From 50632eb3336373b64b593f24ecae70327c7e27c6 Mon Sep 17 00:00:00 2001 From: Ferdinand Thiessen Date: Sun, 28 Nov 2021 22:23:34 +0100 Subject: [PATCH] feat(cli) Allow assigning all permissions to one group from cli --- run_flaschengeist | 38 +++++++++++++++++++++----------------- 1 file changed, 21 insertions(+), 17 deletions(-) diff --git a/run_flaschengeist b/run_flaschengeist index 55fabad..03d3222 100644 --- a/run_flaschengeist +++ b/run_flaschengeist @@ -5,7 +5,9 @@ import argparse import sys import pkg_resources +from sqlalchemy import exc +from flaschengeist.app import create_app, install_all from flaschengeist.config import config @@ -130,16 +132,12 @@ class InterfaceGenerator: def install(arguments): - from flaschengeist.app import create_app, install_all - app = create_app() with app.app_context(): install_all() def run(arguments): - from flaschengeist.app import create_app - app = create_app() with app.app_context(): app.wsgi_app = PrefixMiddleware(app.wsgi_app, prefix=config["FLASCHENGEIST"].get("root", "")) @@ -151,7 +149,6 @@ def run(arguments): def export(arguments): import flaschengeist.models as models - from flaschengeist.app import create_app app = create_app() with app.app_context(): @@ -167,16 +164,23 @@ def export(arguments): gen.write() -def ldap_sync(arguments): - from flaschengeist.app import create_app - from flaschengeist.controller import userController - from flaschengeist.plugins.auth_ldap import AuthLDAP - from ldap3 import SUBTREE - +def ldap(arguments): app = create_app() with app.app_context(): - auth_ldap: AuthLDAP = app.config.get("FG_PLUGINS").get("auth_ldap") - if auth_ldap: + if arguments.set_admin: + from flaschengeist.controller import roleController + from flaschengeist.database import db + role = roleController.get(arguments.set_admin) + role.permissions = roleController.get_permissions() + db.session.commit() + if arguments.sync: + from flaschengeist.controller import userController + from flaschengeist.plugins.auth_ldap import AuthLDAP + from ldap3 import SUBTREE + + auth_ldap: AuthLDAP = app.config.get("FG_PLUGINS").get("auth_ldap") + if auth_ldap is None: + raise Exception("Plugin >auth_ldap< not found") conn = auth_ldap.ldap.connection if not conn: conn = auth_ldap.ldap.connect(auth_ldap.root_dn, auth_ldap.root_secret) @@ -185,8 +189,6 @@ def ldap_sync(arguments): for ldap_user in ldap_users_response: uid = ldap_user["attributes"]["uid"][0] userController.find_user(uid) - exit() - raise Exception("auth_ldap not found") if __name__ == "__main__": @@ -214,8 +216,10 @@ if __name__ == "__main__": ) parser_export.add_argument("--plugins", help="Also export plugins (none means all)", nargs="*") - parser_ldap_sync = subparsers.add_parser("ldap_sync", help="synch ldap-users with database") - parser_ldap_sync.set_defaults(func=ldap_sync) + parser_ldap = subparsers.add_parser("ldap", help="LDAP helper utils") + parser_ldap.set_defaults(func=ldap) + parser_ldap.add_argument('--sync', action="store_true", help="Sync ldap-users with database") + parser_ldap.add_argument('--set-admin', type=str, help="Assign all permissions this to group") args = parser.parse_args() args.func(args)