def post(self, name=None, mapping_id=None):
mapping = TagPermissionMap.get(self.session, id=mapping_id)
if not mapping:
return self.notfound()
if not user_has_permission(self.session, self.current_user, TAG_EDIT,
mapping.tag.name):
return self.forbidden()
permission = mapping.permission
tag = mapping.tag
mapping.delete(self.session)
Counter.incr(self.session, "updates")
self.session.commit()
AuditLog.log(
self.session,
self.current_user.id,
"revoke_tag_permission",
"Revoked permission with argument: {}".format(mapping.argument),
on_tag_id=tag.id,
on_permission_id=permission.id,
)
return self.redirect("/tags/{}?refresh=yes".format(tag.name))
def get(self, name=None, mapping_id=None):
mapping = TagPermissionMap.get(self.session, id=mapping_id)
if not mapping:
return self.notfound()
if not user_has_permission(self.session, self.current_user, TAG_EDIT, mapping.tag.name):
return self.forbidden()
self.render("permission-revoke-tag.html", mapping=mapping)
def get(self, name=None, mapping_id=None):
mapping = TagPermissionMap.get(self.session, id=mapping_id)
if not mapping:
return self.notfound()
if not user_has_permission(self.session, self.current_user, TAG_EDIT,
mapping.tag.name):
return self.forbidden()
self.render("permission-revoke-tag.html", mapping=mapping)
def post(self, name=None, mapping_id=None):
mapping = TagPermissionMap.get(self.session, id=mapping_id)
if not mapping:
return self.notfound()
if not user_has_permission(self.session, self.current_user, TAG_EDIT, mapping.tag.name):
return self.forbidden()
permission = mapping.permission
tag = mapping.tag
mapping.delete(self.session)
Counter.incr(self.session, "updates")
self.session.commit()
AuditLog.log(self.session, self.current_user.id, 'revoke_tag_permission',
'Revoked permission with argument: {}'.format(mapping.argument),
on_tag_id=tag.id, on_permission_id=permission.id)
return self.redirect('/tags/{}?refresh=yes'.format(tag.name))
