def permission_user_delete(client, kwargs): if client.user: user = User.get(buid=kwargs['buid']) if not user: abort(404) permassign = UserClientPermissions.query.filter_by( user=user, client=client).first_or_404() return render_delete_sqla( permassign, db, title=_(u"Confirm delete"), message= _(u"Remove all permissions assigned to user {pname} for app ‘{title}’?" ).format(pname=user.pickername, title=client.title), success=_(u"You have revoked permisions for user {pname}").format( pname=user.pickername), next=url_for('.client_info', key=client.key)) else: team = Team.get(buid=kwargs['buid']) if not team: abort(404) permassign = TeamClientPermissions.query.filter_by( team=team, client=client).first_or_404() return render_delete_sqla( permassign, db, title=_(u"Confirm delete"), message= _(u"Remove all permissions assigned to team ‘{pname}’ for app ‘{title}’?" ).format(pname=team.title, title=client.title), success=_(u"You have revoked permisions for team {title}").format( title=team.title), next=url_for('.client_info', key=client.key))
def permission_user_edit(client, kwargs): if client.user: user = User.get(userid=kwargs['userid']) if not user: abort(404) available_perms = Permission.query.filter( db.or_(Permission.allusers == True, Permission.user == g.user)).order_by('name').all() permassign = UserClientPermissions.query.filter_by( user=user, client=client).first_or_404() elif client.org: team = Team.get(userid=kwargs['userid']) if not team: abort(404) available_perms = Permission.query.filter( db.or_(Permission.allusers == True, Permission.org == client.org)).order_by('name').all() permassign = TeamClientPermissions.query.filter_by( team=team, client=client).first_or_404() form = PermissionEditForm() form.perms.choices = [(ap.name, u"{name} – {title}".format(name=ap.name, title=ap.title)) for ap in available_perms] if request.method == 'GET': if permassign: form.perms.data = permassign.access_permissions.split(u' ') if form.validate_on_submit(): form.perms.data.sort() perms = u' '.join(form.perms.data) if not perms: db.session.delete(permassign) else: permassign.access_permissions = perms db.session.commit() if perms: if client.user: flash( u"Permissions have been updated for user {pname}".format( pname=user.pickername), 'success') else: flash( u"Permissions have been updated for team {title}".format( title=team.title), 'success') else: if client.user: flash( u"All permissions have been revoked for user {pname}". format(pname=user.pickername), 'success') else: flash( u"All permissions have been revoked for team {title}". format(title=team.title), 'success') return render_redirect(url_for('.client_info', key=client.key), code=303) return render_form(form=form, title="Edit permissions", formid="perm_edit", submit="Save changes", ajax=True)
def permission_user_delete(client, kwargs): if client.user: user = User.get(userid=kwargs['userid']) if not user: abort(404) permassign = UserClientPermissions.query.filter_by(user=user, client=client).first_or_404() return render_delete_sqla(permassign, db, title=u"Confirm delete", message=u"Remove all permissions assigned to user {pname} for app ‘{title}’?".format( pname=user.pickername, title=client.title), success=u"You have revoked permisions for user {pname}".format(pname=user.pickername), next=url_for('.client_info', key=client.key)) else: team = Team.get(userid=kwargs['userid']) if not team: abort(404) permassign = TeamClientPermissions.query.filter_by(team=team, client=client).first_or_404() return render_delete_sqla(permassign, db, title=u"Confirm delete", message=u"Remove all permissions assigned to team ‘{pname}’ for app ‘{title}’?".format( pname=team.title, title=client.title), success=u"You have revoked permisions for team {title}".format(title=team.title), next=url_for('.client_info', key=client.key))
