def delete(self, request, largs, name):
"""
Delete a user.
"""
if not request.user.has_perm('Users.user_delete'):
return HttpResponseForbidden()
user_backend.remove(username=name)
return HttpResponseNoContent()
def get(self, request, largs, name):
"""
Verify that a user exists.
"""
if not request.user.has_perm('Users.user_exists'):
return HttpResponseForbidden()
if user_backend.exists(username=name):
return HttpResponseNoContent()
else:
raise UserNotFound(name) # 404 Not Found
def delete(self, request, largs, name):
"""
Delete a group.
"""
if not request.user.has_perm('Groups.group_delete'):
return HttpResponseForbidden()
group = group_backend.get(service=request.user, name=name)
group_backend.remove(group=group)
self.log.info("Deleted group", extra=largs)
return HttpResponseNoContent()
def get(self, request, largs, name):
"""
Verify that a group exists.
"""
if not request.user.has_perm('Groups.group_exists'):
return HttpResponseForbidden()
if group_backend.exists(service=request.user, name=name):
return HttpResponseNoContent()
else:
raise GroupNotFound(name)
def delete(self, request, largs, name, subname):
"""
Delete a property.
"""
if not request.user.has_perm('Users.prop_delete'):
return HttpResponseForbidden()
# If UserNotFound: 404 Not Found
user = user_backend.get(username=name)
property_backend.remove(user=user, key=subname)
return HttpResponseNoContent()
def post(self, request, largs, name):
"""
Verify a users password.
"""
if not request.user.has_perm('Users.user_verify_password'):
return HttpResponseForbidden()
# If BadRequest: 400 Bad Request
password = self._parse_post(request)
if user_backend.check_password(username=name, password=password):
return HttpResponseNoContent()
else:
raise UserNotFound(name)
def delete(self, request, largs, name, subname):
"""
Remove a subgroup from a group.
"""
if not request.user.has_perm('Groups.group_remove_group'):
return HttpResponseForbidden()
# If GroupNotFound: 404 Not Found
group = group_backend.get(service=request.user, name=name)
subgroup = group_backend.get(service=request.user, name=subname)
group_backend.rm_subgroup(group=group, subgroup=subgroup)
self.log.info('Remove subgroup %s', subname, extra=largs)
return HttpResponseNoContent()
def put(self, request, largs, name):
"""
Change a users password.
"""
if not request.user.has_perm('Users.user_change_password'):
return HttpResponseForbidden()
# If BadRequest: 400 Bad Request
password = self._parse_put(request)
if password is not None and password != '':
if len(password) < settings.MIN_PASSWORD_LENGTH:
raise PasswordInvalid("Password too short")
user_backend.set_password(username=name, password=password)
return HttpResponseNoContent()
def delete(self, request, largs, name, subname):
"""
Remove a user from a group.
"""
if not request.user.has_perm('Groups.group_remove_user'):
return HttpResponseForbidden()
# If GroupNotFound: 404 Not Found
group = group_backend.get(service=request.user, name=name)
# If UserNotFound: 404 Not Found
user = user_backend.get(username=subname)
group_backend.rm_user(group=group, user=user)
self.log.info('Remove user from group', extra=largs)
return HttpResponseNoContent()
def put(self, request, largs, name):
"""
Set multiple properties.
"""
if not request.user.has_perm('Users.prop_create'):
return HttpResponseForbidden()
# If UserNotFound: 404 Not Found
user = user_backend.get(username=name)
properties = parse_dict(request)
for key in six.iterkeys(properties):
if not resource_validator(key):
raise PreconditionFailed(
"Property contains invalid characters")
property_backend.set_multiple(user=user, props=properties)
return HttpResponseNoContent()
def get(self, request, largs, name, subname):
"""
Verify that a user is in a group.
"""
if not request.user.has_perm('Groups.group_user_in_group'):
return HttpResponseForbidden()
# If GroupNotFound: 404 Not Found
group = group_backend.get(service=request.user, name=name)
# If UserNotFound: 404 Not Found
user = user_backend.get(username=subname)
if group_backend.is_member(group=group, user=user):
return HttpResponseNoContent()
else:
raise UserNotFound(subname) # 404 Not Found
def post(self, request, largs, name):
"""
Add a sub-group.
"""
if not request.user.has_perm('Groups.group_add_group'):
return HttpResponseForbidden()
# If BadRequest: 400 Bad Request
subname = self._parse_post(request).lower()
# If GroupNotFound: 404 Not Found
group = group_backend.get(service=request.user, name=name)
subgroup = group_backend.get(service=request.user, name=subname)
group_backend.add_subgroup(group=group, subgroup=subgroup)
self.log.info('Add subgroup "%s"', subname, extra=largs)
return HttpResponseNoContent()
def post(self, request, largs, name):
"""
Add a user to a group.
"""
if not request.user.has_perm('Groups.group_add_user'):
return HttpResponseForbidden()
# If BadRequest: 400 Bad Request
username = self._parse_post(request).lower()
# If GroupNotFound: 404 Not Found
group = group_backend.get(service=request.user, name=name)
# If UserNotFound: 404 Not Found
user = user_backend.get(username=username)
group_backend.add_user(group=group, user=user)
self.log.info('Add user "%s"', username, extra=largs)
return HttpResponseNoContent()