def put_roles(request):
session = Role.db()
try:
data = json.loads(request.body)
except Exception as e:
raise HTTPBadRequest("Malformed Json")
if not isinstance(data, list):
raise HTTPBadRequest("Not a list")
if data and frozenset((type(x) for x in data)) != frozenset((str,)):
raise HTTPBadRequest("not strings")
data = set(data)
known_roles = session.query(Role).all()
roles_by_name = {r.name: r for r in known_roles}
role_names = set(roles_by_name.keys())
# new roles
for name in data - role_names:
session.add(Role(name=name))
# delete non-system roles.
for name in role_names - data - SYSTEM_ROLES:
session.delete(roles_by_name[name])
return {"added": list(data - role_names),
"removed": list(role_names - data - SYSTEM_ROLES)}
def get_roles(request):
session = Role.db()
roles = session.query(Role)
return [r.name for r in roles]
