def patch(self, username=None, *args, **kwargs):
name = username
user = User.visible(request).filter(User.username == name).first()
if not user:
return O.error(msg="User not found")
if not user.enabled:
# Allow only enabling
enable = kwargs.get("enable")
if not enable or enable not in ["1", "true", "True"]:
return O.error(msg="Cannot modify inactive user")
user.enabled = True
for k in set(kwargs.keys()).intersection(User.attrs):
setattr(user, k, kwargs[k])
groups = request.POST.getall('groups')
if groups:
to_remove = [g for g in user.groups if g.name not in groups]
for g in to_remove:
user.groups.remove(g)
grps = Group.visible(request).filter(Group.name.in_(groups)).all()
for g in grps:
user.groups.append(g)
else:
user.groups[:] = []
password = kwargs.get('password')
if password:
user.set_password(password)
phone = kwargs.get('phone')
if phone:
user.phone = phone
request.db.add(user)
def rm_group(self, name, *args):
group = Group.visible(request).filter(Group.name == name).first()
if not group:
return O.error(msg="Group not found")
request.db.delete(group)
request.db.commit()
def users(self, name=None, *args, **kwargs):
def modifier(roles):
return [
dict(as_user=role.as_user, servers=role.servers)
for role in roles
]
if name:
user = User.visible(request).filter(User.username == name).first()
return O.user(
user.serialize(skip=['id', 'org_id', 'password'],
rel=[('groups.name', 'groups')]))
else:
users = [
u.serialize(skip=['id', 'org_id', 'password'],
rel=[('groups.name', 'groups')]) for u in
User.visible(request).options(joinedload(User.groups)).all()
]
groups = [
u.serialize(skip=['id', 'org_id'],
rel=[
('roles', 'roles', modifier),
('users', 'users',
lambda us: [u.username for u in us]),
])
for u in Group.visible(request).options(joinedload(
Group.users)).options(joinedload(Group.roles)).all()
]
return O._anon(users=users,
groups=groups,
quota=dict(users=request.user.tier.users,
groups=request.user.tier.groups))
def profile(self, *args, **kwargs):
user = User.visible(request).filter(
User.username == request.user.username).one()
used = {
'total_repos': 0,
'cron_jobs': 0,
'api_keys': 0,
'users': 0,
'groups': 0,
'nodes': 0
}
used['total_repos'] = Repository.count(request)
used['cron_jobs'] = Job.count(request)
used['api_keys'] = ApiKey.count(request)
used['users'] = User.count(request)
used['groups'] = Group.count(request)
used['nodes'] = Node.count(request)
used['deployments'] = Deployment.count(request)
used['cloud_profiles'] = CloudProfile.count(request)
quotas = dict((k, dict(allowed=v, used=used[k]))
for k, v in request.user.tier._items.items()
if k in used)
return O.user(quotas=quotas,
plan=request.user.tier.name,
**user.serialize(skip=['id', 'org_id', 'password'],
rel=[('groups.name', 'groups')]))
def groups(self, name=None, *args):
def modifier(roles):
return [dict(as_user=role.as_user, servers=role.servers)
for role in roles]
if name:
group = Group.visible(request).filter(Group.name == name).first()
return O.group(group.serialize(
skip=['id', 'org_id'],
rel=[('roles', 'roles', modifier)]))
else:
groups = [u.serialize(
skip=['id', 'org_id'],
rel=[('roles', 'roles', modifier)])
for u in Group.visible(request).all()]
return O._anon(groups=groups,
quota=dict(allowed=request.user.tier.groups))
def rm_group(self, name, *args):
group = Group.visible(request).filter(Group.name == name).first()
if not group:
return O.error(msg="Group not found")
request.db.delete(group)
request.db.commit()
def groups(self, name=None, *args):
def modifier(roles):
return [
dict(as_user=role.as_user, servers=role.servers)
for role in roles
]
if name:
group = Group.visible(request).filter(Group.name == name).first()
