def _set_new(val):
role = Role.filter_by(rolename='Admin').first()
pod_res = Resource.filter_by(name='pods').first()
perms = Permission.filter_by(role_id=role.id, resource_id=pod_res.id).all()
for perm in perms:
if val:
perm.set_allow()
else:
perm.set_deny()
def upgrade(upd, with_testing, *args, **kwargs):
upd.print_log('Add roles {}, resources {} and its permissions...'.format(
ROLES, RESOURCES))
fixtures.add_permissions(roles=ROLES,
resources=RESOURCES,
permissions=PERMISSIONS)
upd.print_log('Add {} user...'.format(USER))
u = db.session.query(User).filter(User.username == USER).first()
if not u:
r = Role.filter_by(rolename='HostingPanel').first()
u = User.create(username=USER, password=USER, role=r, active=True)
u.save()
def add_users_and_roles(password):
# Create all roles with users that has same name and password as role_name.
# Useful to test permissions.
# Delete all users from setup KuberDock. Only admin must be after install.
# AC-228
# for role in Role.all():
# u = User.filter_by(username=role.rolename).first()
# if u is None:
# u = User.create(username=role.rolename, password=role.rolename,
# role=role, package=p, active=True)
# db.session.add(u)
# db.session.commit()
# Special user for convenience to type and login
p1 = Package.filter_by(name='Standard package').first()
r = Role.filter_by(rolename='Admin').first()
u = User.filter_by(username='******').first()
if u is None:
u = User.create(username='******',
password=password,
role=r,
package=p1,
active=True)
db.session.add(u)
kr = Role.filter_by(rolename='User').first()
ku = User.filter_by(username=KUBERDOCK_INTERNAL_USER).first()
ku_passwd = uuid.uuid4().hex
if ku is None:
ku = User.create(
username=KUBERDOCK_INTERNAL_USER,
password=ku_passwd,
role=kr,
# package=p1, first_name='KuberDock Internal',
active=True)
# generate token immediately, to use it in node creation
ku.get_token()
db.session.add(ku)
db.session.commit()
def user_fixtures(admin=False, active=True, **kwargs):
username = '******' + randstr(8)
password = randstr(10)
role_id = Role.filter_by(
rolename='User' if not admin else 'Admin').first().id
email = randstr(10) + '@test.test'
data = dict(username=username,
password=password,
active=active,
role_id=role_id,
package_id=0,
email=email)
user = User(**dict(data, **kwargs)).save()
return user, password
def run(self, username, password, rolename):
try:
role = Role.filter_by(rolename=rolename).one()
except NoResultFound:
raise InvalidCommand('Role with name `%s` not found' % rolename)
if User.filter_by(username=username).first():
raise InvalidCommand('User `%s` already exists' % username)
if not password:
password = generate_new_pass()
print "New password: {}".format(password)
u = User.create(username=username, password=password, role=role,
active=True, package_id=0)
db.session.add(u)
db.session.commit()