def set_user(bot, update, args, job_queue: JobQueue): if update.message.from_user.id not in [ p.t_id for p in Permission.select(Permission.t_id) ]: update.message.reply_text( "You don't have permission to get issues from this jira-service") return user, _ = User.get_or_create(name=args[0]) user.last_updated = datetime.now() user.save() t_id = update.message.chat_id try: chat = Chat.get(t_id=t_id) except DoesNotExist: chat = Chat.create(t_id=t_id) chat.user = user chat.save() add_job(job_queue, chat) update.message.reply_text('You will get issues notifications from user: ' + user.name)
def create_role(self, rolename, permissions=[]): r = Role(rolename=rolename) for permission in permissions: r.permissions.append( Permission(rolename=r.rolename, permission=permission)) self.session.add(r) self.session.commit() return r
def create_role(self, rolename, permissions=[]): r = Role(rolename=rolename) r.last_changed_by = "Unknown" r.last_change_date = datetime.now() for permission in permissions: r.permissions.append(Permission(rolename=r.rolename, permission=permission)) self.session.add(r) self.session.commit() return r
def update_role(self, role, permissions): r = self.session.query(Role).filter(Role.rolename == role.rolename)\ .filter(Role.valid_until == ModelUtility.NullTimeStamp).first() # 1. Aktuellen Stand der Rolle als Version sichern r_version = Role(rolename=r.rolename, valid_until=datetime.now()) r_version.last_change_date = r.last_change_date r_version.last_changed_by = r.last_changed_by r_version.permissions = [] for permission in r.permissions: r_version.permissions.append(Permission(role=r, permission=permission.permission)) self.session.add(r_version) # 2. Rolle aktualisieren r.permissions = [] for permission in permissions: r.permissions.append(Permission(role=r, permission=permission)) r.last_change_date = datetime.now() r.last_changed_by = 'blub' self.session.add(r) self.session.commit()
def update_role(self, role, permissions): r = self.session.query(Role).filter( Role.rolename == role.rolename).first() r.permissions = [] for permission in permissions: r.permissions.append( Permission(rolename=r.rolename, permission=permission)) r.last_change_date = datetime.now() r.last_changed_by = 'blub' self.session.add(r) self.session.commit()
def update_role(self, role): r = self.session.query(RoleEntity).filter(RoleEntity.rolename == role.rolename).\ filter(RoleEntity.deleted == False).first() if r is None: raise Exception("Die Rolle {0} ist gelöscht oder existiert nicht".format(role.rolename)) r.future_version.permissions = [] for permission in role.permissions: r.future_version.permissions.append(Permission(role_version=r.future_version, permission=permission)) r.future_version.last_change_date = datetime.now() r.future_version.last_changed_by = "unbekannt" self.session.add(r.future_version) self.session.commit()
def commit(self, rolename): r = self.session.query(RoleEntity).filter(RoleEntity.rolename == rolename).\ filter(RoleEntity.deleted == False).first() if r is None: raise Exception("Die Rolle {0} ist gelöscht oder existiert nicht".format(rolename)) # Neue Rollenversion anlegen r_version = RoleVersion(role=r) r_version.create_date = datetime.now() r_version.last_change_date = datetime.now() r_version.last_changed_by = "unbekannt" for permission in r.future_version.permissions: r_version.permissions.append(Permission(role_version=r_version, permission=permission.permission)) # Versionen weiterschalten r.current_version = r.future_version r.future_version = r_version # Speichern self.session.add(r) self.session.add(r.current_version) self.session.add(r_version) self.session.commit()
def create_role(self, role): # Prüfen, ob die Rolle bereits existiert exists = self.session.query(RoleEntity).filter(RoleEntity.rolename == role.rolename).count() # Prüfen, ob der Benutzer bereits als gelöscht existiert deleted = self.session.query(RoleEntity).filter(RoleEntity.rolename == role.rolename).\ filter(RoleEntity.deleted).count() if deleted == 1: # Benutzerobjekt laden und wieder aktivieren r = self.session.query(RoleEntity).filter(RoleEntity.rolename == role.rolename).\ filter(RoleEntity.deleted).first() elif exists == 0: # Benuter-Basisobjekt anlegen r = RoleEntity(rolename=role.rolename) else: # Ansonsten gibts den Benutzer schon in aktivem Zustand => Fehler! raise Exception("Der Rollenname {0} wird bereits verwendet".format(role.rolename)) r.create_date = datetime.now() r.deleted = False r_version = RoleVersion(role=r) r_version.create_date = r.create_date r_version.last_change_date = datetime.now() r_version.last_changed_by = "unbekannt" r.future_version = r_version for permission in role.permissions: r_version.permissions.append(Permission(role_version=r_version, permission=permission)) self.session.add(r) self.session.add(r_version) self.session.commit() return r
