def on_identity_loaded(sender, identity): # Set the identity user object identity.user = current_user permissions = dqusers.userPermissions(identity.id) if hasattr(current_user, 'id'): identity.provides.add(UserNeed(current_user.id)) def set_survey_permissions(permission): identity.provides.add((unicode(permission.permission_name), unicode(permission.permission_method), unicode(permission.permission_value))) def set_permissions(permission): if (permission.permission_name=='tests' and permission.permission_method=='edit'): identity.provides.add(EditTestNeed(unicode(permission.permission_value))) if (permission.permission_name=='organisation' and permission.permission_method=='view'): identity.provides.add(ViewOrganisationNeed(unicode(permission.permission_value))) if (permission.permission_name=='organisation_feedback' and permission.permission_method=='create'): identity.provides.add(CreateOrganisationFeedbackNeed(unicode(permission.permission_value))) if (permission.permission_method=='role'): identity.provides.add(RoleNeed(permission.permission_name)) if (permission.permission_name.startswith('survey')): set_survey_permissions(permission) #with db.session.begin(): for permission in permissions: set_permissions(permission)
def users_edit(username=None): if username: user = dqusers.user_by_username(username) permissions = dqusers.userPermissions(user.id) if request.method == 'POST': if user: flash('Successfully updated user.', 'success') else: user = {} flash('Could not update user.', 'error') else: if request.method == 'POST': user = dqusers.addUser({ 'username': request.form['username'], 'password': request.form['password'], 'name': request.form['name'], 'email_address': request.form['email_address'], 'organisation': request.form['organisation'] }) if user: flash('Successfully added new user', 'success') else: flash('Could not add user user', 'error') else: user = {} permissions = {} return render_template("users_edit.html", user=user, permissions=permissions, admin=usermanagement.check_perms('admin'), loggedinuser=current_user)
def users_edit(username=None): user = {} permissions = {} if username: user = dqusers.user_by_username(username) permissions = dqusers.userPermissions(user.id) if request.method == "POST": if user: data = { "username": username, "password": request.form.get("password"), "name": request.form["name"], "email_address": request.form["email_address"], "organisation": request.form["organisation"], } user = dqusers.updateUser(data) flash("Successfully updated user.", "success") else: user = {} flash("Could not update user.", "error") else: if request.method == "POST": user = dqusers.addUser( { "username": request.form["username"], "password": request.form["password"], "name": request.form["name"], "email_address": request.form["email_address"], "organisation": request.form["organisation"], } ) if user: flash("Successfully added new user", "success") else: flash("Could not add user user", "error") return render_template( "users_edit.html", user=user, permissions=permissions, admin=usermanagement.check_perms("admin"), loggedinuser=current_user, )