def sg_add_edge(u_id, v_id): u = structure_repo.get_by_id(StructureId(u_id)) v = structure_repo.get_by_id(StructureId(v_id)) check_permission(u, "P3") u.add_child(v) db.session.commit() cache.evict("structures")
def update_roles(structure_id: str, data: dict[str, JSON]): structure = structure_repo.get_by_id(StructureId(structure_id)) check_can_edit_roles(structure) for role_name in data: role = getattr(Role, role_name) users = role_service.get_users_with_given_role(role, structure) for user in users: role_service.ungrant_role(user, role, structure) values = data[role_name] if isinstance(values, dict): values = [values] if not values: continue for user_id in glom(values, ["id"]): user = profile_repo.get_by_id(ProfileId(user_id)) role_service.grant_role(user, role, structure) # Cf. https://trello.com/c/bGR53cB9/33 signataire_dto = cast(Dict[str, str], data.get(Role.SIGNATAIRE.name, {})) if signataire_dto: signataire_id: str = signataire_dto["id"] signataire = profile_repo.get_by_id(ProfileId(signataire_id)) role_service.grant_role(signataire, Role.RESPONSABLE, structure) db.session.commit() cache.evict("users") cache.evict("structures")
def get_roles(structure_id: str) -> list[dict[str, Any]]: structure = structure_repo.get_by_id(StructureId(structure_id)) assert structure role_to_users = role_service.get_users_with_role_on(structure) if structure.type in {DE, EQ}: roles = [ Role.RESPONSABLE, ] else: roles = [ Role.SIGNATAIRE, Role.RESPONSABLE, Role.ADMIN_LOCAL, Role.GESTIONNAIRE, Role.PORTEUR, ] result: list[dict[str, Any]] = [] for role in roles: role_dto = { "key": role.name, "label": role.value, "users": convert_users_to_dto(role_to_users[role]), } result += [role_dto] return result
def sg_update_structure(id: str, model: dict[str, JSON]): structure = structure_repo.get_by_id(StructureId(id)) check_structure_editable(structure) for k, v in model.items(): setattr(structure, k, v) db.session.commit() cache.evict("structures")
def sg_delete_structure(id: str): structure = structure_repo.get_by_id(StructureId(id)) if not structure: raise NotFound() check_permission(structure, "P3") structure.delete() db.session.commit() cache.evict("structures")
def sg_get_structure(structure_id) -> JSON: structure = structure_repo.get_by_id(StructureId(structure_id)) if not structure: raise NotFound() ou_dto = FullStructureSchema().dump(structure).data ou_dto["parents"] = convert_structures_to_dto(list(structure.parents)) ou_dto["children"] = convert_structures_to_dto( sort_by_name(structure.children)) ou_dto["ancestors"] = convert_structures_to_dto(structure.ancestors) return ou_dto
def delete_role(structure_id: str, profile_id: str, role_id: str): structure = structure_repo.get_by_id(StructureId(structure_id)) check_can_edit_roles(structure) profile = profile_repo.get_by_id(ProfileId(profile_id)) role = Role[role_id] role_service.ungrant_role(profile, role, structure) db.session.commit() cache.evict("users") cache.evict("structures")
def add_roles(structure_id: str, profile_ids: list[str], role_id: str): structure = structure_repo.get_by_id(StructureId(structure_id)) check_can_edit_roles(structure) for profile_id in profile_ids: profile = profile_repo.get_by_id(ProfileId(profile_id)) role = Role[role_id] role_service.grant_role(profile, role, structure) db.session.commit() cache.evict("users") cache.evict("structures")
def sg_create_child_structure(id: str, model: dict[str, str]): parent_structure = structure_repo.get_by_id(StructureId(id)) if not parent_structure: raise NotFound() check_permission(parent_structure, "P3") new_structure = Structure() new_structure.nom = model["nom"] type_structure = get_type_structure_by_id(model["type_id"]) new_structure.type_name = type_structure.name parent_structure.add_child(new_structure) structure_repo.put(new_structure) db.session.commit() cache.evict("structures")
def get_role_selectors(structure_id: str) -> JSON: structure = structure_repo.get_by_id(StructureId(structure_id)) assert structure permissions = get_permissions_for_structure(structure) if "P5" not in permissions: return [] is_admin_central = _is_admin_central() is_admin_local = _is_admin_local(structure) is_admin_facultaire = _is_admin_facultaire(structure) if not (is_admin_central or is_admin_local): return [] if structure.type in (DE, EQ): roles = [Role.RESPONSABLE] elif is_admin_central or is_admin_facultaire: roles = [ Role.SIGNATAIRE, Role.RESPONSABLE, Role.ADMIN_LOCAL, Role.GESTIONNAIRE, Role.PORTEUR, ] else: roles = [ Role.RESPONSABLE, Role.ADMIN_LOCAL, Role.GESTIONNAIRE, Role.PORTEUR, ] membres = get_membres(structure) role_to_users = role_service.get_users_with_role_on(structure) result: list[dict[str, Any]] = [] for role in roles: users_with_role = role_to_users[role] multiple = role != Role.SIGNATAIRE value: JSON if multiple: value = [{"id": u.id, "label": u.name} for u in users_with_role] else: if users_with_role: u = list(users_with_role)[0] value = {"id": u.id, "label": u.name} else: value = None if role != Role.GESTIONNAIRE or not is_admin_central: options = [{"id": m.id, "label": m.name} for m in membres] else: all_users = (db.session.query(Profile).filter_by( active=True).order_by(Profile.nom, Profile.prenom).all()) options = [{"id": m.id, "label": m.name} for m in all_users] selector_dto = { "key": role.name, "label": role.value, "value": value, "options": options, "multiple": multiple, } result += [selector_dto] return result