# HG changeset patch
# User Daniele Nicolodi <daniele@grinta.net>
# Date 1318581287 -7200
# Node ID 18b94c01d497587231c09157d3e8dcf77d2c08f6
# Parent  ab38e8a0eb8dd76c621f1e5231e048ef3ef57f88
Simplify database permissions handling.

diff -r ab38e8a0eb8d -r 18b94c01d497 src/ltpdarepo/templates/databases/permissions.html
--- a/src/ltpdarepo/templates/databases/permissions.html	Fri Oct 14 10:34:33 2011 +0200
+++ b/src/ltpdarepo/templates/databases/permissions.html	Fri Oct 14 10:34:47 2011 +0200
@@ -18,7 +18,6 @@
       <tr>
         <td>
           <a href="{{ url_for('manage.users.view', username=user) }}">{{ user }}</a>
-          <input type="hidden" name="{{ user }}" value="" />
         </td>
         <td><input type="checkbox" name="{{user}}:select" value="Y" {%- if priv['select'] %} checked="checked" {% endif -%} /></td>
         <td><input type="checkbox" name="{{user}}:insert" value="Y" {%- if priv['insert'] %} checked="checked" {% endif -%} /></td>
diff -r ab38e8a0eb8d -r 18b94c01d497 src/ltpdarepo/views/databases.py
--- a/src/ltpdarepo/views/databases.py	Fri Oct 14 10:34:33 2011 +0200
+++ b/src/ltpdarepo/views/databases.py	Fri Oct 14 10:34:47 2011 +0200
@@ -11,7 +11,6 @@
 except ImportError:
     from ordereddict import OrderedDict
 
-
 app = Blueprint('manage.databases', __name__)
 
 
@@ -83,21 +82,19 @@
 
 
 def _get_permissions(database):
-    # this may be probably obtained with some join magic
     curs = g.db.cursor()
-    curs.execute("""SELECT username FROM users ORDER BY username""")
-    users = [row[0] for row in curs.fetchall()]
+    curs.execute("""SELECT username,
+                      IFNULL(Select_priv, 'N'), IFNULL(Insert_priv, 'N'),
+                      IFNULL(Update_priv, 'N'), IFNULL(Delete_priv, 'N')
+                    FROM users
+                    LEFT JOIN mysql.db ON username=User AND Db=%s
+                    ORDER BY username""", (database, ))
     privs = OrderedDict()
-    for user in users:
-        curs.execute("""SELECT Select_priv, Insert_priv, Update_priv, Delete_priv
-                        FROM mysql.db WHERE User=%s AND Db=%s""", (user, database, ))
-        row = curs.fetchone()
-        if row is None:
-            row = ('N', 'N', 'N', 'N')
-        privs[user] = {'select': row[0] == 'Y',
-                       'insert': row[1] == 'Y',
-                       'update': row[2] == 'Y',
-                       'delete': row[3] == 'Y'}
+    for row in curs.fetchall():
+        privs[row[0]] = {'select': row[1] == 'Y',
+                         'insert': row[2] == 'Y',
+                         'update': row[3] == 'Y',
+                         'delete': row[4] == 'Y'}
     return privs
 
 
@@ -105,12 +102,10 @@
     users = permissions.keys()
     updates = []
     for user in users:
-        permissions[user]['modified'] = False
-        if user in formdata:
-            for priv in ('select', 'insert', 'update', 'delete'):
-                value = bool(formdata.get('%s:%s' % (user, priv), False))
-                if permissions[user][priv] != value:
-                    updates.append((user, priv, value))
+        for priv in ('select', 'insert', 'update', 'delete'):
+            value = bool(formdata.get('%s:%s' % (user, priv), False))
+            if permissions[user][priv] != value:
+                updates.append((user, priv, value))
     return updates
 
 
@@ -130,11 +125,11 @@
     db = Database.load(id=database)
     if db is None:
         # not found
-        abort(404)    
+        abort(404)
     permissions = _get_permissions(database)
     # use an empty form to have CSRF protection
     form = Form()
-    if request.method == 'POST' and form.validate():    
+    if request.method == 'POST' and form.validate():
         updates = _permissions_updates(permissions, request.form)
         _update_permissions(database, updates)
         flash('Permissions updated.')