def get_record_permissions(recid=None): if not recid: return False action_edit_record = RecordUpdateActionNeed(str(recid)) action_read_record = RecordReadActionNeed(str(recid)) action_index_record = RecordIndexActionNeed(str(recid)) permissions = dict() permissions['u_edit'] = ActionUsers.query_by_action( action_edit_record).all() permissions['u_read'] = ActionUsers.query_by_action( action_read_record).all() permissions['u_index'] = ActionUsers.query_by_action( action_index_record).all() permissions['r_edit'] = ActionRoles.query_by_action( action_edit_record).all() permissions['r_read'] = ActionRoles.query_by_action( action_read_record).all() permissions['r_index'] = ActionRoles.query_by_action( action_index_record).all() result = permissions['u_edit'] + permissions['u_read'] + permissions['u_index'] + \ permissions['r_edit'] + permissions['r_read'] + permissions['r_index'] return result
def _add_experiment_permissions(cls, data, id_): """Add read permissions to everybody assigned to experiment.""" exp_need = exp_need_factory(data['_experiment']) # give read access to members of collaboration for au in ActionUsers.query_by_action(exp_need).all(): try: ActionUsers.query_by_action( RECORD_ACTION_NEEDS(id_)['record-read'] ).filter_by(user=au.user).one() except NoResultFound: db.session.add( ActionUsers.allow( RECORD_ACTION_NEEDS(id_)['record-read'], user=au.user ) ) data['_access']['record-read']['users'].append(au.user.id) for ar in ActionRoles.query_by_action(exp_need).all(): try: ActionRoles.query_by_action( RECORD_ACTION_NEEDS(id_)['record-read'] ).filter_by(role=ar.role).one() except NoResultFound: db.session.add( ActionRoles.allow( RECORD_ACTION_NEEDS(id_)['record-read'], role=ar.role ) ) data['_access']['record-read']['roles'].append(ar.role.id)
def _add_experiment_permissions(cls, data, id_): """Add read permissions to everybody assigned to experiment.""" exp_need = exp_need_factory(data['_experiment']) # give read access to members of collaboration for au in ActionUsers.query_by_action(exp_need).all(): try: ActionUsers.query_by_action( RECORD_ACTION_NEEDS(id_)['record-read']).filter_by( user=au.user).one() except NoResultFound: db.session.add( ActionUsers.allow(RECORD_ACTION_NEEDS(id_)['record-read'], user=au.user)) data['_access']['record-read']['users'].append(au.user.id) for ar in ActionRoles.query_by_action(exp_need).all(): try: ActionRoles.query_by_action( RECORD_ACTION_NEEDS(id_)['record-read']).filter_by( role=ar.role).one() except NoResultFound: db.session.add( ActionRoles.allow(RECORD_ACTION_NEEDS(id_)['record-read'], role=ar.role)) data['_access']['record-read']['roles'].append(ar.role.id)
def team_management(community): """Team management for communities. :param community_id: ID of the community to manage. """ Action = namedtuple("Action", ["title", "name", "existing"]) actions = [] permissions = _get_permissions() for action in permissions: # 12 = len("communities-") a = Action(action[12:].replace("-", " ").capitalize(), action, ActionUsers.query_by_action( _get_needs(action, community.id)).all()) actions.append(a) ctx = mycommunities_ctx() ctx.update({ "community": community, "actions": actions }) return render_template( current_app.config['COMMUNITIES_TEAM_TEMPLATE'], **ctx )
def _add_experiment_permissions(self, experiment, permissions): """Add read permissions to everybody assigned to experiment.""" exp_need = exp_need_factory(experiment) # give read access to members of collaboration with db.session.begin_nested(): for au in ActionUsers.query_by_action(exp_need).all(): self._add_user_permissions(au.user, permissions, db.session) for ar in ActionRoles.query_by_action(exp_need).all(): self._add_egroup_permissions(ar.role, permissions, db.session)