriod
 from .utils import Utils, EMAIL_FOOTER, SCIPOST_SUMMARY_FOOTER, SCIPOST_SUMMARY_FOOTER_HTML
 
 from affiliations.forms import AffiliationsFormset
+from colleges.permissions import fellowship_or_admin_required
 from commentaries.models import Commentary
 from comments.models import Comment
 from journals.models import Publication, Journal
@@ -1268,7 +1269,8 @@ def EdCol_bylaws(request):
     return render(request, 'scipost/EdCol_by-laws.html')
 
 
-@permission_required('scipost.can_view_pool', return_403=True)
+@login_required
+@fellowship_or_admin_required()
 def Fellow_activity_overview(request):
     fellows = (Contributor.objects.fellows()
                .prefetch_related('editorial_assignments')
diff --git a/submissions/views.py b/submissions/views.py
index 64a46d737..b9241bb64 100644
--- a/submissions/views.py
+++ b/submissions/views.py
@@ -33,7 +33,7 @@ from .forms import SubmissionIdentifierForm, RequestSubmissionForm, SubmissionSe
                    iThenticateReportForm, SubmissionPoolFilterForm
 from .utils import SubmissionUtils
 
-from colleges.permissions import fellowship_required
+from colleges.permissions import fellowship_required, fellowship_or_admin_required
 from mails.views import MailEditingSubView
 from scipost.forms import ModifyPersonalMessageForm, RemarkForm
 from scipost.mixins import PaginationMixin
@@ -321,7 +321,7 @@ def treated_submission_pdf_compile(request, arxiv_identifier_w_vn_nr):
 ######################
 
 @login_required
-@permission_required('scipost.can_view_pool', raise_exception=True)
+@fellowship_or_admin_required()
 def editorial_workflow(request):
     """
     Summary page for Editorial Fellows, containing a digest
@@ -331,7 +331,7 @@ def editorial_workflow(request):
 
 
 @login_required
-@fellowship_required()
+@fellowship_or_admin_required()
 def pool(request, arxiv_identifier_w_vn_nr=None):
     """
     The Submissions pool contains all submissions which are undergoing
@@ -392,6 +392,7 @@ def pool(request, arxiv_identifier_w_vn_nr=None):
 
 
 @login_required
+@fellowship_or_admin_required()
 def add_remark(request, arxiv_identifier_w_vn_nr):
     """
     With this method, an Editorial Fellow or Board Member
@@ -461,7 +462,7 @@ def assign_submission_ack(request, arxiv_identifier_w_vn_nr):
 
 
 @login_required
-@permission_required('scipost.can_take_charge_of_submissions', raise_exception=True)
+@fellowship_required()
 @transaction.atomic
 def assignment_request(request, assignment_id):
     """
@@ -533,7 +534,7 @@ def assignment_request(request, assignment_id):
 
 
 @login_required
-@permission_required('scipost.can_take_charge_of_submissions', raise_exception=True)
+@fellowship_required()
 @transaction.atomic
 def volunteer_as_EIC(request, arxiv_identifier_w_vn_nr):
     """
@@ -622,7 +623,7 @@ def assignment_failed(request, arxiv_identifier_w_vn_nr):
 
 
 @login_required
-@permission_required('scipost.can_take_charge_of_submissions', raise_exception=True)
+@fellowship_required()
 def assignments(request):
     """
     This page provides a Fellow with an explicit task list
@@ -643,6 +644,7 @@ def assignments(request):
 
 
 @login_required
+@fellowship_or_admin_required()
 def editorial_page(request, arxiv_identifier_w_vn_nr):
     """
     The central page for the EIC to manage all its Editorial duties.
@@ -671,6 +673,7 @@ def editorial_page(request, arxiv_identifier_w_vn_nr):
 
 
 @login_required
+@fellowship_or_admin_required()
 def cycle_form_submit(request, arxiv_identifier_w_vn_nr):
     """
     If Submission is `resubmission_incoming` the EIC should first choose what refereeing
@@ -699,6 +702,7 @@ def cycle_form_submit(request, arxiv_identifier_w_vn_nr):
 
 
 @login_required
+@fellowship_or_admin_required()
 def select_referee(request, arxiv_identifier_w_vn_nr):
     """
     Select/Invite referees by first listing them here.
@@ -743,6 +747,7 @@ def select_referee(request, arxiv_identifier_w_vn_nr):
 
 
 @login_required
+@fellowship_or_admin_required()
 @transaction.atomic
 def recruit_referee(request, arxiv_identifier_w_vn_nr):
     """
@@ -806,6 +811,7 @@ def recruit_referee(request, arxiv_identifier_w_vn_nr):
 
 
 @login_required
+@fellowship_or_admin_required()
 @transaction.atomic
 def send_refereeing_invitation(request, arxiv_identifier_w_vn_nr, contributor_id):
     """
@@ -852,6 +858,7 @@ def send_refereeing_invitation(request, arxiv_identifier_w_vn_nr, contributor_id
 
 
 @login_required
+@fellowship_or_admin_required()
 def ref_invitation_reminder(request, arxiv_identifier_w_vn_nr, invitation_id):
     """
     This method is used by the Editor-in-charge from the editorial_page
@@ -1130,11 +1137,18 @@ def communication(request, arxiv_identifier_w_vn_nr, comtype, referee_id=None):
             return redirect(reverse('scipost:personal_page'))
         elif comtype == 'StoE':
             return redirect(reverse('submissions:pool'))
-    context = {'submission': submission, 'comtype': comtype, 'referee_id': referee_id, 'form': form}
+
+    context = {
+        'submission': submission,
+        'comtype': comtype,
+        'referee_id': referee_id,
+        'form': form
+    }
     return render(request, 'submissions/communication.html', context)
 
 
 @login_required
+@fellowship_or_admin_required()
 @transaction.atomic
 def eic_recommendation(request, arxiv_identifier_w_vn_nr):
     """
@@ -1295,6 +1309,7 @@ def submit_report(request, arxiv_identifier_w_vn_nr):
 
 
 @login_required
+@fellowship_or_admin_required()
 def vet_submitted_reports_list(request):
     """
     Reports with status `unvetted` will be shown (oldest first).
@@ -1307,6 +1322,7 @@ def vet_submitted_reports_list(request):
 
 
 @login_required
+@fellowship_or_admin_required()
 @transaction.atomic
 def vet_submitted_report(request, report_id):
     """
@@ -1406,6 +1422,7 @@ def prepare_for_voting(request, rec_id):
 
 
 @login_required
+@fellowship_or_admin_required()
 @transaction.atomic
 def vote_on_rec(request, rec_id):
     submissions = Submission.objects.pool_editable(request.user)
-- 
GitLab