def update_role(org_id, user_id, new_role): current_role = permission_model.get_role(user_id, org_id) if not (permission_model.permitted(g.user, org_id, PermissionTags.EDIT_USER) and permission_model.role_gte(g.user, org_id, current_role) and permission_model.role_gte(g.user, org_id, new_role)): raise InsufficientPermission() permission_model.set_role(user_id, org_id, new_role) return Response(status=204)
def kick_user(org_id, user_id): if not permission_model.permitted(g.user, org_id, PermissionTags.EDIT_USER): raise InsufficientPermission() if org_model.has_user(org_id, user_id): role = permission_model.get_role(user_id, org_id) if not permission_model.role_gte(g.user, org_id, role): raise InsufficientPermission() org_model.remove_user(org_id, user_id) events.mediator('kick', user_id=user_id, org_id=org_id) else: user_model.remove_from_waiting_list(user_id, org_id) return Response(status=204)
def add_user_to_org(org_id, username): role = request.form['role'] if not (permission_model.permitted(g.user, org_id, PermissionTags.EDIT_USER) and permission_model.role_gte(g.user, org_id, role)): raise InsufficientPermission() user_id = user_model.id_from('email', username) if user_id: org_model.add_user(org_id, user_id, role=role) events.mediator('added_to_project', email=username, project=org_id) else: # Add user to waiting list user_model.add_to_waiting_list(username, org_id, role) events.mediator('invite', email=username, org_id=org_id) org = org_model.get(org_id) return Response(json.dumps(org), status=200, content_type='application/json')