def edit_role():
"""
Edit(Add/Remove) user's role
"""
users: list = [user.email for user in User.get_users(is_admin=False)]
if not users:
Log.log('Users not found', color='red')
return
edit_role_questions: list = [
{
'type': 'list',
'name': 'email',
'message': 'Choose User',
'choices': users
},
{
'type': 'list',
'name': 'add_remove_role',
'message': 'Add or Remove Role',
'choices': ['Add', 'Remove'],
'filter': lambda val: val.lower()
}
]
answers: dict = prompt(edit_role_questions, style=input_style)
user: User = User.get_user(answers['email'])
if answers['add_remove_role'] == 'add':
RoleActions.add_role(user)
else:
RoleActions.remove_role(user)
def main():
"""
Simple CLI for auth systems
"""
Log.log("AUTH SYSTEM", color="white", figlet=True)
Log.log("Welcome to Auth System CLI", "green")
Setup().init()
Interaction().user_interaction()
def view_roles():
"""
Display the roles associated with current logged in user
"""
roles = UserRole.get_roles(User.logged_in_user)
if not roles:
Log.log('No roles associated', color='red')
return
for role in UserRole.get_roles(User.logged_in_user):
Log.log(role.name, color='green')
def check_resource_access():
"""
Check if the current user has access to perform an action on a particular resource
"""
resource_names: list = [resource.name for resource in Resource.resources]
if not resource_names:
Log.log('No resources available available', color='red')
return
action_types: list = [action_type.value for action_type in ActionType]
if not action_types:
Log.log('No action types available', color='red')
return
choose_resource_questions: list = [
{
'type': 'list',
'name': 'resource_name',
'message': 'Choose Resource',
'choices': resource_names
},
{
'type': 'list',
'name': 'access_type_name',
'message': 'Choose Access Type',
'choices': action_types
}
]
answers: dict = prompt(choose_resource_questions, style=input_style)
if (User.logged_in_user.is_admin or
ResourceActions.has_access(
User.logged_in_user, answers['resource_name'], answers['access_type_name']
)):
Log.log('Access Granted', color='green')
else:
Log.log('Access Denied', color='red')
def create_user():
"""
Admin action to create a user
"""
create_user_questions: list = [
{
'type': 'input',
'name': 'first_name',
'message': 'First Name',
'validate': EmptyValidator
},
{
'type': 'input',
'name': 'last_name',
'message': 'Last Name',
'validate': EmptyValidator
},
{
'type': 'input',
'name': 'email',
'message': 'Email',
'validate': EmailValidator
},
{
'type': 'password',
'name': 'password',
'message': 'Password',
'validate': EmptyValidator
},
{
'type': 'list',
'name': 'is_admin',
'message': 'Is Admin User',
'choices': ['Yes', 'No'],
'filter': lambda val: val.lower() == 'yes'
},
]
answers: dict = prompt(create_user_questions, style=input_style)
user: User = User.get_user(answers['email'])
if user:
Log.log('User already exists with this email', color='red')
return
User.create(answers['first_name'],
answers['last_name'],
answers['email'],
answers['password'],
is_admin=answers['is_admin'])
Log.log('User created successfully', color='green')
def user_interaction(self):
"""
Display list of available actions and perform action based on user input
"""
actions: list = self.get_actions()
for action in actions:
Log.log(action['message'], color='white')
try:
user_input: int = int(input())
action: dict = self.validate_input(user_input, actions)
except ValueError:
Log.log('Incorrect Input', color='red')
self.user_interaction()
return
action['action']()
self.user_interaction()
def remove_role(user: User):
"""
Remove a role associated with given user
:param user: User object
"""
user_roles: list = UserRole.get_user_roles(user)
if not user_roles:
Log.log('No roles assigned', color='red')
return
remove_role_questions: list = [
{
'type': 'list',
'name': 'role_name',
'message': 'Choose Role',
'choices': [user_role.role.name for user_role in user_roles]
}
]
answers: dict = prompt(remove_role_questions, style=input_style)
for index, user_role in enumerate(UserRole.user_roles):
if user_role.user.id == user.id and user_role.role.name == answers['role_name']:
UserRole.user_roles.pop(index)
Log.log('Role unassigned successfully', color='green')
break
def add_role(user: User):
"""
Assign a role to the given user
:param user: User object
"""
roles: list = UserRole.get_other_roles(user)
if not roles:
Log.log('No more roles available', color='red')
return
add_role_questions: list = [
{
'type': 'list',
'name': 'role_name',
'message': 'Choose Role',
'choices': [role.name for role in roles]
}
]
answers: dict = prompt(add_role_questions, style=input_style)
for role in roles:
if role.name == answers['role_name']:
UserRole.create(user, role)
Log.log('Role assigned successfully', color='green')
break