def set_view_permissions(view_name, permission_names):
view = View.search(view_name)
permissions = get_permissions(permission_names)
if not view:
view = View(
view_name=view_name
)
view.add()
view.add_permissions(permissions)
def has_view_permissions(self, view_name):
view = View.search(view_name)
if self.is_dev() or not view:
return True
if self.is_admin() and not view.requires_dev():
return True
for permission in self.permissions:
if permission in set(view.permissions):
return True
return False
def main_page():
users = User.get_all()
views = View.get_all()
if request.method == "POST":
search_term = request.form['search_term']
user = User.search(search_term)
if user:
return redirect(
url_for('user.update', id=user.id)
)
view = View.search(search_term)
if view:
return redirect(
url_for('view.update', id=view.id)
)
return render_template(
"admin/main-page.html",
user_heads=username_head,
users=users,
views=views
)
def inject_view_and_permissions():
return dict(
view=View.search(request.endpoint),
permissions=Permission.get_all()
)
def test_should_return_none_given_invalid_name(self):
view = View.search("Non existent name")
self.assertEqual(view, None)
def test_should_return_permission_given_valid_name(self):
view = View.search("Test View")
self.assertEqual(view, self.view)
