def role_delete(): """Function which deletes role from database by it id. :rtype: JSON :request args: `{role_id: 5}` :return: - If role has permissions: ``{'error': 'Cannot delete!'}`` - If request data is invalid: ``{'status': False, error: [list of errors]}`` - If all ok: ``{'status': 'success', 'deleted_role': 'role_id'}`` :statuscode 400: if role has assigned permissions or request invalid :statuscode 200: if no errors """ data = request.get_json() valid = validator.role_delete(data) if valid['status']: if not db.check_role_deletion(data['role_id']): db.delete_role_by_id(data['role_id']) response = jsonify(msg='success', deleted_role=data['role_id']) session['access_control'] = permission_control.reload_dct() else: response = jsonify(error='Cannot delete!') else: response = Response(json.dumps(valid), mimetype='application/json'), 400 return response
def resource_delete(): """Function which deletes resource from database. Before delete checks if resource have any permissions. :return: If resource have permissions: {'error': 'Cannot delete!'}, 400 If request data is invalid: {'status': False, 'error': [list of errors]}, 400 If all ok: {'status': 'success', 'deleted_resource': 'resource_id'} """ data = request.get_json() valid = validator.resource_delete(data) if valid['status']: if not db.check_resource_deletion(data['resource_id']): db.delete_resource_by_id(data['resource_id']) response = jsonify(status='success', deleted_resource=data['resource_id']) session['access_control'] = permission_control.reload_dct() else: response = jsonify(error='Cannot delete!'), 400 else: response = Response(json.dumps(valid), mimetype='application/json'), 400 return response
def resource_put(): """Function which edits resource name by its id. :rtype: JSON :request args: `{resource_name: "new_res_name", resource_id: 29}` :return: - If there is already resource with this name: ``{'error': 'this name already exists'}`` - If request data is invalid: ``{'status': False, 'error': [list of errors]}`` - If all ok: ``{'status': 'success', 'edited': 'resource_name'}`` :statuscode 400: resource already exists or request is invalid :statuscode 200: resource was successfully posted """ data = request.get_json() valid = validator.resource_put(data) if valid['status']: if db.get_resource_id(data['resource_name']): return jsonify(error='this name already exists'), 400 db.edit_resource_name(data['resource_name'], data['resource_id']) response = jsonify(status='success', edited=data['resource_name']) session['access_control'] = permission_control.reload_dct() else: response = Response(json.dumps(valid), mimetype='application/json'), 400 return response
def resource_post(): """Function which edits resource name. :return: If there is already resource with this name: {'error': 'resource already exists'}, 400 If request data is invalid: {'status': False, 'error': [list of errors]}, 400 If all ok: {'added_resource': 'resource_name', 'resource_id': 'resource_id'} """ data = request.get_json() valid = validator.resource_post(data) if valid['status']: if db.get_resource_id(data['resource_name']): return jsonify(error='Resource already exists'), 400 db.add_resource(data['resource_name']) added_res_id = db.get_resource_id(data['resource_name']) response = jsonify(added_resource=data['resource_name'], resource_id=added_res_id[0]) session['access_control'] = permission_control.reload_dct() else: response = Response(json.dumps(valid), mimetype='application/json'), 400 return response
def role_permission_delete(): """Function to delete permissions by role id. :rtype: JSON :request args example: `{role_id: 4}` :return: - If request data is not invalid': ``{'status': False, 'error': [list of errors]}`` - If all ok: ``{'msg': 'deleted permission'}`` """ data = request.get_json() valid = validator.role_permission_delete(data) if valid['status']: if not db.check_role_deletion(data['role_id']): db.delete_role_by_id(data['role_id']) response = jsonify(status='success', deleted_role=data['role_id']) session['access_control'] = permission_control.reload_dct() else: response = jsonify(error='Cannot delete!') else: response = Response(json.dumps(valid), mimetype='application/json'), 400 return response
def role_post(): """Function which adds new role into database. :return: If there is already role with this name: {'error': 'role already exists'}, 400 If request data is invalid: {'status': False, 'error': [list of errors]}, 400 If all ok: {'added_role': 'role_name', 'added_role_id': 'role_id'} """ data = request.get_json() valid = validator.role_post(data) if valid['status']: if db.get_role_id(data['role_name']): return jsonify(error='role already exists'), 400 db.insert_role(data['role_name']) added_role_id = db.get_role_id(data['role_name']) response = jsonify(added_role=data['role_name'], added_role_id=added_role_id[0]) session['access_control'] = permission_control.reload_dct() else: response = Response(json.dumps(valid), mimetype='application/json'), 400 return response
