Granting/Updating Permission for Packages (#2)

Co-authored-by: Tim Lorsbach <tim@lorsba.ch>
Reviewed-on: enviPath/enviPy#2

epdb/views.py

@@ -10,7 +10,8 @@ from django.views.decorators.csrf import csrf_exempt
 from utilities.chem import FormatConverter, IndigoUtils
 from .logic import GroupManager, PackageManager, UserManager, SettingManager
 from .models import Package, GroupPackagePermission, Group, CompoundStructure, Compound, Reaction, Rule, Pathway, Node, \
-    EPModel, EnviFormer, MLRelativeReasoning, RuleBaseRelativeReasoning, Scenario, SimpleAmbitRule, APIToken
+    EPModel, EnviFormer, MLRelativeReasoning, RuleBaseRelativeReasoning, Scenario, SimpleAmbitRule, APIToken, \
+    UserPackagePermission, Permission
 
 logger = logging.getLogger(__name__)
 
@@ -512,11 +513,30 @@ def package(request, package_uuid):
         context['breadcrumbs'] = breadcrumbs(current_package)
 
         context['package'] = current_package
-        context['package_group'] = GroupPackagePermission.objects.filter(package=current_package,
-                                                                         permission=GroupPackagePermission.ALL)
+        # context['package_group'] = GroupPackagePermission.objects.filter(package=current_package,
+        #                                                                  permission=GroupPackagePermission.ALL)
+
+        user_perms = UserPackagePermission.objects.filter(package=current_package)
+        users = get_user_model().objects.exclude(
+            id__in=UserPackagePermission.objects.filter(package=current_package).values_list('user_id', flat=True))
+
+        group_perms = GroupPackagePermission.objects.filter(package=current_package)
+        groups = Group.objects.exclude(
+            id__in=GroupPackagePermission.objects.filter(package=current_package).values_list('group_id', flat=True))
+
+        context['users'] = users
+        context['groups'] = groups
+        context['user_permissions'] = user_perms
+        context['group_permissions'] = group_perms
+
         return render(request, 'objects/package.html', context)
 
     elif request.method == 'POST':
+
+        if s.DEBUG:
+            for k, v in request.POST.items():
+                print(k, v)
+
         if hidden := request.POST.get('hidden', None):
             if hidden == 'delete-package':
                 print(current_package.delete())
@@ -527,6 +547,12 @@ def package(request, package_uuid):
         new_package_name = request.POST.get('package-name')
         new_package_description = request.POST.get('package-description')
 
+        grantee_url = request.POST.get('grantee')
+        read = request.POST.get('read') == 'on'
+        write = request.POST.get('write') == 'on'
+        owner = request.POST.get('owner') == 'on'
+
+
         if new_package_name:
             current_package.name = new_package_name
 
@@ -536,6 +562,23 @@ def package(request, package_uuid):
         if any([new_package_name, new_package_description]):
             current_package.save()
             return redirect(current_package.url)
+
+        elif any([grantee_url, read, write, owner]):
+            if 'user' in grantee_url:
+                grantee = UserManager.get_user_lp(grantee_url)
+            else:
+                grantee = GroupManager.get_group_lp(grantee_url)
+
+            max_perm = None
+            if read:
+                max_perm = Permission.READ[0]
+            if write:
+                max_perm = Permission.WRITE[0]
+            if owner:
+                max_perm = Permission.ALL[0]
+
+            PackageManager.update_permissions(current_user, current_package, grantee, max_perm)
+            return redirect(current_package.url)
         else:
             return HttpResponseBadRequest()