class AdminUserViews(BaseView):
def __init__(self, request):
super(AdminUserViews, self).__init__(request)
self.shared = UsersShared(request)
@view_config(renderer='testscaffold:templates/admin/users/edit.jinja2',
match_param=('object=users', 'verb=GET'))
@view_config(renderer='testscaffold:templates/admin/users/edit.jinja2',
match_param=('object=users', 'verb=PATCH'))
def get_patch(self):
request = self.request
user = self.shared.user_get(self.request.matchdict['object_id'])
permission_form = DirectPermissionForm(request.POST,
context={'request': request})
permissions_grid = UserPermissionsGrid(user.user_permissions,
request=request,
user=user)
user_form = UserAdminUpdateForm(request.POST,
obj=user,
context={
'request': request,
'modified_obj': user
})
if request.method == "POST" and user_form.validate():
self.shared.populate_instance(user, user_form.data)
return {
"user": user,
"user_form": user_form,
"permission_form": permission_form,
"permissions_grid": permissions_grid
}
@view_config(
renderer='testscaffold:templates/admin/relation_remove.jinja2',
match_param=('object=users', 'verb=DELETE'),
request_method='GET')
@view_config(
renderer='testscaffold:templates/admin/relation_remove.jinja2',
match_param=('object=users', 'verb=DELETE'),
request_method='POST')
def delete(self):
request = self.request
user = self.shared.user_get(self.request.matchdict['object_id'])
back_url = request.route_url('admin_objects',
object='users',
verb='GET')
if request.method == "POST":
self.shared.delete(user)
return pyramid.httpexceptions.HTTPFound(location=back_url)
return {
"parent_obj": user,
"member_obj": None,
"confirm_url": request.current_route_url(),
"back_url": back_url
}
class UserAPIView(BaseView):
def __init__(self, request):
super(UserAPIView, self).__init__(request)
self.shared = UsersShared(request)
@view_config(route_name='api_objects', request_method='GET')
def collection_list(self):
schema = UserCreateSchema(context={'request': self.request})
page = safe_integer(self.request.GET.get('page', 1))
filter_params = UserSearchSchema().load(self.request.GET.mixed()).data
user_paginator = self.shared.collection_list(
page=page, filter_params=filter_params)
headers = gen_pagination_headers(request=self.request,
paginator=user_paginator)
self.request.response.headers.update(headers)
return schema.dump(user_paginator.items, many=True).data
@view_config(route_name='api_objects', request_method='POST')
def post(self):
schema = UserCreateSchema(context={'request': self.request})
data = schema.load(self.request.unsafe_json_body).data
user = User()
self.shared.populate_instance(user, data)
user.persist(flush=True, db_session=self.request.dbsession)
return schema.dump(user).data
@view_config(request_method='GET')
def get(self):
schema = UserCreateSchema(context={'request': self.request})
user = self.shared.user_get(self.request.matchdict['object_id'])
return schema.dump(user).data
@view_config(request_method="PATCH")
def patch(self):
user = self.shared.user_get(self.request.matchdict['object_id'])
schema = UserEditSchema(context={
'request': self.request,
'modified_obj': user
})
data = schema.load(self.request.unsafe_json_body, partial=True).data
self.shared.populate_instance(user, data)
return schema.dump(user).data
@view_config(request_method="DELETE")
def delete(self):
user = self.shared.user_get(self.request.matchdict['object_id'])
self.shared.delete(user)
return True
class UserAPIView(BaseView):
def __init__(self, request):
super(UserAPIView, self).__init__(request)
self.shared = UsersShared(request)
@view_config(route_name="api_objects", request_method="GET")
def collection_list(self):
schema = UserCreateSchema(context={"request": self.request})
page = safe_integer(self.request.GET.get("page", 1))
filter_params = UserSearchSchema().load(self.request.GET.mixed()).data
user_paginator = self.shared.collection_list(
page=page, filter_params=filter_params
)
headers = gen_pagination_headers(request=self.request, paginator=user_paginator)
self.request.response.headers.update(headers)
