def permission_user_delete(client, kwargs):
if client.user:
user = User.get(buid=kwargs['buid'])
if not user:
abort(404)
permassign = UserClientPermissions.query.filter_by(
user=user, client=client).first_or_404()
return render_delete_sqla(
permassign,
db,
title=_(u"Confirm delete"),
message=
_(u"Remove all permissions assigned to user {pname} for app ‘{title}’?"
).format(pname=user.pickername, title=client.title),
success=_(u"You have revoked permisions for user {pname}").format(
pname=user.pickername),
next=url_for('.client_info', key=client.key))
else:
team = Team.get(buid=kwargs['buid'])
if not team:
abort(404)
permassign = TeamClientPermissions.query.filter_by(
team=team, client=client).first_or_404()
return render_delete_sqla(
permassign,
db,
title=_(u"Confirm delete"),
message=
_(u"Remove all permissions assigned to team ‘{pname}’ for app ‘{title}’?"
).format(pname=team.title, title=client.title),
success=_(u"You have revoked permisions for team {title}").format(
title=team.title),
next=url_for('.client_info', key=client.key))
def permission_user_edit(client, kwargs):
if client.user:
user = User.get(userid=kwargs['userid'])
if not user:
abort(404)
available_perms = Permission.query.filter(
db.or_(Permission.allusers == True,
Permission.user == g.user)).order_by('name').all()
permassign = UserClientPermissions.query.filter_by(
user=user, client=client).first_or_404()
elif client.org:
team = Team.get(userid=kwargs['userid'])
if not team:
abort(404)
available_perms = Permission.query.filter(
db.or_(Permission.allusers == True,
Permission.org == client.org)).order_by('name').all()
permassign = TeamClientPermissions.query.filter_by(
team=team, client=client).first_or_404()
form = PermissionEditForm()
form.perms.choices = [(ap.name, u"{name} – {title}".format(name=ap.name,
title=ap.title))
for ap in available_perms]
if request.method == 'GET':
if permassign:
form.perms.data = permassign.access_permissions.split(u' ')
if form.validate_on_submit():
form.perms.data.sort()
perms = u' '.join(form.perms.data)
if not perms:
db.session.delete(permassign)
else:
permassign.access_permissions = perms
db.session.commit()
if perms:
if client.user:
flash(
u"Permissions have been updated for user {pname}".format(
pname=user.pickername), 'success')
else:
flash(
u"Permissions have been updated for team {title}".format(
title=team.title), 'success')
else:
if client.user:
flash(
u"All permissions have been revoked for user {pname}".
format(pname=user.pickername), 'success')
else:
flash(
u"All permissions have been revoked for team {title}".
format(title=team.title), 'success')
return render_redirect(url_for('.client_info', key=client.key),
code=303)
return render_form(form=form,
title="Edit permissions",
formid="perm_edit",
submit="Save changes",
ajax=True)
def permission_user_delete(client, kwargs):
if client.user:
user = User.get(userid=kwargs['userid'])
if not user:
abort(404)
permassign = UserClientPermissions.query.filter_by(user=user, client=client).first_or_404()
return render_delete_sqla(permassign, db, title=u"Confirm delete", message=u"Remove all permissions assigned to user {pname} for app ‘{title}’?".format(
pname=user.pickername, title=client.title),
success=u"You have revoked permisions for user {pname}".format(pname=user.pickername),
next=url_for('.client_info', key=client.key))
else:
team = Team.get(userid=kwargs['userid'])
if not team:
abort(404)
permassign = TeamClientPermissions.query.filter_by(team=team, client=client).first_or_404()
return render_delete_sqla(permassign, db, title=u"Confirm delete", message=u"Remove all permissions assigned to team ‘{pname}’ for app ‘{title}’?".format(
pname=team.title, title=client.title),
success=u"You have revoked permisions for team {title}".format(title=team.title),
next=url_for('.client_info', key=client.key))
def permission_user_edit(client, kwargs):
if client.user:
user = User.get(userid=kwargs['userid'])
if not user:
abort(404)
available_perms = Permission.query.filter(db.or_(
Permission.allusers == True,
Permission.user == g.user)).order_by('name').all()
