def add_permissions_to_groups(data, db_session, username):
    logger.info(LogMsg.START, username)

    schema_validate(data, GROUP_ADD_SCHEMA_PATH)
    logger.debug(LogMsg.SCHEMA_CHECKED)

    permissions = set(data.get('permissions'))
    groups = set(data.get('groups'))

    validate_permissions(permissions, db_session)
    validate_groups(groups, db_session)
    final_res = {}
    for group_id in groups:
        result = []

        for permission_id in permissions:
            if group_has_permission(permission_id, group_id, db_session):
                logger.error(LogMsg.PERMISSION_GROUP_ALREADY_HAS, {
                    'permission_id': permission_id,
                    'group_id': group_id
                })
                raise Http_error(409, Message.ALREADY_EXISTS)
            result.append(
                group_permission_to_dict(
                    add(permission_id, group_id, db_session, username)))
        final_res.update({group_id: result})

    logger.info(LogMsg.END)
    return final_res
def delete_permissions_of_groups(data, db_session, username):
    logger.info(LogMsg.START, username)

    schema_validate(data, GROUP_ADD_SCHEMA_PATH)
    logger.debug(LogMsg.SCHEMA_CHECKED)

    permissions = set(data.get('permissions'))
    groups = set(data.get('groups'))

    validate_permissions(permissions, db_session)
    validate_groups(groups, db_session)
    for group_id in groups:
        group = get_group(group_id, db_session, username)
        logger.debug(LogMsg.PERMISSION_CHECK, username)
        validate_permissions_and_access(username,
                                        db_session,
                                        'GROUP_PERMISSION_DELETE',
                                        model=group,
                                        access_level=Access_level.Premium)
        logger.debug(LogMsg.PERMISSION_VERIFIED, username)

        for permission_id in permissions:
            if not group_has_permission(permission_id, group_id, db_session):
                logger.error(LogMsg.PERMISSION_NOT_HAS_GROUP, {
                    'permission_id': permission_id,
                    'group_id': group_id
                })
                raise Http_error(404, Message.PERMISSION_NOT_FOUND)
            delete_permission_for_group(permission_id, group_id, db_session)

    logger.info(LogMsg.END)
    return {'result': 'successful'}
Exemple #3
0
def add_users_to_groups(data, db_session, username):
    logger.info(LogMsg.START, username)

    if username not in ADMINISTRATORS:
        logger.error(LogMsg.NOT_ACCESSED, {'username': username})
        raise Http_error(403, Message.ACCESS_DENIED)

    users = set(data.get('users'))
    groups = set(data.get('groups'))

    validate_users(users, db_session)
    validate_groups(groups, db_session)
    final_res = {}
    for group_id in groups:
        result = []
        for user_id in users:
            if user_is_in_group(user_id, group_id, db_session):
                logger.error(LogMsg.GROUP_USER_IS_IN_GROUP,
                             {'user_id': user_id, 'group_id': group_id})
                raise Http_error(409, Message.ALREADY_EXISTS)
            result.append(
                model_to_dict(add(user_id, group_id, db_session, username)))
        final_res.update({group_id: result})

    logger.info(LogMsg.END)
    return final_res
Exemple #4
0
def add_permissions_to_groups(data, db_session, username):
    logger.info(LogMsg.START, username)

    if username not in ADMINISTRATORS:
        logger.error(LogMsg.NOT_ACCESSED, {'username': username})
        raise Http_error(403, Message.ACCESS_DENIED)

    permissions = set(data.get('permissions'))
    groups = set(data.get('groups'))

    validate_permissions(permissions, db_session)
    validate_groups(groups, db_session)
    final_res = {}
    for group_id in groups:
        result = []
        for permission_id in permissions:
            if group_has_permission(permission_id, group_id, db_session):
                logger.error(LogMsg.PERMISSION_GROUP_ALREADY_HAS, {
                    'permission_id': permission_id,
                    'group_id': group_id
                })
                raise Http_error(409, Message.ALREADY_EXISTS)
            result.append(
                group_permission_to_dict(
                    add(permission_id, group_id, db_session, username)))
        final_res.update({group_id: result})

    logger.info(LogMsg.END)
    return final_res
Exemple #5
0
def get_user_group_list(user_id, db_session):
    result = db_session.query(GroupUser).filter(
        GroupUser.user_id == user_id).all()

    groups = []
    for item in result:
        groups.append(item.group_id)
    group_persons_list = validate_groups(groups, db_session)
    group_persons = {}
    for item in group_persons_list:
        group_persons.update({item.id: item.person_id})
    return group_persons
Exemple #6
0
def delete_users_from_groups(data, db_session, username):
    logger.info(LogMsg.START, username)

