101 lines
3.5 KiB
Python
101 lines
3.5 KiB
Python
import uuid
|
|
import pkg_resources
|
|
|
|
from pyramid.response import Response, FileResponse
|
|
from pyramid.view import view_config
|
|
import transaction
|
|
from soter.models import DBSession
|
|
from soter.models.auth import Role, Permission
|
|
from soter.models.validation_exception import ValidationError, TryCatchFunction
|
|
|
|
@view_config(route_name='role_list', permission='Users')
|
|
@view_config(request_method='GET', route_name='role_id', permission='Users')
|
|
@view_config(request_method='GET', route_name='role', permission='Users')
|
|
def html(request):
|
|
package, resource = 'brewman:static/base.html'.split(':', 1)
|
|
file = pkg_resources.resource_filename(package, resource)
|
|
return FileResponse(file, request=request)
|
|
|
|
|
|
@view_config(request_method='POST', route_name='api_role', renderer='json', permission='Users')
|
|
@TryCatchFunction
|
|
def save(request):
|
|
role = Role(request.json_body['Name'])
|
|
DBSession.add(role)
|
|
add_permissions(role, request.json_body['Permissions'])
|
|
transaction.commit()
|
|
return role_info(role.id)
|
|
|
|
|
|
@view_config(request_method='POST', route_name='api_role_id', renderer='json', permission='Users')
|
|
@TryCatchFunction
|
|
def update(request):
|
|
id = request.matchdict.get('id', None)
|
|
role = Role.by_id(uuid.UUID(id))
|
|
role.name = request.json_body['Name']
|
|
add_permissions(role, request.json_body['Permissions'])
|
|
transaction.commit()
|
|
return role_info(role.id)
|
|
|
|
|
|
def add_permissions(role, permissions):
|
|
for permission in permissions:
|
|
id = uuid.UUID(permission['PermissionID'])
|
|
gp = [p for p in role.permissions if p.id == id]
|
|
gp = None if len(gp) == 0 else gp[0]
|
|
if permission['Enabled'] and gp is None:
|
|
role.permissions.append(Permission.by_id(id))
|
|
elif not permission['Enabled'] and gp:
|
|
role.permissions.remove(gp)
|
|
|
|
|
|
@view_config(request_method='DELETE', route_name='api_role_id', renderer='json', permission='Users')
|
|
def delete(request):
|
|
id = request.matchdict.get('id', None)
|
|
if id is None:
|
|
response = Response("Role is Null")
|
|
response.status_int = 500
|
|
return response
|
|
else:
|
|
response = Response("Role deletion not implemented")
|
|
response.status_int = 500
|
|
return response
|
|
|
|
|
|
@view_config(request_method='GET', route_name='api_role_id', renderer='json', permission='Users')
|
|
def show_id(request):
|
|
return role_info(uuid.UUID(request.matchdict.get('id', None)))
|
|
|
|
|
|
@view_config(request_method='GET', route_name='api_role', renderer='json', permission='Users')
|
|
def show_blank(request):
|
|
return role_info(None)
|
|
|
|
|
|
@view_config(request_method='GET', route_name='api_role', renderer='json', request_param='list', permission='Users')
|
|
def show_list(request):
|
|
list = Role.list()
|
|
roles = []
|
|
for item in list:
|
|
role = {'Name': item.name, 'Permissions': [], 'Url': request.route_url('role_id', id=item.id)}
|
|
for permission in item.permissions:
|
|
role['Permissions'].append(permission.name)
|
|
roles.append(role)
|
|
return roles
|
|
|
|
|
|
def role_info(id):
|
|
if id is None:
|
|
role = {'Name': '', 'Permissions': []}
|
|
for item in Permission.list():
|
|
role['Permissions'].append({'PermissionID': item.id, 'Name': item.name, 'Enabled': False})
|
|
else:
|
|
role_object = Role.by_id(id)
|
|
role = {'RoleID': role_object.id, 'Name': role_object.name, 'Permissions': []}
|
|
for item in Permission.list():
|
|
role['Permissions'].append(
|
|
{'PermissionID': item.id, 'Name': item.name, 'Enabled': True if item in role_object.permissions else False})
|
|
return role
|
|
|
|
|