Esempio n. 1
0
def team_new(org):
    form = TeamForm()
    if form.validate_on_submit():
        team = Team(org=org)
        team.title = form.title.data
        if form.users.data:
            team.users = User.query.filter(User.userid.in_(form.users.data)).all()
        db.session.add(team)
        db.session.commit()
        team_data_changed.send(team, changes=['new'], user=g.user)
        return render_redirect(url_for('.org_info', name=org.name), code=303)
    return make_response(render_template('edit_team.html', form=form, title=u"Create new team",
        formid='team_new', submit="Create"))
Esempio n. 2
0
def permission_user_delete(client, kwargs):
    if client.user:
        user = User.get(buid=kwargs['buid'])
        if not user:
            abort(404)
        permassign = UserClientPermissions.query.filter_by(
            user=user, client=client).first_or_404()
        return render_delete_sqla(
            permassign,
            db,
            title=_(u"Confirm delete"),
            message=
            _(u"Remove all permissions assigned to user {pname} for app ‘{title}’?"
              ).format(pname=user.pickername, title=client.title),
            success=_(u"You have revoked permisions for user {pname}").format(
                pname=user.pickername),
            next=url_for('.client_info', key=client.key))
    else:
        team = Team.get(buid=kwargs['buid'])
        if not team:
            abort(404)
        permassign = TeamClientPermissions.query.filter_by(
            team=team, client=client).first_or_404()
        return render_delete_sqla(
            permassign,
            db,
            title=_(u"Confirm delete"),
            message=
            _(u"Remove all permissions assigned to team ‘{pname}’ for app ‘{title}’?"
              ).format(pname=team.title, title=client.title),
            success=_(u"You have revoked permisions for team {title}").format(
                title=team.title),
            next=url_for('.client_info', key=client.key))
Esempio n. 3
0
def permission_user_edit(client, kwargs):
    if client.user:
        user = User.get(userid=kwargs['userid'])
        if not user:
            abort(404)
        available_perms = Permission.query.filter(
            db.or_(Permission.allusers == True,
                   Permission.user == g.user)).order_by('name').all()
        permassign = UserClientPermissions.query.filter_by(
            user=user, client=client).first_or_404()
    elif client.org:
        team = Team.get(userid=kwargs['userid'])
        if not team:
            abort(404)
        available_perms = Permission.query.filter(
            db.or_(Permission.allusers == True,
                   Permission.org == client.org)).order_by('name').all()
        permassign = TeamClientPermissions.query.filter_by(
            team=team, client=client).first_or_404()
    form = PermissionEditForm()
    form.perms.choices = [(ap.name, u"{name} – {title}".format(name=ap.name,
                                                               title=ap.title))
                          for ap in available_perms]
    if request.method == 'GET':
        if permassign:
            form.perms.data = permassign.access_permissions.split(u' ')
    if form.validate_on_submit():
        form.perms.data.sort()
        perms = u' '.join(form.perms.data)
        if not perms:
            db.session.delete(permassign)
        else:
            permassign.access_permissions = perms
        db.session.commit()
        if perms:
            if client.user:
                flash(
                    u"Permissions have been updated for user {pname}".format(
                        pname=user.pickername), 'success')
            else:
                flash(
                    u"Permissions have been updated for team {title}".format(
                        title=team.title), 'success')
        else:
            if client.user:
                flash(
                    u"All permissions have been revoked for user {pname}".
                    format(pname=user.pickername), 'success')
            else:
                flash(
                    u"All permissions have been revoked for team {title}".
                    format(title=team.title), 'success')
        return render_redirect(url_for('.client_info', key=client.key),
                               code=303)
    return render_form(form=form,
                       title="Edit permissions",
                       formid="perm_edit",
                       submit="Save changes",
                       ajax=True)
Esempio n. 4
0
def team_new(org):
    form = TeamForm()
    if form.validate_on_submit():
        team = Team(org=org)
        team.title = form.title.data
        if form.users.data:
