def post(self):
if "@" not in self.request.arguments["name"][0]:
self.request.arguments["name"][0] += "@" + settings.service_account_email_domain
form = ServiceAccountCreateForm(self.request.arguments)
if not form.validate():
return self.render(
"service-account-create.html", form=form,
alerts=self.get_form_alerts(form.errors)
)
if form.data["name"].split("@")[-1] != settings.service_account_email_domain:
form.name.errors.append("All service accounts must have a username ending in {}"
.format(settings.service_account_email_domain))
return self.render(
"service-account-create.html", form=form,
alerts=self.get_form_alerts(form.errors)
)
try:
create_service_account(self.session, self.current_user, form.data["name"],
form.data["description"], form.data["canjoin"])
except IntegrityError:
self.session.rollback()
form.name.errors.append("A user or group with name {} already exists"
.format(form.data["name"]))
return self.render(
"service-account-create.html", form=form,
alerts=self.get_form_alerts(form.errors)
)
return self.redirect("/service/{}?refresh=yes".format(form.data["name"]))
def post(self, group_id=None, name=None):
group = Group.get(self.session, group_id, name)
if not group:
return self.notfound()
if "@" not in self.request.arguments["name"][0]:
self.request.arguments["name"][
0] += "@" + settings.service_account_email_domain
if not can_create_service_account(self.session, self.current_user,
group):
return self.forbidden()
form = ServiceAccountCreateForm(self.request.arguments)
if not form.validate():
return self.render(
"service-account-create.html",
form=form,
group=group,
alerts=self.get_form_alerts(form.errors),
)
if form.data["name"].split(
"@")[-1] != settings.service_account_email_domain:
form.name.errors.append(
"All service accounts must have a username ending in {}".
format(settings.service_account_email_domain))
return self.render(
"service-account-create.html",
form=form,
group=group,
alerts=self.get_form_alerts(form.errors),
)
try:
create_service_account(
self.session,
self.current_user,
form.data["name"],
form.data["description"],
form.data["machine_set"],
group,
)
except DuplicateServiceAccount:
form.name.errors.append(
"A user with name {} already exists".format(form.data["name"]))
except BadMachineSet as e:
form.machine_set.errors.append(str(e))
if form.name.errors or form.machine_set.errors:
return self.render(
"service-account-create.html",
form=form,
group=group,
alerts=self.get_form_alerts(form.errors),
)
url = "/groups/{}/service/{}?refresh=yes".format(
group.name, form.data["name"])
return self.redirect(url)
def post(self, *args, **kwargs):
# type: (*Any, **Any) -> None
owner = kwargs["name"] # type: str
form = ServiceAccountCreateForm(self.request.arguments)
if not form.validate():
self.render_form_with_errors(form, owner)
return
usecase = self.usecase_factory.create_create_service_account_usecase(
self.current_user.username, self)
usecase.create_service_account(form.data["name"], owner,
form.data["machine_set"],
form.data["description"])
def create_service_account_failed_already_exists(self, service, owner):
# type: (str, str) -> None
form = ServiceAccountCreateForm(self.request.arguments)
msg = "A user or service account with name {} already exists".format(
service)
form.name.errors = [msg]
self.render_form_with_errors(form, owner)
def post(self, *args: Any, **kwargs: Any) -> None:
owner = self.get_path_argument("name")
# Save the form in the handler object so that it can be reused in failure handlers.
self._form = ServiceAccountCreateForm(self.request.arguments)
if not self._form.validate():
self._render_template(self._form, owner)
return
usecase = self.usecase_factory.create_create_service_account_usecase(
self.current_user.username, self
)
usecase.create_service_account(
self._form.data["name"],
owner,
self._form.data["machine_set"],
self._form.data["description"],
)
def get(self, group_id=None, name=None):
group = Group.get(self.session, group_id, name)
if not group:
return self.notfound()
if not can_create_service_account(self.session, self.current_user, group):
return self.forbidden()
form = ServiceAccountCreateForm()
return self.render("service-account-create.html", form=form, group=group)
def get(self, *args: Any, **kwargs: Any) -> None:
owner = self.get_path_argument("name")
usecase = self.usecase_factory.create_create_service_account_usecase(
self.current_user.username, self
)
if not usecase.can_create_service_account(owner):
self.forbidden()
return
form = ServiceAccountCreateForm()
self._render_template(form, owner)
def get(self, *args, **kwargs):
# type: (*Any, **Any) -> None
owner = kwargs["name"] # type: str
usecase = self.usecase_factory.create_create_service_account_usecase(
self.current_user.username, self)
if not usecase.can_create_service_account(owner):
self.forbidden()
return
form = ServiceAccountCreateForm()
self.render("service-account-create.html", form=form, owner=owner)
def post(self, group_id=None, name=None):
group = Group.get(self.session, group_id, name)
if not group:
return self.notfound()
if "@" not in self.request.arguments["name"][0]:
self.request.arguments["name"][0] += "@" + settings.service_account_email_domain
form = ServiceAccountCreateForm(self.request.arguments)
if not form.validate():
return self.render(
"service-account-create.html", form=form, group=group,
alerts=self.get_form_alerts(form.errors)
)
if form.data["name"].split("@")[-1] != settings.service_account_email_domain:
form.name.errors.append("All service accounts must have a username ending in {}"
.format(settings.service_account_email_domain))
return self.render(
"service-account-create.html", form=form, group=group,
alerts=self.get_form_alerts(form.errors)
)
try:
create_service_account(self.session, self.current_user, form.data["name"],
form.data["description"], form.data["machine_set"], group)
except DuplicateServiceAccount:
form.name.errors.append("A user with name {} already exists".format(form.data["name"]))
except BadMachineSet as e:
form.machine_set.errors.append(str(e))
if form.name.errors or form.machine_set.errors:
return self.render(
"service-account-create.html", form=form, group=group,
alerts=self.get_form_alerts(form.errors)
)
url = "/groups/{}/service/{}?refresh=yes".format(group.name, form.data["name"])
return self.redirect(url)
def post(self):
if "@" not in self.request.arguments["name"][0]:
self.request.arguments["name"][
0] += "@" + settings.service_account_email_domain
form = ServiceAccountCreateForm(self.request.arguments)
if not form.validate():
return self.render("service-account-create.html",
form=form,
alerts=self.get_form_alerts(form.errors))
if form.data["name"].split(
"@")[-1] != settings.service_account_email_domain:
form.name.errors.append(
"All service accounts must have a username ending in {}".
