added cli edit-role

This commit is contained in:
Emmanuel Viennet 2021-09-13 16:11:33 +02:00
parent 1e6c16ab31
commit 2cfdeb58e5

View File

@ -7,8 +7,6 @@
"""
from __future__ import print_function
import os
from pprint import pprint as pp
import sys
@ -16,14 +14,15 @@ import sys
import click
import flask
from flask.cli import with_appcontext
from app import create_app, cli, db
from app import initialize_scodoc_database
from app import clear_scodoc_cache
from app import models
from app.auth.models import User, Role, UserRole
from app import models
from app.models import ScoPreference
from app.scodoc.sco_permissions import Permission
from app.views import notes, scolar, absences
import tools
@ -45,6 +44,7 @@ def make_shell_context():
"User": User,
"Role": Role,
"UserRole": UserRole,
"Permission": Permission,
"notes": notes,
"scolar": scolar,
"ndb": ndb,
@ -142,13 +142,59 @@ def user_password(username, password=None): # user-password
return 1
u = User.query.filter_by(user_name=username).first()
if not u:
sys.stderr.write("user_password: user {} does not exists".format(username))
sys.stderr.write(f"user_password: user {username} does not exists\n")
return 1
u.set_password(password)
db.session.add(u)
db.session.commit()
click.echo("changed password for user {}".format(u))
click.echo(f"changed password for user {u}")
@app.cli.command()
@click.argument("rolename")
@click.option("-a", "--add", "addpermissionname")
@click.option("-r", "--remove", "removepermissionname")
def edit_role(rolename, addpermissionname=None, removepermissionname=None): # edit-role
"""Add [-a] and/or remove [-r] a permission to/from a role.
In ScoDoc, permissions are not associated to users but to roles.
Each user has a set of roles in each departement.
Example: `flask edit-role -a ScoEditApo Ens`
"""
if addpermissionname:
try:
perm_to_add = Permission.get_by_name(addpermissionname)
except KeyError:
sys.stderr.write(
f"edit_role: permission {addpermissionname} does not exists\n"
)
return 1
else:
perm_to_add = None
if removepermissionname:
try:
perm_to_remove = Permission.get_by_name(removepermissionname)
except KeyError:
sys.stderr.write(
f"edit_role: permission {removepermissionname} does not exists\n"
)
return 1
else:
perm_to_remove = None
role = Role.query.filter_by(name=rolename).first()
if not role:
sys.stderr.write(f"edit_role: role {rolename} does not exists\n")
return 1
if perm_to_add:
role.add_permission(perm_to_add)
click.echo(f"adding permission {addpermissionname} to role {rolename}")
if perm_to_remove:
role.remove_permission(perm_to_remove)
click.echo(f"removing permission {removepermissionname} from role {rolename}")
if perm_to_add or perm_to_remove:
db.session.add(role)
db.session.commit()
@app.cli.command()