Python flask_login.current_user.admin() Examples
The following are 15
code examples of flask_login.current_user.admin().
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example.
You may also want to check out all available functions/classes of the module
flask_login.current_user
, or try the search function
.
Example #1
Source File: api.py From evesrp with BSD 2-Clause "Simplified" License | 6 votes |
def user_detail(user_id): user = User.query.get_or_404(user_id) # Set up divisions submit = map(lambda p: p.division, filter(lambda p: p.permission == PermissionType.submit, user.permissions)) review = map(lambda p: p.division, filter(lambda p: p.permission == PermissionType.review, user.permissions)) pay = map(lambda p: p.division, filter(lambda p: p.permission == PermissionType.pay, user.permissions)) resp = { u'name': user.name, u'groups': list(user.groups), u'divisions': { u'submit': list(set(submit)), u'review': list(set(review)), u'pay': list(set(pay)), }, u'admin': user.admin, u'requests': user.requests, } return jsonify(**resp)
Example #2
Source File: api.py From evesrp with BSD 2-Clause "Simplified" License | 6 votes |
def division_detail(division_id): """Get the details of a division. :param int division_id: The ID of the division """ division = Division.query.get_or_404(division_id) if not current_user.admin and not \ current_user.has_permission(PermissionType.admin, division): abort(403) permissions = {} for perm in PermissionType.all: key = perm.name + '_href' permissions[key] = url_for('.division_permissions', division_id=division_id, permission=perm.name) return jsonify( name=division.name, requests=division.requests, permissions=permissions)
Example #3
Source File: divisions.py From evesrp with BSD 2-Clause "Simplified" License | 6 votes |
def add_division(): """Present a form for adding a division and also process that form. Only accesible to adminstrators. """ if not current_user.admin: return abort(403) form = AddDivisionForm() if form.validate_on_submit(): division = Division(form.name.data) db.session.add(division) db.session.commit() return redirect(url_for('.get_division_details', division_id=division.id)) return render_template('form.html', form=form, # TRANS: The title for a page for creating new divisions. title=gettext(u'Create Division'))
Example #4
Source File: divisions.py From evesrp with BSD 2-Clause "Simplified" License | 6 votes |
def get_division_details(division_id=None, division=None): """Generate a page showing the details of a division. Shows which groups and individuals have been granted permissions to each division. Only accesible to administrators. :param int division_id: The ID number of the division """ if division is None: division = Division.query.get_or_404(division_id) if not current_user.admin and not \ current_user.has_permission(PermissionType.admin, division): abort(403) if request.is_json or request.is_xhr: return jsonify(division._json(True)) return render_template( 'division_detail.html', division=division, entity_form=ChangeEntity(formdata=None), transformer_form=ChangeTransformer(formdata=None), )
Example #5
Source File: divisions.py From evesrp with BSD 2-Clause "Simplified" License | 6 votes |
def modify_division(division_id): """Dispatches modification requests to the specialized view function for that operation. """ division = Division.query.get_or_404(division_id) if not current_user.admin and not \ current_user.has_permission(PermissionType.admin, division): abort(403) form_id = request.form.get('form_id') if form_id == 'entity': return _modify_division_entity(division) elif form_id == 'transformer': return _modify_division_transformer(division) else: current_app.logger.warn("Invalid division modification POST: {}" .format(request.form)) abort(400)
Example #6
Source File: oauth.py From evesrp with BSD 2-Clause "Simplified" License | 6 votes |
def _update_user_info(self): current_app.logger.debug( "Updating information for '{}' with OAuth".format(current_user)) # Set the site-wide admin flag current_user.admin = self.is_admin(current_user) # Add new Pilots current_pilots = self.get_pilots() for pilot in current_pilots: pilot.user = current_user # Remove old pilots user_pilots = set(current_user.pilots) for pilot in user_pilots: if pilot not in current_pilots: pilot.user = None # Add new groups current_groups = self.get_groups() for group in current_groups: current_user.groups.add(group) # Remove old groups user_groups = set(current_user.groups) for group in user_groups: if group not in current_groups and group in current_user.groups: current_user.groups.remove(group) # Save all changes db.session.commit()
Example #7
Source File: email.py From FudgeC2 with GNU General Public License v3.0 | 6 votes |
def post(self): if current_user.admin != "1": return {"message": "Insufficient permissions"}, 403 rj = {} # Validate the contents of this and send to the email class server_email = rj.get("smtp_account", None) server_password = rj.get("password", None) server_host = rj.get("host", None) server_port = rj.get("port", None) from_address = rj.get("from_address", None) check_config = rj.get("check_config", False) state, msg = email_client.configure_email_client( server_host, server_port, server_email, server_password, from_address, check_config) if state: return {"result": msg}, 201 else: return {"result": msg}, 500
Example #8
Source File: dataset.py From DIVE-backend with GNU General Public License v3.0 | 5 votes |
def update(dataset): return logged_in() and (current_user.admin or current_user in dataset.managers)
