diff options
| author | Frederick Muriuki Muriithi | 2023-03-07 06:21:37 +0300 |
|---|---|---|
| committer | Frederick Muriuki Muriithi | 2023-03-07 06:21:37 +0300 |
| commit | bc2300dc769eb0f4d22aab9a8caebcc1eda9a469 (patch) | |
| tree | 0def5e0dbd0f48bec44e43a870b35949802edec5 | |
| parent | 98602d24c64ffafe2c4af150236b72f77709f8de (diff) | |
| download | genenetwork2-bc2300dc769eb0f4d22aab9a8caebcc1eda9a469.tar.gz | |
oauth2: resources: unassign role on resource from user.
| -rw-r--r-- | wqflask/wqflask/oauth2/resources.py | 31 | ||||
| -rw-r--r-- | wqflask/wqflask/templates/oauth2/view-resource.html | 4 |
2 files changed, 34 insertions, 1 deletions
diff --git a/wqflask/wqflask/oauth2/resources.py b/wqflask/wqflask/oauth2/resources.py index e3501835..8f31f7c9 100644 --- a/wqflask/wqflask/oauth2/resources.py +++ b/wqflask/wqflask/oauth2/resources.py @@ -204,6 +204,37 @@ def assign_role(resource_id: uuid.UUID) -> Response: flash(aserr.args[0], "alert-danger") return redirect(url_for("oauth2.resources.view_resource", resource_id=resource_id)) +@resources.route("<uuid:resource_id>/user/unassign", methods=["POST"]) +@require_oauth2 +def unassign_role(resource_id: uuid.UUID) -> Response: + form = request.form + group_role_id = form.get("group_role_id", "") + user_id = form.get("user_id", "") + try: + assert bool(group_role_id), "The role must be provided." + assert bool(user_id), "The user id must be provided." + + def __unassign_error__(error): + err = process_error(error) + flash(f"{err['error']}: {err['error_description']}", "alert-danger") + return redirect(url_for( + "oauth2.resource.view_resource", resource_id=resource_id)) + + def __unassign_success__(success): + flash(success["description"], "alert-success") + return redirect(url_for( + "oauth2.resource.view_resource", resource_id=resource_id)) + + return oauth2_post( + f"oauth2/resource/{resource_id}/user/unassign", + data={ + "group_role_id": group_role_id, + "user_id": user_id + }).either(__unassign_error__, __unassign_success__) + except AssertionError as aserr: + flash(aserr.args[0], "alert-danger") + return redirect(url_for("oauth2.resources.view_resource", resource_id=resource_id)) + @resources.route("/edit/<uuid:resource_id>", methods=["GET"]) @require_oauth2 def edit_resource(resource_id: uuid.UUID): diff --git a/wqflask/wqflask/templates/oauth2/view-resource.html b/wqflask/wqflask/templates/oauth2/view-resource.html index 6563d2fa..14e7872b 100644 --- a/wqflask/wqflask/templates/oauth2/view-resource.html +++ b/wqflask/wqflask/templates/oauth2/view-resource.html @@ -174,7 +174,9 @@ </a> </td> <td> - <form action="#/role/id/unassign/user" action="POST"> + <form action="{{url_for('oauth2.resource.unassign_role', + resource_id=resource.resource_id)}}" + method="POST"> <input type="hidden" name="user_id" value="{{user_row.user.user_id}}" /> <input type="hidden" name="group_role_id" |