Commit f04e5f74 authored by HERBERT Ryan's avatar HERBERT Ryan
Browse files

Update permission pages

Updated the patient and config permission pages to make them work as
intended with the new permissions system
parent beea6e70
......@@ -145,21 +145,14 @@ def permission():
id = usermap[row.owner]
row.owner = db.auth_user[id].first_name + " " + db.auth_user[id].last_name
row.admin = False
if db( (db.auth_permission.name == "admin")
& (db.auth_permission.record_id == request.vars["id"])
& (db.auth_permission.group_id == row.id)
& (db.auth_permission.table_name == db.config)
).count() > 0 :
row.admin = True
row.read = False
if db( (db.auth_permission.name == "read")
& (db.auth_permission.record_id == request.vars["id"])
& (db.auth_permission.group_id == row.id)
& (db.auth_permission.table_name == db.config)
).count() > 0 :
row.read = True
permissions = db(
(db.auth_permission.group_id == row.id) &
(db.auth_permission.record_id == 0) &
(db.auth_permission.table_name == 'sample_set')).select()
row.perms = ', '.join(map(lambda x: x.name, permissions))
row.parent_access = ', '.join(str(value) for value in auth.get_access_groups(db.config, request.vars['id'], group=row.id))
row.read = auth.get_group_access('config', request.vars['id'], row.id)
return dict(query = query)
else :
......@@ -175,22 +168,16 @@ def change_permission():
error += "missing group_id, "
if request.vars["config_id"] == "" :
error += "missing patient_id, "
if request.vars["permission"] == "" :
error += "missing permission, "
if error=="":
if db( (db.auth_permission.name == request.vars["permission"])
& (db.auth_permission.record_id == request.vars["config_id"])
& (db.auth_permission.group_id == request.vars["group_id"])
& (db.auth_permission.table_name == db.config)
).count() > 0 :
auth.del_permission(request.vars["group_id"], request.vars["permission"], db.config, request.vars["config_id"])
if auth.get_group_access(db.config, int(request.vars["config_id"]), int(request.vars["group_id"])):
auth.del_permission(request.vars["group_id"], PermissionEnum.access.value, db.config, request.vars["config_id"])
res = {"message" : "c%s: access '%s' deleted to '%s'" % (request.vars["config_id"],
request.vars["permission"], db.auth_group[request.vars["group_id"]].role)}
PermissionEnum.access.value, db.auth_group[request.vars["group_id"]].role)}
else :
auth.add_permission(request.vars["group_id"], request.vars["permission"], db.config, request.vars["config_id"])
auth.add_permission(request.vars["group_id"], PermissionEnum.access.value, db.config, request.vars["config_id"])
res = {"message" : "c%s: access '%s' granted to '%s'" % (request.vars["config_id"],
request.vars["permission"], db.auth_group[request.vars["group_id"]].role)}
PermissionEnum.access.value, db.auth_group[request.vars["group_id"]].role)}
log.admin(res)
return gluon.contrib.simplejson.dumps(res, separators=(',',':'))
......
