def handle(self,
dry_run=False,
verbose=False,
fresh_start=False,
**options):
self.verbose = verbose
if fresh_start:
confirm_fresh_start = input(
"Are you sure you want to delete all Roles and start over? You can't do this"
" if accounting is already set up. Type 'yes' to continue.")
if confirm_fresh_start == 'yes':
self.flush_roles()
self.roles_by_slug = {role.slug: role for role in Role.objects.all()}
self.ensure_roles(self.BOOTSTRAP_PRIVILEGES + self.BOOTSTRAP_PLANS,
dry_run)
ensure_grants(
list(self.BOOTSTRAP_GRANTS.items()), # py3 iterable
dry_run=dry_run,
verbose=self.verbose,
roles_by_slug=self.roles_by_slug,
)
if verbose or dry_run:
log_removed_grants(self.OLD_PRIVILEGES, dry_run=dry_run)
if not dry_run:
Role.objects.filter(slug__in=self.OLD_PRIVILEGES).delete()
def handle(self, privs, **kwargs):
dry_run = kwargs.get('dry_run')
verbose = kwargs.get('verbose')
noinput = kwargs.get('noinput')
skip_edition = kwargs.get('skip_edition')
query = SoftwarePlanVersion.objects
if skip_edition:
query = query.exclude(plan__edition__in=skip_edition.split(','))
all_role_slugs = set(
query.distinct('role__slug').values_list('role__slug', flat=True))
all_plan_slugs = (
all_role_slugs - set(MAX_PRIVILEGES)
- # no privileges should be in software plan roles, this is just a safeguard
set(plan_slug.strip()
for plan_slug in kwargs.get('skip', '').split(',')))
if not dry_run and not noinput and not _confirm(
'Are you sure you want to grant {} to {}?'.format(
', '.join(privs),
', '.join(all_plan_slugs),
)):
print('Aborting')
return
if not all(priv in MAX_PRIVILEGES for priv in privs):
print('Not all specified privileges are valid: {}'.format(
', '.join(privs)))
return
grants_to_privs = ((role_slug, privs) for role_slug in all_plan_slugs)
ensure_grants(grants_to_privs, dry_run=dry_run, verbose=verbose)
def handle(self, dry_run=False, verbose=False, fresh_start=False, **options):
self.verbose = verbose
if fresh_start:
confirm_fresh_start = input(
"Are you sure you want to delete all Roles and start over? You can't do this"
" if accounting is already set up. Type 'yes' to continue."
)
if confirm_fresh_start == 'yes':
self.flush_roles()
self.roles_by_slug = {role.slug: role for role in Role.objects.all()}
self.ensure_roles(self.BOOTSTRAP_PRIVILEGES + self.BOOTSTRAP_PLANS, dry_run)
ensure_grants(
list(self.BOOTSTRAP_GRANTS.items()), # py3 iterable
dry_run=dry_run,
verbose=self.verbose,
roles_by_slug=self.roles_by_slug,
)
if verbose or dry_run:
log_removed_grants(self.OLD_PRIVILEGES, dry_run=dry_run)
if not dry_run:
Role.objects.filter(slug__in=self.OLD_PRIVILEGES).delete()
def handle(self, privs, **kwargs):
dry_run = kwargs.get('dry_run')
verbose = kwargs.get('verbose')
noinput = kwargs.get('noinput')
skip_edition = kwargs.get('skip_edition')
query = SoftwarePlanVersion.objects
if skip_edition:
query = query.exclude(plan__edition__in=skip_edition.split(','))
all_role_slugs = set(
query.distinct('role__slug').values_list('role__slug', flat=True)
)
all_plan_slugs = (
all_role_slugs -
set(MAX_PRIVILEGES) - # no privileges should be in software plan roles, this is just a safeguard
set(plan_slug.strip() for plan_slug in kwargs.get('skip', '').split(','))
)
if not dry_run and not noinput and not _confirm('Are you sure you want to grant {} to {}?'.format(
', '.join(privs),
', '.join(all_plan_slugs),
)):
print('Aborting')
return
if not all(priv in MAX_PRIVILEGES for priv in privs):
print('Not all specified privileges are valid: {}'.format(', '.join(privs)))
return
grants_to_privs = ((role_slug, privs) for role_slug in all_plan_slugs)
ensure_grants(grants_to_privs, dry_run=dry_run, verbose=verbose)
def handle(self, privs, **kwargs):
dry_run = kwargs.get('dry_run')
verbose = kwargs.get('verbose')
noinput = kwargs.get('noinput')
skip_edition = kwargs.get('skip_edition')
query = SoftwarePlanVersion.objects
skipped_editions = []
if skip_edition:
skipped_editions = skip_edition.split(',')
query = query.exclude(plan__edition__in=skipped_editions)
all_role_slugs = set(
query.distinct('role__slug').values_list('role__slug', flat=True))
all_plan_slugs = (
all_role_slugs - set(MAX_PRIVILEGES)
- # no privileges should be in software plan roles, this is just a safeguard
set(plan_slug.strip()
for plan_slug in kwargs.get('skip', '').split(',')))
# make sure that these roles are not attached to SoftwarePlanEditions
# that they aren't meant to be attached to. e.g. thw pro_plan_v0 role
# attached to a SoftwarePlanVersion under the Advanced edition.
# see https://dimagi-dev.atlassian.net/browse/SAASP-10124
all_plan_slugs = [
plan_slug for plan_slug in all_plan_slugs
if _get_role_edition(plan_slug) not in skipped_editions
]
if not dry_run and not noinput and not _confirm(
'Are you sure you want to grant {} to {}?'.format(
', '.join(privs),
', '.join(all_plan_slugs),
)):
print('Aborting')
return
if not all(priv in MAX_PRIVILEGES for priv in privs):
print('Not all specified privileges are valid: {}'.format(
', '.join(privs)))
return
grants_to_privs = ((role_slug, privs) for role_slug in all_plan_slugs)
ensure_grants(grants_to_privs, dry_run=dry_run, verbose=verbose)