def handle_delete(self, request, user, *args, **kwargs):
"""Treat DELETE requests to dissociate User and Group.
URL: usergroup/user/<id_user>/ugroup/<id_group>/dissociate/
"""
try:
self.log.info('Dissociate User and Group.')
# User permission
if not has_perm(user, AdminPermission.USER_ADMINISTRATION,
AdminPermission.WRITE_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
raise UserNotAuthorizedError(None)
id_user = kwargs.get('id_user')
id_group = kwargs.get('id_group')
# Valid ID User
if not is_valid_int_greater_zero_param(id_user):
self.log.error(
u'The id_user parameter is not a valid value: %s.',
id_user)
raise InvalidValueError(None, 'id_user', id_user)
# Valid ID Group
if not is_valid_int_greater_zero_param(id_group):
self.log.error(
u'The id_group parameter is not a valid value: %s.',
id_group)
raise InvalidValueError(None, 'id_group', id_group)
# Find User by ID to check if it exist
Usuario.get_by_pk(id_user)
# Find Group by ID to check if it exist
UGrupo.get_by_pk(id_group)
# Find UserGroup by ID to check if it exist
user_group = UsuarioGrupo.get_by_user_group(id_user, id_group)
with distributedlock(LOCK_USER_GROUP % (id_user, id_group)):
try:
# remove UserGroup
user_group.delete()
except Exception, e:
self.log.error(u'Failed to remove the UserGroup.')
raise GrupoError(e, u'Failed to remove the UserGroup.')
return self.response(dumps_networkapi({}))
except InvalidValueError, e:
return self.response_error(269, e.param, e.value)
def handle_delete(self, request, user, *args, **kwargs):
"""Treat requests DELETE to remove user.
URL: user/<id_user>/
"""
try:
self.log.info('Remove User')
# User permission
if not has_perm(user, AdminPermission.USER_ADMINISTRATION,
AdminPermission.WRITE_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
raise UserNotAuthorizedError(None)
id_user = kwargs.get('id_user')
# Valid ID User
if not is_valid_int_greater_zero_param(id_user):
self.log.error(
u'The id_user parameter is not a valid value: %s.',
id_user)
raise InvalidValueError(None, 'id_user', id_user)
# Find Permission by ID to check if it exist
usr = Usuario.get_by_pk(id_user)
with distributedlock(LOCK_USER % id_user):
try:
if usr.eventlog_set.count() != 0:
raise UsuarioHasEventOrGrupoError(
None, u'Existe event_log associado ao usuario %s' %
user.id)
if usr.usuariogrupo_set.count() != 0:
raise UsuarioHasEventOrGrupoError(
None,
u'Existe grupo associado ao usuario %s' % user.id)
# remove User
usr.delete()
except UsuarioHasEventOrGrupoError, e:
raise e
except Exception, e:
self.log.error(u'Failed to remove the user.')
raise GrupoError(e, u'Failed to remove the user.')
def handle_delete(self, request, user, *args, **kwargs):
"""Treat requests DELETE to remove Group l3.
URL: groupl3/<id_groupl3>/
"""
try:
self.log.info('Remove Group l3')
# User permission
if not has_perm(user, AdminPermission.ENVIRONMENT_MANAGEMENT,
AdminPermission.WRITE_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
raise UserNotAuthorizedError(None)
id_groupl3 = kwargs.get('id_groupl3')
# Valid ID Group L3
if not is_valid_int_greater_zero_param(id_groupl3):
self.log.error(
u'The id_groupl3 parameter is not a valid value: %s.',
id_groupl3)
raise InvalidValueError(None, 'id_groupl3', id_groupl3)
# Find GroupL3 by ID to check if it exist
groupl3 = GrupoL3.get_by_pk(id_groupl3)
with distributedlock(LOCK_GROUP_L3 % id_groupl3):
try:
if groupl3.ambiente_set.count() > 0:
raise GrupoL3UsedByEnvironmentError(
None, u'O GrupoL3 %s tem ambiente associado.' %
groupl3.id)
# remove Group l3
groupl3.delete()
except GrupoL3UsedByEnvironmentError, e:
raise e
except Exception, e:
self.log.error(u'Failed to remove the Group l3.')
raise GrupoError(e, u'Failed to remove the Group l3.')
def handle_delete(self, request, user, *args, **kwargs):
"""Treat requests DELETE to remove Administrative Permission.
