def deleteUser(dbSession, user, requester):
try:
user = User.getByNameOrID(user)
if user.id == requester['userid']:
raise HTTPRequestError(400, "a user can't remove himself")
dbSession.execute(
UserPermission.__table__.delete(UserPermission.user_id == user.id)
)
dbSession.execute(
UserGroup.__table__.delete(UserGroup.user_id == user.id)
)
cache.deleteKey(userid=user.id)
# The user is not hardDeleted.
# it should be copied to inactiveUser table
inactiveTables.PasswdInactive.createInactiveFromUser(dbSession,
user,)
inactiveTables.UserInactive.createInactiveFromUser(dbSession,
user,
requester['userid'])
passwd.expirePasswordResetRequests(dbSession, user.id)
dbSession.delete(user)
log().info('user ' + user.username + ' deleted by '
+ requester['username'],
user.safeDict())
except sqlalchemy.orm.exc.NoResultFound:
raise HTTPRequestError(404, "No user found with this ID")
def removeGroupPermission(dbSession, group, permission, requester):
try:
group = Group.getByNameOrID(group)
except sqlalchemy.orm.exc.NoResultFound:
raise HTTPRequestError(404, "No group found with this ID or name")
try:
perm = Permission.getByNameOrID(permission)
except sqlalchemy.orm.exc.NoResultFound:
raise HTTPRequestError(404, "No permission found with this ID")
try:
relation = dbSession.query(GroupPermission) \
.filter_by(group_id=group.id, permission_id=perm.id).one()
dbSession.delete(relation)
cache.deleteKey(action=perm.method, resource=perm.path)
log().info('permission ' + perm.name + ' removed from '
' group ' + group.name + ' by ' + requester['username'])
except sqlalchemy.orm.exc.NoResultFound:
raise HTTPRequestError(404, "Group does not have this permission")
def removeUserGroup(dbSession, user, group, requester):
try:
user = User.getByNameOrID(user)
except sqlalchemy.orm.exc.NoResultFound:
raise HTTPRequestError(404, "No user found with this ID or name")
try:
group = Group.getByNameOrID(group)
except sqlalchemy.orm.exc.NoResultFound:
raise HTTPRequestError(404, "No group found with this ID or name")
try:
relation = dbSession.query(UserGroup) \
.filter_by(user_id=user.id, group_id=group.id).one()
dbSession.delete(relation)
cache.deleteKey(userid=user.id)
log().info('user ' + user.username + ' removed from ' + group.name +
' by ' + requester['username'])
except sqlalchemy.orm.exc.NoResultFound:
raise HTTPRequestError(404, "User is not a member of the group")
def removeUserPermission(dbSession, user, permission, requester):
try:
user = User.getByNameOrID(user)
except sqlalchemy.orm.exc.NoResultFound:
raise HTTPRequestError(404, "No user found with this ID or name")
try:
perm = Permission.getByNameOrID(permission)
except sqlalchemy.orm.exc.NoResultFound:
raise HTTPRequestError(404, "No permission found with this ID")
try:
relation = dbSession.query(UserPermission) \
.filter_by(user_id=user.id, permission_id=perm.id).one()
dbSession.delete(relation)
cache.deleteKey(userid=user.id, action=perm.method, resource=perm.path)
log().info('user ' + user.username + ' removed permission ' +
perm.name + ' by ' + requester['username'])
except sqlalchemy.orm.exc.NoResultFound:
raise HTTPRequestError(404, "User does not have this permission")
def deleteGroup(dbSession, group, requester):
try:
group = Group.getByNameOrID(group)
dbSession.execute(
GroupPermission.__table__
.delete(GroupPermission.group_id == group.id)
)
dbSession.execute(
UserGroup.__table__
.delete(UserGroup.group_id == group.id)
)
cache.deleteKey()
log().info('group ' + group.name + ' deleted by '
+ requester['username'],
group.safeDict())
dbSession.delete(group)
except sqlalchemy.orm.exc.NoResultFound:
raise HTTPRequestError(404, "No group found with this ID")
def deletePerm(dbSession, permission, requester):
try:
perm = Permission.getByNameOrID(permission)
dbSession.execute(
UserPermission.__table__
.delete(UserPermission.permission_id == perm.id)
)
dbSession.execute(
GroupPermission.__table__
.delete(GroupPermission.permission_id == perm.id)
)
cache.deleteKey(action=perm.method, resource=perm.path)
log().info('permission ' + str(perm.name) + ' deleted by '
+ requester['username'],
perm.safeDict())
dbSession.delete(perm)
except sqlalchemy.orm.exc.NoResultFound:
raise HTTPRequestError(404, "No permission found with this ID or name")
def addUserGroup(dbSession, user, group, requester):
try:
user = User.getByNameOrID(user)
except sqlalchemy.orm.exc.NoResultFound:
raise HTTPRequestError(404, "No user found with this ID or name")
try:
group = Group.getByNameOrID(group)
except sqlalchemy.orm.exc.NoResultFound:
raise HTTPRequestError(404, "No group found with this ID or name")
if dbSession.query(UserGroup).filter_by(user_id=user.id,
group_id=group.id).one_or_none():
raise HTTPRequestError(409, "User is already a member of the group")
r = UserGroup(user_id=user.id, group_id=group.id)
dbSession.add(r)
cache.deleteKey(userid=user.id)
log().info('user ' + user.username + ' added to group ' + group.name +
' by ' + requester['username'])
def addGroupPermission(dbSession, group, permission, requester):
try:
group = Group.getByNameOrID(group)
except sqlalchemy.orm.exc.NoResultFound:
raise HTTPRequestError(404, "No group found with this ID or name")
try:
perm = Permission.getByNameOrID(permission)
except sqlalchemy.orm.exc.NoResultFound:
raise HTTPRequestError(404, "No permission found with this ID or name")
if dbSession.query(GroupPermission) \
.filter_by(group_id=group.id, permission_id=perm.id).one_or_none():
raise HTTPRequestError(409, "Group already have this permission")
r = GroupPermission(group_id=group.id, permission_id=perm.id)
dbSession.add(r)
cache.deleteKey(action=perm.method, resource=perm.path)
log().info('permission ' + perm.name + ' added to group ' + group.name +
' by ' + requester['username'])
def dropCache():
cache.deleteKey()
return formatResponse(200)