def adminPrivilegesPost(handler, p_grant): handler.title("Privileges") requirePriv(handler, 'Admin') p_grant = {name: privs.keys() for name, privs in p_grant.iteritems()} privNames = set() for privs in p_grant.values(): privNames |= set(privs) if not privNames <= set(privList.keys()): ErrorBox.die("Update privileges", "Unrecognized privilege name") for user in User.loadAll(): for priv in privList: privs = p_grant.get(user.username, []) has = user.hasPrivilege(priv) if has and priv not in privs: print "Revoking %s from %s<br>" % (priv, user.username) user.privileges.remove(priv) Event.revokePrivilege(handler, user, priv) elif not has and priv in privs: print "Granting %s to %s<br>" % (priv, user.username) user.privileges.add(priv) Event.grantPrivilege(handler, user, priv, False) user.save() print "Done"