def get_record_permissions(recid=None):
if not recid:
return False
action_edit_record = RecordUpdateActionNeed(str(recid))
action_read_record = RecordReadActionNeed(str(recid))
action_index_record = RecordIndexActionNeed(str(recid))
permissions = dict()
permissions['u_edit'] = ActionUsers.query_by_action(
action_edit_record).all()
permissions['u_read'] = ActionUsers.query_by_action(
action_read_record).all()
permissions['u_index'] = ActionUsers.query_by_action(
action_index_record).all()
permissions['r_edit'] = ActionRoles.query_by_action(
action_edit_record).all()
permissions['r_read'] = ActionRoles.query_by_action(
action_read_record).all()
permissions['r_index'] = ActionRoles.query_by_action(
action_index_record).all()
result = permissions['u_edit'] + permissions['u_read'] + permissions['u_index'] + \
permissions['r_edit'] + permissions['r_read'] + permissions['r_index']
return result
def _add_experiment_permissions(cls, data, id_):
"""Add read permissions to everybody assigned to experiment."""
exp_need = exp_need_factory(data['_experiment'])
# give read access to members of collaboration
for au in ActionUsers.query_by_action(exp_need).all():
try:
ActionUsers.query_by_action(
RECORD_ACTION_NEEDS(id_)['record-read']
).filter_by(user=au.user).one()
except NoResultFound:
db.session.add(
ActionUsers.allow(
RECORD_ACTION_NEEDS(id_)['record-read'],
user=au.user
)
)
data['_access']['record-read']['users'].append(au.user.id)
for ar in ActionRoles.query_by_action(exp_need).all():
try:
ActionRoles.query_by_action(
RECORD_ACTION_NEEDS(id_)['record-read']
).filter_by(role=ar.role).one()
except NoResultFound:
db.session.add(
ActionRoles.allow(
RECORD_ACTION_NEEDS(id_)['record-read'],
role=ar.role
)
)
data['_access']['record-read']['roles'].append(ar.role.id)
def get_record_permissions(recid=None):
if not recid:
return False
action_edit_record = RecordUpdateActionNeed(str(recid))
action_read_record = RecordReadActionNeed(str(recid))
action_index_record = RecordIndexActionNeed(str(recid))
permissions = dict()
permissions['u_edit'] = ActionUsers.query_by_action(
action_edit_record).all()
permissions['u_read'] = ActionUsers.query_by_action(
action_read_record).all()
permissions['u_index'] = ActionUsers.query_by_action(
action_index_record).all()
permissions['r_edit'] = ActionRoles.query_by_action(
action_edit_record).all()
permissions['r_read'] = ActionRoles.query_by_action(
action_read_record).all()
permissions['r_index'] = ActionRoles.query_by_action(
action_index_record).all()
result = permissions['u_edit'] + permissions['u_read'] + permissions['u_index'] + \
permissions['r_edit'] + permissions['r_read'] + permissions['r_index']
return result
def _add_experiment_permissions(cls, data, id_):
"""Add read permissions to everybody assigned to experiment."""
exp_need = exp_need_factory(data['_experiment'])
# give read access to members of collaboration
for au in ActionUsers.query_by_action(exp_need).all():
try:
ActionUsers.query_by_action(
RECORD_ACTION_NEEDS(id_)['record-read']).filter_by(
user=au.user).one()
except NoResultFound:
db.session.add(
ActionUsers.allow(RECORD_ACTION_NEEDS(id_)['record-read'],
user=au.user))
data['_access']['record-read']['users'].append(au.user.id)
for ar in ActionRoles.query_by_action(exp_need).all():
try:
ActionRoles.query_by_action(
RECORD_ACTION_NEEDS(id_)['record-read']).filter_by(
role=ar.role).one()
except NoResultFound:
db.session.add(
ActionRoles.allow(RECORD_ACTION_NEEDS(id_)['record-read'],
role=ar.role))
data['_access']['record-read']['roles'].append(ar.role.id)
def team_management(community):
"""Team management for communities.
:param community_id: ID of the community to manage.
"""
Action = namedtuple("Action", ["title", "name", "existing"])
actions = []
permissions = _get_permissions()
for action in permissions:
# 12 = len("communities-")
a = Action(action[12:].replace("-", " ").capitalize(),
action,
ActionUsers.query_by_action(
_get_needs(action, community.id)).all())
actions.append(a)
ctx = mycommunities_ctx()
ctx.update({
"community": community,
"actions": actions
})
return render_template(
current_app.config['COMMUNITIES_TEAM_TEMPLATE'],
**ctx
)
def _add_experiment_permissions(self, experiment, permissions):
"""Add read permissions to everybody assigned to experiment."""
exp_need = exp_need_factory(experiment)
# give read access to members of collaboration
with db.session.begin_nested():
for au in ActionUsers.query_by_action(exp_need).all():
self._add_user_permissions(au.user, permissions, db.session)
for ar in ActionRoles.query_by_action(exp_need).all():
self._add_egroup_permissions(ar.role, permissions, db.session)
def _add_experiment_permissions(self, experiment, permissions):
"""Add read permissions to everybody assigned to experiment."""
exp_need = exp_need_factory(experiment)
# give read access to members of collaboration
with db.session.begin_nested():
for au in ActionUsers.query_by_action(exp_need).all():
self._add_user_permissions(au.user, permissions, db.session)
for ar in ActionRoles.query_by_action(exp_need).all():
self._add_egroup_permissions(ar.role, permissions, db.session)
