def admin_admin_update(): forms = create_admin_admin_form(request.form) for user_id, form in forms.iteritems(): user = User.query.get(user_id) user_data = dict( (k[k.find("_")+1:].upper(),v) for k,v in form.data.iteritems()) for priv, has_priv in user_data.iteritems(): if has_priv: give_user_privilege(user, priv) else: revoke_user_privilege(user, priv) return redirect(url_for('admin_console'))
def admin_admin_update(): """Updates the administrative privileges of other users given the input from the form presented by :func:`admin_console`. """ forms = create_admin_admin_form(request.form) for user_id, form in forms.iteritems(): user = User.query.get(user_id) user_data = dict( (k[k.find("_")+1:].upper(),v) for k,v in form.data.iteritems()) for priv, has_priv in user_data.iteritems(): if has_priv: give_user_privilege(user, priv) else: revoke_user_privilege(user, priv) return redirect(url_for('admin_console'))
def admin_admin_update(): """Updates the administrative privileges of other users given the input from the form presented by :func:`admin_console`. """ forms = create_admin_admin_form(request.form) for user_id, form in forms.iteritems(): user = User.query.get(user_id) user_data = dict( (k[k.find("_") + 1:].upper(), v) for k, v in form.data.iteritems()) for priv, has_priv in user_data.iteritems(): if has_priv: give_user_privilege(user, priv) else: revoke_user_privilege(user, priv) return redirect(url_for('admin_console'))
def test_revoke_user_privilege(self): self.user.privs = 0xff db.session.add(self.user) db.session.commit() revoke_user_privilege(self.user, "ADMIN_INTERFACE") assert self.user.privs & privs["ADMIN_INTERFACE"] == 0 revoke_user_privilege(self.user, "ADMIN_PLAYBACK") assert self.user.privs & privs["ADMIN_PLAYBACK"] == 0 revoke_user_privilege(self.user, "ADMIN_ADMIN") assert self.user.privs & privs["ADMIN_ADMIN"] == 0 revoke_user_privilege(self.user, "ADMIN_CONFIG") assert self.user.privs & privs["ADMIN_CONFIG"] == 0
def setup(self): self.user = self.create_test_user() for p in privs.iterkeys(): revoke_user_privilege(self.user, p)