def team_new(org): form = TeamForm() if form.validate_on_submit(): team = Team(org=org) team.title = form.title.data if form.users.data: team.users = User.query.filter(User.userid.in_(form.users.data)).all() db.session.add(team) db.session.commit() team_data_changed.send(team, changes=['new'], user=g.user) return render_redirect(url_for('.org_info', name=org.name), code=303) return make_response(render_template('edit_team.html', form=form, title=u"Create new team", formid='team_new', submit="Create"))
def permission_user_delete(client, kwargs): if client.user: user = User.get(buid=kwargs['buid']) if not user: abort(404) permassign = UserClientPermissions.query.filter_by( user=user, client=client).first_or_404() return render_delete_sqla( permassign, db, title=_(u"Confirm delete"), message= _(u"Remove all permissions assigned to user {pname} for app ‘{title}’?" ).format(pname=user.pickername, title=client.title), success=_(u"You have revoked permisions for user {pname}").format( pname=user.pickername), next=url_for('.client_info', key=client.key)) else: team = Team.get(buid=kwargs['buid']) if not team: abort(404) permassign = TeamClientPermissions.query.filter_by( team=team, client=client).first_or_404() return render_delete_sqla( permassign, db, title=_(u"Confirm delete"), message= _(u"Remove all permissions assigned to team ‘{pname}’ for app ‘{title}’?" ).format(pname=team.title, title=client.title), success=_(u"You have revoked permisions for team {title}").format( title=team.title), next=url_for('.client_info', key=client.key))
def permission_user_edit(client, kwargs): if client.user: user = User.get(userid=kwargs['userid']) if not user: abort(404) available_perms = Permission.query.filter( db.or_(Permission.allusers == True, Permission.user == g.user)).order_by('name').all() permassign = UserClientPermissions.query.filter_by( user=user, client=client).first_or_404() elif client.org: team = Team.get(userid=kwargs['userid']) if not team: abort(404) available_perms = Permission.query.filter( db.or_(Permission.allusers == True, Permission.org == client.org)).order_by('name').all() permassign = TeamClientPermissions.query.filter_by( team=team, client=client).first_or_404() form = PermissionEditForm() form.perms.choices = [(ap.name, u"{name} – {title}".format(name=ap.name, title=ap.title)) for ap in available_perms] if request.method == 'GET': if permassign: form.perms.data = permassign.access_permissions.split(u' ') if form.validate_on_submit(): form.perms.data.sort() perms = u' '.join(form.perms.data) if not perms: db.session.delete(permassign) else: permassign.access_permissions = perms db.session.commit() if perms: if client.user: flash( u"Permissions have been updated for user {pname}".format( pname=user.pickername), 'success') else: flash( u"Permissions have been updated for team {title}".format( title=team.title), 'success') else: if client.user: flash( u"All permissions have been revoked for user {pname}". format(pname=user.pickername), 'success') else: flash( u"All permissions have been revoked for team {title}". format(title=team.title), 'success') return render_redirect(url_for('.client_info', key=client.key), code=303) return render_form(form=form, title="Edit permissions", formid="perm_edit", submit="Save changes", ajax=True)
def team_new(org): form = TeamForm() if form.validate_on_submit(): team = Team(org=org) team.title = form.title.data if form.users.data: team.users = User.query.filter(User.userid.in_( form.users.data)).all() db.session.add(team) db.session.commit() team_data_changed.send(team, changes=['new'], user=g.user) return render_redirect(url_for('.org_info', name=org.name), code=303) return make_response( render_template('edit_team.html', form=form, title=u"Create new team", formid='team_new', submit="Create"))
def team_new(org): form = TeamForm() if form.validate_on_submit(): team = Team(org=org) db.session.add(team) form.populate_obj(team) db.session.commit() team_data_changed.send(team, changes=['new'], user=g.user) return render_redirect(url_for('.org_info', name=org.name), code=303) return render_form(form=form, title=_(u"Create new team"), formid='team_new', submit=_("Create"))
def new_team(self): form = TeamForm() if form.validate_on_submit(): team = Team(org=self.obj) db.session.add(team) form.populate_obj(team) db.session.commit() team_data_changed.send(team, changes=['new'], user=current_auth.user) return render_redirect(self.obj.url_for('view'), code=303) return render_form(form=form, title=_(u"Create new team"), formid='new_team', submit=_("Create"))
