def create_role():
json_data = request.get_json()
if not Role.query.filter_by(name=json_data['name']).first():
resources = json_data['resources'] if 'resources' in json_data else []
if '/roles' in resources:
resources.remove('/roles')
role_params = {
'name':
json_data['name'],
'description':
json_data['description'] if 'description' in json_data else '',
'resources':
resources
}
new_role = Role(**role_params)
db.session.add(new_role)
db.session.commit()
current_app.logger.info(f"Role added: {role_params}")
return new_role.as_json(), HTTPStatus.CREATED
else:
current_app.logger.warning(
f"Role with name {json_data['name']} already exists")
return Problem.from_crud_resource(
HTTPStatus.BAD_REQUEST, 'role', 'create',
f"Role with name {json_data['name']} already exists")
def initialize_default_resources_guest():
"""Initializes the default resources for a guest user"""
guest = Role.query.filter(Role.name == "guest").first()
if not guest:
guest = Role("guest", resources=default_resource_permissions_guest)
db.session.add(guest)
else:
guest.set_resources(default_resource_permissions_guest)
db.session.commit()
def initialize_default_resources_admin():
"""Initializes the default resources for an admin user"""
admin = Role.query.filter(Role.id == 3).first()
if not admin:
admin = Role("admin", description="Placeholder description", resources=default_resource_permissions_admin)
db.session.add(admin)
else:
admin.set_resources(default_resource_permissions_admin)
db.session.commit()
def initialize_default_resources_internal_user():
"""Initializes the default resources for an internal user"""
internal_user = Role.query.filter(Role.id == 1).first()
if not internal_user:
internal_user = Role("internal_user", description="Placeholder description",
resources=default_resource_permissions_internal_user)
db.session.add(internal_user)
else:
internal_user.set_resources(default_resource_permissions_internal_user)
db.session.commit()
def initialize_default_resources_workflow_operator():
"""Initializes the default resources for a guest user"""
workflow_operator = Role.query.filter(Role.name == "workflow_operator").first()
if not workflow_operator:
workflow_operator = Role("workflow_operator", description="Placeholder description",
resources=default_resource_permissions_workflow_operator)
db.session.add(workflow_operator)
else:
workflow_operator.set_resources(default_resource_permissions_workflow_operator)
db.session.commit()
def initialize_default_resources_workflow_developer():
"""Initializes the default resources for a workflow developer"""
workflow_developer = Role.query.filter(Role.id == 5).first()
if not workflow_developer:
workflow_developer = Role("workflow_developer", description="Placeholder description",
resources=default_resource_permissions_workflow_developer)
db.session.add(workflow_developer)
else:
workflow_developer.set_resources(default_resource_permissions_workflow_developer)
db.session.commit()
def initialize_default_resources_app_developer():
"""Initializes the default resources for an app developer"""
app_developer = Role.query.filter(Role.id == 4).first()
if not app_developer:
app_developer = Role("app_developer", description="Placeholder description",
resources=default_resource_permissions_app_developer)
db.session.add(app_developer)
else:
app_developer.set_resources(default_resource_permissions_app_developer)
db.session.commit()
def test_read_all_roles_with_extra_added_roles(api_gateway, token, serverdb):
role = Role('role1')
serverdb.session.add(role)
serverdb.session.commit()
header = {'Authorization': 'Bearer {}'.format(token['access_token'])}
response = api_gateway.get('/api/roles', headers=header)
keys = json.loads(response.get_data(as_text=True))
assert {role['name'] for role in keys} == {'admin', 'role1', 'guest'}
def test_create_user_with_roles(api_gateway, token, serverdb):
role = Role('role1')
serverdb.session.add(role)
serverdb.session.commit()
data = {'username': '******', 'password': '******', 'roles': [{'id': role.id}]}
header = {'Authorization': 'Bearer {}'.format(token['access_token'])}
response = api_gateway.post('/api/users', headers=header, content_type='application/json',
data=json.dumps(data))
user = User.query.filter_by(username='******').first()
keys = json.loads(response.get_data(as_text=True))
assert response.status_code == 201
assert user is not None
assert keys == user.as_json()
def test_put_update_user_with_roles(api_gateway, token, serverdb):
role = Role('role1')
serverdb.session.add(role)
serverdb.session.commit()
user = User('username', 'supersecretshhhhh')
serverdb.session.add(user)
serverdb.session.commit()
header = {'Authorization': 'Bearer {}'.format(token['access_token'])}
data = {'id': user.id, 'roles': [{'id': role.id}]}
response = api_gateway.put(f'/api/users/{user.id}', headers=header, content_type='application/json',
data=json.dumps(data))
assert response.status_code == 200
key = json.loads(response.get_data(as_text=True))
assert key == user.as_json()
assert {role.name for role in user.roles} == {'role1'}