Permissions sharing

applications/server/controllers/default.py

@@ -65,6 +65,7 @@ def new_device():
     device = db.device[request.args(0)]
     db.device.user_email.readable = False
     form = SQLFORM(db.device, record=device, readonly=True)
+    access.add_permission(user_email=auth.user.email, perm_type='a', device_id=device.device_id)
     if form.process().accepted:
         session.flash = T(form.vars.name + ' added!')
         redirect(URL('default', 'manage', vars=dict(device=device.id)))
@@ -225,12 +226,76 @@ def call():
 
 @auth.requires_login()
 def share():
-    val1 = request.vars['device_id']
-    if val1 is not None:
-        val = db(db.device.id == val1).select()[0].name
-        response.device_name = val
+    """"This allows us to edit permissions for a device"""
+    id = request.vars['device_id']
+    device_id = str(db((db.device.id == id)).select().first().device_id)
 
-    return dict()
+    procedure_id = request.vars['procedure_id']
+    # validate them: user has to be manager.
+    if not access.can_share_procedure(auth.user.email, device_id, procedure_id):
+        raise HTTP(403)
+    # Gets list of users who can view.
+    user_list = db((db.user_permission.device_id == device_id)&(db.user_permission.procedure_id == procedure_id)).select()
+    user_emails = [u.perm_user_email for u in filter(lambda x: x.perm_type=='v', user_list)]
+    # Let's get a nice form for editing this.
+    form = SQLFORM.factory(
+        Field('users', 'list:string', requires=IS_LIST_OF(IS_EMAIL(error_message='must be email!') and IS_IN_DB(db, db.auth_user.email,'%(email)s')), default=user_emails)
+    )
+    if form.process(formname='form').accepted:
+        new_users = set(form.vars.users) if type(form.vars.users) == type([]) else set([form.vars.users])
+        old_users = set(user_emails)
+        # Delete old permissions of users who can no longer access.
+        for u in old_users - new_users:
+            if u != '':
+                access.delete_permission(device_id=device_id,user_email=u,procedure_id=procedure_id)
+        # Add permissions of users who can newly access.
+        for u in new_users - old_users:
+            if u != '':
+                access.add_permission(device_id,u,'v',procedure_id=procedure_id)
+        redirect(URL('default', 'share', vars={'device_id' : id, 'procedure_id': procedure_id}))
+    """"This allows us to edit permissions for a device.  We imagine we deal only
+    with the view permission here."""
+    # Gets list of users who can view.
+    user_emails_2 = [u.perm_user_email for u in filter(lambda x: x.perm_type=='e', user_list)]
+    # Let's get a nice form for editing this.
+    form2 = SQLFORM.factory(
+        Field('users', 'list:string', requires=IS_LIST_OF(IS_EMAIL(error_message='must be email!') and IS_IN_DB(db, db.auth_user.email,'%(email)s')), default=user_emails_2)
+    )
+    if form2.process(formname='form2').accepted:
+        new_users = set(form2.vars.users) if type(form2.vars.users) == type([]) else set([form2.vars.users])
+        old_users = set(user_emails_2)
+        # Delete old permissions of users who can no longer access.
+        for u in old_users - new_users:
+            if u != '':
+                access.delete_permission(device_id=device_id,user_email=u,procedure_id=procedure_id)
+        # Add permissions of users who can newly access.
+        for u in new_users - old_users:
+            if u != '':
+                access.add_permission(device_id,u,'e',procedure_id=procedure_id)
+        redirect(URL('default', 'share', vars={'device_id' : id, 'procedure_id': procedure_id}))
+
+    user_emails_3 = [u.perm_user_email for u in filter(lambda x: x.perm_type == 'a', user_list)]
+    # Let's get a nice form for editing this.
+    form3 = SQLFORM.factory(
+        Field('users', 'list:string', requires=IS_LIST_OF(
+            IS_EMAIL(error_message='must be email!') and IS_IN_DB(db, db.auth_user.email, '%(email)s')),
+              default=user_emails_3)
+    )
+    if form3.process(formname='form3').accepted:
+        new_users = set(form3.vars.users) if type(form3.vars.users) == type([]) else set([form3.vars.users])
+        old_users = set(user_emails_3)
+        # Delete old permissions of users who can no longer access.
+        for u in old_users - new_users:
+            if u != '':
+                access.delete_permission(device_id=device_id, user_email=u, procedure_id=procedure_id)
+        # Add permissions of users who can newly access.
+        for u in new_users - old_users:
+            if u != '':
+                access.add_permission(device_id, u, 'a', procedure_id=procedure_id)
+        redirect(URL('default', 'share', vars={'device_id': id,'procedure_id': procedure_id}))
+
+
+    return dict(form=form,form2=form2,form3=form3)
 
