def permission_user_new(client):
if client.user:
available_perms = Permission.query.filter(
db.or_(Permission.allusers == True,
Permission.user == g.user)).order_by('name').all()
form = UserPermissionAssignForm()
elif client.org:
available_perms = Permission.query.filter(
db.or_(Permission.allusers == True,
Permission.org == client.org)).order_by('name').all()
form = TeamPermissionAssignForm()
form.org = client.org
form.team_id.choices = [(team.userid, team.title)
for team in client.org.teams]
else:
abort(403) # This should never happen. Clients always have an owner.
form.perms.choices = [(ap.name, u"%s – %s" % (ap.name, ap.title))
for ap in available_perms]
if form.validate_on_submit():
perms = set()
if client.user:
permassign = UserClientPermissions.query.filter_by(
user=form.user, client=client).first()
if permassign:
perms.update(permassign.access_permissions.split(u' '))
else:
permassign = UserClientPermissions(user=form.user,
client=client)
db.session.add(permassign)
else:
permassign = TeamClientPermissions.query.filter_by(
team=form.team, client=client).first()
if permassign:
perms.update(permassign.access_permissions.split(u' '))
else:
permassign = TeamClientPermissions(team=form.team,
client=client)
db.session.add(permassign)
perms.update(form.perms.data)
permassign.access_permissions = u' '.join(sorted(perms))
db.session.commit()
if client.user:
flash(
"Permissions have been assigned to user %s" %
form.user.pickername, 'success')
else:
flash(
"Permissions have been assigned to team '%s'" %
permassign.team.pickername, 'success')
return render_redirect(url_for('client_info', key=client.key),
code=303)
return render_form(form=form,
title="Assign permissions",
formid="perm_assign",
submit="Assign permissions",
ajax=True)
def permission_user_edit(client, kwargs):
if client.user:
user = User.query.filter_by(userid=kwargs['userid']).first_or_404()
available_perms = Permission.query.filter(
db.or_(Permission.allusers == True,
Permission.user == g.user)).order_by('name').all()
permassign = UserClientPermissions.query.filter_by(
user=user, client=client).first_or_404()
elif client.org:
team = Team.query.filter_by(userid=kwargs['userid']).first_or_404()
available_perms = Permission.query.filter(
db.or_(Permission.allusers == True,
Permission.org == client.org)).order_by('name').all()
permassign = TeamClientPermissions.query.filter_by(
team=team, client=client).first_or_404()
form = PermissionEditForm()
form.perms.choices = [(ap.name, u"%s – %s" % (ap.name, ap.title))
for ap in available_perms]
if request.method == 'GET':
if permassign:
form.perms.data = permassign.access_permissions.split(u' ')
if form.validate_on_submit():
form.perms.data.sort()
perms = u' '.join(form.perms.data)
if not perms:
db.session.delete(permassign)
else:
permassign.access_permissions = perms
db.session.commit()
if perms:
if client.user:
flash(
"Permissions have been updated for user %s" %
user.pickername, 'success')
else:
flash(
"Permissions have been updated for team '%s'" % team.title,
'success')
else:
if client.user:
flash(
"All permissions have been revoked for user %s" %
user.pickername, 'success')
else:
flash(
"All permissions have been revoked for team '%s'" %
team.title, 'success')
return render_redirect(url_for('client_info', key=client.key),
code=303)
return render_form(form=form,
title="Edit permissions",
formid="perm_edit",
submit="Save changes",
ajax=True)
def client_list():
if g.user:
return render_template('client_list.html', clients=Client.query.filter(db.or_(Client.user == g.user,
Client.org_id.in_(g.user.organizations_owned_ids()))).order_by('title').all())
else:
# TODO: Show better UI for non-logged in users
return render_template('client_list.html', clients=[])
def permission_list():
allperms = Permission.query.filter_by(allusers=True).order_by('name').all()
userperms = Permission.query.filter(
db.or_(Permission.user_id == g.user.id,
Permission.org_id.in_(g.user.organizations_owned_ids()))
).order_by('name').all()
return render_template('permission_list.html', allperms=allperms, userperms=userperms)
def permission_list():
allperms = Permission.query.filter_by(allusers=True).order_by('name').all()
userperms = Permission.query.filter(
db.or_(Permission.user_id == g.user.id,
Permission.org_id.in_(
g.user.organizations_owned_ids()))).order_by('name').all()
return render_template('permission_list.html',
allperms=allperms,
userperms=userperms)
def permission_user_new(key):
client = Client.query.filter_by(key=key).first_or_404()
if not client.owner_is(g.user):
abort(403)
if client.user:
available_perms = Permission.query.filter(db.or_(
Permission.allusers == True,
Permission.user == g.user)).order_by('name').all()
form = UserPermissionAssignForm()
elif client.org:
available_perms = Permission.query.filter(db.or_(
Permission.allusers == True,
Permission.org == client.org)).order_by('name').all()
form = TeamPermissionAssignForm()
form.org = client.org
form.team_id.choices = [(team.userid, team.title) for team in client.org.teams]
else:
abort(403) # This should never happen. Clients always have an owner.