return O.group(
group.serialize(skip=['id', 'org_id'],
rel=[('roles', 'roles', modifier)]))
else:
groups = [
u.serialize(skip=['id', 'org_id'],
rel=[('roles', 'roles', modifier)])
for u in Group.visible(request).all()
]
return O._anon(groups=groups,
quota=dict(allowed=request.user.tier.groups))
def modify_group_roles(self, name, *args, **kwargs):
name = name or kwargs['name']
add_roles = request.POST.getall('add')
rm_roles = request.POST.getall('remove')
group = Group.visible(request).filter(Group.name == name).first()
if not group:
return O.error(msg="Group is not available")
for role in rm_roles:
as_user, _, servers = role.rpartition("@")
if not as_user or not servers:
continue
if as_user == "*":
as_user = "******"
roles = [
r for r in group.roles
if r.as_user == as_user and r.servers == servers
]
for r in roles:
request.db.delete(r)
request.db.commit()
errs = []
for role in add_roles:
as_user, _, servers = role.rpartition("@")
if not Role.is_valid(as_user):
errs.append(as_user)
if errs:
if len(errs) == 1:
return O.error(msg="The role '%s' is not valid" % errs[0])
else:
return O.error(msg="The following roles are not valid: %s" %
", ".join(errs))
for role in add_roles:
as_user, _, servers = role.rpartition("@")
if not as_user or not servers:
continue
if as_user == "*":
as_user = "******"
r = Role(as_user=as_user, servers=servers, group=group)
try:
request.db.add(r)
request.db.commit()
except IntegrityError:
request.db.rollback()
def modify_group_roles(self, name, *args, **kwargs):
name = name or kwargs['name']
add_roles = request.POST.getall('add')
rm_roles = request.POST.getall('remove')
group = Group.visible(request).filter(Group.name == name).first()
if not group:
return O.error(msg="Group is not available")
for role in rm_roles:
as_user, _, servers = role.rpartition("@")
if not as_user or not servers:
continue
if as_user == "*":
as_user = "******"
roles = [r for r in group.roles if r.as_user == as_user and
r.servers == servers]
for r in roles:
request.db.delete(r)
request.db.commit()
errs = []
for role in add_roles:
as_user, _, servers = role.rpartition("@")
if not Role.is_valid(as_user):
errs.append(as_user)
if errs:
if len(errs) == 1:
return O.error(msg="The role '%s' is not valid" % errs[0])
else:
return O.error(msg="The following roles are not valid: %s" %
", ".join(errs))
for role in add_roles:
as_user, _, servers = role.rpartition("@")
if not as_user or not servers:
continue
if as_user == "*":
as_user = "******"
r = Role(as_user=as_user, servers=servers, group=group)
try:
request.db.add(r)
request.db.commit()
except IntegrityError:
request.db.rollback()
def profile(self, *args, **kwargs):
user = User.visible(request).filter(
User.username == request.user.username).one()
used = {'total_repos': 0, 'cron_jobs': 0,
'api_keys': 0, 'users': 0, 'groups': 0, 'nodes': 0}
used['total_repos'] = Repository.count(request)
used['cron_jobs'] = Job.count(request)
used['api_keys'] = ApiKey.count(request)
used['users'] = User.count(request)
used['groups'] = Group.count(request)
used['nodes'] = Node.count(request)
used['deployments'] = Deployment.count(request)
used['cloud_profiles'] = CloudProfile.count(request)
quotas = dict((k, dict(allowed=v, used=used[k]))
for k, v in request.user.tier._items.items()
if k in used)
return O.user(quotas=quotas,
plan=request.user.tier.name,
**user.serialize(
skip=['id', 'org_id', 'password'],
rel=[('groups.name', 'groups')]))
def add_group(self, name, *args, **kwargs):
name = name or kwargs['name']
org = request.db.query(Org).filter(Org.name == request.user.org).one()
group = Group(name=name, org=org)
request.db.add(group)
request.db.commit()