Exemplo n.º 1
0
def get_individual_user_info(handler, name, service_account):
    # type: (GraphHandler, str, Optional[bool]) -> Dict[str, Any]
    """This is a helper function to retrieve all information about a user.

    Args:
        handler: the GraphHandler for this request
        name: the name of the user whose data is being retrieved
        service_account: a boolean indicating if this request is for a service account or not. This
            can be None if you want to support users and service accounts (deprecated)

    Returns:
        A dictionary containing all of the user's data

    Raises:
        NoSuchUser: When no user with the given name exists, or has the the wrong serviceaccount
            type
    """
    with handler.graph.lock:
        if name not in handler.graph.user_metadata:
            raise NoSuchUser
        md = handler.graph.user_metadata[name]
        if service_account is not None:
            is_service_account = md["role_user"] or "service_account" in md
            if service_account != is_service_account:
                raise NoSuchUser

        details = handler.graph.get_user_details(name, expose_aliases=False)
        out = {"user": {"name": name}}
        # Updates the output with the user's metadata
        try_update(out["user"], md)
        # Updates the output with the user's details (such as permissions)
        try_update(out, details)
        return out
Exemplo n.º 2
0
def get_individual_user_info(handler, name, cutoff, service_account):
    # type: (GraphHandler, str, int, Optional[bool]) -> Dict[str, Any]
    """This is a helper function to retrieve all information about a user.

    Args:
        handler: the GraphHandler for this request
        name: the name of the user whose data is being retrieved
        cutoff: the maximum distance of groups to use for permission checking
        service_account: a boolean indicating if this request is for a service account or not. This
            can be None if you want to support users and service accounts (deprecated)

    Returns:
        A dictionary containing all of the user's data

    Raises:
        NoSuchUser: When no user with the given name exists, or has the the wrong serviceaccount
            type
    """
    with handler.graph.lock:
        if name not in handler.graph.user_metadata:
            raise NoSuchUser
        md = handler.graph.user_metadata[name]
        if service_account is not None:
            is_service_account = md["role_user"] or "service_account" in md
            if service_account != is_service_account:
                raise NoSuchUser

        details = handler.graph.get_user_details(name, cutoff)
        out = {"user": {"name": name}}
        # Updates the output with the user's metadata
        try_update(out["user"], md)
        # Updates the output with the user's details (such as permissions)
        try_update(out, details)
        return out
Exemplo n.º 3
0
    def get(self, name=None):
        cutoff = int(self.get_argument("cutoff", 100))
        include_role_users = self.get_argument("include_role_users",
                                               "no") == "yes"

        with self.graph.lock:
            if not name:
                return self.success({
                    "users":
                    sorted([
                        k for k, v in self.graph.user_metadata.iteritems()
                        if include_role_users or (not v["role_user"])
                    ]),
                })

            if name in self.graph.user_metadata:
                md = self.graph.user_metadata[name]
                details = self.graph.get_user_details(name, cutoff)
            else:
                return self.notfound("User (%s) not found." % name)
            for key in md["public_keys"]:
                db_key = PublicKey.get(self.session, id=key["id"])
                perms = get_public_key_permissions(self.session, db_key)

                # Convert to set to remove duplicates, then back to list for json-serializability
                key["permissions"] = list(
                    set([(perm.name, perm.argument) for perm in perms]))

            out = {"user": {"name": name}}
            try_update(out["user"], md)
            try_update(out, details)
            return self.success(out)
Exemplo n.º 4
0
def get_individual_user_info(handler, name, cutoff, service_account):
    # type: (GraphHandler, str, int, Optional[bool]) -> None
    """This is a helper function to consolidate duplicate code from the service account and user
    endpoints into one location.

    Args:
        handler: the GraphHandler for this request
        name: the name we're looking up for this request
        cutoff: the maximum distance of groups to use for permission checking
        service_account: a boolean indicating if this request is for a service account or not. This
            can be None if you want to support users and service accounts (deprecated)

    Returns:
        None
    """
    acc = "Service Account" if service_account else "User"
    with handler.graph.lock:
        if name not in handler.graph.user_metadata:
            return handler.notfound("{} ({}) not found.".format(acc, name))
        md = handler.graph.user_metadata[name]
        if service_account is not None and md["role_user"] != service_account:
            return handler.notfound("{} ({}) not found.".format(acc, name))

        details = handler.graph.get_user_details(name, cutoff)
        out = {"user": {"name": name}}
        # Updates the output with the user's metadata
        try_update(out["user"], md)
        # Updates the output with the user's details (such as permissions)
        try_update(out, details)
        return handler.success(out)
Exemplo n.º 5
0
    def get(self, name=None):
        cutoff = int(self.get_argument("cutoff", 100))
        include_role_users = self.get_argument("include_role_users", "no") == "yes"

        with self.graph.lock:
            if not name:
                return self.success({
                    "users": sorted([k
                                     for k, v in self.graph.user_metadata.iteritems()
                                     if include_role_users or (not v["role_user"])]),
                })

            if name in self.graph.user_metadata:
                md = self.graph.user_metadata[name]
                details = self.graph.get_user_details(name, cutoff)
            else:
                return self.notfound("User (%s) not found." % name)
            for key in md["public_keys"]:
                db_key = PublicKey.get(self.session, id=key["id"])
                perms = get_public_key_permissions(self.session, db_key)

                # Convert to set to remove duplicates, then back to list for json-serializability
                key["permissions"] = list(set([(perm.name, perm.argument) for perm in perms]))

            out = {"user": {"name": name}}
            try_update(out["user"], md)
            try_update(out, details)
            return self.success(out)
Exemplo n.º 6
0
def get_individual_user_info(handler, name, cutoff, service_account):
    # type: (GraphHandler, str, int, Optional[bool]) -> None
    """This is a helper function to consolidate duplicate code from the service account and user
    endpoints into one location.

