ScoDoc/ScoDoc
ScoDoc
/
ScoDoc
8
2
Fork 15
Code Issues 146 Pull Requests 1 Projects 3 Releases 130 Wiki Activity

Affichage des rôles

This commit is contained in:
Emmanuel Viennet 2022-07-24 07:14:31 +02:00
parent b4050f8e5d
commit 0535d99456
3 changed files with 41 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
app/auth/models.py
View File

@ -279,7 +279,7 @@ class User(UserMixin, db.Model):
return False return False
# Role management # Role management
def add_role(self, role, dept): def add_role(self, role: "Role", dept: str):
"""Add a role to this user. """Add a role to this user.
:param role: Role to add. :param role: Role to add.
""" """
@ -287,7 +287,7 @@ class User(UserMixin, db.Model):
raise ScoValueError("add_role: rôle invalide") raise ScoValueError("add_role: rôle invalide")
self.user_roles.append(UserRole(user=self, role=role, dept=dept)) self.user_roles.append(UserRole(user=self, role=role, dept=dept))
def add_roles(self, roles, dept): def add_roles(self, roles: "list[Role]", dept: str):
"""Add roles to this user. """Add roles to this user.
:param roles: Roles to add. :param roles: Roles to add.
""" """
@ -410,6 +410,9 @@ class Role(db.Model):
w=Permission.NBITS, w=Permission.NBITS,
) )
def __str__(self):
return f"{self.name}: perm={', '.join(Permission.permissions_names(self.permissions))}"
def add_permission(self, perm): def add_permission(self, perm):
self.permissions |= perm self.permissions |= perm

22
app/scodoc/sco_permissions.py
View File

@ -57,12 +57,13 @@ _SCO_PERMISSIONS = (
) )
class Permission(object): class Permission:
"Permissions for ScoDoc" "Permissions for ScoDoc"
NBITS = 1 # maximum bits used (for formatting) NBITS = 1 # maximum bits used (for formatting)
ALL_PERMISSIONS = [-1] ALL_PERMISSIONS = [-1]
description = {} # { symbol : blah blah } description = {} # { symbol : blah blah }
permission_by_name = {} # { symbol : int } permission_by_name = {} # { symbol : int }
permission_by_value = {} # { int : symbol }
@staticmethod @staticmethod
def init_permissions(): def init_permissions():
@ -70,6 +71,7 @@ class Permission(object):
setattr(Permission, symbol, perm) setattr(Permission, symbol, perm)
Permission.description[symbol] = description Permission.description[symbol] = description
Permission.permission_by_name[symbol] = perm Permission.permission_by_name[symbol] = perm
Permission.permission_by_value[perm] = symbol
max_perm = max(p[0] for p in _SCO_PERMISSIONS) max_perm = max(p[0] for p in _SCO_PERMISSIONS)
Permission.NBITS = max_perm.bit_length() Permission.NBITS = max_perm.bit_length()
@ -78,5 +80,23 @@ class Permission(object):
"""Return permission mode (integer bit field), or None if it doesn't exist.""" """Return permission mode (integer bit field), or None if it doesn't exist."""
return Permission.permission_by_name.get(permission_name) return Permission.permission_by_name.get(permission_name)
@staticmethod
def get_name(permission: int) -> str:
"""Return permission name, or None if it doesn't exist."""
return Permission.permission_by_value.get(permission)
@staticmethod
def permissions_names(permissions: int) -> list[str]:
"""From a bit field, return list of permission names"""
names = []
mask = 1 << (permissions.bit_length() - 1)
while mask > 0:
if mask & permissions:
name = Permission.get_name(mask)
if name is not None:
names.append(name)
mask = mask >> 1
return names
Permission.init_permissions() Permission.init_permissions()

17
scodoc.py
View File

@ -227,6 +227,13 @@ def create_role(rolename, permissions): # create-role
db.session.commit() db.session.commit()
@app.cli.command()
def list_roles(): # list-roles
"""List all defined roles"""
for role in Role.query:
print(role)
@app.cli.command() @app.cli.command()
@click.argument("rolename") @click.argument("rolename")
@click.option("-a", "--add", "addpermissionname") @click.option("-a", "--add", "addpermissionname")
@ -290,7 +297,7 @@ def delete_role(rolename):
@click.option("-r", "--remove", "remove_role_name") @click.option("-r", "--remove", "remove_role_name")
def user_role(username, dept_acronym=None, add_role_name=None, remove_role_name=None): def user_role(username, dept_acronym=None, add_role_name=None, remove_role_name=None):
"""Add or remove a role to the given user in the given dept""" """Add or remove a role to the given user in the given dept"""
user = User.query.filter_by(user_name=username).first() user: User = User.query.filter_by(user_name=username).first()
if not user: if not user:
sys.stderr.write(f"user_role: user {username} does not exists\n") sys.stderr.write(f"user_role: user {username} does not exists\n")
return 1 return 1
@ -302,9 +309,15 @@ def user_role(username, dept_acronym=None, add_role_name=None, remove_role_name=
if add_role_name: if add_role_name:
role = Role.query.filter_by(name=add_role_name).first() role = Role.query.filter_by(name=add_role_name).first()
if role is None:
sys.stderr.write(f"user_role: role {add_role_name} does not exists\n")
return 2
user.add_role(role, dept_acronym) user.add_role(role, dept_acronym)
if remove_role_name: if remove_role_name:
role = Role.query.filter_by(name=remove_role_name).first() role = Role.query.filter_by(name=remove_role_name).first()
if role is None:
sys.stderr.write(f"user_role: role {remove_role_name} does not exists\n")
return 2
user_role = UserRole.query.filter( user_role = UserRole.query.filter(
UserRole.role == role, UserRole.user == user, UserRole.dept == dept_acronym UserRole.role == role, UserRole.user == user, UserRole.dept == dept_acronym
).first() ).first()
@ -355,7 +368,7 @@ def create_dept(dept): # create-dept
@app.cli.command() @app.cli.command()
@click.argument("depts", nargs=-1) @click.argument("depts", nargs=-1)
def list_depts(depts=""): # list-dept def list_depts(depts=""): # list-depts
"""If dept exists, print it, else nothing. """If dept exists, print it, else nothing.
Called without arguments, list all depts along with their ids. Called without arguments, list all depts along with their ids.
""" """