Пример #1
0
def permission_user_new(client):
    if client.user:
        available_perms = Permission.query.filter(
            db.or_(Permission.allusers == True,
                   Permission.user == current_auth.user)).order_by(
                       Permission.name).all()  # NOQA
        form = UserPermissionAssignForm()
    elif client.org:
        available_perms = Permission.query.filter(
            db.or_(Permission.allusers == True,
                   Permission.org == client.org)).order_by(
                       Permssion.name).all()  # NOQA
        form = TeamPermissionAssignForm()
        form.org = client.org
        form.team_id.choices = [(team.buid, team.title)
                                for team in client.org.teams]
    else:
        abort(403)  # This should never happen. Clients always have an owner.
    form.perms.choices = [(ap.name,
                           _(u"{name} – {title}").format(name=ap.name,
                                                         title=ap.title))
                          for ap in available_perms]
    if form.validate_on_submit():
        perms = set()
        if client.user:
            permassign = UserClientPermissions.query.filter_by(
                user=form.user.data, client=client).first()
            if permassign:
                perms.update(permassign.access_permissions.split(u' '))
            else:
                permassign = UserClientPermissions(user=form.user.data,
                                                   client=client)
                db.session.add(permassign)
        else:
            permassign = TeamClientPermissions.query.filter_by(
                team=form.team, client=client).first()
            if permassign:
                perms.update(permassign.access_permissions.split(u' '))
            else:
                permassign = TeamClientPermissions(team=form.team,
                                                   client=client)
                db.session.add(permassign)
        perms.update(form.perms.data)
        permassign.access_permissions = u' '.join(sorted(perms))
        db.session.commit()
        if client.user:
            flash(
                _(u"Permissions have been assigned to user {pname}").format(
                    pname=form.user.data.pickername), 'success')
        else:
            flash(
                _(u"Permissions have been assigned to team ‘{pname}’").format(
                    pname=permassign.team.pickername), 'success')
        return render_redirect(url_for('.client_info', key=client.key),
                               code=303)
    return render_form(form=form,
                       title=_("Assign permissions"),
                       formid='perm_assign',
                       submit=_("Assign permissions"))
Пример #2
0
def permission_user_edit(client, kwargs):
    if client.user:
        user = User.get(userid=kwargs['userid'])
        if not user:
            abort(404)
        available_perms = Permission.query.filter(
            db.or_(Permission.allusers == True,
                   Permission.user == g.user)).order_by('name').all()
        permassign = UserClientPermissions.query.filter_by(
            user=user, client=client).first_or_404()
    elif client.org:
        team = Team.get(userid=kwargs['userid'])
        if not team:
            abort(404)
        available_perms = Permission.query.filter(
            db.or_(Permission.allusers == True,
                   Permission.org == client.org)).order_by('name').all()
        permassign = TeamClientPermissions.query.filter_by(
            team=team, client=client).first_or_404()
    form = PermissionEditForm()
    form.perms.choices = [(ap.name, u"{name} – {title}".format(name=ap.name,
                                                               title=ap.title))
                          for ap in available_perms]
    if request.method == 'GET':
        if permassign:
            form.perms.data = permassign.access_permissions.split(u' ')
    if form.validate_on_submit():
        form.perms.data.sort()
        perms = u' '.join(form.perms.data)
        if not perms:
            db.session.delete(permassign)
        else:
            permassign.access_permissions = perms
        db.session.commit()
        if perms:
            if client.user:
                flash(
                    u"Permissions have been updated for user {pname}".format(
                        pname=user.pickername), 'success')
            else:
                flash(
                    u"Permissions have been updated for team {title}".format(
                        title=team.title), 'success')
        else:
            if client.user:
                flash(
                    u"All permissions have been revoked for user {pname}".
                    format(pname=user.pickername), 'success')
            else:
                flash(
                    u"All permissions have been revoked for team {title}".
                    format(title=team.title), 'success')
        return render_redirect(url_for('.client_info', key=client.key),
                               code=303)
    return render_form(form=form,
                       title="Edit permissions",
                       formid="perm_edit",
                       submit="Save changes",
                       ajax=True)
Пример #3
0
def permission_user_new(client):
    if client.user:
        available_perms = Permission.query.filter(
            db.or_(Permission.allusers == True,
                   Permission.user == g.user)).order_by('name').all()
        form = UserPermissionAssignForm()
    elif client.org:
        available_perms = Permission.query.filter(
            db.or_(Permission.allusers == True,
                   Permission.org == client.org)).order_by('name').all()
        form = TeamPermissionAssignForm()
        form.org = client.org
        form.team_id.choices = [(team.userid, team.title)
                                for team in client.org.teams]
    else:
        abort(403)  # This should never happen. Clients always have an owner.
