def show_score(user_id,score_id):
teams = [t for t in Team.select() if can(auth.get_logged_in_user(),READ,t)]
user = get_object_or_404(User, User.id == user_id)
score = get_object_or_404(Score, Score.id == score_id)
ensure(READ,user)
users = [u for u in User.select().where(User.team == user.team) if can(auth.get_logged_in_user(),READ,u)]
return render_template("score_detail.html", active_user=user, teams=teams, users=users, active_team = user.team, score=score)
def test_basic_usage():
@authorization_method
def authorize(user, abilities):
if user.is_admin:
# self.can_manage(ALL)
abilities.append(MANAGE, ALL)
else:
abilities.append(READ, ALL)
def if_author(article):
return article.author == user
abilities.append(EDIT, Article, if_author)
sally = User(name='sally', admin=False)
billy = User(name='billy', admin=True)
article = Article(author=sally)
# check abilities
assert can(sally, EDIT, article)
billys_article = Article(author=billy)
assert cannot(sally, EDIT, billys_article)
assert can(billy, EDIT, billys_article)
def user_detail(user_id):
teams = [t for t in Team.select() if can(auth.get_logged_in_user(),READ,t)]
user = get_object_or_404(User, User.id == user_id)
ensure(READ,user)
scores = Score.select().where(Score.user == user).order_by(Score.created_at.desc())
users = [u for u in User.select().where(User.team == user.team) if can(auth.get_logged_in_user(),READ,u)]
pq = PaginatedQuery(scores, 20)
last_date = datetime.now() - timedelta(days=5)
return render_template("index.html", active_user=user, teams=teams, users=users, pagination=pq, page=pq.get_page(), active_team = user.team, weeks = [w for w in Week.select().where(Week.end > last_date) if not has_score(w.score_set)])