77 lines
2.2 KiB
Python
77 lines
2.2 KiB
Python
from sqlalchemy.exc import IntegrityError
|
|
from werkzeug.exceptions import BadRequest, NotFound
|
|
|
|
from flaschengeist.models.user import Role, Permission
|
|
from flaschengeist.database import db, case_sensitive
|
|
from flaschengeist import logger
|
|
from flaschengeist.utils.hook import Hook
|
|
|
|
|
|
def get_all():
|
|
return Role.query.all()
|
|
|
|
|
|
def get(role_name):
|
|
if type(role_name) is int:
|
|
role = Role.query.get(role_name)
|
|
else:
|
|
role = Role.query.filter(Role.name == role_name).one_or_none()
|
|
if not role:
|
|
raise NotFound
|
|
return role
|
|
|
|
|
|
def get_permissions():
|
|
return Permission.query.all()
|
|
|
|
|
|
@Hook
|
|
def update_role(role, new_name):
|
|
if new_name is None:
|
|
try:
|
|
logger.debug(f"Hallo, dies ist die {role.serialize()}")
|
|
db.session.delete(role)
|
|
logger.debug(f"Hallo, dies ist die {role.serialize()}")
|
|
db.session.commit()
|
|
except IntegrityError:
|
|
logger.debug("IntegrityError: Role might still be in use", exc_info=True)
|
|
raise BadRequest("Role still in use")
|
|
else:
|
|
if role.name == new_name or db.session.query(db.exists().where(Role.name == case_sensitive(new_name))).scalar():
|
|
raise BadRequest("Name already used")
|
|
role.name = new_name
|
|
db.session.commit()
|
|
|
|
|
|
def set_permissions(role, permissions):
|
|
for name in permissions:
|
|
p = Permission.query.filter(Permission.name.in_(permissions)).all()
|
|
if not p or len(p) < len(permissions):
|
|
raise BadRequest("Invalid permission name >{}<".format(name))
|
|
role.permissions = list(p)
|
|
db.session.commit()
|
|
|
|
|
|
def create_permissions(permissions):
|
|
for permission in permissions:
|
|
if Permission.query.filter(Permission.name == permission).count() > 0:
|
|
continue
|
|
p = Permission(name=permission)
|
|
db.session.add(p)
|
|
db.session.commit()
|
|
|
|
|
|
def create_role(name: str, permissions=[]):
|
|
logger.debug(f"Create new role with name: {name}")
|
|
role = Role(name=name)
|
|
db.session.add(role)
|
|
set_permissions(role, permissions)
|
|
db.session.commit()
|
|
logger.debug(f"Created role: {role.serialize()}")
|
|
return role
|
|
|
|
|
|
def delete(role):
|
|
role.permissions.clear()
|
|
update_role(role, None)
|