def client_edit(key):
client = Client.query.filter_by(key=key).first_or_404()
if not client.owner_is(g.user):
abort(403)
form = RegisterClientForm(obj=client)
form.edit_obj = client
form.client_owner.choices = available_client_owners()
if request.method == 'GET':
if client.user:
form.client_owner.data = client.user.userid
else:
form.client_owner.data = client.org.userid
if form.validate_on_submit():
if client.user != form.user or client.org != form.org:
# Ownership has changed. Remove existing permission assignments
for perm in UserClientPermissions.query.filter_by(client=client).all():
db.session.delete(perm)
for perm in TeamClientPermissions.query.filter_by(client=client).all():
db.session.delete(perm)
flash("This application’s owner has changed, so all previously assigned permissions "
"have been revoked", "warning")
form.populate_obj(client)
client.user = form.user
client.org = form.org
db.session.commit()
return render_redirect(url_for('client_info', key=client.key), code=303)
return render_form(form=form, title="Edit application", formid="client_edit",
submit="Save changes", ajax=True)
