aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--gn2/wqflask/oauth2/resources.py35
-rw-r--r--gn2/wqflask/templates/oauth2/view-resource-role.html98
-rw-r--r--gn2/wqflask/templates/oauth2/view-resource.html6
3 files changed, 138 insertions, 1 deletions
diff --git a/gn2/wqflask/oauth2/resources.py b/gn2/wqflask/oauth2/resources.py
index 42fdae37..70b49375 100644
--- a/gn2/wqflask/oauth2/resources.py
+++ b/gn2/wqflask/oauth2/resources.py
@@ -296,3 +296,38 @@ def edit_resource(resource_id: uuid.UUID):
def delete_resource(resource_id: uuid.UUID):
"""Delete the given resource."""
return "WOULD DELETE THE GIVEN RESOURCE"
+
+@resources.route("/<uuid:resource_id>/role/<uuid:role_id>", methods=["GET"])
+@require_oauth2
+def view_resource_role(resource_id: uuid.UUID, role_id: uuid.UUID):
+ """View resource role page."""
+ def __render_template__(**kwargs):
+ return render_ui("oauth2/view-resource-role.html", **kwargs)
+
+ def __fetch_all_roles__(resource, role):
+ return oauth2_get(f"auth/resource/{resource_id}/roles").either(
+ lambda error: __render_template__(
+ all_roles_error=process_error(error)),
+ lambda all_roles: __render_template__(
+ resource=resource,
+ role=role,
+ unassigned_privileges=[
+ priv for role in all_roles
+ for priv in role["privileges"]
+ if priv not in role["privileges"]
+ ]))
+
+ def __fetch_resource_role__(resource):
+ return oauth2_get(
+ f"auth/resource/{resource_id}/role/{role_id}").either(
+ lambda error: __render_template__(
+ resource=resource,
+ role_id=role_id,
+ role_error=process_error(error)),
+ lambda role: __fetch_all_roles__(resource, role))
+
+ return oauth2_get(
+ f"auth/resource/view/{resource_id}").either(
+ lambda error: __render_template__(
+ resource_error=process_error(error)),
+ lambda resource: __fetch_resource_role__(resource=resource))
diff --git a/gn2/wqflask/templates/oauth2/view-resource-role.html b/gn2/wqflask/templates/oauth2/view-resource-role.html
new file mode 100644
index 00000000..05df41d6
--- /dev/null
+++ b/gn2/wqflask/templates/oauth2/view-resource-role.html
@@ -0,0 +1,98 @@
+{%extends "base.html"%}
+{%from "oauth2/profile_nav.html" import profile_nav%}
+{%from "oauth2/display_error.html" import display_error%}
+{%block title%}View User{%endblock%}
+{%block content%}
+
+{%macro unassign_button(resource_id, role_id, privilege_id)%}
+<form method="POST"
+ action="#"
+ id="frm_unlink_privilege_{{privilege_id}}">
+ <input type="hidden" name="resource_id" value="{{resource_id}}" />
+ <input type="hidden" name="role_id" value="{{role_id}}" />
+ <input type="hidden" name="privilege_id" value="{{privilege_id}}" />
+ <input type="submit" value="Unassign" class="btn btn-danger" />
+</form>
+{%endmacro%}
+
+<div class="container">
+ {{profile_nav(uipages, user_privileges)}}
+ {%if resource_error is defined%}
+ {{display_error("Resource", resource_error)}}
+ {%else%}
+ <h3>Role for Resource '{{resource.resource_name}}'</h3>
+ {%if role_error is defined%}
+ {{display_error("Role", role_error)}}
+ {%else%}
+ <table class="table">
+ <caption>Role '{{role.role_name}}' for resource '{{resource.resource_name}}'</caption>
+ <thead>
+ <tr>
+ <th>Role Name</th>
+ <th>Privilege</th>
+ <th>Action</th>
+ </tr>
+ </thead>
+
+ <tbody>
+ {%for priv in role.privileges%}
+ {%if loop.index0 == 0%}
+ <tr>
+ <td rowspan="{{role.privileges | length}}"
+ style="text-align: center;vertical-align: middle;">
+ {{role.role_name}}</td>
+ <td>{{priv.privilege_description}}</td>
+ <td>{{unassign_button(resource.resource_id, role.role_id, priv.privilege_id)}}</td>
+ </tr>
+ {%else%}
+ <tr>
+ <td>{{priv.privilege_description}}</td>
+ <td>{{unassign_button(resource.resource_id, role.role_id, priv.privilege_id)}}</td>
+ </tr>
+ {%endif%}
+ {%else%}
+ <tr>
+ <td colspan="3">
+ <p class="text-info">
+ <strong>{{title}}</strong>:
+ <span class="glyphicon glyphicon-info-sign text-info"></span>
+ &nbsp;
+ This role has no privileges.
+ </p>
+ </td>
+ </tr>
+ {%endfor%}
+ </tbody>
+ </table>
+
+ <form id="frm_assign_privileges" method="POST" action="#">
+ <input type="hidden" name="resource_id" value="{{resource_id}}" />
+ <input type="hidden" name="role_id" value="{{role_id}}" />
+ {%if unassigned_privileges | length == 0%}
+ <p class="text-info">
+ <strong>{{title}}</strong>:
+ <span class="glyphicon glyphicon-info-sign text-info"></span>
+ &nbsp;
+ There are no more privileges left to assign.
+ </p>
+ {%else%}
+ <fieldset>
+ <legend>Select privileges to assign to this role</legend>
+ {%for priv in unassigned_privileges%}
+ <div class="checkbox">
+ <label for="rdo_{{priv.privilege_id}}">
+ <input type="checkbox" value="{{priv.privilege_id}}" />
+ {{priv.privilege_description}}
+ </label>
+ </div>
+ {%endfor%}
+ </fieldset>
+
+ <input type="submit" class="btn btn-primary" value="Assign" />
+ {%endif%}
+ </form>
+ {%endif%}
+ {%endif%}
+</div>
+
+{%endblock%}
diff --git a/gn2/wqflask/templates/oauth2/view-resource.html b/gn2/wqflask/templates/oauth2/view-resource.html
index 451bfbd7..25cac6ff 100644
--- a/gn2/wqflask/templates/oauth2/view-resource.html
+++ b/gn2/wqflask/templates/oauth2/view-resource.html
@@ -237,7 +237,11 @@
<h3>Available Resource Roles</h3>
<div class="resource_roles">
{%for role in resource_roles%}
- <a class="pill" href="#" title="Role page for role named '{{role.role_name}}'">
+ <a class="pill"
+ href="{{url_for('oauth2.resource.view_resource_role',
+ resource_id=resource.resource_id,
+ role_id=role.role_id)}}"
+ title="Role page for role named '{{role.role_name}}'">
{{role.role_name}}
</a>
{%endfor%}