From 2cfdeb58e5615873bfaf5892813c7a97598ef1ae Mon Sep 17 00:00:00 2001 From: Emmanuel Viennet Date: Mon, 13 Sep 2021 16:11:33 +0200 Subject: [PATCH] added cli edit-role --- scodoc.py | 58 +++++++++++++++++++++++++++++++++++++++++++++++++------ 1 file changed, 52 insertions(+), 6 deletions(-) diff --git a/scodoc.py b/scodoc.py index 3a085227..87cc9677 100755 --- a/scodoc.py +++ b/scodoc.py @@ -7,8 +7,6 @@ """ -from __future__ import print_function - import os from pprint import pprint as pp import sys @@ -16,14 +14,15 @@ import sys import click import flask from flask.cli import with_appcontext + from app import create_app, cli, db from app import initialize_scodoc_database from app import clear_scodoc_cache +from app import models from app.auth.models import User, Role, UserRole -from app import models from app.models import ScoPreference - +from app.scodoc.sco_permissions import Permission from app.views import notes, scolar, absences import tools @@ -45,6 +44,7 @@ def make_shell_context(): "User": User, "Role": Role, "UserRole": UserRole, + "Permission": Permission, "notes": notes, "scolar": scolar, "ndb": ndb, @@ -142,13 +142,59 @@ def user_password(username, password=None): # user-password return 1 u = User.query.filter_by(user_name=username).first() if not u: - sys.stderr.write("user_password: user {} does not exists".format(username)) + sys.stderr.write(f"user_password: user {username} does not exists\n") return 1 u.set_password(password) db.session.add(u) db.session.commit() - click.echo("changed password for user {}".format(u)) + click.echo(f"changed password for user {u}") + + +@app.cli.command() +@click.argument("rolename") +@click.option("-a", "--add", "addpermissionname") +@click.option("-r", "--remove", "removepermissionname") +def edit_role(rolename, addpermissionname=None, removepermissionname=None): # edit-role + """Add [-a] and/or remove [-r] a permission to/from a role. + In ScoDoc, permissions are not associated to users but to roles. + Each user has a set of roles in each departement. + + Example: `flask edit-role -a ScoEditApo Ens` + """ + if addpermissionname: + try: + perm_to_add = Permission.get_by_name(addpermissionname) + except KeyError: + sys.stderr.write( + f"edit_role: permission {addpermissionname} does not exists\n" + ) + return 1 + else: + perm_to_add = None + if removepermissionname: + try: + perm_to_remove = Permission.get_by_name(removepermissionname) + except KeyError: + sys.stderr.write( + f"edit_role: permission {removepermissionname} does not exists\n" + ) + return 1 + else: + perm_to_remove = None + role = Role.query.filter_by(name=rolename).first() + if not role: + sys.stderr.write(f"edit_role: role {rolename} does not exists\n") + return 1 + if perm_to_add: + role.add_permission(perm_to_add) + click.echo(f"adding permission {addpermissionname} to role {rolename}") + if perm_to_remove: + role.remove_permission(perm_to_remove) + click.echo(f"removing permission {removepermissionname} from role {rolename}") + if perm_to_add or perm_to_remove: + db.session.add(role) + db.session.commit() @app.cli.command()