permassign = UserClientPermissions.query.filter_by(user=user, client=client).first_or_404()
elif client.org:
team = Team.get(userid=kwargs['userid'])
if not team:
abort(404)
available_perms = Permission.query.filter(db.or_(
Permission.allusers == True,
Permission.org == client.org)).order_by('name').all()
permassign = TeamClientPermissions.query.filter_by(team=team, client=client).first_or_404()
form = PermissionEditForm()
form.perms.choices = [(ap.name, u"{name} – {title}".format(name=ap.name, title=ap.title)) for ap in available_perms]
if request.method == 'GET':
if permassign:
form.perms.data = permassign.access_permissions.split(u' ')
if form.validate_on_submit():
form.perms.data.sort()
perms = u' '.join(form.perms.data)
if not perms:
db.session.delete(permassign)
else:
permassign.access_permissions = perms
db.session.commit()
if perms:
if client.user:
flash(u"Permissions have been updated for user {pname}".format(pname=user.pickername), 'success')
else:
flash(u"Permissions have been updated for team {title}".format(title=team.title), 'success')
else:
if client.user:
flash(u"All permissions have been revoked for user {pname}".format(pname=user.pickername), 'success')
else:
flash(u"All permissions have been revoked for team {title}".format(title=team.title), 'success')
return render_redirect(url_for('.client_info', key=client.key), code=303)
return render_form(form=form, title="Edit permissions", formid="perm_edit", submit="Save changes", ajax=True)
def permission_user_delete(auth_client, kwargs):
if auth_client.user:
user = User.get(buid=kwargs['buid'])
if not user:
abort(404)
permassign = AuthClientUserPermissions.get(auth_client=auth_client,
user=user)
if not permassign:
abort(404)
return render_delete_sqla(
permassign,
db,
title=_("Confirm delete"),
message=
_("Remove all permissions assigned to user {pname} for app ‘{title}’?"
).format(pname=user.pickername, title=auth_client.title),
success=_("You have revoked permisions for user {pname}").format(
pname=user.pickername),
next=url_for('.client_info', key=auth_client.buid),
)
else:
team = Team.get(buid=kwargs['buid'])
if not team:
abort(404)
permassign = AuthClientTeamPermissions.get(auth_client=auth_client,
team=team)
if not permassign:
abort(404)
return render_delete_sqla(
permassign,
db,
title=_("Confirm delete"),
message=
_("Remove all permissions assigned to team ‘{pname}’ for app ‘{title}’?"
).format(pname=team.title, title=auth_client.title),
success=_("You have revoked permisions for team {title}").format(
title=team.title),
next=url_for('.client_info', key=auth_client.buid),
)
def loader(self, name, buid):
obj = Team.get(buid=buid, with_parent=True)
if not obj or obj.org.name != name:
abort(404)
return obj
def permission_user_edit(auth_client, kwargs):
if auth_client.user:
user = User.get(buid=kwargs['buid'])
if not user:
abort(404)
permassign = AuthClientUserPermissions.get(auth_client=auth_client,
user=user)
if not permassign:
abort(404)
elif auth_client.organization:
team = Team.get(buid=kwargs['buid'])
if not team:
abort(404)
permassign = AuthClientTeamPermissions.get(auth_client=auth_client,
team=team)
if not permassign:
abort(404)
form = PermissionEditForm()
if request.method == 'GET':
if permassign:
form.perms.data = permassign.access_permissions
if form.validate_on_submit():
perms = ' '.join(sorted(form.perms.data.split()))
if not perms:
db.session.delete(permassign)
else:
permassign.access_permissions = perms
db.session.commit()
if perms:
if auth_client.user:
flash(
_("Permissions have been updated for user {pname}").format(
pname=user.pickername),
'success',
)
else:
flash(
_("Permissions have been updated for team {title}").format(
title=team.title),
'success',
)
else:
if auth_client.user:
flash(
_("All permissions have been revoked for user {pname}").
format(pname=user.pickername),
'success',
)
else:
flash(
_("All permissions have been revoked for team {title}").
format(title=team.title),
'success',
)
return render_redirect(url_for('.client_info', key=auth_client.buid),
code=303)
return render_form(
form=form,
title=_("Edit permissions"),
formid='perm_edit',
submit=_("Save changes"),
ajax=True,
)