def add_owner(self, card_id):
if AppUser.for_user(users.get_current_user()).is_admin:
card = ReportCard.find_by_id(int(card_id))
card.owner_user_id.append(self.request.get('new_owner_id'))
card.put()
ReportCard.create(self.request.get('name'))
return webapp2.redirect_to('card-list')
def list_by_user(self, user=None):
if not user:
user = users.get_current_user()
app_user = AppUser.for_user(user)
if app_user.is_admin:
cards = self.list()
else:
cards = self.gql("WHERE owner_user_id = :1", user.user_id()).fetch(100)
return cards
def list(self, card_id):
# TODO: handle this some other way
AppUser.record_access(users.get_current_user())
current_user = AppUser.for_user(users.get_current_user())
template = JinjaEnv.get().get_template('templates/eval/list.html')
self.response.out.write(template.render({'card': ReportCard.find_by_id(int(card_id)), 'current_user': current_user}))
def is_authorized(self, user=None):
if not user:
user = users.get_current_user()
app_user = AppUser.for_user(user)
return app_user.is_admin or user.user_id() in self.owner_user_id
def makeAdmin(self, user=None):
if not user:
user = users.get_current_user()
u = AppUser.for_user(user)
u.is_admin = True
u.put()
def add_owner_form(self, card_id):
current_user = AppUser.for_user(users.get_current_user())
if current_user.is_admin:
template = JinjaEnv.get().get_template('templates/card/owner_add_form.html')
self.response.out.write(template.render({'card': ReportCard.find_by_id(int(card_id)), 'users': AppUser.list()}))