def delete_user_transaction(inbound_entry, user_in_db, key_pair):
"""Composes transactions for deleting a user. This includes deleting role_owner,
role_admin, and role_member relationships and user object.
"""
user_delete = DeleteUser()
next_id = user_in_db[0]["next_id"]
inbound_entry = add_sawtooth_prereqs(entry_id=next_id,
inbound_entry=inbound_entry,
data_type="user")
txn_list = []
# Compile role relationship transactions for removal from blockchain
txn_list = create_reject_ppsls_user_txns(key_pair, next_id, txn_list)
txn_list = create_delete_role_owner_txns(key_pair, next_id, txn_list)
txn_list = create_delete_role_admin_txns(key_pair, next_id, txn_list)
txn_list = create_delete_role_member_txns(key_pair, next_id, txn_list)
# Compile user delete transaction for removal from blockchain
message = user_delete.make(signer_keypair=key_pair, next_id=next_id)
payload = user_delete.make_payload(message=message,
signer_keypair=key_pair,
signer_user_id=key_pair.public_key)
transaction = batcher.make_transaction(payload=payload,
signer_keypair=key_pair)
txn_list.extend([transaction])
if txn_list:
batch = batcher.make_batch_from_txns(transactions=txn_list,
signer_keypair=key_pair)
inbound_entry["batch"] = batch.SerializeToString()
def delete_role_transaction(inbound_entry, role_in_db, key_pair):
"""Composes transactions for deleting a role. This includes rejecting any
pending proposals concerning the role, deleting role_owner, role_admin, and
role_member relationships, and the role object.
Args:
inbound_entry:
dict: transaction entry from the inbound queue containing one
user/group data that was fetched from the integrated provider
along with additional information like:
provider_id, timestamp, and sync_type.
role_in_db:
dict: an entry in the roles table in rethinkdb.
(see /docs/diagrams/out/rethink_db_schemas.svg for table schemas)
key_pair:
obj: public and private keys for user.
"""
next_id = role_in_db[0]["next_id"]
inbound_entry = add_sawtooth_prereqs(entry_id=next_id,
inbound_entry=inbound_entry,
data_type="role")
txn_list = []
# Compile role relationship transactions for removal from blockchain
txn_list = create_reject_ppsls_role_txns(key_pair, next_id, txn_list)
txn_list = create_delete_role_owner_txns(key_pair, next_id, txn_list)
txn_list = create_delete_role_admin_txns(key_pair, next_id, txn_list)
txn_list = create_delete_role_member_txns(key_pair, next_id, txn_list)
txn_list = create_delete_role_txns(key_pair, next_id, txn_list)
if txn_list:
batch = batcher.make_batch_from_txns(transactions=txn_list,
signer_keypair=key_pair)
inbound_entry["batch"] = batch.SerializeToString()
async def delete_user(request, next_id):
"""Delete a specific user by next_id."""
txn_list = []
txn_key, _ = await utils.get_transactor_key(request)
txn_list = await create_delete_role_owner_txns(txn_key, next_id, txn_list)
txn_list = await create_delete_role_admin_txns(txn_key, next_id, txn_list)
txn_list = create_delete_user_txns(txn_key, next_id, txn_list)
if txn_list:
batch = batcher.make_batch_from_txns(transactions=txn_list,
signer_keypair=txn_key)
batch_list = batcher.batch_to_list(batch=batch)
await utils.send(request.app.config.VAL_CONN, batch_list,
request.app.config.TIMEOUT)
await reject_users_proposals(next_id, request)
conn = await create_connection()
await roles_query.delete_role_member_by_next_id(conn, next_id)
conn.close()
return json({
"message": "User {} successfully deleted".format(next_id),
"deleted": 1
})
async def delete_user(request, next_id):
"""Delete a specific user by next_id."""
log_request(request)
env = Env()
if not env.int("ENABLE_NEXT_BASE_USE"):
raise ApiDisabled("Not a valid action. Source not enabled.")
txn_list = []
txn_key, _ = await get_transactor_key(request)
txn_list = await create_del_ownr_by_user_txns(txn_key, next_id, txn_list)
txn_list = await create_del_admin_by_user_txns(txn_key, next_id, txn_list)
txn_list = await create_del_mmbr_by_user_txns(txn_key, next_id, txn_list)
txn_list = create_delete_user_txns(txn_key, next_id, txn_list)
if txn_list:
batch = batcher.make_batch_from_txns(transactions=txn_list,
signer_keypair=txn_key)
batch_list = batcher.batch_to_list(batch=batch)
await send(request.app.config.VAL_CONN, batch_list,
request.app.config.TIMEOUT)
await reject_users_proposals(next_id, request)
return json({
"message": "User {} successfully deleted".format(next_id),
"deleted": 1
})
async def delete_role(request, role_id):
"""Delete a role by it's next_id.
Args:
role_id:
str: the role_id field of the targeted role
Returns:
json:
dict: {
message:
str: the status of the role delete operation
deleted:
int: count of the number of roles that were deleted
}
Raises:
ApiForbidden:
The user is not a system admin or owner of the targeted
role.
ApiNotFound:
The role does not exist in RethinkDB.
ApiInternalError:
There was an error compiling blockchain transactions.
"""
txn_key, txn_user_id = await utils.get_transactor_key(request)
# does the role exist?
if not await roles_query.does_role_exist(request.app.config.DB_CONN, role_id):
LOGGER.warning(
"Nonexistent Role – User %s is attempting to delete the nonexistent role %s",
txn_user_id,
role_id,
)
return await handle_not_found(
request, ApiNotFound("The targeted role does not exist.")
)
is_role_owner = await check_role_owner_status(txn_user_id, role_id)
if not is_role_owner:
is_admin = await check_admin_status(txn_user_id)
if not is_admin:
LOGGER.warning(
"Permission Denied – User %s does not have sufficient privilege to delete role %s.",
txn_user_id,
role_id,
)
return await handle_errors(
request, ApiForbidden("You do not have permission to delete this role.")
)
txn_list = []
txn_list = await create_rjct_ppsls_role_txns(
txn_key, role_id, txn_user_id, txn_list
)
txn_list = await create_del_admin_by_role_txns(txn_key, role_id, txn_list)
txn_list = await create_del_mmbr_by_role_txns(txn_key, role_id, txn_list)
txn_list = await create_del_ownr_by_role_txns(txn_key, role_id, txn_list)
txn_list = create_del_role_txns(txn_key, role_id, txn_list)
# validate transaction list
if not txn_list:
LOGGER.warning(
"txn_list is empty. There was an error processing the delete role transactions. Transaction list: %s",
txn_list,
)
return await handle_errors(
request,
ApiInternalError(
"An error occurred while creating the blockchain transactions to delete the role."
),
)
batch = batcher.make_batch_from_txns(transactions=txn_list, signer_keypair=txn_key)
batch_list = batcher.batch_to_list(batch=batch)
await utils.send(
request.app.config.VAL_CONN, batch_list, request.app.config.TIMEOUT
)
return json(
{"message": "Role {} successfully deleted".format(role_id), "deleted": 1}
)
