Esempio n. 1
0
def overview(sketch_id):
    """Generates the sketch overview template.

    Returns:
        Template with context.
    """
    sketch = Sketch.query.get_with_acl(sketch_id)
    sketch_form = NameDescriptionForm()
    permission_form = TogglePublic()
    status_form = StatusForm()
    trash_form = TrashForm()

    # Edit sketch form POST
    if sketch_form.validate_on_submit():
        if not sketch.has_permission(current_user, u'write'):
            abort(HTTP_STATUS_CODE_FORBIDDEN)
        sketch.name = sketch_form.name.data
        sketch.description = sketch_form.description.data
        db_session.commit()
        return redirect(
            url_for(u'sketch_views.overview', sketch_id=sketch.id))

    # Toggle public/private form POST
    if permission_form.validate_on_submit():
        if not sketch.has_permission(current_user, u'write'):
            abort(HTTP_STATUS_CODE_FORBIDDEN)
        if permission_form.permission.data == u'public':
            sketch.grant_permission(user=None, permission=u'read')
        else:
            sketch.revoke_permission(user=None, permission=u'read')
        db_session.commit()
        return redirect(
            url_for(u'sketch_views.overview', sketch_id=sketch.id))

    # Change status form POST
    if status_form.validate_on_submit():
        if not sketch.has_permission(current_user, u'write'):
            abort(HTTP_STATUS_CODE_FORBIDDEN)
        sketch.set_status(status=status_form.status.data)
        return redirect(
            url_for(u'sketch_views.overview', sketch_id=sketch.id))

    # Trash form POST
    if trash_form.validate_on_submit():
        if not sketch.has_permission(current_user, u'delete'):
            abort(HTTP_STATUS_CODE_FORBIDDEN)
        sketch.set_status(status=u'deleted')
        return redirect(
            url_for(u'home_views.home'))

    return render_template(
        u'sketch/overview.html', sketch=sketch, sketch_form=sketch_form,
        permission_form=permission_form, status_form=status_form,
        trash_form=trash_form)
Esempio n. 2
0
def overview(sketch_id):
    """Generates the sketch overview template.

    Returns:
        Template with context.
    """
    sketch = Sketch.query.get_with_acl(sketch_id)
    sketch_form = NameDescriptionForm()
    permission_form = TogglePublic()
    status_form = StatusForm()
    trash_form = TrashForm()

    # Edit sketch form POST
    if sketch_form.validate_on_submit():
        if not sketch.has_permission(current_user, u'write'):
            abort(HTTP_STATUS_CODE_FORBIDDEN)
        sketch.name = sketch_form.name.data
        sketch.description = sketch_form.description.data
        db_session.commit()
        return redirect(
            url_for(u'sketch_views.overview', sketch_id=sketch.id))

    # Toggle public/private form POST
    if permission_form.validate_on_submit():
        if not sketch.has_permission(current_user, u'write'):
            abort(HTTP_STATUS_CODE_FORBIDDEN)
        if permission_form.permission.data == u'public':
            sketch.grant_permission(user=None, permission=u'read')
        else:
            sketch.revoke_permission(user=None, permission=u'read')
        db_session.commit()
        return redirect(
            url_for(u'sketch_views.overview', sketch_id=sketch.id))

    # Change status form POST
    if status_form.validate_on_submit():
        if not sketch.has_permission(current_user, u'write'):
            abort(HTTP_STATUS_CODE_FORBIDDEN)
        sketch.set_status(status=status_form.status.data)
        return redirect(
            url_for(u'sketch_views.overview', sketch_id=sketch.id))

    # Trash form POST
    if trash_form.validate_on_submit():
        if not sketch.has_permission(current_user, u'delete'):
            abort(HTTP_STATUS_CODE_FORBIDDEN)
        sketch.set_status(status=u'deleted')
        return redirect(
            url_for(u'home_views.home'))

    return render_template(
        u'sketch/overview.html', sketch=sketch, sketch_form=sketch_form,
        permission_form=permission_form, status_form=status_form,
        trash_form=trash_form)
Esempio n. 3
0
    def post(self):
        """Handles POST request to the resource.

