def perm_edit_record(record): if record.is_agg_final(): return Denial(need.everybody) return Permission( need.admin, *get_roles_for_subject('reporter', record.subject) + get_roles_for_subject('reviewer', record.subject))
def vote(self): needs = [ UserNeed(User.query.get(user_id).username) for user_id in self.votes ] needs.append(UserNeed(self.author.username)) return auth & Denial(*needs)
def perm_delete_comment(comment): if comment.cons_status not in EDITABLE_STATUS_LIST: return Permission(need.impossible) if comment.cons_status == APPROVED_STATUS: return Denial(need.everybody) elif comment.cons_user_id: return Permission(need.admin, need.user_id(comment.cons_user_id)) else: return Permission(need.admin)
def vote(self): needs = [UserNeed(user_id) for user_id in self.obj.votes] needs.append(UserNeed(self.obj.author_id)) return auth & Denial(*needs)
# -*- coding: utf-8 -*- from flask.ext.principal import RoleNeed, Permission, identity_loaded, Denial user_permission = Permission(RoleNeed('user')) org_permission = Permission(RoleNeed('org')) anonymous_permission = Denial(RoleNeed('user'), RoleNeed('org')) def config_identity(app): @identity_loaded.connect_via(app) def on_identity_loaded(sender, identity): if identity.id: if u'o' in identity.id: identity.provides.add(RoleNeed('org')) elif u'u' in identity.id: identity.provides.add(RoleNeed('user'))