Пример #1
0
def add_permission(principal, permission):

    # First check whether principal already has this permission or
    # a permission with wider scope. If so, there's no need to create
    # smaller-scope permission.
    if has_permission(principal, permission):
        return
    # Extract permission fields from permission string
    resource_id = None
    action, resource_class = permission.split(':')
    if '@' in resource_class:
        resource_class, resource_id = resource_class.split('@')
    # Create argument dictionary
    args = dict()
    args['action'] = action
    args['resource_class'] = resource_class
    args['resource_id'] = resource_id
    args['principal'] = principal
    # Create permission
    permission_dao = PermissionDao(g.db_session)
    permission_dao.create(**args)
Пример #2
0
    def post(self, id):

        self.check_admin()
        parser = reqparse.RequestParser()
        parser.add_argument('action', type=str, required=True, location='json')
        parser.add_argument('resource_class',
                            type=str,
                            required=True,
                            location='json')
        parser.add_argument('resource_id', type=int, location='json')
        parser.add_argument('granted', type=bool, location='json')
        args = parser.parse_args()
        user_dao = UserDao(self.db_session())
        user = user_dao.retrieve(id=id)
        args['principal'] = user
        permission_dao = PermissionDao(self.db_session())
        permission = permission_dao.create(**args)

        return permission.to_dict(), 201