def add_users_to_groups(data, db_session, username):
logger.info(LogMsg.START, username)
if username not in ADMINISTRATORS:
logger.error(LogMsg.NOT_ACCESSED, {'username': username})
raise Http_error(403, Message.ACCESS_DENIED)
users = set(data.get('users'))
groups = set(data.get('groups'))
validate_users(users, db_session)
validate_groups(groups, db_session)
final_res = {}
for group_id in groups:
result = []
for user_id in users:
if user_is_in_group(user_id, group_id, db_session):
logger.error(LogMsg.GROUP_USER_IS_IN_GROUP,
{'user_id': user_id, 'group_id': group_id})
raise Http_error(409, Message.ALREADY_EXISTS)
result.append(
model_to_dict(add(user_id, group_id, db_session, username)))
final_res.update({group_id: result})
logger.info(LogMsg.END)
return final_res
def add_users_to_groups(data, db_session, username):
logger.info(LogMsg.START, username)
user = check_user(username, db_session)
schema_validate(data, USER_ADD_SCHEMA_PATH)
logger.debug(LogMsg.SCHEMA_CHECKED)
users = set(data.get('users'))
groups = set(data.get('groups'))
validate_users(users, db_session)
group_entities = validate_groups(groups, db_session)
if username not in ADMINISTRATORS:
permissions, presses = get_user_permissions(username, db_session)
permit = has_permission_or_not(
[Permissions.PERMISSION_GROUP_USER_ADD_PREMIUM], permissions)
if not permit:
press_permit = has_permission_or_not(
[Permissions.PERMISSION_GROUP_USER_ADD_PRESS], permissions)
if not (press_permit
and is_user_group_owner(user.person_id, group_entities)):
logger.error(LogMsg.PERMISSION_DENIED,
{'PERMISSION_GROUP_USER_ADD': username})
raise Http_error(403, Message.ACCESS_DENIED)
final_res = {}
for group_id in groups:
result = []
for user_id in users:
if user_is_in_group(user_id, group_id, db_session):
logger.error(LogMsg.GROUP_USER_IS_IN_GROUP, {
'user_id': user_id,
'group_id': group_id
})
raise Http_error(409, Message.ALREADY_EXISTS)
result.append(
model_to_dict(add(user_id, group_id, db_session, username)))
final_res.update({group_id: result})
logger.info(LogMsg.END)
return final_res
def delete_users_from_groups(data, db_session, username):
logger.info(LogMsg.START, username)
user = check_user(username, db_session)
schema_validate(data, USER_ADD_SCHEMA_PATH)
logger.debug(LogMsg.SCHEMA_CHECKED)
users = set(data.get('users'))
groups = set(data.get('groups'))
validate_users(users, db_session)
group_entities = validate_groups(groups, db_session)
if username not in ADMINISTRATORS:
permissions, presses = get_user_permissions(username, db_session)
permit = has_permission_or_not(
[Permissions.PERMISSION_GROUP_USER_DELETE_PREMIUM], permissions)
if not permit:
press_permit = has_permission_or_not(
[Permissions.PERMISSION_GROUP_USER_DELETE_PRESS], permissions)
if not (press_permit
and is_user_group_owner(user.person_id, group_entities)):
logger.error(LogMsg.PERMISSION_DENIED,
{'PERMISSION_GROUP_USER_ADD': username})
raise Http_error(403, Message.ACCESS_DENIED)
for group_id in groups:
for user_id in users:
if not user_is_in_group(user_id, group_id, db_session):
logger.error(LogMsg.GROUP_USER_NOT_IN_GROUP, {
'user_id': user_id,
'group_id': group_id
})
raise Http_error(404, Message.NOT_IN_GROUP)
delete_user_group(user_id, group_id, db_session)
logger.info(LogMsg.END)
return {'result': 'successful'}
def add_group_by_users(data, db_session, username):
logger.info(LogMsg.START, username)
if username not in ADMINISTRATORS:
logger.error(LogMsg.NOT_ACCESSED, {'username': username})
raise Http_error(403, Message.ACCESS_DENIED)
users = set(data.get('users'))
group_title = data.get('title')
validate_users(users, db_session)
if check_group_title_exists(group_title, db_session):
logger.error(LogMsg.GROUP_EXISTS, {'group_title': group_title})
raise Http_error(409, Message.ALREADY_EXISTS)
group = add_group({'title': group_title}, db_session, username)
del data['title']
data['group_id'] = group.id
result = add_group_users(data, db_session, username)
return result
def delete_users_from_groups(data, db_session, username):
logger.info(LogMsg.START, username)
if username not in ADMINISTRATORS:
logger.error(LogMsg.NOT_ACCESSED, {'username': username})
raise Http_error(403, Message.ACCESS_DENIED)
users = set(data.get('users'))
groups = set(data.get('groups'))
validate_users(users, db_session)
validate_groups(groups, db_session)
for group_id in groups:
for user_id in users:
if not user_is_in_group(user_id, group_id, db_session):
logger.error(LogMsg.GROUP_USER_NOT_IN_GROUP,
{'user_id': user_id, 'group_id': group_id})
raise Http_error(404, Message.NOT_IN_GROUP)
delete_user_group(user_id, group_id, db_session)
logger.info(LogMsg.END)
return {'result': 'successful'}
def add_group_by_users(data, db_session, username):
logger.info(LogMsg.START, username)
user = check_user(username, db_session)
users = set(data.get('users'))
group_title = data.get('title')
person_id = data.get('person_id', None)
if username not in ADMINISTRATORS:
permissions, presses = get_user_permissions(username, db_session)
permit = has_permission_or_not(
[Permissions.PERMISSION_GROUP_USER_ADD_PREMIUM], permissions)
if not permit:
press_permit = has_permission_or_not(
[Permissions.PERMISSION_GROUP_USER_ADD_PRESS], permissions)
if not (press_permit and
(person_id is None or person_id != user.person_id)):
logger.error(LogMsg.PERMISSION_DENIED,
{'ADD_GROUP_USER_PERMISSION': username})
raise Http_error(403, Message.ACCESS_DENIED)
validate_users(users, db_session)
if check_group_title_exists(group_title, db_session):
logger.error(LogMsg.GROUP_EXISTS, {'group_title': group_title})
raise Http_error(409, Message.ALREADY_EXISTS)
group = add_group({
'title': group_title,
'person_id': person_id
}, db_session, username)
del data['title']
data['group_id'] = group.id
result = add_group_users(data, db_session, username)
return result