def permission_user_edit(client, kwargs): if client.user: user = User.get(userid=kwargs['userid']) if not user: abort(404) available_perms = Permission.query.filter(db.or_( Permission.allusers == True, Permission.user == g.user)).order_by('name').all() permassign = UserClientPermissions.query.filter_by(user=user, client=client).first_or_404() elif client.org: team = Team.get(userid=kwargs['userid']) if not team: abort(404) available_perms = Permission.query.filter(db.or_( Permission.allusers == True, Permission.org == client.org)).order_by('name').all() permassign = TeamClientPermissions.query.filter_by(team=team, client=client).first_or_404() form = PermissionEditForm() form.perms.choices = [(ap.name, u"{name} – {title}".format(name=ap.name, title=ap.title)) for ap in available_perms] if request.method == 'GET': if permassign: form.perms.data = permassign.access_permissions.split(u' ') if form.validate_on_submit(): form.perms.data.sort() perms = u' '.join(form.perms.data) if not perms: db.session.delete(permassign) else: permassign.access_permissions = perms db.session.commit() if perms: if client.user: flash(u"Permissions have been updated for user {pname}".format(pname=user.pickername), 'success') else: flash(u"Permissions have been updated for team {title}".format(title=team.title), 'success') else: if client.user: flash(u"All permissions have been revoked for user {pname}".format(pname=user.pickername), 'success') else: flash(u"All permissions have been revoked for team {title}".format(title=team.title), 'success') return render_redirect(url_for('.client_info', key=client.key), code=303) return render_form(form=form, title="Edit permissions", formid="perm_edit", submit="Save changes", ajax=True)
def permission_user_delete(auth_client, kwargs): if auth_client.user: user = User.get(buid=kwargs['buid']) if not user: abort(404) permassign = AuthClientUserPermissions.get(auth_client=auth_client, user=user) if not permassign: abort(404) return render_delete_sqla( permassign, db, title=_("Confirm delete"), message= _("Remove all permissions assigned to user {pname} for app ‘{title}’?" ).format(pname=user.pickername, title=auth_client.title), success=_("You have revoked permisions for user {pname}").format( pname=user.pickername), next=url_for('.client_info', key=auth_client.buid), ) else: team = Team.get(buid=kwargs['buid']) if not team: abort(404) permassign = AuthClientTeamPermissions.get(auth_client=auth_client, team=team) if not permassign: abort(404) return render_delete_sqla( permassign, db, title=_("Confirm delete"), message= _("Remove all permissions assigned to team ‘{pname}’ for app ‘{title}’?" ).format(pname=team.title, title=auth_client.title), success=_("You have revoked permisions for team {title}").format( title=team.title), next=url_for('.client_info', key=auth_client.buid), )
def loader(self, name, buid): obj = Team.get(buid=buid, with_parent=True) if not obj or obj.org.name != name: abort(404) return obj
def permission_user_edit(auth_client, kwargs): if auth_client.user: user = User.get(buid=kwargs['buid']) if not user: abort(404) permassign = AuthClientUserPermissions.get(auth_client=auth_client, user=user) if not permassign: abort(404) elif auth_client.organization: team = Team.get(buid=kwargs['buid']) if not team: abort(404) permassign = AuthClientTeamPermissions.get(auth_client=auth_client, team=team) if not permassign: abort(404) form = PermissionEditForm() if request.method == 'GET': if permassign: form.perms.data = permassign.access_permissions if form.validate_on_submit(): perms = ' '.join(sorted(form.perms.data.split())) if not perms: db.session.delete(permassign) else: permassign.access_permissions = perms db.session.commit() if perms: if auth_client.user: flash( _("Permissions have been updated for user {pname}").format( pname=user.pickername), 'success', ) else: flash( _("Permissions have been updated for team {title}").format( title=team.title), 'success', ) else: if auth_client.user: flash( _("All permissions have been revoked for user {pname}"). format(pname=user.pickername), 'success', ) else: flash( _("All permissions have been revoked for team {title}"). format(title=team.title), 'success', ) return render_redirect(url_for('.client_info', key=auth_client.buid), code=303) return render_form( form=form, title=_("Edit permissions"), formid='perm_edit', submit=_("Save changes"), ajax=True, )