def permission_edit(id):
perm = Permission.query.get_or_404(id)
if not perm.owner_is(g.user):
abort(403)
form = PermissionForm(obj=perm)
form.context.choices = available_client_owners()
form.edit_obj = perm
if request.method == 'GET':
if perm.user:
form.context.data = perm.user.userid
else:
form.context.data = perm.org.userid
if form.validate_on_submit():
form.populate_obj(perm)
perm.user = form.user
perm.org = form.org
db.session.commit()
flash("Your permission has been saved", "info")
return render_redirect(url_for('permission_list'), code=303)
return render_form(form=form, title="Edit permission", formid="perm_edit",
submit="Save changes", ajax=True)
