def upgrade(): context = get_context() session = Session(bind=op.get_bind()) # two following lines avoids double 'DELETE' erroneous call when deleting group due to incorrect checks # https://stackoverflow.com/questions/28824401 context.connection.engine.dialect.supports_sane_rowcount = False context.connection.engine.dialect.supports_sane_multi_rowcount = False if isinstance(context.connection.engine.dialect, PGDialect): # make sure group exists, then get it init_anonymous(db_session=session) anonym_group = GroupService.by_group_name( constants.get_constant("MAGPIE_ANONYMOUS_GROUP"), db_session=session) all_users = BaseService.all(models.User, db_session=session) all_user_group_refs = BaseService.all(models.UserGroup, db_session=session) all_user_group_tups = [(ugr.user_id, ugr.group_id) for ugr in all_user_group_refs] for user in all_users: if (user.id, anonym_group.id) not in all_user_group_tups: # noinspection PyArgumentList user_group = models.UserGroup(user_id=user.id, group_id=anonym_group.id) session.add(user_group) session.commit()
def _add_to_group(usr, grp): # type: (models.User, models.Group) -> None # noinspection PyArgumentList group_entry = models.UserGroup(group_id=grp.id, user_id=usr.id) ax.evaluate_call( lambda: db_session.add(group_entry), fallback=lambda: db_session.rollback(), httpError=HTTPForbidden, msgOnFail=s.UserGroup_GET_ForbiddenResponseSchema.description)
def register_user_with_group(user_name, group_name, email, password, db_session): # type: (Str, Str, Str, Str, Session) -> None """ Registers the user if missing and associate him to a group specified by name, also created if missing. :param user_name: name of the user to create (if missing) and to make part of the group (if specified) :param group_name: name of the group to create (if missing and specified) and to make the user join (if not already) :param email: email of the user to be created (if missing) :param password: password of the user to be created (if missing) :param db_session: database connexion to apply changes .. warning:: Should be employed only for **special** users/groups in this module as other expected API behaviour and operations will not be applied (ex: create additional permissions or user-group references). """ if not GroupService.by_group_name(group_name, db_session=db_session): # noinspection PyArgumentList new_group = models.Group(group_name=group_name) db_session.add(new_group) registered_group = GroupService.by_group_name(group_name=group_name, db_session=db_session) registered_user = UserService.by_user_name(user_name, db_session=db_session) if not registered_user: # noinspection PyArgumentList new_user = models.User(user_name=user_name, email=email) UserService.set_password(new_user, password) UserService.regenerate_security_code(new_user) db_session.add(new_user) if group_name is not None: registered_user = UserService.by_user_name(user_name, db_session=db_session) else: print_log("User '{}' already exist".format(user_name), level=logging.DEBUG) # noinspection PyBroadException try: # ensure the reference between user/group exists (user joined the group) user_group_refs = BaseService.all(models.UserGroup, db_session=db_session) user_group_refs_tup = [(ref.group_id, ref.user_id) for ref in user_group_refs] if (registered_group.id, registered_user.id) not in user_group_refs_tup: # noinspection PyArgumentList group_entry = models.UserGroup(group_id=registered_group.id, user_id=registered_user.id) db_session.add(group_entry) except Exception: # in case reference already exists, avoid duplicate error db_session.rollback()
def assign_user_group(user, group, db_session): # type: (models.User, models.Group, Session) -> None """ Creates a user-group relationship (user membership to a group). :returns: nothing - user-group is created. :raises HTTPError: corresponding error matching problem encountered. """ ax.verify_param(user.id, param_compare=[usr.id for usr in group.users], not_in=True, with_param=False, http_error=HTTPConflict, content={"user_name": user.user_name, "group_name": group.group_name}, msg_on_fail=s.UserGroups_POST_ConflictResponseSchema.description) ax.evaluate_call(lambda: db_session.add(models.UserGroup(group_id=group.id, user_id=user.id)), # noqa fallback=lambda: db_session.rollback(), http_error=HTTPForbidden, msg_on_fail=s.UserGroups_POST_RelationshipForbiddenResponseSchema.description, content={"user_name": user.user_name, "group_name": group.group_name})
def assign_user_group_view(request): """ Assign a user to a group. """ user = ar.get_user_matchdict_checked_or_logged(request) group_name = ar.get_value_multiformat_post_checked(request, "group_name") group = ax.evaluate_call( lambda: GroupService.by_group_name(group_name, db_session=request.db), fallback=lambda: request.db.rollback(), httpError=HTTPForbidden, msgOnFail=s.UserGroups_POST_ForbiddenResponseSchema.description) ax.verify_param( group, notNone=True, httpError=HTTPNotFound, msgOnFail=s.UserGroups_POST_GroupNotFoundResponseSchema.description) ax.verify_param( user.id, paramCompare=[usr.id for usr in group.users], notIn=True, httpError=HTTPConflict, content={ u"user_name": user.user_name, u"group_name": group.group_name }, msgOnFail=s.UserGroups_POST_ConflictResponseSchema.description) # noinspection PyArgumentList ax.evaluate_call( lambda: request.db.add( models.UserGroup(group_id=group.id, user_id=user.id)), fallback=lambda: request.db.rollback(), httpError=HTTPForbidden, msgOnFail=s.UserGroups_POST_RelationshipForbiddenResponseSchema. description, content={ u"user_name": user.user_name, u"group_name": group.group_name }) return ax.valid_http( httpSuccess=HTTPCreated, detail=s.UserGroups_POST_CreatedResponseSchema.description, content={ u"user_name": user.user_name, u"group_name": group.group_name })