......@@ -464,29 +464,14 @@ def permission():
id = int(row.owner[5:])
row.owner = db.auth_user[id].first_name + " " + db.auth_user[id].last_name
row.admin = False
if db( (db.auth_permission.name == "admin")
& (db.auth_permission.record_id == request.vars["id"])
& (db.auth_permission.group_id == row.id)
& (db.auth_permission.table_name == db.patient)
).count() > 0 :
row.admin = True
row.anon = False
if db( (db.auth_permission.name == "anon")
& (db.auth_permission.record_id == request.vars["id"])
& (db.auth_permission.group_id == row.id)
& (db.auth_permission.table_name == db.patient)
).count() > 0 :
row.anon = True
row.read = False
if db( (db.auth_permission.name == "read")
& (db.auth_permission.record_id == request.vars["id"])
& (db.auth_permission.group_id == row.id)
& (db.auth_permission.table_name == db.patient)
).count() > 0 :
row.read = True
permissions = db(
(db.auth_permission.group_id == row.id) &
(db.auth_permission.record_id == 0) &
(db.auth_permission.table_name == 'sample_set')).select()
row.perms = ', '.join(map(lambda x: x.name, permissions))
row.parent_access = ', '.join(str(value) for value in auth.get_access_groups(db.patient, request.vars['id'], group=row.id))
row.read = auth.get_group_access('patient', request.vars['id'], row.id)
return dict(query=query)
else :
......@@ -503,20 +488,17 @@ def change_permission():
error += "missing group_id, "
if request.vars["patient_id"] == "" :
error += "missing patient_id, "
if request.vars["permission"] == "" :
error += "missing permission, "
if error=="":
if db( (db.auth_permission.name == request.vars["permission"])
& (db.auth_permission.record_id == request.vars["patient_id"])
& (db.auth_permission.group_id == request.vars["group_id"])
& (db.auth_permission.table_name == db.patient)
).count() > 0 :
auth.del_permission(request.vars["group_id"], request.vars["permission"], db.patient, request.vars["patient_id"])
res = {"message" : "access '%s' deleted to '%s'" % (request.vars["permission"], db.auth_group[request.vars["group_id"]].role)}
if auth.get_group_access('patient',
int(request.vars["patient_id"]),
int(request.vars["group_id"])):
auth.del_permission(request.vars["group_id"], PermissionEnum.access.value, db.patient, request.vars["patient_id"])
res = {"message" : "access '%s' deleted to '%s'" % (PermissionEnum.access.value, db.auth_group[request.vars["group_id"]].role)}
else :
auth.add_permission(request.vars["group_id"], request.vars["permission"], db.patient, request.vars["patient_id"])
res = {"message" : "access '%s' granted to '%s'" % (request.vars["permission"], db.auth_group[request.vars["group_id"]].role)}
auth.add_permission(request.vars["group_id"], PermissionEnum.access.value, db.patient, request.vars["patient_id"])
res = {"message" : "access '%s' granted to '%s'" % (PermissionEnum.access.value, db.auth_group[request.vars["group_id"]].role)}
log.info(res)
return gluon.contrib.simplejson.dumps(res, separators=(',',':'))
......
......@@ -9,33 +9,30 @@
<div id="db_table_container">
<table class="db_table" id="table">
<thead>
<tr><td class="column_200"> group / user</td>
<tr><td class="column1">id</td>
<td class="column_200"> group / user</td>
<td class="column_200">permissions</td>
<td class="column_200">access from</td>
<td> </td>
<td class="column1"> read</td>
<td class="column1"> admin</td>
<td class="column1"> access</td>
</tr>
</thead>
{{admin = auth.can_modify_config(request.vars["id"])}}
{{ for row in query :}}
<tr>
<td> {{=row.id}}</td>
<td> {{=row.owner}} </td>
<td> {{=row.perms}}</td>
<td> {{=row.parent_access}}
<td></td>
{{if admin :}}
<td> <input type="checkbox" onclick="db.call('config/change_permission', {
'config_id' : {{=request.vars["id"]}} ,
'group_id' : {{=row.id}} ,
'permission' : 'read' } )"
'config_id' : {{=request.vars['id']}} ,
'group_id' : {{=row.id}}})"
{{if row.read :}} checked {{pass}}></td>
<td> <input type="checkbox" onclick="db.call('config/change_permission', {
'config_id' : {{=request.vars["id"]}} ,
'group_id' : {{=row.id}} ,
'permission' : 'admin' } )"
{{if row.admin :}} checked {{pass}}></td>
{{else:}}
<td class="inactive"> <input type="checkbox" onclick="this.click()"
{{if row.read :}} checked {{pass}}></td>
<td class="inactive"> <input type="checkbox" onclick="this.click()"
{{if row.admin :}} checked {{pass}}></td>
{{pass}}
</tr>
{{pass}}
......
