diff options
| author | Frederick Muriuki Muriithi | 2024-06-10 15:56:47 -0500 |
|---|---|---|
| committer | Frederick Muriuki Muriithi | 2024-06-10 15:56:47 -0500 |
| commit | 662e9fd85eca97c4fb65a7a3733c5c088c530ea2 (patch) | |
| tree | 4f5f9eb196586ff09d12d49fe4b18301354cbaf8 /gn2/wqflask | |
| parent | fcde5e0d388c00c4f428d01def27907cd58625de (diff) | |
| download | genenetwork2-662e9fd85eca97c4fb65a7a3733c5c088c530ea2.tar.gz | |
Unassign privilege from resource role.
Diffstat (limited to 'gn2/wqflask')
| -rw-r--r-- | gn2/wqflask/oauth2/resources.py | 56 | ||||
| -rw-r--r-- | gn2/wqflask/templates/oauth2/confirm-resource-role-unassign-privilege.html | 34 | ||||
| -rw-r--r-- | gn2/wqflask/templates/oauth2/view-resource-role.html | 7 |
3 files changed, 93 insertions, 4 deletions
diff --git a/gn2/wqflask/oauth2/resources.py b/gn2/wqflask/oauth2/resources.py index 34b11235..9ca057ab 100644 --- a/gn2/wqflask/oauth2/resources.py +++ b/gn2/wqflask/oauth2/resources.py @@ -7,8 +7,12 @@ from . import client from .ui import render_ui as _render_ui from .checks import require_oauth2 from .client import oauth2_get, oauth2_post -from .request_utils import ( - flash_error, flash_success, request_error, process_error) +from .request_utils import (flash_error, + flash_success, + request_error, + process_error, + with_flash_error, + with_flash_success) resources = Blueprint("resource", __name__) @@ -331,3 +335,51 @@ def view_resource_role(resource_id: UUID, role_id: UUID): lambda error: __render_template__( resource_error=process_error(error)), lambda resource: __fetch_resource_role__(resource=resource)) + +@resources.route("/<uuid:resource_id>/role/<uuid:role_id>/unassign-privilege", + methods=["GET", "POST"]) +@require_oauth2 +def unassign_privilege_from_resource_role(resource_id: UUID, role_id: UUID): + """Remove a privilege from a resource role.""" + form = request.form + returnto = redirect(url_for("oauth2.resource.view_resource_role", + resource_id=resource_id, + role_id=role_id)) + privilege_id = (request.args.get("privilege_id") + or form.get("privilege_id")) + if not privilege_id: + flash("You need to specify a privilege to unassign.", "alert-danger") + return returnto + + if request.method=="POST" and form.get("confirm") == "Unassign": + return oauth2_post( + f"auth/resource/{resource_id}/role/{role_id}/unassign-privilege", + json={ + "privilege_id": form["privilege_id"] + }).either(with_flash_error(returnto), with_flash_success(returnto)) + + if form.get("confirm") == "Cancel": + flash("Cancelled the operation to unassign the privilege.", + "alert-info") + return returnto + + def __fetch_privilege__(resource, role): + return oauth2_get( + f"auth/privileges/{privilege_id}/view").either( + with_flash_error(returnto), + lambda privilege: render_ui( + "oauth2/confirm-resource-role-unassign-privilege.html", + resource=resource, + role=role, + privilege=privilege)) + + def __fetch_resource_role__(resource): + return oauth2_get( + f"auth/resource/{resource_id}/role/{role_id}").either( + with_flash_error(returnto), + lambda role: __fetch_privilege__(resource, role)) + + return oauth2_get( + f"auth/resource/view/{resource_id}").either( + with_flash_error(returnto), + __fetch_resource_role__) diff --git a/gn2/wqflask/templates/oauth2/confirm-resource-role-unassign-privilege.html b/gn2/wqflask/templates/oauth2/confirm-resource-role-unassign-privilege.html new file mode 100644 index 00000000..988cf3b4 --- /dev/null +++ b/gn2/wqflask/templates/oauth2/confirm-resource-role-unassign-privilege.html @@ -0,0 +1,34 @@ +{%extends "base.html"%} +{%from "oauth2/profile_nav.html" import profile_nav%} +{%from "oauth2/display_error.html" import display_error%} +{%block title%}View User{%endblock%} +{%block content%} +<div class="container"> + {{profile_nav(uipages, user_privileges)}} + {{flash_me()}} + + <form id="frm_confirm_resource_role_unassign_privilege" + method="POST" + action="{{url_for('oauth2.resource.unassign_privilege_from_resource_role', + resource_id=resource.resource_id, + role_id=role.role_id)}}"> + <p> + Are you sure you want to unassign the privilege to + '{{privilege.privilege_description}}' from the role '{{role.role_name}}' + on resource '{{resource.resource_name}}'?</p> + <input type="hidden" + name="privilege_id" + value="{{privilege.privilege_id}}" /> + + <input type="submit" + name="confirm" + value="Cancel" + class="btn btn-success" /> + + <input type="submit" + name="confirm" + value="Unassign" + class="btn btn-danger" /> + </form> +</div> +{%endblock%} diff --git a/gn2/wqflask/templates/oauth2/view-resource-role.html b/gn2/wqflask/templates/oauth2/view-resource-role.html index 05df41d6..a1aa8676 100644 --- a/gn2/wqflask/templates/oauth2/view-resource-role.html +++ b/gn2/wqflask/templates/oauth2/view-resource-role.html @@ -5,8 +5,10 @@ {%block content%} {%macro unassign_button(resource_id, role_id, privilege_id)%} -<form method="POST" - action="#" +<form method="GET" + action="{{url_for('oauth2.resource.unassign_privilege_from_resource_role', + resource_id=resource_id, + role_id=role_id)}}" id="frm_unlink_privilege_{{privilege_id}}"> <input type="hidden" name="resource_id" value="{{resource_id}}" /> <input type="hidden" name="role_id" value="{{role_id}}" /> @@ -17,6 +19,7 @@ <div class="container"> {{profile_nav(uipages, user_privileges)}} + {{flash_me()}} {%if resource_error is defined%} {{display_error("Resource", resource_error)}} {%else%} |