def get(self, role_id): """ --- summary: Retrieve all specific Role parameters: - name: role_id in: path required: true description: The ID of the Role type: string responses: 200: description: Role with the given ID schema: $ref: '#/definitions/Role' 404: $ref: '#/definitions/404Error' 50x: $ref: '#/definitions/50xError' tags: - Roles """ self.write( BeerGardenSchemaParser.serialize_role( Role.objects.get(id=str(role_id)), to_string=False))
def post(self): """ --- summary: Create a new Role parameters: - name: role in: body description: The Role definition schema: $ref: '#/definitions/Role' consumes: - application/json responses: 201: description: A new Role has been created schema: $ref: '#/definitions/Role' 400: $ref: '#/definitions/400Error' 50x: $ref: '#/definitions/50xError' tags: - Roles """ role = BeerGardenSchemaParser.parse_role(self.request.decoded_body, from_string=True) # Make sure all new permissions are real if not set(role.permissions).issubset(Permissions.values): invalid = set(role.permissions).difference(Permissions.values) raise ModelValidationError("Permissions %s do not exist" % invalid) # And the same for nested roles nested_roles = [] for nested_role in role.roles: try: db_role = Role.objects.get(name=nested_role.name) # There shouldn't be any way to construct a cycle with a new # role, but check just to be sure ensure_no_cycles(role, db_role) nested_roles.append(db_role) except DoesNotExist: raise ModelValidationError("Role '%s' does not exist" % nested_role.name) role.roles = nested_roles role.save() self.set_status(201) self.write(BeerGardenSchemaParser.serialize_role(role, to_string=False))
def get(self): """ --- summary: Retrieve all Roles responses: 200: description: All Roles schema: type: array items: $ref: '#/definitions/Role' 50x: $ref: '#/definitions/50xError' tags: - Roles """ self.set_header('Content-Type', 'application/json; charset=UTF-8') self.write( BeerGardenSchemaParser.serialize_role(Role.objects.all(), many=True, to_string=True))
def patch(self, role_id): """ --- summary: Partially update a Role description: | The body of the request needs to contain a set of instructions detailing the updates to apply: ```JSON { "operations": [ { "operation": "add", "path": "/permissions", "value": "ALL" } ] } ``` parameters: - name: role_id in: path required: true description: The ID of the Role type: string - name: patch in: body required: true description: Instructions for how to update the Role schema: $ref: '#/definitions/Patch' responses: 200: description: Role with the given ID schema: $ref: '#/definitions/Role' 400: $ref: '#/definitions/400Error' 404: $ref: '#/definitions/404Error' 50x: $ref: '#/definitions/50xError' tags: - Roles """ role = Role.objects.get(id=str(role_id)) operations = BeerGardenSchemaParser.parse_patch( self.request.decoded_body, many=True, from_string=True) for op in operations: if op.path == '/permissions': try: if op.operation == 'add': role.permissions.append(Permissions(op.value).value) elif op.operation == 'remove': role.permissions.remove(Permissions(op.value).value) elif op.operation == 'set': role.permissions = [ Permissions(perm).value for perm in op.value ] else: raise ModelValidationError( "Unsupported operation '%s'" % op.operation) except ValueError: raise ModelValidationError( "Permission '%s' does not exist" % op.value) elif op.path == '/roles': try: if op.operation == 'add': new_nested = Role.objects.get(name=op.value) ensure_no_cycles(role, new_nested) role.roles.append(new_nested) elif op.operation == 'remove': role.roles.remove(Role.objects.get(name=op.value)) elif op.operation == 'set': # Do this one at a time to be super sure about cycles role.roles = [] for role_name in op.value: new_role = Role.objects.get(name=role_name) ensure_no_cycles(role, new_role) role.roles.append(new_role) else: raise ModelValidationError( "Unsupported operation '%s'" % op.operation) except DoesNotExist: raise ModelValidationError("Role '%s' does not exist" % op.value) else: raise ModelValidationError("Unsupported path '%s'" % op.path) role.save() # Any modification to roles will possibly modify the anonymous user brew_view.anonymous_principal = anonymous_principal() self.write(BeerGardenSchemaParser.serialize_role(role, to_string=False))