~homeworkprod/byceps

ref: 533662eefb314d54b168e5a46bc07c88b5f88be4 byceps/byceps/blueprints/admin/authorization/views.py -rw-r--r-- 1.7 KiB
533662ee — Jochen Kupperschmidt Use Flask v2.0's `delete`/`get`/`patch`/`post` route shortcuts 2 months ago
                                                                                
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
"""
byceps.blueprints.admin.authorization.views
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

:Copyright: 2006-2021 Jochen Kupperschmidt
:License: Revised BSD (see `LICENSE` file for details)
"""

from flask import abort

from ....services.authorization import service as authorization_service
from ....services.user import service as user_service
from ....util.authorization import register_permission_enum
from ....util.framework.blueprint import create_blueprint
from ....util.framework.templating import templated
from ....util.views import permission_required

from .authorization import RolePermission


blueprint = create_blueprint('authorization_admin', __name__)


register_permission_enum(RolePermission)


@blueprint.get('/permissions')
@permission_required(RolePermission.view)
@templated
def permission_index():
    """List permissions."""
    permissions = authorization_service.get_all_permissions_with_titles()

    return {'permissions': permissions}


@blueprint.get('/roles')
@permission_required(RolePermission.view)
@templated
def role_index():
    """List roles."""
    roles = authorization_service.get_all_roles_with_titles()

    return {'roles': roles}


@blueprint.get('/roles/<role_id>')
@permission_required(RolePermission.view)
@templated
def role_view(role_id):
    """View role details."""
    role = authorization_service.find_role(role_id)

    if role is None:
        abort(404)

    permissions = authorization_service.get_permissions_with_title_for_role(
        role.id
    )

    user_ids = authorization_service.find_user_ids_for_role(role.id)
    users = user_service.find_users(user_ids, include_avatars=True)

    return {
        'role': role,
        'permissions': permissions,
        'users': users,
    }