def index(): authz.require(authz.logged_in()) users = [] for role in Role.all(): data = role.to_dict() del data['email'] users.append(data) return jsonify({'results': users, 'total': len(users)})
def index(): authz.require(authz.logged_in()) users = [] for role in Role.all(): data = role.to_dict() del data["email"] users.append(data) return jsonify({"results": users, "total": len(users)})
def permissions_update(id): # TODO: consider using a list to bundle permission writes collection = get_db_collection(id, request.authz.WRITE) data = parse_request(schema=PermissionSchema) role = Role.all().filter(Role.id == data['role']['id']).first() if role is None or not check_visible(role, request.authz): raise BadRequest() perm = update_permission(role, collection, data['read'], data['write']) return jsonify({'status': 'ok', 'updated': PermissionSchema().dump(perm)})
def index(): request.authz.require(request.authz.logged_in) users = [] for role in Role.all(): if not check_visible(role): continue data = role.to_dict() del data['email'] users.append(data) return jsonify({'results': users, 'total': len(users)})
def permissions_update(collection): authz.require(authz.collection_write(collection)) data = request_data() validate(data, "permission.json#") role = Role.all().filter(Role.id == data["role"]).first() if role is None: raise BadRequest() permission = Permission.grant_collection(collection, role, data["read"], data["write"]) db.session.commit() log_event(request) return jsonify({"status": "ok", "updated": permission})
def permissions_update(collection): authz.require(authz.collection_write(collection)) data = request_data() validate(data, 'permission.json#') role = Role.all().filter(Role.id == data['role']).first() if role is None: raise BadRequest() permission = Permission.grant_collection(collection.id, role, data['read'], data['write']) db.session.commit() return jsonify({'status': 'ok', 'updated': permission})
def permissions_update(collection): request.authz.require(request.authz.collection_write(collection)) data = request_data() validate(data, 'permission.json#') role = Role.all().filter(Role.id == data['role_id']).first() collection = Collection.by_id(collection) if role is None or collection is None: raise BadRequest() request.authz.require(check_visible(role)) perm = update_permission(role, collection, data['read'], data['write']) log_event(request) return jsonify({'status': 'ok', 'updated': perm})
def permissions_update(collection): authz.require(authz.collection_write(collection)) data = request_data() validate(data, 'permission.json#') role = Role.all().filter(Role.id == data['role']).first() if role is None: raise BadRequest() permission = Permission.grant_collection(collection.id, role, data['read'], data['write']) db.session.commit() return jsonify({ 'status': 'ok', 'updated': permission })
def permissions_save(collection=None, source=None): if collection is not None: authz.require(authz.collection_write(collection)) if source is not None: authz.require(authz.source_write(source)) resource_type = Permission.COLLECTION if collection else Permission.SOURCE resource_id = collection or source data = request_data() validate(data, 'permission.json#') role = Role.all().filter(Role.id == data['role']).first() if role is None: raise BadRequest() permission = Permission.grant_resource(resource_type, resource_id, role, data['read'], data['write']) db.session.commit() return jsonify({'status': 'ok', 'updated': permission})
def update_roles(): Authz.flush() for role in Role.all(): update_role(role)
def update_roles(): # Flush authz for anonymous users: cache.kv.delete(cache.key(Authz.PREFIX, Authz.READ), cache.key(Authz.PREFIX, Authz.WRITE)) for role in Role.all(): update_role(role)
def update_roles(): for role in Role.all(deleted=True): update_role(role)
def check_alerts(): """Go through all users and execute their alerts.""" for role in Role.all(): authz = Authz(role=role) for alert in Alert.by_role(role).all(): check_alert(authz, alert)