def test_delete_system_role(self): # System roles can't be deleted system_roles = SystemRole.get_valid_values() for name in system_roles: expected_msg = 'System roles can\'t be deleted' self.assertRaisesRegexp(ValueError, expected_msg, rbac_service.delete_role, name=name)
def test_delete_system_role(self): # System roles can't be deleted system_roles = SystemRole.get_valid_values() for name in system_roles: expected_msg = 'System roles can\'t be deleted' self.assertRaisesRegexp(ValueError, expected_msg, rbac_services.delete_role, name=name)
def delete_role(name): """" Delete role with the provided name. """ if name in SystemRole.get_valid_values(): raise ValueError('System roles can\'t be deleted') role_db = Role.get(name=name) result = Role.delete(role_db) return result
def create_role(name, description=None): """ Create a new role. """ if name in SystemRole.get_valid_values(): raise ValueError('"%s" role name is blacklisted' % (name)) role_db = RoleDB(name=name, description=description) role_db = Role.add_or_update(role_db) return role_db
def delete_role(name): """" Delete role with the provided name. """ if name in SystemRole.get_valid_values(): raise ValueError("System roles can't be deleted") role_db = Role.get(name=name) result = Role.delete(role_db) return result
def insert_system_roles(): """ Migration which inserts the default system roles. """ system_roles = SystemRole.get_valid_values() for role_name in system_roles: description = role_name role_db = RoleDB(name=role_name, description=description, system=True) try: Role.insert(role_db, log_not_unique_error_as_debug=True) except (StackStormDBObjectConflictError, NotUniqueError): pass
def insert_system_roles(): """ Migration which inserts the default system roles. """ system_roles = SystemRole.get_valid_values() LOG.debug('Inserting system roles (%s)' % (str(system_roles))) for role_name in system_roles: description = role_name role_db = RoleDB(name=role_name, description=description, system=True) try: role_db.save() except (StackStormDBObjectConflictError, NotUniqueError): # Role already exists error is not fatal pass