    Args:
        handler: the GraphHandler for this request
        name: the name we're looking up for this request
        cutoff: the maximum distance of groups to use for permission checking
        service_account: a boolean indicating if this request is for a service account or not. This
            can be None if you want to support users and service accounts (deprecated)

    Returns:
        None
    """
    acc = "Service Account" if service_account else "User"
    with handler.graph.lock:
        if name not in handler.graph.user_metadata:
            return handler.notfound("{} ({}) not found.".format(acc, name))
        md = handler.graph.user_metadata[name]
        if service_account is not None and md["role_user"] != service_account:
            return handler.notfound("{} ({}) not found.".format(acc, name))

        details = handler.graph.get_user_details(name, cutoff)
        out = {"user": {"name": name}}
        # Updates the output with the user's metadata
        try_update(out["user"], md)
        # Updates the output with the user's details (such as permissions)
        try_update(out, details)
        return handler.success(out)
Exemplo n.º 7
0
    def get(self, name=None):
        if not name:
            usecase = self.usecase_factory.create_list_permissions_usecase(self)
            usecase.simple_list_permissions()
            return

        with self.graph.lock:
            if name not in self.graph.permissions:
                return self.notfound("Permission (%s) not found." % name)

            details = self.graph.get_permission_details(name, expose_aliases=False)

            out = {"permission": {"name": name}}
            try_update(out, details)
            self.success(out)
Exemplo n.º 8
0
    def get(self, name=None):
        with self.graph.lock:
            if not name:
                return self.success({
                    "permissions":
                    [permission for permission in self.graph.permissions],
                })

            if name not in self.graph.permissions:
                return self.notfound("Permission (%s) not found." % name)

            details = self.graph.get_permission_details(name)

            out = {"permission": {"name": name}}
            try_update(out, details)
            return self.success(out)
Exemplo n.º 9
0
    def get(self, name=None):
        cutoff = int(self.get_argument("cutoff", 100))

        with self.graph.lock:
            if not name:
                return self.success({"groups": [group for group in self.graph.groups]})

            if name not in self.graph.groups:
                return self.notfound("Group (%s) not found." % name)

            details = self.graph.get_group_details(name, cutoff, expose_aliases=False)

            out = {"group": {"name": name}}
            try_update(out["group"], self.graph.group_metadata.get(name, {}))
            try_update(out, details)
            return self.success(out)
Exemplo n.º 10
0
    def get(self, *args, **kwargs):
        # type: (*Any, **Any) -> None
        name = kwargs.get("name")  # type: Optional[str]
        if not name:
            usecase = self.usecase_factory.create_list_permissions_usecase(self)
            usecase.simple_list_permissions()
            return

        with self.graph.lock:
            if name not in self.graph.permissions:
                return self.notfound("Permission (%s) not found." % name)

            details = self.graph.get_permission_details(name, expose_aliases=False)

            out = {"permission": {"name": name}}
            try_update(out, details)
            self.success(out)
Exemplo n.º 11
0
    def get(self, *args, **kwargs):
        # type: (*Any, **Any) -> None
        name = kwargs.get("name")  # type: Optional[str]
        if not name:
            usecase = self.usecase_factory.create_list_permissions_usecase(self)
            usecase.simple_list_permissions()
            return

        with self.graph.lock:
            if name not in self.graph.permissions:
                return self.notfound("Permission (%s) not found." % name)

            details = self.graph.get_permission_details(name, expose_aliases=False)

            out = {"permission": {"name": name}}
            try_update(out, details)
            self.success(out)
Exemplo n.º 12
0
    def get(self, name=None):
        with self.graph.lock:
            if not name:
                return self.success({
                    "permissions": [
                        permission
                        for permission in self.graph.permissions
                    ],
                })

            if name not in self.graph.permissions:
                return self.notfound("Permission (%s) not found." % name)

            details = self.graph.get_permission_details(name, expose_aliases=False)

            out = {"permission": {"name": name}}
            try_update(out, details)
            return self.success(out)
Exemplo n.º 13
0
    def get(self, name=None):
        cutoff = int(self.get_argument("cutoff", 100))
        include_role_users = self.get_argument("include_role_users", "no") == "yes"

        with self.graph.lock:
            if not name:
                return self.success({
                    "users": sorted([k
                                     for k, v in self.graph.user_metadata.iteritems()
                                     if include_role_users or (not v["role_user"])]),
                })

            if name in self.graph.user_metadata:
                md = self.graph.user_metadata[name]
                details = self.graph.get_user_details(name, cutoff)
            else:
                return self.notfound("User (%s) not found." % name)
            out = {"user": {"name": name}}
            try_update(out["user"], md)
            try_update(out, details)
            return self.success(out)
Exemplo n.º 14
0
    def get(self, name=None):
        cutoff = int(self.get_argument("cutoff", 100))

        with self.graph.lock:
            if not name:
                return self.success({
                    "groups": [
                        group
                        for group in self.graph.groups
                    ],
                })

            if name not in self.graph.groups:
                return self.notfound("Group (%s) not found." % name)

            details = self.graph.get_group_details(name, cutoff)

            out = {"group": {"name": name}}
            try_update(out["group"], self.graph.group_metadata.get(name, {}))
            try_update(out, details)
            return self.success(out)