def permission_user_delete(client, kwargs): if client.user: user = User.get(userid=kwargs['userid']) if not user: abort(404) permassign = UserClientPermissions.query.filter_by(user=user, client=client).first_or_404() return render_delete_sqla(permassign, db, title=u"Confirm delete", message=u"Remove all permissions assigned to user {pname} for app ‘{title}’?".format( pname=user.pickername, title=client.title), success=u"You have revoked permisions for user {pname}".format(pname=user.pickername), next=url_for('.client_info', key=client.key)) else: team = Team.get(userid=kwargs['userid']) if not team: abort(404) permassign = TeamClientPermissions.query.filter_by(team=team, client=client).first_or_404() return render_delete_sqla(permassign, db, title=u"Confirm delete", message=u"Remove all permissions assigned to team ‘{pname}’ for app ‘{title}’?".format( pname=team.title, title=client.title), success=u"You have revoked permisions for team {title}".format(title=team.title), next=url_for('.client_info', key=client.key))
def permission_user_edit(client, kwargs): if client.user: user = User.get(userid=kwargs['userid']) if not user: abort(404) available_perms = Permission.query.filter(db.or_( Permission.allusers == True, Permission.user == g.user)).order_by('name').all() permassign = UserClientPermissions.query.filter_by(user=user, client=client).first_or_404() elif client.org: team = Team.get(userid=kwargs['userid']) if not team: abort(404) available_perms = Permission.query.filter(db.or_( Permission.allusers == True, Permission.org == client.org)).order_by('name').all() permassign = TeamClientPermissions.query.filter_by(team=team, client=client).first_or_404() form = PermissionEditForm() form.perms.choices = [(ap.name, u"{name} – {title}".format(name=ap.name, title=ap.title)) for ap in available_perms] if request.method == 'GET': if permassign: form.perms.data = permassign.access_permissions.split(u' ') if form.validate_on_submit(): form.perms.data.sort() perms = u' '.join(form.perms.data) if not perms: db.session.delete(permassign) else: permassign.access_permissions = perms db.session.commit() if perms: if client.user: flash(u"Permissions have been updated for user {pname}".format(pname=user.pickername), 'success') else: flash(u"Permissions have been updated for team {title}".format(title=team.title), 'success') else: if client.user: flash(u"All permissions have been revoked for user {pname}".format(pname=user.pickername), 'success') else: flash(u"All permissions have been revoked for team {title}".format(title=team.title), 'success') return render_redirect(url_for('.client_info', key=client.key), code=303) return render_form(form=form, title="Edit permissions", formid="perm_edit", submit="Save changes", ajax=True)
def permission_user_delete(auth_client, kwargs): if auth_client.user: user = User.get(buid=kwargs['buid']) if not user: abort(404) permassign = AuthClientUserPermissions.get(auth_client=auth_client, user=user) if not permassign: abort(404) return render_delete_sqla( permassign, db, title=_("Confirm delete"), message= _("Remove all permissions assigned to user {pname} for app ‘{title}’?" ).format(pname=user.pickername, title=auth_client.title), success=_("You have revoked permisions for user {pname}").format( pname=user.pickername), next=url_for('.client_info', key=auth_client.buid), ) else: team = Team.get(buid=kwargs['buid']) if not team: abort(404) permassign = AuthClientTeamPermissions.get(auth_client=auth_client, team=team) if not permassign: abort(404) return render_delete_sqla( permassign, db, title=_("Confirm delete"), message= _("Remove all permissions assigned to team ‘{pname}’ for app ‘{title}’?" ).format(pname=team.title, title=auth_client.title), success=_("You have revoked permisions for team {title}").format( title=team.title), next=url_for('.client_info', key=auth_client.buid), )
def loader(self, name, buid): obj = Team.get(buid=buid, with_parent=True) if not obj or obj.org.name != name: abort(404) return obj
def permission_user_edit(auth_client, kwargs): if auth_client.user: user = User.get(buid=kwargs['buid']) if not user: abort(404) permassign = AuthClientUserPermissions.get(auth_client=auth_client, user=user) if not permassign: abort(404) elif auth_client.organization: team = Team.get(buid=kwargs['buid']) if not team: abort(404) permassign = AuthClientTeamPermissions.get(auth_client=auth_client, team=team) if not permassign: abort(404) form = PermissionEditForm() if request.method == 'GET': if permassign: form.perms.data = permassign.access_permissions if form.validate_on_submit(): perms = ' '.join(sorted(form.perms.data.split())) if not perms: db.session.delete(permassign) else: permassign.access_permissions = perms db.session.commit() if perms: if auth_client.user: flash( _("Permissions have been updated for user {pname}").format( pname=user.pickername), 'success', ) else: flash( _("Permissions have been updated for team {title}").format( title=team.title), 'success', ) else: if auth_client.user: flash( _("All permissions have been revoked for user {pname}"). format(pname=user.pickername), 'success', ) else: flash( _("All permissions have been revoked for team {title}"). format(title=team.title), 'success', ) return render_redirect(url_for('.client_info', key=auth_client.buid), code=303) return render_form( form=form, title=_("Edit permissions"), formid='perm_edit', submit=_("Save changes"), ajax=True, )
