def get(self, request_id):
# check for request existence
request = permissions.get_request_by_id(self.session, request_id)
if not request:
return self.notfound()
# compile list of changes to this request
owners_by_arg_by_perm = permissions.get_owners_by_grantable_permission(
self.session, separate_global=True
)
change_comment_list = permissions.get_changes_by_request_id(self.session, request_id)
can_approve_request = permissions.can_approve_request(
self.session, request, self.current_user, owners_by_arg_by_perm=owners_by_arg_by_perm
)
approvers = []
if not can_approve_request:
owner_arg_list = permissions.get_owner_arg_list(
self.session, request.permission, request.argument
)
all_owners = {o.groupname for o, _ in owner_arg_list}
global_owners = {
o.groupname for o in owners_by_arg_by_perm[permissions.GLOBAL_OWNERS]['*']
}
non_global_owners = all_owners - global_owners
approvers = non_global_owners if len(non_global_owners) else all_owners
form = PermissionRequestUpdateForm(self.request.arguments)
form.status.choices = self._get_choices(request.status)
return self.render("permission-request-update.html", form=form, request=request,
change_comment_list=change_comment_list, statuses=REQUEST_STATUS_CHOICES,
can_approve_request=can_approve_request, approvers=approvers)
def post(self, request_id):
# check for request existence
request = permissions.get_request_by_id(self.session, request_id)
if not request:
return self.notfound()
# check that this user should be actioning this request
user_requests, total = permissions.get_requests(
self.session,
status="pending",
limit=None,
offset=0,
owner=self.current_user)
user_request_ids = [ur.id for ur in user_requests.requests]
if request.id not in user_request_ids:
return self.forbidden()
form = PermissionRequestUpdateForm(self.request.arguments)
form.status.choices = self._get_choices(request.status)
if not form.validate():
change_comment_list = [
(sc, user_requests.comment_by_status_change_id[sc.id])
for sc in user_requests.status_change_by_request_id[request.id]
]
return self.render(
"permission-request-update.html",
form=form,
request=request,
change_comment_list=change_comment_list,
statuses=REQUEST_STATUS_CHOICES,
alerts=self.get_form_alerts(form.errors),
)
try:
permissions.update_request(self.session, request,
self.current_user, form.status.data,
form.reason.data)
except UserNotAuditor as e:
alerts = [Alert("danger", str(e))]
change_comment_list = [
(sc, user_requests.comment_by_status_change_id[sc.id])
for sc in user_requests.status_change_by_request_id[request.id]
]
return self.render(
"permission-request-update.html",
form=form,
request=request,
change_comment_list=change_comment_list,
statuses=REQUEST_STATUS_CHOICES,
alerts=alerts,
)
return self.redirect("/permissions/requests?status=pending")
def post(self, request_id):
# check for request existence
request = permissions.get_request_by_id(self.session, request_id)
if not request:
return self.notfound()
# check that this user should be actioning this request
user_requests, total = permissions.get_requests(
self.session, status="pending", limit=None, offset=0, owner=self.current_user
)
user_request_ids = [ur.id for ur in user_requests.requests]
if request.id not in user_request_ids:
return self.forbidden()
form = PermissionRequestUpdateForm(self.request.arguments)
form.status.choices = self._get_choices(request.status)
if not form.validate():
change_comment_list = [
(sc, user_requests.comment_by_status_change_id[sc.id])
for sc in user_requests.status_change_by_request_id[request.id]
]
return self.render(
"permission-request-update.html",
form=form,
request=request,
change_comment_list=change_comment_list,
statuses=REQUEST_STATUS_CHOICES,
alerts=self.get_form_alerts(form.errors),
)
try:
permissions.update_request(
self.session, request, self.current_user, form.status.data, form.reason.data
)
except UserNotAuditor as e:
alerts = [Alert("danger", str(e))]
change_comment_list = [
(sc, user_requests.comment_by_status_change_id[sc.id])
for sc in user_requests.status_change_by_request_id[request.id]
]
return self.render(
"permission-request-update.html",
form=form,
request=request,
change_comment_list=change_comment_list,
statuses=REQUEST_STATUS_CHOICES,
alerts=alerts,
)
return self.redirect("/permissions/requests?status=pending")
def get(self, request_id):
# check for request existence
request = permissions.get_request_by_id(self.session, request_id)
if not request:
return self.notfound()
# compile list of changes to this request
owners_by_arg_by_perm = permissions.get_owners_by_grantable_permission(
self.session, separate_global=True)
change_comment_list = permissions.get_changes_by_request_id(
self.session, request_id)
can_approve_request = permissions.can_approve_request(
self.session,
request,
self.current_user,
owners_by_arg_by_perm=owners_by_arg_by_perm)
approvers = []
if not can_approve_request:
owner_arg_list = permissions.get_owner_arg_list(
self.session, request.permission, request.argument)
all_owners = {o.groupname for o, _ in owner_arg_list}
global_owners = {
o.groupname
for o in owners_by_arg_by_perm[permissions.GLOBAL_OWNERS]["*"]
}
non_global_owners = all_owners - global_owners
approvers = non_global_owners if len(
non_global_owners) else all_owners
form = PermissionRequestUpdateForm(self.request.arguments)
form.status.choices = self._get_choices(request.status)
return self.render(
"permission-request-update.html",
form=form,
request=request,
change_comment_list=change_comment_list,
statuses=REQUEST_STATUS_CHOICES,
can_approve_request=can_approve_request,
approvers=approvers,
)
def get(self, request_id):
# check for request existence
request = permissions.get_request_by_id(self.session, request_id)
if not request:
return self.notfound()
# check that this user should be actioning this request
user_requests, total = permissions.get_requests_by_owner(self.session,
self.current_user, status="pending", limit=None, offset=0)
user_request_ids = [ur.id for ur in user_requests.requests]
if request.id not in user_request_ids:
return self.forbidden()
form = PermissionRequestUpdateForm(self.request.arguments)
form.status.choices = self._get_choices(request.status)
# compile list of changes to this request
change_comment_list = [(sc, user_requests.comment_by_status_change_id[sc.id]) for sc in
user_requests.status_change_by_request_id[request.id]]
return self.render("permission-request-update.html", form=form, request=request,
change_comment_list=change_comment_list, statuses=REQUEST_STATUS_CHOICES)
