self.format_on_new(content, session["project_id"], make_public=session["public"])
_id = self.auth.create_user(content["username"], content["password"])["_id"]
- for mapping in content["project_role_mappings"]:
- self.auth.assign_role_to_user(_id, mapping["project"], mapping["role"])
+ if "project_role_mappings" in content.keys():
+ for mapping in content["project_role_mappings"]:
+ self.auth.assign_role_to_user(_id, mapping["project"], mapping["role"])
rollback.append({"topic": self.topic, "_id": _id})
del content["password"]
:param db_content: The database content of this item _id
:return: None if ok or raises EngineException with the conflict
"""
- projects = self.auth.get_project_list()
- current_project = [project for project in projects
- if project["name"] == session["project_id"]][0]
+ # projects = self.auth.get_project_list()
+ # current_project = [project for project in projects
+ # if project["name"] in session["project_id"]][0]
- if _id == current_project["_id"]:
+ if _id == session["project_id"]:
raise EngineException("You cannot delete your own project", http_code=HTTPStatus.CONFLICT)
def new(self, rollback, session, indata=None, kwargs=None, headers=None):
return v
return None
+ def edit(self, session, _id, indata=None, kwargs=None, content=None):
+ """
+ Updates a project entry.
+
+ :param session: contains "username", "admin", "force", "public", "project_id", "set_project"
+ :param _id:
+ :param indata: data to be inserted
+ :param kwargs: used to override the indata descriptor
+ :param content:
+ :return: _id: identity of the inserted data.
+ """
+ indata = self._remove_envelop(indata)
+
+ # Override descriptor with query string kwargs
+ if kwargs:
+ BaseTopic._update_input_with_kwargs(indata, kwargs)
+ try:
+ indata = self._validate_input_edit(indata, force=session["force"])
+
+ if not content:
+ content = self.show(session, _id)
+ self.check_conflict_on_edit(session, content, indata, _id=_id)
+ self.format_on_edit(content, indata)
+
+ if "name" in indata:
+ self.auth.update_project(content["_id"], indata["name"])
+ except ValidationError as e:
+ raise EngineException(e, HTTPStatus.UNPROCESSABLE_ENTITY)
+
class RoleTopicAuth(BaseTopic):
topic = "roles_operations"
for role_def in role_definitions.keys():
if role_def in ignore_fields:
continue
- if role_def == ".":
+ if role_def == "root":
if isinstance(role_definitions[role_def], bool):
continue
else:
raise ValidationError("Operation authorization \".\" should be True/False.")
- if role_def[-1] == ".":
+ if role_def[-1] == ":":
raise ValidationError("Operation cannot end with \".\"")
-
+
role_def_matches = [op for op in operations if op.startswith(role_def)]
if len(role_def_matches) == 0:
"""
roles = self.auth.get_role_list()
system_admin_role = [role for role in roles
- if roles["name"] == "system_admin"][0]
+ if role["name"] == "system_admin"][0]
if _id == system_admin_role["_id"]:
raise EngineException("You cannot edit system_admin role", http_code=HTTPStatus.FORBIDDEN)
"""
roles = self.auth.get_role_list()
system_admin_role = [role for role in roles
- if roles["name"] == "system_admin"][0]
+ if role["name"] == "system_admin"][0]
if _id == system_admin_role["_id"]:
raise EngineException("You cannot delete system_admin role", http_code=HTTPStatus.FORBIDDEN)
projects / osm / NBI.git / blobdiff