def add(self, *roles):
from rbac.models import RoleBinding
items = []
for role in roles:
kwargs = {'role': role, 'user': self.user, 'scope': role.scope}
if self.scope and role.scope != self.scope:
continue
if not current_org.is_root(
) and role.scope == RoleBinding.Scope.org:
kwargs['org_id'] = current_org.id
items.append(RoleBinding(**kwargs))
try:
RoleBinding.objects.bulk_create(items, ignore_conflicts=True)
except Exception as e:
logger.error('Create role binding error: {}'.format(e))
def get_all_permissions(self):
from rbac.models import RoleBinding
perms = RoleBinding.get_user_perms(self)
return perms
def get_org_admins(cls):
from rbac.models import Role, RoleBinding
org_admin = Role.BuiltinRole.org_admin.get_role()
return RoleBinding.get_role_users(org_admin)
def get_super_admins(cls):
from rbac.models import Role, RoleBinding
system_admin = Role.BuiltinRole.system_admin.get_role()
return RoleBinding.get_role_users(system_admin)
def _get_queryset(self):
from rbac.models import RoleBinding
queryset = RoleBinding.get_user_roles(self.user)
if self.scope:
queryset = queryset.filter(scope=self.scope)
return queryset
def workbench_orgs(self):
from rbac.models import RoleBinding
return RoleBinding.get_user_has_the_perm_orgs('rbac.view_workbench',
self)
def audit_orgs(self):
from rbac.models import RoleBinding
return RoleBinding.get_user_has_the_perm_orgs('rbac.view_audit', self)
def console_orgs(self):
from rbac.models import RoleBinding
return RoleBinding.get_user_has_the_perm_orgs('rbac.view_console',
self)