def get_user_groups():
if current_user.has_role('admin'):
groups = Group.objects()
else:
groups = Group.objects(members__in=[current_user.id])
return groups
def sharing_permissions(self, sharing_with, investigation=False, invest_id=False):
groups = False
if sharing_with == "all":
Investigation.objects.get(id=invest_id or self.id).update(set__sharing=[])
elif sharing_with == "private":
Investigation.objects.get(id=invest_id or self.id).update(add_to_set__sharing=[current_user.id])
elif sharing_with == "allg":
groups = Group.objects(members__in=[current_user.id])
else:
groups = Group.objects(id=sharing_with)
if groups:
Investigation.objects.get(id=self.id).update(add_to_set__sharing=[group.id for group in groups])
def deladmin(self):
gid = request.args.get("gid")
uid = request.args.get("uid")
user = get_object_or_404(User, id=uid)
group = get_object_or_404(Group, id=gid)
if group and current_user.has_role("admin") or \
Group.objects(admins__in=[current_user.id], id=gid, enabled=True):
#ToDo reload page
group.update(pull__admins=user.id)
flash(
"User: {} deleted from admins: {}".format(
user.username, group.groupname), "success")
return redirect(request.referrer)
def usertogroup(self):
gid = request.form.get("gid")
uid = request.form.get("uid")
user = get_object_or_404(User, id=uid)
group = get_object_or_404(Group, id=gid)
if user and current_user.has_role("admin") or \
Group.objects(admins__in=[current_user.id], id=gid, enabled=True):
group.update(add_to_set__members=user.id)
flash(
"Added user: {} to group: {}".format(user.username,
group.groupname),
"success")
return redirect(request.referrer)
def profile(self):
if request.args.get("id"):
gid = request.args.get("id")
group = get_object_or_404(Group, id=gid)
if current_user.has_role("admin") or \
Group.objects(admins__in=[current_user.id], id=gid, enabled=True):
return render_template(
"group/profile.html",
group=group,
users=User.objects.all(),
)
flash("Group not specified", "dangeros")
return redirect(request.referrer)
def profile(self):
if request.args.get("id") and current_user.has_role("admin"):
user = get_object_or_404(User, id=request.args.get("id"))
else:
user = current_user
if request.method == "POST":
for setting in request.form:
if request.form[setting]:
user.settings[setting] = request.form[setting]
user.save()
for setting in request.form:
if not request.form[setting]:
user.settings.pop(setting, None)
user.save()
groups = Group.objects(members__in=[user.id])
all_groups = Group.objects()
if current_user.has_role("admin") and user.id != current_user.id:
return render_template(
"user/profile_admin.html",
available_settings=User.get_available_settings(),
user=user,
groups=groups,
all_groups=all_groups,
)
else:
return render_template(
"user/profile.html",
available_settings=User.get_available_settings(),
user=user,
groups=groups,
all_groups=all_groups,
)
def create_group(groupname):
try:
return Group(groupname=groupname).save()
except NotUniqueError:
return False