def lambda_handler(event, context):
print('Received event:\n{}'.format(event))
try:
region = os.environ.get('AWS_DEFAULT_REGION')
dynamodb = boto3.resource('dynamodb', region_name=region)
group = Group(dynamodb)
params = {'id': str(uuid.uuid4()), 'name': 'admin'}
group.create(params)
params = {'id': str(uuid.uuid4()), 'name': 'public'}
group.create(params)
response = {
'statusCode': 200
}
response['headers'] = {"Access-Control-Allow-Origin": "*"}
response['body'] = json.dumps("successfully initialized")
return response
except Exception as ex:
traceback.print_exc()
err_msg = '%s' % ex
response = {
'statusCode': 500
}
response['headers'] = {"Access-Control-Allow-Origin": "*"}
response['body'] = json.dumps(err_msg)
return response
def setup_group(self, team_id, uid):
is_admin = False
# create a default group if not exists
from porper.models.group import Group
group = Group(self.connection, loglevel)
group_info = group.find_by_id(team_id)
if not group_info:
# if this is the first user in this group, make it as admin
is_admin = True
group_info = {"id": team_id, "name": team_id}
group.create(group_info)
# now add this user to its default group
from porper.models.user_group import UserGroup
user_group = UserGroup(self.connection, loglevel)
user_group_info = {
"user_id": uid,
"group_id": team_id,
"is_admin": is_admin
}
self.logger.debug(ser_group_info)
user_group.create(user_group_info)
class GroupController(MetaResourceController):
def __init__(self, connection=None, loglevel="INFO"):
#self.connection = connection
MetaResourceController.__init__(self, connection, loglevel)
from porper.models.group import Group
self.group = Group(self.connection, loglevel)
from porper.models.user import User
self.user = User(self.connection, loglevel)
# from porper.controllers.user_group_controller import UserGroupController
# self.user_group_controller = UserGroupController(self.connection)
self.permission_name = 'group'
# only the admin can create a group
def create(self, access_token, params):
"""
possible attributes in params
- [id], name
"""
self.logger.info(f"params={params}")
self.logger.info(f"access_token={access_token}")
# self.logger.info(f"paths={paths}")
self.find_user_level(access_token)
if not self.is_permitted(self.permission_name, self.permission_write):
raise Exception("not permitted")
if "customer_id" not in params or not self.is_member(
customer_id=params['customer_id']):
raise Exception("not permitted")
return self.group.create(params)
def update(self, access_token, params):
"""
possible attributes in params
- id, name
"""
self.logger.info(f'group_controller_update-params={params}')
self.logger.info(
f'group_controller_update-access_token={access_token}')
self.find_user_level(access_token)
if not self.is_permitted(self.permission_name, self.permission_write):
raise Exception("not permitted")
item = self.group.find_by_id(params['id'])
if not item or not self.is_member(customer_id=item['customer_id']):
raise Exception("not permitted")
if params.get('customer_id'):
raise Exception('You cannot update the group customer')
if 'name' in params:
ret = self.group.find({'name': params['name']})
if ret and ret[0]['id'] != params['id']:
raise Exception("the group name already exists")
return self.group.update(params)
def delete(self, access_token, params):
"""
possible attributes in params
- id
"""
self.find_user_level(access_token)
if not self.is_permitted(self.permission_name, self.permission_write):
raise Exception("not permitted")
item = self.group.find_by_id(params['id'])
if not item or not self.is_member(customer_id=item['customer_id']):
raise Exception("not permitted")
# cannot remove it when it has users
users = self.user.find({'group_id': params['id']})
if len(users) > 0:
raise Exception(
"You must remove all users before removing this group")
return self.group.delete(params['id'])
def find(self, access_token, params):
"""
possible attributes in params
- user_id: find all groups where this given user belongs
- id: find a specific group
- ids: find specific groups
- None: No condition
- name
"""
self.find_user_level(access_token)
if 'closed' in params:
if not self.is_permitted(self.permission_name,
self.permission_read):
raise Exception("not permitted")
customer_id = None
user_id = None
if 'closed' in params:
# allow users/groups of the groups only this user belongs
if self.is_customer_admin:
customer_id = self.customer_id
elif not self.is_admin:
user_id = self.user_id
del params['closed']
else:
# allow all users/groups of the customer this user belongs
if not self.is_admin:
customer_id = self.customer_id
if 'ids' in params:
groups = self.group.find_by_ids(params['ids'],
customer_id=customer_id,
user_id=user_id)
return groups
else:
groups = self.group.find(params,
customer_id=customer_id,
user_id=user_id)
if groups and 'id' in params:
return groups[0]
return groups
import sys
sys.path.append('..')
import os
region = os.environ.get('AWS_DEFAULT_REGION')
import boto3
dynamodb = boto3.resource('dynamodb', region_name=region)
from porper.models.group import Group
group = Group(dynamodb)
params = {'id': 'ffffffff-ffff-ffff-ffff-ffffffffffff', 'name': 'admin'}
group.create(params)
params = {'id': '435a6417-6c1f-4d7c-87dd-e8f6c0effc7a', 'name': 'public'}
group.create(params)