def put_global_roles_for_user(request): user_id = request.matchdict['user_id'] user = User.get_instance(user_id) session = User.db() if not user: raise HTTPNotFound("User id %s does not exist" % (user_id,)) try: data = json.loads(request.body) except Exception as e: raise HTTPBadRequest("Malformed Json") if not isinstance(data, list): raise HTTPBadRequest("Not a list") if data and frozenset((type(x) for x in data)) != frozenset((str,)): raise HTTPBadRequest("not strings") roles = set(session.query(Role).filter(name in data).all()) data = set(data) if len(roles) != len(data): raise HTTPBadRequest("Not valid roles: %s" % (repr( data - set((p.name for p in roles))),)) known_gu_roles = session.query(UserRole).join(Role).filter( user=user).all() gur_by_role = {gur.role.name: gur for gur in known_gu_roles} known_roles = set(gur_by_role.keys()) for role in known_roles - roles: session.query.delete(gur_by_role(role)) for role in roles - known_roles: session.add(UserRole(user=user, role=role)) return {"added": list(roles - known_roles), "removed": list(known_roles - roles)}
def get_global_roles_for_user(request): user_id = request.matchdict['user_id'] session = User.db() if not session.query(User).get(user_id): raise HTTPNotFound("User id %s does not exist" % (user_id,)) rolenames = session.query(Role.name).join( UserRole).filter(UserRole.user_id == user_id) return [x[0] for x in rolenames]