def get(self, role_id):
"""
.. http:get:: /roles/1/credentials
View a roles credentials
**Example request**:
.. sourcecode:: http
GET /users/1 HTTP/1.1
Host: example.com
Accept: application/json, text/javascript
**Example response**:
.. sourcecode:: http
HTTP/1.1 200 OK
Vary: Accept
Content-Type: text/javascript
{
"username": "******",
"password": "******"
}
:reqheader Authorization: OAuth token to authenticate
:statuscode 200: no error
:statuscode 403: unauthenticated
"""
permission = RoleMemberPermission(role_id)
if permission.can():
role = service.get(role_id)
response = make_response(
jsonify(username=role.username, password=role.password), 200
)
response.headers["cache-control"] = "private, max-age=0, no-cache, no-store"
response.headers["pragma"] = "no-cache"
log_service.audit_log("view_role_credentials", role.name, "View role username and password")
return response
return (
dict(
message="You are not authorized to view the credentials for this role."
),
403,
)
def put(self, role_id, data=None):
"""
.. http:put:: /roles/1
Update a role
**Example request**:
.. sourcecode:: http
PUT /roles/1 HTTP/1.1
Host: example.com
Accept: application/json, text/javascript
Content-Type: application/json;charset=UTF-8
{
"name": "role1",
"description": "This is a new description"
}
**Example response**:
.. sourcecode:: http
HTTP/1.1 200 OK
Vary: Accept
Content-Type: text/javascript
{
"id": 1,
"name": "role1",
"description": "this is a new description"
}
:reqheader Authorization: OAuth token to authenticate
:statuscode 200: no error
:statuscode 403: unauthenticated
"""
permission = RoleMemberPermission(role_id)
if permission.can():
return service.update(
role_id, data["name"], data.get("description"), data.get("users")
)
return dict(message="You are not authorized to modify this role."), 403
def get(self, role_id):
"""
.. http:get:: /roles/1
Get a particular role
**Example request**:
.. sourcecode:: http
GET /roles/1 HTTP/1.1
Host: example.com
Accept: application/json, text/javascript
**Example response**:
.. sourcecode:: http
HTTP/1.1 200 OK
Vary: Accept
Content-Type: text/javascript
{
"id": 1,
"name": "role1",
"description": "this is role1"
}
:reqheader Authorization: OAuth token to authenticate
:statuscode 200: no error
:statuscode 403: unauthenticated
"""
# we want to make sure that we cannot view roles that we are not members of
permission = RoleMemberPermission(role_id)
if permission.can():
return service.get(role_id)
return (
dict(
message=
"You are not allowed to view a role which you are not a member of."
),
403,
)
def put(self, role_id, data=None):
"""
.. http:put:: /roles/1
Update a role
**Example request**:
.. sourcecode:: http
PUT /roles/1 HTTP/1.1
Host: example.com
Accept: application/json, text/javascript
{
"name": "role1",
"description": "This is a new description"
}
**Example response**:
.. sourcecode:: http
HTTP/1.1 200 OK
Vary: Accept
Content-Type: text/javascript
{
"id": 1,
"name": "role1",
"description": "this is a new description"
}
:reqheader Authorization: OAuth token to authenticate
:statuscode 200: no error
:statuscode 403: unauthenticated
"""
permission = RoleMemberPermission(role_id)
if permission.can():
return service.update(role_id, data['name'], data.get('description'), data.get('users'))
return dict(message='You are not authorized to modify this role.'), 403
def get(self, role_id):
"""
.. http:get:: /roles/1/credentials
View a roles credentials
**Example request**:
.. sourcecode:: http
GET /users/1 HTTP/1.1
Host: example.com
Accept: application/json, text/javascript
**Example response**:
.. sourcecode:: http
HTTP/1.1 200 OK
Vary: Accept
Content-Type: text/javascript
{
"username: "******",
"password": "******"
}
:reqheader Authorization: OAuth token to authenticate
:statuscode 200: no error
:statuscode 403: unauthenticated
"""
permission = RoleMemberPermission(role_id)
if permission.can():
role = service.get(role_id)
response = make_response(jsonify(username=role.username, password=role.password), 200)
response.headers['cache-control'] = 'private, max-age=0, no-cache, no-store'
response.headers['pragma'] = 'no-cache'
return response
return dict(message='You are not authorized to view the credentials for this role.'), 403
def get(self, role_id):
"""
.. http:get:: /roles/1
Get a particular role
**Example request**:
.. sourcecode:: http
GET /roles/1 HTTP/1.1
Host: example.com
Accept: application/json, text/javascript
**Example response**:
.. sourcecode:: http
HTTP/1.1 200 OK
Vary: Accept
Content-Type: text/javascript
{
"id": 1,
"name": "role1",
"description": "this is role1"
}
:reqheader Authorization: OAuth token to authenticate
:statuscode 200: no error
:statuscode 403: unauthenticated
"""
# we want to make sure that we cannot view roles that we are not members of
permission = RoleMemberPermission(role_id)
if permission.can():
return service.get(role_id)
return dict(message="You are not allowed to view a role which you are not a member of."), 403