def update_subgroups_by_id(self, subgroup_ids):
"""Post updated group subgroups"""
groups = self['__store']
updated_subgroups = set(map(int, subgroup_ids))
logger = logging.getLogger(__name__)
debug = logger.debug
debug('updating subgroups: %r', updated_subgroups)
existing_subgroups = self.subgroups
debug('existing subgroups: %r', existing_subgroups)
if updated_subgroups != existing_subgroups:
group_lookup = {
group.group_id: group.name
for group in groups
}
db = groups.db
to_remove = existing_subgroups - updated_subgroups
if to_remove:
debug('removing subgroups %r from %r', to_remove, self.name)
cmd = 'delete from subgroups where group_id=%s and subgroup_id in %s'
db(cmd, self.group_id, to_remove)
for subgroup_id in to_remove:
audit(
'remove subgroup',
self.name,
group_lookup.get(
subgroup_id,
'unknown (%s)' % subgroup_id,
)
)
to_add = updated_subgroups - existing_subgroups
if to_add:
debug('adding %r to %r', to_add, self.name)
cmd = 'insert into subgroups (group_id, subgroup_id) values (%s, %s)'
sequence = zip([self.group_id] * len(to_add), to_add)
db.execute_many(cmd, sequence)
for subgroup_id in to_add:
audit(
'add subgroup',
self.name,
group_lookup.get(
subgroup_id,
'unknown (%s)' % subgroup_id,
)
)
else:
debug('subgroups unchanged')
def remove_app(self, name):
"""Remove an app"""
debug = logging.getLogger(__name__).debug
group_name = 'a_' + name
if self.first(name=group_name):
self.delete(name=group_name)
audit('delete app group', name)
debug('deleted app group %r', group_name)
def after_delete(self, record):
"""After Delete
Adds log entries after a delete has been executed.
"""
debug = logging.getLogger(__name__).debug
debug('deleted group %r (%r)', record['name'], record['group_id'])
audit('delete group', record['name'])
def test_audit_current_user(self):
result = self.db('select * from audit_log')
self.assertEqual(len(result), 0)
audit('grant access', 'user1', 'user2')
result = self.db('select * from audit_log')
self.assertEqual(len(result), 1)
data = list(result)[0][:-1]
goal = (1, 'myapp', 2, 'grant access', 'user1', 'user2')
self.assertEqual(data, goal)
def test_audit_with_user(self):
result = self.db('select * from audit_log')
self.assertEqual(len(result), 0)
user = self.users.first(username='******')
audit('grant access', 'user1', 'user2', user)
result = self.db('select * from audit_log')
self.assertEqual(len(result), 1)
data = list(result)[0][:-1]
goal = (1, 'myapp', 1, 'grant access', 'user1', 'user2')
self.assertEqual(data, goal)
def update_members_by_id(self, user_ids):
"""Post updated group memberships"""
updated = set(int(id) for id in user_ids)
logger = logging.getLogger(__name__)
debug = logger.debug
db = self['__store'].db
users = zoom.users.Users(db)
debug('updating members: %r', updated)
cmd = 'select user_id from members where group_id=%s'
existing = set(
user_id for user_id, in
db(cmd, self.group_id)
)
debug('existing members: %r', existing)
if updated != existing:
user_lookup = {
user.user_id: user.username
for user in users
}
to_remove = existing - updated
if to_remove:
debug('removing members: %r', to_remove)
cmd = 'delete from members where group_id=%s and user_id in %s'
db(cmd, self.group_id, to_remove)
for user_id in to_remove:
audit('remove member', self.name, \
user_lookup.get(user_id, 'unknown'))
to_add = updated - existing
if to_add:
debug('adding members: %r', to_add)
cmd = 'insert into members (group_id, user_id) values (%s, %s)'
sequence = zip([self.group_id] * len(to_add), to_add)
db.execute_many(cmd, sequence)
for user_id in to_add:
audit('add member', self.name, \
user_lookup.get(user_id, 'unknown'))
else:
debug('memberships unchanged')
def remove_subgroup(self, subgroup):
"""remove a subgroup"""
db = self['__store'].db
cmd = """
delete from subgroups where
group_id=%s and
subgroup_id=%s
"""
db(cmd, self.group_id, subgroup.group_id)
audit(
'remove subgroup',
self.name,
subgroup.name,
)
def add_app(self, name):
"""Add an app"""
debug = logging.getLogger(__name__).debug
group_name = 'a_' + name
if not self.first(name=group_name):
group_id = self.put(
Group(
name=group_name,
type='A',
description='%s application group' % name,
admin_group_id=1,
)
)
debug('created new app group %r (%r)', group_name, group_id)
audit('create app group', group_name)
return group_id
def add_subgroup(self, subgroup):
"""add a subgroup"""
db = self['__store'].db
cmd = """
insert into subgroups (
group_id,
subgroup_id
) values (
%s, %s
)
"""
db(cmd, self.group_id, subgroup.group_id)
audit(
'add subgroup',
self.name,
subgroup.name,
)
def after_update(self, record):
name = record['name']
group_id = record['_id']
debug = logging.getLogger(__name__).debug
debug('updated group %r (%r)', name, group_id)
audit('update group', name)
def after_insert(self, record):
name = record['name']
group_id = record['_id']
debug = logging.getLogger(__name__).debug
debug('created new group %r (%r)', name, group_id)
audit('create group', name)
def update_supergroups_by_id(self, group_ids, kind):
"""Post updated group supergroups"""
updated = set(map(int, group_ids))
logger = logging.getLogger(__name__)
debug = logger.debug
debug('updating %s: %r', kind, updated)
groups = self['__store']
# print(kind)
existing = getattr(self, kind + 's')
debug('existing %s: %r', kind, updated)
# print(updated, existing)
if updated != existing:
group_lookup = {
group.group_id: group.name
for group in groups
}
db = groups.db
to_remove = existing - updated
if to_remove:
debug('removing %s %r from %r', kind, to_remove, self.name)
cmd = 'delete from subgroups where subgroup_id=%s and group_id in %s'
db(cmd, self.group_id, to_remove)
for group_id in to_remove:
audit(
'remove %s' % kind,
group_lookup.get(
group_id,
'unknown (%s)' % group_id,
),
self.name
)
to_add = updated - existing
if to_add:
debug('adding %s %r to %r', kind, to_add, self.name)
cmd = 'insert into subgroups (group_id, subgroup_id) values (%s, %s)'
sequence = zip(to_add, [self.group_id] * len(to_add))
db.execute_many(cmd, sequence)
for subgroup_id in to_add:
audit(
'add %s' % kind,
group_lookup.get(
subgroup_id,
'unknown (%s)' % subgroup_id,
),
self.name
)
else:
debug('%s unchanged', kind)