Exemplo n.º 1
0
def permissions_history():
    """GET /permissions/history"""
    history_table = dbo.permissions.history
    get_permissions = UsersView().get()
    permissions = _get_histories(history_table, get_permissions)
    permissions_history = {
        "permissions": permissions,
        "sc_permissions": PermissionScheduledChangeHistoryView().get_all()
    }
    histories = {
        "Permissions":
        json.loads(permissions_history["permissions"].data),
        "Permissions Scheduled Change":
        json.loads(permissions_history["sc_permissions"].data),
    }
    return histories
Exemplo n.º 2
0
def permissions_history():
    """GET /permissions/history"""
    history_table = dbo.permissions.history
    get_permissions = UsersView().get()
    permissions = _get_histories(history_table, get_permissions)
    permissions_history = {
        'permissions': permissions,
        'sc_permissions': PermissionScheduledChangeHistoryView().get_all()
    }
    histories = {
        'Permissions':
        json.loads(permissions_history['permissions'].data),
        'Permissions Scheduled Change':
        json.loads(permissions_history['sc_permissions'].data)
    }
    return histories
Exemplo n.º 3
0
def users_get():
    """GET /users"""
    return UsersView().get()
Exemplo n.º 4
0
        "STRICT_TRANSPORT_SECURITY", "max-age=31536000;")
    response.headers["Content-Security-Policy"] = app.config.get(
        "CONTENT_SECURITY_POLICY",
        "default-src 'none'; frame-ancestors 'none'")
    return response


Compress(app)

# Endpoints required for the Balrog 2.0 UI.
# In the Mozilla deployments of Balrog, both the the admin API (these endpoints)
# and the static admin UI are hosted on the same domain. This API wsgi app is
# hosted at "/api", which is stripped away by the web server before we see
# these requests.
app.add_url_rule("/csrf_token", view_func=CSRFView.as_view("csrf"))
app.add_url_rule("/users", view_func=UsersView.as_view("users"))
app.add_url_rule("/users/roles",
                 view_func=AllRolesView.as_view("all_users_roles"))
app.add_url_rule("/users/<username>",
                 view_func=SpecificUserView.as_view("specific_user"))
app.add_url_rule("/users/<username>/permissions",
                 view_func=PermissionsView.as_view("user_permissions"))
app.add_url_rule(
    "/users/<username>/permissions/<permission>",
    view_func=SpecificPermissionView.as_view("specific_permission"))
app.add_url_rule("/users/<username>/roles",
                 view_func=UserRolesView.as_view("user_roles"))
app.add_url_rule("/users/<username>/roles/<role>",
                 view_func=UserRoleView.as_view("user_role"))
app.add_url_rule("/rules", view_func=RulesAPIView.as_view("rules"))
# Normal operations (get/update/delete) on rules can be done by id or alias...
Exemplo n.º 5
0
def users_get():
    return UsersView().get()