def get_individual_user_info(handler, name, service_account):
# type: (GraphHandler, str, Optional[bool]) -> Dict[str, Any]
"""This is a helper function to retrieve all information about a user.
Args:
handler: the GraphHandler for this request
name: the name of the user whose data is being retrieved
service_account: a boolean indicating if this request is for a service account or not. This
can be None if you want to support users and service accounts (deprecated)
Returns:
A dictionary containing all of the user's data
Raises:
NoSuchUser: When no user with the given name exists, or has the the wrong serviceaccount
type
"""
with handler.graph.lock:
if name not in handler.graph.user_metadata:
raise NoSuchUser
md = handler.graph.user_metadata[name]
if service_account is not None:
is_service_account = md["role_user"] or "service_account" in md
if service_account != is_service_account:
raise NoSuchUser
details = handler.graph.get_user_details(name, expose_aliases=False)
out = {"user": {"name": name}}
# Updates the output with the user's metadata
try_update(out["user"], md)
# Updates the output with the user's details (such as permissions)
try_update(out, details)
return out
def get_individual_user_info(handler, name, cutoff, service_account):
# type: (GraphHandler, str, int, Optional[bool]) -> Dict[str, Any]
"""This is a helper function to retrieve all information about a user.
Args:
handler: the GraphHandler for this request
name: the name of the user whose data is being retrieved
cutoff: the maximum distance of groups to use for permission checking
service_account: a boolean indicating if this request is for a service account or not. This
can be None if you want to support users and service accounts (deprecated)
Returns:
A dictionary containing all of the user's data
Raises:
NoSuchUser: When no user with the given name exists, or has the the wrong serviceaccount
type
"""
with handler.graph.lock:
if name not in handler.graph.user_metadata:
raise NoSuchUser
md = handler.graph.user_metadata[name]
if service_account is not None:
is_service_account = md["role_user"] or "service_account" in md
if service_account != is_service_account:
raise NoSuchUser
details = handler.graph.get_user_details(name, cutoff)
out = {"user": {"name": name}}
# Updates the output with the user's metadata
try_update(out["user"], md)
# Updates the output with the user's details (such as permissions)
try_update(out, details)
return out
def get(self, name=None):
cutoff = int(self.get_argument("cutoff", 100))
include_role_users = self.get_argument("include_role_users",
"no") == "yes"
with self.graph.lock:
if not name:
return self.success({
"users":
sorted([
k for k, v in self.graph.user_metadata.iteritems()
if include_role_users or (not v["role_user"])
]),
})
if name in self.graph.user_metadata:
md = self.graph.user_metadata[name]
details = self.graph.get_user_details(name, cutoff)
else:
return self.notfound("User (%s) not found." % name)
for key in md["public_keys"]:
db_key = PublicKey.get(self.session, id=key["id"])
perms = get_public_key_permissions(self.session, db_key)
# Convert to set to remove duplicates, then back to list for json-serializability
key["permissions"] = list(
set([(perm.name, perm.argument) for perm in perms]))
out = {"user": {"name": name}}
try_update(out["user"], md)
try_update(out, details)
return self.success(out)
def get_individual_user_info(handler, name, cutoff, service_account):
# type: (GraphHandler, str, int, Optional[bool]) -> None
"""This is a helper function to consolidate duplicate code from the service account and user
endpoints into one location.
Args:
handler: the GraphHandler for this request
name: the name we're looking up for this request
cutoff: the maximum distance of groups to use for permission checking
service_account: a boolean indicating if this request is for a service account or not. This
can be None if you want to support users and service accounts (deprecated)
Returns:
None
"""
acc = "Service Account" if service_account else "User"
with handler.graph.lock:
if name not in handler.graph.user_metadata:
return handler.notfound("{} ({}) not found.".format(acc, name))
md = handler.graph.user_metadata[name]
if service_account is not None and md["role_user"] != service_account:
return handler.notfound("{} ({}) not found.".format(acc, name))
details = handler.graph.get_user_details(name, cutoff)
out = {"user": {"name": name}}
# Updates the output with the user's metadata
try_update(out["user"], md)
# Updates the output with the user's details (such as permissions)
try_update(out, details)
return handler.success(out)
def get(self, name=None):
cutoff = int(self.get_argument("cutoff", 100))
include_role_users = self.get_argument("include_role_users", "no") == "yes"
with self.graph.lock:
if not name:
return self.success({
"users": sorted([k
for k, v in self.graph.user_metadata.iteritems()
if include_role_users or (not v["role_user"])]),
})
if name in self.graph.user_metadata:
md = self.graph.user_metadata[name]
details = self.graph.get_user_details(name, cutoff)
else:
return self.notfound("User (%s) not found." % name)
for key in md["public_keys"]:
db_key = PublicKey.get(self.session, id=key["id"])
perms = get_public_key_permissions(self.session, db_key)
# Convert to set to remove duplicates, then back to list for json-serializability
key["permissions"] = list(set([(perm.name, perm.argument) for perm in perms]))
out = {"user": {"name": name}}
try_update(out["user"], md)
try_update(out, details)
return self.success(out)
def get_individual_user_info(handler, name, cutoff, service_account):
# type: (GraphHandler, str, int, Optional[bool]) -> None
"""This is a helper function to consolidate duplicate code from the service account and user
endpoints into one location.
