def update_or_create_group(name, config_entity=None, superiors=None):
"""
Create a group and GroupHierarchy instance. Group is the Django Group model, whereas
GroupHierarchy is a Footprint model that associates a Group to superior Groups and to
a ConfigEntity
:param name: Required name of the group
:param config_entity: Optional. Required for config_entity scoped groups. Always null
for the default groups (e.g. Admin, Directory)
:param superiors: Optional superiors to the group. All groups should have superiors except
for the Admin group
:return:
"""
group = get_single_value_or_create(
Group.objects.filter(name=name), lambda: Group.objects.get_or_create(name=name)[0]
)
# Make sure the group has full permission to every model
# We limit permission on individual instances
new_permissions = set(Permission.objects.all()) - set(group.permissions.all())
group.permissions.add(*new_permissions)
# Track the superiors in our special class
try:
superior_groups = map(lambda superior: Group.objects.get(name=superior), superiors or [])
except:
raise Exception(
"Expected groups %s to exist but only these exist: %s" % (superiors, Group.objects.values_list("name"))
)
group_hierarchy, created, updated = GroupHierarchy.objects.update_or_create(
group=group, defaults=dict(config_entity=config_entity)
)
if not created:
group_hierarchy.superiors.clear()
for superior_group in superior_groups:
group_hierarchy.superiors.add(superior_group)
return group
def update_or_create_group(name, config_entity=None, superiors=None):
"""
Create a group and GroupHierarchy instance. Group is the Django Group model, whereas
GroupHierarchy is a Footprint model that associates a Group to superior Groups and to
a ConfigEntity
:param name: Required name of the group
:param config_entity: Optional. Required for config_entity scoped groups. Always null
for the default groups (e.g. Admin, Directory)
:param superiors: Optional superiors to the group. All groups should have superiors except
for the Admin group
:return:
"""
group = get_single_value_or_create(
Group.objects.filter(name=name),
lambda: Group.objects.get_or_create(name=name)[0])
# Make sure the group has full permission to every model
# We limit permission on individual instances
new_permissions = set(Permission.objects.all()) - set(
group.permissions.all())
group.permissions.add(*new_permissions)
# Track the superiors in our special class
try:
superior_groups = map(
lambda superior: Group.objects.get(name=superior), superiors or [])
except:
raise Exception("Expected groups %s to exist but only these exist: %s" %\
(superiors, Group.objects.values_list('name')))
group_hierarchy, created, updated = GroupHierarchy.objects.update_or_create(
group=group, defaults=dict(config_entity=config_entity))
if not created:
group_hierarchy.superiors.clear()
for superior_group in superior_groups:
group_hierarchy.superiors.add(superior_group)
return group
def update_or_create_user(
username=None,
password=None,
email=None,
api_key=None,
groups=None,
is_super_user=False,
first_name=None,
last_name=None,
):
"""
Update/Create the user matching the username
:param username: the User.username
:param password: the password
:param email: the user email
:param api_key: the optional api_key, it will be generated otherwise
:param groups: The names of the groups that this user belongs to
:param is_super_user: Default false, True to make a superuser
:param first_name: the user first name
:param last_name: the user last name
:return:
"""
from footprint.main.publishing.user_publishing import on_user_post_save
logger.info("Updating or creating user %s" % username)
user_manager = get_user_model().objects
user = get_single_value_or_create(
user_manager.filter(username=username),
lambda: user_manager.create_user(username, email, password)
if not is_super_user
else user_manager.create_superuser(username, email, password),
)
# Update these in case the configuration was updated
user.email = UserManager.normalize_email(email)
if password:
user.set_password(password)
if first_name:
user.first_name = first_name
if last_name:
user.last_name = last_name
if is_super_user:
user.is_superuser = True
user.save()
# Add the user to the groups.
# Sometimes the users will reference Groups of sibling scenarios that
# haven't been created yet. In this case just create a name-only
# instance of the group.
if groups:
user.groups.clear()
for group in groups:
user.groups.add(Group.objects.get_or_create(name=group)[0])
logger.info("Assigned user %s to groups %s", user.email, ", ".join(groups))
# Make sure the user has permission to update every class
# We limit permissions on individual instances
new_permissions = set(Permission.objects.all()) - set(user.user_permissions.all())
user.user_permissions.add(*new_permissions)
api_key_instance = ApiKey.objects.get_or_create(user=user)[0]
if api_key and api_key_instance.key != api_key:
api_key_instance.key = api_key
api_key_instance.save()
# Invoke post-save publishing outside of footprint_init. footprint_init has a ConfigEntity-
# centric way of publishing that this would clash with
if not settings.FOOTPRINT_INIT:
on_user_post_save(sender=get_user_model(), instance=user)
return {"user": user, "api_key": api_key_instance}
def update_or_create_user(username=None,
password=None,
email=None,
api_key=None,
groups=None,
is_super_user=False,
first_name=None,
last_name=None):
"""
Update/Create the user matching the username
:param username: the User.username
:param password: the password
:param email: the user email
:param api_key: the optional api_key, it will be generated otherwise
:param groups: The names of the groups that this user belongs to
:param is_super_user: Default false, True to make a superuser
:param first_name: the user first name
:param last_name: the user last name
:return:
"""
from footprint.main.publishing.user_publishing import on_user_post_save
logger.info("Updating or creating user %s" % username)
user_manager = get_user_model().objects
user = get_single_value_or_create(
user_manager.filter(username=username),
lambda: user_manager.create_user(username, email, password) if \
not is_super_user else \
user_manager.create_superuser(username, email, password))
# Update these in case the configuration was updated
user.email = UserManager.normalize_email(email)
if password:
user.set_password(password)
if first_name:
user.first_name = first_name
if last_name:
user.last_name = last_name
if is_super_user:
user.is_superuser = True
user.save()
# Add the user to the groups.
# Sometimes the users will reference Groups of sibling scenarios that
# haven't been created yet. In this case just create a name-only
# instance of the group.
if groups:
user.groups.clear()
for group in groups:
user.groups.add(Group.objects.get_or_create(name=group)[0])
logger.info("Assigned user %s to groups %s", user.email,
', '.join(groups))
# Make sure the user has permission to update every class
# We limit permissions on individual instances
new_permissions = set(Permission.objects.all()) - set(
user.user_permissions.all())
user.user_permissions.add(*new_permissions)
api_key_instance = ApiKey.objects.get_or_create(user=user)[0]
if api_key and api_key_instance.key != api_key:
api_key_instance.key = api_key
api_key_instance.save()
# Invoke post-save publishing outside of footprint_init. footprint_init has a ConfigEntity-
# centric way of publishing that this would clash with
if not settings.FOOTPRINT_INIT:
on_user_post_save(sender=get_user_model(), instance=user)
return {'user': user, 'api_key': api_key_instance}
