def POST(self):
# Params
params = self.params()
role_id = params.get('role_id', None)
resource = params.get('resource', None)
operation_names = params.get('operations', None)
_check_invalid_params({
'role_id': role_id,
'resource': resource,
'operation_names': operation_names
})
operations = _get_operations(operation_names)
# Grant permission synchronously
role_manager = managers.role_manager()
tags = [
resource_tag(dispatch_constants.RESOURCE_ROLE_TYPE, role_id),
action_tag('remove_permission_from_role')
]
call_request = CallRequest(role_manager.remove_permissions_from_role,
[role_id, resource, operations],
tags=tags)
call_request.updates_resource(dispatch_constants.RESOURCE_ROLE_TYPE,
role_id)
return self.ok(execution.execute_sync(call_request))
def POST(self):
# Params
params = self.params()
login = params.get('login', None)
resource = params.get('resource', None)
operation_names = params.get('operations', None)
_check_invalid_params({
'login': login,
'resource': resource,
'operation_names': operation_names
})
operations = _get_operations(operation_names)
# Grant permission synchronously
permission_manager = managers.permission_manager()
tags = [
resource_tag(dispatch_constants.RESOURCE_PERMISSION_TYPE,
resource),
resource_tag(dispatch_constants.RESOURCE_USER_TYPE, login),
action_tag('grant_permission_to_user')
]
call_request = CallRequest(permission_manager.grant,
[resource, login, operations],
tags=tags)
call_request.reads_resource(dispatch_constants.RESOURCE_USER_TYPE,
login)
call_request.updates_resource(
dispatch_constants.RESOURCE_PERMISSION_TYPE, resource)
return self.ok(execution.execute_sync(call_request))
def POST(self):
# Params
params = self.params()
login = params.get('login', None)
resource = params.get('resource', None)
operation_names = params.get('operations', None)
_check_invalid_params({'login':login,
'resource':resource,
'operation_names':operation_names})
operations = _get_operations(operation_names)
# Grant permission synchronously
permission_manager = managers.permission_manager()
tags = [resource_tag(dispatch_constants.RESOURCE_PERMISSION_TYPE, resource),
resource_tag(dispatch_constants.RESOURCE_USER_TYPE, login),
action_tag('grant_permission_to_user')]
call_request = CallRequest(permission_manager.grant,
[resource, login, operations],
tags=tags)
call_request.reads_resource(dispatch_constants.RESOURCE_USER_TYPE, login)
call_request.updates_resource(dispatch_constants.RESOURCE_PERMISSION_TYPE, resource)
return self.ok(execution.execute_sync(call_request))
def POST(self):
# Params
params = self.params()
role_id = params.get('role_id', None)
resource = params.get('resource', None)
operation_names = params.get('operations', None)
_check_invalid_params({'role_id':role_id,
'resource':resource,
'operation_names':operation_names})
operations = _get_operations(operation_names)
# Grant permission synchronously
role_manager = managers.role_manager()
tags = [resource_tag(dispatch_constants.RESOURCE_ROLE_TYPE, role_id),
action_tag('remove_permission_from_role')]
call_request = CallRequest(role_manager.remove_permissions_from_role,
[role_id, resource, operations],
tags=tags)
call_request.updates_resource(dispatch_constants.RESOURCE_ROLE_TYPE, role_id)
return self.ok(execution.execute_sync(call_request))
def revoke_permission_from_user(self, resource, login, operation_names):
"""
Revoke the operations on the resource from the user
@type resource: str
@param resource: pulp resource to revoke operations on
@type login: str
@param login: name of the user to revoke permissions from
@type operation_names: list or tuple of str's
@param operation_names: name of the operations to revoke
@rtype: bool
@return: True on success
"""
operations = _get_operations(operation_names)
self.revoke(resource, login, operations)
return True
def POST(self):
# Params
params = self.params()
login = params.get('login', None)
resource = params.get('resource', None)
operation_names = params.get('operations', None)
_check_invalid_params({'login': login,
'resource': resource,
'operation_names': operation_names})
operations = _get_operations(operation_names)
# Grant permission synchronously
permission_manager = managers.permission_manager()
return self.ok(permission_manager.revoke(resource, login, operations))
def POST(self):
# Params
params = self.params()
role_id = params.get('role_id', None)
resource = params.get('resource', None)
operation_names = params.get('operations', None)
_check_invalid_params({'role_id': role_id,
'resource': resource,
'operation_names': operation_names})
operations = _get_operations(operation_names)
# Grant permission synchronously
role_manager = managers.role_manager()
return self.ok(role_manager.remove_permissions_from_role(role_id, resource, operations))
def revoke_permission_from_user(self, resource, login, operation_names):
"""
Revoke the operations on the resource from the user
@type resource: str
@param resource: pulp resource to revoke operations on
@type login: str
@param login: name of the user to revoke permissions from
@type operation_names: list or tuple of str's
@param operation_names: name of the operations to revoke
@rtype: bool
@return: True on success
"""
operations = _get_operations(operation_names)
self.revoke(resource, login, operations)
return True
