def patch_role(*, role_name: str, update_mask: UpdateMask = None) -> APIResponse: """Update a role""" appbuilder = current_app.appbuilder security_manager = appbuilder.sm body = request.json try: data = role_schema.load(body) except ValidationError as err: raise BadRequest(detail=str(err.messages)) role = security_manager.find_role(name=role_name) if not role: raise NotFound(title="Role not found", detail=f"Role with name {role_name!r} was not found") if update_mask: update_mask = [i.strip() for i in update_mask] data_ = {} for field in update_mask: if field in data and not field == "permissions": data_[field] = data[field] elif field == "actions": data_["permissions"] = data['permissions'] else: raise BadRequest(detail=f"'{field}' in update_mask is unknown") data = data_ if "permissions" in data: perms = [(item["action"]["name"], item["resource"]["name"]) for item in data["permissions"] if item] _check_action_and_resource(security_manager, perms) security_manager.bulk_sync_roles([{"role": role_name, "perms": perms}]) new_name = data.get("name") if new_name is not None and new_name != role.name: security_manager.update_role(role_id=role.id, name=new_name) return role_schema.dump(role)
def get_role(*, role_name: str) -> APIResponse: """Get role""" ab_security_manager = current_app.appbuilder.sm role = ab_security_manager.find_role(name=role_name) if not role: raise NotFound(title="Role not found", detail=f"Role with name {role_name!r} was not found") return role_schema.dump(role)
def get_role(role_name): """Get role""" ab_security_manager = current_app.appbuilder.sm role = ab_security_manager.find_role(name=role_name) if not role: raise NotFound(title="Role not found", detail=f"The Role with name `{role_name}` was not found") return role_schema.dump(role)
def patch_role(role_name, update_mask=None): """Update a role""" appbuilder = current_app.appbuilder security_manager = appbuilder.sm body = request.json try: data = role_schema.load(body) except ValidationError as err: raise BadRequest(detail=str(err.messages)) role = security_manager.find_role(name=role_name) if not role: raise NotFound(title="Role not found", detail=f"Role with name: `{role_name} was not found") if update_mask: update_mask = [i.strip() for i in update_mask] data_ = {} for field in update_mask: if field in data and not field == "permissions": data_[field] = data[field] elif field == "actions": data_["permissions"] = data['permissions'] else: raise BadRequest(detail=f"'{field}' in update_mask is unknown") data = data_ perms = data.get("permissions", []) if perms: perms = [(item['permission']['name'], item['view_menu']['name']) for item in data['permissions'] if item] _check_action_and_resource(security_manager, perms) security_manager.update_role(pk=role.id, name=data['name']) security_manager.init_role(role_name=data['name'], perms=perms or role.permissions) return role_schema.dump(role)
def post_role() -> APIResponse: """Create a new role""" appbuilder = current_app.appbuilder security_manager = appbuilder.sm body = request.json try: data = role_schema.load(body) except ValidationError as err: raise BadRequest(detail=str(err.messages)) role = security_manager.find_role(name=data['name']) if not role: perms = [(item['action']['name'], item['resource']['name']) for item in data['permissions'] if item] _check_action_and_resource(security_manager, perms) security_manager.bulk_sync_roles([{"role": data["name"], "perms": perms}]) return role_schema.dump(role) detail = f"Role with name {role.name!r} already exists; please update with the PATCH endpoint" raise AlreadyExists(detail=detail)
def post_role(): """Create a new role""" appbuilder = current_app.appbuilder security_manager = appbuilder.sm body = request.json try: data = role_schema.load(body) except ValidationError as err: raise BadRequest(detail=str(err.messages)) role = security_manager.find_role(name=data['name']) if not role: perms = [(item['action']['name'], item['resource']['name']) for item in data['permissions'] if item] _check_action_and_resource(security_manager, perms) security_manager.init_role(role_name=data['name'], perms=perms) return role_schema.dump(role) raise AlreadyExists( detail=f"Role with name `{role.name}` already exist. Please update with patch endpoint" )
def test_serialize(self): deserialized_role = role_schema.dump(self.role) assert deserialized_role == { 'name': 'Test', 'actions': [{'resource': {'name': 'Connections'}, 'action': {'name': 'can_create'}}], }