URL: perms/<id_perm>/
"""
try:
self.log.info("Remove Administrative Permission")
# User permission
if not has_perm(user, AdminPermission.USER_ADMINISTRATION,
AdminPermission.WRITE_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
raise UserNotAuthorizedError(None)
id_perm = kwargs.get('id_perm')
# Valid ID Administrative Permission
if not is_valid_int_greater_zero_param(id_perm):
self.log.error(
u'The id_perm parameter is not a valid value: %s.',
id_perm)
raise InvalidValueError(None, 'id_perm', id_perm)
# Find Permission by ID to check if it exist
adm_perm = PermissaoAdministrativa.get_by_pk(id_perm)
with distributedlock(LOCK_PERM % id_perm):
try:
# Remove Administrative Permission
adm_perm.delete()
except Exception, e:
self.log.error(u'Failed to remove the permission.')
raise GrupoError(e, u'Failed to remove the permission.')
return self.response(dumps_networkapi({}))
except InvalidValueError, e:
return self.response_error(269, e.param, e.value)
def handle_post(self, request, user, *args, **kwargs):
"""Treat requests POST to add Administrative Permission.
URL: aperms/
"""
try:
self.log.info('Add Administrative Permission')
# User permission
if not has_perm(user, AdminPermission.USER_ADMINISTRATION, AdminPermission.WRITE_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
raise UserNotAuthorizedError(None)
# Load XML data
xml_map, attrs_map = loads(request.raw_post_data)
# XML data format
networkapi_map = xml_map.get('networkapi')
if networkapi_map is None:
return self.response_error(3, u'There is no value to the networkapi tag of XML request.')
perm_map = networkapi_map.get('administrative_permission')
if perm_map is None:
return self.response_error(3, u'There is no value to the administrative_permission tag of XML request.')
# Get XML data
id_permission = perm_map.get('id_permission')
id_group = perm_map.get('id_group')
read = perm_map.get('read')
write = perm_map.get('write')
# Valid ID Permission
if not is_valid_int_greater_zero_param(id_permission):
self.log.error(
u'The id_permission parameter is not a valid value: %s.', id_permission)
raise InvalidValueError(None, 'id_permission', id_permission)
# Valid ID Group
if not is_valid_int_greater_zero_param(id_group):
self.log.error(
u'The id_group parameter is not a valid value: %s.', id_group)
raise InvalidValueError(None, 'id_group', id_group)
# Valid Read
if not is_valid_boolean_param(read):
self.log.error(
u'The read parameter is not a valid value: %s.', read)
raise InvalidValueError(None, 'read', read)
# Valid Read
if not is_valid_boolean_param(write):
self.log.error(
u'The write parameter is not a valid value: %s.', write)
raise InvalidValueError(None, 'write', write)
# Find Permission by ID to check if it exist
permission = Permission.get_by_pk(id_permission)
# Find UGroup by ID to check if it exist
ugroup = UGrupo.get_by_pk(id_group)
try:
PermissaoAdministrativa.get_permission_by_permission_ugroup(
id_permission, id_group)
raise PermissaoAdministrativaDuplicatedError(
None, permission.function)
except PermissaoAdministrativaNotFoundError:
pass
adm_perm = PermissaoAdministrativa()
# set variables
adm_perm.permission = permission
adm_perm.ugrupo = ugroup
adm_perm.leitura = convert_string_or_int_to_boolean(read)
adm_perm.escrita = convert_string_or_int_to_boolean(write)
try:
# save Administrative Permission
adm_perm.save()
except Exception, e:
self.log.error(
u'Failed to save the administrative permission.')
raise GrupoError(
e, u'Failed to save the administrative permission.')
perm_map = dict()
perm_map['perm'] = model_to_dict(
adm_perm, exclude=['permission', 'leitura', 'escrita', 'ugrupo'])
return self.response(dumps_networkapi(perm_map))
def handle_post(self, request, user, *args, **kwargs):
"""Treat POST request to add new user group.
URL: ugroup/
"""
try:
if not has_perm(user, AdminPermission.USER_ADMINISTRATION, AdminPermission.WRITE_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
raise UserNotAuthorizedError(None)
xml_map, attrs_map = loads(request.raw_post_data)
self.log.debug('XML_MAP: %s', xml_map)
networkapi_map = xml_map.get('networkapi')
if networkapi_map is None:
return self.response_error(3, u'There is no networkapi tag in request XML.')
ugroup_map = networkapi_map.get('user_group')
if ugroup_map is None:
return self.response_error(3, u'There is no user_group tag in request XML.')
# Valid name
name = ugroup_map.get('nome')
if not is_valid_string_minsize(name, 3) or not is_valid_string_maxsize(name, 100) or not is_valid_text(name):
self.log.error(u'Parameter name is invalid. Value: %s', name)
raise InvalidValueError(None, 'name', name)
read = ugroup_map.get('leitura')
if not is_valid_yes_no_choice(read):
self.log.error(u'Parameter read is invalid. Value: %s', read)
raise InvalidValueError(None, 'read', read)
write = ugroup_map.get('escrita')
if not is_valid_yes_no_choice(write):
self.log.error(u'Parameter write is invalid. Value: %s', write)
raise InvalidValueError(None, 'write', write)
edit = ugroup_map.get('edicao')
if not is_valid_yes_no_choice(edit):
self.log.error(u'Parameter edit is invalid. Value: %s', edit)
raise InvalidValueError(None, 'edit', edit)
remove = ugroup_map.get('exclusao')
if not is_valid_yes_no_choice(remove):
self.log.error(
u'Parameter remove is invalid. Value: %s', remove)
raise InvalidValueError(None, 'remove', remove)
ugroup = UGrupo()
ugroup.nome = name
ugroup.leitura = read
ugroup.escrita = write
ugroup.edicao = edit
ugroup.exclusao = remove
try:
UGrupo.objects.get(nome__iexact=ugroup.nome)
raise UGrupoNameDuplicatedError(
None, u'User group with name %s already exists' % name)
except UGrupo.DoesNotExist:
pass
try:
# save user group
ugroup.save()
adm_perm = PermissaoAdministrativa()
if ASSOCIATE_PERMISSION_AUTOMATICALLY:
# Automatically associate 'authenticate' permission for
# this group
adm_perm.permission = Permission.get_by_pk(
ID_AUTHENTICATE_PERMISSION)
adm_perm.ugrupo = ugroup
adm_perm.leitura = False
adm_perm.escrita = True
adm_perm.save()
except Exception, e:
self.log.error(u'Failed to save the GroupUser.')
raise GrupoError(e, u'Failed to save the GroupUser.')
return self.response(dumps_networkapi({'user_group': {'id': ugroup.id}}))
def handle_put(self, request, user, *args, **kwargs):
"""Treat PUT requests to edit Group User.
URL: ugroup/<id_ugroup>/
"""
try:
self.log.info('Edit Group User')
# User permission
if not has_perm(user, AdminPermission.USER_ADMINISTRATION,
AdminPermission.WRITE_OPERATION):
self.log.error(
u'User does not have permission to perform the operation.')
raise UserNotAuthorizedError(None)
id_ugroup = kwargs.get('id_ugroup')
# Load XML data
xml_map, attrs_map = loads(request.raw_post_data)
# XML data format
networkapi_map = xml_map.get('networkapi')
if networkapi_map is None:
return self.response_error(
3,
u'There is no value to the networkapi tag of XML request.')
ugroup_map = networkapi_map.get('user_group')
if ugroup_map is None:
return self.response_error(
3,
u'There is no value to the user_group tag of XML request.')
id_ugroup = kwargs.get('id_ugroup')
# Valid Group User ID
if not is_valid_int_greater_zero_param(id_ugroup):
self.log.error(
u'The id_ugroup parameter is not a valid value: %s.',
id_ugroup)
raise InvalidValueError(None, 'id_ugroup', id_ugroup)
# Find Group User by ID to check if it exist
ugroup = UGrupo.get_by_pk(id_ugroup)
# Valid name
name = ugroup_map.get('nome')
if not is_valid_string_minsize(
name, 3) or not is_valid_string_maxsize(
name, 100) or not is_valid_text(name):
self.log.error(u'Parameter name is invalid. Value: %s', name)
raise InvalidValueError(None, 'name', name)
ugroup_existent = UGrupo.objects.filter(nome__iexact=name).exclude(
id=id_ugroup)
if len(ugroup_existent) > 0:
raise UGrupoNameDuplicatedError(
None, u'User group with name %s already exists' % name)
# Valid read
read = ugroup_map.get('leitura')
if not is_valid_yes_no_choice(read):
self.log.error(u'Parameter read is invalid. Value: %s', read)
raise InvalidValueError(None, 'read', read)
# Valid write
write = ugroup_map.get('escrita')
if not is_valid_yes_no_choice(write):
self.log.error(u'Parameter write is invalid. Value: %s', write)
raise InvalidValueError(None, 'write', write)
# Valid edit
edit = ugroup_map.get('edicao')
if not is_valid_yes_no_choice(edit):
self.log.error(u'Parameter edit is invalid. Value: %s', edit)
raise InvalidValueError(None, 'edit', edit)
# Valid remove
remove = ugroup_map.get('exclusao')
if not is_valid_yes_no_choice(remove):
self.log.error(u'Parameter remove is invalid. Value: %s',
remove)
raise InvalidValueError(None, 'remove', remove)
ugroup.nome = name
ugroup.leitura = read
ugroup.escrita = write
ugroup.edicao = edit
ugroup.exclusao = remove
with distributedlock(LOCK_GROUP_USER % id_ugroup):
try:
# save user group
ugroup.save()
except Exception, e:
self.log.error(u'Failed to save the GroupUser.')
raise GrupoError(e, u'Failed to save the GroupUser.')
return self.response(
dumps_networkapi({'user_group': {
'id': ugroup.id
}}))
except InvalidValueError, e:
return self.response_error(269, e.param, e.value)