def roles(values): """ Validate that the passed in roles exist. :param values: :return: :raise ValueError: """ rs = [] for role in values: r = role_service.get(role['id']) if not r: raise ValueError("Role {0} does not exist".format(role['name'])) rs.append(r) return rs
def get(self, role_id): """ .. http:get:: /roles/1/credentials View a roles credentials **Example request**: .. sourcecode:: http GET /users/1 HTTP/1.1 Host: example.com Accept: application/json, text/javascript **Example response**: .. sourcecode:: http HTTP/1.1 200 OK Vary: Accept Content-Type: text/javascript { "username": "******", "password": "******" } :reqheader Authorization: OAuth token to authenticate :statuscode 200: no error :statuscode 403: unauthenticated """ permission = RoleMemberPermission(role_id) if permission.can(): role = service.get(role_id) response = make_response( jsonify(username=role.username, password=role.password), 200 ) response.headers["cache-control"] = "private, max-age=0, no-cache, no-store" response.headers["pragma"] = "no-cache" log_service.audit_log("view_role_credentials", role.name, "View role username and password") return response return ( dict( message="You are not authorized to view the credentials for this role." ), 403, )
def get(self, role_id): """ .. http:get:: /roles/1/users Get all users associated with a role **Example request**: .. sourcecode:: http GET /roles/1/users HTTP/1.1 Host: example.com Accept: application/json, text/javascript **Example response**: .. sourcecode:: http HTTP/1.1 200 OK Vary: Accept Content-Type: text/javascript { "items": [ { "id": 2, "active": True, "email": "*****@*****.**", "username": "******", "profileImage": null }, { "id": 1, "active": False, "email": "*****@*****.**", "username": "******", "profileImage": null } ] "total": 2 } :reqheader Authorization: OAuth token to authenticate :statuscode 200: no error """ return role_service.get(role_id).users
def get(self, role_id): """ .. http:get:: /roles/1 Get a particular role **Example request**: .. sourcecode:: http GET /roles/1 HTTP/1.1 Host: example.com Accept: application/json, text/javascript **Example response**: .. sourcecode:: http HTTP/1.1 200 OK Vary: Accept Content-Type: text/javascript { "id": 1, "name": "role1", "description": "this is role1" } :reqheader Authorization: OAuth token to authenticate :statuscode 200: no error :statuscode 403: unauthenticated """ # we want to make sure that we cannot view roles that we are not members of permission = RoleMemberPermission(role_id) if permission.can(): return service.get(role_id) return ( dict( message= "You are not allowed to view a role which you are not a member of." ), 403, )
def get(self, role_id): """ .. http:get:: /roles/1 Get a particular role **Example request**: .. sourcecode:: http GET /roles/1 HTTP/1.1 Host: example.com Accept: application/json, text/javascript **Example response**: .. sourcecode:: http HTTP/1.1 200 OK Vary: Accept Content-Type: text/javascript { "id": 1, "name": "role1", "description": "this is role1" } :reqheader Authorization: OAuth token to authenticate :statuscode 200: no error :statuscode 403: unauthenticated """ # we want to make sure that we cannot view roles that we are not members of if not g.current_user.is_admin: user_role_ids = set([r.id for r in g.current_user.roles]) if role_id not in user_role_ids: return dict( message= "You are not allowed to view a role which you are not a member of" ), 403 return service.get(role_id)
def get(self, role_id): """ .. http:get:: /roles/1/credentials View a roles credentials **Example request**: .. sourcecode:: http GET /users/1 HTTP/1.1 Host: example.com Accept: application/json, text/javascript **Example response**: .. sourcecode:: http HTTP/1.1 200 OK Vary: Accept Content-Type: text/javascript { "username: "******", "password": "******" } :reqheader Authorization: OAuth token to authenticate :statuscode 200: no error :statuscode 403: unauthenticated """ permission = ViewRoleCredentialsPermission(role_id) if permission.can(): role = service.get(role_id) response = make_response( jsonify(username=role.username, password=role.password), 200) response.headers[ 'cache-control'] = 'private, max-age=0, no-cache, no-store' response.headers['pragma'] = 'no-cache' return response abort(403)
def get(self, role_id): """ .. http:get:: /roles/1 Get a particular role **Example request**: .. sourcecode:: http GET /roles/1 HTTP/1.1 Host: example.com Accept: application/json, text/javascript **Example response**: .. sourcecode:: http HTTP/1.1 200 OK Vary: Accept Content-Type: text/javascript { "id": 1, "name": "role1", "description": "this is role1" } :reqheader Authorization: OAuth token to authenticate :statuscode 200: no error :statuscode 403: unauthenticated """ # we want to make sure that we cannot view roles that we are not members of if not g.current_user.is_admin: user_role_ids = set([r.id for r in g.current_user.roles]) if role_id not in user_role_ids: return dict(message="You are not allowed to view a role which you are not a member of"), 403 return service.get(role_id)
def get(self, role_id): """ .. http:get:: /roles/1/credentials View a roles credentials **Example request**: .. sourcecode:: http GET /users/1 HTTP/1.1 Host: example.com Accept: application/json, text/javascript **Example response**: .. sourcecode:: http HTTP/1.1 200 OK Vary: Accept Content-Type: text/javascript { "username: "******", "password": "******" } :reqheader Authorization: OAuth token to authenticate :statuscode 200: no error :statuscode 403: unauthenticated """ permission = ViewRoleCredentialsPermission(role_id) if permission.can(): role = service.get(role_id) response = make_response(jsonify(username=role.username, password=role.password), 200) response.headers['cache-control'] = 'private, max-age=0, no-cache, no-store' response.headers['pragma'] = 'no-cache' return response abort(403)