diff options
| -rw-r--r-- | gn2/wqflask/oauth2/resources.py | 35 | ||||
| -rw-r--r-- | gn2/wqflask/templates/oauth2/view-resource-role.html | 98 | ||||
| -rw-r--r-- | gn2/wqflask/templates/oauth2/view-resource.html | 6 |
3 files changed, 138 insertions, 1 deletions
diff --git a/gn2/wqflask/oauth2/resources.py b/gn2/wqflask/oauth2/resources.py index 42fdae37..70b49375 100644 --- a/gn2/wqflask/oauth2/resources.py +++ b/gn2/wqflask/oauth2/resources.py @@ -296,3 +296,38 @@ def edit_resource(resource_id: uuid.UUID): def delete_resource(resource_id: uuid.UUID): """Delete the given resource.""" return "WOULD DELETE THE GIVEN RESOURCE" + +@resources.route("/<uuid:resource_id>/role/<uuid:role_id>", methods=["GET"]) +@require_oauth2 +def view_resource_role(resource_id: uuid.UUID, role_id: uuid.UUID): + """View resource role page.""" + def __render_template__(**kwargs): + return render_ui("oauth2/view-resource-role.html", **kwargs) + + def __fetch_all_roles__(resource, role): + return oauth2_get(f"auth/resource/{resource_id}/roles").either( + lambda error: __render_template__( + all_roles_error=process_error(error)), + lambda all_roles: __render_template__( + resource=resource, + role=role, + unassigned_privileges=[ + priv for role in all_roles + for priv in role["privileges"] + if priv not in role["privileges"] + ])) + + def __fetch_resource_role__(resource): + return oauth2_get( + f"auth/resource/{resource_id}/role/{role_id}").either( + lambda error: __render_template__( + resource=resource, + role_id=role_id, + role_error=process_error(error)), + lambda role: __fetch_all_roles__(resource, role)) + + return oauth2_get( + f"auth/resource/view/{resource_id}").either( + lambda error: __render_template__( + resource_error=process_error(error)), + lambda resource: __fetch_resource_role__(resource=resource)) diff --git a/gn2/wqflask/templates/oauth2/view-resource-role.html b/gn2/wqflask/templates/oauth2/view-resource-role.html new file mode 100644 index 00000000..05df41d6 --- /dev/null +++ b/gn2/wqflask/templates/oauth2/view-resource-role.html @@ -0,0 +1,98 @@ +{%extends "base.html"%} +{%from "oauth2/profile_nav.html" import profile_nav%} +{%from "oauth2/display_error.html" import display_error%} +{%block title%}View User{%endblock%} +{%block content%} + +{%macro unassign_button(resource_id, role_id, privilege_id)%} +<form method="POST" + action="#" + id="frm_unlink_privilege_{{privilege_id}}"> + <input type="hidden" name="resource_id" value="{{resource_id}}" /> + <input type="hidden" name="role_id" value="{{role_id}}" /> + <input type="hidden" name="privilege_id" value="{{privilege_id}}" /> + <input type="submit" value="Unassign" class="btn btn-danger" /> +</form> +{%endmacro%} + +<div class="container"> + {{profile_nav(uipages, user_privileges)}} + {%if resource_error is defined%} + {{display_error("Resource", resource_error)}} + {%else%} + <h3>Role for Resource '{{resource.resource_name}}'</h3> + {%if role_error is defined%} + {{display_error("Role", role_error)}} + {%else%} + <table class="table"> + <caption>Role '{{role.role_name}}' for resource '{{resource.resource_name}}'</caption> + <thead> + <tr> + <th>Role Name</th> + <th>Privilege</th> + <th>Action</th> + </tr> + </thead> + + <tbody> + {%for priv in role.privileges%} + {%if loop.index0 == 0%} + <tr> + <td rowspan="{{role.privileges | length}}" + style="text-align: center;vertical-align: middle;"> + {{role.role_name}}</td> + <td>{{priv.privilege_description}}</td> + <td>{{unassign_button(resource.resource_id, role.role_id, priv.privilege_id)}}</td> + </tr> + {%else%} + <tr> + <td>{{priv.privilege_description}}</td> + <td>{{unassign_button(resource.resource_id, role.role_id, priv.privilege_id)}}</td> + </tr> + {%endif%} + {%else%} + <tr> + <td colspan="3"> + <p class="text-info"> + <strong>{{title}}</strong>: + <span class="glyphicon glyphicon-info-sign text-info"></span> + + This role has no privileges. + </p> + </td> + </tr> + {%endfor%} + </tbody> + </table> + + <form id="frm_assign_privileges" method="POST" action="#"> + <input type="hidden" name="resource_id" value="{{resource_id}}" /> + <input type="hidden" name="role_id" value="{{role_id}}" /> + {%if unassigned_privileges | length == 0%} + <p class="text-info"> + <strong>{{title}}</strong>: + <span class="glyphicon glyphicon-info-sign text-info"></span> + + There are no more privileges left to assign. + </p> + {%else%} + <fieldset> + <legend>Select privileges to assign to this role</legend> + {%for priv in unassigned_privileges%} + <div class="checkbox"> + <label for="rdo_{{priv.privilege_id}}"> + <input type="checkbox" value="{{priv.privilege_id}}" /> + {{priv.privilege_description}} + </label> + </div> + {%endfor%} + </fieldset> + + <input type="submit" class="btn btn-primary" value="Assign" /> + {%endif%} + </form> + {%endif%} + {%endif%} +</div> + +{%endblock%} diff --git a/gn2/wqflask/templates/oauth2/view-resource.html b/gn2/wqflask/templates/oauth2/view-resource.html index 451bfbd7..25cac6ff 100644 --- a/gn2/wqflask/templates/oauth2/view-resource.html +++ b/gn2/wqflask/templates/oauth2/view-resource.html @@ -237,7 +237,11 @@ <h3>Available Resource Roles</h3> <div class="resource_roles"> {%for role in resource_roles%} - <a class="pill" href="#" title="Role page for role named '{{role.role_name}}'"> + <a class="pill" + href="{{url_for('oauth2.resource.view_resource_role', + resource_id=resource.resource_id, + role_id=role.role_id)}}" + title="Role page for role named '{{role.role_name}}'"> {{role.role_name}} </a> {%endfor%} |