            team.users = User.query.filter(User.userid.in_(
                form.users.data)).all()
        db.session.add(team)
        db.session.commit()
        team_data_changed.send(team, changes=['new'], user=g.user)
        return render_redirect(url_for('.org_info', name=org.name), code=303)
    return make_response(
        render_template('edit_team.html',
                        form=form,
                        title=u"Create new team",
                        formid='team_new',
                        submit="Create"))
Esempio n. 5
0
def team_new(org):
    form = TeamForm()
    if form.validate_on_submit():
        team = Team(org=org)
        db.session.add(team)
        form.populate_obj(team)
        db.session.commit()
        team_data_changed.send(team, changes=['new'], user=g.user)
        return render_redirect(url_for('.org_info', name=org.name), code=303)
    return render_form(form=form,
                       title=_(u"Create new team"),
                       formid='team_new',
                       submit=_("Create"))
Esempio n. 6
0
 def new_team(self):
     form = TeamForm()
     if form.validate_on_submit():
         team = Team(org=self.obj)
         db.session.add(team)
         form.populate_obj(team)
         db.session.commit()
         team_data_changed.send(team,
                                changes=['new'],
                                user=current_auth.user)
         return render_redirect(self.obj.url_for('view'), code=303)
     return render_form(form=form,
                        title=_(u"Create new team"),
                        formid='new_team',
                        submit=_("Create"))
Esempio n. 7
0
def permission_user_delete(client, kwargs):
    if client.user:
        user = User.get(userid=kwargs['userid'])
        if not user:
            abort(404)
        permassign = UserClientPermissions.query.filter_by(user=user, client=client).first_or_404()
        return render_delete_sqla(permassign, db, title=u"Confirm delete", message=u"Remove all permissions assigned to user {pname} for app ‘{title}’?".format(
                pname=user.pickername, title=client.title),
            success=u"You have revoked permisions for user {pname}".format(pname=user.pickername),
            next=url_for('.client_info', key=client.key))
    else:
        team = Team.get(userid=kwargs['userid'])
        if not team:
            abort(404)
        permassign = TeamClientPermissions.query.filter_by(team=team, client=client).first_or_404()
        return render_delete_sqla(permassign, db, title=u"Confirm delete", message=u"Remove all permissions assigned to team ‘{pname}’ for app ‘{title}’?".format(
                pname=team.title, title=client.title),
            success=u"You have revoked permisions for team {title}".format(title=team.title),
            next=url_for('.client_info', key=client.key))
Esempio n. 8
0
def permission_user_edit(client, kwargs):
    if client.user:
        user = User.get(userid=kwargs['userid'])
        if not user:
            abort(404)
        available_perms = Permission.query.filter(db.or_(
            Permission.allusers == True,
            Permission.user == g.user)).order_by('name').all()
        permassign = UserClientPermissions.query.filter_by(user=user, client=client).first_or_404()
    elif client.org:
        team = Team.get(userid=kwargs['userid'])
        if not team:
            abort(404)
        available_perms = Permission.query.filter(db.or_(
            Permission.allusers == True,
            Permission.org == client.org)).order_by('name').all()
        permassign = TeamClientPermissions.query.filter_by(team=team, client=client).first_or_404()
    form = PermissionEditForm()
    form.perms.choices = [(ap.name, u"{name} – {title}".format(name=ap.name, title=ap.title)) for ap in available_perms]
    if request.method == 'GET':
        if permassign:
            form.perms.data = permassign.access_permissions.split(u' ')
    if form.validate_on_submit():
        form.perms.data.sort()
        perms = u' '.join(form.perms.data)
        if not perms:
            db.session.delete(permassign)
        else:
            permassign.access_permissions = perms
        db.session.commit()
        if perms:
            if client.user:
                flash(u"Permissions have been updated for user {pname}".format(pname=user.pickername), 'success')
            else:
                flash(u"Permissions have been updated for team {title}".format(title=team.title), 'success')
        else:
            if client.user:
                flash(u"All permissions have been revoked for user {pname}".format(pname=user.pickername), 'success')
            else:
