Exemple #1
0
def show_score(user_id,score_id):
    teams = [t for t in Team.select() if can(auth.get_logged_in_user(),READ,t)]
    user = get_object_or_404(User, User.id == user_id)
    score = get_object_or_404(Score, Score.id == score_id)
    ensure(READ,user)
    users = [u for u in User.select().where(User.team == user.team) if can(auth.get_logged_in_user(),READ,u)]
    return render_template("score_detail.html", active_user=user, teams=teams, users=users, active_team = user.team, score=score)
Exemple #2
0
def test_basic_usage():

    @authorization_method
    def authorize(user, abilities):

        if user.is_admin:
            # self.can_manage(ALL)
            abilities.append(MANAGE, ALL)
        else:
            abilities.append(READ, ALL)

            def if_author(article):
                return article.author == user

            abilities.append(EDIT, Article, if_author)

    sally = User(name='sally', admin=False)
    billy = User(name='billy', admin=True)

    article = Article(author=sally)

    # check abilities
    assert can(sally, EDIT, article)

    billys_article = Article(author=billy)

    assert cannot(sally, EDIT, billys_article)
    assert can(billy, EDIT, billys_article)
Exemple #3
0
def user_detail(user_id):
    teams = [t for t in Team.select() if can(auth.get_logged_in_user(),READ,t)]
    user = get_object_or_404(User, User.id == user_id)
    ensure(READ,user)
    scores = Score.select().where(Score.user == user).order_by(Score.created_at.desc())
    users = [u for u in User.select().where(User.team == user.team) if can(auth.get_logged_in_user(),READ,u)]
    pq = PaginatedQuery(scores, 20)
    last_date = datetime.now() - timedelta(days=5)
    return render_template("index.html", active_user=user, teams=teams, users=users, pagination=pq, page=pq.get_page(), active_team = user.team, weeks = [w for w in Week.select().where(Week.end > last_date) if not has_score(w.score_set)])