예제 #1
0
def delete(slug, id):
    project = object_or_404(Project.by_slug(slug))
    authz.require(authz.project_manage(project))
    permission = object_or_404(Permission.by_project_and_id(project, id))
    permissions.delete(permission)
    db.session.commit()
    raise Gone()
예제 #2
0
def delete(slug, id):
    project = object_or_404(Project.by_slug(slug))
    authz.require(authz.project_manage(project))
    permission = object_or_404(Permission.by_project_and_id(project, id))
    permissions.delete(permission)
    db.session.commit()
    raise Gone()
예제 #3
0
def update(slug, id):
    project = object_or_404(Project.by_slug(slug))
    authz.require(authz.project_manage(project))
    permission = object_or_404(Permission.by_project_and_id(project, id))
    data = request_data({'project': project})
    permission = permissions.save(data, permission=permission)
    db.session.commit()
    return jsonify(permission)
예제 #4
0
def index(slug):
    project = object_or_404(Project.by_slug(slug))
    authz.require(authz.project_manage(project))
    query = Permission.all()
    query = query.filter_by(project=project)
    pager = Pager(query, slug=slug)
    validate_cache(keys=pager.cache_keys())
    return jsonify(pager, index=True)
예제 #5
0
def index(slug):
    project = object_or_404(Project.by_slug(slug))
    authz.require(authz.project_manage(project))
    query = Permission.all()
    query = query.filter_by(project=project)
    pager = Pager(query)
    conv = lambda es: [permissions.to_rest_index(e) for e in es]
    return jsonify(pager.to_dict(conv))
예제 #6
0
def update(slug, id):
    project = object_or_404(Project.by_slug(slug))
    authz.require(authz.project_manage(project))
    permission = object_or_404(Permission.by_project_and_id(project, id))
    data = request_data({'project': project})
    permission = permissions.save(data, permission=permission)
    db.session.commit()
    return jsonify(permission)
예제 #7
0
def index(slug):
    project = object_or_404(Project.by_slug(slug))
    authz.require(authz.project_manage(project))
    query = Permission.all()
    query = query.filter_by(project=project)
    pager = Pager(query, slug=slug)
    validate_cache(keys=pager.cache_keys())
    return jsonify(pager, index=True)
예제 #8
0
def _project_and_permission(private=False,
                            reader=False,
                            editor=False,
                            admin=False,
                            account_id=1):
    project = Project(private=private)
    db.session.add(project)
    db.session.commit()
    perm = Permission(account_id=account_id,
                      project_id=project.id,
                      reader=reader,
                      editor=editor,
                      admin=admin)
    db.session.add(perm)
    db.session.commit()
    return project, perm
예제 #9
0
def save(data, permission=None):
    validator = PermissionValidator()
    data = validator.deserialize(data)

    if permission is None:
        q = Permission.all()
        q = q.filter(Permission.project == data['project'])
        q = q.filter(Permission.account == data['account'])
        permission = q.first()

    if permission is None:
        permission = Permission()
        permission.project = data.get('project')
        permission.account = data.get('account')

    permission.reader = data['reader'] or data['editor'] or data['admin']
    permission.editor = data['editor'] or data['admin']
    permission.admin = data['admin']

    db.session.add(permission)
    db.session.flush()
    return permission
예제 #10
0
파일: authz.py 프로젝트: 4bic/grano
def permissions():
    """ Cache the full matrix of which projects this user has access to. """
    if not hasattr(request, "permissions"):
        matrix = {"reader": set(), "editor": set(), "admin": set()}
        q = db.session.query(Project.id)
        q = q.filter(Project.private == False)
        matrix["reader"].update([id for id, in q.all()])

        if logged_in():
            q = Permission.all()
            q = q.filter_by(account=request.account)
            for perm in q.all():
                if perm.reader:
                    matrix["reader"].add(perm.project_id)
                if perm.editor:
                    matrix["editor"].add(perm.project_id)
                if perm.admin:
                    matrix["admin"].add(perm.project_id)
        request.permissions = matrix
    return request.permissions
예제 #11
0
def permissions():
    """ Cache the full matrix of which projects this user has access to. """
    if not hasattr(request, 'permissions'):
        matrix = {'reader': set(), 'editor': set(), 'admin': set()}
        q = db.session.query(Project.id)
        q = q.filter(Project.private == False)
        matrix['reader'].update([id for id, in q.all()])

        if logged_in():
            q = Permission.all()
            q = q.filter_by(account=request.account)
            for perm in q.all():
                if perm.reader:
                    matrix['reader'].add(perm.project_id)
                if perm.editor:
                    matrix['editor'].add(perm.project_id)
                if perm.admin:
                    matrix['admin'].add(perm.project_id)
        request.permissions = matrix
    return request.permissions
예제 #12
0
def save(data, permission=None):
    validator = PermissionValidator()
    data = validator.deserialize(data)

    if permission is None:
        q = Permission.all()
        q = q.filter(Permission.project == data["project"])
        q = q.filter(Permission.account == data["account"])
        permission = q.first()

    if permission is None:
        permission = Permission()
        permission.project = data.get("project")
        permission.account = data.get("account")

    permission.reader = data["reader"] or data["editor"] or data["admin"]
    permission.editor = data["editor"] or data["admin"]
    permission.admin = data["admin"]

    db.session.add(permission)
    db.session.flush()
    return permission
예제 #13
0
파일: permissions.py 프로젝트: 01-/grano
def save(data, permission=None):
    validator = PermissionValidator()
    data = validator.deserialize(data)

    if permission is None:
        q = Permission.all()
        q = q.filter(Permission.project == data['project'])
        q = q.filter(Permission.account == data['account'])
        permission = q.first()

    if permission is None:
        permission = Permission()
        permission.project = data.get('project')
        permission.account = data.get('account')

    permission.reader = data['reader'] or data['editor'] or data['admin']
    permission.editor = data['editor'] or data['admin']
    permission.admin = data['admin']

    db.session.add(permission)
    db.session.flush()
    return permission
예제 #14
0
def view(slug, id):
    project = object_or_404(Project.by_slug(slug))
    permission = object_or_404(Permission.by_project_and_id(project, id))
    authz.require(authz.project_manage(project) or
                  request.account == permission.account)
    return jsonify(permission)
예제 #15
0
def _find_permission(project):
    q = Permission.all()
    q = q.filter_by(project=project)
    q = q.filter_by(account=request.account)
    return q
예제 #16
0
def view(slug, id):
    project = object_or_404(Project.by_slug(slug))
    permission = object_or_404(Permission.by_project_and_id(project, id))
    authz.require(
        authz.project_manage(project) or request.account == permission.account)
    return jsonify(permission)