def create_groups_permissions(groups_permissions, pool_id, user):
"""Creates permissions to access for pools"""
group_adm = {
'group': 1,
'read': True,
'write': True,
'delete': True,
'change_config': True,
}
_create_group_permission(group_adm, pool_id)
if groups_permissions:
for group_permission in groups_permissions:
if group_permission['group'] != 1:
_create_group_permission(group_permission, pool_id)
else:
for group in UsuarioGrupo.list_by_user_id(user.id):
group_id = int(group.ugrupo.id)
if group_id != 1:
_create_group_permission(
{
'group': group_id,
'read': True,
'write': True,
'delete': True,
'change_config': True,
}, pool_id)
def handle_delete(self, request, user, *args, **kwargs):
"""Treat DELETE requests to dissociate User and Group.
URL: usergroup/user/<id_user>/ugroup/<id_group>/dissociate/
"""
try:
self.log.info('Dissociate User and Group.')
# User permission
if not has_perm(user, AdminPermission.USER_ADMINISTRATION,
AdminPermission.WRITE_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
raise UserNotAuthorizedError(None)
id_user = kwargs.get('id_user')
id_group = kwargs.get('id_group')
# Valid ID User
if not is_valid_int_greater_zero_param(id_user):
self.log.error(
u'The id_user parameter is not a valid value: %s.',
id_user)
raise InvalidValueError(None, 'id_user', id_user)
# Valid ID Group
if not is_valid_int_greater_zero_param(id_group):
self.log.error(
u'The id_group parameter is not a valid value: %s.',
id_group)
raise InvalidValueError(None, 'id_group', id_group)
# Find User by ID to check if it exist
Usuario.get_by_pk(id_user)
# Find Group by ID to check if it exist
UGrupo.get_by_pk(id_group)
# Find UserGroup by ID to check if it exist
user_group = UsuarioGrupo.get_by_user_group(id_user, id_group)
with distributedlock(LOCK_USER_GROUP % (id_user, id_group)):
try:
# remove UserGroup
user_group.delete()
except Exception, e:
self.log.error(u'Failed to remove the UserGroup.')
raise GrupoError(e, u'Failed to remove the UserGroup.')
return self.response(dumps_networkapi({}))
except InvalidValueError, e:
return self.response_error(269, e.param, e.value)
def handle_delete(self, request, user, *args, **kwargs):
"""Treat DELETE requests to dissociate User and Group.
URL: usergroup/user/<id_user>/ugroup/<id_group>/dissociate/
"""
try:
self.log.info('Dissociate User and Group.')
# User permission
if not has_perm(user, AdminPermission.USER_ADMINISTRATION, AdminPermission.WRITE_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
raise UserNotAuthorizedError(None)
id_user = kwargs.get('id_user')
id_group = kwargs.get('id_group')
# Valid ID User
if not is_valid_int_greater_zero_param(id_user):
self.log.error(
u'The id_user parameter is not a valid value: %s.', id_user)
raise InvalidValueError(None, 'id_user', id_user)
# Valid ID Group
if not is_valid_int_greater_zero_param(id_group):
self.log.error(
u'The id_group parameter is not a valid value: %s.', id_group)
raise InvalidValueError(None, 'id_group', id_group)
# Find User by ID to check if it exist
Usuario.get_by_pk(id_user)
# Find Group by ID to check if it exist
UGrupo.get_by_pk(id_group)
# Find UserGroup by ID to check if it exist
user_group = UsuarioGrupo.get_by_user_group(id_user, id_group)
with distributedlock(LOCK_USER_GROUP % (id_user, id_group)):
try:
# remove UserGroup
user_group.delete()
except Exception, e:
self.log.error(u'Failed to remove the UserGroup.')
raise GrupoError(e, u'Failed to remove the UserGroup.')
return self.response(dumps_networkapi({}))
except InvalidValueError, e:
return self.response_error(269, e.param, e.value)
def handle_get(self, request, user, *args, **kwargs):
"""Trata as requisições de GET para listar Usuarios.
