Example #1
def get_individual_user_info(handler, name, service_account):
    # type: (GraphHandler, str, Optional[bool]) -> Dict[str, Any]
    """This is a helper function to retrieve all information about a user.

        handler: the GraphHandler for this request
        name: the name of the user whose data is being retrieved
        service_account: a boolean indicating if this request is for a service account or not. This
            can be None if you want to support users and service accounts (deprecated)

        A dictionary containing all of the user's data

        NoSuchUser: When no user with the given name exists, or has the the wrong serviceaccount
    with handler.graph.lock:
        if name not in handler.graph.user_metadata:
            raise NoSuchUser
        md = handler.graph.user_metadata[name]
        if service_account is not None:
            is_service_account = md["role_user"] or "service_account" in md
            if service_account != is_service_account:
                raise NoSuchUser

        details = handler.graph.get_user_details(name, expose_aliases=False)
        out = {"user": {"name": name}}
        # Updates the output with the user's metadata
        try_update(out["user"], md)
        # Updates the output with the user's details (such as permissions)
        try_update(out, details)
        return out
Example #2
def get_individual_user_info(handler, name, cutoff, service_account):
    # type: (GraphHandler, str, int, Optional[bool]) -> Dict[str, Any]
    """This is a helper function to retrieve all information about a user.

        handler: the GraphHandler for this request
        name: the name of the user whose data is being retrieved
        cutoff: the maximum distance of groups to use for permission checking
        service_account: a boolean indicating if this request is for a service account or not. This
            can be None if you want to support users and service accounts (deprecated)

        A dictionary containing all of the user's data

        NoSuchUser: When no user with the given name exists, or has the the wrong serviceaccount
    with handler.graph.lock:
        if name not in handler.graph.user_metadata:
            raise NoSuchUser
        md = handler.graph.user_metadata[name]
        if service_account is not None:
            is_service_account = md["role_user"] or "service_account" in md
            if service_account != is_service_account:
                raise NoSuchUser

        details = handler.graph.get_user_details(name, cutoff)
        out = {"user": {"name": name}}
        # Updates the output with the user's metadata
        try_update(out["user"], md)
        # Updates the output with the user's details (such as permissions)
        try_update(out, details)
        return out
Example #3
    def get(self, name=None):
        cutoff = int(self.get_argument("cutoff", 100))
        include_role_users = self.get_argument("include_role_users",
                                               "no") == "yes"

        with self.graph.lock:
            if not name:
                return self.success({
                        k for k, v in self.graph.user_metadata.iteritems()
                        if include_role_users or (not v["role_user"])

            if name in self.graph.user_metadata:
                md = self.graph.user_metadata[name]
                details = self.graph.get_user_details(name, cutoff)
                return self.notfound("User (%s) not found." % name)
            for key in md["public_keys"]:
                db_key = PublicKey.get(self.session, id=key["id"])
                perms = get_public_key_permissions(self.session, db_key)

                # Convert to set to remove duplicates, then back to list for json-serializability
                key["permissions"] = list(
                    set([(perm.name, perm.argument) for perm in perms]))

            out = {"user": {"name": name}}
            try_update(out["user"], md)
            try_update(out, details)
            return self.success(out)
Example #4
def get_individual_user_info(handler, name, cutoff, service_account):
    # type: (GraphHandler, str, int, Optional[bool]) -> None
    """This is a helper function to consolidate duplicate code from the service account and user
    endpoints into one location.

        handler: the GraphHandler for this request
        name: the name we're looking up for this request
        cutoff: the maximum distance of groups to use for permission checking
        service_account: a boolean indicating if this request is for a service account or not. This
            can be None if you want to support users and service accounts (deprecated)

    acc = "Service Account" if service_account else "User"
    with handler.graph.lock:
        if name not in handler.graph.user_metadata:
            return handler.notfound("{} ({}) not found.".format(acc, name))
        md = handler.graph.user_metadata[name]
        if service_account is not None and md["role_user"] != service_account:
            return handler.notfound("{} ({}) not found.".format(acc, name))

        details = handler.graph.get_user_details(name, cutoff)
        out = {"user": {"name": name}}
        # Updates the output with the user's metadata
        try_update(out["user"], md)
        # Updates the output with the user's details (such as permissions)
        try_update(out, details)
        return handler.success(out)
Example #5
    def get(self, name=None):
        cutoff = int(self.get_argument("cutoff", 100))
        include_role_users = self.get_argument("include_role_users", "no") == "yes"

        with self.graph.lock:
            if not name:
                return self.success({
                    "users": sorted([k
                                     for k, v in self.graph.user_metadata.iteritems()
                                     if include_role_users or (not v["role_user"])]),

            if name in self.graph.user_metadata:
                md = self.graph.user_metadata[name]
                details = self.graph.get_user_details(name, cutoff)
                return self.notfound("User (%s) not found." % name)
            for key in md["public_keys"]:
                db_key = PublicKey.get(self.session, id=key["id"])
                perms = get_public_key_permissions(self.session, db_key)

                # Convert to set to remove duplicates, then back to list for json-serializability
                key["permissions"] = list(set([(perm.name, perm.argument) for perm in perms]))

            out = {"user": {"name": name}}
            try_update(out["user"], md)
            try_update(out, details)
            return self.success(out)
Example #6
def get_individual_user_info(handler, name, cutoff, service_account):
    # type: (GraphHandler, str, int, Optional[bool]) -> None
    """This is a helper function to consolidate duplicate code from the service account and user
    endpoints into one location.

        handler: the GraphHandler for this request
        name: the name we're looking up for this request
        cutoff: the maximum distance of groups to use for permission checking
        service_account: a boolean indicating if this request is for a service account or not. This
            can be None if you want to support users and service accounts (deprecated)

    acc = "Service Account" if service_account else "User"
    with handler.graph.lock:
        if name not in handler.graph.user_metadata:
            return handler.notfound("{} ({}) not found.".format(acc, name))
        md = handler.graph.user_metadata[name]
        if service_account is not None and md["role_user"] != service_account:
            return handler.notfound("{} ({}) not found.".format(acc, name))

        details = handler.graph.get_user_details(name, cutoff)
        out = {"user": {"name": name}}
        # Updates the output with the user's metadata
        try_update(out["user"], md)
        # Updates the output with the user's details (such as permissions)
        try_update(out, details)
        return handler.success(out)
Example #7
    def get(self, name=None):
        if not name:
            usecase = self.usecase_factory.create_list_permissions_usecase(self)

        with self.graph.lock:
            if name not in self.graph.permissions:
                return self.notfound("Permission (%s) not found." % name)

            details = self.graph.get_permission_details(name, expose_aliases=False)

            out = {"permission": {"name": name}}
            try_update(out, details)
Example #8
    def get(self, name=None):
        with self.graph.lock:
            if not name:
                return self.success({
                    [permission for permission in self.graph.permissions],

            if name not in self.graph.permissions:
                return self.notfound("Permission (%s) not found." % name)

            details = self.graph.get_permission_details(name)

            out = {"permission": {"name": name}}
            try_update(out, details)
            return self.success(out)
Example #9
    def get(self, name=None):
        cutoff = int(self.get_argument("cutoff", 100))

        with self.graph.lock:
            if not name:
                return self.success({"groups": [group for group in self.graph.groups]})

            if name not in self.graph.groups:
                return self.notfound("Group (%s) not found." % name)

            details = self.graph.get_group_details(name, cutoff, expose_aliases=False)

            out = {"group": {"name": name}}
            try_update(out["group"], self.graph.group_metadata.get(name, {}))
            try_update(out, details)
            return self.success(out)
Example #10
    def get(self, *args, **kwargs):
        # type: (*Any, **Any) -> None
        name = kwargs.get("name")  # type: Optional[str]
        if not name:
            usecase = self.usecase_factory.create_list_permissions_usecase(self)

        with self.graph.lock:
            if name not in self.graph.permissions:
                return self.notfound("Permission (%s) not found." % name)

            details = self.graph.get_permission_details(name, expose_aliases=False)

            out = {"permission": {"name": name}}
            try_update(out, details)
Example #11
    def get(self, *args, **kwargs):
        # type: (*Any, **Any) -> None
        name = kwargs.get("name")  # type: Optional[str]
        if not name:
            usecase = self.usecase_factory.create_list_permissions_usecase(self)

        with self.graph.lock:
            if name not in self.graph.permissions:
                return self.notfound("Permission (%s) not found." % name)

            details = self.graph.get_permission_details(name, expose_aliases=False)

            out = {"permission": {"name": name}}
            try_update(out, details)
Example #12
    def get(self, name=None):
        with self.graph.lock:
            if not name:
                return self.success({
                    "permissions": [
                        for permission in self.graph.permissions

            if name not in self.graph.permissions:
                return self.notfound("Permission (%s) not found." % name)

            details = self.graph.get_permission_details(name, expose_aliases=False)

            out = {"permission": {"name": name}}
            try_update(out, details)
            return self.success(out)
Example #13
    def get(self, name=None):
        cutoff = int(self.get_argument("cutoff", 100))
        include_role_users = self.get_argument("include_role_users", "no") == "yes"

        with self.graph.lock:
            if not name:
                return self.success({
                    "users": sorted([k
                                     for k, v in self.graph.user_metadata.iteritems()
                                     if include_role_users or (not v["role_user"])]),

            if name in self.graph.user_metadata:
                md = self.graph.user_metadata[name]
                details = self.graph.get_user_details(name, cutoff)
                return self.notfound("User (%s) not found." % name)
            out = {"user": {"name": name}}
            try_update(out["user"], md)
            try_update(out, details)
            return self.success(out)
Example #14
    def get(self, name=None):
        cutoff = int(self.get_argument("cutoff", 100))

        with self.graph.lock:
            if not name:
                return self.success({
                    "groups": [
                        for group in self.graph.groups

            if name not in self.graph.groups:
                return self.notfound("Group (%s) not found." % name)

            details = self.graph.get_group_details(name, cutoff)

            out = {"group": {"name": name}}
            try_update(out["group"], self.graph.group_metadata.get(name, {}))
            try_update(out, details)
            return self.success(out)