Commit 5e9146a8 authored by HERBERT Ryan's avatar HERBERT Ryan

Moved rights management to groups

parent 5633a13f
......@@ -864,7 +864,7 @@ Database.prototype = {
});
},
user_rights: function (value, name, right, id) {
group_rights: function (value, name, right, id) {
var arg = {}
arg.value = value //true > add right || false > remove right
......@@ -872,7 +872,7 @@ Database.prototype = {
arg.right = right //kind of write (create / delete / run)
arg.id = id //user id
this.call('user/rights', arg)
this.call('group/rights', arg)
},
......
......@@ -149,3 +149,25 @@ def kick():
"message" : "you don't have permission to kick people"}
log.error(res)
return gluon.contrib.simplejson.dumps(res, separators=(',',':'))
def rights():
if auth.is_admin():
group_id = request.vars["id"]
msg = ""
if request.vars["value"] == "true" :
auth.add_permission(group_id, request.vars["right"], request.vars["name"], 0)
msg += "add '" + request.vars["right"] + "' permission on '" + request.vars["name"] + "' for group " + db.auth_group[group_id].role
else :
auth.del_permission(group_id, request.vars["right"], request.vars["name"], 0)
msg += "remove '" + request.vars["right"] + "' permission on '" + request.vars["name"] + "' for group " + db.auth_group[group_id].role
res = { "redirect": "user/info",
"args" : {"id" : group_id },
"message": msg}
log.admin(res)
return gluon.contrib.simplejson.dumps(res, separators=(',',':'))
else :
res = {"message": "admin only"}
log.error(res)
return gluon.contrib.simplejson.dumps(res, separators=(',',':'))
......@@ -60,26 +60,3 @@ def info():
if "id" not in request.vars:
request.vars["id"] = db().select(db.auth_user.ALL, orderby=~db.auth_user.id)[0].id
return dict(message=T('user info'))
def rights():
if auth.is_admin():
id = request.vars["id"]
group_id = auth.user_group(id)
msg = ""
if request.vars["value"] == "true" :
auth.add_permission(group_id, request.vars["right"], request.vars["name"], 0)
msg += "add '" + request.vars["right"] + "' permission on '" + request.vars["name"] + "' for user " + db.auth_user[id].first_name + " " + db.auth_user[id].last_name
else :
auth.del_permission(group_id, request.vars["right"], request.vars["name"], 0)
msg += "remove '" + request.vars["right"] + "' permission on '" + request.vars["name"] + "' for user " + db.auth_user[id].first_name + " " + db.auth_user[id].last_name
res = { "redirect": "user/info",
"args" : {"id" : id },
"message": msg}
log.admin(res)
return gluon.contrib.simplejson.dumps(res, separators=(',',':'))
else :
res = {"message": "admin only"}
log.error(res)
return gluon.contrib.simplejson.dumps(res, separators=(',',':'))
......@@ -100,8 +100,19 @@ class GroupController(unittest.TestCase):
auth.has_permission('admin', 'auth_group', group_id)
def test4Rights(self):
group_id = db( db.auth_group.role == "test_group_1").select()[0].id
request.vars["id"] = group_id
request.vars["name"] = "patient" #table name on which the right will aply
request.vars["right"] = "plouf" #right name
request.vars["value"] = "true" #add right
resp = rights()
self.assertNotEqual(resp.find("add 'plouf' permission on 'patient' for group test_group_1"), -1, "add permission failled")
request.vars["value"] = "false" #remove right
resp = rights()
self.assertNotEqual(resp.find("remove 'plouf' permission on 'patient' for group test_group_1"), -1, "remove permission failled")
\ No newline at end of file
......@@ -46,16 +46,4 @@ class UserController(unittest.TestCase):
self.assertTrue(resp.has_key('message'), "info() has returned an incomplete response")
def testRights(self):
request.vars["id"] = user_id #user_id
request.vars["name"] = "patient" #table name on which the right will aply
request.vars["right"] = "plouf" #right name
request.vars["value"] = "true" #add right
resp = rights()
self.assertNotEqual(resp.find("add 'plouf' permission on 'patient' for user Testers Inc"), -1, "add permission failled")
request.vars["value"] = "false" #remove right
resp = rights()
self.assertNotEqual(resp.find("remove 'plouf' permission on 'patient' for user Testers Inc"), -1, "remove permission failled")
\ No newline at end of file
......@@ -16,6 +16,25 @@ query = db(
<h3>group : {{=group.role}} ({{=group.id}})</h3>
</div>
<div class="db_block">
<div class="db_block_left">
create patient
<input type="checkbox" name="sample_set" onclick="db.group_rights(this.checked, this.name, 'create', {{=group.id}});" {{if auth.group_has_permission('create', 'sample_set', group.id) :}}{{="checked"}}{{pass}}>
edit patient
<input name="sample_set" type="checkbox" onclick="db.group_rights(this.checked, this.name, 'admin', {{=group.id}});" {{if auth.group_has_permission('admin', 'sample_set', group.id) :}}{{="checked"}}{{pass}}>
upload sequence
<input type="checkbox" name="sample_set" onclick="db.group_rights(this.checked, this.name, 'upload', {{=group.id}});" {{if auth.group_has_permission('upload', 'sample_set', group.id) :}}{{="checked"}}{{pass}}>
run vidjil
<input type="checkbox" name="sample_set" onclick="db.group_rights(this.checked, this.name, 'run', {{=group.id}});" {{if auth.group_has_permission('run', 'sample_set', group.id) :}}{{="checked"}}{{pass}}>
</br>
<!--create config <input type="checkbox" name="config" onclick="db.test(this.checked, this.name, {{request.vars["id"]}});"></br>-->
</div>
</div>
<div id="db_table_container">
<table class="db_table" id="table">
<thead>
......
......@@ -18,21 +18,6 @@ query = db(
<h3>{{=message}} {{=db.auth_user[id].first_name}} {{=db.auth_user[id].last_name}} </h3>
</div>
<div class="db_block">
<div class="db_block_left">
create patient
<input type="checkbox" name="patient" onclick="db.user_rights(this.checked, this.name, 'create', {{=id}});" {{if auth.can_create_patient(id) :}}{{="checked"}}{{pass}}>
upload sequence
<input type="checkbox" name="sequence_file" onclick="db.user_rights(this.checked, this.name, 'upload', {{=id}});" {{if auth.can_upload_file(user=id) :}}{{="checked"}}{{pass}}>
run vidjil
<input type="checkbox" name="results_file" onclick="db.user_rights(this.checked, this.name, 'run', {{=id}});" {{if auth.can_process_file(id) :}}{{="checked"}}{{pass}}>
</br>
<!--create config <input type="checkbox" name="config" onclick="db.test(this.checked, this.name, {{request.vars["id"]}});"></br>-->
</div>
</div>
<div id="db_table_container">
<table class="db_table" id="table">
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment