Commit eacfb12f authored by Marc Duez's avatar Marc Duez

database : admin can give/remove permission to create new patient from user page

parent b264eba4
......@@ -1133,4 +1133,8 @@ span.logo
select>option:hover {
background-color: @border;
}
.inactive {
opacity: 0.5;
}
\ No newline at end of file
......@@ -438,9 +438,9 @@ Database.prototype = {
var arg = {}
arg.value = value
arg.name = name
arg.user_id = id
arg.id = id
this.call( this.db_address + 'user/rights', arg)
this.call('user/rights', arg)
}
}
......@@ -12,3 +12,21 @@ def index():
## need ["id"]
def info():
return dict(message=T('user info'))
def rights():
if auth.has_membership("admin"):
id = request.vars["id"]
group_id = auth.user_group(id)
if request.vars["value"] == "true" :
auth.add_permission(group_id, 'create', request.vars["name"], 0)
else :
auth.del_permission(group_id, 'create', request.vars["name"], 0)
res = { "redirect": "user/info",
"args" : {"id" : id },
"message": "permission changed"}
return gluon.contrib.simplejson.dumps(res, separators=(',',':'))
else :
res = {"message": "acces denied"}
return gluon.contrib.simplejson.dumps(res, separators=(',',':'))
......@@ -41,8 +41,6 @@ query = db(
</table>
<table class="db_table" id="db_fixed_header"></table>
</div>
<span class="button" onclick="db.call('group/index')"> back to list </span>
{{if auth.has_permission("admin", "auth_group", request.vars["id"], auth.user.id) :}}
......
......@@ -4,21 +4,25 @@
{{if 'message' in globals():}}
{{
id = request.vars["id"]
query = db(
(db.auth_user.id == request.vars["id"])
(db.auth_user.id == id)
& (db.auth_membership.user_id == db.auth_user.id)
& (db.auth_membership.group_id == db.auth_group.id)
).select()
}}
<div>
<div>
<h3>{{=message}} {{=request.vars["id"]}}</h3>
<h3>{{=message}} {{=id}}</h3>
</div>
<div class="db_block">
<div class="db_block_left">
create patient <input type="checkbox" name="patient" onclick="db.patient_right(this.checked, this.name, {{=request.vars["id"]}});"></br>
create patient
<input type="checkbox" name="patient" onclick="db.user_rights(this.checked, this.name, {{=id}});" {{if auth.has_permission('create', 'patient', 0, id) :}}{{="checked"}}{{pass}}>
</br>
<!--create config <input type="checkbox" name="config" onclick="db.test(this.checked, this.name, {{request.vars["id"]}});"></br>-->
</div>
</div>
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment