def _process_args(self):
try:
group = GroupProxy(request.view_args['group_id'], request.view_args['provider'])
except ValueError:
group = None
if group is None or group.group is None:
raise NotFound
self.group = group
def test_iter_acl():
user = User()
user_p = MagicMock(principal=user, spec=['principal'])
ipn = IPNetworkGroup()
ipn_p = MagicMock(principal=ipn, spec=['principal'])
local_group = GroupProxy(123, _group=MagicMock())
local_group_p = MagicMock(principal=local_group, spec=['principal'])
remote_group = GroupProxy('foo', 'bar')
remote_group_p = MagicMock(principal=remote_group, spec=['principal'])
acl = [
ipn, user_p, remote_group, local_group_p, user, local_group,
remote_group_p, ipn_p
]
assert list(iter_acl(iter(acl))) == [
user_p, user, ipn, ipn_p, local_group_p, local_group, remote_group,
remote_group_p
]
def principal(self):
from fossir.modules.groups import GroupProxy
if self.type == PrincipalType.user:
return self.user
elif self.type == PrincipalType.local_group:
return self.local_group.proxy
elif self.type == PrincipalType.multipass_group:
return GroupProxy(self.multipass_group_name,
self.multipass_group_provider)
elif self.type == PrincipalType.email:
return EmailPrincipal(self.email)
elif self.type == PrincipalType.network:
return self.ip_network_group
def principal_from_fossil(fossil,
allow_pending=False,
allow_groups=True,
allow_missing_groups=False,
allow_emails=False,
allow_networks=False,
existing_data=None):
from fossir.modules.networks.models.networks import IPNetworkGroup
from fossir.modules.groups import GroupProxy
from fossir.modules.users import User
if existing_data is None:
existing_data = set()
type_ = fossil['_type']
id_ = fossil['id']
if type_ == 'Avatar':
if isinstance(id_, int) or id_.isdigit():
# regular user
user = User.get(int(id_))
elif allow_pending:
data = GenericCache('pending_identities').get(id_)
if not data:
raise ValueError("Cannot find user '{}' in cache".format(id_))
data = {k: '' if v is None else v for k, v in data.items()}
email = data['email'].lower()
# check if there is not already a (pending) user with that e-mail
# we need to check for non-pending users too since the search may
# show a user from external results even though the email belongs
# to an fossir account in case some of the search criteria did not
# match the fossir account
user = User.find_first(User.all_emails.contains(email),
~User.is_deleted)
if not user:
user = User(first_name=data.get('first_name') or '',
last_name=data.get('last_name') or '',
email=email,
address=data.get('address', ''),
phone=data.get('phone', ''),
affiliation=data.get('affiliation', ''),
is_pending=True)
db.session.add(user)
db.session.flush()
else:
raise ValueError(
"Id '{}' is not a number and allow_pending=False".format(id_))
if user is None:
raise ValueError('User does not exist: {}'.format(id_))
return user
elif allow_emails and type_ == 'Email':
return EmailPrincipal(id_)
elif allow_networks and type_ == 'IPNetworkGroup':
group = IPNetworkGroup.get(int(id_))
if group is None or (group.hidden and group not in existing_data):
raise ValueError('IP network group does not exist: {}'.format(id_))
return group
elif allow_groups and type_ in {'LocalGroupWrapper', 'LocalGroup'}:
group = GroupProxy(int(id_))
if group.group is None:
raise ValueError('Local group does not exist: {}'.format(id_))
return group
elif allow_groups and type_ in {'LDAPGroupWrapper', 'MultipassGroup'}:
provider = fossil['provider']
group = GroupProxy(id_, provider)
if group.group is None and not allow_missing_groups:
raise ValueError('Multipass group does not exist: {}:{}'.format(
provider, id_))
return group
else:
raise ValueError('Unexpected fossil type: {}'.format(type_))
def proxy(self):
"""Returns a GroupProxy wrapping this group"""
from fossir.modules.groups import GroupProxy
return GroupProxy(self.id, _group=self)
def group(self):
return GroupProxy(self.id, self.provider)
def group(self):
return GroupProxy(self.id)