return schema.dump(user_paginator.items, many=True).data
@view_config(route_name="api_objects", request_method="POST")
def post(self):
schema = UserCreateSchema(context={"request": self.request})
data = schema.load(self.request.unsafe_json_body).data
user = User()
self.shared.populate_instance(user, data)
user.persist(flush=True, db_session=self.request.dbsession)
return schema.dump(user).data
@view_config(request_method="GET")
def get(self):
schema = UserCreateSchema(context={"request": self.request})
user = self.shared.user_get(self.request.matchdict["object_id"])
return schema.dump(user).data
@view_config(request_method="PATCH")
def patch(self):
user = self.shared.user_get(self.request.matchdict["object_id"])
schema = UserEditSchema(context={"request": self.request, "modified_obj": user})
data = schema.load(self.request.unsafe_json_body, partial=True).data
self.shared.populate_instance(user, data)
return schema.dump(user).data
@view_config(request_method="DELETE")
def delete(self):
user = self.shared.user_get(self.request.matchdict["object_id"])
self.shared.delete(user)
return True
class UsersPermissionsAPI(object):
def __init__(self, request):
self.request = request
self.shared = UsersShared(request)
@view_config(request_method="POST")
def post(self):
json_body = self.request.unsafe_json_body
user = self.shared.user_get(self.request.matchdict["object_id"])
self.shared.permission_post(user, json_body["perm_name"])
return True
@view_config(request_method="DELETE")
def delete(self):
user = self.shared.user_get(self.request.matchdict["object_id"])
permission = self.shared.permission_get(user, self.request.GET.get("perm_name"))
self.shared.permission_delete(user, permission)
return True
class UsersPermissionsAPI(object):
def __init__(self, request):
self.request = request
self.shared = UsersShared(request)
@view_config(request_method="POST")
def post(self):
json_body = self.request.unsafe_json_body
user = self.shared.user_get(self.request.matchdict['object_id'])
self.shared.permission_post(user, json_body['perm_name'])
return True
@view_config(request_method="DELETE")
def delete(self):
user = self.shared.user_get(self.request.matchdict['object_id'])
permission = self.shared.permission_get(
user, self.request.GET.get('perm_name'))
self.shared.permission_delete(user, permission)
return True
class AdminUserRelationsView(BaseView):
"""
Handles operations on group properties
"""
def __init__(self, request):
super(AdminUserRelationsView, self).__init__(request)
self.shared = UsersShared(request)
@view_config(
renderer='testscaffold:templates/admin/users/edit.jinja2',
match_param=['object=users', 'relation=permissions', 'verb=POST'])
def permission_post(self):
request = self.request
user = self.shared.user_get(request.matchdict['object_id'])
user_form = UserAdminUpdateForm(request.POST,
obj=user,
context={
'request': request,
'modified_obj': user
})
permission_form = DirectPermissionForm(request.POST,
context={'request': request})
permissions_grid = UserPermissionsGrid(user.permissions,
request=request,
user=user)
if request.method == "POST" and permission_form.validate():
permission_name = permission_form.perm_name.data
self.shared.permission_post(user, permission_name)
url = request.route_url('admin_object',
object='users',
object_id=user.id,
verb='GET')
return pyramid.httpexceptions.HTTPFound(location=url)
return {
'user': user,
'user_form': user_form,
'permission_form': permission_form,
'permissions_grid': permissions_grid
}
@view_config(
renderer='testscaffold:templates/admin/relation_remove.jinja2',
match_param=('object=users', 'relation=permissions', 'verb=DELETE'),
request_method="GET")
@view_config(
renderer='testscaffold:templates/admin/relation_remove.jinja2',
match_param=('object=users', 'relation=permissions', 'verb=DELETE'),
request_method="POST")
def permission_delete(self):
request = self.request
user = self.shared.user_get(request.matchdict['object_id'])
permission = self.shared.permission_get(user,
request.GET.get('perm_name'))
back_url = request.route_url('admin_object',
object='users',