    form.perms.choices = [(ap.name, u"%s – %s" % (ap.name, ap.title))
                          for ap in available_perms]
    if form.validate_on_submit():
        perms = set()
        if client.user:
            permassign = UserClientPermissions.query.filter_by(
                user=form.user, client=client).first()
            if permassign:
                perms.update(permassign.access_permissions.split(u' '))
            else:
                permassign = UserClientPermissions(user=form.user,
                                                   client=client)
                db.session.add(permassign)
        else:
            permassign = TeamClientPermissions.query.filter_by(
                team=form.team, client=client).first()
            if permassign:
                perms.update(permassign.access_permissions.split(u' '))
            else:
                permassign = TeamClientPermissions(team=form.team,
                                                   client=client)
                db.session.add(permassign)
        perms.update(form.perms.data)
        permassign.access_permissions = u' '.join(sorted(perms))
        db.session.commit()
        if client.user:
            flash(
                "Permissions have been assigned to user %s" %
                form.user.pickername, 'success')
        else:
            flash(
                "Permissions have been assigned to team '%s'" %
                permassign.team.pickername, 'success')
        return render_redirect(url_for('.client_info', key=client.key),
                               code=303)
    return render_form(form=form,
                       title="Assign permissions",
                       formid="perm_assign",
                       submit="Assign permissions",
                       ajax=True)
Пример #4
0
def client_list():
    if g.user:
        return render_template('client_list.html', clients=Client.query.filter(db.or_(Client.user == g.user,
            Client.org_id.in_(g.user.organizations_owned_ids()))).order_by('title').all())
    else:
        # TODO: Show better UI for non-logged in users
        return render_template('client_list.html', clients=[])
Пример #5
0
def permission_list():
    allperms = Permission.query.filter_by(allusers=True).order_by('name').all()
    userperms = Permission.query.filter(
        db.or_(Permission.user_id == g.user.id,
               Permission.org_id.in_(g.user.organizations_owned_ids()))
        ).order_by('name').all()
    return render_template('permission_list.html', allperms=allperms, userperms=userperms)
Пример #6
0
def permission_list():
    allperms = Permission.query.filter_by(allusers=True).order_by('name').all()
    userperms = Permission.query.filter(
        db.or_(Permission.user_id == current_auth.user.id,
               Permission.org_id.in_(current_auth.user.organizations_owned_ids()))
        ).order_by('name').all()
    return render_template('permission_list.html.jinja2', allperms=allperms, userperms=userperms)
Пример #7
0
def client_list():
    if g.user:
        return render_template('client_list.html', clients=Client.query.filter(db.or_(Client.user == g.user,
            Client.org_id.in_(g.user.organizations_owned_ids()))).order_by('title').all())
    else:
        # TODO: Show better UI for non-logged in users
        return render_template('client_list.html', clients=[])
Пример #8
0
def permission_user_edit(client, kwargs):
    if client.user:
        user = User.get(userid=kwargs['userid'])
        if not user:
            abort(404)
        available_perms = Permission.query.filter(db.or_(
            Permission.allusers == True,
            Permission.user == g.user)).order_by('name').all()
        permassign = UserClientPermissions.query.filter_by(user=user, client=client).first_or_404()
    elif client.org:
        team = Team.get(userid=kwargs['userid'])
        if not team:
            abort(404)
        available_perms = Permission.query.filter(db.or_(
            Permission.allusers == True,
            Permission.org == client.org)).order_by('name').all()
        permassign = TeamClientPermissions.query.filter_by(team=team, client=client).first_or_404()
    form = PermissionEditForm()
    form.perms.choices = [(ap.name, u"{name} – {title}".format(name=ap.name, title=ap.title)) for ap in available_perms]
    if request.method == 'GET':
        if permassign:
            form.perms.data = permassign.access_permissions.split(u' ')
    if form.validate_on_submit():
        form.perms.data.sort()
        perms = u' '.join(form.perms.data)
        if not perms:
            db.session.delete(permassign)
        else:
            permassign.access_permissions = perms
        db.session.commit()
        if perms:
            if client.user:
                flash(u"Permissions have been updated for user {pname}".format(pname=user.pickername), 'success')
            else:
                flash(u"Permissions have been updated for team {title}".format(title=team.title), 'success')
        else:
            if client.user:
                flash(u"All permissions have been revoked for user {pname}".format(pname=user.pickername), 'success')
            else:
                flash(u"All permissions have been revoked for team {title}".format(title=team.title), 'success')
        return render_redirect(url_for('.client_info', key=client.key), code=303)
    return render_form(form=form, title="Edit permissions", formid="perm_edit", submit="Save changes", ajax=True)
Пример #9
0
def permission_user_new(client):
    if client.user:
        available_perms = Permission.query.filter(db.or_(
            Permission.allusers == True,
            Permission.user == current_auth.user)).order_by('name').all()  # NOQA
        form = UserPermissionAssignForm()
    elif client.org:
        available_perms = Permission.query.filter(db.or_(
            Permission.allusers == True,
            Permission.org == client.org)).order_by('name').all()  # NOQA
        form = TeamPermissionAssignForm()
        form.org = client.org
        form.team_id.choices = [(team.buid, team.title) for team in client.org.teams]
    else:
        abort(403)  # This should never happen. Clients always have an owner.
