def delete(self, role_id): """Delete a role from the system.""" admin = UserAdmin() try: admin.deleteRole(roleName=models.role_in(role_id)) except WebFault as e: raise ResourceError(admin.error_msg(e)) return ('', 204)
def post(self, account_id): """Add a role to the list of roles occupied by a service account.""" args = self.validate_post() admin = UserAdmin() try: admin.updateRolesOfUser(userName=account_id, newUserList=models.role_in(args['roleId'])) except WebFault as e: raise ResourceError(msg=admin.error_msg(e)) return ok(result=models.account_details(account_id), msg="Role {} added successfully.".format(args['roleId']))
def post(self): """Create a new role.""" args = self.validate_post() role_id = args['roleId'] admin = UserAdmin() try: admin.addInternalRole(roleName=models.role_in(role_id)) except WebFault as e: raise ResourceError(admin.error_msg(e)) return ok(result=models.role_details(role_id), msg="Role {} created successfully.".format(args['roleId']))
def post(self, role_id): """Add a service account to the list of accounts occupying a role.""" args = self.validate_post() admin = UserAdmin() try: admin.addRemoveUsersOfRole(roleName=models.role_in(role_id), newUsers=args['accountId']) except WebFault as e: raise ResourceError(admin.error_msg(e)) return ok(result=models.role_details(role_id), msg="Service account {} added to role.".format( args['accountId']))
def delete(self, account_id, role_id): """Remove a role from a service account's list of occupied roles.""" if models.has_role(account_id, role_id): admin = UserAdmin() try: admin.addRemoveRolesOfUser( userName=account_id, deletedRoles=models.role_in(role_id)) except WebFault as e: raise ResourceError(msg=admin.error_msg(e)) else: raise ResourceError( msg="{} does not occupy role {}".format(account_id, role_id)) return ('', 204)
def delete(self, role_id, account_id): """Remove service account from a role's list of service account occupying it.""" admin = UserAdmin() if models.has_role(account_id, role_id): # remove user from the role try: admin.addRemoveUsersOfRole(roleName=models.role_in(role_id), deletedUsers=account_id) except WebFault as e: raise ResourceError(admin.error_msg(e)) return ('', 204) raise ResourceError( msg="{} is not occupied by service account {}".format( role_id, account_id))