aboutsummaryrefslogtreecommitdiff
path: root/wqflask
diff options
context:
space:
mode:
authorFrederick Muriuki Muriithi2023-03-06 14:59:30 +0300
committerFrederick Muriuki Muriithi2023-03-06 14:59:30 +0300
commit98602d24c64ffafe2c4af150236b72f77709f8de (patch)
tree2de0de98ba481506fe4b344074b64a50def804fb /wqflask
parent52956c15c9c7dcb631b55f75d77786b52d4f631b (diff)
downloadgenenetwork2-98602d24c64ffafe2c4af150236b72f77709f8de.tar.gz
oauth2: resources: assign role to user on resource.
Diffstat (limited to 'wqflask')
-rw-r--r--wqflask/wqflask/oauth2/resources.py63
-rw-r--r--wqflask/wqflask/templates/oauth2/view-resource.html46
2 files changed, 105 insertions, 4 deletions
diff --git a/wqflask/wqflask/oauth2/resources.py b/wqflask/wqflask/oauth2/resources.py
index be0cb475..e3501835 100644
--- a/wqflask/wqflask/oauth2/resources.py
+++ b/wqflask/wqflask/oauth2/resources.py
@@ -1,6 +1,7 @@
import uuid
-from flask import flash, request, url_for, redirect, Blueprint, render_template
+from flask import (
+ flash, request, url_for, redirect, Response, Blueprint, render_template)
from .checks import require_oauth2
from .client import oauth2_get, oauth2_post
@@ -51,11 +52,34 @@ def create_resource():
@require_oauth2
def view_resource(resource_id: uuid.UUID):
"""View the given resource."""
- def __this_user_success__(resource, unlinked_data, users_n_roles, user):
+ def __users_success__(
+ resource, unlinked_data, users_n_roles, this_user, group_roles,
+ users):
return render_template(
"oauth2/view-resource.html", resource=resource,
unlinked_data=unlinked_data, users_n_roles=users_n_roles,
- this_user=user)
+ this_user=this_user, group_roles=group_roles, users=users)
+
+ def __group_roles_success__(
+ resource, unlinked_data, users_n_roles, this_user, group_roles):
+ return oauth2_get("oauth2/user/list").either(
+ lambda err: render_template(
+ "oauth2/view-resource.html", resource=resource,
+ unlinked_data=unlinked_data, users_n_roles=users_n_roles,
+ this_user=this_user, group_roles=group_roles,
+ users_error=process_error(err)),
+ lambda users: __users_success__(
+ resource, unlinked_data, users_n_roles, this_user, group_roles,
+ users))
+
+ def __this_user_success__(resource, unlinked_data, users_n_roles, this_user):
+ return oauth2_get("oauth2/group/roles").either(
+ lambda err: render_template(
+ "oauth2/view-resources.html", resource=resource,
+ unlinked_data=unlinked_data, users_n_roles=users_n_roles,
+ this_user=this_user, group_roles_error=process_error(err)),
+ lambda groles: __group_roles_success__(
+ resource, unlinked_data, users_n_roles, this_user, groles))
def __users_n_roles_success__(resource, unlinked_data, users_n_roles):
return oauth2_get("oauth2/user").either(
@@ -66,7 +90,7 @@ def view_resource(resource_id: uuid.UUID):
resource, unlinked_data, users_n_roles, usr_dets))
def __unlinked_success__(resource, unlinked_data):
- return oauth2_get(f"oauth2/resource/{resource_id}/users").either(
+ return oauth2_get(f"oauth2/resource/{resource_id}/user/list").either(
lambda err: render_template(
"oauth2/view-resource.html", resource=resource,
unlinked_data=unlinked_data,
@@ -149,6 +173,37 @@ def unlink_data_from_resource():
return redirect(url_for(
"oauth2.resource.view_resource", resource_id=form["resource_id"]))
+@resources.route("<uuid:resource_id>/user/assign", methods=["POST"])
+@require_oauth2
+def assign_role(resource_id: uuid.UUID) -> Response:
+ form = request.form
+ group_role_id = form.get("group_role_id", "")
+ user_email = form.get("user_email", "")
+ try:
+ assert bool(group_role_id), "The role must be provided."
+ assert bool(user_email), "The user email must be provided."
+
+ def __assign_error__(error):
+ err = process_error(error)
+ flash(f"{err['error']}: {err['error_description']}", "alert-danger")
+ return redirect(url_for(
+ "oauth2.resource.view_resource", resource_id=resource_id))
+
+ def __assign_success__(success):
+ flash(success["description"], "alert-success")
+ return redirect(url_for(
+ "oauth2.resource.view_resource", resource_id=resource_id))
+
+ return oauth2_post(
+ f"oauth2/resource/{resource_id}/user/assign",
+ data={
+ "group_role_id": group_role_id,
+ "user_email": user_email
+ }).either(__assign_error__, __assign_success__)
+ except AssertionError as aserr:
+ flash(aserr.args[0], "alert-danger")
+ return redirect(url_for("oauth2.resources.view_resource", resource_id=resource_id))
+
@resources.route("/edit/<uuid:resource_id>", methods=["GET"])
@require_oauth2
def edit_resource(resource_id: uuid.UUID):
diff --git a/wqflask/wqflask/templates/oauth2/view-resource.html b/wqflask/wqflask/templates/oauth2/view-resource.html
index e8a3d8cb..6563d2fa 100644
--- a/wqflask/wqflask/templates/oauth2/view-resource.html
+++ b/wqflask/wqflask/templates/oauth2/view-resource.html
@@ -206,6 +206,52 @@
{%endif%}
</div>
+ <div class="row">
+ <h3>Assign</h3>
+ {%if group_roles_error is defined%}
+ {{display_error("Group Roles", group_roles_error)}}
+ {%elif users_error is defined%}
+ {{display_error("Users", users_error)}}
+ {%else%}
+ <form action="{{url_for(
+ 'oauth2.resource.assign_role',
+ resource_id=resource.resource_id)}}"
+ method="POST" autocomplete="off">
+ <input type="hidden" name="resource_id" value="{{resource_id}}" />
+ <div class="form-group">
+ <label for="group_role_id" class="form-label">Role</label>
+ <select class="form-control" name="group_role_id"
+ id="group_role_id" required="required">
+ <option value="">Select role</option>
+ {%for grole in group_roles%}
+ <option value="{{grole.group_role_id}}">
+ {{grole.role.role_name}}
+ </option>
+ {%endfor%}
+ </select>
+ </div>
+ <div class="form-group">
+ <label for="user-email" class="form-label">User Email</label>
+ <input list="users-list" name="user_email" class="form-control"
+ {%if users | length == 0%}
+ disabled="disabled"
+ {%endif%}
+ required="required" />
+ <datalist id="users-list">
+ {%for user in users%}
+ <option value="{{user.email}}">{{user.email}} - {{user.name}}</option>
+ {%endfor%}
+ </datalist>
+ </div>
+
+ <input type="submit" class="btn btn-primary" value="Assign"
+ {%if users | length == 0%}
+ disabled="disabled"
+ {%endif%} />
+ </form>
+ {%endif%}
+ </div>
+
</div>
</div>