def permission_delete(): """Function which deletes permission by it id. :rtype: JSON :request args example: `{permission_id: 5}` :return: - If permission was binded to some role: ``{'error': 'Cannot delete!'}`` - If request data is invalid: ``{'status': False, 'error': [list of errors]}`` - If all ok: ``{'status': 'success', 'edited_perm_id': 'permission_id'}`` :statuscode 400: if role has assigned permissions or request invalid :statuscode 200: if no errors """ if request.method == 'DELETE' and request.get_json(): data = request.get_json() valid = validator.permission_delete(data) if valid['status']: if not db.check_permission_deletion(data['permission_id']): db.delete_permission_by_id(data['permission_id']) response = jsonify(status='success', deleted_permission=data['permission_id']) session['access_control'] = permission_control.reload_dct() else: response = jsonify(error='Cannot delete!') else: response = Response(json.dumps(valid), mimetype='application/json'), 400 return response
def role_permission_post(): """Function which binds permission with role. :rtype: JSON :request args example: `{permission_id: 5, role_id: 4}` :return: - If request data is not valid: ``{'status': False, 'error': [list of errors]}`` - If all ok: ``{'added_role_permission_for_role': 'role_id'}`` :statuscode 400: if role has assigned permissions or request invalid :statuscode 200: if no errors """ data = request.get_json() valid = validator.role_permission_post(data) if valid['status']: db.add_role_permission(data['role_id'], data['permission_id']) response = jsonify(added_role_permission_for_role=data['role_id']) session['access_control'] = permission_control.reload_dct() else: response = Response(json.dumps(valid), mimetype='application/json'), 400 return response
def permission_delete(): """Function which edits permission. :return: If permission is binded with any role: {'error': 'Cannot delete!'} If request data is invalid: {'status': False, 'error': [list of errors]}, 400 If all ok: {'status': 'success', 'edited_perm_id': 'permission_id'} """ if request.method == 'DELETE' and request.get_json(): data = request.get_json() valid = validator.permission_delete(data) if valid['status']: if not db.check_permission_deletion(data['permission_id']): db.delete_permission_by_id(data['permission_id']) response = jsonify(status='success', deleted_permission=data['permission_id']) session['access_control'] = permission_control.reload_dct() else: response = jsonify(error='Cannot delete!') else: response = Response(json.dumps(valid), mimetype='application/json'), 400 return response
def permission_put(): """Function which edits permission. :rtype: JSON :request args example: `{action: "POST", description: "edited description", modifier: "Any", resource_id: "33"}` :return: - If request data is invalid: ``{'status': False, 'error': [list of errors]}`` - If all ok: ``{'status': 'success', 'edited_perm_id': 'permission_id'}`` :statuscode 400: invalid request :statuscode 200: if no errors """ if request.method == 'PUT' and request.get_json(): data = request.get_json() valid = validator.permission_put(data) if valid['status']: db.edit_permission(data['action'], data['modifier'], data['permission_id'], data['description']) response = jsonify(status='success', edited_perm_id=data['permission_id']) session['access_control'] = permission_control.reload_dct() else: response = Response(json.dumps(valid), mimetype='application/json'), 400 return response
def resource_put(): """Function which edits resource name. :return: If there is already resource with this name: {'error': 'this name already exists'}, 400 If request data is invalid: {'status': False, 'error': [list of errors]}, 400 If all ok: {'status': 'success', 'edited': 'resource_name'} """ data = request.get_json() valid = validator.resource_put(data) if valid['status']: if db.get_resource_id(data['resource_name']): return jsonify(error='this name already exists'), 400 db.edit_resource_name(data['resource_name'], data['resource_id']) response = jsonify(status='success', edited=data['resource_name']) session['access_control'] = permission_control.reload_dct() else: response = Response(json.dumps(valid), mimetype='application/json'), 400 return response