 
 """

applications/server/controllers/edit_permission.py

@@ -15,7 +15,7 @@ def edit_view():
     user_emails = [u.perm_user_email for u in filter(lambda x: x.perm_type=='v', user_list)]
     # Let's get a nice form for editing this.
     form = SQLFORM.factory(
-        Field('users', 'list:string', requires=IS_LIST_OF(IS_EMAIL(error_message='must be email!')), default=user_emails)
+        Field('users', 'list:string', requires=IS_LIST_OF(IS_EMAIL(error_message='must be email!') and IS_IN_DB(db, db.auth_user.email,'%(email)s')), default=user_emails)
     )
     if form.process().accepted:
         new_users = set(form.vars.users) if type(form.vars.users) == type([]) else set([form.vars.users])

applications/server/views/default/share.html

@@ -1,65 +1,13 @@
 {{extend 'new_layout.html'}}
-
-        <!-- The javascript =============================== -->
-<script src="/server/static/js/ractive.min.js"></script>
-<script src="/server/static/js/jquery-1.12.4.js"></script>
-
-<div>
-    <body>
-    <h3>Enter the email address of the user to share</h3>
-        <form>
-  User email:
-  <input type="text" name="user_email">
-  <br>
-</form>
-    </body>
+<div id="edit_form" class="col-sm-10 col-md-10">
+    <h1 align="center">Manage view permission</h1>
+    {{=form}}
+</div>
+<div id="edit_form" class="col-sm-10 col-md-10">
+    <h1 align="center">Manage edit permission</h1>
+    {{=form2}}
+</div>
+<div id="edit_form" class="col-sm-10 col-md-10">
+    <h1 align="center">Manage admin permission</h1>
+    {{=form3}}
 </div>
-
-
-<br>
-<br>
-<h3>Select the device to share</h3>
-<div class="collapse navbar-collapse white-col" id="bs-example-navbar-collapse-1">
-          <ul class="nav navbar-nav">
-            <li class="dropdown">
-              <a href="#" class="dropdown-toggle" data-toggle="dropdown" role="button" aria-haspopup="true" aria-expanded="false">Devices <span class="caret"></span></a>
-              <ul class="dropdown-menu">
-                <div id="share_target"></div>
-                <script id="share_template" type="text/ractive">
-                    {% #each device_dict:device_id %}
-                        <li><a href="#">{% name %}</a></li>
-                    {% /each %}
-                </script>
-              </ul>
-            </li>
-              </ul>
-            </div>
-<br>
-<br>
-{{=A(T('Share'), _class='btn btn-success', _href=URL('default', 'index'))}}
-
-
-<script>
-    $(function() {
-        // Ractive object
-        var ractive3 = new Ractive({
-            el: '#share_target',
-            template: '#share_template',
-            delimiters: ['{%', '%}'],
-            tripleDelimiters: ['{%%', '%%}'],
-            data: {
-                device_dict: {}
-            }
-        });
-
-        $.ajax({
-            'url': 'default/load_devices',
-            'type': 'post',
-            'dataType': 'json',
-            'data': {},
-            'success': function (data) {
-                ractive3.set('device_dict', data['device_dict']);
-            }
-        });
-    });
-</script>

applications/server/views/new_layout.html

@@ -136,8 +136,22 @@
                       </ul>
                     </li>
                 {{pass}}
-                <!-- Sharing page -->
-                <li class="social {% #if ptype_share %} active {% /if %}"><a href="{{=URL('default', 'share')}}/{% device_id %}"><i class="fa fa-lg fa-share-alt"></i></a></li>
+                <!-- Dropdown for sharing page -->
+                {{if request.vars['device_id'] is None: }}
+                    <li class="social {% #if ptype_share %} active {% /if %}"><a href="#" on-click="alert"><i class="fa fa-lg fa-pencil-square-o"></i></a></li>
+                {{else:}}
+                    <li class="dropdown {% #if ptype_share %} active {% /if %}">
+                      <a href="#" class="dropdown-toggle" data-toggle="dropdown" role="button" aria-haspopup="true" aria-expanded="false">
+                        <i class="fa fa-lg fa-share-alt"></i></a>
+                      <ul class="dropdown-menu">
+                            <li><a href="{{=URL('default', 'share')}}/?device_id={{=request.vars['device_id']}}"><i class="fa fa-lg fa-share-alt" aria-hidden="true"></i>Generic Permissions</a></li>
+                            <li role="separator" class="divider"></li>
+                            {% #each procedure_dict:num %}
+                                 <li><a href="{{=URL('default', 'share')}}?device_id={{=request.vars['device_id']}}&procedure_id={% id %}">{% name %}</a></li>
+                            {% /each %}
+                      </ul>
+                    </li>
+                {{pass}}
                 <!-- Settings page -->
                 <li class="social {% #if ptype_set %} active {% /if %}"><a href="#"><i class="fa fa-lg fa-cog"></i></a></li>
               </ul>