about summary refs log tree commit diff
path: root/gn2/wqflask/oauth2
diff options
context:
space:
mode:
authorFrederick Muriuki Muriithi2024-06-17 15:52:23 -0500
committerFrederick Muriuki Muriithi2024-06-17 15:52:23 -0500
commitdd7268bc0c2d841779ba488b13ca0b1f0e9ea6bc (patch)
tree818e470de796b98bd2e20c370a086a73885ff40d /gn2/wqflask/oauth2
parent529932949c8631f3c3e64817123d67cd73d90d1e (diff)
downloadgenenetwork2-dd7268bc0c2d841779ba488b13ca0b1f0e9ea6bc.tar.gz
Remove deprecated endpoints/views and templates
Diffstat (limited to 'gn2/wqflask/oauth2')
-rw-r--r--gn2/wqflask/oauth2/groups.py24


-rw-r--r--gn2/wqflask/oauth2/roles.py56


2 files changed, 0 insertions, 80 deletions
diff --git a/gn2/wqflask/oauth2/groups.py b/gn2/wqflask/oauth2/groups.py
index 3bc4bcb2..e4028497 100644
--- a/gn2/wqflask/oauth2/groups.py
+++ b/gn2/wqflask/oauth2/groups.py
@@ -136,30 +136,6 @@ def reject_join_request():
             handle_error("oauth2.group.list_join_requests"),
             __success__)
 
-@groups.route("/role/<uuid:group_role_id>", methods=["GET"])
-@require_oauth2
-def group_role(group_role_id: uuid.UUID):
-    """View the details of a particular role."""
-    def __render_error__(**kwargs):
-        return render_ui("oauth2/view-group-role.html", **kwargs)
-
-    def __gprivs_success__(role, group_privileges):
-        return render_ui(
-            "oauth2/view-group-role.html", group_role=role,
-            group_privileges=tuple(
-                priv for priv in group_privileges
-                if priv not in role["role"]["privileges"]))
-
-    def __role_success__(role):
-        return oauth2_get("auth/group/privileges").either(
-            lambda err: __render_error__(
-                group_role=group_role,
-                group_privileges_error=process_error(err)),
-            lambda privileges: __gprivs_success__(role, privileges))
-
-    return oauth2_get(f"auth/group/role/{group_role_id}").either(
-        lambda err: __render_error__(group_role_error=process_error(err)),
-        __role_success__)
 
 def add_delete_privilege_to_role(
         group_role_id: uuid.UUID, direction: str) -> Response:
diff --git a/gn2/wqflask/oauth2/roles.py b/gn2/wqflask/oauth2/roles.py
index b0f990c7..2a21670e 100644
--- a/gn2/wqflask/oauth2/roles.py
+++ b/gn2/wqflask/oauth2/roles.py
@@ -21,59 +21,3 @@ def role(role_id: uuid.UUID):
     return oauth2_get(f"auth/role/view/{role_id}").either(
         request_error, __success__)
 
-@roles.route("/create", methods=["GET", "POST"])
-@require_oauth2
-def create_role():
-    """Create a new role."""
-    def __roles_error__(error):
-        return render_ui(
-            "oauth2/create-role.html", roles_error=process_error(error))
-
-    def __gprivs_error__(roles, error):
-        return render_ui(
-            "oauth2/create-role.html", roles=roles,
-            group_privileges_error=process_error(error))
-
-    def __success__(roles, gprivs):
-        uprivs = tuple(
-            privilege["privilege_id"] for role in roles
-            for privilege in role["privileges"])
-        return render_ui(
-            "oauth2/create-role.html", roles=roles, user_privileges=uprivs,
-            group_privileges=gprivs,
-            prev_role_name=request.args.get("role_name"))
-
-    def __fetch_gprivs__(roles):
-        return oauth2_get("auth/group/privileges").either(
-            lambda err: __gprivs_error__(roles, err),
-            lambda gprivs: __success__(roles, gprivs))
-
-    if request.method == "GET":
-        return oauth2_get("auth/user/roles").either(
-            __roles_error__, __fetch_gprivs__)
-
-    form = request.form
-    role_name = form.get("role_name")
-    privileges = form.getlist("privileges[]")
-    if len(privileges) == 0:
-        flash("You must assign at least one privilege to the role",
-              "alert-danger")
-        return redirect(url_for(
-            "oauth2.role.create_role", role_name=role_name))
-    def __create_error__(error):
-        err = process_error(error)
-        flash(f"{err['error']}: {err['error_description']}",
-              "alert-danger")
-        return redirect(url_for("oauth2.role.create_role"))
-    def __create_success__(*args):
-        flash("Role created successfully.", "alert-success")
-        return redirect(url_for("oauth2.role.user_roles"))
-
-    raise DeprecationWarning(
-        f"The `{__name__}.create_role(…)` function, as is currently, can "
-        "lead to unbounded privilege escalation. See "
-        "https://issues.genenetwork.org/issues/gn-auth/problems-with-roles")
-    # return oauth2_post(
-    #     "auth/group/role/create",data={
-    #         "role_name": role_name, "privileges[]": privileges}).either(
-    #     __create_error__,__create_success__)

 

generated by cgit-pink 1.4.1 (git 2.36.1) at 2026-02-01 14:46:49 +0000