def create_role_user(session, actor, name, description, canjoin): # type (Session, User, str, str, str) -> None """DEPRECATED: Do not use in production code Creates a service account with the given name, description, and canjoin status Args: session: the database session actor: the user creating the service account name: the name of the service account description: description of the service account canjoin: the canjoin status for management of the service account Throws: IntegrityError: if a user or group with the given name already exists """ user = User(username=name, role_user=True) group = Group(groupname=name, description=description, canjoin=canjoin) user.add(session) group.add(session) group.add_member(actor, actor, "Group Creator", "actioned", None, "np-owner") group.add_member(actor, user, "Service Account", "actioned", None, "member") session.commit() AuditLog.log( session, actor.id, "create_role_user", "Created new service account.", on_group_id=group.id, on_user_id=user.id, )
def mutate_group_command(session: Session, group: Group, args: Namespace) -> None: for username in args.username: user = User.get(session, name=username) if not user: logging.error("no such user '{}'".format(username)) return if args.subcommand == "add_member": if args.member: role = "member" elif args.owner: role = "owner" elif args.np_owner: role = "np-owner" elif args.manager: role = "manager" assert role logging.info("Adding {} as {} to group {}".format( username, role, args.groupname)) group.add_member(user, user, "grouper-ctl join", status="actioned", role=role) AuditLog.log( session, user.id, "join_group", "{} manually joined via grouper-ctl".format(username), on_group_id=group.id, ) session.commit() elif args.subcommand == "remove_member": logging.info("Removing {} from group {}".format( username, args.groupname)) try: group.revoke_member(user, user, "grouper-ctl remove") AuditLog.log( session, user.id, "leave_group", "{} manually left via grouper-ctl".format(username), on_group_id=group.id, ) session.commit() except PluginRejectedGroupMembershipUpdate as e: logging.error("%s", e)
def post(self, *args: Any, **kwargs: Any) -> None: form = GroupCreateForm(self.request.arguments) if not form.validate(): return self.render( "group-create.html", form=form, alerts=self.get_form_alerts(form.errors) ) if "@" in form.data["groupname"]: form.groupname.errors.append("Group names cannot contain @") return self.render( "group-create.html", form=form, alerts=self.get_form_alerts(form.errors) ) group = Group( groupname=form.data["groupname"], description=form.data["description"], canjoin=form.data["canjoin"], auto_expire=form.data["auto_expire"], require_clickthru_tojoin=form.data["require_clickthru_tojoin"], ) try: group.add(self.session) self.session.flush() except IntegrityError: self.session.rollback() form.groupname.errors.append("{} already exists".format(form.data["groupname"])) return self.render( "group-create.html", form=form, alerts=self.get_form_alerts(form.errors) ) group.add_member( self.current_user, self.current_user, "Group Creator", "actioned", None, form.data["creatorrole"], ) self.session.commit() AuditLog.log( self.session, self.current_user.id, "create_group", "Created new group.", on_group_id=group.id, ) return self.redirect("/groups/{}?refresh=yes".format(group.name))
def post(self, *args, **kwargs): # type: (*Any, **Any) -> None form = GroupCreateForm(self.request.arguments) if not form.validate(): return self.render( "group-create.html", form=form, alerts=self.get_form_alerts(form.errors) ) group = Group( groupname=form.data["groupname"], description=form.data["description"], canjoin=form.data["canjoin"], auto_expire=form.data["auto_expire"], require_clickthru_tojoin=form.data["require_clickthru_tojoin"], ) try: group.add(self.session) self.session.flush() except IntegrityError: self.session.rollback() form.groupname.errors.append("{} already exists".format(form.data["groupname"])) return self.render( "group-create.html", form=form, alerts=self.get_form_alerts(form.errors) ) group.add_member( self.current_user, self.current_user, "Group Creator", "actioned", None, form.data["creatorrole"], ) self.session.commit() AuditLog.log( self.session, self.current_user.id, "create_group", "Created new group.", on_group_id=group.id, ) return self.redirect("/groups/{}?refresh=yes".format(group.name))
def post(self): form = GroupCreateForm(self.request.arguments) if not form.validate(): return self.render( "group-create.html", form=form, alerts=self.get_form_alerts(form.errors) ) user = self.get_current_user() group = Group( groupname=form.data["groupname"], description=form.data["description"], canjoin=form.data["canjoin"], auto_expire=form.data["auto_expire"], ) try: group.add(self.session) self.session.flush() except IntegrityError: self.session.rollback() form.groupname.errors.append( "{} already exists".format(form.data["groupname"]) ) return self.render( "group-create.html", form=form, alerts=self.get_form_alerts(form.errors) ) group.add_member(user, user, "Group Creator", "actioned", None, form.data["creatorrole"]) self.session.commit() AuditLog.log(self.session, self.current_user.id, 'create_group', 'Created new group.', on_group_id=group.id) return self.redirect("/groups/{}?refresh=yes".format(group.name))