def create_groups_permissions(groups_permissions, pool_id, user): """Creates permissions to access for pools""" group_adm = { 'group': 1, 'read': True, 'write': True, 'delete': True, 'change_config': True, } _create_group_permission(group_adm, pool_id) if groups_permissions: for group_permission in groups_permissions: if group_permission['group'] != 1: _create_group_permission(group_permission, pool_id) else: for group in UsuarioGrupo.list_by_user_id(user.id): group_id = int(group.ugrupo.id) if group_id != 1: _create_group_permission( { 'group': group_id, 'read': True, 'write': True, 'delete': True, 'change_config': True, }, pool_id)
def handle_delete(self, request, user, *args, **kwargs): """Treat DELETE requests to dissociate User and Group. URL: usergroup/user/<id_user>/ugroup/<id_group>/dissociate/ """ try: self.log.info('Dissociate User and Group.') # User permission if not has_perm(user, AdminPermission.USER_ADMINISTRATION, AdminPermission.WRITE_OPERATION): self.log.error( u'User does not have permission to perform the operation.') raise UserNotAuthorizedError(None) id_user = kwargs.get('id_user') id_group = kwargs.get('id_group') # Valid ID User if not is_valid_int_greater_zero_param(id_user): self.log.error( u'The id_user parameter is not a valid value: %s.', id_user) raise InvalidValueError(None, 'id_user', id_user) # Valid ID Group if not is_valid_int_greater_zero_param(id_group): self.log.error( u'The id_group parameter is not a valid value: %s.', id_group) raise InvalidValueError(None, 'id_group', id_group) # Find User by ID to check if it exist Usuario.get_by_pk(id_user) # Find Group by ID to check if it exist UGrupo.get_by_pk(id_group) # Find UserGroup by ID to check if it exist user_group = UsuarioGrupo.get_by_user_group(id_user, id_group) with distributedlock(LOCK_USER_GROUP % (id_user, id_group)): try: # remove UserGroup user_group.delete() except Exception, e: self.log.error(u'Failed to remove the UserGroup.') raise GrupoError(e, u'Failed to remove the UserGroup.') return self.response(dumps_networkapi({})) except InvalidValueError, e: return self.response_error(269, e.param, e.value)
def handle_get(self, request, user, *args, **kwargs): """Trata as requisições de GET para listar Usuarios. URLs: usuario/get/$ """ try: if not has_perm(user, AdminPermission.USER_ADMINISTRATION, AdminPermission.READ_OPERATION): return self.not_authorized() list_groups = [] user_groups_list = [] map_list = [] for user in Usuario.objects.all(): user_map = dict() user_map['id'] = user.id user_map['user'] = user.user user_map['nome'] = user.nome user_map['ativo'] = user.ativo user_map['email'] = user.email groups = None groups = UsuarioGrupo.list_by_user_id(user.id) if groups is not None and len(groups) > 0: for group in groups: user_groups_list.append( UGrupo.get_by_pk(group.ugrupo_id)) for user_group in user_groups_list: list_groups.append(user_group.nome) if (len(list_groups) > 3): user_map['is_more'] = True else: user_map['is_more'] = False user_map['grupos'] = list_groups if len(list_groups) > 0 else [ None ] list_groups = [] user_groups_list = [] map_list.append(user_map) return self.response(dumps_networkapi({'usuario': map_list})) except UserNotAuthorizedError: return self.not_authorized() except (UsuarioError, GrupoError): return self.response_error(1)
def handle_get(self, request, user, *args, **kwargs): """Trata as requisições de GET para listar Usuarios. URLs: usuario/get/$ """ try: if not has_perm(user, AdminPermission.USER_ADMINISTRATION, AdminPermission.READ_OPERATION): return self.not_authorized() list_groups = [] user_groups_list = [] map_list = [] for user in Usuario.objects.all(): user_map = dict() user_map['id'] = user.id user_map['user'] = user.user user_map['nome'] = user.nome user_map['ativo'] = user.ativo user_map['email'] = user.email groups = None groups = UsuarioGrupo.list_by_user_id(user.id) if groups is not None and len(groups) > 0: for group in groups: user_groups_list.append( UGrupo.get_by_pk(group.ugrupo_id)) for user_group in user_groups_list: list_groups.append(user_group.nome) if (len(list_groups) > 3): user_map['is_more'] = True else: user_map['is_more'] = False user_map['grupos'] = list_groups if len( list_groups) > 0 else [None] list_groups = [] user_groups_list = [] map_list.append(user_map) return self.response(dumps_networkapi({'usuario': map_list})) except UserNotAuthorizedError: return self.not_authorized() except (UsuarioError, GrupoError): return self.response_error(1)
def get_groups(users_permissions): groups = list() for user_permission in users_permissions: for group in UsuarioGrupo.list_by_user_id(user_permission['user']): group_id = int(group.ugrupo.id) if group_id != 1: groups.append({ 'user_group': group_id, 'read': user_permission['read'], 'write': user_permission['write'], 'delete': user_permission['delete'], 'change_config': user_permission['change_config'], }) return groups