        Returns:
            A sketch in JSON (instance of flask.wrappers.Response)
        """
        form = NameDescriptionForm.build(request)
        if form.validate_on_submit():
            sketch = Sketch(name=form.name.data,
                            description=form.description.data,
                            user=current_user)
            sketch.status.append(sketch.Status(user=None, status=u'new'))
            # Give the requesting user permissions on the new sketch.
            sketch.grant_permission(permission=u'read', user=current_user)
            sketch.grant_permission(permission=u'write', user=current_user)
            sketch.grant_permission(permission=u'delete', user=current_user)
            db_session.add(sketch)
            db_session.commit()
            return self.to_json(sketch, status_code=HTTP_STATUS_CODE_CREATED)
        return abort(HTTP_STATUS_CODE_BAD_REQUEST)
Esempio n. 4
0
    def post(self):
        """Handles POST request to the resource.

        Returns:
            A sketch in JSON (instance of flask.wrappers.Response)
        """
        form = NameDescriptionForm.build(request)
        if form.validate_on_submit():
            sketch = Sketch(
                name=form.name.data, description=form.description.data,
                user=current_user)
            sketch.status.append(sketch.Status(user=None, status=u'new'))
            # Give the requesting user permissions on the new sketch.
            sketch.grant_permission(permission=u'read', user=current_user)
            sketch.grant_permission(permission=u'write', user=current_user)
            sketch.grant_permission(permission=u'delete', user=current_user)
            db_session.add(sketch)
            db_session.commit()
            return self.to_json(sketch, status_code=HTTP_STATUS_CODE_CREATED)
        return abort(HTTP_STATUS_CODE_BAD_REQUEST)
Esempio n. 5
0
def overview(sketch_id):
    """Generates the sketch overview template.

    Returns:
        Template with context.
    """
    sketch = Sketch.query.get_with_acl(sketch_id)
    sketch_form = NameDescriptionForm()
    permission_form = TogglePublic()
    status_form = StatusForm()
    trash_form = TrashForm()

    # Dynamically set the forms select options.
    # pylint: disable=singleton-comparison
    permission_form.groups.choices = set(
        (g.id, g.name) for g in Group.query.filter(
            or_(Group.user == current_user, Group.user == None)))

    permission_form.remove_groups.choices = set(
        (g.id, g.name) for g in sketch.groups)

    permission_form.remove_users.choices = set(
        (u.id, u.username) for u in sketch.collaborators)

    # Edit sketch form POST
    if sketch_form.validate_on_submit():
        if not sketch.has_permission(current_user, u'write'):
            abort(HTTP_STATUS_CODE_FORBIDDEN)
        sketch.name = sketch_form.name.data
        sketch.description = sketch_form.description.data
        db_session.commit()
        return redirect(
            url_for(u'sketch_views.overview', sketch_id=sketch.id))

    # Toggle public/private form POST
    if permission_form.validate_on_submit():
        if not sketch.has_permission(current_user, u'write'):
            abort(HTTP_STATUS_CODE_FORBIDDEN)

        # Add collaborators to the sketch
        # TODO(jbn): Make write permission off by default
        # and selectable in the UI
        if permission_form.username.data:
            user = User.query.filter_by(
                username=permission_form.username.data).first()
            if user:
                sketch.grant_permission(permission=u'read', user=user)
                sketch.grant_permission(permission=u'write', user=user)

        # Add a group to the sketch
        if permission_form.groups.data:
            group_id = permission_form.groups.data
            group = Group.query.get(group_id)
            # Only add groups publicly visible or owned by the current user
            if not group.user or group.user == current_user:
                sketch.grant_permission(permission=u'read', group=group)
                sketch.grant_permission(permission=u'write', group=group)

        # Remove groups from sketch
        if permission_form.remove_groups.data:
            for group_id in permission_form.remove_groups.data:
                group = Group.query.get(group_id)
                sketch.revoke_permission(permission=u'read', group=group)
                sketch.revoke_permission(permission=u'write', group=group)

        # Remove users from sketch
        if permission_form.remove_users.data:
            for user_id in permission_form.remove_users.data:
                user = User.query.get(user_id)
                sketch.revoke_permission(permission=u'read', user=user)
                sketch.revoke_permission(permission=u'write', user=user)

        if permission_form.permission.data == u'public':
            sketch.grant_permission(permission=u'read')
        else:
            sketch.revoke_permission(permission=u'read')
        db_session.commit()
        return redirect(
            url_for(u'sketch_views.overview', sketch_id=sketch.id))


