flaschengeist/flaschengeist/controller/roleController.py

from sqlalchemy.exc import IntegrityError
from werkzeug.exceptions import BadRequest, NotFound

from flaschengeist.models.user import Role, Permission
from flaschengeist.database import db, case_sensitive
from flaschengeist import logger
from flaschengeist.utils.hook import Hook


def get_all():
    return Role.query.all()


def get(role_name):
    if type(role_name) is int:
        role = Role.query.get(role_name)
    else:
        role = Role.query.filter(Role.name == role_name).one_or_none()
    if not role:
        raise NotFound
    return role


def get_permissions():
    return Permission.query.all()


@Hook
def update_role(role, new_name):
    if new_name is None:
        try:
            logger.debug(f"Hallo, dies ist die {role.serialize()}")
            db.session.delete(role)
            logger.debug(f"Hallo, dies ist die {role.serialize()}")
            db.session.commit()
        except IntegrityError:
            logger.debug("IntegrityError: Role might still be in use", exc_info=True)
            raise BadRequest("Role still in use")
    else:
        if role.name == new_name or db.session.query(db.exists().where(Role.name == case_sensitive(new_name))).scalar():
            raise BadRequest("Name already used")
        role.name = new_name
        db.session.commit()


def set_permissions(role, permissions):
    for name in permissions:
        p = Permission.query.filter(Permission.name.in_(permissions)).all()
        if not p or len(p) < len(permissions):
            raise BadRequest("Invalid permission name >{}<".format(name))
        role.permissions = list(p)
    db.session.commit()


def create_permissions(permissions):
    for permission in permissions:
        if Permission.query.filter(Permission.name == permission).count() > 0:
            continue
        p = Permission(name=permission)
        db.session.add(p)
        db.session.commit()


def create_role(name: str, permissions=[]):
    logger.debug(f"Create new role with name: {name}")
    role = Role(name=name)
    db.session.add(role)
    set_permissions(role, permissions)
    db.session.commit()
    logger.debug(f"Created role: {role.serialize()}")
    return role


def delete(role):
    role.permissions.clear()
    update_role(role, None)