def permission_user_new(client):
if client.user:
available_perms = Permission.query.filter(
db.or_(Permission.allusers == True,
Permission.user == g.user)).order_by('name').all()
form = UserPermissionAssignForm()
elif client.org:
available_perms = Permission.query.filter(
db.or_(Permission.allusers == True,
Permission.org == client.org)).order_by('name').all()
form = TeamPermissionAssignForm()
form.org = client.org
form.team_id.choices = [(team.userid, team.title)
for team in client.org.teams]
else:
abort(403) # This should never happen. Clients always have an owner.
form.perms.choices = [(ap.name, u"%s – %s" % (ap.name, ap.title))
for ap in available_perms]
if form.validate_on_submit():
perms = set()
if client.user:
permassign = UserClientPermissions.query.filter_by(
user=form.user, client=client).first()
if permassign:
perms.update(permassign.access_permissions.split(u' '))
else:
permassign = UserClientPermissions(user=form.user,
client=client)
db.session.add(permassign)
else:
permassign = TeamClientPermissions.query.filter_by(
team=form.team, client=client).first()
if permassign:
perms.update(permassign.access_permissions.split(u' '))
else:
permassign = TeamClientPermissions(team=form.team,
client=client)
db.session.add(permassign)
perms.update(form.perms.data)
permassign.access_permissions = u' '.join(sorted(perms))
db.session.commit()
if client.user:
flash(
"Permissions have been assigned to user %s" %
form.user.pickername, 'success')
else:
flash(
"Permissions have been assigned to team '%s'" %
permassign.team.pickername, 'success')
return render_redirect(url_for('client_info', key=client.key),
code=303)
return render_form(form=form,
title="Assign permissions",
formid="perm_assign",
submit="Assign permissions",
ajax=True)