    form.perms.choices = [(ap.name, _(u"{name} – {title}").format(name=ap.name, title=ap.title)) for ap in available_perms]
    if form.validate_on_submit():
        perms = set()
        if client.user:
            permassign = UserClientPermissions.query.filter_by(user=form.user.data, client=client).first()
            if permassign:
                perms.update(permassign.access_permissions.split(u' '))
            else:
                permassign = UserClientPermissions(user=form.user.data, client=client)
                db.session.add(permassign)
        else:
            permassign = TeamClientPermissions.query.filter_by(team=form.team, client=client).first()
            if permassign:
                perms.update(permassign.access_permissions.split(u' '))
            else:
                permassign = TeamClientPermissions(team=form.team, client=client)
                db.session.add(permassign)
        perms.update(form.perms.data)
        permassign.access_permissions = u' '.join(sorted(perms))
        db.session.commit()
        if client.user:
            flash(_(u"Permissions have been assigned to user {pname}").format(pname=form.user.data.pickername), 'success')
        else:
            flash(_(u"Permissions have been assigned to team ‘{pname}’").format(pname=permassign.team.pickername), 'success')
        return render_redirect(url_for('.client_info', key=client.key), code=303)
    return render_form(form=form, title=_("Assign permissions"), formid='perm_assign',
        submit=_("Assign permissions"))
Пример #10
0
def permission_user_new(client):
    if client.user:
        available_perms = Permission.query.filter(db.or_(
            Permission.allusers == True,
            Permission.user == g.user)).order_by('name').all()
        form = UserPermissionAssignForm()
    elif client.org:
        available_perms = Permission.query.filter(db.or_(
            Permission.allusers == True,
            Permission.org == client.org)).order_by('name').all()
        form = TeamPermissionAssignForm()
        form.org = client.org
        form.team_id.choices = [(team.userid, team.title) for team in client.org.teams]
    else:
        abort(403)  # This should never happen. Clients always have an owner.
    form.perms.choices = [(ap.name, u"%s – %s" % (ap.name, ap.title)) for ap in available_perms]
    if form.validate_on_submit():
        perms = set()
        if client.user:
            permassign = UserClientPermissions.query.filter_by(user=form.user, client=client).first()
            if permassign:
                perms.update(permassign.access_permissions.split(u' '))
            else:
                permassign = UserClientPermissions(user=form.user, client=client)
                db.session.add(permassign)
        else:
            permassign = TeamClientPermissions.query.filter_by(team=form.team, client=client).first()
            if permassign:
                perms.update(permassign.access_permissions.split(u' '))
            else:
                permassign = TeamClientPermissions(team=form.team, client=client)
                db.session.add(permassign)
        perms.update(form.perms.data)
        permassign.access_permissions = u' '.join(sorted(perms))
        db.session.commit()
        if client.user:
            flash("Permissions have been assigned to user %s" % form.user.pickername, 'success')
        else:
            flash("Permissions have been assigned to team '%s'" % permassign.team.pickername, 'success')
        return render_redirect(url_for('.client_info', key=client.key), code=303)
    return render_form(form=form, title="Assign permissions", formid="perm_assign", submit="Assign permissions", ajax=True)
Пример #11
0
def client_list():
    if current_auth.is_authenticated:
        return render_template(
            'client_list.html.jinja2',
            clients=Client.query.filter(
                db.or_(
                    Client.user == current_auth.user,
                    Client.org_id.in_(current_auth.user.
                                      organizations_owned_ids()))).order_by(
                                          Client.title).all())
    else:
        # TODO: Show better UI for non-logged in users
        return render_template('client_list.html.jinja2', clients=[])
Пример #12
0
def client_list():
    if current_auth.is_authenticated:
        return render_template('client_list.html.jinja2', clients=Client.query.filter(db.or_(Client.user == current_auth.user,
            Client.org_id.in_(current_auth.user.organizations_owned_ids()))).order_by('title').all())
    else:
        # TODO: Show better UI for non-logged in users
        return render_template('client_list.html.jinja2', clients=[])