added cli edit-role

This commit is contained in:
Emmanuel Viennet 2021-09-13 16:11:33 +02:00
parent 1e6c16ab31
commit 2cfdeb58e5

View File

@ -7,8 +7,6 @@
""" """
from __future__ import print_function
import os import os
from pprint import pprint as pp from pprint import pprint as pp
import sys import sys
@ -16,14 +14,15 @@ import sys
import click import click
import flask import flask
from flask.cli import with_appcontext from flask.cli import with_appcontext
from app import create_app, cli, db from app import create_app, cli, db
from app import initialize_scodoc_database from app import initialize_scodoc_database
from app import clear_scodoc_cache from app import clear_scodoc_cache
from app import models
from app.auth.models import User, Role, UserRole from app.auth.models import User, Role, UserRole
from app import models
from app.models import ScoPreference from app.models import ScoPreference
from app.scodoc.sco_permissions import Permission
from app.views import notes, scolar, absences from app.views import notes, scolar, absences
import tools import tools
@ -45,6 +44,7 @@ def make_shell_context():
"User": User, "User": User,
"Role": Role, "Role": Role,
"UserRole": UserRole, "UserRole": UserRole,
"Permission": Permission,
"notes": notes, "notes": notes,
"scolar": scolar, "scolar": scolar,
"ndb": ndb, "ndb": ndb,
@ -142,13 +142,59 @@ def user_password(username, password=None): # user-password
return 1 return 1
u = User.query.filter_by(user_name=username).first() u = User.query.filter_by(user_name=username).first()
if not u: if not u:
sys.stderr.write("user_password: user {} does not exists".format(username)) sys.stderr.write(f"user_password: user {username} does not exists\n")
return 1 return 1
u.set_password(password) u.set_password(password)
db.session.add(u) db.session.add(u)
db.session.commit() db.session.commit()
click.echo("changed password for user {}".format(u)) click.echo(f"changed password for user {u}")
@app.cli.command()
@click.argument("rolename")
@click.option("-a", "--add", "addpermissionname")
@click.option("-r", "--remove", "removepermissionname")
def edit_role(rolename, addpermissionname=None, removepermissionname=None): # edit-role
"""Add [-a] and/or remove [-r] a permission to/from a role.
In ScoDoc, permissions are not associated to users but to roles.
Each user has a set of roles in each departement.
Example: `flask edit-role -a ScoEditApo Ens`
"""
if addpermissionname:
try:
perm_to_add = Permission.get_by_name(addpermissionname)
except KeyError:
sys.stderr.write(
f"edit_role: permission {addpermissionname} does not exists\n"
)
return 1
else:
perm_to_add = None
if removepermissionname:
try:
perm_to_remove = Permission.get_by_name(removepermissionname)
except KeyError:
sys.stderr.write(
f"edit_role: permission {removepermissionname} does not exists\n"
)
return 1
else:
perm_to_remove = None
role = Role.query.filter_by(name=rolename).first()
if not role:
sys.stderr.write(f"edit_role: role {rolename} does not exists\n")
return 1
if perm_to_add:
role.add_permission(perm_to_add)
click.echo(f"adding permission {addpermissionname} to role {rolename}")
if perm_to_remove:
role.remove_permission(perm_to_remove)
click.echo(f"removing permission {removepermissionname} from role {rolename}")
if perm_to_add or perm_to_remove:
db.session.add(role)
db.session.commit()
@app.cli.command() @app.cli.command()