def get_all_users(): """Function, used to get all users. :return: list of users with id, first name, last name, email and role """ if request.method == 'POST' and request.get_json(): data = request.get_json() valid = validator.user_role_put(data) if valid['status']: db.change_user_role(data['role_id'], data['user_id']) response = jsonify(msg='success', added_role=data['role_id']) session['access_control'] = permission_control.reload_dct() else: response = Response(json.dumps(valid), mimetype='application/json'), 400 return response users_tuple = db.get_all_users() parsed_json = [] if users_tuple: for res in users_tuple: parsed_json.append({ 'user_id': res[0], 'first_name': res[1], 'last_name': res[2], 'email': res[3], 'role': res[4] }) return Response(json.dumps(parsed_json), mimetype='application/json')
def permission_post(): """Function which adds new permission into database. :return: If request data is invalid: {'status': False, 'error': [list of errors]}, 400 If all ok: {'added_permission': 'description', 'permission_id': 'permission_id'} """ if request.method == 'POST' and request.get_json(): data = request.get_json() valid = validator.permission_post(data) if valid['status']: db.insert_permission(data['resource_id'], data['action'], data['modifier'], data['description']) added_perm_id = db.get_permission_id(data['resource_id'], data['action'], data['modifier']) response = jsonify(added_permission_for=data['description'], permission_id=added_perm_id[0]) session['access_control'] = permission_control.reload_dct() else: response = Response(json.dumps(valid), mimetype='application/json'), 400 return response
def role_post(): """Function which adds new role into database. :rtype: JSON :request args: `{"role_name":"test"}` :return: - If there is already role with this name: ``{'error': 'role already exists'}`` - If request data is invalid: ``{'status': False, 'error': [list of errors]}`` - If all ok: ``{'added_role': 'role_name', 'added_role_id': 'role_id'}`` :statuscode 400: If role with this name exists or request is invalid :statuscode 200: If no errors """ data = request.get_json() valid = validator.role_post(data) if valid['status']: if db.get_role_id(data['role_name']): return jsonify(error='role already exists'), 400 db.insert_role(data['role_name']) added_role_id = db.get_role_id(data['role_name']) response = jsonify(added_role=data['role_name'], added_role_id=added_role_id[0]) session['access_control'] = permission_control.reload_dct() else: response = Response(json.dumps(valid), mimetype='application/json'), 400 return response
def get_all_users(): """Function, used to get all users. :return: list of users with id, first name, last name, email and role """ if request.method == 'POST' and request.get_json(): data = request.get_json() valid = validator.user_role_put(data) if valid['status']: db.change_user_role(data['role_id'], data['user_id']) response = jsonify(msg='success', added_role=data['role_id']) session['access_control'] = permission_control.reload_dct() else: response = Response(json.dumps(valid), mimetype='application/json'), 400 return response users_tuple = db.get_all_users() parsed_json = [] if users_tuple: for res in users_tuple: parsed_json.append({'user_id': res[0], 'first_name': res[1], 'last_name': res[2], 'email': res[3], 'role': res[4]}) return Response(json.dumps(parsed_json), mimetype='application/json')
def role_permission_delete(): """Function to delete permissions.""" data = request.get_json() valid = validator.role_permission_delete(data) if valid['status']: if not db.check_role_deletion(data['role_id']): db.delete_role_by_id(data['role_id']) response = jsonify(status='success', deleted_role=data['role_id']) session['access_control'] = permission_control.reload_dct() else: response = jsonify(error='Cannot delete!') else: response = Response(json.dumps(valid), mimetype='application/json'), 400 return response
def role_permission_put(): """Function which sets list of permission to role. Before sets removes all permissions from role. :return: If request data is not invalid': {'status': False, 'error': [list of errors]} If all ok: {'msg': 'edited permission'} """ data = request.get_json() logger.info('Role permission has been changed.') db.delete_permissions_by_role_id(data['role_id']) for perm_id in data['permission_id']: db.add_role_permission(data['role_id'], perm_id) response = jsonify(msg='edited permission') session['access_control'] = permission_control.reload_dct() return response
def role_permission_post(): """Function which binds permission with role. :return: If request data is not valid: {'status': False, 'error': [list of errors]} If all ok: {'added_role_permission_for_role': 'role_id'} """ data = request.get_json() valid = validator.role_permission_post(data) if valid['status']: db.add_role_permission(data['role_id'], data['permission_id']) response = jsonify(added_role_permission_for_role=data['role_id']) session['access_control'] = permission_control.reload_dct() else: response = Response(json.dumps(valid), mimetype='application/json'), 400 return response
