diff options
| author | Frederick Muriuki Muriithi | 2023-03-06 14:59:30 +0300 |
|---|---|---|
| committer | Frederick Muriuki Muriithi | 2023-03-06 14:59:30 +0300 |
| commit | 98602d24c64ffafe2c4af150236b72f77709f8de (patch) | |
| tree | 2de0de98ba481506fe4b344074b64a50def804fb | |
| parent | 52956c15c9c7dcb631b55f75d77786b52d4f631b (diff) | |
| download | genenetwork2-98602d24c64ffafe2c4af150236b72f77709f8de.tar.gz | |
oauth2: resources: assign role to user on resource.
| -rw-r--r-- | wqflask/wqflask/oauth2/resources.py | 63 | ||||
| -rw-r--r-- | wqflask/wqflask/templates/oauth2/view-resource.html | 46 |
2 files changed, 105 insertions, 4 deletions
diff --git a/wqflask/wqflask/oauth2/resources.py b/wqflask/wqflask/oauth2/resources.py index be0cb475..e3501835 100644 --- a/wqflask/wqflask/oauth2/resources.py +++ b/wqflask/wqflask/oauth2/resources.py @@ -1,6 +1,7 @@ import uuid -from flask import flash, request, url_for, redirect, Blueprint, render_template +from flask import ( + flash, request, url_for, redirect, Response, Blueprint, render_template) from .checks import require_oauth2 from .client import oauth2_get, oauth2_post @@ -51,11 +52,34 @@ def create_resource(): @require_oauth2 def view_resource(resource_id: uuid.UUID): """View the given resource.""" - def __this_user_success__(resource, unlinked_data, users_n_roles, user): + def __users_success__( + resource, unlinked_data, users_n_roles, this_user, group_roles, + users): return render_template( "oauth2/view-resource.html", resource=resource, unlinked_data=unlinked_data, users_n_roles=users_n_roles, - this_user=user) + this_user=this_user, group_roles=group_roles, users=users) + + def __group_roles_success__( + resource, unlinked_data, users_n_roles, this_user, group_roles): + return oauth2_get("oauth2/user/list").either( + lambda err: render_template( + "oauth2/view-resource.html", resource=resource, + unlinked_data=unlinked_data, users_n_roles=users_n_roles, + this_user=this_user, group_roles=group_roles, + users_error=process_error(err)), + lambda users: __users_success__( + resource, unlinked_data, users_n_roles, this_user, group_roles, + users)) + + def __this_user_success__(resource, unlinked_data, users_n_roles, this_user): + return oauth2_get("oauth2/group/roles").either( + lambda err: render_template( + "oauth2/view-resources.html", resource=resource, + unlinked_data=unlinked_data, users_n_roles=users_n_roles, + this_user=this_user, group_roles_error=process_error(err)), + lambda groles: __group_roles_success__( + resource, unlinked_data, users_n_roles, this_user, groles)) def __users_n_roles_success__(resource, unlinked_data, users_n_roles): return oauth2_get("oauth2/user").either( @@ -66,7 +90,7 @@ def view_resource(resource_id: uuid.UUID): resource, unlinked_data, users_n_roles, usr_dets)) def __unlinked_success__(resource, unlinked_data): - return oauth2_get(f"oauth2/resource/{resource_id}/users").either( + return oauth2_get(f"oauth2/resource/{resource_id}/user/list").either( lambda err: render_template( "oauth2/view-resource.html", resource=resource, unlinked_data=unlinked_data, @@ -149,6 +173,37 @@ def unlink_data_from_resource(): return redirect(url_for( "oauth2.resource.view_resource", resource_id=form["resource_id"])) +@resources.route("<uuid:resource_id>/user/assign", methods=["POST"]) +@require_oauth2 +def assign_role(resource_id: uuid.UUID) -> Response: + form = request.form + group_role_id = form.get("group_role_id", "") + user_email = form.get("user_email", "") + try: + assert bool(group_role_id), "The role must be provided." + assert bool(user_email), "The user email must be provided." + + def __assign_error__(error): + err = process_error(error) + flash(f"{err['error']}: {err['error_description']}", "alert-danger") + return redirect(url_for( + "oauth2.resource.view_resource", resource_id=resource_id)) + + def __assign_success__(success): + flash(success["description"], "alert-success") + return redirect(url_for( + "oauth2.resource.view_resource", resource_id=resource_id)) + + return oauth2_post( + f"oauth2/resource/{resource_id}/user/assign", + data={ + "group_role_id": group_role_id, + "user_email": user_email + }).either(__assign_error__, __assign_success__) + except AssertionError as aserr: + flash(aserr.args[0], "alert-danger") + return redirect(url_for("oauth2.resources.view_resource", resource_id=resource_id)) + @resources.route("/edit/<uuid:resource_id>", methods=["GET"]) @require_oauth2 def edit_resource(resource_id: uuid.UUID): diff --git a/wqflask/wqflask/templates/oauth2/view-resource.html b/wqflask/wqflask/templates/oauth2/view-resource.html index e8a3d8cb..6563d2fa 100644 --- a/wqflask/wqflask/templates/oauth2/view-resource.html +++ b/wqflask/wqflask/templates/oauth2/view-resource.html @@ -206,6 +206,52 @@ {%endif%} </div> + <div class="row"> + <h3>Assign</h3> + {%if group_roles_error is defined%} + {{display_error("Group Roles", group_roles_error)}} + {%elif users_error is defined%} + {{display_error("Users", users_error)}} + {%else%} + <form action="{{url_for( + 'oauth2.resource.assign_role', + resource_id=resource.resource_id)}}" + method="POST" autocomplete="off"> + <input type="hidden" name="resource_id" value="{{resource_id}}" /> + <div class="form-group"> + <label for="group_role_id" class="form-label">Role</label> + <select class="form-control" name="group_role_id" + id="group_role_id" required="required"> + <option value="">Select role</option> + {%for grole in group_roles%} + <option value="{{grole.group_role_id}}"> + {{grole.role.role_name}} + </option> + {%endfor%} + </select> + </div> + <div class="form-group"> + <label for="user-email" class="form-label">User Email</label> + <input list="users-list" name="user_email" class="form-control" + {%if users | length == 0%} + disabled="disabled" + {%endif%} + required="required" /> + <datalist id="users-list"> + {%for user in users%} + <option value="{{user.email}}">{{user.email}} - {{user.name}}</option> + {%endfor%} + </datalist> + </div> + + <input type="submit" class="btn btn-primary" value="Assign" + {%if users | length == 0%} + disabled="disabled" + {%endif%} /> + </form> + {%endif%} + </div> + </div> </div> |