def update_groups_permissions(groups_permissions, vip_id, user, replace_permissions=False): """Creates permissions to access for vips""" # groups default if not groups_permissions: for group in UsuarioGrupo.list_by_user_id(user.id): group_id = int(group.ugrupo.id) if group_id != 1: groups_permissions.append({ 'group': group_id, 'read': True, 'write': True, 'delete': True, 'change_config': True, }) groups_perms = models.VipRequestGroupPermission.objects.filter( vip_request=vip_id) groups_permissions_idx = [gp['group'] for gp in groups_permissions] groups_perm_idx = [gp.user_group_id for gp in groups_perms] for group_perm in groups_perms: # change or delete group != 1(ADM) if group_perm.user_group_id != 1: # update perms if group_perm.user_group_id in groups_permissions_idx: idx = groups_permissions_idx.index(group_perm.user_group_id) _update_group_permission(groups_permissions[idx], group_perm.id) # delete perms elif replace_permissions is True: models.VipRequestGroupPermission.objects.filter( id=group_perm.id).delete() for group_permission in groups_permissions: # change or delete group != 1(ADM) if group_permission['group'] != 1: # insert perms if group_permission['group'] not in groups_perm_idx: _create_group_permission(group_permission, vip_id)
def handle_put(self, request, user, *args, **kwargs): """Treat PUT requests to associate User and Group. URL: usergroup/user/<id_user>/ugroup/<id_group>/associate/ """ try: self.log.info("Associate User and Group.") # User permission if not has_perm(user, AdminPermission.USER_ADMINISTRATION, AdminPermission.WRITE_OPERATION): self.log.error( u'User does not have permission to perform the operation.') raise UserNotAuthorizedError(None) id_user = kwargs.get('id_user') id_group = kwargs.get('id_group') # Valid ID User if not is_valid_int_greater_zero_param(id_user): self.log.error( u'The id_user parameter is not a valid value: %s.', id_user) raise InvalidValueError(None, 'id_user', id_user) # Valid ID Group if not is_valid_int_greater_zero_param(id_group): self.log.error( u'The id_group parameter is not a valid value: %s.', id_group) raise InvalidValueError(None, 'id_group', id_group) # Find User by ID to check if it exist usr = Usuario.get_by_pk(id_user) # Find Group by ID to check if it exist group = UGrupo.get_by_pk(id_group) try: # Find UserGroup by ID to check if it exist user_group = UsuarioGrupo.get_by_user_group(id_user, id_group) raise UsuarioGrupoDuplicatedError( None, u'Usuário já está associado ao Grupo.') except UserGroupNotFoundError: pass user_group = UsuarioGrupo() # set variables user_group.usuario = usr user_group.ugrupo = group try: # save UserGroup user_group.save(user) except Exception, e: self.log.error(u'Failed to save the UserGroup.') raise UsuarioError(e, u'Failed to save the UserGroup.') usr_grp_map = dict() usr_grp_map['user_group'] = model_to_dict( usr, exclude=["usuario", "ugrupo"]) return self.response(dumps_networkapi(usr_grp_map))
def handle_put(self, request, user, *args, **kwargs): """Treat PUT requests to associate User and Group. URL: usergroup/user/<id_user>/ugroup/<id_group>/associate/ """ try: self.log.info("Associate User and Group.") # User permission if not has_perm(user, AdminPermission.USER_ADMINISTRATION, AdminPermission.WRITE_OPERATION): self.log.error( u'User does not have permission to perform the operation.') raise UserNotAuthorizedError(None) id_user = kwargs.get('id_user') id_group = kwargs.get('id_group') # Valid ID User if not is_valid_int_greater_zero_param(id_user): self.log.error( u'The id_user parameter is not a valid value: %s.', id_user) raise InvalidValueError(None, 'id_user', id_user) # Valid ID Group if not is_valid_int_greater_zero_param(id_group): self.log.error( u'The id_group parameter is not a valid value: %s.', id_group) raise InvalidValueError(None, 'id_group', id_group) # Find User by ID to check if it exist usr = Usuario.get_by_pk(id_user) # Find Group by ID to check if it exist group = UGrupo.get_by_pk(id_group) try: # Find UserGroup by ID to check if it exist user_group = UsuarioGrupo.get_by_user_group(id_user, id_group) raise UsuarioGrupoDuplicatedError( None, u'Usuário já está associado ao Grupo.') except UserGroupNotFoundError: pass user_group = UsuarioGrupo() # set variables user_group.usuario = usr user_group.ugrupo = group try: # save UserGroup user_group.save() except Exception, e: self.log.error(u'Failed to save the UserGroup.') raise UsuarioError(e, u'Failed to save the UserGroup.') usr_grp_map = dict() usr_grp_map['user_group'] = model_to_dict( usr, exclude=["usuario", "ugrupo"]) return self.response(dumps_networkapi(usr_grp_map))