def update_user_projects_within_group(
current_session, username, groupname, projectname
):
user_groups = us.get_user_groups(current_session, username)
"""
Simplified version for awg:
Users only have read permission, so just checking the
presence of the project in any of their other groups
suffices to keep the projec in the list.
In real life we should check permissions coming from all groups
and remove the specific ones comiing from groupname
"""
group_projects = [
gp.get_group_projects(current_session, group)
for group in user_groups["groups"]
if group != groupname
]
projects_to_keep = [item for sublist in group_projects for item in sublist]
if projectname not in projects_to_keep:
try:
us.remove_user_from_project(
current_session,
us.get_user(current_session, username),
pj.get_project(current_session, projectname),
)
except NotFound:
# somehow the user was not linked to that project
pass
def disconnect_user_from_group(current_session, usr, groupname):
grp = gp.get_group(current_session, groupname)
if not grp:
return {"warning": ("Group {0} doesn't exist".format(groupname))}
response = gp.remove_user_from_group(current_session, usr, grp)
projects = gp.get_group_projects(current_session, groupname)
projects_data = [
pj.get_project(current_session, project).auth_id
for project in projects
]
return response
def connect_user_to_group(current_session, usr, groupname=None):
grp = gp.get_group(current_session, groupname)
if not grp:
raise UserError(("Group {0} doesn't exist".format(groupname)))
else:
responses = []
responses.append(gp.connect_user_to_group(current_session, usr, grp))
projects = gp.get_group_projects(current_session, groupname)
projects_data = [
pj.get_project(current_session, project).auth_id
for project in projects
]
projects_list = [{
"auth_id": auth_id,
"privilege": ["read"]
} for auth_id in projects_data]
for project in projects_list:
connect_user_to_project(current_session, usr, project)
return responses
def update_group_users_projects(current_session, group, project, users):
proj = pj.get_project(current_session, project)
for user in users:
try:
user_projects = user.project_access.keys()
if project not in user_projects:
project_info = {"auth_id": proj.auth_id, "privilege": ["read"]}
au.connect_user_to_project(
current_session,
us.get_user(current_session, user.username),
project_info,
)
except NotFound:
pass
return {
"success": "users {0} connected to project {1}".format(
[user.username for user in users], project
)
}
def create_bucket_on_project(current_session, project_name, bucket_name,
provider_name):
"""
Create a bucket on userdatamodel database and
on the cloud provider and associate it with the project.
Returns a dictionary.
"""
response = pj.create_bucket_on_project(current_session, project_name,
bucket_name, provider_name)
project = pj.get_project(current_session, project_name)
if response["result"] == "success":
current_app.storage_manager.create_bucket(response["provider"].name,
current_session,
response["bucket"].name,
project)
for user_pair in response["users_to_update"]:
current_app.storage_manager.update_bucket_acl(
response["provider"].name,
response["bucket"],
(user_pair[0], user_pair[1]),
)
return {"result": "success"}
else:
return response
def remove_user_from_project(current_session, usr, project_name):
proj = pj.get_project(current_session, project_name)
us.remove_user_from_project(current_session, usr, proj)
def connect_project_to_group(current_session, grp, project=None):
prj = pj.get_project(current_session, project)
if not prj:
raise UserError(("Project {0} doesn't exist".format(project)))
return gp.connect_project_to_group(current_session, grp, prj)
def disconnect_project_from_group(current_session, grp, projectname):
prj = pj.get_project(current_session, projectname)
if not prj:
return {"warning": ("Project {0} doesn't exist".format(projectname))}
return gp.remove_project_from_group(current_session, grp, prj)
