def permissionmanagement(permission):
form = form_edit_permission()
if current_user.is_authenticated:
if current_user.check_permission(
'usercenter_permission_add') and permission == 'add':
return render_template('usercenter/add_permission.html',
title=_('Add Permission'),
form=form)
elif current_user.check_permission(
'usercenter_permission_add') and permission != None:
permission = permission.replace("%20", "+")
print(permission)
if Permission.query.filter(
Permission.permissionname == permission).count() == 1:
permissiontoedit = permission
else:
flash("No legal permission found")
else:
flash('You are not allowed to change permission settings')
return redirect(url_for('usercenter.lobby'))
form = form_edit_permission()
permission = Permission.query.filter(
Permission.permissionname == permission).first()
print(form.permissionname.data, form.permissionaction.data)
if form.validate_on_submit():
# Add new one
if Permission.query.filter(Permission.permissionname ==
permission.permissionname).count() == 0:
newpermission = Permission(
permissionname=form.permissionname.data,
action=form.permissionaction.data)
db.session.add(newpermission)
db.session.commit()
flash('Permission ' + form.permissionname.data +
' has been created')
elif Permission.query.filter(
Permission.permissionname ==
permission.permissionname).count() == 1:
permission = Permission.query.filter(
Permission.permissionname == permissiontoedit).first()
permission.permissionname = form.permissionname.data
permission.action = form.permissionaction.data
flash('Permission has been updated')
db.session.commit()
return render_template('usercenter/edit_permission.html',
title=_('Edit Permission'),
form=form,
permission=permission)
def inner2(*args, **kwargs):
# if not g.user.check_permission(permission):
# abort(403, status=403, username=g.user.username, msg='authorization failed')
if not current_user.check_permission(permission):
from flask import abort
# abort(403)
return redirect(url_for('blue_error.vf_permission'))
return func(*args, **kwargs)
def delete_user(userid):
if current_user.is_authenticated:
if current_user.check_permission('delete_user'):
db.session.query(User).filter(user_id == userid).delete()
db.session.commit()
flash('User has been deleted')
return redirect(url_for('usercenter.lobby'))
return redirect(url_for('main.index'))
def inner2(*args, **kwargs):
# if not g.user.check_permission(permission):
# abort(403, status=403, username=g.user.username, msg='authorization failed')
if not current_user.check_permission(permission):
from flask import abort
# resp = Response()
# resp.data = 'Permission Required!'
# resp.status_code = 403
# abort(resp)
abort(403)
return func(*args, **kwargs)
def get_user(username):
# 访问他人主页时,需要main模块的WRITE权限
if current_user.username != username:
if not current_user.check_permission('main', WRITE_PERMISSION):
abort(403)
user = User.query.filter(User.username == username).first_or_404()
return render_template(
'main/user_item.jinja2',
title=_l('User Profile'),
user=user
)
def edit_post(id):
post = Post.query.get_or_404(id)
if current_user != post.author and not current_user.check_permission(Permission.ADMINISTER):
abort(403)
form = PostForm()
if form.validate_on_submit():
post.content = form.content.data
post.title = form.title.data
db.session.add(post)
db.session.commit()
flash('You have changed this article')
return redirect(url_for('show_post', id=post.id))
form.content.data = post.content
form.title.data = post.title
return render_template('/post/edit_post.html', form=form)
def add_role():
form = form_add_role()
if current_user.check_permission('usercenter_role_add'):
if form.validate_on_submit():
if db.session.query(Role).filter(
Role.rolename == form.roletoadd.data).count() == 0:
newrole = Role(rolename=form.roletoadd.data)
db.session.add(newrole)
db.session.commit()
flash('Role has been added!')
else:
flash('Role already exists!')
