def _get_resource_permissions_matrix(user):
dict_resource_perm_map = {}
result = []
resource_permission_set = get_resource_permission_set(user)
for resource_permission in resource_permission_set:
resource_name = resource_permission.resource.name
permission_name = resource_permission.permission.name
dict_resource_perm_map.setdefault(resource_name,
[]).append(permission_name)
ori_action_dict = {}
for resource_name, view_set, _ in router.registry:
for name, _ in inspect.getmembers(view_set,
predicate=inspect.ismethod):
if name.lower() in [
'update', 'create', 'destroy', 'list', 'partial_update',
'retrieve'
]:
ori_action_dict.setdefault(resource_name, []).append(
convert_method_to_action(name.lower()))
for key in dict_resource_perm_map:
row = [key, 'N/A', 'N/A', 'N/A', 'N/A']
row = _change_row(row, 'No', ori_action_dict.get(key, []))
row = _change_row(row, 'Yes', dict_resource_perm_map.get(key, []))
result.append(row)
return sorted(result)
def _collect_resource_permissions(self):
action_to_obj_dict = {}
for action in ('update', 'create', 'delete', 'read'):
action_to_obj_dict[action] = ActionPermission.objects.get(name=action)
for prefix, view_set, basename in router.registry:
if prefix in self.API_WITH_NO_PERMISSION_CONTROL:
continue
resource_obj, created = Resource.objects.get_or_create(name=prefix, view=str(view_set))
for name, method in inspect.getmembers(view_set, predicate=inspect.ismethod):
if name.lower() in ['update', 'create', 'destroy', 'list', 'partial_update', 'retrieve']:
action_permission = action_to_obj_dict[convert_method_to_action(name.lower())]
_, created = ResourcePermission.objects.get_or_create(resource=resource_obj,
permission=action_permission)
def _collect_resource_permissions(self):
action_to_obj_dict = {}
for action in ('update', 'create', 'delete', 'read'):
action_to_obj_dict[action] = ActionPermission.objects.get(
name=action)
for prefix, view_set, basename in router.registry:
if prefix in self.API_WITH_NO_PERMISSION_CONTROL:
continue
resource_obj, created = Resource.objects.get_or_create(
name=prefix, view=str(view_set))
for name, method in inspect.getmembers(view_set,
predicate=inspect.ismethod):
if name.lower() in [
'update', 'create', 'destroy', 'list',
'partial_update', 'retrieve'
]:
action_permission = action_to_obj_dict[
convert_method_to_action(name.lower())]
_, created = ResourcePermission.objects.get_or_create(
resource=resource_obj, permission=action_permission)
def update_resources(sender, **kwargs):
"""Updates list of resources for which permissions can be created"""
import inspect
from django.conf import settings
from django.utils.module_loading import autodiscover_modules
from pdc.apps.auth.models import ResourcePermission, ActionPermission, Resource
from pdc.apps.utils.SortedRouter import router
from pdc.apps.utils.utils import convert_method_to_action
if getattr(settings, 'SKIP_RESOURCE_CREATION', False):
# We are running tests, don't create anything
return
API_WITH_NO_PERMISSION_CONTROL = set(['auth/token', 'auth/current-user'])
# Import all routers to have list of all end-points.
autodiscover_modules('routers')
action_to_obj_dict = {}
for action in ('update', 'create', 'delete', 'read'):
action_to_obj_dict[action] = ActionPermission.objects.get(name=action)
for prefix, view_set, basename in router.registry:
if prefix in API_WITH_NO_PERMISSION_CONTROL:
continue
view_name = str(view_set)
resource_obj, created = Resource.objects.get_or_create(name=prefix,
defaults={'view': view_name})
if not created and resource_obj.view != view_name:
# Update the name of the View class
resource_obj.view = view_name
resource_obj.save()
for name, method in inspect.getmembers(view_set, predicate=inspect.ismethod):
action_name = convert_method_to_action(name.lower())
if action_name:
action_permission = action_to_obj_dict[action_name]
ResourcePermission.objects.get_or_create(resource=resource_obj,
permission=action_permission)
def _get_resource_permissions_matrix(user):
dict_resource_perm_map = {}
result = []
resource_permission_set = get_resource_permission_set(user)
for resource_permission in resource_permission_set:
resource_name = resource_permission.resource.name
permission_name = resource_permission.permission.name
dict_resource_perm_map.setdefault(resource_name, []).append(permission_name)
ori_action_dict = {}
for resource_name, view_set, _ in router.registry:
for name, _ in inspect.getmembers(view_set, predicate=inspect.ismethod):
if name.lower() in ['update', 'create', 'destroy', 'list', 'partial_update', 'retrieve']:
ori_action_dict.setdefault(resource_name, []).append(convert_method_to_action(name.lower()))
for key in dict_resource_perm_map:
row = [key, 'N/A', 'N/A', 'N/A', 'N/A']
row = _change_row(row, 'No', ori_action_dict.get(key, []))
row = _change_row(row, 'Yes', dict_resource_perm_map.get(key, []))
result.append(row)
return sorted(result)
