def on_identity_loaded(sender, identity):
# Set the identity user object
identity.user = current_user
permissions = dqusers.userPermissions(identity.id)
if hasattr(current_user, 'id'):
identity.provides.add(UserNeed(current_user.id))
def set_survey_permissions(permission):
identity.provides.add((unicode(permission.permission_name), unicode(permission.permission_method), unicode(permission.permission_value)))
def set_permissions(permission):
if (permission.permission_name=='tests' and permission.permission_method=='edit'):
identity.provides.add(EditTestNeed(unicode(permission.permission_value)))
if (permission.permission_name=='organisation' and permission.permission_method=='view'):
identity.provides.add(ViewOrganisationNeed(unicode(permission.permission_value)))
if (permission.permission_name=='organisation_feedback' and permission.permission_method=='create'):
identity.provides.add(CreateOrganisationFeedbackNeed(unicode(permission.permission_value)))
if (permission.permission_method=='role'):
identity.provides.add(RoleNeed(permission.permission_name))
if (permission.permission_name.startswith('survey')):
set_survey_permissions(permission)
#with db.session.begin():
for permission in permissions:
set_permissions(permission)
def users_edit(username=None):
if username:
user = dqusers.user_by_username(username)
permissions = dqusers.userPermissions(user.id)
if request.method == 'POST':
if user:
flash('Successfully updated user.', 'success')
else:
user = {}
flash('Could not update user.', 'error')
else:
if request.method == 'POST':
user = dqusers.addUser({
'username': request.form['username'],
'password': request.form['password'],
'name': request.form['name'],
'email_address': request.form['email_address'],
'organisation': request.form['organisation']
})
if user:
flash('Successfully added new user', 'success')
else:
flash('Could not add user user', 'error')
else:
user = {}
permissions = {}
return render_template("users_edit.html",
user=user,
permissions=permissions,
admin=usermanagement.check_perms('admin'),
loggedinuser=current_user)
def users_edit(username=None):
user = {}
permissions = {}
if username:
user = dqusers.user_by_username(username)
permissions = dqusers.userPermissions(user.id)
if request.method == "POST":
if user:
data = {
"username": username,
"password": request.form.get("password"),
"name": request.form["name"],
"email_address": request.form["email_address"],
"organisation": request.form["organisation"],
}
user = dqusers.updateUser(data)
flash("Successfully updated user.", "success")
else:
user = {}
flash("Could not update user.", "error")
else:
if request.method == "POST":
user = dqusers.addUser(
{
"username": request.form["username"],
"password": request.form["password"],
"name": request.form["name"],
"email_address": request.form["email_address"],
"organisation": request.form["organisation"],
}
)
if user:
flash("Successfully added new user", "success")
else:
flash("Could not add user user", "error")
return render_template(
"users_edit.html",
user=user,
permissions=permissions,
admin=usermanagement.check_perms("admin"),
loggedinuser=current_user,
)
