def test_acl_role_not_found(self): assert_report_item_equal( lib.acl_error_to_report_item(lib.AclRoleNotFound("id")), ( severities.ERROR, report_codes.ID_NOT_FOUND, { "id": "id", "id_description": "role", } ) )
def remove_role(lib_env, role_id, autodelete_users_groups=False): """ Remove role with specified id from CIB. Raises LibraryError on any failure. lib_env -- LibraryEnvironment role_id -- id of role which should be deleted autodelete_users_groups -- if True targets and groups which are empty after removal will be removed """ cib = lib_env.get_cib(REQUIRED_CIB_VERSION) try: acl.remove_role(cib, role_id, autodelete_users_groups) except acl.AclRoleNotFound as e: raise LibraryError(acl.acl_error_to_report_item(e)) lib_env.push_cib(cib)
def assign_role_to_target(lib_env, role_id, target_id): """ Assign role with id role_id to target with id target_id. Raises LibraryError on any failure. lib_env -- LibraryEnvironment role_id -- id of acl_role element which should be assigned to target target_id -- id of acl_target element to which role should be assigned """ cib = lib_env.get_cib(REQUIRED_CIB_VERSION) try: acl.assign_role(acl.find_target(cib, target_id), acl.find_role(cib, role_id)) except acl.AclError as e: raise LibraryError(acl.acl_error_to_report_item(e)) lib_env.push_cib(cib)
def assign_role_to_target(lib_env, role_id, target_id): """ Assign role with id role_id to target with id target_id. Raises LibraryError on any failure. lib_env -- LibraryEnvironment role_id -- id of acl_role element which should be assigned to target target_id -- id of acl_target element to which role should be assigned """ cib = lib_env.get_cib(REQUIRED_CIB_VERSION) try: acl.assign_role( acl.find_target(cib, target_id), acl.find_role(cib, role_id) ) except acl.AclError as e: raise LibraryError(acl.acl_error_to_report_item(e)) lib_env.push_cib(cib)
def _assign_roles_to_element(cib, element, role_id_list): """ Assign roles from role_id_list to element. Raises LibraryError on any failure. cib -- cib etree node element -- element to which specified roles should be assigned role_id_list -- list of role id """ report_list = [] for role_id in role_id_list: try: acl.assign_role(element, acl.find_role(cib, role_id)) except acl.AclError as e: report_list.append(acl.acl_error_to_report_item(e)) if report_list: raise LibraryError(*report_list)
def assign_role_not_specific(lib_env, role_id, target_or_group_id): """ Assign role wth id role_id to target or group with id target_or_group_id. Target element has bigger pririty so if there are target and group with same id only target element will be affected by this function. Raises LibraryError on any failure. lib_env -- LibraryEnviroment role_id -- id of role which should be assigne to target/group target_or_group_id -- id of target/group element """ cib = lib_env.get_cib(REQUIRED_CIB_VERSION) try: acl.assign_role(_get_target_or_group(cib, target_or_group_id), acl.find_role(cib, role_id)) except acl.AclError as e: raise LibraryError(acl.acl_error_to_report_item(e)) lib_env.push_cib(cib)
def assign_role_not_specific(lib_env, role_id, target_or_group_id): """ Assign role wth id role_id to target or group with id target_or_group_id. Target element has bigger pririty so if there are target and group with same id only target element will be affected by this function. Raises LibraryError on any failure. lib_env -- LibraryEnviroment role_id -- id of role which should be assigne to target/group target_or_group_id -- id of target/group element """ cib = lib_env.get_cib(REQUIRED_CIB_VERSION) try: acl.assign_role( _get_target_or_group(cib, target_or_group_id), acl.find_role(cib, role_id) ) except acl.AclError as e: raise LibraryError(acl.acl_error_to_report_item(e)) lib_env.push_cib(cib)
def unassign_role_from_group(lib_env, role_id, group_id, autodelete_group=False): """ Unassign role with role_id from group with id group_id. Raises LibraryError on any failure. lib_env -- LibraryEnvironment role_id -- id of role which should be unassigned from group group_id -- id of acl_group element autodelete_target -- if True remove group element if has no more role assigned """ cib = lib_env.get_cib(REQUIRED_CIB_VERSION) try: acl.unassign_role(acl.find_group(cib, group_id), role_id, autodelete_group) except acl.AclError as e: raise LibraryError(acl.acl_error_to_report_item(e)) lib_env.push_cib(cib)
def unassign_role_from_group( lib_env, role_id, group_id, autodelete_group=False ): """ Unassign role with role_id from group with id group_id. Raises LibraryError on any failure. lib_env -- LibraryEnvironment role_id -- id of role which should be unassigned from group group_id -- id of acl_group element autodelete_target -- if True remove group element if has no more role assigned """ cib = lib_env.get_cib(REQUIRED_CIB_VERSION) try: acl.unassign_role( acl.find_group(cib, group_id), role_id, autodelete_group ) except acl.AclError as e: raise LibraryError(acl.acl_error_to_report_item(e)) lib_env.push_cib(cib)
def test_unknown_exception(self): self.assert_raises( LibraryError, lambda: lib.acl_error_to_report_item(LibraryError()) )