def upgrade(upd, with_testing, *args, **kwargs): upd.print_log('Upgrading db...') helpers.upgrade_db(revision='3d2db4a87f86') upd.print_log('Make HostingPanel role internal...') role = Role.filter(Role.rolename == 'HostingPanel').one() role.internal = True role.save()
def _set_new(val): role = Role.filter_by(rolename='Admin').first() pod_res = Resource.filter_by(name='pods').first() perms = Permission.filter_by(role_id=role.id, resource_id=pod_res.id).all() for perm in perms: if val: perm.set_allow() else: perm.set_deny()
def upgrade(upd, with_testing, *args, **kwargs): upd.print_log('Add menus Persistent volumes and Public IPs') user = Role.filter(Role.rolename == "User").one() trial_user = Role.filter(Role.rolename == "TrialUser").one() public_ips = MenuItem.create(name="Public IPs", path="/publicIPs/", ordering=1, menu_id=1) public_ips.save() perm = MenuItemRole(role=user, menuitem=public_ips) perm = MenuItemRole(role=trial_user, menuitem=public_ips) perm.save() p = MenuItem.create(name="Persistent volumes", path="/persistent-volumes/", ordering=2, menu_id=1) p.save() perm = MenuItemRole(role=user, menuitem=p) perm = MenuItemRole(role=trial_user, menuitem=p) perm.save()
def upgrade(upd, with_testing, *args, **kwargs): upd.print_log('Add roles {}, resources {} and its permissions...'.format( ROLES, RESOURCES)) fixtures.add_permissions(roles=ROLES, resources=RESOURCES, permissions=PERMISSIONS) upd.print_log('Add {} user...'.format(USER)) u = db.session.query(User).filter(User.username == USER).first() if not u: r = Role.filter_by(rolename='HostingPanel').first() u = User.create(username=USER, password=USER, role=r, active=True) u.save()
def add_users_and_roles(password): # Create all roles with users that has same name and password as role_name. # Useful to test permissions. # Delete all users from setup KuberDock. Only admin must be after install. # AC-228 # for role in Role.all(): # u = User.filter_by(username=role.rolename).first() # if u is None: # u = User.create(username=role.rolename, password=role.rolename, # role=role, package=p, active=True) # db.session.add(u) # db.session.commit() # Special user for convenience to type and login p1 = Package.filter_by(name='Standard package').first() r = Role.filter_by(rolename='Admin').first() u = User.filter_by(username='******').first() if u is None: u = User.create(username='******', password=password, role=r, package=p1, active=True) db.session.add(u) kr = Role.filter_by(rolename='User').first() ku = User.filter_by(username=KUBERDOCK_INTERNAL_USER).first() ku_passwd = uuid.uuid4().hex if ku is None: ku = User.create( username=KUBERDOCK_INTERNAL_USER, password=ku_passwd, role=kr, # package=p1, first_name='KuberDock Internal', active=True) # generate token immediately, to use it in node creation ku.get_token() db.session.add(ku) db.session.commit()
def add_menu_items(items, menu, parent=None,): for item in items: roles = item.pop('roles', []) children = item.pop('children', None) menu_item = MenuItem(**item) menu_item.menu = menu menu_item.parent = parent menu_item.save() for rolename in roles: role = Role.filter(Role.rolename == rolename).one() item_role = MenuItemRole(role=role, menuitem=menu_item) item_role.save() if children: add_menu_items(children, menu, parent=menu_item)
def user_fixtures(admin=False, active=True, **kwargs): username = '******' + randstr(8) password = randstr(10) role_id = Role.filter_by( rolename='User' if not admin else 'Admin').first().id email = randstr(10) + '@test.test' data = dict(username=username, password=password, active=active, role_id=role_id, package_id=0, email=email) user = User(**dict(data, **kwargs)).save() return user, password
def upgrade(upd, with_testing, *args, **kwargs): upd.print_log('Add MenuItemRole model.') upd.print_log('Upgrading db...') helpers.upgrade_db(revision='241a7b04a9ff') admin = Role.filter(Role.rolename == 'Admin').first() trialuser = Role.filter(Role.rolename == 'TrialUser').first() user = Role.filter(Role.rolename == 'User').first() menu_pods = MenuItem.filter(MenuItem.name == 'Pods').first() menu_publicip = MenuItem.filter(MenuItem.name == 'Public IPs').first() menu_pv = MenuItem.filter(MenuItem.name == 'Persistent volumes').first() menu_nodes = MenuItem.filter(MenuItem.name == 'Nodes').first() menu_papps = MenuItem.filter( MenuItem.name == 'Predefined Applications').first() menu_settings = MenuItem.filter(MenuItem.name == 'Settings').first() menu_adm = MenuItem.filter(MenuItem.name == 'Administration').first() menu_users = MenuItem.filter(MenuItem.name == 'Users').first() menu_ippool = MenuItem.filter(MenuItem.name == 'IP pool').first() MenuItemRole.create(menuitem=menu_pods, role=user) MenuItemRole.create(menuitem=menu_pods, role=trialuser) MenuItemRole.create(menuitem=menu_publicip, role=user) MenuItemRole.create(menuitem=menu_publicip, role=trialuser) MenuItemRole.create(menuitem=menu_pv, role=user) MenuItemRole.create(menuitem=menu_pv, role=trialuser) MenuItemRole.create(menuitem=menu_nodes, role=admin) MenuItemRole.create(menuitem=menu_papps, role=admin) MenuItemRole.create(menuitem=menu_settings, role=admin) MenuItemRole.create(menuitem=menu_settings, role=user) MenuItemRole.create(menuitem=menu_settings, role=trialuser) MenuItemRole.create(menuitem=menu_adm, role=admin) MenuItemRole.create(menuitem=menu_users, role=admin) MenuItemRole.create(menuitem=menu_ippool, role=admin) resource = Resource.filter(Resource.name == 'static_pages').first() if resource: Permission.filter(Permission.resource == resource).delete() resource.delete()
def run(self, username, password, rolename): try: role = Role.filter_by(rolename=rolename).one() except NoResultFound: raise InvalidCommand('Role with name `%s` not found' % rolename) if User.filter_by(username=username).first(): raise InvalidCommand('User `%s` already exists' % username) if not password: password = generate_new_pass() print "New password: {}".format(password) u = User.create(username=username, password=password, role=role, active=True, package_id=0) db.session.add(u) db.session.commit()
def _validate_role_exists(self, exists, field, value): if exists: if Role.by_rolename(value) is None: self._error(field, "Role doesn't exists")