URLs: usuario/get/$
"""
try:
if not has_perm(user, AdminPermission.USER_ADMINISTRATION,
AdminPermission.READ_OPERATION):
return self.not_authorized()
list_groups = []
user_groups_list = []
map_list = []
for user in Usuario.objects.all():
user_map = dict()
user_map['id'] = user.id
user_map['user'] = user.user
user_map['nome'] = user.nome
user_map['ativo'] = user.ativo
user_map['email'] = user.email
groups = None
groups = UsuarioGrupo.list_by_user_id(user.id)
if groups is not None and len(groups) > 0:
for group in groups:
user_groups_list.append(
UGrupo.get_by_pk(group.ugrupo_id))
for user_group in user_groups_list:
list_groups.append(user_group.nome)
if (len(list_groups) > 3):
user_map['is_more'] = True
else:
user_map['is_more'] = False
user_map['grupos'] = list_groups if len(list_groups) > 0 else [
None
]
list_groups = []
user_groups_list = []
map_list.append(user_map)
return self.response(dumps_networkapi({'usuario': map_list}))
except UserNotAuthorizedError:
return self.not_authorized()
except (UsuarioError, GrupoError):
return self.response_error(1)
def handle_get(self, request, user, *args, **kwargs):
"""Trata as requisições de GET para listar Usuarios.
URLs: usuario/get/$
"""
try:
if not has_perm(user, AdminPermission.USER_ADMINISTRATION, AdminPermission.READ_OPERATION):
return self.not_authorized()
list_groups = []
user_groups_list = []
map_list = []
for user in Usuario.objects.all():
user_map = dict()
user_map['id'] = user.id
user_map['user'] = user.user
user_map['nome'] = user.nome
user_map['ativo'] = user.ativo
user_map['email'] = user.email
groups = None
groups = UsuarioGrupo.list_by_user_id(user.id)
if groups is not None and len(groups) > 0:
for group in groups:
user_groups_list.append(
UGrupo.get_by_pk(group.ugrupo_id))
for user_group in user_groups_list:
list_groups.append(user_group.nome)
if (len(list_groups) > 3):
user_map['is_more'] = True
else:
user_map['is_more'] = False
user_map['grupos'] = list_groups if len(
list_groups) > 0 else [None]
list_groups = []
user_groups_list = []
map_list.append(user_map)
return self.response(dumps_networkapi({'usuario': map_list}))
except UserNotAuthorizedError:
return self.not_authorized()
except (UsuarioError, GrupoError):
return self.response_error(1)
def get_groups(users_permissions):
groups = list()
for user_permission in users_permissions:
for group in UsuarioGrupo.list_by_user_id(user_permission['user']):
group_id = int(group.ugrupo.id)
if group_id != 1:
groups.append({
'user_group': group_id,
'read': user_permission['read'],
'write': user_permission['write'],
'delete': user_permission['delete'],
'change_config': user_permission['change_config'],
})
return groups
def update_groups_permissions(groups_permissions,
vip_id,
user,
replace_permissions=False):
"""Creates permissions to access for vips"""
# groups default
if not groups_permissions:
for group in UsuarioGrupo.list_by_user_id(user.id):
group_id = int(group.ugrupo.id)
if group_id != 1:
groups_permissions.append({
'group': group_id,
'read': True,
'write': True,
'delete': True,
'change_config': True,
})
groups_perms = models.VipRequestGroupPermission.objects.filter(
vip_request=vip_id)
groups_permissions_idx = [gp['group'] for gp in groups_permissions]
groups_perm_idx = [gp.user_group_id for gp in groups_perms]
for group_perm in groups_perms:
# change or delete group != 1(ADM)
if group_perm.user_group_id != 1:
# update perms
if group_perm.user_group_id in groups_permissions_idx:
idx = groups_permissions_idx.index(group_perm.user_group_id)
_update_group_permission(groups_permissions[idx],
group_perm.id)
# delete perms
elif replace_permissions is True:
models.VipRequestGroupPermission.objects.filter(
id=group_perm.id).delete()
for group_permission in groups_permissions:
# change or delete group != 1(ADM)
if group_permission['group'] != 1:
# insert perms
if group_permission['group'] not in groups_perm_idx:
_create_group_permission(group_permission, vip_id)
def handle_put(self, request, user, *args, **kwargs):
"""Treat PUT requests to associate User and Group.