def insert_test_data(engine): Session = sessionmaker(engine) session = Session() head_dept = session.query(Dept).filter(Dept.name == '总部').first() dept1 = Dept(name='研发部', desc='研发部', parent_id=head_dept.id) session.add(dept1) session.flush() dept1_1 = Dept(name='研发一部', desc='研发一部', parent_id=dept1.id) dept1_2 = Dept(name='研发二部', desc='研发二部', parent_id=dept1.id) session.add(dept1_1) session.add(dept1_2) dept2 = Dept(name='市场部', desc='市场部', parent_id=head_dept.id) session.add(dept2) session.flush() dept2_1 = Dept(name='市场一部', desc='市场一部', parent_id=dept2.id) dept2_2 = Dept(name='市场二部', desc='市场二部', parent_id=dept2.id) session.add(dept2_1) session.add(dept2_2) session.flush() user1 = User(name='熊大', password=utils.md5encode('abc123'), dept_id=dept1.id) user2 = User(name='熊二', password=utils.md5encode('abc123'), dept_id=dept2.id) user3 = User(name='张三', password=utils.md5encode('abc123'), email='*****@*****.**', dept_id=dept1_1.id) user4 = User(name='李四', password=utils.md5encode('abc123'), email='*****@*****.**', dept_id=dept1_2.id) user5 = User(name='王五', password=utils.md5encode('abc123'), dept_id=dept2_1.id) user6 = User(name='赵六', password=utils.md5encode('abc123'), dept_id=dept2_2.id) user7 = User(name='用户1', password=utils.md5encode('abc123'), dept_id=dept1_1.id) user8 = User(name='用户2', password=utils.md5encode('abc123'), dept_id=dept1_2.id) user9 = User(name='用户3', password=utils.md5encode('abc123'), dept_id=dept1_1.id) user10 = User(name='用户4', password=utils.md5encode('abc123'), dept_id=dept1_2.id) session.add(user1) session.add(user2) session.add(user3) session.add(user4) session.add(user5) session.add(user6) session.add(user7) session.add(user8) session.add(user9) session.add(user10) session.flush() sys_admin_role = session.query(Role).filter(Role.name == '系统管理员').first() dept_admin_role = session.query(Role).filter(Role.name == '部门管理员').first() user_role = session.query(Role).filter(Role.name == '普通用户').first() session.add(UserRoleMembership(user1.id, dept_admin_role.id)) session.add(UserRoleMembership(user2.id, dept_admin_role.id)) session.add(UserRoleMembership(user3.id, dept_admin_role.id)) session.add(UserRoleMembership(user4.id, dept_admin_role.id)) session.add(UserRoleMembership(user5.id, dept_admin_role.id)) session.add(UserRoleMembership(user6.id, dept_admin_role.id)) session.add(UserRoleMembership(user7.id, user_role.id)) session.add(UserRoleMembership(user8.id, user_role.id)) session.add(UserRoleMembership(user9.id, user_role.id)) session.add(UserRoleMembership(user10.id, user_role.id)) session.flush() session.add( Permission(path='^/depts$', role_id=sys_admin_role.id, method='GET')) session.add( Permission(path='^/depts/.*', role_id=sys_admin_role.id, method='GET')) session.add( Permission(path='^/depts$', role_id=sys_admin_role.id, method='POST')) session.add( Permission(path='^/depts/.*', role_id=sys_admin_role.id, method='POST')) session.add( Permission(path='^/depts/.*', role_id=sys_admin_role.id, method='DELETE')) session.add( Permission(path='^/depts$', role_id=dept_admin_role.id, method='GET')) session.add( Permission(path='^/depts/.*', role_id=dept_admin_role.id, method='GET')) session.add( Permission(path='^/depts$', role_id=dept_admin_role.id, method='POST')) session.add( Permission(path='^/depts/.*', role_id=dept_admin_role.id, method='POST')) session.add( Permission(path='^/depts/.*', role_id=dept_admin_role.id, method='DELETE')) session.add( Permission(path='^/roles$', role_id=sys_admin_role.id, method='GET')) session.add( Permission(path='^/roles$', role_id=dept_admin_role.id, method='GET')) session.add(Permission(path='^/roles$', role_id=user_role.id, method='GET')) session.add( Permission(path='^/users$', role_id=sys_admin_role.id, method='GET')) session.add( Permission(path='^/users/.