summer/summer/views/user.py

from summer.models import session_scope
from summer.models.auth import User, Role
from summer.models.validation_exception import ValidationError


def save_user(json):
    user = User(json['Name'].strip(), json['Password'], json['LockedOut'])
    with session_scope() as DBSession:
        DBSession.add(user)
        add_roles(user, json['Roles'], session=DBSession)
    return user_info(user.id)


def update_user(json):
    with session_scope() as DBSession:
        user = User.by_id(json['UserID'], session=DBSession)
        if user is None:
            raise ValidationError('User not found')
        has_permission = True
        if has_permission:
            user.name = json['Name'].strip()
            user.locked_out = json['LockedOut']
            add_roles(user, json['Roles'], session=DBSession)

        if json['Password'] != '' and json['Password'] != user.password:
            user.password = json['Password']
    return user_info(user.id)


def show_list():
    with session_scope() as DBSession:
        list = User.list(session=DBSession)
        users = []
        for item in list:
            user = {'UserID': item.id, 'Name': item.name, 'LockedOut': item.locked_out, 'Roles': []}
            for role in item.roles:
                user['Roles'].append(role.name)
            users.append(user)
    return users


def user_info(id):
    with session_scope() as DBSession:
        if id is None:
            account = {'Name': '', 'LockedOut': False, 'Roles': []}
            for item in Role.list(session=DBSession):
                account['Roles'].append({'RoleID': item.id, 'Name': item.name, 'Enabled': False})
            return account

        user = User.by_id(id, session=DBSession)

        has_permission = True
        if has_permission:
            account = {'UserID': user.id, 'Name': user.name, 'Password': '', 'LockedOut': user.locked_out, 'Roles': []}
            for item in Role.list(session=DBSession):
                account['Roles'].append(
                    {'RoleID': item.id, 'Name': item.name, 'Enabled': True if item in user.roles else False})
        # elif self.user.id == user.id:
        elif 1 == 1:
            account = {'UserID': user.id, 'Name': user.name, 'Password': '', 'LockedOut': user.locked_out, 'Roles': []}
        else:
            raise ValidationError("User can only update his/her password")
        return account


def add_roles(user, roles, *, session=None):
    for role in roles:
        id = role['RoleID']
        ur = [r for r in user.roles if r.id == id]
        ur = None if len(ur) == 0 else ur[0]
        if role['Enabled'] and ur is None:
            user.roles.append(Role.by_id(id, session=session))
        elif not role['Enabled'] and ur:
            user.roles.remove(ur)