def test_delete_system_role(self):
# System roles can't be deleted
system_roles = SystemRole.get_valid_values()
for name in system_roles:
expected_msg = 'System roles can\'t be deleted'
self.assertRaisesRegexp(ValueError, expected_msg, rbac_service.delete_role,
name=name)
def test_delete_system_role(self):
# System roles can't be deleted
system_roles = SystemRole.get_valid_values()
for name in system_roles:
expected_msg = 'System roles can\'t be deleted'
self.assertRaisesRegexp(ValueError, expected_msg, rbac_services.delete_role,
name=name)
def delete_role(name):
""""
Delete role with the provided name.
"""
if name in SystemRole.get_valid_values():
raise ValueError('System roles can\'t be deleted')
role_db = Role.get(name=name)
result = Role.delete(role_db)
return result
def create_role(name, description=None):
"""
Create a new role.
"""
if name in SystemRole.get_valid_values():
raise ValueError('"%s" role name is blacklisted' % (name))
role_db = RoleDB(name=name, description=description)
role_db = Role.add_or_update(role_db)
return role_db
def delete_role(name):
""""
Delete role with the provided name.
"""
if name in SystemRole.get_valid_values():
raise ValueError("System roles can't be deleted")
role_db = Role.get(name=name)
result = Role.delete(role_db)
return result
def create_role(name, description=None):
"""
Create a new role.
"""
if name in SystemRole.get_valid_values():
raise ValueError('"%s" role name is blacklisted' % (name))
role_db = RoleDB(name=name, description=description)
role_db = Role.add_or_update(role_db)
return role_db
def insert_system_roles():
"""
Migration which inserts the default system roles.
"""
system_roles = SystemRole.get_valid_values()
for role_name in system_roles:
description = role_name
role_db = RoleDB(name=role_name, description=description, system=True)
try:
Role.insert(role_db, log_not_unique_error_as_debug=True)
except (StackStormDBObjectConflictError, NotUniqueError):
pass
def insert_system_roles():
"""
Migration which inserts the default system roles.
"""
system_roles = SystemRole.get_valid_values()
for role_name in system_roles:
description = role_name
role_db = RoleDB(name=role_name, description=description, system=True)
try:
Role.insert(role_db, log_not_unique_error_as_debug=True)
except (StackStormDBObjectConflictError, NotUniqueError):
pass
def insert_system_roles():
"""
Migration which inserts the default system roles.
"""
system_roles = SystemRole.get_valid_values()
LOG.debug('Inserting system roles (%s)' % (str(system_roles)))
for role_name in system_roles:
description = role_name
role_db = RoleDB(name=role_name, description=description, system=True)
try:
role_db.save()
except (StackStormDBObjectConflictError, NotUniqueError):
# Role already exists error is not fatal
pass
def insert_system_roles():
"""
Migration which inserts the default system roles.
"""
system_roles = SystemRole.get_valid_values()
LOG.debug('Inserting system roles (%s)' % (str(system_roles)))
for role_name in system_roles:
description = role_name
role_db = RoleDB(name=role_name, description=description, system=True)
try:
role_db.save()
except (StackStormDBObjectConflictError, NotUniqueError):
# Role already exists error is not fatal
pass