*', role_id=sys_admin_role.id, method='GET')) session.add( Permission(path='^/users$', role_id=sys_admin_role.id, method='POST')) session.add( Permission(path='^/users/.*', role_id=sys_admin_role.id, method='POST')) session.add( Permission(path='^/users/.*', role_id=sys_admin_role.id, method='DELETE')) session.add( Permission(path='^/users$', role_id=dept_admin_role.id, method='GET')) session.add( Permission(path='^/users/.*', role_id=dept_admin_role.id, method='GET')) session.add( Permission(path='^/users$', role_id=dept_admin_role.id, method='POST')) session.add( Permission(path='^/users/.*', role_id=dept_admin_role.id, method='POST')) session.add( Permission(path='^/users/.*', role_id=dept_admin_role.id, method='DELETE')) session.add(Permission(path='^/users$', role_id=user_role.id, method='GET')) session.add( Permission(path='^/users/.*', role_id=user_role.id, method='GET')) session.add( Permission(path='^/flavors$', role_id=sys_admin_role.id, method='GET')) session.add( Permission(path='^/flavors$', role_id=dept_admin_role.id, method='GET')) session.add( Permission(path='^/flavors$', role_id=user_role.id, method='GET')) session.add( Permission(path='^/flavors$', role_id=sys_admin_role.id, method='POST')) session.add( Permission(path='^/flavors/.*', role_id=sys_admin_role.id, method='POST')) session.add( Permission(path='^/flavors/.*', role_id=sys_admin_role.id, method='DELETE')) session.add( Permission(path='^/servers$', role_id=sys_admin_role.id, method='GET')) session.add( Permission(path='^/servers$', role_id=dept_admin_role.id, method='GET')) session.add( Permission(path='^/servers$', role_id=user_role.id, method='GET')) session.add( Permission(path='^/servers/.*', role_id=sys_admin_role.id, method='GET')) session.add( Permission(path='^/servers/.*', role_id=dept_admin_role.id, method='GET')) session.add( Permission(path='^/servers/.*', role_id=user_role.id, method='GET')) session.add( Permission(path='^/servers$', role_id=sys_admin_role.id, method='POST')) session.add( Permission(path='^/servers$', role_id=dept_admin_role.id, method='POST')) session.add( Permission(path='^/servers$', role_id=user_role.id, method='POST')) session.add( Permission(path='^/servers/.*', role_id=sys_admin_role.id, method='POST')) session.add( Permission(path='^/servers/.*', role_id=dept_admin_role.id, method='POST')) session.add( Permission(path='^/servers/.*', role_id=user_role.id, method='POST')) session.add( Permission(path='^/servers/.*', role_id=sys_admin_role.id, method='DELETE')) session.add( Permission(path='^/servers/.*', role_id=dept_admin_role.id, method='DELETE')) session.add( Permission(path='^/servers/.*', role_id=user_role.id, method='DELETE')) session.add( Permission(path='^/volumes$', role_id=sys_admin_role.id, method='GET')) session.add( Permission(path='^/volumes$', role_id=dept_admin_role.id, method='GET')) session.add( Permission(path='^/volumes$', role_id=user_role.id, method='GET')) session.add( Permission(path='^/volumes/.*', role_id=sys_admin_role.id, method='GET')) session.add( Permission(path='^/volumes/.*', role_id=dept_admin_role.id, method='GET')) session.add( Permission(path='^/volumes/.*', role_id=user_role.id, method='GET')) session.add( Permission(path='^/volumes$', role_id=sys_admin_role.id, method='POST')) session.add( Permission(path='^/volumes$', role_id=dept_admin_role.id, method='POST')) session.add( Permission(path='^/volumes$', role_id=user_role.id, method='POST')) session.add( Permission(path='^/volumes/.*', role_id=sys_admin_role.id, method='POST')) session.add( Permission(path='^/volumes/.*', role_id=dept_admin_role.id, method='POST')) session.add( Permission(path='^/volumes/.*', role_id=user_role.id, method='POST')) session.add( Permission(path='^/volumes/.*', role_id=sys_admin_role.id, method='DELETE')) session.add( Permission(path='^/volumes/.*', role_id=dept_admin_role.id, method='DELETE')) session.add( Permission(path='^/volumes/.*', role_id=user_role.id, method='DELETE')) session.add( Permission(path='^/snapshots$', role_id=sys_admin_role.id, method='GET')) session.add( Permission(path='^/snapshots$', role_id=dept_admin_role.id, method='GET')) session.add( Permission(path='^/snapshots$', role_id=user_role.id, method='GET')) session.add( Permission(path='^/snapshots/.