URL: usergroup/user/<id_user>/ugroup/<id_group>/associate/
"""
try:
self.log.info("Associate User and Group.")
# User permission
if not has_perm(user, AdminPermission.USER_ADMINISTRATION, AdminPermission.WRITE_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
raise UserNotAuthorizedError(None)
id_user = kwargs.get('id_user')
id_group = kwargs.get('id_group')
# Valid ID User
if not is_valid_int_greater_zero_param(id_user):
self.log.error(
u'The id_user parameter is not a valid value: %s.', id_user)
raise InvalidValueError(None, 'id_user', id_user)
# Valid ID Group
if not is_valid_int_greater_zero_param(id_group):
self.log.error(
u'The id_group parameter is not a valid value: %s.', id_group)
raise InvalidValueError(None, 'id_group', id_group)
# Find User by ID to check if it exist
usr = Usuario.get_by_pk(id_user)
# Find Group by ID to check if it exist
group = UGrupo.get_by_pk(id_group)
try:
# Find UserGroup by ID to check if it exist
user_group = UsuarioGrupo.get_by_user_group(id_user, id_group)
raise UsuarioGrupoDuplicatedError(
None, u'Usuário já está associado ao Grupo.')
except UserGroupNotFoundError:
pass
user_group = UsuarioGrupo()
# set variables
user_group.usuario = usr
user_group.ugrupo = group
try:
# save UserGroup
user_group.save(user)
except Exception, e:
self.log.error(u'Failed to save the UserGroup.')
raise UsuarioError(e, u'Failed to save the UserGroup.')
usr_grp_map = dict()
usr_grp_map['user_group'] = model_to_dict(
usr, exclude=["usuario", "ugrupo"])
return self.response(dumps_networkapi(usr_grp_map))
def handle_put(self, request, user, *args, **kwargs):
"""Treat PUT requests to associate User and Group.
URL: usergroup/user/<id_user>/ugroup/<id_group>/associate/
"""
try:
self.log.info("Associate User and Group.")
# User permission
if not has_perm(user, AdminPermission.USER_ADMINISTRATION,
AdminPermission.WRITE_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
raise UserNotAuthorizedError(None)
id_user = kwargs.get('id_user')
id_group = kwargs.get('id_group')
# Valid ID User
if not is_valid_int_greater_zero_param(id_user):
self.log.error(
u'The id_user parameter is not a valid value: %s.',
id_user)
raise InvalidValueError(None, 'id_user', id_user)
# Valid ID Group
if not is_valid_int_greater_zero_param(id_group):
self.log.error(
u'The id_group parameter is not a valid value: %s.',
id_group)
raise InvalidValueError(None, 'id_group', id_group)
# Find User by ID to check if it exist
usr = Usuario.get_by_pk(id_user)
# Find Group by ID to check if it exist
group = UGrupo.get_by_pk(id_group)
try:
# Find UserGroup by ID to check if it exist
user_group = UsuarioGrupo.get_by_user_group(id_user, id_group)
raise UsuarioGrupoDuplicatedError(
None, u'Usuário já está associado ao Grupo.')
except UserGroupNotFoundError:
pass
user_group = UsuarioGrupo()
# set variables
user_group.usuario = usr
user_group.ugrupo = group
try:
# save UserGroup
user_group.save()
except Exception, e:
self.log.error(u'Failed to save the UserGroup.')
raise UsuarioError(e, u'Failed to save the UserGroup.')
usr_grp_map = dict()
usr_grp_map['user_group'] = model_to_dict(
usr, exclude=["usuario", "ugrupo"])
return self.response(dumps_networkapi(usr_grp_map))
