def get(self, account_id):
"""List all roles occupied by a service account."""
try:
return ok(result=models.account_details(account_id),
msg="Roles retrieved successfully.")
except WebFault as e:
admin = UserAdmin()
raise ResourceError(msg=admin.error_msg(e))
def get(self, role_id, account_id):
"""List details about a service account's occupation of a role."""
if models.has_role(account_id, role_id):
return ok(result=models.account_details(account_id),
msg="Service account retrieved successfully.")
raise ResourceError(
msg="{} is not occupied by service account {}".format(
role_id, account_id))
def post(self, account_id):
"""Add a role to the list of roles occupied by a service account."""
args = self.validate_post()
admin = UserAdmin()
try:
admin.updateRolesOfUser(userName=account_id,
newUserList=models.role_in(args['roleId']))
except WebFault as e:
raise ResourceError(msg=admin.error_msg(e))
return ok(result=models.account_details(account_id),
msg="Role {} added successfully.".format(args['roleId']))
def post(self):
"""Create a new service account."""
args = self.validate_post()
account_id = args['accountId']
if '-' in account_id:
raise ResourceError(
msg="Invalid account id: no '-' characters are allowed.")
admin = UserAdmin()
try:
admin.addUser(userName=account_id, password=args['password'])
except WebFault as e:
raise ResourceError(msg=admin.error_msg(e))
except Exception as e:
raise ResourceError(msg='Uncaught exception: {}'.format(e))
return ok(result=models.account_details(account_id),
msg="Service account created successfully.")
def get(self, account_id):
"""Get details about a service account."""
return ok(result=models.account_details(account_id),
msg="Service account retrieved successfully.")