Args:
handler: the GraphHandler for this request
name: the name we're looking up for this request
cutoff: the maximum distance of groups to use for permission checking
service_account: a boolean indicating if this request is for a service account or not. This
can be None if you want to support users and service accounts (deprecated)
Returns:
None
"""
acc = "Service Account" if service_account else "User"
with handler.graph.lock:
if name not in handler.graph.user_metadata:
return handler.notfound("{} ({}) not found.".format(acc, name))
md = handler.graph.user_metadata[name]
if service_account is not None and md["role_user"] != service_account:
return handler.notfound("{} ({}) not found.".format(acc, name))
details = handler.graph.get_user_details(name, cutoff)
out = {"user": {"name": name}}
# Updates the output with the user's metadata
try_update(out["user"], md)
# Updates the output with the user's details (such as permissions)
try_update(out, details)
return handler.success(out)
def get(self, name=None):
if not name:
usecase = self.usecase_factory.create_list_permissions_usecase(self)
usecase.simple_list_permissions()
return
with self.graph.lock:
if name not in self.graph.permissions:
return self.notfound("Permission (%s) not found." % name)
details = self.graph.get_permission_details(name, expose_aliases=False)
out = {"permission": {"name": name}}
try_update(out, details)
self.success(out)
def get(self, name=None):
with self.graph.lock:
if not name:
return self.success({
"permissions":
[permission for permission in self.graph.permissions],
})
if name not in self.graph.permissions:
return self.notfound("Permission (%s) not found." % name)
details = self.graph.get_permission_details(name)
out = {"permission": {"name": name}}
try_update(out, details)
return self.success(out)
def get(self, name=None):
cutoff = int(self.get_argument("cutoff", 100))
with self.graph.lock:
if not name:
return self.success({"groups": [group for group in self.graph.groups]})
if name not in self.graph.groups:
return self.notfound("Group (%s) not found." % name)
details = self.graph.get_group_details(name, cutoff, expose_aliases=False)
out = {"group": {"name": name}}
try_update(out["group"], self.graph.group_metadata.get(name, {}))
try_update(out, details)
return self.success(out)
def get(self, *args, **kwargs):
# type: (*Any, **Any) -> None
name = kwargs.get("name") # type: Optional[str]
if not name:
usecase = self.usecase_factory.create_list_permissions_usecase(self)
usecase.simple_list_permissions()
return
with self.graph.lock:
if name not in self.graph.permissions:
return self.notfound("Permission (%s) not found." % name)
details = self.graph.get_permission_details(name, expose_aliases=False)
out = {"permission": {"name": name}}
try_update(out, details)
self.success(out)
def get(self, *args, **kwargs):
# type: (*Any, **Any) -> None
name = kwargs.get("name") # type: Optional[str]
if not name:
usecase = self.usecase_factory.create_list_permissions_usecase(self)
usecase.simple_list_permissions()
return
with self.graph.lock:
if name not in self.graph.permissions:
return self.notfound("Permission (%s) not found." % name)
details = self.graph.get_permission_details(name, expose_aliases=False)
out = {"permission": {"name": name}}
try_update(out, details)
self.success(out)
def get(self, name=None):
with self.graph.lock:
if not name:
return self.success({
"permissions": [
permission
for permission in self.graph.permissions
],
})
if name not in self.graph.permissions:
return self.notfound("Permission (%s) not found." % name)
details = self.graph.get_permission_details(name, expose_aliases=False)
out = {"permission": {"name": name}}
try_update(out, details)
return self.success(out)
def get(self, name=None):
cutoff = int(self.get_argument("cutoff", 100))
include_role_users = self.get_argument("include_role_users", "no") == "yes"
with self.graph.lock:
if not name:
return self.success({
"users": sorted([k
for k, v in self.graph.user_metadata.iteritems()
if include_role_users or (not v["role_user"])]),
})
if name in self.graph.user_metadata:
md = self.graph.user_metadata[name]
details = self.graph.get_user_details(name, cutoff)
else:
return self.notfound("User (%s) not found." % name)
out = {"user": {"name": name}}
try_update(out["user"], md)
try_update(out, details)
return self.success(out)
def get(self, name=None):
cutoff = int(self.get_argument("cutoff", 100))
with self.graph.lock:
if not name:
return self.success({
"groups": [
group
for group in self.graph.groups
],
})
if name not in self.graph.groups:
return self.notfound("Group (%s) not found." % name)
details = self.graph.get_group_details(name, cutoff)
out = {"group": {"name": name}}
try_update(out["group"], self.graph.group_metadata.get(name, {}))
try_update(out, details)
return self.success(out)