- mapping_to_remove = {"project": project, "role": role}
- update_user["project_role_mappings"] = [mapping for mapping
- in update_user["project_role_mappings"]
- if mapping != mapping_to_remove]
-
- if not user["password"] and not user["set-project"] and not user["remove-project"] \
- and not user["add-project-role"] and not user["remove-project-role"]:
- raise ClientException("At least one parameter should be defined.")
-
- http_code, resp = self._http.put_cmd(endpoint='{}/{}'.format(self._apiBase,myuser['_id']),
- postfields_dict=update_user)
- #print('HTTP CODE: {}'.format(http_code))
- #print('RESP: {}'.format(resp))
- if http_code in (200, 201, 202, 204):
+ mapping = {"project": project, "role": role}
+ update_user["remove_project_role_mappings"].append(mapping)
+
+ if user.get("unlock"):
+ if token_info.get("admin_show"):
+ update_user["unlock"] = user["unlock"]
+ update_user["system_admin_id"] = token_info.get("user_id")
+ else:
+ raise ClientException(
+ "{} does not have privilege to unlock {}".format(
+ token_info.get("username"), myuser.get("username")
+ )
+ )
+
+ if user.get("renew"):
+ if token_info.get("admin_show"):
+ update_user["renew"] = user["renew"]
+ update_user["system_admin_id"] = token_info.get("user_id")
+ else:
+ raise ClientException(
+ "{} does not have privilege to renew {}".format(
+ token_info.get("username"), myuser.get("username")
+ )
+ )
+
+ if not update_user["remove_project_role_mappings"]:
+ del update_user["remove_project_role_mappings"]
+ if not update_user["add_project_role_mappings"]:
+ del update_user["add_project_role_mappings"]
+ if not update_user:
+ raise ClientException("At least something should be changed.")
+
+ http_code, resp = self._http.patch_cmd(
+ endpoint="{}/{}".format(self._apiBase, myuser["_id"]),
+ postfields_dict=update_user,
+ skip_query_admin=True,
+ )
+ # print('HTTP CODE: {}'.format(http_code))
+ # print('RESP: {}'.format(resp))
+ if http_code in (200, 201, 202):