Add ability to limit APITokens to a package

This commit is contained in:
rubenwardy
2020-01-24 19:26:00 +00:00
parent 2fa2c3afec
commit 6f1472addb
4 changed files with 41 additions and 1 deletions

View File

@@ -29,6 +29,8 @@ from wtforms.ext.sqlalchemy.fields import QuerySelectField
class CreateAPIToken(FlaskForm):
name = StringField("Name", [InputRequired(), Length(1, 30)])
package = QuerySelectField("Limit to package", allow_blank=True, \
get_pk=lambda a: a.id, get_label=lambda a: a.title)
submit = SubmitField("Save")
@@ -70,6 +72,8 @@ def create_edit_token(username, id=None):
access_token = session.pop("token_" + str(id), None)
form = CreateAPIToken(formdata=request.form, obj=token)
form.package.query_factory = lambda: Package.query.filter_by(author=user).all()
if request.method == "POST" and form.validate():
if is_new:
token = APIToken()