def patch_role(*, role_name: str, update_mask: UpdateMask = None) -> APIResponse:
"""Update a role"""
appbuilder = current_app.appbuilder
security_manager = appbuilder.sm
body = request.json
try:
data = role_schema.load(body)
except ValidationError as err:
raise BadRequest(detail=str(err.messages))
role = security_manager.find_role(name=role_name)
if not role:
raise NotFound(title="Role not found", detail=f"Role with name {role_name!r} was not found")
if update_mask:
update_mask = [i.strip() for i in update_mask]
data_ = {}
for field in update_mask:
if field in data and not field == "permissions":
data_[field] = data[field]
elif field == "actions":
data_["permissions"] = data['permissions']
else:
raise BadRequest(detail=f"'{field}' in update_mask is unknown")
data = data_
if "permissions" in data:
perms = [(item["action"]["name"], item["resource"]["name"]) for item in data["permissions"] if item]
_check_action_and_resource(security_manager, perms)
security_manager.bulk_sync_roles([{"role": role_name, "perms": perms}])
new_name = data.get("name")
if new_name is not None and new_name != role.name:
security_manager.update_role(role_id=role.id, name=new_name)
return role_schema.dump(role)
def get_role(*, role_name: str) -> APIResponse:
"""Get role"""
ab_security_manager = current_app.appbuilder.sm
role = ab_security_manager.find_role(name=role_name)
if not role:
raise NotFound(title="Role not found", detail=f"Role with name {role_name!r} was not found")
return role_schema.dump(role)
def get_role(role_name):
"""Get role"""
ab_security_manager = current_app.appbuilder.sm
role = ab_security_manager.find_role(name=role_name)
if not role:
raise NotFound(title="Role not found", detail=f"The Role with name `{role_name}` was not found")
return role_schema.dump(role)
def patch_role(role_name, update_mask=None):
"""Update a role"""
appbuilder = current_app.appbuilder
security_manager = appbuilder.sm
body = request.json
try:
data = role_schema.load(body)
except ValidationError as err:
raise BadRequest(detail=str(err.messages))
role = security_manager.find_role(name=role_name)
if not role:
raise NotFound(title="Role not found",
detail=f"Role with name: `{role_name} was not found")
if update_mask:
update_mask = [i.strip() for i in update_mask]
data_ = {}
for field in update_mask:
if field in data and not field == "permissions":
data_[field] = data[field]
elif field == "actions":
data_["permissions"] = data['permissions']
else:
raise BadRequest(detail=f"'{field}' in update_mask is unknown")
data = data_
perms = data.get("permissions", [])
if perms:
perms = [(item['permission']['name'], item['view_menu']['name'])
for item in data['permissions'] if item]
_check_action_and_resource(security_manager, perms)
security_manager.update_role(pk=role.id, name=data['name'])
security_manager.init_role(role_name=data['name'],
perms=perms or role.permissions)
return role_schema.dump(role)
def post_role() -> APIResponse:
"""Create a new role"""
appbuilder = current_app.appbuilder
security_manager = appbuilder.sm
body = request.json
try:
data = role_schema.load(body)
except ValidationError as err:
raise BadRequest(detail=str(err.messages))
role = security_manager.find_role(name=data['name'])
if not role:
perms = [(item['action']['name'], item['resource']['name']) for item in data['permissions'] if item]
_check_action_and_resource(security_manager, perms)
security_manager.bulk_sync_roles([{"role": data["name"], "perms": perms}])
return role_schema.dump(role)
detail = f"Role with name {role.name!r} already exists; please update with the PATCH endpoint"
raise AlreadyExists(detail=detail)
def post_role():
"""Create a new role"""
appbuilder = current_app.appbuilder
security_manager = appbuilder.sm
body = request.json
try:
data = role_schema.load(body)
except ValidationError as err:
raise BadRequest(detail=str(err.messages))
role = security_manager.find_role(name=data['name'])
if not role:
perms = [(item['action']['name'], item['resource']['name']) for item in data['permissions'] if item]
_check_action_and_resource(security_manager, perms)
security_manager.init_role(role_name=data['name'], perms=perms)
return role_schema.dump(role)
raise AlreadyExists(
detail=f"Role with name `{role.name}` already exist. Please update with patch endpoint"
)
def test_serialize(self):
deserialized_role = role_schema.dump(self.role)
assert deserialized_role == {
'name': 'Test',
'actions': [{'resource': {'name': 'Connections'}, 'action': {'name': 'can_create'}}],
}