else:
print(form.errors)
return render_template('usercenter/add_role.html', form=form)
else:
flash('You have no permission to add new roles')
return redirect(url_for('usercenter.list_role'))
def delete_permission(permission):
permission = permission.replace("%20", "+")
if current_user.is_authenticated:
if current_user.check_permission(
'usercenter_permission_edit') and permission != None:
if Permission.query.filter(
Permission.permissionname == permission).count() == 1:
item = Permission.query.filter(
Permission.permissionname == permission).first()
#Permission.query.filter(Permission.permissionname == permission).delete()
db.session.delete(item)
db.session.commit()
else:
flash('You are not allowed to edit permissions')
return redirect(url_for('usercenter.permissionmanagement'))
else:
return redirect(url_for('auth.login'))
return redirect(url_for('usercenter.permissionmanagement'))
def usermanagement(username):
if current_user.is_authenticated:
if current_user.check_permission(
'usercenter_user_edit') and username != None:
if User.query.filter(User.username == username).count() == 1:
usertoedit = username
else:
flash("No legal user found")
usertoedit = current_user.username
else:
usertoedit = current_user.username
flash('You are not allowed to change other user settings')
return redirect('usercenter.usermanagement', username=username)
user = User.query.filter(User.username == usertoedit).first()
roles = Role.query.all()
form = form_edit_profile()
form2 = form_edit_role_for_user()
form2.role.choices = gamelist = [(g.id, g.rolename)
for g in Role.query.all()]
if form2.validate_on_submit():
if db.session.query(Usertorole).filter(
Usertorole.user_id == current_user.id).filter(
Usertorole.role_id == form2.role.data).count() == 0:
newrole = Usertorole(role_id=form2.role.data, user_id=user.id)
db.session.add(newrole)
db.session.commit()
if form.validate_on_submit():
if User.query.filter(User.username == form.username.data).count(
) == 0 and form.username.data != user:
if form.username.data == "":
flash("NO emptry username allowed")
else:
user.username = form.username.data
flash('Username has been updated')
user.email = form.email.data
user.real_name = form.name.data
db.session.commit()
flash('User has been updated')
return render_template('usercenter/edit_profile.html',
title=_('Edit User'),
form=form,
form2=form2,
user=user)
def usermanagement_revoke_permission(role, permission):
role = role.replace("%20", " ")
if current_user.is_authenticated:
if current_user.check_permission(
'usercenter_role_edit') and permission != None:
if Role.query.filter(Role.rolename == role).count() == 1:
roletoedit = Role.query.filter(Role.rolename == role).first()
db.session.query(Roletopermission).filter(
Roletopermission.role_id == roletoedit.id).filter(
Roletopermission.permission_id == permission).delete()
db.session.commit()
else:
flash("No legal Role found")
return redirect(url_for('usercenter.rolemanagement',
role=role))
else:
flash('You are not allowed to change Role settings')
return redirect(url_for('usercenter.rolemanagement', role=role))
return redirect(url_for('usercenter.rolemanagement', role=role))
def usermanagement_revoke_role(username, role):
if current_user.is_authenticated:
if current_user.check_permission(
'usercenter_user_edit') and username != None:
if User.query.filter(User.username == username).count() == 1:
usertoedit = username
user = User.query.filter(User.username == usertoedit).first()
db.session.query(Usertorole).filter(
Usertorole.user_id == user.id).filter(
Usertorole.role_id == role).delete()
db.session.commit()
else:
flash("No legal user found")
usertoedit = current_user.username
else:
usertoedit = current_user.username
flash('You are not allowed to change other user settings')
return redirect(
url_for('usercenter.usermanagement', username=user.username))
return redirect(
url_for('usercenter.usermanagement', username=user.username))
def rolemanagement(role):
if current_user.is_authenticated:
if current_user.check_permission('usercenter_role_edit'):
if role != None:
role = role.replace("%20", "+")
print(role)
if Role.query.filter(Role.rolename == role).count() == 1:
roletoedit = role
else:
flash("No legal role found")
return redirect(url_for('usercenter.list_role'))
else:
return redirect(url_for('usercenter.lobby'))
else:
flash('You are not allowed to change')
return redirect(url_for('usercenter.lobby'))
role = Role.query.filter(Role.rolename == roletoedit).first()
form = form_edit_role()
if form.validate_on_submit():
if form.old_rolename.data != form.rolename.data:
if Role.query.filter(
Role.rolename == form.old_rolename.data).count() == 1:
role.rolename = form.rolename.data
db.session.commit()
flash('Rolename has been changed to ' + form.rolename.data)
print(role.rolename)
return redirect(
url_for('usercenter.rolemanagement',
role=role.rolename))
if Role.query.filter(
Role.rolename == form.old_rolename.data).count() == 0:
newrole = Role(rolename=form.rolename.data)
db.session.add(newrole)
db.session.commit()
flash('Rolename ' + form.rolename.data +
' has been created ')
print(role.rolename)
else:
flash('Rolename already exists')
flash(roletoedit)
permissionlist = db.session.query(Permission).all()
form2 = form_edit_role_add_perm()
form2.permissiontoadd.choices = [(g.id, g.permissionname)
for g in Permission.query.all()]
if form2.validate_on_submit():
if db.session.query(Roletopermission).filter(
Roletopermission.permission_id ==
form2.permissiontoadd.data).filter(
Roletopermission.role_id == role.id).count() == 0:
permissionid = db.session.query(Permission).filter(
Permission.id == form2.permissiontoadd.data).first()
NewRoletopermission = Roletopermission(
role_id=role.id, permission_id=permissionid.id)
db.session.add(NewRoletopermission)
db.session.commit()
#choicelist = [(g.id, g.permissionname) for g in db.session.query(Permission).all()]
#print(choicelist)
# form2.permissiontoadd.choices=choicelist
return render_template('usercenter/edit_role.html',
title=_('Edit Role'),
form=form,
form2=form2,
role=role,
permissionlist=permissionlist)
def decorated_function(*args, **kwargs):
if not current_user.check_permission(permission):
abort(403)
return f(*args, **kwargs)