def overview(sketch_id):
"""Generates the sketch overview template.
Returns:
Template with context.
"""
sketch = Sketch.query.get_with_acl(sketch_id)
sketch_form = NameDescriptionForm()
permission_form = TogglePublic()
status_form = StatusForm()
trash_form = TrashForm()
# Edit sketch form POST
if sketch_form.validate_on_submit():
if not sketch.has_permission(current_user, u'write'):
abort(HTTP_STATUS_CODE_FORBIDDEN)
sketch.name = sketch_form.name.data
sketch.description = sketch_form.description.data
db_session.commit()
return redirect(
url_for(u'sketch_views.overview', sketch_id=sketch.id))
# Toggle public/private form POST
if permission_form.validate_on_submit():
if not sketch.has_permission(current_user, u'write'):
abort(HTTP_STATUS_CODE_FORBIDDEN)
if permission_form.permission.data == u'public':
sketch.grant_permission(user=None, permission=u'read')
else:
sketch.revoke_permission(user=None, permission=u'read')
db_session.commit()
return redirect(
url_for(u'sketch_views.overview', sketch_id=sketch.id))
# Change status form POST
if status_form.validate_on_submit():
if not sketch.has_permission(current_user, u'write'):
abort(HTTP_STATUS_CODE_FORBIDDEN)
sketch.set_status(status=status_form.status.data)
return redirect(
url_for(u'sketch_views.overview', sketch_id=sketch.id))
# Trash form POST
if trash_form.validate_on_submit():
if not sketch.has_permission(current_user, u'delete'):
abort(HTTP_STATUS_CODE_FORBIDDEN)
sketch.set_status(status=u'deleted')
return redirect(
url_for(u'home_views.home'))
return render_template(
u'sketch/overview.html', sketch=sketch, sketch_form=sketch_form,
permission_form=permission_form, status_form=status_form,
trash_form=trash_form)
def overview(sketch_id):
"""Generates the sketch overview template.
Returns:
Template with context.
"""
sketch = Sketch.query.get_with_acl(sketch_id)
sketch_form = NameDescriptionForm()
permission_form = TogglePublic()
status_form = StatusForm()
trash_form = TrashForm()
# Edit sketch form POST
if sketch_form.validate_on_submit():
if not sketch.has_permission(current_user, u'write'):
abort(HTTP_STATUS_CODE_FORBIDDEN)
sketch.name = sketch_form.name.data
sketch.description = sketch_form.description.data
db_session.commit()
return redirect(
url_for(u'sketch_views.overview', sketch_id=sketch.id))
# Toggle public/private form POST
if permission_form.validate_on_submit():
if not sketch.has_permission(current_user, u'write'):
abort(HTTP_STATUS_CODE_FORBIDDEN)
if permission_form.permission.data == u'public':
sketch.grant_permission(user=None, permission=u'read')
else:
sketch.revoke_permission(user=None, permission=u'read')
db_session.commit()
return redirect(
url_for(u'sketch_views.overview', sketch_id=sketch.id))
# Change status form POST
if status_form.validate_on_submit():
if not sketch.has_permission(current_user, u'write'):
abort(HTTP_STATUS_CODE_FORBIDDEN)
sketch.set_status(status=status_form.status.data)
return redirect(
url_for(u'sketch_views.overview', sketch_id=sketch.id))
# Trash form POST
if trash_form.validate_on_submit():
if not sketch.has_permission(current_user, u'delete'):
abort(HTTP_STATUS_CODE_FORBIDDEN)
sketch.set_status(status=u'deleted')
return redirect(
url_for(u'home_views.home'))
return render_template(
u'sketch/overview.html', sketch=sketch, sketch_form=sketch_form,
permission_form=permission_form, status_form=status_form,
trash_form=trash_form)
def post(self):
"""Handles POST request to the resource.
