Mercurial > hg > ltpdarepo
changeset 253:8c966992e7bc
Refactor permissions listing as a Database object property.
author | Daniele Nicolodi <nicolodi@science.unitn.it> |
---|---|
date | Fri, 04 Jan 2013 18:42:20 +0100 |
parents | 00cbec2d663a |
children | b448bb5a6d9f |
files | src/ltpdarepo/database.py src/ltpdarepo/views/databases.py |
diffstat | 2 files changed, 26 insertions(+), 22 deletions(-) [+] |
line wrap: on
line diff
--- a/src/ltpdarepo/database.py Fri Jan 04 18:41:19 2013 +0100 +++ b/src/ltpdarepo/database.py Fri Jan 04 18:42:20 2013 +0100 @@ -15,6 +15,11 @@ from ltpdarepo.form import Form +try: + from collections import OrderedDict +except ImportError: + from ordereddict import OrderedDict + class IDatabase(Form): id = TextField("Id", validators=[validators.Required(), ]) @@ -68,6 +73,26 @@ WHERE db_name=%s""", (self.name, self.description, self.id)) g.db.commit() + @property + def permissions(self): + if not self.id: + return {} + curs = g.db.cursor() + curs.execute("""SELECT username, + IFNULL(Select_priv, 'N'), IFNULL(Insert_priv, 'N'), + IFNULL(Update_priv, 'N'), IFNULL(Delete_priv, 'N') + FROM users + LEFT JOIN mysql.db ON username=User AND Db=%s + ORDER BY username""", (self.id, )) + privs = OrderedDict() + for row in curs.fetchall(): + privs[row[0]] = {'select': row[1] == 'Y', + 'insert': row[2] == 'Y', + 'update': row[3] == 'Y', + 'delete': row[4] == 'Y'} + return privs + + def drop(self): curs = g.db.cursor()
--- a/src/ltpdarepo/views/databases.py Fri Jan 04 18:41:19 2013 +0100 +++ b/src/ltpdarepo/views/databases.py Fri Jan 04 18:42:20 2013 +0100 @@ -11,10 +11,6 @@ from ltpdarepo.security import require from ltpdarepo.database import Database, IDatabase -try: - from collections import OrderedDict -except ImportError: - from ordereddict import OrderedDict app = Blueprint('manage.databases', __name__) @@ -86,23 +82,6 @@ return render_template('databases/drop.html', database=db, form=form) -def _get_permissions(database): - curs = g.db.cursor() - curs.execute("""SELECT username, - IFNULL(Select_priv, 'N'), IFNULL(Insert_priv, 'N'), - IFNULL(Update_priv, 'N'), IFNULL(Delete_priv, 'N') - FROM users - LEFT JOIN mysql.db ON username=User AND Db=%s - ORDER BY username""", (database, )) - privs = OrderedDict() - for row in curs.fetchall(): - privs[row[0]] = {'select': row[1] == 'Y', - 'insert': row[2] == 'Y', - 'update': row[3] == 'Y', - 'delete': row[4] == 'Y'} - return privs - - def _permissions_updates(permissions, formdata): users = permissions.keys() updates = [] @@ -155,7 +134,7 @@ if db is None: # not found abort(404) - permissions = _get_permissions(database) + permissions = db.permissions # use an empty form to have CSRF protection form = Form() if request.method == 'POST' and form.validate():