Example #9
Source File: api.py From evesrp with BSD 2-Clause "Simplified" License | 5 votes |
def list_entities(): """Return a JSON object with a list of all of the specified entity type. Example output:: { entities: [ {name: 'Bar', id: 1, source: 'Auth Source', type: 'User'}, {name: 'Foo', id: 0, source: 'Another Auth Source', type: 'Group'}, {name: 'Baz', id: 20, source: 'Auth Source', type: 'Group'} ] } This method is only accesible to administrators. :param str entity_type: Either ``'user'`` or ``'group'``. """ if not current_user.admin and not \ current_user.has_permission(PermissionType.admin): abort(403) user_query = db.session.query(User.id, User.name, User.authmethod) group_query = db.session.query(Group.id, Group.name, Group.authmethod) users = map(lambda e: { u'id': e.id, u'name': e.name, u'type': u'User', u'source': e.authmethod}, user_query) groups = map(lambda e: { u'id': e.id, u'name': e.name, u'type': u'Group', u'source': e.authmethod}, group_query) return jsonify(entities=chain(users, groups))
Example #10
Source File: api.py From evesrp with BSD 2-Clause "Simplified" License | 5 votes |
def list_divisions(): """List all divisions. """ if not current_user.admin: abort(403) divisions = db.session.query(Division.id, Division.name) return jsonify(divisions=divisions)
Example #11
Source File: api.py From evesrp with BSD 2-Clause "Simplified" License | 5 votes |
def division_permissions(division_id, permission): division = Division.query.get_or_404(division_id) if not current_user.admin and not \ current_user.has_permission(PermissionType.admin, division): abort(403) permission = PermissionType.from_string(permission) # Can't use normal Entity JSON encoder as it doesn't include the # authentication source or their type (explicitly. Ain't nobody got time # for parsing the entity type out of the href). entities = [] for entity in map(lambda p: p.entity, division.permissions[permission]): entity_info = { u'name': entity.name, u'id': entity.id, u'source': str(entity.authmethod), } if hasattr(entity, u'users'): entity_info[u'type'] = u'Group' entity_info[u'length'] = len(entity.users) else: entity_info[u'type'] = u'User' entities.append(entity_info) return jsonify( entities=entities, name=permission.name, description=permission.description)
Example #12
Source File: divisions.py From evesrp with BSD 2-Clause "Simplified" License | 5 votes |
def list_transformers(division_id, attribute=None): """API method to get a list of transformers for a division. :param division_id int: the ID of the division to look up :param attribute str: a specific attribute to look up. Optional. :return: JSON """ division = Division.query.get_or_404(division_id) if not current_user.admin and not \ current_user.has_permission(PermissionType.admin, division): abort(403) if attribute is None: attrs = six.iterkeys(current_app.url_transformers) else: attrs = (attribute,) choices = {} for attr in attrs: raw_choices = transformer_choices(attr) current = division.transformers.get(attr, None) if current is not None: choices[attr] = \ [(c[0], c[1], c[1] == current.name) for c in raw_choices] else: choices[attr] = \ [(c[0], c[1], False) for c in raw_choices] return jsonify(choices)
Example #13
Source File: __init__.py From realms-wiki with GNU General Public License v2.0 | 5 votes |
def error_handler(e): try: if isinstance(e, HTTPException): status_code = e.code message = e.description if e.description != type(e).description else None tb = None else: status_code = httplib.INTERNAL_SERVER_ERROR message = None tb = traceback.format_exc() if current_user.admin else None if request.is_xhr or request.accept_mimetypes.best in ['application/json', 'text/javascript']: response = { 'message': message, 'traceback': tb } else: response = render_template('errors/error.html', title=httplib.responses[status_code], status_code=status_code, message=message, traceback=tb) except HTTPException as e2: return error_handler(e2) return response, status_code
Example #14
Source File: email.py From FudgeC2 with GNU General Public License v3.0 | 5 votes |
def get(self, gid=None): # Return a list of print(type(current_user.admin)) if current_user.admin != "1": return {"message": "Insufficient permissions"}, 403 state, data = db.email.get_email_server_configuration(current_user.user_email) if state: return {"data": data}, 200 else: return {"message": data}, 302
Example #15
Source File: accounts.py From DIVE-backend with GNU General Public License v3.0 | 4 votes |
def register_user(username, email, password, user_id=None, confirmed=True, anonymous=False, admin=[], teams=[], create_teams=True): if user_id: user = User.query.get_or_404(user_id) setattr(user, 'username', username) setattr(user, 'email', email) setattr(user, 'password', password) setattr(user, 'confirmed', confirmed) setattr(user, 'anonymous', anonymous) else: user = User( username=username, email=email, password=password, confirmed=confirmed, anonymous=anonymous ) if admin: for admin_team_name in admin: if team_exists(admin_team_name): t = Team.query.filter_by(name=admin_team_name).one() else: if create_teams: t = Team(name=admin_team_name) db.session.add(t) db.session.commit() if t: user.admin.append(t) if teams: for team_name in teams: if team_exists(team_name): t = Team.query.filter_by(name=team_name).one() else: if create_teams: t = Team(name=team_name) db.session.add(t) db.session.commit() if t: user.teams.append(t) db.session.add(user) db.session.commit() return user # Not turning to dictionary because of flask-login