format(settings.service_account_email_domain))
return self.render("service-account-create.html",
form=form,
alerts=self.get_form_alerts(form.errors))
try:
create_service_account(self.session, self.current_user,
form.data["name"], form.data["description"],
form.data["canjoin"])
except IntegrityError:
self.session.rollback()
form.name.errors.append(
"A user or group with name {} already exists".format(
form.data["name"]))
return self.render("service-account-create.html",
form=form,
alerts=self.get_form_alerts(form.errors))
return self.redirect("/service/{}?refresh=yes".format(
form.data["name"]))
def get(self, *args, **kwargs):
# type: (*Any, **Any) -> None
group_id = kwargs.get("group_id") # type: Optional[str]
name = kwargs.get("name") # type: Optional[str]
group = Group.get(self.session, group_id, name)
if not group:
return self.notfound()
if not can_create_service_account(self.session, self.current_user,
group):
return self.forbidden()
form = ServiceAccountCreateForm()
return self.render("service-account-create.html",
form=form,
group=group)
class ServiceAccountCreate(GrouperHandler, CreateServiceAccountUI):
def create_service_account_failed_already_exists(self, service: str, owner: str) -> None:
error = f"A user or service account with name {service} already exists"
self._form.name.errors.append(error)
self._render_template(self._form, owner)
def create_service_account_failed_invalid_name(
self, service: str, owner: str, message: str
) -> None:
self._form.name.errors.append(message)
self._render_template(self._form, owner)
def create_service_account_failed_invalid_machine_set(
self, service: str, owner: str, machine_set: str, message: str
) -> None:
self._form.machine_set.errors.append(message)
self._render_template(self._form, owner)
def create_service_account_failed_invalid_owner(self, service: str, owner: str) -> None:
self.notfound()
def create_service_account_failed_permission_denied(self, service: str, owner: str) -> None:
self.forbidden()
def created_service_account(self, service: str, owner: str) -> None:
self.redirect(f"/groups/{owner}/service/{service}?refresh=yes")
def get(self, *args: Any, **kwargs: Any) -> None:
owner = self.get_path_argument("name")
usecase = self.usecase_factory.create_create_service_account_usecase(
self.current_user.username, self
)
if not usecase.can_create_service_account(owner):
self.forbidden()
return
form = ServiceAccountCreateForm()
self._render_template(form, owner)
def post(self, *args: Any, **kwargs: Any) -> None:
owner = self.get_path_argument("name")
# Save the form in the handler object so that it can be reused in failure handlers.
self._form = ServiceAccountCreateForm(self.request.arguments)
if not self._form.validate():
self._render_template(self._form, owner)
return
usecase = self.usecase_factory.create_create_service_account_usecase(
self.current_user.username, self
)
usecase.create_service_account(
self._form.data["name"],
owner,
self._form.data["machine_set"],
self._form.data["description"],
)
def _render_template(self, form: ServiceAccountCreateForm, owner: str) -> None:
template = ServiceAccountCreateTemplate(form=form, owner=owner)
self.render_template_class(template)
def get(self):
form = ServiceAccountCreateForm()
return self.render(
"service-account-create.html",
form=form,
)
def create_service_account_failed_invalid_machine_set(
self, service, owner, machine_set, message):
# type: (str, str, str, str) -> None
form = ServiceAccountCreateForm(self.request.arguments)
form.machine_set.errors = [message]
self.render_form_with_errors(form, owner)
def get(self, group_id=None, name=None):
group = Group.get(self.session, group_id, name)
if not group:
return self.notfound()
form = ServiceAccountCreateForm()
return self.render("service-account-create.html", form=form, group=group)
