Esempio n. 1
0
    def get(self, uuid, **kwargs):
        try:
            role = roles.get_metadata(uuid)
            all_perms = permissions.list_metadata()
        except DataRequestException as e:
            return render_template(self.template, errors=e.errors)
        else:
            # get the permissions already granted to the role
            role_perms = list(role['permissions'].keys())

            # remove any permissions not in the user's organization. Users
            # cannot add permissions from outside their org to a role inside it
            # but may be able to read metadata of those permissions.
            all_perms = self.filter_by_org(all_perms, 'organization')

            # Remove any permissions that already exist on the role.
            all_perms = [
                perm for perm in all_perms
                if perm['permission_id'] not in role_perms
            ]
            self.set_template_args()
        return render_template(self.template,
                               role=role,
                               table_data=all_perms,
                               **self.template_args,
                               **kwargs)
Esempio n. 2
0
    def post(self, uuid):
        form_data = request.form
        user_email = form_data.get('user_email', '')
        redirect_url = session.pop('redirect_link',
                                   url_for('admin.role_view', uuid=uuid))
        try:
            users.add_role_by_email(user_email, uuid)
        except DataRequestException as e:
            if e.status_code == 500:
                self.flash_api_errors(e.errors)
            else:
                # flash a message that grant failed
                flash(
                    'Failed to grant role. Confirm with the user that they '
                    'are registered and affiliated with an SFA organization.',
                    'error')
            try:
                role = roles.get_metadata(uuid)
            except DataRequestException as e:
                # User could not read the role, flash a 404
                self.flash_api_errors(e.errors)
                role = None

            # Refresh the page if the role failed, so the user can try again.
            self.set_template_args(role, redirect_url)
            return render_template(self.template,
                                   form_data=form_data,
                                   **self.template_args)
        # flash success message and redirect
        flash('Role granted successfully', 'message')
        return redirect(redirect_url)
Esempio n. 3
0
 def get(self, uuid):
     try:
         role = roles.get_metadata(uuid)
     except DataRequestException as e:
         return render_template(self.template, errors=e.errors)
     else:
         self.set_template_args(role)
         return render_template(self.template,
                                uuid=role['role_id'],
                                **self.template_args)
Esempio n. 4
0
 def get(self, uuid, **kwargs):
     # This view displays either a table of permissions granted to the role
     # or users that were granted the role based on the `table` query param.
     role_table = request.args.get('table', 'permissions')
     try:
         role = roles.get_metadata(uuid)
         permission_list = permissions.list_metadata()
     except DataRequestException as e:
         return render_template(self.template, errors=e.errors)
     else:
         self.set_template_args(role, permission_list, role_table)
     return render_template(self.template, **kwargs, **self.template_args)
Esempio n. 5
0
 def get(self, uuid, permission_id, **kwargs):
     """Confirmation view for removing permission from a role
     """
     try:
         role = roles.get_metadata(uuid)
         permission = permissions.get_metadata(permission_id)
     except DataRequestException as e:
         return render_template(self.template, errors=e.errors)
     self.set_template_args()
     return render_template(self.template,
                            role=role,
                            perm=permission,
                            **kwargs,
                            **self.template_args)
Esempio n. 6
0
    def get(self, uuid, **kwargs):
        try:
            role = roles.get_metadata(uuid)
        except DataRequestException as e:
            self.flash_api_errors(e.errors)
            role = None

        # Set the redirect link, to send users back to the correct page. They
        # may have ended up here from the permission or users listing of the
        # role, which only differ by the table query argument.
        redirect_link = request.headers.get('Referer', url_for('admin.roles'))
        session['redirect_link'] = redirect_link

        self.set_template_args(role, redirect_link)
        return render_template(self.template, **kwargs, **self.template_args)
Esempio n. 7
0
 def get(self, uuid):
     role = roles.get_metadata(uuid).json()
     if 'errors' in role:
         role = None
     else:
         permission_list = permissions.list_metadata().json()
         permission_map = {
             perm['permission_id']: perm
             for perm in permission_list
         }
         role['permissions'] = {
             k: {
                 'added_to_role': v,
                 **permission_map[k]
             }
             for k, v in role['permissions'].items() if k in permission_map
         }
     return render_template('forms/admin/role.html',
                            role=role,
                            **self.template_args())
Esempio n. 8
0
 def get(self, uuid, role_id, **kwargs):
     """Confirmation view for removing a role from a user
     """
     # set a redirect link, because we can be directed here
     # from a role or user page.
     redirect_link = request.headers.get('Referer', url_for('admin.roles'))
     try:
         user = users.get_metadata(uuid)
     except DataRequestException:
         # Check if the user is readable. For roles shared outside
         # an org this may not be true, but we still need to pass
         # user_id to the template for building urls and display.
         user = {'user_id': uuid}
     try:
         role = roles.get_metadata(role_id)
     except DataRequestException as e:
         self.flash_api_errors(e.errors)
         return redirect(redirect_link)
     session['redirect_link'] = redirect_link
     self.set_template_args(user, role, redirect_link)
     return render_template(self.template, **kwargs, **self.template_args)