def delete(slug, id):
project = object_or_404(Project.by_slug(slug))
authz.require(authz.project_manage(project))
permission = object_or_404(Permission.by_project_and_id(project, id))
permissions.delete(permission)
db.session.commit()
raise Gone()
def delete(slug, id):
project = object_or_404(Project.by_slug(slug))
authz.require(authz.project_manage(project))
permission = object_or_404(Permission.by_project_and_id(project, id))
permissions.delete(permission)
db.session.commit()
raise Gone()
def update(slug, id):
project = object_or_404(Project.by_slug(slug))
authz.require(authz.project_manage(project))
permission = object_or_404(Permission.by_project_and_id(project, id))
data = request_data({'project': project})
permission = permissions.save(data, permission=permission)
db.session.commit()
return jsonify(permission)
def index(slug):
project = object_or_404(Project.by_slug(slug))
authz.require(authz.project_manage(project))
query = Permission.all()
query = query.filter_by(project=project)
pager = Pager(query, slug=slug)
validate_cache(keys=pager.cache_keys())
return jsonify(pager, index=True)
def index(slug):
project = object_or_404(Project.by_slug(slug))
authz.require(authz.project_manage(project))
query = Permission.all()
query = query.filter_by(project=project)
pager = Pager(query)
conv = lambda es: [permissions.to_rest_index(e) for e in es]
return jsonify(pager.to_dict(conv))
def update(slug, id):
project = object_or_404(Project.by_slug(slug))
authz.require(authz.project_manage(project))
permission = object_or_404(Permission.by_project_and_id(project, id))
data = request_data({'project': project})
permission = permissions.save(data, permission=permission)
db.session.commit()
return jsonify(permission)
def index(slug):
project = object_or_404(Project.by_slug(slug))
authz.require(authz.project_manage(project))
query = Permission.all()
query = query.filter_by(project=project)
pager = Pager(query, slug=slug)
validate_cache(keys=pager.cache_keys())
return jsonify(pager, index=True)
def _project_and_permission(private=False,
reader=False,
editor=False,
admin=False,
account_id=1):
project = Project(private=private)
db.session.add(project)
db.session.commit()
perm = Permission(account_id=account_id,
project_id=project.id,
reader=reader,
editor=editor,
admin=admin)
db.session.add(perm)
db.session.commit()
return project, perm
def save(data, permission=None):
validator = PermissionValidator()
data = validator.deserialize(data)
if permission is None:
q = Permission.all()
q = q.filter(Permission.project == data['project'])
q = q.filter(Permission.account == data['account'])
permission = q.first()
if permission is None:
permission = Permission()
permission.project = data.get('project')
permission.account = data.get('account')
permission.reader = data['reader'] or data['editor'] or data['admin']
permission.editor = data['editor'] or data['admin']
permission.admin = data['admin']
db.session.add(permission)
db.session.flush()
return permission
def permissions():
""" Cache the full matrix of which projects this user has access to. """
if not hasattr(request, "permissions"):
matrix = {"reader": set(), "editor": set(), "admin": set()}
q = db.session.query(Project.id)
q = q.filter(Project.private == False)
matrix["reader"].update([id for id, in q.all()])
if logged_in():
q = Permission.all()
q = q.filter_by(account=request.account)
for perm in q.all():
if perm.reader:
matrix["reader"].add(perm.project_id)
if perm.editor:
matrix["editor"].add(perm.project_id)
if perm.admin:
matrix["admin"].add(perm.project_id)
request.permissions = matrix
return request.permissions
def permissions():
""" Cache the full matrix of which projects this user has access to. """
if not hasattr(request, 'permissions'):
matrix = {'reader': set(), 'editor': set(), 'admin': set()}
q = db.session.query(Project.id)
q = q.filter(Project.private == False)
matrix['reader'].update([id for id, in q.all()])
if logged_in():
q = Permission.all()
q = q.filter_by(account=request.account)
for perm in q.all():
if perm.reader:
matrix['reader'].add(perm.project_id)
if perm.editor:
matrix['editor'].add(perm.project_id)
if perm.admin:
matrix['admin'].add(perm.project_id)
request.permissions = matrix
return request.permissions
def save(data, permission=None):
validator = PermissionValidator()
data = validator.deserialize(data)
if permission is None:
q = Permission.all()
q = q.filter(Permission.project == data["project"])
q = q.filter(Permission.account == data["account"])
permission = q.first()
if permission is None:
permission = Permission()
permission.project = data.get("project")
permission.account = data.get("account")
permission.reader = data["reader"] or data["editor"] or data["admin"]
permission.editor = data["editor"] or data["admin"]
permission.admin = data["admin"]
db.session.add(permission)
db.session.flush()
return permission
def save(data, permission=None):
validator = PermissionValidator()
data = validator.deserialize(data)
if permission is None:
q = Permission.all()
q = q.filter(Permission.project == data['project'])
q = q.filter(Permission.account == data['account'])
permission = q.first()
if permission is None:
permission = Permission()
permission.project = data.get('project')
permission.account = data.get('account')
permission.reader = data['reader'] or data['editor'] or data['admin']
permission.editor = data['editor'] or data['admin']
permission.admin = data['admin']
db.session.add(permission)
db.session.flush()
return permission
def view(slug, id):
project = object_or_404(Project.by_slug(slug))
permission = object_or_404(Permission.by_project_and_id(project, id))
authz.require(authz.project_manage(project) or
request.account == permission.account)
return jsonify(permission)
def _find_permission(project):
q = Permission.all()
q = q.filter_by(project=project)
q = q.filter_by(account=request.account)
return q
def view(slug, id):
project = object_or_404(Project.by_slug(slug))
permission = object_or_404(Permission.by_project_and_id(project, id))
authz.require(
authz.project_manage(project) or request.account == permission.account)
return jsonify(permission)
