def validate_update(self, user, current_user):
"""
Validates required fields, username, verifies if the user
exists, verifies that the user is not root and that belongs to
ovsdb_user group
Returns None when valid else returns error json dict
"""
validation_result = self.__validate_required_fields__(user, OP_UPDATE)
if validation_result is not None:
return validation_result
username = user.configuration.username
validation_result = self.__validate_username__(username)
if validation_result is not None:
return validation_result
if user_utils.user_exists(username):
# Avoid update a root user
if username == "root":
error_message = "Permission denied."\
"Cannot update the root user."
validation_result = to_json_error(error_message, None, None)
return validation_result
# Avoid update users from another group
if not user_utils.check_user_group(username, DEFAULT_USER_GRP):
error_message = "Unknown user %s" % username
validation_result = to_json_error(error_message, None, None)
return validation_result
else:
error_message = "User %s doesn't exists." % username
validation_result = to_json_error(error_message, None, None)
return validation_result
return None
def validate_delete(self, username, current_user):
"""
This functions verifies the following:
User is not root
User is not the current user
User belongs to ovsdb_user group
User is not the last user at ovsdb_group
Returns None when valid else returns error json dict
"""
# Avoid delete a root user
if username == "root":
error_message = "Permission denied." \
"Cannot remove the root user."
validation_result = to_json_error(error_message, None, None)
return validation_result
# Avoid to delete the current user
if username == current_user["username"]:
error_message = "Permission denied." \
"Cannot remove the current user."
validation_result = to_json_error(error_message, None, None)
return validation_result
# Avoid delete system users.
if not user_utils.check_user_group(username, DEFAULT_USER_GRP):
validation_result = to_json_error("Unknown user %s" % username,
None, None)
return validation_result
# Check if deleting the last user from that group
if user_utils.get_group_user_count(DEFAULT_USER_GRP) <= 1:
validation_result = "Cannot delete the last user %s" % username
validation_result = to_json_error(error_message, None, None)
return validation_result
return None
