def delete(self, circle_id, *args, **kw): user = handler.user.get_user_in_session(request) if not checker.user_own_circle(user.id, circle_id): flash('you have no right to delete this circle: you are not the creator of it') raise redirect('/circles') circle = DBSession.query(Circle).filter(Circle.id == circle_id).first() DBSession.delete(circle) DBSession.flush() raise redirect('/circles/')
def delete_user(self, id, user_id): user = handler.user.get_user_in_session(request) if not checker.user_own_circle(user.id, id): flash('you have no rights to delete users from this circle: you are not the creator of it') raise redirect('/circles') circle = DBSession.query(Circle).filter(Circle.id == id).first() to_delete = DBSession.query(User).filter(User.id == user_id).first() circle.users.remove(to_delete) DBSession.flush() raise redirect('/circles/edit/%s' % id)
def edit(self, *args, **kw): user = handler.user.get_user_in_session(request) t = handler.help.tooltip['circledesc'] # get circle id if request.method == 'GET': circle_id = args[0] else: circle_id = kw.get('cid') circle_id = int(circle_id) if circle_id not in [c.id for c in user.circles_owned]: flash('You have no right to edit this circle', 'error') raise redirect('/circles/') circle = DBSession.query(Circle).filter(Circle.id == circle_id).first() widget = form.AddUser(action=url('/circles/edit/%s' % circle_id)).req() if request.method == 'POST': # add user mail = kw.get('mail') try: widget.validate({'cid': circle_id, 'mail': mail}) except twc.ValidationError as e: for u in circle.users: u.__dict__['cid'] = circle_id wrappers = [u for u in circle.users if u.id != user.id] data = [util.to_datagrid(datagrid.circle_description_grid, wrappers, grid_display=len(wrappers) > 0)] return dict(page='circles', name=circle.name, widget=e.widget, items=data, value=kw, tooltip=t, au_error=True) mail = mail.lower() to_add = DBSession.query(User).filter(User.email == mail).first() if to_add is None: to_add = handler.user.create_tmp_user(mail) handler.circle.add_user(circle_id=circle_id, user=to_add) # build common parameters if not checker.user_own_circle(user.id, circle_id): flash('you have no right to edit this circle: you are not the creator of it') raise redirect('/circles') for u in circle.users: u.__dict__['cid'] = circle_id wrappers = [u for u in circle.users if u.id != user.id] data = [util.to_datagrid(datagrid.circle_description_grid, wrappers, grid_display=len(wrappers) > 0)] kw['cid'] = circle_id widget.value = kw return dict(page='circles', name=circle.name, widget=widget, items=data, tooltip=t)