def fake_super_admin() -> PrincipalService: return PrincipalService(User( userId='1', userName='******', tenantId='-1', role=UserRole.SUPER_ADMIN ))
def fake_tenant_admin( tenant_id: TenantId, user_id: Optional[UserId] = None, user_name: Optional[str] = None) -> PrincipalService: return PrincipalService(User( userId='1' if is_blank(user_id) else user_id, userName='******' if is_blank(user_name) else user_name, tenantId='-1' if is_blank(tenant_id) else tenant_id, role=UserRole.ADMIN ))
def ask_super_admin() -> PrincipalService: return PrincipalService( User(userId=settings.SUPER_ADMIN_USER_ID, name=settings.SUPER_ADMIN_USER_NAME, nickname=settings.SUPER_ADMIN_USER_NICKNAME, isActive=True, groupIds=[], tenantId=settings.SUPER_ADMIN_TENANT_ID, role=UserRole.SUPER_ADMIN))
def fake_to_tenant(principal_service: PrincipalService, tenant_id: TenantId) -> PrincipalService: if principal_service.is_super_admin(): # fake principal as tenant admin return PrincipalService( User(userId=principal_service.get_user_id(), tenantId=tenant_id, name=principal_service.get_user_name(), role=UserRole.ADMIN)) else: return principal_service
def to_dask_args(loop: DistributedUnitLoop, variableValue: Any) -> List[Any]: cloned = loop.pipelineVariables.clone() cloned.put(loop.loopVariableName, deepcopy(variableValue)) return [ loop.pipeline, loop.stage, loop.unit, User(userId=loop.principalService.get_user_id(), name=loop.principalService.get_user_name(), tenantId=loop.principalService.get_tenant_id(), role=loop.principalService.get_user_role()), cloned ]
def deserialize(self, row: EntityRow) -> User: # noinspection PyTypeChecker return TupleShaper.deserialize_tenant_based(row, User( userId=row.get('user_id'), name=row.get('name'), nickName=row.get('nickname'), password=row.get('password'), isActive=row.get('is_active'), groupIds=row.get('group_ids'), role=row.get('role') ))
def action(user: User) -> User: # crypt password pwd = user.password if is_not_blank(pwd): user.password = crypt_password(pwd) if user.isActive is None: user.isActive = True if user_service.is_storable_id_faked(user.userId): if principal_service.is_super_admin() and check_user_group: if user.groupIds is not None and len(user.groupIds) != 0: # for super admin create user, there is no user group allowed raise_400( 'No user group allowed for creating user by super admin.' ) user_service.redress_storable_id(user) user_group_ids = ArrayHelper(user.groupIds).distinct().to_list() user.groupIds = user_group_ids # noinspection PyTypeChecker user: User = user_service.create(user) # synchronize user to user groups sync_user_to_groups(user_service, user.userId, user_group_ids, user.tenantId) else: # noinspection PyTypeChecker existing_user: Optional[User] = user_service.find_by_id( user.userId) if existing_user is not None: if existing_user.tenantId != user.tenantId: raise_403() elif is_blank(user.password): # keep original password user.password = existing_user.password if principal_service.is_super_admin() and check_user_group: # for super admin update user, simply keep user group user.groupIds = existing_user.groupIds else: user_group_ids = ArrayHelper( user.groupIds).distinct().to_list() user.groupIds = user_group_ids user_group_ids = user.groupIds # noinspection PyTypeChecker user: User = user_service.update(user) if principal_service.is_tenant_admin(): # remove user from user groups, in case user groups are removed removed_user_group_ids = ArrayHelper( existing_user.groupIds).difference( user_group_ids).to_list() remove_user_from_groups(user_service, user.userId, removed_user_group_ids, user.tenantId) # synchronize user to user groups sync_user_to_groups(user_service, user.userId, user_group_ids, user.tenantId) # remove password clear_pwd(user) return user
def ask_principal_service(principal_service: PrincipalService, tenant_id: Optional[TenantId]) -> PrincipalService: if principal_service.is_tenant_admin(): if is_blank(tenant_id): return principal_service elif tenant_id != principal_service.get_tenant_id(): raise_400( f'Tenant id[{tenant_id}] does not match current principal.') else: return principal_service elif principal_service.is_super_admin(): if is_blank(tenant_id): raise_400('Tenant id is required.') tenant_service = get_tenant_service(principal_service) tenant: Optional[Tenant] = tenant_service.find_by_id(tenant_id) if tenant is None: raise_404(f'Tenant[id={tenant_id}] not found.') return PrincipalService( User(tenantId=tenant_id, userId=principal_service.get_user_id(), name=principal_service.get_user_name(), role=UserRole.ADMIN))
async def fetch_pipeline_logs( criteria: PipelineMonitorLogCriteria, principal_service: PrincipalService = Depends(get_any_admin_principal) ) -> PipelineMonitorLogDataPage: if principal_service.is_super_admin(): if is_blank(criteria.tenantId): raise_400('Tenant id is required.') # fake principal as tenant admin principal_service = PrincipalService(User( userId=principal_service.get_user_id(), tenantId=criteria.tenantId, name=principal_service.get_user_name(), role=UserRole.ADMIN)) else: criteria.tenantId = principal_service.get_tenant_id() page = PipelineMonitorLogDataService(principal_service).page(criteria) # translate dataId to string def translate_data_id_to_str(log: PipelineMonitorLog) -> None: log.dataId = str(log.dataId) page.data = ArrayHelper(page.data).each(translate_data_id_to_str).to_list() # noinspection PyTypeChecker return page
def create_fake_principal_service() -> PrincipalService: return PrincipalService( User(userId='1', tenantId='1', name='imma-admin', role=UserRole.ADMIN))
def set_storable_id(self, storable: User, storable_id: UserId) -> User: storable.userId = storable_id return storable