def remove_user_from_groups(current_session, username, groups=None):
if not groups:
groups = []
usr = us.get_user(current_session, username)
user_groups = us.get_user_groups(current_session, username)["groups"]
groups_to_keep = [x for x in user_groups if x not in groups]
projects_to_keep = {
item
for sublist in
[gp.get_group_projects(current_session, x) for x in groups_to_keep]
for item in sublist
}
projects_to_remove = {
item
for sublist in
[gp.get_group_projects(current_session, x) for x in groups]
for item in sublist if item not in projects_to_keep
}
responses = []
for groupname in groups:
try:
response = disconnect_user_from_group(current_session, usr,
groupname)
responses.append(response)
except Exception as e:
current_session.rollback()
raise e
for project in projects_to_remove:
remove_user_from_project(current_session, usr, project)
return {"result": responses}
def update_user_projects_within_group(
current_session, username, groupname, projectname
):
user_groups = us.get_user_groups(current_session, username)
"""
Simplified version for awg:
Users only have read permission, so just checking the
presence of the project in any of their other groups
suffices to keep the projec in the list.
In real life we should check permissions coming from all groups
and remove the specific ones comiing from groupname
"""
group_projects = [
gp.get_group_projects(current_session, group)
for group in user_groups["groups"]
if group != groupname
]
projects_to_keep = [item for sublist in group_projects for item in sublist]
if projectname not in projects_to_keep:
try:
us.remove_user_from_project(
current_session,
us.get_user(current_session, username),
pj.get_project(current_session, projectname),
)
except NotFound:
# somehow the user was not linked to that project
pass
def delete_group(current_session, groupname):
"""
Deletes a group
"""
projects_to_purge = gp.get_group_projects(current_session, groupname)
remove_projects_from_group(current_session, groupname, projects_to_purge)
gp.clear_users_in_group(current_session, groupname)
gp.clear_projects_in_group(current_session, groupname)
gp.delete_group(current_session, groupname)
return {"result": "success"}
def disconnect_user_from_group(current_session, usr, groupname):
grp = gp.get_group(current_session, groupname)
if not grp:
return {"warning": ("Group {0} doesn't exist".format(groupname))}
response = gp.remove_user_from_group(current_session, usr, grp)
projects = gp.get_group_projects(current_session, groupname)
projects_data = [
pj.get_project(current_session, project).auth_id
for project in projects
]
return response
def connect_user_to_group(current_session, usr, groupname=None):
grp = gp.get_group(current_session, groupname)
if not grp:
raise UserError(("Group {0} doesn't exist".format(groupname)))
else:
responses = []
responses.append(gp.connect_user_to_group(current_session, usr, grp))
projects = gp.get_group_projects(current_session, groupname)
projects_data = [
pj.get_project(current_session, project).auth_id
for project in projects
]
projects_list = [{
"auth_id": auth_id,
"privilege": ["read"]
} for auth_id in projects_data]
for project in projects_list:
connect_user_to_project(current_session, usr, project)
return responses
def get_group_projects(current_session, groupname):
return gp.get_group_projects(current_session, groupname)