def group_admin_create(context, data_dict): toolkit.check_access("group_admin_create", context, data_dict) session = context["session"] username = data_dict["username"] user_object = model.User.get(username) if GroupAdmin.exists(session, user_id=user_object.id): raise toolkit.ValidationError("user {0} is already a Group admin".format(username)) return GroupAdmin.create(session, user_id=user_object.id)
def group_list_authz(context, data_dict): """Return the list of groups that the user is authorized to edit. Replaces the core authz method of the same name.""" user = context["user"] model = context["model"] user_id = authz.get_user_id_for_username(user, allow_none=True) toolkit.check_access("group_list_authz", context, data_dict) if GroupAdmin.is_user_group_admin(model.Session, user_id): q = ( model.Session.query(model.Group) .filter(model.Group.is_organization == False) .filter(model.Group.state == "active") ) groups = q.all() group_list = model_dictize.group_list_dictize(groups, context) return group_list else: # defer to core method return core_group_list_authz(context, data_dict)
def decorate_has_user_permission_for_group_or_org(group_id, user_name, permission): user_id = authz.get_user_id_for_username(user_name, allow_none=True) if not user_id: return False if GroupAdmin.is_user_group_admin(model.Session, user_id): return True return method(group_id, user_name, permission)
def group_admin_delete(context, data_dict): toolkit.check_access("group_admin_delete", context, data_dict) session = context["session"] username = data_dict["username"] user_object = model.User.get(username) admin = GroupAdmin.get(session, user_id=user_object.id) if admin: session.delete(admin) session.commit() else: raise toolkit.ValidationError("user {0} is not a Group admin".format(username))
def group_admin_list(context, data_dict): toolkit.check_access("group_admin_list", context, data_dict) session = context["session"] user_ids = GroupAdmin.get_group_admin_ids(session) return [toolkit.get_action("user_show")(data_dict={"id": user_id}) for user_id in user_ids]