Returns:
A sketch in JSON (instance of flask.wrappers.Response)
"""
form = NameDescriptionForm.build(request)
if form.validate_on_submit():
sketch = Sketch(name=form.name.data,
description=form.description.data,
user=current_user)
sketch.status.append(sketch.Status(user=None, status=u'new'))
# Give the requesting user permissions on the new sketch.
sketch.grant_permission(permission=u'read', user=current_user)
sketch.grant_permission(permission=u'write', user=current_user)
sketch.grant_permission(permission=u'delete', user=current_user)
db_session.add(sketch)
db_session.commit()
return self.to_json(sketch, status_code=HTTP_STATUS_CODE_CREATED)
return abort(HTTP_STATUS_CODE_BAD_REQUEST)
def post(self):
"""Handles POST request to the resource.
Returns:
A sketch in JSON (instance of flask.wrappers.Response)
"""
form = NameDescriptionForm.build(request)
if form.validate_on_submit():
sketch = Sketch(
name=form.name.data, description=form.description.data,
user=current_user)
sketch.status.append(sketch.Status(user=None, status=u'new'))
# Give the requesting user permissions on the new sketch.
sketch.grant_permission(permission=u'read', user=current_user)
sketch.grant_permission(permission=u'write', user=current_user)
sketch.grant_permission(permission=u'delete', user=current_user)
db_session.add(sketch)
db_session.commit()
return self.to_json(sketch, status_code=HTTP_STATUS_CODE_CREATED)
return abort(HTTP_STATUS_CODE_BAD_REQUEST)
def overview(sketch_id):
"""Generates the sketch overview template.
Returns:
Template with context.
"""
sketch = Sketch.query.get_with_acl(sketch_id)
sketch_form = NameDescriptionForm()
permission_form = TogglePublic()
status_form = StatusForm()
trash_form = TrashForm()
# Dynamically set the forms select options.
# pylint: disable=singleton-comparison
permission_form.groups.choices = set(
(g.id, g.name) for g in Group.query.filter(
or_(Group.user == current_user, Group.user == None)))
permission_form.remove_groups.choices = set(
(g.id, g.name) for g in sketch.groups)
permission_form.remove_users.choices = set(
(u.id, u.username) for u in sketch.collaborators)
# Edit sketch form POST
if sketch_form.validate_on_submit():
if not sketch.has_permission(current_user, u'write'):
abort(HTTP_STATUS_CODE_FORBIDDEN)
sketch.name = sketch_form.name.data
sketch.description = sketch_form.description.data
db_session.commit()
return redirect(
url_for(u'sketch_views.overview', sketch_id=sketch.id))
# Toggle public/private form POST
if permission_form.validate_on_submit():
if not sketch.has_permission(current_user, u'write'):
abort(HTTP_STATUS_CODE_FORBIDDEN)
# Add collaborators to the sketch
# TODO(jbn): Make write permission off by default
# and selectable in the UI
if permission_form.username.data:
user = User.query.filter_by(
username=permission_form.username.data).first()
if user:
sketch.grant_permission(permission=u'read', user=user)
sketch.grant_permission(permission=u'write', user=user)
# Add a group to the sketch
if permission_form.groups.data:
group_id = permission_form.groups.data
group = Group.query.get(group_id)
# Only add groups publicly visible or owned by the current user
if not group.user or group.user == current_user:
sketch.grant_permission(permission=u'read', group=group)
sketch.grant_permission(permission=u'write', group=group)
# Remove groups from sketch
if permission_form.remove_groups.data:
for group_id in permission_form.remove_groups.data:
group = Group.query.get(group_id)
sketch.revoke_permission(permission=u'read', group=group)
sketch.revoke_permission(permission=u'write', group=group)
# Remove users from sketch
if permission_form.remove_users.data:
for user_id in permission_form.remove_users.data:
user = User.query.get(user_id)
sketch.revoke_permission(permission=u'read', user=user)
sketch.revoke_permission(permission=u'write', user=user)
if permission_form.permission.data == u'public':
sketch.grant_permission(permission=u'read')
else:
sketch.revoke_permission(permission=u'read')
db_session.commit()
return redirect(
url_for(u'sketch_views.overview', sketch_id=sketch.id))
# Change status form POST
if status_form.validate_on_submit():
if not sketch.has_permission(current_user, u'write'):
abort(HTTP_STATUS_CODE_FORBIDDEN)
sketch.set_status(status=status_form.status.data)
return redirect(
url_for(u'sketch_views.overview', sketch_id=sketch.id))
# Trash form POST
if trash_form.validate_on_submit():
if not sketch.has_permission(current_user, u'delete'):
abort(HTTP_STATUS_CODE_FORBIDDEN)
sketch.set_status(status=u'deleted')
return redirect(
url_for(u'home_views.home'))
return render_template(
u'sketch/overview.html', sketch=sketch, sketch_form=sketch_form,
permission_form=permission_form, status_form=status_form,
trash_form=trash_form)
def overview(sketch_id):
"""Generates the sketch overview template.
