def test_roles(self): u1 = User(username='******', email='*****@*****.**') u2 = User(username='******', email='*****@*****.**') r1 = Role(name='Admin') r2 = Role(name='Operator') r3 = Role(name='Client') self.db.session.add(u1) self.db.session.add(u2) self.db.session.add(r1) self.db.session.add(r2) self.db.session.add(r3) self.db.session.commit() u1 = User.find_by_username('john') u2 = User.find_by_username('susan') self.assertEqual(u1.roles.all(), []) self.assertEqual(u2.roles.all(), []) u1.add_role(r1) u2.add_role(r2) u2.add_role(r3) self.db.session.add(u1) self.db.session.add(u2) self.db.session.commit() # John has exactly 1 role? self.assertEqual(u1.roles.count(), 1) # John has the 'Admin' role? self.assertEqual(u1.roles.first().name, 'Admin') # Susan has exactly 2 roles? self.assertEqual(u2.roles.count(), 2) # Susan has the role 'Client'? self.assertTrue(u2.has_role(r3))
def role_create(): form = OpsRole() if form.validate_on_submit(): role = Role() for field in form: if field.name not in ("csrf_token", "submit",): role.__setattr__(field.name, field.data) return redirect(url_for(".role_index")) return render_template("user_control/role_create.html", form=form)
def insert_roles(): roles = { 'user': ['post_comment'], 'moderator': [ 'post_comment', 'write_articles', 'manage_comments', 'manage_articles', 'manage_users', ] } permissions_map = {p.name: p for p in Permission.query} for role, permissions in roles.items(): ur = Role.query.filter_by(name=role).first() if ur is None: r = Role() for p in permissions: r.permissions.append(permissions_map.get(p)) r.name = role db.session.add(r) db.session.commit()
def s_users_json(): columns = list() columns.append(ColumnDT('id', filter=_default_value)) columns.append(ColumnDT('full_name', filter=_default_value)) columns.append(ColumnDT('email', filter=_default_value)) columns.append(ColumnDT('login', filter=_default_value)) columns.append(ColumnDT('mobile_phone', filter=_default_value)) columns.append(ColumnDT('inner_phone', filter=_default_value)) columns.append(ColumnDT('status', filter=_status)) query = db.session.query(User) rowTable = DataTables(request, User, query, columns) json_result = rowTable.output_result() current_user = auth.service.get_user() disabled = '' if not current_user.is_admin and ('set_permissions' not in current_user.get_permissions()): disabled = 'disabled' for row in json_result['aaData']: row_id = row['0'] row['1'] = "<a href='"+url_for('user.profile')+"/"+row_id+"'>"+row['1']+"</a>" last_col = len(columns) - 1 # Permission last_col += 1 per_columns = str(last_col) per_options = "" permissions = Permission.get_all() set_per = User.get_user_permissions_id(row_id) for per in permissions: sel = '' sel = 'selected' if per.id in set_per else '' per_options += "<option value='"+str(per.id)+"' "+sel+">"+per.title+"</option>" per_html = """ <select onchange="change_user_per("""+row_id+""", this)" class="selectpicker" multiple data-selected-text-format="count>1" data-width="170px" """+disabled+"""> """+per_options+""" </select> <script type="text/javascript">$('.selectpicker').selectpicker({style: 'btn-default',size: 5});</script> """ row[per_columns] = per_html # Roles last_col += 1 roles_columns = str(last_col) roles = Role.get_all() role_options = '' sel_role = User.get_user_role_id(row_id) for role in roles: sel = '' sel = 'selected' if role.id == sel_role else '' role_options += "<option value='"+str(role.id)+"/"+row_id+"' "+sel+">"+role.name+"</option>" sel = '' sel = 'selected' if 0 == sel_role else '' role_options += "<option value='0/"+row_id+"' "+sel+">admin</option>" role_html = """ <select onchange="change_user_role(this.value)" class="selectpicker" data-width="110px" """+disabled+"""> """+role_options+""" </select> <script type="text/javascript">$('.selectpicker').selectpicker({style: 'btn-default',size: 5});</script> """ row[roles_columns] = role_html # Manage last_col += 1 last_columns = str(last_col) manage_html = """ <a href="javascript: user.activate({0})"> <span class="glyphicon glyphicon-ok" aria-hidden="true"></span> </a> <a href="{1}"> <span class="glyphicon glyphicon-pencil" aria-hidden="true"></span> </a> <a href="javascript: user.delete({0})"> <span class="glyphicon glyphicon-remove" aria-hidden="true"></span> </a> """.format( row_id, url_for('admin.edit_user', id=row_id) ) row[last_columns] = manage_html return jsonify(**json_result)