forked from ScoDoc/DocScoDoc
added cli edit-role
This commit is contained in:
parent
1e6c16ab31
commit
2cfdeb58e5
58
scodoc.py
58
scodoc.py
@ -7,8 +7,6 @@
|
|||||||
"""
|
"""
|
||||||
|
|
||||||
|
|
||||||
from __future__ import print_function
|
|
||||||
|
|
||||||
import os
|
import os
|
||||||
from pprint import pprint as pp
|
from pprint import pprint as pp
|
||||||
import sys
|
import sys
|
||||||
@ -16,14 +14,15 @@ import sys
|
|||||||
import click
|
import click
|
||||||
import flask
|
import flask
|
||||||
from flask.cli import with_appcontext
|
from flask.cli import with_appcontext
|
||||||
|
|
||||||
from app import create_app, cli, db
|
from app import create_app, cli, db
|
||||||
from app import initialize_scodoc_database
|
from app import initialize_scodoc_database
|
||||||
from app import clear_scodoc_cache
|
from app import clear_scodoc_cache
|
||||||
|
from app import models
|
||||||
|
|
||||||
from app.auth.models import User, Role, UserRole
|
from app.auth.models import User, Role, UserRole
|
||||||
from app import models
|
|
||||||
from app.models import ScoPreference
|
from app.models import ScoPreference
|
||||||
|
from app.scodoc.sco_permissions import Permission
|
||||||
from app.views import notes, scolar, absences
|
from app.views import notes, scolar, absences
|
||||||
import tools
|
import tools
|
||||||
|
|
||||||
@ -45,6 +44,7 @@ def make_shell_context():
|
|||||||
"User": User,
|
"User": User,
|
||||||
"Role": Role,
|
"Role": Role,
|
||||||
"UserRole": UserRole,
|
"UserRole": UserRole,
|
||||||
|
"Permission": Permission,
|
||||||
"notes": notes,
|
"notes": notes,
|
||||||
"scolar": scolar,
|
"scolar": scolar,
|
||||||
"ndb": ndb,
|
"ndb": ndb,
|
||||||
@ -142,13 +142,59 @@ def user_password(username, password=None): # user-password
|
|||||||
return 1
|
return 1
|
||||||
u = User.query.filter_by(user_name=username).first()
|
u = User.query.filter_by(user_name=username).first()
|
||||||
if not u:
|
if not u:
|
||||||
sys.stderr.write("user_password: user {} does not exists".format(username))
|
sys.stderr.write(f"user_password: user {username} does not exists\n")
|
||||||
return 1
|
return 1
|
||||||
|
|
||||||
u.set_password(password)
|
u.set_password(password)
|
||||||
db.session.add(u)
|
db.session.add(u)
|
||||||
db.session.commit()
|
db.session.commit()
|
||||||
click.echo("changed password for user {}".format(u))
|
click.echo(f"changed password for user {u}")
|
||||||
|
|
||||||
|
|
||||||
|
@app.cli.command()
|
||||||
|
@click.argument("rolename")
|
||||||
|
@click.option("-a", "--add", "addpermissionname")
|
||||||
|
@click.option("-r", "--remove", "removepermissionname")
|
||||||
|
def edit_role(rolename, addpermissionname=None, removepermissionname=None): # edit-role
|
||||||
|
"""Add [-a] and/or remove [-r] a permission to/from a role.
|
||||||
|
In ScoDoc, permissions are not associated to users but to roles.
|
||||||
|
Each user has a set of roles in each departement.
|
||||||
|
|
||||||
|
Example: `flask edit-role -a ScoEditApo Ens`
|
||||||
|
"""
|
||||||
|
if addpermissionname:
|
||||||
|
try:
|
||||||
|
perm_to_add = Permission.get_by_name(addpermissionname)
|
||||||
|
except KeyError:
|
||||||
|
sys.stderr.write(
|
||||||
|
f"edit_role: permission {addpermissionname} does not exists\n"
|
||||||
|
)
|
||||||
|
return 1
|
||||||
|
else:
|
||||||
|
perm_to_add = None
|
||||||
|
if removepermissionname:
|
||||||
|
try:
|
||||||
|
perm_to_remove = Permission.get_by_name(removepermissionname)
|
||||||
|
except KeyError:
|
||||||
|
sys.stderr.write(
|
||||||
|
f"edit_role: permission {removepermissionname} does not exists\n"
|
||||||
|
)
|
||||||
|
return 1
|
||||||
|
else:
|
||||||
|
perm_to_remove = None
|
||||||
|
role = Role.query.filter_by(name=rolename).first()
|
||||||
|
if not role:
|
||||||
|
sys.stderr.write(f"edit_role: role {rolename} does not exists\n")
|
||||||
|
return 1
|
||||||
|
if perm_to_add:
|
||||||
|
role.add_permission(perm_to_add)
|
||||||
|
click.echo(f"adding permission {addpermissionname} to role {rolename}")
|
||||||
|
if perm_to_remove:
|
||||||
|
role.remove_permission(perm_to_remove)
|
||||||
|
click.echo(f"removing permission {removepermissionname} from role {rolename}")
|
||||||
|
if perm_to_add or perm_to_remove:
|
||||||
|
db.session.add(role)
|
||||||
|
db.session.commit()
|
||||||
|
|
||||||
|
|
||||||
@app.cli.command()
|
@app.cli.command()
|
||||||
|
Loading…
x
Reference in New Issue
Block a user