def get_group_view_template_vars(session, actor, group, graph):
# type: (Session, User, Group, GroupGraph) -> Dict[str, Any]
ret = {}
ret["grantable"] = user_grantable_permissions(session, actor)
try:
group_md = graph.get_group_details(group.name)
except NoSuchGroup:
# Very new group with no metadata yet, or it has been disabled and
# excluded from in-memory cache.
group_md = {}
ret["members"] = group.my_members()
ret["groups"] = group.my_groups()
ret["service_accounts"] = get_service_accounts(session, group)
ret["permissions"] = group_md.get("permissions", [])
for permission in ret["permissions"]:
permission["granted_on"] = datetime.fromtimestamp(permission["granted_on"])
ret["permission_requests_pending"] = []
for req in get_pending_request_by_group(session, group):
granters = []
for owner, argument in get_owner_arg_list(session, req.permission, req.argument):
granters.append(owner.name)
ret["permission_requests_pending"].append((req, granters))
ret["audited"] = group_md.get("audited", False)
ret["log_entries"] = group.my_log_entries()
ret["num_pending"] = count_requests_by_group(session, group, status="pending")
ret["current_user_role"] = {
"is_owner": user_role_index(actor, ret["members"]) in OWNER_ROLE_INDICES,
"is_approver": user_role_index(actor, ret["members"]) in APPROVER_ROLE_INDICES,
"is_manager": user_role(actor, ret["members"]) == "manager",
"is_member": user_role(actor, ret["members"]) is not None,
"role": user_role(actor, ret["members"]),
}
ret["can_leave"] = (
ret["current_user_role"]["is_member"] and not ret["current_user_role"]["is_owner"]
)
ret["statuses"] = AUDIT_STATUS_CHOICES
# Add mapping_id to permissions structure
ret["my_permissions"] = group.my_permissions()
for perm_up in ret["permissions"]:
for perm_direct in ret["my_permissions"]:
if (
perm_up["permission"] == perm_direct.name
and perm_up["argument"] == perm_direct.argument
):
perm_up["mapping_id"] = perm_direct.mapping_id
break
ret["alerts"] = []
ret["self_pending"] = count_requests_by_group(session, group, status="pending", user=actor)
if ret["self_pending"]:
ret["alerts"].append(Alert("info", "You have a pending request to join this group.", None))
return ret
def get_group_view_template_vars(session, actor, group, graph):
ret = {}
ret["grantable"] = user_grantable_permissions(session, actor)
try:
group_md = graph.get_group_details(group.name)
except NoSuchGroup:
# Very new group with no metadata yet, or it has been disabled and
# excluded from in-memory cache.
group_md = {}
ret["members"] = group.my_members()
ret["groups"] = group.my_groups()
ret["service_accounts"] = get_service_accounts(session, group)
ret["permissions"] = group_md.get('permissions', [])
ret["permission_requests_pending"] = []
for req in get_pending_request_by_group(session, group):
granters = []
for owner, argument in get_owner_arg_list(session, req.permission,
req.argument):
granters.append(owner.name)
ret["permission_requests_pending"].append((req, granters))
ret["audited"] = group_md.get('audited', False)
ret["log_entries"] = group.my_log_entries()
ret["num_pending"] = group.my_requests("pending").count()
ret["current_user_role"] = {
'is_owner': user_role_index(actor,
ret["members"]) in OWNER_ROLE_INDICES,
'is_approver': user_role_index(actor, ret["members"])
in APPROVER_ROLE_INDICES,
'is_manager': user_role(actor, ret["members"]) == "manager",
'is_member': user_role(actor, ret["members"]) is not None,
'role': user_role(actor, ret["members"]),
}
ret["can_leave"] = (ret["current_user_role"]['is_member']
and not ret["current_user_role"]['is_owner'])
ret["statuses"] = AUDIT_STATUS_CHOICES
# Add mapping_id to permissions structure
ret["my_permissions"] = group.my_permissions()
for perm_up in ret["permissions"]:
for perm_direct in ret["my_permissions"]:
if (perm_up['permission'] == perm_direct.name
and perm_up['argument'] == perm_direct.argument):
perm_up['mapping_id'] = perm_direct.mapping_id
break
ret["alerts"] = []
ret["self_pending"] = group.my_requests("pending", user=actor).count()
if ret["self_pending"]:
ret["alerts"].append(
Alert('info', 'You have a pending request to join this group.',
None))
return ret
def get_group_view_template_vars(session, actor, group, graph):
ret = {}
ret["grantable"] = user_grantable_permissions(session, actor)
try:
group_md = graph.get_group_details(group.name)
except NoSuchGroup:
# Very new group with no metadata yet, or it has been disabled and
# excluded from in-memory cache.
group_md = {}
ret["members"] = group.my_members()
ret["groups"] = group.my_groups()
ret["permissions"] = group_md.get('permissions', [])
ret["permission_requests_pending"] = []
for req in get_pending_request_by_group(session, group):
granters = []
for owner, argument in get_owner_arg_list(session, req.permission, req.argument):
granters.append(owner.name)
ret["permission_requests_pending"].append((req, granters))
ret["audited"] = group_md.get('audited', False)
ret["log_entries"] = group.my_log_entries()
ret["num_pending"] = group.my_requests("pending").count()
ret["current_user_role"] = {
'is_owner': user_role_index(actor, ret["members"]) in OWNER_ROLE_INDICES,
'is_approver': user_role_index(actor, ret["members"]) in APPROVER_ROLE_INDICIES,
'is_manager': user_role(actor, ret["members"]) == "manager",
'is_member': user_role(actor, ret["members"]) is not None,
'role': user_role(actor, ret["members"]),
}
ret["can_leave"] = (ret["current_user_role"]['is_member'] and not
ret["current_user_role"]['is_owner'])
ret["statuses"] = AUDIT_STATUS_CHOICES
# Add mapping_id to permissions structure
ret["my_permissions"] = group.my_permissions()
for perm_up in ret["permissions"]:
for perm_direct in ret["my_permissions"]:
if (perm_up['permission'] == perm_direct.name and
perm_up['argument'] == perm_direct.argument):
perm_up['mapping_id'] = perm_direct.mapping_id
break
ret["alerts"] = []
ret["self_pending"] = group.my_requests("pending", user=actor).count()
if ret["self_pending"]:
ret["alerts"].append(Alert('info', 'You have a pending request to join this group.',
None))
return ret
def get(self, group_id=None, name=None):
self.handle_refresh()
group = Group.get(self.session, group_id, name)
if not group:
return self.notfound()
grantable = self.current_user.my_grantable_permissions()
try:
group_md = self.graph.get_group_details(group.name)
except NoSuchGroup:
# Very new group with no metadata yet, or it has been disabled and
# excluded from in-memory cache.
group_md = {}
members = group.my_members()
groups = group.my_groups()
permissions = group_md.get('permissions', [])
permission_requests_pending = get_pending_request_by_group(self.session, group)
audited = group_md.get('audited', False)
log_entries = group.my_log_entries()
num_pending = group.my_requests("pending").count()
current_user_role = {
'is_owner': self.current_user.my_role_index(members) in OWNER_ROLE_INDICES,
'is_approver': self.current_user.my_role_index(members) in APPROVER_ROLE_INDICIES,
'is_manager': self.current_user.my_role(members) == "manager",
}
# Add mapping_id to permissions structure
my_permissions = group.my_permissions()
for perm_up in permissions:
for perm_direct in my_permissions:
if (perm_up['permission'] == perm_direct.name and
perm_up['argument'] == perm_direct.argument):
perm_up['mapping_id'] = perm_direct.mapping_id
break
alerts = []
self_pending = group.my_requests("pending", user=self.current_user).count()
if self_pending:
alerts.append(Alert('info', 'You have a pending request to join this group.', None))
self.render(
"group.html", group=group, members=members, groups=groups,
num_pending=num_pending, alerts=alerts, permissions=permissions,
log_entries=log_entries, grantable=grantable, audited=audited,
statuses=AUDIT_STATUS_CHOICES, current_user_role=current_user_role,
permission_requests_pending=permission_requests_pending
)
def get_group_view_template_vars(session, actor, group, graph):
# type: (Session, User, Group, GroupGraph) -> Dict[str, Any]
ret = {}
ret["grantable"] = user_grantable_permissions(session, actor)
try:
group_md = graph.get_group_details(group.name)
except NoSuchGroup:
# Very new group with no metadata yet, or it has been disabled and
# excluded from in-memory cache.
group_md = {}
ret["members"] = group.my_members()
ret["groups"] = group.my_groups()
ret["service_accounts"] = get_service_accounts(session, group)
ret["permissions"] = group_md.get("permissions", [])
for permission in ret["permissions"]:
permission["granted_on"] = datetime.fromtimestamp(
permission["granted_on"])
ret["permission_requests_pending"] = []
for req in get_pending_request_by_group(session, group):
granters = []
for owner, argument in get_owner_arg_list(session, req.permission,
req.argument):
granters.append(owner.name)
ret["permission_requests_pending"].append((req, granters))
ret["audited"] = group_md.get("audited", False)
ret["log_entries"] = group.my_log_entries()
ret["num_pending"] = count_requests_by_group(session,
group,
status="pending")
ret["current_user_role"] = {
"is_owner": user_role_index(actor,
ret["members"]) in OWNER_ROLE_INDICES,
"is_approver": user_role_index(actor, ret["members"])
in APPROVER_ROLE_INDICES,
"is_manager": user_role(actor, ret["members"]) == "manager",
"is_member": user_role(actor, ret["members"]) is not None,
"role": user_role(actor, ret["members"]),
}
ret["can_leave"] = (ret["current_user_role"]["is_member"]
and not ret["current_user_role"]["is_owner"])
ret["statuses"] = AUDIT_STATUS_CHOICES
# Add mapping_id to permissions structure
ret["my_permissions"] = group.my_permissions()
for perm_up in ret["permissions"]:
for perm_direct in ret["my_permissions"]:
if (perm_up["permission"] == perm_direct.name
and perm_up["argument"] == perm_direct.argument):
perm_up["mapping_id"] = perm_direct.mapping_id
break
ret["alerts"] = []
ret["self_pending"] = count_requests_by_group(session,
group,
status="pending",
user=actor)
if ret["self_pending"]:
ret["alerts"].append(
Alert("info", "You have a pending request to join this group.",
None))
return ret