def grant_permission(self, permission, ignore_check=False): """ grants a permission to the user """ db = Database() session_user = None if not ignore_check: session_user = self._core.get_session_manager().get_current_session_user() permission_id = Permission.get_id_for_permission(permission) if permission_id is None: raise UserException(UserException.get_msg(5, permission)) if not ignore_check and not session_user.check_permission(permission): raise UserException(UserException.get_msg(6)) stmnt = "UPDATE OR INSERT INTO USERRIGHTS VALUES (?,?) MATCHING (URI_USR_ID,URI_RIG_ID) ;" db.query(stmnt,(self._id,permission_id),commit=True) PokeManager().add_activity(ActivityType.USER)
def revoke_permission(self,permission, ignore_check=False): """ revokes a permission from the user """ db = Database() session_user = None if self.get_id() == ROOT_USER_ID and self.get_name() == "root": raise UserException(UserException.get_msg(16)) if not ignore_check: session_user = Session.get_current_session_user() permission_id = Permission.get_id_for_permission(permission) if permission_id is None: raise UserException(UserException.get_msg(5, permission)) if not ignore_check and not session_user.check_permission(permission): raise UserException(UserException.get_msg(8)) stmnt = "DELETE FROM USERRIGHTS WHERE URI_USR_ID = ? AND URI_RIG_ID = ? ;" db.query(stmnt,(self._id,permission_id),commit=True) PokeManager().add_activity(ActivityType.USER)