Beispiel #1
0
def assign_role_to_group(lib_env, role_id, group_id):
    """
    Assign role with id role_id to group with id group_id.
    Raises LibraryError on any failure.

    lib_env -- LibraryEnvironment
    role_id -- id of acl_role element which should be assigned to group
    group_id -- id of acl_group element to which role should be assigned
    """
    with cib_acl_section(lib_env) as acl_section:
        acl.assign_role(
            acl_section, role_id, acl.find_group(acl_section, group_id),
        )
Beispiel #2
0
def assign_role_to_group(lib_env, role_id, group_id):
    """
    Assign role with id role_id to group with id group_id.
    Raises LibraryError on any failure.

    lib_env -- LibraryEnvironment
    role_id -- id of acl_role element which should be assigned to group
    group_id -- id of acl_group element to which role should be assigned
    """
    with cib_acl_section(lib_env) as acl_section:
        acl.assign_role(
            acl_section,
            role_id,
            acl.find_group(acl_section, group_id),
        )
Beispiel #3
0
def assign_role_to_group(lib_env, role_id, group_id):
    """
    Assign role with id role_id to group with id group_id.
    Raises LibraryError on any failure.

    lib_env -- LibraryEnvironment
    role_id -- id of acl_role element which should be assigned to group
    group_id -- id of acl_group element to which role should be assigned
    """
    cib = lib_env.get_cib(REQUIRED_CIB_VERSION)
    try:
        acl.assign_role(acl.find_group(cib, group_id),
                        acl.find_role(cib, role_id))
    except acl.AclError as e:
        raise LibraryError(acl.acl_error_to_report_item(e))
    lib_env.push_cib(cib)
Beispiel #4
0
def unassign_role_from_group(lib_env,
                             role_id,
                             group_id,
                             autodelete_group=False):
    """
    Unassign role with role_id from group with id group_id.
    Raises LibraryError on any failure.

    lib_env -- LibraryEnvironment
    role_id -- id of role which should be unassigned from group
    group_id -- id of acl_group element
    autodelete_target -- if True remove group element if has no more role
        assigned
    """
    with cib_acl_section(lib_env) as acl_section:
        acl.unassign_role(acl.find_group(acl_section, group_id), role_id,
                          autodelete_group)
Beispiel #5
0
def assign_role_to_group(lib_env, role_id, group_id):
    """
    Assign role with id role_id to group with id group_id.
    Raises LibraryError on any failure.

    lib_env -- LibraryEnvironment
    role_id -- id of acl_role element which should be assigned to group
    group_id -- id of acl_group element to which role should be assigned
    """
    cib = lib_env.get_cib(REQUIRED_CIB_VERSION)
    try:
        acl.assign_role(
            acl.find_group(cib, group_id), acl.find_role(cib, role_id)
        )
    except acl.AclError as e:
        raise LibraryError(acl.acl_error_to_report_item(e))
    lib_env.push_cib(cib)
Beispiel #6
0
def _get_target_or_group(cib, target_or_group_id):
    """
    Returns acl_target or acl_group element with id target_or_group_id. Target
    element has bigger pririty so if there are target and group with same id
    only target element will be affected by this function.
    Raises LibraryError if there is no target or group element with
    specified id.

    cib -- cib etree node
    target_or_group_id -- id of target/group element which should be returned
    """
    try:
        return acl.find_target(cib, target_or_group_id)
    except acl.AclTargetNotFound:
        try:
            return acl.find_group(cib, target_or_group_id)
        except acl.AclGroupNotFound:
            raise LibraryError(
                reports.id_not_found(target_or_group_id, "user/group"))
Beispiel #7
0
def unassign_role_from_group(
    lib_env, role_id, group_id, autodelete_group=False
):
    """
    Unassign role with role_id from group with id group_id.
    Raises LibraryError on any failure.

    lib_env -- LibraryEnvironment
    role_id -- id of role which should be unassigned from group
    group_id -- id of acl_group element
    autodelete_target -- if True remove group element if has no more role
        assigned
    """
    with cib_acl_section(lib_env) as acl_section:
        acl.unassign_role(
            acl.find_group(acl_section, group_id),
            role_id,
            autodelete_group
        )
Beispiel #8
0
def _get_target_or_group(cib, target_or_group_id):
    """
    Returns acl_target or acl_group element with id target_or_group_id. Target
    element has bigger pririty so if there are target and group with same id
    only target element will be affected by this function.
    Raises LibraryError if there is no target or group element with
    specified id.

    cib -- cib etree node
    target_or_group_id -- id of target/group element which should be returned
    """
    try:
        return acl.find_target(cib, target_or_group_id)
    except acl.AclTargetNotFound:
        try:
            return acl.find_group(cib, target_or_group_id)
        except acl.AclGroupNotFound:
            raise LibraryError(
                reports.id_not_found(target_or_group_id, "user/group")
            )
Beispiel #9
0
def unassign_role_from_group(lib_env,
                             role_id,
                             group_id,
                             autodelete_group=False):
    """
    Unassign role with role_id from group with id group_id.
    Raises LibraryError on any failure.

    lib_env -- LibraryEnvironment
    role_id -- id of role which should be unassigned from group
    group_id -- id of acl_group element
    autodelete_target -- if True remove group element if has no more role
        assigned
    """
    cib = lib_env.get_cib(REQUIRED_CIB_VERSION)
    try:
        acl.unassign_role(acl.find_group(cib, group_id), role_id,
                          autodelete_group)
    except acl.AclError as e:
        raise LibraryError(acl.acl_error_to_report_item(e))
    lib_env.push_cib(cib)
Beispiel #10
0
def unassign_role_from_group(
    lib_env, role_id, group_id, autodelete_group=False
):
    """
    Unassign role with role_id from group with id group_id.
    Raises LibraryError on any failure.

    lib_env -- LibraryEnvironment
    role_id -- id of role which should be unassigned from group
    group_id -- id of acl_group element
    autodelete_target -- if True remove group element if has no more role
        assigned
    """
    cib = lib_env.get_cib(REQUIRED_CIB_VERSION)
    try:
        acl.unassign_role(
            acl.find_group(cib, group_id),
            role_id,
            autodelete_group
        )
    except acl.AclError as e:
        raise LibraryError(acl.acl_error_to_report_item(e))
    lib_env.push_cib(cib)
Beispiel #11
0
 def test_not_found(self):
     self.assert_raises(
         lib.AclGroupNotFound,
         lambda: lib.find_group(self.cib.tree, "group2"),
         {"group_id": "group2"}
     )
Beispiel #12
0
 def test_success(self):
     assert_xml_equal(
         '<acl_group id="group1" description="desc"/>',
         etree.tostring(lib.find_group(self.cib.tree, "group1")).decode()
     )