def edit_user_permissions(service_id, user_id):
# TODO we should probably using the service id here in the get user
# call as well. eg. /user/<user_id>?&service=service_id
user = user_api_client.get_user(user_id)
# Need to make the email address read only, or a disabled field?
# Do it through the template or the form class?
form = PermissionsForm(
**{
role: user.has_permissions(permissions=permissions)
for role, permissions in roles.items()
})
if form.validate_on_submit():
user_api_client.set_user_permissions(
user_id,
service_id,
permissions=set(
chain.from_iterable(permissions
for role, permissions in roles.items()
if form[role].data)) | {'view_activity'})
return redirect(url_for('.manage_users', service_id=service_id))
return render_template('views/edit-user-permissions.html',
user=user,
form=form)
def edit_user_permissions(service_id, user_id):
service_has_email_auth = 'email_auth' in current_service['permissions']
# TODO we should probably using the service id here in the get user
# call as well. eg. /user/<user_id>?&service=service_id
user = user_api_client.get_user(user_id)
user_has_no_mobile_number = user.mobile_number is None
form = PermissionsForm(**{
role: user.has_permission_for_service(service_id, role)
for role in roles.keys()
},
login_authentication=user.auth_type)
if form.validate_on_submit():
user_api_client.set_user_permissions(
user_id,
service_id,
permissions=set(get_permissions_from_form(form)),
)
if service_has_email_auth:
user_api_client.update_user_attribute(
user_id, auth_type=form.login_authentication.data)
return redirect(url_for('.manage_users', service_id=service_id))
return render_template('views/edit-user-permissions.html',
user=user,
form=form,
service_has_email_auth=service_has_email_auth,
user_has_no_mobile_number=user_has_no_mobile_number)
def remove_user_from_service(service_id, user_id):
user = user_api_client.get_user(user_id)
# Need to make the email address read only, or a disabled field?
# Do it through the template or the form class?
form = PermissionsForm(
**{
role: user.has_permission_for_service(service_id, role)
for role in roles.keys()
})
if request.method == 'POST':
try:
service_api_client.remove_user_from_service(service_id, user_id)
except HTTPError as e:
msg = "You cannot remove the only user for a service"
if e.status_code == 400 and msg in e.message:
flash(msg, 'info')
return redirect(url_for('.manage_users',
service_id=service_id))
else:
abort(500, e)
return redirect(url_for('.manage_users', service_id=service_id))
flash('Are you sure you want to remove {}?'.format(user.name), 'remove')
return render_template('views/edit-user-permissions.html',
user=user,
form=form)
def edit_user_permissions(service_id, user_id):
service_has_email_auth = current_service.has_permission('email_auth')
# TODO we should probably using the service id here in the get user
# call as well. eg. /user/<user_id>?&service=service_id
user = user_api_client.get_user(user_id)
user_has_no_mobile_number = user.mobile_number is None
form = PermissionsForm.from_user(user, service_id)
if form.validate_on_submit():
user_api_client.set_user_permissions(
user_id,
service_id,
permissions=form.permissions,
)
if service_has_email_auth:
user_api_client.update_user_attribute(
user_id, auth_type=form.login_authentication.data)
return redirect(url_for('.manage_users', service_id=service_id))
return render_template('views/edit-user-permissions.html',
user=user,
form=form,
service_has_email_auth=service_has_email_auth,
user_has_no_mobile_number=user_has_no_mobile_number)
def edit_user_permissions(service_id, user_id):
# TODO we should probably using the service id here in the get user
# call as well. eg. /user/<user_id>?&service=service_id
user = user_api_client.get_user(user_id)
# Need to make the email address read only, or a disabled field?
# Do it through the template or the form class?
form = PermissionsForm(**{
role: user.has_permissions(permissions=permissions) for role, permissions in roles.items()
})
if form.validate_on_submit():
user_api_client.set_user_permissions(
user_id, service_id,
permissions=set(chain.from_iterable(
permissions for role, permissions in roles.items() if form[role].data
)) | {'view_activity'}
)
return redirect(url_for('.manage_users', service_id=service_id))
return render_template(
'views/edit-user-permissions.html',
user=user,
form=form
)
def remove_user_from_service(service_id, user_id):
user = user_api_client.get_user(user_id)
form = PermissionsForm.from_user(user, service_id)
if request.method == 'POST':
try:
service_api_client.remove_user_from_service(service_id, user_id)
except HTTPError as e:
msg = "You cannot remove the only user for a service"
if e.status_code == 400 and msg in e.message:
flash(msg, 'info')
return redirect(url_for('.manage_users',
service_id=service_id))
else:
abort(500, e)
return redirect(url_for('.manage_users', service_id=service_id))
flash('Are you sure you want to remove {}?'.format(user.name), 'remove')
return render_template('views/edit-user-permissions.html',
user=user,
form=form)
def edit_user_permissions(service_id, user_id):
service_has_email_auth = current_service.has_permission('email_auth')
user = current_service.get_team_member(user_id)
mobile_number = None
if user.mobile_number:
mobile_number = redact_mobile_number(user.mobile_number, " ")
form = PermissionsForm.from_user(
user,
service_id,
folder_permissions=None if user.platform_admin else [
f['id'] for f in current_service.all_template_folders
if user.has_template_folder_permission(f)
],
all_template_folders=None
if user.platform_admin else current_service.all_template_folders)
if form.validate_on_submit():
user_api_client.set_user_permissions(
user_id,
service_id,
permissions=form.permissions,
folder_permissions=form.folder_permissions.data,
)
if service_has_email_auth:
user_api_client.update_user_attribute(
user_id, auth_type=form.login_authentication.data)
return redirect(url_for('.manage_users', service_id=service_id))
return render_template(
'views/edit-user-permissions.html',
user=user,
form=form,
service_has_email_auth=service_has_email_auth,
mobile_number=mobile_number,
delete=request.args.get('delete'),
)
def edit_user_permissions(service_id, user_id):
service_has_email_auth = current_service.has_permission("email_auth")
user = current_service.get_team_member(user_id)
mobile_number = None
if user.mobile_number:
mobile_number = redact_mobile_number(user.mobile_number, " ")
form = PermissionsForm.from_user(
user,
service_id,
folder_permissions=None if user.platform_admin else [
f["id"] for f in current_service.all_template_folders
if user.has_template_folder_permission(f)
],
all_template_folders=None
if user.platform_admin else current_service.all_template_folders,
)
if form.validate_on_submit():
user.set_permissions(
service_id,
permissions=form.permissions,
folder_permissions=form.folder_permissions.data,
)
if service_has_email_auth:
user.update(auth_type=form.login_authentication.data)
return redirect(url_for(".manage_users", service_id=service_id))
return render_template(
"views/edit-user-permissions.html",
user=user,
form=form,
service_has_email_auth=service_has_email_auth,
mobile_number=mobile_number,
delete=request.args.get("delete"),
)