                flash(u"All permissions have been revoked for team {title}".format(title=team.title), 'success')
        return render_redirect(url_for('.client_info', key=client.key), code=303)
    return render_form(form=form, title="Edit permissions", formid="perm_edit", submit="Save changes", ajax=True)
Esempio n. 9
0
def permission_user_delete(auth_client, kwargs):
    if auth_client.user:
        user = User.get(buid=kwargs['buid'])
        if not user:
            abort(404)
        permassign = AuthClientUserPermissions.get(auth_client=auth_client,
                                                   user=user)
        if not permassign:
            abort(404)
        return render_delete_sqla(
            permassign,
            db,
            title=_("Confirm delete"),
            message=
            _("Remove all permissions assigned to user {pname} for app ‘{title}’?"
              ).format(pname=user.pickername, title=auth_client.title),
            success=_("You have revoked permisions for user {pname}").format(
                pname=user.pickername),
            next=url_for('.client_info', key=auth_client.buid),
        )
    else:
        team = Team.get(buid=kwargs['buid'])
        if not team:
            abort(404)
        permassign = AuthClientTeamPermissions.get(auth_client=auth_client,
                                                   team=team)
        if not permassign:
            abort(404)
        return render_delete_sqla(
            permassign,
            db,
            title=_("Confirm delete"),
            message=
            _("Remove all permissions assigned to team ‘{pname}’ for app ‘{title}’?"
              ).format(pname=team.title, title=auth_client.title),
            success=_("You have revoked permisions for team {title}").format(
                title=team.title),
            next=url_for('.client_info', key=auth_client.buid),
        )
Esempio n. 10
0
 def loader(self, name, buid):
     obj = Team.get(buid=buid, with_parent=True)
     if not obj or obj.org.name != name:
         abort(404)
     return obj
Esempio n. 11
0
def permission_user_edit(auth_client, kwargs):
    if auth_client.user:
        user = User.get(buid=kwargs['buid'])
        if not user:
            abort(404)
        permassign = AuthClientUserPermissions.get(auth_client=auth_client,
                                                   user=user)
        if not permassign:
            abort(404)
    elif auth_client.organization:
        team = Team.get(buid=kwargs['buid'])
        if not team:
            abort(404)
        permassign = AuthClientTeamPermissions.get(auth_client=auth_client,
                                                   team=team)
        if not permassign:
            abort(404)
    form = PermissionEditForm()
    if request.method == 'GET':
        if permassign:
            form.perms.data = permassign.access_permissions
    if form.validate_on_submit():
        perms = ' '.join(sorted(form.perms.data.split()))
        if not perms:
            db.session.delete(permassign)
        else:
            permassign.access_permissions = perms
        db.session.commit()
        if perms:
            if auth_client.user:
                flash(
                    _("Permissions have been updated for user {pname}").format(
                        pname=user.pickername),
                    'success',
                )
            else:
                flash(
                    _("Permissions have been updated for team {title}").format(
                        title=team.title),
                    'success',
                )
        else:
            if auth_client.user:
                flash(
                    _("All permissions have been revoked for user {pname}").
                    format(pname=user.pickername),
                    'success',
                )
            else:
                flash(
                    _("All permissions have been revoked for team {title}").
                    format(title=team.title),
                    'success',
                )
        return render_redirect(url_for('.client_info', key=auth_client.buid),
                               code=303)
    return render_form(
        form=form,
        title=_("Edit permissions"),
        formid='perm_edit',
        submit=_("Save changes"),
        ajax=True,
    )
Esempio n. 12
0
    def make_fixtures(self):
        """
        Create users, attach them to organizations. Create test client app, add test
        resource, action and message.
        """
        crusoe = User(username="******", fullname="Crusoe Celebrity Dachshund")
        oakley = User(username="******")
        piglet = User(username="******")
        nameless = User(fullname="Nameless")

