def index():
authz.require(authz.logged_in())
users = []
for role in Role.all():
data = role.to_dict()
del data['email']
users.append(data)
return jsonify({'results': users, 'total': len(users)})
def index():
authz.require(authz.logged_in())
users = []
for role in Role.all():
data = role.to_dict()
del data["email"]
users.append(data)
return jsonify({"results": users, "total": len(users)})
def index():
authz.require(authz.logged_in())
users = []
for role in Role.all():
data = role.to_dict()
del data['email']
users.append(data)
return jsonify({'results': users, 'total': len(users)})
def permissions_update(id):
# TODO: consider using a list to bundle permission writes
collection = get_db_collection(id, request.authz.WRITE)
data = parse_request(schema=PermissionSchema)
role = Role.all().filter(Role.id == data['role']['id']).first()
if role is None or not check_visible(role, request.authz):
raise BadRequest()
perm = update_permission(role, collection, data['read'], data['write'])
return jsonify({'status': 'ok', 'updated': PermissionSchema().dump(perm)})
def index():
request.authz.require(request.authz.logged_in)
users = []
for role in Role.all():
if not check_visible(role):
continue
data = role.to_dict()
del data['email']
users.append(data)
return jsonify({'results': users, 'total': len(users)})
def permissions_update(collection):
authz.require(authz.collection_write(collection))
data = request_data()
validate(data, "permission.json#")
role = Role.all().filter(Role.id == data["role"]).first()
if role is None:
raise BadRequest()
permission = Permission.grant_collection(collection, role, data["read"], data["write"])
db.session.commit()
log_event(request)
return jsonify({"status": "ok", "updated": permission})
def permissions_update(collection):
authz.require(authz.collection_write(collection))
data = request_data()
validate(data, 'permission.json#')
role = Role.all().filter(Role.id == data['role']).first()
if role is None:
raise BadRequest()
permission = Permission.grant_collection(collection.id, role, data['read'],
data['write'])
db.session.commit()
return jsonify({'status': 'ok', 'updated': permission})
def permissions_update(collection):
request.authz.require(request.authz.collection_write(collection))
data = request_data()
validate(data, 'permission.json#')
role = Role.all().filter(Role.id == data['role_id']).first()
collection = Collection.by_id(collection)
if role is None or collection is None:
raise BadRequest()
request.authz.require(check_visible(role))
perm = update_permission(role, collection, data['read'], data['write'])
log_event(request)
return jsonify({'status': 'ok', 'updated': perm})
def permissions_update(collection):
authz.require(authz.collection_write(collection))
data = request_data()
validate(data, 'permission.json#')
role = Role.all().filter(Role.id == data['role']).first()
if role is None:
raise BadRequest()
permission = Permission.grant_collection(collection.id,
role,
data['read'],
data['write'])
db.session.commit()
return jsonify({
'status': 'ok',
'updated': permission
})
def permissions_save(collection=None, source=None):
if collection is not None:
authz.require(authz.collection_write(collection))
if source is not None:
authz.require(authz.source_write(source))
resource_type = Permission.COLLECTION if collection else Permission.SOURCE
resource_id = collection or source
data = request_data()
validate(data, 'permission.json#')
role = Role.all().filter(Role.id == data['role']).first()
if role is None:
raise BadRequest()
permission = Permission.grant_resource(resource_type, resource_id, role,
data['read'], data['write'])
db.session.commit()
return jsonify({'status': 'ok', 'updated': permission})
def update_roles():
Authz.flush()
for role in Role.all():
update_role(role)
def update_roles():
# Flush authz for anonymous users:
cache.kv.delete(cache.key(Authz.PREFIX, Authz.READ),
cache.key(Authz.PREFIX, Authz.WRITE))
for role in Role.all():
update_role(role)
def update_roles():
for role in Role.all(deleted=True):
update_role(role)
def check_alerts():
"""Go through all users and execute their alerts."""
for role in Role.all():
authz = Authz(role=role)
for alert in Alert.by_role(role).all():
check_alert(authz, alert)
