74 lines
2.7 KiB
Python
74 lines
2.7 KiB
Python
from summer.models import session_scope
|
|
from summer.models.auth import User, Role
|
|
from summer.models.validation_exception import ValidationError
|
|
|
|
|
|
def save_user(json):
|
|
user = User(json['Name'].strip(), json['Password'], json['LockedOut'])
|
|
with session_scope() as DBSession:
|
|
DBSession.add(user)
|
|
add_roles(user, json['Roles'], session=DBSession)
|
|
return user_info(user.id)
|
|
|
|
|
|
def update_user(json):
|
|
with session_scope() as DBSession:
|
|
user = User.by_id(json['UserID'], session=DBSession)
|
|
if user is None:
|
|
raise ValidationError('User not found')
|
|
has_permission = True
|
|
if has_permission:
|
|
user.name = json['Name'].strip()
|
|
user.locked_out = json['LockedOut']
|
|
add_roles(user, json['Roles'], session=DBSession)
|
|
|
|
if json['Password'] != '' and json['Password'] != user.password:
|
|
user.password = json['Password']
|
|
return user_info(user.id)
|
|
|
|
|
|
def show_list():
|
|
with session_scope() as DBSession:
|
|
list = User.list(session=DBSession)
|
|
users = []
|
|
for item in list:
|
|
user = {'UserID': item.id, 'Name': item.name, 'LockedOut': item.locked_out, 'Roles': []}
|
|
for role in item.roles:
|
|
user['Roles'].append(role.name)
|
|
users.append(user)
|
|
return users
|
|
|
|
|
|
def user_info(id):
|
|
with session_scope() as DBSession:
|
|
if id is None:
|
|
account = {'Name': '', 'LockedOut': False, 'Roles': []}
|
|
for item in Role.list(session=DBSession):
|
|
account['Roles'].append({'RoleID': item.id, 'Name': item.name, 'Enabled': False})
|
|
return account
|
|
|
|
user = User.by_id(id, session=DBSession)
|
|
|
|
has_permission = True
|
|
if has_permission:
|
|
account = {'UserID': user.id, 'Name': user.name, 'Password': '', 'LockedOut': user.locked_out, 'Roles': []}
|
|
for item in Role.list(session=DBSession):
|
|
account['Roles'].append(
|
|
{'RoleID': item.id, 'Name': item.name, 'Enabled': True if item in user.roles else False})
|
|
# elif self.user.id == user.id:
|
|
elif 1 == 1:
|
|
account = {'UserID': user.id, 'Name': user.name, 'Password': '', 'LockedOut': user.locked_out, 'Roles': []}
|
|
else:
|
|
raise ValidationError("User can only update his/her password")
|
|
return account
|
|
|
|
|
|
def add_roles(user, roles, *, session=None):
|
|
for role in roles:
|
|
id = role['RoleID']
|
|
ur = [r for r in user.roles if r.id == id]
|
|
ur = None if len(ur) == 0 else ur[0]
|
|
if role['Enabled'] and ur is None:
|
|
user.roles.append(Role.by_id(id, session=session))
|
|
elif not role['Enabled'] and ur:
|
|
user.roles.remove(ur) |