Exemple #1
0
def permission_user_new(client):
    if client.user:
        available_perms = Permission.query.filter(
            db.or_(Permission.allusers == True,
                   Permission.user == g.user)).order_by('name').all()
        form = UserPermissionAssignForm()
    elif client.org:
        available_perms = Permission.query.filter(
            db.or_(Permission.allusers == True,
                   Permission.org == client.org)).order_by('name').all()
        form = TeamPermissionAssignForm()
        form.org = client.org
        form.team_id.choices = [(team.userid, team.title)
                                for team in client.org.teams]
    else:
        abort(403)  # This should never happen. Clients always have an owner.
    form.perms.choices = [(ap.name, u"%s – %s" % (ap.name, ap.title))
                          for ap in available_perms]
    if form.validate_on_submit():
        perms = set()
        if client.user:
            permassign = UserClientPermissions.query.filter_by(
                user=form.user, client=client).first()
            if permassign:
                perms.update(permassign.access_permissions.split(u' '))
            else:
                permassign = UserClientPermissions(user=form.user,
                                                   client=client)
                db.session.add(permassign)
        else:
            permassign = TeamClientPermissions.query.filter_by(
                team=form.team, client=client).first()
            if permassign:
                perms.update(permassign.access_permissions.split(u' '))
            else:
                permassign = TeamClientPermissions(team=form.team,
                                                   client=client)
                db.session.add(permassign)
        perms.update(form.perms.data)
        permassign.access_permissions = u' '.join(sorted(perms))
        db.session.commit()
        if client.user:
            flash(
                "Permissions have been assigned to user %s" %
                form.user.pickername, 'success')
        else:
            flash(
                "Permissions have been assigned to team '%s'" %
                permassign.team.pickername, 'success')
        return render_redirect(url_for('client_info', key=client.key),
                               code=303)
    return render_form(form=form,
                       title="Assign permissions",
                       formid="perm_assign",
                       submit="Assign permissions",
                       ajax=True)
Exemple #2
0
def permission_user_new(key):
    client = Client.query.filter_by(key=key).first()
    if not client:
        abort(404)
    if client.user != g.user:
        abort(403)
    available_perms = Permission.query.filter(db.or_(Permission.allusers == True, Permission.user == g.user)).order_by('name').all()
    form = UserPermissionAssignForm()
    form.perms.choices = [(ap.name, u"%s – %s" % (ap.name, ap.title)) for ap in available_perms]
    if form.validate_on_submit():
        form.perms.data.sort()
        perms = u' '.join(form.perms.data)
        permassign = UserClientPermissions(user=form.user, client=client, permissions=perms)
        db.session.add(permassign)
        db.session.commit()
        flash("Permissions have been assigned to user %s" % form.user.displayname(), "info")
        return render_redirect(url_for('client_info', key=key), code=303)
    return render_form(form=form, title="Assign permissions", formid="perm_assign", submit="Assign permissions", ajax=True)
Exemple #3
0
def permission_user_new(key):
    client = Client.query.filter_by(key=key).first_or_404()
    if not client.owner_is(g.user):
        abort(403)
    if client.user:
        available_perms = Permission.query.filter(db.or_(
            Permission.allusers == True,
            Permission.user == g.user)).order_by('name').all()
        form = UserPermissionAssignForm()
    elif client.org:
        available_perms = Permission.query.filter(db.or_(
            Permission.allusers == True,
            Permission.org == client.org)).order_by('name').all()
        form = TeamPermissionAssignForm()
        form.org = client.org
        form.team_id.choices = [(team.userid, team.title) for team in client.org.teams]
    else:
        abort(403)  # This should never happen. Clients always have an owner.
    form.perms.choices = [(ap.name, u"%s – %s" % (ap.name, ap.title)) for ap in available_perms]
    if form.validate_on_submit():
        perms = set()
        if client.user:
            permassign = UserClientPermissions.query.filter_by(user=form.user, client=client).first()
            if permassign:
                perms.update(permassign.permissions.split(u' '))
            else:
                permassign = UserClientPermissions(user=form.user, client=client)
                db.session.add(permassign)
        else:
            permassign = TeamClientPermissions.query.filter_by(team=form.team, client=client).first()
            if permassign:
                perms.update(permassign.permissions.split(u' '))
            else:
                permassign = TeamClientPermissions(team=form.team, client=client)
                db.session.add(permassign)
        perms.update(form.perms.data)
        permassign.permissions = u' '.join(sorted(perms))
        db.session.commit()
        if client.user:
            flash("Permissions have been assigned to user %s" % form.user.pickername, "info")
        else:
            flash("Permissions have been assigned to team '%s'" % permassign.team.pickername, "info")
        return render_redirect(url_for('client_info', key=key), code=303)
    return render_form(form=form, title="Assign permissions", formid="perm_assign", submit="Assign permissions", ajax=True)