def join_discoverable_group_view(request): """ Assigns membership of the logged user to a publicly discoverable group. """ group = ar.get_group_matchdict_checked(request) user = ar.get_logged_user(request) group = ru.get_discoverable_group_by_name(group.group_name, db_session=request.db) ax.verify_param(user.id, param_compare=[usr.id for usr in group.users], not_in=True, with_param=False, http_error=HTTPConflict, content={"user_name": user.user_name, "group_name": group.group_name}, msg_on_fail=s.RegisterGroup_POST_ConflictResponseSchema.description) ax.evaluate_call(lambda: request.db.add(models.UserGroup(group_id=group.id, user_id=user.id)), # noqa fallback=lambda: request.db.rollback(), http_error=HTTPForbidden, msg_on_fail=s.RegisterGroup_POST_ForbiddenResponseSchema.description, content={"user_name": user.user_name, "group_name": group.group_name}) return ax.valid_http(http_success=HTTPCreated, detail=s.RegisterGroup_POST_CreatedResponseSchema.description, content={"user_name": user.user_name, "group_name": group.group_name})
def downgrade_migrate(old_group, old_user, new_group, old_name, db_session): """ Migrates a standard group back to the original user and corresponding personal user-group. Reassigns the user references to link to the old personal group. """ if old_group is None: # create missing group # noinspection PyArgumentList old_group = models.Group(group_name=old_name) db_session.add(old_group) if old_group is not None and new_group is not None: # transfer user-group references all_usr_grp = db_session.query(models.UserGroup) for usr_grp in all_usr_grp: if usr_grp.group_id == new_group.id: # if user_id/group_id combination already exists, delete duplicate that would be generated by transfer match_old_grp = [ ug for ug in all_usr_grp if ug.group_id == old_group.id ] if len(match_old_grp) > 0: db_session.delete(usr_grp) # otherwise transfer back reference to old group else: usr_grp.group_id = old_group.id if new_group is not None: db_session.delete(new_group) if old_user is None: # noinspection PyArgumentList old_user = models.User(user_name=old_name, email='{}@mail.com'.format(old_name)) db_session.add(old_user) old_user = models.User.by_user_name(old_name, db_session) # noinspection PyArgumentList usr_grp = models.UserGroup(group_id=old_group.id, user_id=old_user.id) db_session.add(usr_grp)
def _add_to_group(usr, grp): # type: (models.User, models.Group) -> None group_entry = models.UserGroup(group_id=grp.id, user_id=usr.id) # noqa ax.evaluate_call(lambda: db_session.add(group_entry), fallback=lambda: db_session.rollback(), http_error=HTTPForbidden, msg_on_fail=s.UserGroup_GET_ForbiddenResponseSchema.description)
def upgrade(): context = get_context() session = Session(bind=op.get_bind()) # two following lines avoids double 'DELETE' erroneous call when deleting group due to incorrect checks # https://stackoverflow.com/questions/28824401 context.connection.engine.dialect.supports_sane_rowcount = False context.connection.engine.dialect.supports_sane_multi_rowcount = False if isinstance(context.connection.engine.dialect, PGDialect): all_groups = session.query(models.Group) all_user_group_refs = BaseService.all(models.UserGroup, db_session=session) map_groups = { OLD_GROUP_ADMIN: NEW_GROUP_ADMIN, OLD_GROUP_USERS: NEW_GROUP_USERS } for group in all_groups: if group.group_name in map_groups.keys(): new_group_name = map_groups[group.group_name] new_group = GroupService.by_group_name(new_group_name, db_session=session) # create new group if missing if not new_group: # noinspection PyArgumentList new_group = models.Group(group_name=new_group_name) session.add(new_group) new_group = GroupService.by_group_name(new_group_name, db_session=session) old_group_perms = GroupService.resources_with_possible_perms( group, db_session=session) new_group_perms = GroupService.resources_with_possible_perms( new_group, db_session=session) diff_group_perms = set(old_group_perms) - set(new_group_perms) for perm in diff_group_perms: perm.group = new_group session.add(perm) for perm in old_group_perms: session.delete(perm) old_group_users = [user.user_name for user in group.users] new_group_users = [user.user_name for user in new_group.users] diff_group_users = set(old_group_users) - set(new_group_users) for user_name in diff_group_users: user = UserService.by_user_name(user_name=user_name, db_session=session) # noinspection PyArgumentList user_group = models.UserGroup(group_id=new_group.id, user_id=user.id) session.add(user_group) session.delete(group) for user_group in all_user_group_refs: if user_group.group_id == group.id: session.delete(user_group) session.commit()