        db.session.add_all([crusoe, oakley, piglet, nameless])
        self.crusoe = crusoe
        self.oakley = oakley
        self.piglet = piglet
        self.nameless = nameless

        crusoe_email = UserEmail(
            email="*****@*****.**", user=crusoe, primary=True
        )
        crusoe_phone = UserPhone(phone="+8080808080", user=crusoe, primary=True)
        oakley_email = UserEmail(email="*****@*****.**", user=oakley)
        db.session.add_all([crusoe_email, crusoe_phone, oakley_email])
        self.crusoe_email = crusoe_email
        self.crusoe_phone = crusoe_phone

        batdog = Organization(name='batdog', title='Batdog')
        batdog.owners.users.append(crusoe)
        db.session.add(batdog)
        self.batdog = batdog

        specialdachs = Organization(name="specialdachs", title="Special Dachshunds")
        specialdachs.owners.users.append(oakley)
        db.session.add(specialdachs)
        self.specialdachs = specialdachs

        auth_client = AuthClient(
            title="Batdog Adventures",
            organization=batdog,
            confidential=True,
            namespace='fun.batdogadventures.com',
            website="http://batdogadventures.com",
        )
        db.session.add(auth_client)
        self.auth_client = auth_client

        dachshunds = Team(title="Dachshunds", organization=batdog)
        db.session.add(dachshunds)
        self.dachshunds = dachshunds

        auth_client_team_permissions = AuthClientTeamPermissions(
            team=dachshunds, auth_client=auth_client, access_permissions="admin"
        )
        self.auth_client_team_permissions = auth_client_team_permissions
        db.session.add(auth_client_team_permissions)

        auth_client_user_permissions = AuthClientUserPermissions(
            user=crusoe, auth_client=auth_client
        )
        db.session.add(auth_client_user_permissions)
        self.auth_client_user_permissions = auth_client_user_permissions

        message = SMSMessage(
            phone_number=crusoe_phone.phone,
            transactionid="Ruff" * 5,
            message="Wuff Wuff",
        )
        db.session.add(message)
        db.session.commit()
        self.message = message
Esempio n. 13
0
    def make_fixtures(self):
        """
        Create users, attach them to organizations. Create test client app, add test
        resource, action and message.
        """
        crusoe = User(username=u"crusoe",
                      fullname=u"Crusoe Celebrity Dachshund")
        oakley = User(username=u"oakley")
        piglet = User(username=u"piglet")
        nameless = User(fullname="Nameless")

        db.session.add_all([crusoe, oakley, piglet, nameless])
        self.crusoe = crusoe
        self.oakley = oakley
        self.piglet = piglet
        self.nameless = nameless

        crusoe_email = UserEmail(email=u"*****@*****.**",
                                 primary=True,
                                 user=crusoe)
        crusoe_phone = UserPhone(phone=u"+8080808080",
                                 primary=True,
                                 user=crusoe)
        oakley_email = UserEmail(email=u"*****@*****.**", user=oakley)
        db.session.add_all([crusoe_email, crusoe_phone, oakley_email])
        self.crusoe_email = crusoe_email
        self.crusoe_phone = crusoe_phone

        batdog = Organization(name=u'batdog', title=u'Batdog')
        batdog.owners.users.append(crusoe)
        batdog.members.users.append(oakley)
        db.session.add(batdog)
        self.batdog = batdog

        specialdachs = Organization(name=u"specialdachs",
                                    title=u"Special Dachshunds")
        specialdachs.owners.users.append(oakley)
        specialdachs.members.users.append(piglet)
        db.session.add(specialdachs)
        self.specialdachs = specialdachs

        client = Client(title=u"Batdog Adventures",
                        org=batdog,
                        confidential=True,
                        namespace=u'fun.batdogadventures.com',
                        website=u"http://batdogadventures.com")
        db.session.add(client)
        self.client = client

        dachshunds = Team(title=u"Dachshunds", org=batdog)
        db.session.add(dachshunds)
        self.dachshunds = dachshunds

        team_client_permission = TeamClientPermissions(
            team=dachshunds, client=client, access_permissions=u"admin")
        self.team_client_permission = team_client_permission
        db.session.add(team_client_permission)

        client_team_access = ClientTeamAccess(
            org=batdog, client=client, access_level=CLIENT_TEAM_ACCESS.ALL)
        db.session.add(client_team_access)

        bdfl = Permission(name=u"bdfl", title=u"BDFL", user=crusoe)
        db.session.add(bdfl)
        self.bdfl = bdfl

        user_client_permissions = UserClientPermissions(user=crusoe,
                                                        client=client)
        db.session.add(user_client_permissions)
        self.user_client_permissions = user_client_permissions

        resource = Resource(name=u"test_resource",
                            title=u"Test Resource",
                            client=client)
        db.session.add(resource)
        self.resource = resource

        resource_action = ResourceAction(name=u'Fun',
                                         resource=resource,
                                         title=u'fun')
        db.session.add(resource_action)
        self.resource_action = resource_action

        action = ResourceAction(name=u"read", title=u"Read", resource=resource)
        db.session.add(action)
        self.action = action

        message = SMSMessage(phone_number=crusoe_phone.phone,
                             transaction_id=u"Ruff" * 5,
                             message=u"Wuff Wuff")
        db.session.add(message)
        db.session.commit()
        self.message = message