object_id=user.id,
verb='GET')
if request.method == "POST":
self.shared.permission_delete(user, permission)
return pyramid.httpexceptions.HTTPFound(location=back_url)
return {
"parent_obj": user,
"member_obj": permission,
"confirm_url": request.current_route_url(),
"back_url": back_url
}
class AdminUserViews(BaseView):
def __init__(self, request):
super(AdminUserViews, self).__init__(request)
self.shared = UsersShared(request)
@view_config(
renderer="testscaffold:templates/admin/users/edit.jinja2",
match_param=("object=users", "verb=GET"),
)
@view_config(
renderer="testscaffold:templates/admin/users/edit.jinja2",
match_param=("object=users", "verb=PATCH"),
)
def get_patch(self):
request = self.request
user = self.shared.user_get(self.request.matchdict["object_id"])
permission_form = DirectPermissionForm(
request.POST, context={"request": request}
)
permissions_grid = UserPermissionsGrid(
user.user_permissions, request=request, user=user
)
user_form = UserAdminUpdateForm(
request.POST, obj=user, context={"request": request, "modified_obj": user}
)
if request.method == "POST" and user_form.validate():
self.shared.populate_instance(user, user_form.data)
return {
"user": user,
"user_form": user_form,
"permission_form": permission_form,
"permissions_grid": permissions_grid,
}
@view_config(
renderer="testscaffold:templates/admin/relation_remove.jinja2",
match_param=("object=users", "verb=DELETE"),
request_method="GET",
)
@view_config(
renderer="testscaffold:templates/admin/relation_remove.jinja2",
match_param=("object=users", "verb=DELETE"),
request_method="POST",
)
def delete(self):
request = self.request
user = self.shared.user_get(self.request.matchdict["object_id"])
back_url = request.route_url("admin_objects", object="users", verb="GET")
if request.method == "POST":
self.shared.delete(user)
return pyramid.httpexceptions.HTTPFound(location=back_url)
return {
"parent_obj": user,
"member_obj": None,
"confirm_url": request.current_route_url(),
"back_url": back_url,
}
class AdminUserRelationsView(BaseView):
"""
Handles operations on group properties
"""
def __init__(self, request):
super(AdminUserRelationsView, self).__init__(request)
self.shared = UsersShared(request)
@view_config(
renderer="testscaffold:templates/admin/users/edit.jinja2",
match_param=["object=users", "relation=permissions", "verb=POST"],
)
def permission_post(self):
request = self.request
user = self.shared.user_get(request.matchdict["object_id"])
user_form = UserAdminUpdateForm(
request.POST, obj=user, context={"request": request, "modified_obj": user}
)
permission_form = DirectPermissionForm(
request.POST, context={"request": request}
)
permissions_grid = UserPermissionsGrid(
UserService.permissions(user), request=request, user=user
)
if request.method == "POST" and permission_form.validate():
permission_name = permission_form.perm_name.data
self.shared.permission_post(user, permission_name)
url = request.route_url(
"admin_object", object="users", object_id=user.id, verb="GET"
)
return pyramid.httpexceptions.HTTPFound(location=url)
return {
"user": user,
"user_form": user_form,
"permission_form": permission_form,
"permissions_grid": permissions_grid,
}
@view_config(
renderer="testscaffold:templates/admin/relation_remove.jinja2",
match_param=("object=users", "relation=permissions", "verb=DELETE"),
request_method="GET",
)
@view_config(
renderer="testscaffold:templates/admin/relation_remove.jinja2",
match_param=("object=users", "relation=permissions", "verb=DELETE"),
request_method="POST",
)
def permission_delete(self):
request = self.request
user = self.shared.user_get(request.matchdict["object_id"])
permission = self.shared.permission_get(user, request.GET.get("perm_name"))
back_url = request.route_url(
"admin_object", object="users", object_id=user.id, verb="GET"
)
if request.method == "POST":
self.shared.permission_delete(user, permission)
return pyramid.httpexceptions.HTTPFound(location=back_url)
return {
"parent_obj": user,
"member_obj": permission,
"confirm_url": request.current_route_url(),
"back_url": back_url,
}