exclude guest when editing user roles

2012-11-12 22:53:27 -08:00 · 2012-11-12 22:53:27 -08:00 · c2339ba124
commit c2339ba124
parent c79d6de56d
1 changed files with 20 additions and 18 deletions
--- a/edbob/pyramid/views/users.py
+++ b/edbob/pyramid/views/users.py
@ -26,13 +26,14 @@
 ``edbob.pyramid.views.users`` -- User Views
 """

-from webhelpers.html import literal, tags
+from webhelpers.html import tags
+from webhelpers.html.builder import HTML

 import formalchemy
 from formalchemy.fields import SelectFieldRenderer

 import edbob
-from edbob.db.auth import set_user_password
+from edbob.db import auth
 from edbob.pyramid import Session
 from edbob.pyramid.views import SearchableAlchemyGridView, CrudView

@ -86,22 +87,22 @@ class UsersGrid(SearchableAlchemyGridView):
        return g


-class _RolesFieldRenderer(SelectFieldRenderer):
+def RolesFieldRenderer(request):
+
+    class RolesFieldRenderer(SelectFieldRenderer):

        def render_readonly(self, **kwargs):
            roles = Session.query(edbob.Role)
-        res = literal('<ul>')
+            html = ''
            for uuid in self.value:
                role = roles.get(uuid)
-            res += literal('<li>%s</li>' % (
-                    tags.link_to(role.name,
-                                 self.request.route_url('role.read', uuid=role.uuid))))
-        res += literal('</ul>')
-        return res
+                link = tags.link_to(
+                    role.name, request.route_url('role.read', uuid=role.uuid))
+                html += HTML.tag('li', c=link)
+            html = HTML.tag('ul', c=html)
+            return html

-
-def RolesFieldRenderer(request):
-    return type('RolesFieldRenderer', (_RolesFieldRenderer,), {'request': request})
+    return RolesFieldRenderer


 class RolesField(formalchemy.Field):
@ -117,6 +118,7 @@ class RolesField(formalchemy.Field):

    def get_options(self):
        q = Session.query(edbob.Role.name, edbob.Role.uuid)
+        q = q.filter(edbob.Role.uuid != auth.guest_role(Session()).uuid)
        q = q.order_by(edbob.Role.name)
        return q.all()

@ -180,7 +182,7 @@ class PasswordField(formalchemy.Field):
        if not self.is_readonly():
            password = self.renderer.deserialize()
            if password:
-                set_user_password(self.model, password)
+                auth.set_user_password(self.model, password)


 class UserCrud(CrudView):