def validate(self): rv = super(PermissionForm, self).validate() if not rv: return False if not valid_username(self.name.data): self.name.errors.append("Name contains invalid characters") return False existing = Permission.get(name=self.name.data, allusers=True) if existing and existing.id != self.edit_id: self.name.errors.append( "A global permission with that name already exists") return False if self.context.data == self.edit_user.userid: existing = Permission.get(name=self.name.data, user=self.edit_user) else: org = Organization.get(userid=self.context.data) if org: existing = Permission.get(name=self.name.data, org=org) else: existing = None if existing and existing.id != self.edit_id: self.name.errors.append( "You have another permission with the same name") return False return True
def validate(self): rv = super(PermissionForm, self).validate() if not rv: return False if not valid_username(self.name.data): self.name.errors.append(_("Name contains invalid characters")) return False existing = Permission.get(name=self.name.data, allusers=True) if existing and existing.id != self.edit_id: self.name.errors.append(_("A global permission with that name already exists")) return False if self.context.data == self.edit_user.buid: existing = Permission.get(name=self.name.data, user=self.edit_user) else: org = Organization.get(buid=self.context.data) if org: existing = Permission.get(name=self.name.data, org=org) else: existing = None if existing and existing.id != self.edit_id: self.name.errors.append(_("You have another permission with the same name")) return False return True
def permission_new(): form = PermissionForm() form.context.choices = available_client_owners() if request.method == 'GET': form.context.data = g.user.userid if form.validate_on_submit(): perm = Permission() form.populate_obj(perm) perm.user = form.user perm.org = form.org perm.allusers = False db.session.add(perm) db.session.commit() flash("Your new permission has been defined", 'success') return render_redirect(url_for('.permission_list'), code=303) return render_form(form=form, title="Define a new permission", formid="perm_new", submit="Define new permission", ajax=True)
def permission_new(): form = PermissionForm() form.edit_user = current_auth.user form.context.choices = available_client_owners() if request.method == 'GET': form.context.data = current_auth.user.buid if form.validate_on_submit(): perm = Permission() form.populate_obj(perm) perm.user = form.user perm.org = form.org perm.allusers = False db.session.add(perm) db.session.commit() flash(_("Your new permission has been defined"), 'success') return render_redirect(url_for('.permission_list'), code=303) return render_form(form=form, title=_("Define a new permission"), formid='perm_new', submit=_("Define new permission"), ajax=True)
# Add fixtures for test app # user for CRUD workflow: creating client app gustav = User(username=u"gustav", fullname=u"Gustav 'world' Dachshund", password='******') # org for associating with client # client for CRUD workflow of defining perms *in* client # spare user for CRUD workflow of assigning permissions oakley = User(username=u"oakley", fullname=u"Oakley 'huh' Dachshund") dachsunited = Organization(name=u"dachsunited", title=u"Dachs United") dachsunited.owners.users.append(gustav) dachsunited.members.users.append(oakley) dachshundworld = Client(title=u"Dachshund World", org=dachsunited, confidential=True, website=u"http://gustavsdachshundworld.com") partyanimal = Permission(name=u"partyanimal", title=u"Party Animal", org=dachsunited) db.session.add(gustav) db.session.add(oakley) db.session.add(dachsunited) db.session.add(dachshundworld) db.session.add(partyanimal) db.session.commit() app.run('0.0.0.0')
def make_fixtures(self): """ Create users, attach them to organizations. Create test client app, add test resource, action and message. """ crusoe = User(username=u"crusoe", fullname=u"Crusoe Celebrity Dachshund") oakley = User(username=u"oakley") piglet = User(username=u"piglet") nameless = User(fullname="Nameless") db.session.add_all([crusoe, oakley, piglet, nameless]) self.crusoe = crusoe self.oakley = oakley self.piglet = piglet self.nameless = nameless crusoe_email = UserEmail(email=u"*****@*****.**", primary=True, user=crusoe) crusoe_phone = UserPhone(phone=u"+8080808080", primary=True, user=crusoe) oakley_email = UserEmail(email=u"*****@*****.**", user=oakley) db.session.add_all([crusoe_email, crusoe_phone, oakley_email]) self.crusoe_email = crusoe_email self.crusoe_phone = crusoe_phone batdog = Organization(name=u'batdog', title=u'Batdog') batdog.owners.users.append(crusoe) batdog.members.users.append(oakley) db.session.add(batdog) self.batdog = batdog specialdachs = Organization(name=u"specialdachs", title=u"Special Dachshunds") specialdachs.owners.users.append(oakley) specialdachs.members.users.append(piglet) db.session.add(specialdachs) self.specialdachs = specialdachs client = Client(title=u"Batdog Adventures", org=batdog, confidential=True, namespace=u'fun.batdogadventures.com', website=u"http://batdogadventures.com") db.session.add(client) self.client = client dachshunds = Team(title=u"Dachshunds", org=batdog) db.session.add(dachshunds) self.dachshunds = dachshunds team_client_permission = TeamClientPermissions( team=dachshunds, client=client, access_permissions=u"admin") self.team_client_permission = team_client_permission db.session.add(team_client_permission) client_team_access = ClientTeamAccess( org=batdog, client=client, access_level=CLIENT_TEAM_ACCESS.ALL) db.session.add(client_team_access) bdfl = Permission(name=u"bdfl", title=u"BDFL", user=crusoe) db.session.add(bdfl) self.bdfl = bdfl user_client_permissions = UserClientPermissions(user=crusoe, client=client) db.session.add(user_client_permissions) self.user_client_permissions = user_client_permissions resource = Resource(name=u"test_resource", title=u"Test Resource", client=client) db.session.add(resource) self.resource = resource resource_action = ResourceAction(name=u'Fun', resource=resource, title=u'fun') db.session.add(resource_action) self.resource_action = resource_action action = ResourceAction(name=u"read", title=u"Read", resource=resource) db.session.add(action) self.action = action message = SMSMessage(phone_number=crusoe_phone.phone, transaction_id=u"Ruff" * 5, message=u"Wuff Wuff") db.session.add(message) db.session.commit() self.message = message