def get_all_users(): """Function, used to get all users. :return: list of all users with id, first name, last name, email and role ``[{"role": "admin", "first_name": "Admin", "last_name": "Administrator", "user_id": 3, "email": "*****@*****.**"} ... {"role": "user", "first_name": "Oleg", "last_name": "Lyashko", "user_id": 4, "email": "*****@*****.**"}`` :statuscode 200: no errors :statuscode 400: invalid request """ if request.method == 'POST' and request.get_json(): data = request.get_json() valid = validator.user_role_put(data) if valid['status']: db.change_user_role(data['role_id'], data['user_id']) response = jsonify(msg='success', added_role=data['role_id']) session['access_control'] = permission_control.reload_dct() else: response = Response(json.dumps(valid), mimetype='application/json'), 400 return response users_tuple = db.get_all_users() parsed_json = [] if users_tuple: for res in users_tuple: parsed_json.append({ 'user_id': res[0], 'first_name': res[1], 'last_name': res[2], 'email': res[3], 'role': res[4] }) return Response(json.dumps(parsed_json), mimetype='application/json')
def permission_post(): """Function which adds new permission into database. :rtype: JSON :request args example: `{action: "DELETE", description: "TEST", modifier: "None", resource_id: "33"}` :return: - If request data is invalid: ``{'status': False, 'error': [list of errors]}`` - If all ok: ``{'added_permission': 'description', 'permission_id': 'permission_id'}`` :statuscode 400: invalid request :statuscode 200: permission has been successfully added """ if request.method == 'POST' and request.get_json(): data = request.get_json() valid = validator.permission_post(data) if valid['status']: db.insert_permission(data['resource_id'], data['action'], data['modifier'], data['description']) added_perm_id = db.get_permission_id(data['resource_id'], data['action'], data['modifier']) response = jsonify(added_permission_for=data['description'], permission_id=added_perm_id[0]) session['access_control'] = permission_control.reload_dct() else: response = Response(json.dumps(valid), mimetype='application/json'), 400 return response
def get_all_users(): """Function, used to get all users. :return: list of all users with id, first name, last name, email and role ``[{"role": "admin", "first_name": "Admin", "last_name": "Administrator", "user_id": 3, "email": "*****@*****.**"} ... {"role": "user", "first_name": "Oleg", "last_name": "Lyashko", "user_id": 4, "email": "*****@*****.**"}`` :statuscode 200: no errors :statuscode 400: invalid request """ if request.method == 'POST' and request.get_json(): data = request.get_json() valid = validator.user_role_put(data) if valid['status']: db.change_user_role(data['role_id'], data['user_id']) response = jsonify(msg='success', added_role=data['role_id']) session['access_control'] = permission_control.reload_dct() else: response = Response(json.dumps(valid), mimetype='application/json'), 400 return response users_tuple = db.get_all_users() parsed_json = [] if users_tuple: for res in users_tuple: parsed_json.append({'user_id': res[0], 'first_name': res[1], 'last_name': res[2], 'email': res[3], 'role': res[4]}) return Response(json.dumps(parsed_json), mimetype='application/json')
def permission_put(): """Function which edits permission. :return: If request data is invalid: {'status': False, 'error': [list of errors]}, 400 If all ok: {'status': 'success', 'edited_perm_id': 'permission_id'} """ if request.method == 'PUT' and request.get_json(): data = request.get_json() valid = validator.permission_put(data) if valid['status']: db.edit_permission(data['action'], data['modifier'], data['permission_id'], data['description']) response = jsonify(status='success', edited_perm_id=data['permission_id']) session['access_control'] = permission_control.reload_dct() else: response = Response(json.dumps(valid), mimetype='application/json'), 400 return response
def resource_post(): """Function which adds new site resource to site-map in admin panel. :rtype: JSON :request agrs: `{resource_name: "/res_name"}` :return: - If there is already resource with this name: ``{'error': 'resource already exists'}`` - If request data is invalid: ``{'status': False, 'error': [list of errors]}`` - If all ok: ``{'added_resource': 'resource_name', 'resource_id': 'resource_id'}`` :statuscode 400: resource already exists or request is invalid :statuscode 200: resource was successfully posted """ data = request.get_json() valid = validator.resource_post(data) if valid['status']: if db.get_resource_id(data['resource_name']): return jsonify(error='Resource already exists'), 400 db.add_resource(data['resource_name']) added_res_id = db.get_resource_id(data['resource_name']) response = jsonify(added_resource=data['resource_name'], resource_id=added_res_id[0]) session['access_control'] = permission_control.reload_dct() else: response = Response(json.dumps(valid), mimetype='application/json'), 400 return response