summaryrefslogtreecommitdiffstats
path: root/ogcp/views.py
diff options
context:
space:
mode:
Diffstat (limited to 'ogcp/views.py')
-rw-r--r--ogcp/views.py72
1 files changed, 69 insertions, 3 deletions
diff --git a/ogcp/views.py b/ogcp/views.py
index 45a0f73..9868e78 100644
--- a/ogcp/views.py
+++ b/ogcp/views.py
@@ -311,7 +311,7 @@ def get_scopes(ips=set()):
list_scopes.append(server_scope)
all_scopes = {'scope': list_scopes}
all_scopes = sort_scopes(all_scopes)
- if current_user.scopes:
+ if not current_user.admin and current_user.scopes:
remove_disabled_scopes(all_scopes)
clients = get_clients()
add_state_and_ips(all_scopes, clients['clients'], ips)
@@ -369,7 +369,10 @@ def load_user(username):
if not user_dict:
return None
- user = User(username, user_dict.get('SCOPES'), user_dict.get('ADMIN'))
+ user = User(username,
+ user_dict.get('SCOPES'),
+ user_dict.get('ADMIN'),
+ user_dict.get('PERMISSIONS', {}))
return user
@app.errorhandler(404)
@@ -458,7 +461,10 @@ def login():
user_dict = authenticate_user(form_user, pwd_hash)
if not user_dict:
return render_template('auth/login.html', form=form)
- user = User(form_user, user_dict.get('SCOPES'), user_dict.get('ADMIN'))
+ user = User(form_user,
+ user_dict.get('SCOPES'),
+ user_dict.get('ADMIN'),
+ user_dict.get('PERMISSIONS', {}))
login_user(user)
return redirect(url_for('index'))
return render_template('auth/login.html', form=LoginForm())
@@ -3027,6 +3033,38 @@ def save_user(form, preserve_pwd):
'PASS': pwd_hash,
'ADMIN': admin,
'SCOPES': scopes,
+ 'PERMISSIONS': {
+ 'CLIENT': {
+ 'ADD': form.client_permissions.add.data,
+ 'UPDATE': form.client_permissions.update.data,
+ 'DELETE': form.client_permissions.delete.data,
+ },
+ 'CENTER': {
+ 'ADD': form.center_permissions.add.data,
+ 'UPDATE': form.center_permissions.update.data,
+ 'DELETE': form.center_permissions.delete.data,
+ },
+ 'ROOM': {
+ 'ADD': form.room_permissions.add.data,
+ 'UPDATE': form.room_permissions.update.data,
+ 'DELETE': form.room_permissions.delete.data,
+ },
+ 'FOLDER': {
+ 'ADD': form.folder_permissions.add.data,
+ 'UPDATE': form.folder_permissions.update.data,
+ 'DELETE': form.folder_permissions.delete.data,
+ },
+ 'IMAGE': {
+ 'ADD': form.image_permissions.add.data,
+ 'UPDATE': form.image_permissions.update.data,
+ 'DELETE': form.image_permissions.delete.data,
+ },
+ 'REPOSITORY': {
+ 'ADD': form.repository_permissions.add.data,
+ 'UPDATE': form.repository_permissions.update.data,
+ 'DELETE': form.repository_permissions.delete.data,
+ },
+ },
}
filename = os.path.join(app.root_path, ogcp_cfg_path)
@@ -3110,6 +3148,34 @@ def user_edit_get():
form.username.render_kw = {'readonly': True}
form.admin.data = user.get('ADMIN')
form.scopes.data = user.get('SCOPES')
+
+ if 'PERMISSIONS' in user:
+ permissions = user.get('PERMISSIONS')
+
+ def get_permission(target, action):
+ if not target in permissions:
+ return True
+ return permissions[target].get(action, True)
+
+ form.client_permissions.add.data = get_permission('CLIENT', 'ADD')
+ form.client_permissions.update.data = get_permission('CLIENT', 'UPDATE')
+ form.client_permissions.delete.data = get_permission('CLIENT', 'DELETE')
+ form.center_permissions.add.data = get_permission('CENTER', 'ADD')
+ form.center_permissions.update.data = get_permission('CENTER', 'UPDATE')
+ form.center_permissions.delete.data = get_permission('CENTER', 'DELETE')
+ form.room_permissions.add.data = get_permission('ROOM', 'ADD')
+ form.room_permissions.update.data = get_permission('ROOM', 'UPDATE')
+ form.room_permissions.delete.data = get_permission('ROOM', 'DELETE')
+ form.folder_permissions.add.data = get_permission('FOLDER', 'ADD')
+ form.folder_permissions.update.data = get_permission('FOLDER', 'UPDATE')
+ form.folder_permissions.delete.data = get_permission('FOLDER', 'DELETE')
+ form.image_permissions.add.data = get_permission('IMAGE', 'ADD')
+ form.image_permissions.update.data = get_permission('IMAGE', 'UPDATE')
+ form.image_permissions.delete.data = get_permission('IMAGE', 'DELETE')
+ form.repository_permissions.add.data = get_permission('REPOSITORY', 'ADD')
+ form.repository_permissions.update.data = get_permission('REPOSITORY', 'UPDATE')
+ form.repository_permissions.delete.data = get_permission('REPOSITORY', 'DELETE')
+
form.scopes.choices = get_available_centers()
return render_template('auth/edit_user.html', form=form)