def make_fixtures(self): """ Create users, attach them to organizations. Create test client app, add test resource, action and message. """ crusoe = User(username="******", fullname="Crusoe Celebrity Dachshund") oakley = User(username="******") piglet = User(username="******") nameless = User(fullname="Nameless") db.session.add_all([crusoe, oakley, piglet, nameless]) self.crusoe = crusoe self.oakley = oakley self.piglet = piglet self.nameless = nameless crusoe_email = UserEmail( email="*****@*****.**", user=crusoe, primary=True ) crusoe_phone = UserPhone(phone="+8080808080", user=crusoe, primary=True) oakley_email = UserEmail(email="*****@*****.**", user=oakley) db.session.add_all([crusoe_email, crusoe_phone, oakley_email]) self.crusoe_email = crusoe_email self.crusoe_phone = crusoe_phone batdog = Organization(name='batdog', title='Batdog') batdog.owners.users.append(crusoe) db.session.add(batdog) self.batdog = batdog specialdachs = Organization(name="specialdachs", title="Special Dachshunds") specialdachs.owners.users.append(oakley) db.session.add(specialdachs) self.specialdachs = specialdachs auth_client = AuthClient( title="Batdog Adventures", organization=batdog, confidential=True, namespace='fun.batdogadventures.com', website="http://batdogadventures.com", ) db.session.add(auth_client) self.auth_client = auth_client dachshunds = Team(title="Dachshunds", organization=batdog) db.session.add(dachshunds) self.dachshunds = dachshunds auth_client_team_permissions = AuthClientTeamPermissions( team=dachshunds, auth_client=auth_client, access_permissions="admin" ) self.auth_client_team_permissions = auth_client_team_permissions db.session.add(auth_client_team_permissions) auth_client_user_permissions = AuthClientUserPermissions( user=crusoe, auth_client=auth_client ) db.session.add(auth_client_user_permissions) self.auth_client_user_permissions = auth_client_user_permissions message = SMSMessage( phone_number=crusoe_phone.phone, transactionid="Ruff" * 5, message="Wuff Wuff", ) db.session.add(message) db.session.commit() self.message = message
def make_fixtures(self): """ Create users, attach them to organizations. Create test client app, add test resource, action and message. """ crusoe = User(username=u"crusoe", fullname=u"Crusoe Celebrity Dachshund") oakley = User(username=u"oakley") piglet = User(username=u"piglet") nameless = User(fullname="Nameless") db.session.add_all([crusoe, oakley, piglet, nameless]) self.crusoe = crusoe self.oakley = oakley self.piglet = piglet self.nameless = nameless crusoe_email = UserEmail(email=u"*****@*****.**", primary=True, user=crusoe) crusoe_phone = UserPhone(phone=u"+8080808080", primary=True, user=crusoe) oakley_email = UserEmail(email=u"*****@*****.**", user=oakley) db.session.add_all([crusoe_email, crusoe_phone, oakley_email]) self.crusoe_email = crusoe_email self.crusoe_phone = crusoe_phone batdog = Organization(name=u'batdog', title=u'Batdog') batdog.owners.users.append(crusoe) batdog.members.users.append(oakley) db.session.add(batdog) self.batdog = batdog specialdachs = Organization(name=u"specialdachs", title=u"Special Dachshunds") specialdachs.owners.users.append(oakley) specialdachs.members.users.append(piglet) db.session.add(specialdachs) self.specialdachs = specialdachs client = Client(title=u"Batdog Adventures", org=batdog, confidential=True, namespace=u'fun.batdogadventures.com', website=u"http://batdogadventures.com") db.session.add(client) self.client = client dachshunds = Team(title=u"Dachshunds", org=batdog) db.session.add(dachshunds) self.dachshunds = dachshunds team_client_permission = TeamClientPermissions( team=dachshunds, client=client, access_permissions=u"admin") self.team_client_permission = team_client_permission db.session.add(team_client_permission) client_team_access = ClientTeamAccess( org=batdog, client=client, access_level=CLIENT_TEAM_ACCESS.ALL) db.session.add(client_team_access) bdfl = Permission(name=u"bdfl", title=u"BDFL", user=crusoe) db.session.add(bdfl) self.bdfl = bdfl user_client_permissions = UserClientPermissions(user=crusoe, client=client) db.session.add(user_client_permissions) self.user_client_permissions = user_client_permissions resource = Resource(name=u"test_resource", title=u"Test Resource", client=client) db.session.add(resource) self.resource = resource resource_action = ResourceAction(name=u'Fun', resource=resource, title=u'fun') db.session.add(resource_action) self.resource_action = resource_action action = ResourceAction(name=u"read", title=u"Read", resource=resource) db.session.add(action) self.action = action message = SMSMessage(phone_number=crusoe_phone.phone, transaction_id=u"Ruff" * 5, message=u"Wuff Wuff") db.session.add(message) db.session.commit() self.message = message