Returns:
Template with context.
"""
sketch = Sketch.query.get_with_acl(sketch_id)
sketch_form = NameDescriptionForm()
permission_form = TogglePublic()
status_form = StatusForm()
trash_form = TrashForm()
# Dynamically set the forms select options.
# pylint: disable=singleton-comparison
permission_form.groups.choices = set(
(g.id, g.name) for g in Group.query.filter(
or_(Group.user == current_user, Group.user == None)))
permission_form.remove_groups.choices = set(
(g.id, g.name) for g in sketch.groups)
permission_form.remove_users.choices = set(
(u.id, u.username) for u in sketch.collaborators)
# Edit sketch form POST
if sketch_form.validate_on_submit():
if not sketch.has_permission(current_user, u'write'):
abort(HTTP_STATUS_CODE_FORBIDDEN)
sketch.name = sketch_form.name.data
sketch.description = sketch_form.description.data
db_session.commit()
return redirect(url_for(u'sketch_views.overview', sketch_id=sketch.id))
# Toggle public/private form POST
if permission_form.validate_on_submit():
if not sketch.has_permission(current_user, u'write'):
abort(HTTP_STATUS_CODE_FORBIDDEN)
# Add collaborators to the sketch
# TODO(jbn): Make write permission off by default
# and selectable in the UI
if permission_form.username.data:
user = User.query.filter_by(
username=permission_form.username.data).first()
if user:
sketch.grant_permission(permission=u'read', user=user)
sketch.grant_permission(permission=u'write', user=user)
# Add a group to the sketch
if permission_form.groups.data:
group_id = permission_form.groups.data
group = Group.query.get(group_id)
# Only add groups publicly visible or owned by the current user
if not group.user or group.user == current_user:
sketch.grant_permission(permission=u'read', group=group)
sketch.grant_permission(permission=u'write', group=group)
# Remove groups from sketch
if permission_form.remove_groups.data:
for group_id in permission_form.remove_groups.data:
group = Group.query.get(group_id)
sketch.revoke_permission(permission=u'read', group=group)
sketch.revoke_permission(permission=u'write', group=group)
# Remove users from sketch
if permission_form.remove_users.data:
for user_id in permission_form.remove_users.data:
user = User.query.get(user_id)
sketch.revoke_permission(permission=u'read', user=user)
sketch.revoke_permission(permission=u'write', user=user)
if permission_form.permission.data == u'public':
sketch.grant_permission(permission=u'read')
else:
sketch.revoke_permission(permission=u'read')
db_session.commit()
return redirect(url_for(u'sketch_views.overview', sketch_id=sketch.id))
# Change status form POST
if status_form.validate_on_submit():
if not sketch.has_permission(current_user, u'write'):
abort(HTTP_STATUS_CODE_FORBIDDEN)
sketch.set_status(status=status_form.status.data)
return redirect(url_for(u'sketch_views.overview', sketch_id=sketch.id))
# Trash form POST
if trash_form.validate_on_submit():
if not sketch.has_permission(current_user, u'delete'):
abort(HTTP_STATUS_CODE_FORBIDDEN)
sketch.set_status(status=u'deleted')
return redirect(url_for(u'home_views.home'))
return render_template(u'sketch/overview.html',
sketch=sketch,
sketch_form=sketch_form,
permission_form=permission_form,
status_form=status_form,
trash_form=trash_form)