    if username not in ADMINISTRATORS:
        logger.error(LogMsg.NOT_ACCESSED, {'username': username})
        raise Http_error(403, Message.ACCESS_DENIED)

    users = set(data.get('users'))
    groups = set(data.get('groups'))

    validate_users(users, db_session)
    validate_groups(groups, db_session)
    for group_id in groups:
        for user_id in users:
            if not user_is_in_group(user_id, group_id, db_session):
                logger.error(LogMsg.GROUP_USER_NOT_IN_GROUP,
                             {'user_id': user_id, 'group_id': group_id})
                raise Http_error(404, Message.NOT_IN_GROUP)
            delete_user_group(user_id, group_id, db_session)

    logger.info(LogMsg.END)
    return {'result': 'successful'}
Exemple #7
0
def delete_permissions_of_groups(data, db_session, username):
    logger.info(LogMsg.START, username)

    if username not in ADMINISTRATORS:
        logger.error(LogMsg.NOT_ACCESSED, {'username': username})
        raise Http_error(403, Message.ACCESS_DENIED)

    permissions = set(data.get('permissions'))
    groups = set(data.get('groups'))

    validate_permissions(permissions, db_session)
    validate_groups(groups, db_session)
    for group_id in groups:
        for permission_id in permissions:
            if not group_has_permission(permission_id, group_id, db_session):
                logger.error(LogMsg.PERMISSION_NOT_HAS_GROUP, {
                    'permission_id': permission_id,
                    'group_id': group_id
                })
                raise Http_error(404, Message.PERMISSION_NOT_FOUND)
            delete_permission_for_group(permission_id, group_id, db_session)

    logger.info(LogMsg.END)
    return {'result': 'successful'}
Exemple #8
0
def add_users_to_groups(data, db_session, username):
    logger.info(LogMsg.START, username)
    user = check_user(username, db_session)

    schema_validate(data, USER_ADD_SCHEMA_PATH)
    logger.debug(LogMsg.SCHEMA_CHECKED)

    users = set(data.get('users'))
    groups = set(data.get('groups'))

    validate_users(users, db_session)
    group_entities = validate_groups(groups, db_session)

    if username not in ADMINISTRATORS:

        permissions, presses = get_user_permissions(username, db_session)

        permit = has_permission_or_not(
            [Permissions.PERMISSION_GROUP_USER_ADD_PREMIUM], permissions)
        if not permit:
            press_permit = has_permission_or_not(
                [Permissions.PERMISSION_GROUP_USER_ADD_PRESS], permissions)

            if not (press_permit
                    and is_user_group_owner(user.person_id, group_entities)):
                logger.error(LogMsg.PERMISSION_DENIED,
                             {'PERMISSION_GROUP_USER_ADD': username})
                raise Http_error(403, Message.ACCESS_DENIED)

    final_res = {}
    for group_id in groups:
        result = []
        for user_id in users:
            if user_is_in_group(user_id, group_id, db_session):
                logger.error(LogMsg.GROUP_USER_IS_IN_GROUP, {
                    'user_id': user_id,
                    'group_id': group_id
                })
                raise Http_error(409, Message.ALREADY_EXISTS)
            result.append(
                model_to_dict(add(user_id, group_id, db_session, username)))
        final_res.update({group_id: result})

    logger.info(LogMsg.END)
    return final_res
Exemple #9
0
def delete_users_from_groups(data, db_session, username):
    logger.info(LogMsg.START, username)

    user = check_user(username, db_session)

    schema_validate(data, USER_ADD_SCHEMA_PATH)
    logger.debug(LogMsg.SCHEMA_CHECKED)

    users = set(data.get('users'))
    groups = set(data.get('groups'))

    validate_users(users, db_session)
    group_entities = validate_groups(groups, db_session)

    if username not in ADMINISTRATORS:

        permissions, presses = get_user_permissions(username, db_session)

        permit = has_permission_or_not(
            [Permissions.PERMISSION_GROUP_USER_DELETE_PREMIUM], permissions)
        if not permit:
            press_permit = has_permission_or_not(
                [Permissions.PERMISSION_GROUP_USER_DELETE_PRESS], permissions)

            if not (press_permit
                    and is_user_group_owner(user.person_id, group_entities)):
                logger.error(LogMsg.PERMISSION_DENIED,
                             {'PERMISSION_GROUP_USER_ADD': username})
                raise Http_error(403, Message.ACCESS_DENIED)

    for group_id in groups:
        for user_id in users:
            if not user_is_in_group(user_id, group_id, db_session):
                logger.error(LogMsg.GROUP_USER_NOT_IN_GROUP, {
                    'user_id': user_id,
                    'group_id': group_id
                })
                raise Http_error(404, Message.NOT_IN_GROUP)
            delete_user_group(user_id, group_id, db_session)

    logger.info(LogMsg.END)
    return {'result': 'successful'}