X-Git-Url: https://osm.etsi.org/gitweb/?a=blobdiff_plain;f=osmclient%2Fsol005%2Frole.py;h=01f3bc3c54130424c01e38fc95d9977d934dabce;hb=0eefdebca0e3eefaf207bc22bebf5128a7b7717a;hp=3c8d36e04c5229b99c8dcf8d13f5d9d56e74dee2;hpb=a63fb3c6887ecf8221e868e0c8d39d51319ea085;p=osm%2Fosmclient.git diff --git a/osmclient/sol005/role.py b/osmclient/sol005/role.py index 3c8d36e..01f3bc3 100644 --- a/osmclient/sol005/role.py +++ b/osmclient/sol005/role.py @@ -37,28 +37,29 @@ class Role(object): self._apiBase = '{}{}{}'.format(self._apiName, self._apiVersion, self._apiResource) - def create(self, name, definition): + def create(self, name, permissions): """ Creates a new OSM role. :param name: name of the role. - :param definition: definition of the role in YAML. + :param permissions: permissions of the role in YAML. :raises ClientException: when receives an unexpected from the server. :raises ClientException: when fails creating a role. """ + self._client.get_token() role = {"name": name} - if definition: - role_definition = yaml.load(definition) + if permissions: + role_permissions = yaml.safe_load(permissions) - if not isinstance(role_definition, dict): - raise ClientException('Role definition should be provided in a key-value fashion') + if not isinstance(role_permissions, dict): + raise ClientException('Role permissions should be provided in a key-value fashion') - for key, value in role_definition.items(): + for key, value in role_permissions.items(): if not isinstance(value, bool): - raise ClientException('Value in a role definition should be boolean') + raise ClientException("Value of '{}' in a role permissions should be boolean".format(key)) - role[key] = value + role["permissions"] = role_permissions http_code, resp = self._http.post_cmd(endpoint=self._apiBase, postfields_dict=role) @@ -80,47 +81,45 @@ class Role(object): msg = resp raise ClientException("Failed to create role {} - {}".format(name, msg)) - def update(self, name, definition=None, add=None, remove=None): + def update(self, name, new_name, permissions, add=None, remove=None): """ Updates an OSM role identified by name. NOTE: definition and add/remove are mutually exclusive. :param name: name of the role - :param definition: if provided, overwrites the existing role specification. + :param set_name: if provided, change the name. + :param permissions: if provided, overwrites the existing role specification. NOT IMPLEMENTED :param add: if provided, adds new rules to the definition. :param remove: if provided, removes rules from the definition. :raises ClientException: when receives an unexpected response from the server. :raises ClientException: when fails updating a role. """ - if definition is None and add is None and remove is None: + self._client.get_token() + if new_name is None and permissions is None and add is None and remove is None: raise ClientException('At least one option should be provided') - elif definition and (add or remove): - raise ClientException('Definition and add/remove are mutually exclusive') + elif permissions and (add or remove): + raise ClientException('permissions and add/remove are mutually exclusive') role_obj = self.get(name) - new_role_obj = { - "_id": role_obj["_id"], - "name": role_obj["name"] - } + new_role_obj = {"permissions": {}} + if new_name: + new_role_obj["name"] = new_name - if definition: - role_definition = yaml.load(definition) + if permissions: + role_definition = yaml.safe_load(permissions) if not isinstance(role_definition, dict): - raise ClientException('Role definition should be provided in a key-value fashion') + raise ClientException('Role permissions should be provided in a key-value fashion') for key, value in role_definition.items(): - if not isinstance(value, bool): - raise ClientException('Value in a role definition should be boolean') + if not isinstance(value, bool) and value is not None: + raise ClientException('Value in a role permissions should be boolean or None to remove') - new_role_obj[key] = value + new_role_obj["permissions"] = role_definition else: - ignore_fields = ["_id", "_admin", "name"] - keys_from_dict = [key for key in role_obj.keys() if key not in ignore_fields] - if remove: - keys_from_remove = yaml.load(remove) + keys_from_remove = yaml.safe_load(remove) if not isinstance(keys_from_remove, list): raise ClientException('Keys should be provided in a list fashion') @@ -128,35 +127,35 @@ class Role(object): for key in keys_from_remove: if not isinstance(key, str): raise ClientException('Individual keys should be strings') - - keys_from_dict = [key for key in keys_from_dict if key not in keys_from_remove] - - for key in keys_from_dict: - new_role_obj[key] = role_obj[key] + new_role_obj["permissions"][key] = None if add: - add_roles = yaml.load(definition) + add_roles = yaml.safe_load(add) if not isinstance(add_roles, dict): raise ClientException('Add should be provided in a key-value fashion') for key, value in add_roles.items(): if not isinstance(value, bool): - raise ClientException('Value in a role definition should be boolean') + raise ClientException("Value '{}' in a role permissions should be boolean".format(key)) - new_role_obj[key] = value + new_role_obj["permissions"][key] = value + if not new_role_obj["permissions"]: + del new_role_obj["permissions"] - http_code, resp = self._http.put_cmd(endpoint='{}/{}'.format(self._apiBase, role_obj['_id']), + http_code, resp = self._http.patch_cmd(endpoint='{}/{}'.format(self._apiBase, role_obj['_id']), postfields_dict=new_role_obj) # print('HTTP CODE: {}'.format(http_code)) # print('RESP: {}'.format(resp)) - if http_code in (200, 201, 202, 204): + if http_code in (200, 201, 202): if resp: resp = json.loads(resp) if not resp or 'id' not in resp: raise ClientException('Unexpected response from server - {}'.format( resp)) print(resp['id']) + elif http_code == 204: + print("Updated") else: msg = "" if resp: @@ -174,6 +173,7 @@ class Role(object): :param force: :raises ClientException: when fails to delete a role. """ + self._client.get_token() role = self.get(name) querystring = '' if force: @@ -204,6 +204,7 @@ class Role(object): :param filter: :returns: """ + self._client.get_token() filter_string = '' if filter: filter_string = '?{}'.format(filter) @@ -221,6 +222,7 @@ class Role(object): :raises NotFound: when the role is not found. :returns: the specified role. """ + self._client.get_token() if utils.validate_uuid4(name): for role in self.list(): if name == role['_id']: