def upgrade(upd, with_testing, *args, **kwargs):
upd.print_log('Upgrading db...')
helpers.upgrade_db(revision='3d2db4a87f86')
upd.print_log('Make HostingPanel role internal...')
role = Role.filter(Role.rolename == 'HostingPanel').one()
role.internal = True
role.save()
def _set_new(val):
role = Role.filter_by(rolename='Admin').first()
pod_res = Resource.filter_by(name='pods').first()
perms = Permission.filter_by(role_id=role.id, resource_id=pod_res.id).all()
for perm in perms:
if val:
perm.set_allow()
else:
perm.set_deny()
def upgrade(upd, with_testing, *args, **kwargs):
upd.print_log('Add menus Persistent volumes and Public IPs')
user = Role.filter(Role.rolename == "User").one()
trial_user = Role.filter(Role.rolename == "TrialUser").one()
public_ips = MenuItem.create(name="Public IPs",
path="/publicIPs/",
ordering=1,
menu_id=1)
public_ips.save()
perm = MenuItemRole(role=user, menuitem=public_ips)
perm = MenuItemRole(role=trial_user, menuitem=public_ips)
perm.save()
p = MenuItem.create(name="Persistent volumes",
path="/persistent-volumes/",
ordering=2,
menu_id=1)
p.save()
perm = MenuItemRole(role=user, menuitem=p)
perm = MenuItemRole(role=trial_user, menuitem=p)
perm.save()
def upgrade(upd, with_testing, *args, **kwargs):
upd.print_log('Add roles {}, resources {} and its permissions...'.format(
ROLES, RESOURCES))
fixtures.add_permissions(roles=ROLES,
resources=RESOURCES,
permissions=PERMISSIONS)
upd.print_log('Add {} user...'.format(USER))
u = db.session.query(User).filter(User.username == USER).first()
if not u:
r = Role.filter_by(rolename='HostingPanel').first()
u = User.create(username=USER, password=USER, role=r, active=True)
u.save()
def add_users_and_roles(password):
# Create all roles with users that has same name and password as role_name.
# Useful to test permissions.
# Delete all users from setup KuberDock. Only admin must be after install.
# AC-228
# for role in Role.all():
# u = User.filter_by(username=role.rolename).first()
# if u is None:
# u = User.create(username=role.rolename, password=role.rolename,
# role=role, package=p, active=True)
# db.session.add(u)
# db.session.commit()
# Special user for convenience to type and login
p1 = Package.filter_by(name='Standard package').first()
r = Role.filter_by(rolename='Admin').first()
u = User.filter_by(username='******').first()
if u is None:
u = User.create(username='******',
password=password,
role=r,
package=p1,
active=True)
db.session.add(u)
kr = Role.filter_by(rolename='User').first()
ku = User.filter_by(username=KUBERDOCK_INTERNAL_USER).first()
ku_passwd = uuid.uuid4().hex
if ku is None:
ku = User.create(
username=KUBERDOCK_INTERNAL_USER,
password=ku_passwd,
role=kr,
# package=p1, first_name='KuberDock Internal',
active=True)
# generate token immediately, to use it in node creation
ku.get_token()
db.session.add(ku)
db.session.commit()
def add_menu_items(items, menu, parent=None,):
for item in items:
roles = item.pop('roles', [])
children = item.pop('children', None)
menu_item = MenuItem(**item)
menu_item.menu = menu
menu_item.parent = parent
menu_item.save()
for rolename in roles:
role = Role.filter(Role.rolename == rolename).one()
item_role = MenuItemRole(role=role, menuitem=menu_item)
item_role.save()
if children:
add_menu_items(children, menu, parent=menu_item)
def user_fixtures(admin=False, active=True, **kwargs):
username = '******' + randstr(8)
password = randstr(10)
role_id = Role.filter_by(
rolename='User' if not admin else 'Admin').first().id
email = randstr(10) + '@test.test'
data = dict(username=username,
password=password,
active=active,
role_id=role_id,
package_id=0,
email=email)
user = User(**dict(data, **kwargs)).save()
return user, password
def upgrade(upd, with_testing, *args, **kwargs):
upd.print_log('Add MenuItemRole model.')
upd.print_log('Upgrading db...')
helpers.upgrade_db(revision='241a7b04a9ff')
admin = Role.filter(Role.rolename == 'Admin').first()
trialuser = Role.filter(Role.rolename == 'TrialUser').first()
user = Role.filter(Role.rolename == 'User').first()
menu_pods = MenuItem.filter(MenuItem.name == 'Pods').first()
menu_publicip = MenuItem.filter(MenuItem.name == 'Public IPs').first()
menu_pv = MenuItem.filter(MenuItem.name == 'Persistent volumes').first()
menu_nodes = MenuItem.filter(MenuItem.name == 'Nodes').first()
menu_papps = MenuItem.filter(
MenuItem.name == 'Predefined Applications').first()
menu_settings = MenuItem.filter(MenuItem.name == 'Settings').first()
menu_adm = MenuItem.filter(MenuItem.name == 'Administration').first()
menu_users = MenuItem.filter(MenuItem.name == 'Users').first()
menu_ippool = MenuItem.filter(MenuItem.name == 'IP pool').first()
MenuItemRole.create(menuitem=menu_pods, role=user)
MenuItemRole.create(menuitem=menu_pods, role=trialuser)
MenuItemRole.create(menuitem=menu_publicip, role=user)
MenuItemRole.create(menuitem=menu_publicip, role=trialuser)
MenuItemRole.create(menuitem=menu_pv, role=user)
MenuItemRole.create(menuitem=menu_pv, role=trialuser)
MenuItemRole.create(menuitem=menu_nodes, role=admin)
MenuItemRole.create(menuitem=menu_papps, role=admin)
MenuItemRole.create(menuitem=menu_settings, role=admin)
MenuItemRole.create(menuitem=menu_settings, role=user)
MenuItemRole.create(menuitem=menu_settings, role=trialuser)
MenuItemRole.create(menuitem=menu_adm, role=admin)
MenuItemRole.create(menuitem=menu_users, role=admin)
MenuItemRole.create(menuitem=menu_ippool, role=admin)
resource = Resource.filter(Resource.name == 'static_pages').first()
if resource:
Permission.filter(Permission.resource == resource).delete()
resource.delete()
def run(self, username, password, rolename):
try:
role = Role.filter_by(rolename=rolename).one()
except NoResultFound:
raise InvalidCommand('Role with name `%s` not found' % rolename)
if User.filter_by(username=username).first():
raise InvalidCommand('User `%s` already exists' % username)
if not password:
password = generate_new_pass()
print "New password: {}".format(password)
u = User.create(username=username, password=password, role=role,
active=True, package_id=0)
db.session.add(u)
db.session.commit()
def _validate_role_exists(self, exists, field, value):
if exists:
if Role.by_rolename(value) is None:
self._error(field, "Role doesn't exists")