def group_list_authz(context, data_dict):
"""Return the list of groups that the user is authorized to edit. Replaces
the core authz method of the same name."""
user = context["user"]
model = context["model"]
user_id = authz.get_user_id_for_username(user, allow_none=True)
toolkit.check_access("group_list_authz", context, data_dict)
if GroupAdmin.is_user_group_admin(model.Session, user_id):
q = (
model.Session.query(model.Group)
.filter(model.Group.is_organization == False)
.filter(model.Group.state == "active")
)
groups = q.all()
group_list = model_dictize.group_list_dictize(groups, context)
return group_list
else:
# defer to core method
return core_group_list_authz(context, data_dict)
def decorate_has_user_permission_for_group_or_org(group_id, user_name,
permission):
user_id = authz.get_user_id_for_username(user_name, allow_none=True)
if not user_id:
return False
if GroupAdmin.is_user_group_admin(model.Session, user_id):
return True
return method(group_id, user_name, permission)