diff options
author | Frederick Muriuki Muriithi | 2024-06-17 13:55:57 -0500 |
---|---|---|
committer | Frederick Muriuki Muriithi | 2024-06-17 13:55:57 -0500 |
commit | b6a2d32b12525afba6928a57a25924d795754204 (patch) | |
tree | 65d59e7920ce726cbdd1c5d7ba98d770a2c35658 | |
parent | b5ecabfecbc1e7a8ed1a2b92fd73094204541d83 (diff) | |
download | genenetwork2-b6a2d32b12525afba6928a57a25924d795754204.tar.gz |
Create a new resource role.
-rw-r--r-- | gn2/wqflask/oauth2/resources.py | 48 | ||||
-rw-r--r-- | gn2/wqflask/templates/oauth2/create-role.html | 38 | ||||
-rw-r--r-- | gn2/wqflask/templates/oauth2/view-resource.html | 5 |
3 files changed, 78 insertions, 13 deletions
diff --git a/gn2/wqflask/oauth2/resources.py b/gn2/wqflask/oauth2/resources.py index 7a705856..cf600b51 100644 --- a/gn2/wqflask/oauth2/resources.py +++ b/gn2/wqflask/oauth2/resources.py @@ -397,3 +397,51 @@ def unassign_privilege_from_resource_role(resource_id: UUID, role_id: UUID): f"auth/resource/view/{resource_id}").either( with_flash_error(returnto), __fetch_resource_role__) + + +@resources.route("/<uuid:resource_id>/roles/create-role", + methods=["GET", "POST"]) +@require_oauth2 +def create_resource_role(resource_id: UUID): + """Create new role for the resource.""" + def __render__(**kwargs): + return render_ui("oauth2/create-role.html", **kwargs) + + def __fetch_resource_roles__(resource): + return oauth2_get(f"auth/resource/{resource_id}/roles").either( + lambda error: __render__(resource_role_error=error), + lambda roles: {"resource": resource, "roles": roles}) + + if request.method == "GET": + return oauth2_get(f"auth/resource/view/{resource_id}").map( + __fetch_resource_roles__).either( + lambda error: __render__(resource_error=error), + lambda kwargs: __render__(**kwargs)) + + formdata = request.form + privileges = formdata.getlist("privileges[]") + if not bool(privileges): + flash( + "You must provide at least one privilege for creation of the new " + "role.", + "alert-danger") + return redirect(url_for("oauth2.resource.create_resource_role", + resource_id=resource_id)) + + def __handle_error__(error): + flash_error(process_error(error)) + return redirect(url_for( + "oauth2.resource.create_resource_role", resource_id=resource_id)) + + def __handle_success__(success): + flash("Role successfully created.", "alert-success") + return redirect(url_for( + "oauth2.resource.view_resource", resource_id=resource_id)) + + return oauth2_post( + f"auth/resource/{resource_id}/roles/create", + json={ + "role_name": formdata["role_name"], + "privileges": privileges + }).either( + __handle_error__, __handle_success__) diff --git a/gn2/wqflask/templates/oauth2/create-role.html b/gn2/wqflask/templates/oauth2/create-role.html index f2bff7b4..198eacdd 100644 --- a/gn2/wqflask/templates/oauth2/create-role.html +++ b/gn2/wqflask/templates/oauth2/create-role.html @@ -7,31 +7,43 @@ {{profile_nav("roles", user_privileges)}} <h3>Create Role</h3> - {{flash_me()}} + <p>Create a new role to act on resource "{{resource.resource_name}}"</p> {%if group_privileges_error is defined%} {{display_error("Group Privileges", group_privileges_error)}} {%else%} - {%if "group:role:create-role" in user_privileges%} - <form method="POST" action="{{url_for('oauth2.role.create_role')}}"> - <legend>Create Group Role</legend> + {%if "resource:role:create-role" in (user_privileges|map(attribute="privilege_id")) %} + <form method="POST" action="{{url_for('oauth2.resource.create_resource_role', + resource_id=resource.resource_id)}}"> + <legend>create resource role</legend> + + {{flash_me()}} + <div class="form-group"> <label for="role_name" class="form-label">Name</label> - <input type="text" id="role_name" name="role_name" required="required" - class="form-control" - {%if prev_role_name is defined and prev_role_name is not none%} - value="{{prev_role_name}}" - {%endif%} /> + <div class="input-group"> + <span class="input-group-addon"> + {{resource.resource_name|replace(" ", "_")}}:: + </span> + <input type="text" id="role_name" name="role_name" required="required" + class="form-control" + {%if prev_role_name is defined and prev_role_name is not none%} + value="{{prev_role_name}}" + {%endif%} /> + </div> + <span class="form-text text-muted"> + The name of the role will have the resource's name appended. + </span> </div> <label class="form-label">Privileges</label> - {%for priv in group_privileges%} + {%for priv in user_privileges%} <div class="checkbox"> - <label for="chk:{{priv.privilege_id}}"> - <input type="checkbox" id="chk:{{priv.privilege_id}}" + <label for="chk-{{priv.privilege_id}}"> + <input type="checkbox" id="chk-{{priv.privilege_id}}" name="privileges[]" value={{priv.privilege_id}} /> <span style="text-transform: capitalize;"> {{priv.privilege_description}} - </span> ({{priv.privilege_id}}) + </span> </label> </div> {%endfor%} diff --git a/gn2/wqflask/templates/oauth2/view-resource.html b/gn2/wqflask/templates/oauth2/view-resource.html index 25cac6ff..cfc769c4 100644 --- a/gn2/wqflask/templates/oauth2/view-resource.html +++ b/gn2/wqflask/templates/oauth2/view-resource.html @@ -246,6 +246,11 @@ </a> {%endfor%} </div> + <hr /> + <a title="create a new role for this resource" + href="{{url_for('oauth2.resource.create_resource_role', + resource_id=resource.resource_id)}}" + class="btn btn-info">New Role</a> </div> <div class="row"> |