def client_edit(key): client = Client.query.filter_by(key=key).first_or_404() if not client.owner_is(g.user): abort(403) form = RegisterClientForm(obj=client) form.edit_obj = client form.client_owner.choices = available_client_owners() if request.method == 'GET': if client.user: form.client_owner.data = client.user.userid else: form.client_owner.data = client.org.userid if form.validate_on_submit(): if client.user != form.user or client.org != form.org: # Ownership has changed. Remove existing permission assignments for perm in UserClientPermissions.query.filter_by(client=client).all(): db.session.delete(perm) for perm in TeamClientPermissions.query.filter_by(client=client).all(): db.session.delete(perm) flash("This application’s owner has changed, so all previously assigned permissions " "have been revoked", "warning") form.populate_obj(client) client.user = form.user client.org = form.org db.session.commit() return render_redirect(url_for('client_info', key=client.key), code=303) return render_form(form=form, title="Edit application", formid="client_edit", submit="Save changes", ajax=True)
def client_new(): form = RegisterClientForm() if form.validate_on_submit(): client = Client() form.populate_obj(client) client.user = g.user client.trusted = False db.session.add(client) db.session.commit() return render_redirect(url_for('client_info', key=client.key), code=303) return render_form(form=form, title="Register a new client application", formid="client_new", submit="Register application", ajax=True)
def client_new(): form = RegisterClientForm() form.client_owner.choices = available_client_owners() if request.method == 'GET': form.client_owner.data = g.user.userid if form.validate_on_submit(): client = Client() form.populate_obj(client) client.user = form.user client.org = form.org client.trusted = False db.session.add(client) db.session.commit() return render_redirect(url_for('client_info', key=client.key), code=303) return render_form(form=form, title="Register a new client application", formid="client_new", submit="Register application", ajax=True)
def client_edit(client): form = RegisterClientForm(obj=client) form.client_owner.choices = available_client_owners() if request.method == 'GET': if client.user: form.client_owner.data = client.user.userid else: form.client_owner.data = client.org.userid if form.validate_on_submit(): if client.user != form.user or client.org != form.org: # Ownership has changed. Remove existing permission assignments for perm in UserClientPermissions.query.filter_by( client=client).all(): db.session.delete(perm) for perm in TeamClientPermissions.query.filter_by( client=client).all(): db.session.delete(perm) flash( "This application’s owner has changed, so all previously assigned permissions " "have been revoked", "warning") form.populate_obj(client) client.user = form.user client.org = form.org if not client.team_access: # This client does not have access to teams in organizations. Remove all existing assignments for cta in ClientTeamAccess.query.filter_by(client=client).all(): db.session.delete(cta) db.session.commit() return render_redirect(url_for('client_info', key=client.key), code=303) return render_form(form=form, title="Edit application", formid="client_edit", submit="Save changes", ajax=True)
def client_edit(key): client = Client.query.filter_by(key=key).first() if not client: abort(404) if client.user != g.user: abort(403) form = RegisterClientForm() if request.method == 'GET': form.title.data = client.title form.description.data = client.description form.owner.data = client.owner form.website.data = client.website form.redirect_uri.data = client.redirect_uri form.notification_uri.data = client.notification_uri form.resource_uri.data = client.resource_uri form.allow_any_login.data = client.allow_any_login if form.validate_on_submit(): form.populate_obj(client) db.session.commit() return render_redirect(url_for('client_info', key=client.key), code=303) return render_form(form=form, title="Edit application", formid="client_edit", submit="Save changes", ajax=True)