    # Change status form POST
    if status_form.validate_on_submit():
        if not sketch.has_permission(current_user, u'write'):
            abort(HTTP_STATUS_CODE_FORBIDDEN)
        sketch.set_status(status=status_form.status.data)
        return redirect(
            url_for(u'sketch_views.overview', sketch_id=sketch.id))

    # Trash form POST
    if trash_form.validate_on_submit():
        if not sketch.has_permission(current_user, u'delete'):
            abort(HTTP_STATUS_CODE_FORBIDDEN)
        sketch.set_status(status=u'deleted')
        return redirect(
            url_for(u'home_views.home'))

    return render_template(
        u'sketch/overview.html', sketch=sketch, sketch_form=sketch_form,
        permission_form=permission_form, status_form=status_form,
        trash_form=trash_form)
Esempio n. 6
0
def overview(sketch_id):
    """Generates the sketch overview template.

    Returns:
        Template with context.
    """
    sketch = Sketch.query.get_with_acl(sketch_id)
    sketch_form = NameDescriptionForm()
    permission_form = TogglePublic()
    status_form = StatusForm()
    trash_form = TrashForm()

    # Dynamically set the forms select options.
    # pylint: disable=singleton-comparison
    permission_form.groups.choices = set(
        (g.id, g.name) for g in Group.query.filter(
            or_(Group.user == current_user, Group.user == None)))

    permission_form.remove_groups.choices = set(
        (g.id, g.name) for g in sketch.groups)

    permission_form.remove_users.choices = set(
        (u.id, u.username) for u in sketch.collaborators)

    # Edit sketch form POST
    if sketch_form.validate_on_submit():
        if not sketch.has_permission(current_user, u'write'):
            abort(HTTP_STATUS_CODE_FORBIDDEN)
        sketch.name = sketch_form.name.data
        sketch.description = sketch_form.description.data
        db_session.commit()
        return redirect(url_for(u'sketch_views.overview', sketch_id=sketch.id))

    # Toggle public/private form POST
    if permission_form.validate_on_submit():
        if not sketch.has_permission(current_user, u'write'):
            abort(HTTP_STATUS_CODE_FORBIDDEN)

        # Add collaborators to the sketch
        # TODO(jbn): Make write permission off by default
        # and selectable in the UI
        if permission_form.username.data:
            user = User.query.filter_by(
                username=permission_form.username.data).first()
            if user:
                sketch.grant_permission(permission=u'read', user=user)
                sketch.grant_permission(permission=u'write', user=user)

        # Add a group to the sketch
        if permission_form.groups.data:
            group_id = permission_form.groups.data
            group = Group.query.get(group_id)
            # Only add groups publicly visible or owned by the current user
            if not group.user or group.user == current_user:
                sketch.grant_permission(permission=u'read', group=group)
                sketch.grant_permission(permission=u'write', group=group)

        # Remove groups from sketch
        if permission_form.remove_groups.data:
            for group_id in permission_form.remove_groups.data:
                group = Group.query.get(group_id)
                sketch.revoke_permission(permission=u'read', group=group)
                sketch.revoke_permission(permission=u'write', group=group)

        # Remove users from sketch
        if permission_form.remove_users.data:
            for user_id in permission_form.remove_users.data:
                user = User.query.get(user_id)
                sketch.revoke_permission(permission=u'read', user=user)
                sketch.revoke_permission(permission=u'write', user=user)

        if permission_form.permission.data == u'public':
            sketch.grant_permission(permission=u'read')
        else:
            sketch.revoke_permission(permission=u'read')
        db_session.commit()
        return redirect(url_for(u'sketch_views.overview', sketch_id=sketch.id))

    # Change status form POST
    if status_form.validate_on_submit():
        if not sketch.has_permission(current_user, u'write'):
            abort(HTTP_STATUS_CODE_FORBIDDEN)
        sketch.set_status(status=status_form.status.data)
        return redirect(url_for(u'sketch_views.overview', sketch_id=sketch.id))

    # Trash form POST
    if trash_form.validate_on_submit():
        if not sketch.has_permission(current_user, u'delete'):
            abort(HTTP_STATUS_CODE_FORBIDDEN)
        sketch.set_status(status=u'deleted')
        return redirect(url_for(u'home_views.home'))

    return render_template(u'sketch/overview.html',
                           sketch=sketch,
                           sketch_form=sketch_form,
                           permission_form=permission_form,
                           status_form=status_form,
                           trash_form=trash_form)