*', role_id=sys_admin_role.id, method='GET')) session.add( Permission(path='^/snapshots/.*', role_id=dept_admin_role.id, method='GET')) session.add( Permission(path='^/snapshots/.*', role_id=user_role.id, method='GET')) session.add( Permission(path='^/snapshots$', role_id=sys_admin_role.id, method='POST')) session.add( Permission(path='^/snapshots$', role_id=dept_admin_role.id, method='POST')) session.add( Permission(path='^/snapshots$', role_id=user_role.id, method='POST')) session.add( Permission(path='^/snapshots/.*', role_id=sys_admin_role.id, method='POST')) session.add( Permission(path='^/snapshots/.*', role_id=dept_admin_role.id, method='POST')) session.add( Permission(path='^/snapshots/.*', role_id=user_role.id, method='POST')) session.add( Permission(path='^/snapshots/.*', role_id=sys_admin_role.id, method='DELETE')) session.add( Permission(path='^/snapshots/.*', role_id=dept_admin_role.id, method='DELETE')) session.add( Permission(path='^/snapshots/.*', role_id=user_role.id, method='DELETE')) session.add( Permission(path='^/images$', role_id=sys_admin_role.id, method='GET')) session.add( Permission(path='^/images$', role_id=dept_admin_role.id, method='GET')) session.add( Permission(path='^/images$', role_id=user_role.id, method='GET')) session.add( Permission(path='^/images/.*', role_id=sys_admin_role.id, method='GET')) session.add( Permission(path='^/images/.*', role_id=dept_admin_role.id, method='GET')) session.add( Permission(path='^/images/.*', role_id=user_role.id, method='GET')) session.add( Permission(path='^/images$', role_id=sys_admin_role.id, method='POST')) session.add( Permission(path='^/images/.*', role_id=sys_admin_role.id, method='POST')) session.add( Permission(path='^/images/.*', role_id=sys_admin_role.id, method='DELETE')) session.add( Permission(path='^/hypervisors$', role_id=sys_admin_role.id, method='GET')) session.add( Permission(path='^/hosts$', role_id=sys_admin_role.id, method='GET')) session.add( Permission(path='^/logs$', role_id=sys_admin_role.id, method='GET')) session.add( Permission(path='^/monitor/.*', role_id=sys_admin_role.id, method='GET')) session.commit() session.close()
def setup_database(): init_model(engine) teardownDatabase() elixir.setup_all(True) # Creating permissions see_site = Permission() see_site.permission_name = u'see-site' see_site.description = u'see-site permission description' DBSession.save(see_site) edit_site = Permission() edit_site.permission_name = u'edit-site' edit_site.description = u'edit-site permission description' DBSession.save(edit_site) commit = Permission() commit.permission_name = u'commit' commit.description = u'commit permission description' DBSession.save(commit) # Creating groups admins = Group() admins.group_name = u'admins' admins.display_name = u'Admins Group' admins.permissions.append(edit_site) DBSession.save(admins) developers = Group(group_name=u'developers', display_name=u'Developers Group') developers.permissions = [commit, edit_site] DBSession.save(developers) trolls = Group(group_name=u'trolls', display_name=u'Trolls Group') trolls.permissions.append(see_site) DBSession.save(trolls) # Plus a couple of groups with no permissions php = Group(group_name=u'php', display_name=u'PHP Group') DBSession.save(php) python = Group(group_name=u'python', display_name=u'Python Group') DBSession.save(python) # Creating users user = User() user.user_name = u'rms' user.password = u'freedom' user.email_address = u'*****@*****.**' user.groups.append(admins) user.groups.append(developers) DBSession.save(user) user = User() user.user_name = u'linus' user.password = u'linux' user.email_address = u'*****@*****.**' user.groups.append(developers) DBSession.save(user) user = User() user.user_name = u'sballmer' user.password = u'developers' user.email_address = u'*****@*****.**' user.groups.append(trolls) DBSession.save(user) # Plus a couple of users without groups user = User() user.user_name = u'guido' user.password = u'phytonic' user.email_address = u'*****@*****.**' DBSession.save(user) user = User() user.user_name = u'rasmus' user.password = u'php' user.email_address = u'*****@*****.**' DBSession.save(user) DBSession.commit()