def _verify_a_user_roles_permission_on_a_specific_RBAC_resource(
username, password, mfa_secret, token, zonename, org, profile, name,
permission, resource_path, **kwargs):
return (Userroles(
gen_auth(username, password, mfa_secret, token, zonename), org,
name).verify_a_user_roles_permission_on_a_specific_RBAC_resource(
permission, resource_path).text)
def _add_permissions_for_a_resource_to_a_user_role(username, password,
mfa_secret, token, zonename,
org, profile, name, body,
**kwargs):
return (Userroles(
gen_auth(username, password, mfa_secret, token, zonename), org,
name).add_permissions_for_a_resource_to_a_user_role(body).text)
def _delete_a_permission_for_a_resource(username, password, mfa_secret, token,
zonename, org, profile, name,
permission, resource_path, **kwargs):
return (Userroles(
gen_auth(username, password, mfa_secret, token, zonename), org,
name).delete_a_permission_for_a_resource(permission,
resource_path).text)
def _list_permissions_for_a_resource(
username, password, mfa_secret, token, zonename, org, profile, name, **kwargs
):
return (
Userroles(gen_auth(username, password, mfa_secret, token, zonename), org, name)
.list_permissions_for_a_resource()
.text
)
def _create_a_user_role_in_an_organization(
username, password, mfa_secret, token, zonename, org, profile, names, **kwargs
):
return (
Userroles(gen_auth(username, password, mfa_secret, token, zonename), org, None)
.create_a_user_role_in_an_organization(names)
.text
)
def _remove_user_membership_in_role(
username, password, mfa_secret, token, zonename, org, profile, name, user_email, **kwargs
):
return (
Userroles(gen_auth(username, password, mfa_secret, token, zonename), org, name)
.remove_user_membership_in_role(user_email)
.text
)
def _verify_user_role_membership(
username, password, mfa_secret, token, zonename, org, profile, name, user_email, **kwargs
):
return (
Userroles(gen_auth(username, password, mfa_secret, token, zonename), org, name)
.verify_user_role_membership(user_email)
.text
)
def _get_users_for_a_role(
username, password, mfa_secret, token, zonename, org, profile, name, **kwargs
):
return (
Userroles(gen_auth(username, password, mfa_secret, token, zonename), org, name)
.get_users_for_a_role()
.text
)
def _get_resource_permissions_for_a_specific_role(
username, password, mfa_secret, token, zonename, org, profile, name, resource_path="", **kwargs
):
return (
Userroles(gen_auth(username, password, mfa_secret, token, zonename), org, name)
.get_resource_permissions_for_a_specific_role(resource_path=resource_path)
.text
)
def _add_a_user_to_a_role(
username, password, mfa_secret, token, zonename, org, profile, name, user_email, **kwargs
):
return (
Userroles(gen_auth(username, password, mfa_secret, token, zonename), org, name)
.add_a_user_to_a_role(user_email)
.text
)
def _delete_a_user_role(
username, password, mfa_secret, token, zonename, org, profile, name, **kwargs
):
return (
Userroles(gen_auth(username, password, mfa_secret, token, zonename), org, name)
.delete_a_user_role()
.text
)
def _download_users_for_a_role(self, role_name):
try:
write_file(
Userroles(self.auth, self.org_name, role_name).get_users_for_a_role().json(),
self._gen_download_path(subpaths=['userroles', role_name, 'users.json']),
fs_write=self.fs_write,
indent=2,
)
except HTTPError as e:
console.echo(
f'Ignoring {type(e).__name__} {e.response.status_code} error for User Role ({role_name}) users'
)
def download_users_for_a_role(self, role_name):
try:
write_file(
Userroles(self.auth, self.org_name, role_name).get_users_for_a_role().json(),
Backups.generate_download_path(
self.org_path, subpaths=['userroles', role_name, 'users.json']
),
fs_write=self.fs_write,
indent=2,
)
except HTTPError as e:
Backups.log_error(e, append_msg=' for User Role ({role_name}) users')
def download_userroles_snapshot(self):
self.snapshot_data.userroles = (
Userroles(self.auth, self.org_name, None).list_user_roles().json()
)
if self.prefix:
self.snapshot_data.userroles = [
role for role in self.snapshot_data.userroles if role.startswith(self.prefix)
]
write_file(
self.snapshot_data.userroles,
self._gen_download_path(is_snapshot=True, subpaths=['userroles', 'userroles.json']),
fs_write=self.fs_write,
indent=2,
)
return self.snapshot_data.userroles
def download_resource_permissions(self, role_name):
try:
write_file(
json.dumps(
Userroles.sort_permissions(
Permissions(self.auth, self.org_name, role_name).get_permissions(
formatted=True, format='json'
)
),
indent=2,
),
Backups.generate_download_path(
self.org_path, subpaths=['userroles', role_name, 'resource_permissions.json']
),
fs_write=self.fs_write,
)
except HTTPError as e:
Backups.log_error(e, append_msg=' for User Role ({role_name}) resource permissions')
def download_userroles_snapshot(self):
self.snapshot_data.userroles = (
Userroles(self.auth, self.org_name, None).list_user_roles().json()
)
if self.prefix:
self.snapshot_data.userroles = [
role for role in self.snapshot_data.userroles if role.startswith(self.prefix)
]
data = {
'snapshot': self.snapshot_data.userroles,
'target_path': self._gen_snapshot_path(subpaths=['userroles', 'userroles.json']),
'fs_write': self.fs_write,
'indent': 2,
}
write_file(
data['snapshot'], data['target_path'], fs_write=data['fs_write'], indent=data['indent']
)
return self.snapshot_data.userroles
def _download_resource_permissions(self, role_name):
try:
write_file(
json.dumps(
Userroles.sort_permissions(
Permissions(self.auth, self.org_name, role_name).get_permissions(
formatted=True, format='json'
)
),
indent=2,
),
self._gen_download_path(
subpaths=['userroles', role_name, 'resource_permissions.json']
),
fs_write=self.fs_write,
)
except HTTPError as e:
console.echo(
f'Ignoring {type(e).__name__} {e.response.status_code} error for User Role ({role_name}) resource permissions'
)
def _list_user_roles(username, password, mfa_secret, token, zonename, org, profile, **kwargs):
return (
Userroles(gen_auth(username, password, mfa_secret, token, zonename), org, None)
.list_user_roles()
.text
)
def _get_users_for_a_role(self, role_name):
return Userroles(self.auth, self.org_name, role_name).get_users_for_a_role().json()