form.perms.choices = [(ap.name, u"%s – %s" % (ap.name, ap.title)) for ap in available_perms]
if form.validate_on_submit():
perms = set()
if client.user:
permassign = UserClientPermissions.query.filter_by(user=form.user, client=client).first()
if permassign:
perms.update(permassign.permissions.split(u' '))
else:
permassign = UserClientPermissions(user=form.user, client=client)
db.session.add(permassign)
else:
permassign = TeamClientPermissions.query.filter_by(team=form.team, client=client).first()
if permassign:
perms.update(permassign.permissions.split(u' '))
else:
permassign = TeamClientPermissions(team=form.team, client=client)
db.session.add(permassign)
perms.update(form.perms.data)
permassign.permissions = u' '.join(sorted(perms))
db.session.commit()
if client.user:
flash("Permissions have been assigned to user %s" % form.user.pickername, "info")
else:
flash("Permissions have been assigned to team '%s'" % permassign.team.pickername, "info")
return render_redirect(url_for('client_info', key=key), code=303)
return render_form(form=form, title="Assign permissions", formid="perm_assign", submit="Assign permissions", ajax=True)
def permission_user_edit(key, userid):
client = Client.query.filter_by(key=key).first_or_404()
if not client.owner_is(g.user):
abort(403)
if client.user:
user = User.query.filter_by(userid=userid).first_or_404()
available_perms = Permission.query.filter(db.or_(
Permission.allusers == True,
Permission.user == g.user)).order_by('name').all()
permassign = UserClientPermissions.query.filter_by(user=user, client=client).first_or_404()
elif client.org:
team = Team.query.filter_by(userid=userid).first_or_404()
available_perms = Permission.query.filter(db.or_(
Permission.allusers == True,
Permission.org == client.org)).order_by('name').all()
permassign = TeamClientPermissions.query.filter_by(team=team, client=client).first_or_404()
form = PermissionEditForm()
form.perms.choices = [(ap.name, u"%s – %s" % (ap.name, ap.title)) for ap in available_perms]
if request.method == 'GET':
if permassign:
form.perms.data = permassign.permissions.split(u' ')
if form.validate_on_submit():
form.perms.data.sort()
perms = u' '.join(form.perms.data)
if not perms:
db.session.delete(permassign)
else:
permassign.permissions = perms
db.session.commit()
if perms:
if client.user:
flash("Permissions have been updated for user %s" % user.pickername, "info")
else:
flash("Permissions have been updated for team '%s'" % team.title, "info")
else:
if client.user:
flash("All permissions have been revoked for user %s" % user.pickername, "info")
else:
flash("All permissions have been revoked for team '%s'" % team.title, "info")
return render_redirect(url_for('client_info', key=key), code=303)
return render_form(form=form, title="Edit permissions", formid="perm_edit", submit="Save changes", ajax=True)
def client_list():
if g.user:
return render_template(
'client_list.html',
clients=Client.query.filter(
db.or_(Client.user == g.user,
Client.org_id.in_(
g.user.organizations_owned_ids()))).order_by(
'title').all())
else:
# TODO: Show better UI for non-logged in users
return render_template('client_list.html', clients=[])
def permission_user_new(key):
client = Client.query.filter_by(key=key).first()
if not client:
abort(404)
if client.user != g.user:
abort(403)
available_perms = Permission.query.filter(db.or_(Permission.allusers == True, Permission.user == g.user)).order_by('name').all()
form = UserPermissionAssignForm()
form.perms.choices = [(ap.name, u"%s – %s" % (ap.name, ap.title)) for ap in available_perms]
if form.validate_on_submit():
form.perms.data.sort()
perms = u' '.join(form.perms.data)
permassign = UserClientPermissions(user=form.user, client=client, permissions=perms)
db.session.add(permassign)
db.session.commit()
flash("Permissions have been assigned to user %s" % form.user.displayname(), "info")
return render_redirect(url_for('client_info', key=key), code=303)
return render_form(form=form, title="Assign permissions", formid="perm_assign", submit="Assign permissions", ajax=True)
