def delete(slug, id):
project = object_or_404(Project.by_slug(slug))
authz.require(authz.project_manage(project))
permission = object_or_404(Permission.by_project_and_id(project, id))
permissions.delete(permission)
db.session.commit()
raise Gone()
def delete(slug, id):
project = object_or_404(Project.by_slug(slug))
authz.require(authz.project_manage(project))
permission = object_or_404(Permission.by_project_and_id(project, id))
permissions.delete(permission)
db.session.commit()
raise Gone()
def update(slug, id):
project = object_or_404(Project.by_slug(slug))
authz.require(authz.project_manage(project))
permission = object_or_404(Permission.by_project_and_id(project, id))
data = request_data({'project': project})
permission = permissions.save(data, permission=permission)
db.session.commit()
return jsonify(permission)
def update(slug, id):
project = object_or_404(Project.by_slug(slug))
authz.require(authz.project_manage(project))
permission = object_or_404(Permission.by_project_and_id(project, id))
data = request_data({'project': project})
permission = permissions.save(data, permission=permission)
db.session.commit()
return jsonify(permission)
def view(slug, id):
project = object_or_404(Project.by_slug(slug))
permission = object_or_404(Permission.by_project_and_id(project, id))
authz.require(authz.project_manage(project) or
request.account == permission.account)
return jsonify(permission)
def view(slug, id):
project = object_or_404(Project.by_slug(slug))
permission = object_or_404(Permission.by_project_and_id(project, id))
authz.require(
authz.project_manage(project) or request.account == permission.account)
return jsonify(permission)