......@@ -19,16 +19,16 @@ query = db(
<div class="db_block">
<div class="db_block_left">
create patient
<input type="checkbox" name="sample_set" onclick="db.group_rights(this.checked, this.name, 'create', {{=group.id}});" {{if auth.group_has_permission('create', 'sample_set', group.id) :}}{{="checked"}}{{pass}}>
<input type="checkbox" name="sample_set" onclick="db.group_rights(this.checked, this.name, 'create', {{=group.id}});" {{if auth.has_permission('create', 'sample_set', group_id=group.id) :}}{{="checked"}}{{pass}}>
edit patient
<input name="sample_set" type="checkbox" onclick="db.group_rights(this.checked, this.name, 'admin', {{=group.id}});" {{if auth.group_has_permission('admin', 'sample_set', group.id) :}}{{="checked"}}{{pass}}>
<input name="sample_set" type="checkbox" onclick="db.group_rights(this.checked, this.name, 'admin', {{=group.id}});" {{if auth.has_permission('admin', 'sample_set', group_id=group.id) :}}{{="checked"}}{{pass}}>
upload sequence
<input type="checkbox" name="sample_set" onclick="db.group_rights(this.checked, this.name, 'upload', {{=group.id}});" {{if auth.group_has_permission('upload', 'sample_set', group.id) :}}{{="checked"}}{{pass}}>
<input type="checkbox" name="sample_set" onclick="db.group_rights(this.checked, this.name, 'upload', {{=group.id}});" {{if auth.has_permission('upload', 'sample_set', group_id=group.id) :}}{{="checked"}}{{pass}}>
run vidjil
<input type="checkbox" name="sample_set" onclick="db.group_rights(this.checked, this.name, 'run', {{=group.id}});" {{if auth.group_has_permission('run', 'sample_set', group.id) :}}{{="checked"}}{{pass}}>
<input type="checkbox" name="sample_set" onclick="db.group_rights(this.checked, this.name, 'run', {{=group.id}});" {{if auth.has_permission('run', 'sample_set', group_id=group.id) :}}{{="checked"}}{{pass}}>
</br>
<!--create config <input type="checkbox" name="config" onclick="db.test(this.checked, this.name, {{request.vars["id"]}});"></br>-->
......
......@@ -10,40 +10,27 @@
<thead>
<tr><td class="column1"></td>
<td class="column_200"> group / user</td>
<td class="column_200">permissions</td>
<td vlass="column_200">access from</td>
<td> </td>
<td class="column1"> read</td>
<td class="column1"> admin</td>
<td class="column1"> private info</td>
</tr>
</thead>
{{admin = auth.can_modify_patient(request.vars["id"])}}
{{ for row in query :}}
<tr>
<td> {{=row.id}} </td><td> {{=row.owner}} </td>
<td>{{=row.perms}}</td>
<td>{{=row.parent_access}}</td>
<td></td>
{{if admin :}}
<td> <input type="checkbox" onclick="db.call('patient/change_permission', {
'patient_id' : {{=request.vars["id"]}} ,
'group_id' : {{=row.id}} ,
'permission' : 'read' } )"
'group_id' : {{=row.id}}} )"
{{if row.read :}} checked {{pass}}></td>
<td> <input type="checkbox" onclick="db.call('patient/change_permission', {
'patient_id' : {{=request.vars["id"]}} ,
'group_id' : {{=row.id}} ,
'permission' : 'admin' } )"
{{if row.admin :}} checked {{pass}}></td>
<td> <input type="checkbox" onclick="db.call('patient/change_permission', {
'patient_id' : {{=request.vars["id"]}} ,
'group_id' : {{=row.id}} ,
'permission' : 'anon' } )"
{{if row.anon :}} checked {{pass}}></td>
{{else:}}
<td class="inactive"> <input type="checkbox" onclick="this.click()"
{{if row.read :}} checked {{pass}}></td>
<td class="inactive"> <input type="checkbox" onclick="this.click()"
{{if row.admin :}} checked {{pass}}></td>
<td class="inactive"> <input type="checkbox" onclick="this.click()"
{{if row.anon :}} checked {{pass}}></td>
{{pass}}
</tr>
{{pass}}
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment