+ indata = self._validate_input_edit(indata, content, force=session["force"])
+ content = self.check_conflict_on_edit(session, content, indata, _id=_id)
+ # self.format_on_edit(content, indata)
+
+ if not (
+ "password" in indata
+ or "username" in indata
+ or indata.get("remove_project_role_mappings")
+ or indata.get("add_project_role_mappings")
+ or indata.get("project_role_mappings")
+ or indata.get("projects")
+ or indata.get("add_projects")
+ ):
+ return _id
+ if indata.get("project_role_mappings") and (
+ indata.get("remove_project_role_mappings")
+ or indata.get("add_project_role_mappings")
+ ):
+ raise EngineException(
+ "Option 'project_role_mappings' is incompatible with 'add_project_role_mappings"
+ "' or 'remove_project_role_mappings'",
+ http_code=HTTPStatus.BAD_REQUEST,
+ )
+
+ if indata.get("projects") or indata.get("add_projects"):
+ role = self.auth.get_role_list({"name": "project_admin"})
+ if not role:
+ role = self.auth.get_role_list()
+ if not role:
+ raise AuthconnNotFoundException(
+ "Can't find a default role for user '{}'".format(
+ content["username"]
+ )
+ )
+ rid = role[0]["_id"]
+ if "add_project_role_mappings" not in indata:
+ indata["add_project_role_mappings"] = []
+ if "remove_project_role_mappings" not in indata:
+ indata["remove_project_role_mappings"] = []
+ if isinstance(indata.get("projects"), dict):
+ # backward compatible
+ for k, v in indata["projects"].items():
+ if k.startswith("$") and v is None:
+ indata["remove_project_role_mappings"].append(
+ {"project": k[1:]}
+ )
+ elif k.startswith("$+"):
+ indata["add_project_role_mappings"].append(
+ {"project": v, "role": rid}
+ )
+ del indata["projects"]
+ for proj in indata.get("projects", []) + indata.get("add_projects", []):
+ indata["add_project_role_mappings"].append(
+ {"project": proj, "role": rid}
+ )