def put_global_roles_for_user(request):
user_id = request.matchdict['user_id']
user = User.get_instance(user_id)
session = User.db()
if not user:
raise HTTPNotFound("User id %s does not exist" % (user_id,))
try:
data = json.loads(request.body)
except Exception as e:
raise HTTPBadRequest("Malformed Json")
if not isinstance(data, list):
raise HTTPBadRequest("Not a list")
if data and frozenset((type(x) for x in data)) != frozenset((str,)):
raise HTTPBadRequest("not strings")
roles = set(session.query(Role).filter(name in data).all())
data = set(data)
if len(roles) != len(data):
raise HTTPBadRequest("Not valid roles: %s" % (repr(
data - set((p.name for p in roles))),))
known_gu_roles = session.query(UserRole).join(Role).filter(
user=user).all()
gur_by_role = {gur.role.name: gur for gur in known_gu_roles}
known_roles = set(gur_by_role.keys())
for role in known_roles - roles:
session.query.delete(gur_by_role(role))
for role in roles - known_roles:
session.add(UserRole(user=user, role=role))
return {"added": list(roles - known_roles),
"removed": list(known_roles - roles)}
def get_global_roles_for_user(request):
user_id = request.matchdict['user_id']
session = User.db()
if not session.query(User).get(user_id):
raise HTTPNotFound("User id %s does not exist" % (user_id,))
rolenames = session.query(Role.name).join(
UserRole).filter(UserRole.user_id == user_id)
return [x[0] for x in rolenames]
