def _get_resource_permissions_matrix(user): dict_resource_perm_map = {} result = [] resource_permission_set = get_resource_permission_set(user) for resource_permission in resource_permission_set: resource_name = resource_permission.resource.name permission_name = resource_permission.permission.name dict_resource_perm_map.setdefault(resource_name, []).append(permission_name) ori_action_dict = {} for resource_name, view_set, _ in router.registry: for name, _ in inspect.getmembers(view_set, predicate=inspect.ismethod): if name.lower() in [ 'update', 'create', 'destroy', 'list', 'partial_update', 'retrieve' ]: ori_action_dict.setdefault(resource_name, []).append( convert_method_to_action(name.lower())) for key in dict_resource_perm_map: row = [key, 'N/A', 'N/A', 'N/A', 'N/A'] row = _change_row(row, 'No', ori_action_dict.get(key, [])) row = _change_row(row, 'Yes', dict_resource_perm_map.get(key, [])) result.append(row) return sorted(result)
def _collect_resource_permissions(self): action_to_obj_dict = {} for action in ('update', 'create', 'delete', 'read'): action_to_obj_dict[action] = ActionPermission.objects.get(name=action) for prefix, view_set, basename in router.registry: if prefix in self.API_WITH_NO_PERMISSION_CONTROL: continue resource_obj, created = Resource.objects.get_or_create(name=prefix, view=str(view_set)) for name, method in inspect.getmembers(view_set, predicate=inspect.ismethod): if name.lower() in ['update', 'create', 'destroy', 'list', 'partial_update', 'retrieve']: action_permission = action_to_obj_dict[convert_method_to_action(name.lower())] _, created = ResourcePermission.objects.get_or_create(resource=resource_obj, permission=action_permission)
def _collect_resource_permissions(self): action_to_obj_dict = {} for action in ('update', 'create', 'delete', 'read'): action_to_obj_dict[action] = ActionPermission.objects.get( name=action) for prefix, view_set, basename in router.registry: if prefix in self.API_WITH_NO_PERMISSION_CONTROL: continue resource_obj, created = Resource.objects.get_or_create( name=prefix, view=str(view_set)) for name, method in inspect.getmembers(view_set, predicate=inspect.ismethod): if name.lower() in [ 'update', 'create', 'destroy', 'list', 'partial_update', 'retrieve' ]: action_permission = action_to_obj_dict[ convert_method_to_action(name.lower())] _, created = ResourcePermission.objects.get_or_create( resource=resource_obj, permission=action_permission)
def update_resources(sender, **kwargs): """Updates list of resources for which permissions can be created""" import inspect from django.conf import settings from django.utils.module_loading import autodiscover_modules from pdc.apps.auth.models import ResourcePermission, ActionPermission, Resource from pdc.apps.utils.SortedRouter import router from pdc.apps.utils.utils import convert_method_to_action if getattr(settings, 'SKIP_RESOURCE_CREATION', False): # We are running tests, don't create anything return API_WITH_NO_PERMISSION_CONTROL = set(['auth/token', 'auth/current-user']) # Import all routers to have list of all end-points. autodiscover_modules('routers') action_to_obj_dict = {} for action in ('update', 'create', 'delete', 'read'): action_to_obj_dict[action] = ActionPermission.objects.get(name=action) for prefix, view_set, basename in router.registry: if prefix in API_WITH_NO_PERMISSION_CONTROL: continue view_name = str(view_set) resource_obj, created = Resource.objects.get_or_create(name=prefix, defaults={'view': view_name}) if not created and resource_obj.view != view_name: # Update the name of the View class resource_obj.view = view_name resource_obj.save() for name, method in inspect.getmembers(view_set, predicate=inspect.ismethod): action_name = convert_method_to_action(name.lower()) if action_name: action_permission = action_to_obj_dict[action_name] ResourcePermission.objects.get_or_create(resource=resource_obj, permission=action_permission)
def _get_resource_permissions_matrix(user): dict_resource_perm_map = {} result = [] resource_permission_set = get_resource_permission_set(user) for resource_permission in resource_permission_set: resource_name = resource_permission.resource.name permission_name = resource_permission.permission.name dict_resource_perm_map.setdefault(resource_name, []).append(permission_name) ori_action_dict = {} for resource_name, view_set, _ in router.registry: for name, _ in inspect.getmembers(view_set, predicate=inspect.ismethod): if name.lower() in ['update', 'create', 'destroy', 'list', 'partial_update', 'retrieve']: ori_action_dict.setdefault(resource_name, []).append(convert_method_to_action(name.lower())) for key in dict_resource_perm_map: row = [key, 'N/A', 'N/A', 'N/A', 'N/A'] row = _change_row(row, 'No', ori_action_dict.get(key, [])) row = _change_row(row, 'Yes', dict_resource_perm_map.get(key, [])) result.append(row) return sorted(result)