From 0ae167297ed0f9a2fc6b3d1b4c6293901fe01f6a Mon Sep 17 00:00:00 2001
From: Frederick Muriuki Muriithi
Date: Sat, 28 Jan 2023 03:21:26 +0300
Subject: oauth2: List the user roles. View a particular role's details.

---
 wqflask/wqflask/oauth2/routes.py                   | 11 ++++-
 wqflask/wqflask/templates/oauth2/list_roles.html   | 31 ++++++++++++++
 .../wqflask/templates/oauth2/request_error.html    |  9 ++--
 wqflask/wqflask/templates/oauth2/role.html         | 48 ++++++++++++++++++++++
 wqflask/wqflask/templates/oauth2/roles.html        | 26 ------------
 5 files changed, 95 insertions(+), 30 deletions(-)
 create mode 100644 wqflask/wqflask/templates/oauth2/list_roles.html
 create mode 100644 wqflask/wqflask/templates/oauth2/role.html
 delete mode 100644 wqflask/wqflask/templates/oauth2/roles.html
diff --git a/wqflask/wqflask/oauth2/routes.py b/wqflask/wqflask/oauth2/routes.py
index ad0c080e..6fed4064 100644
--- a/wqflask/wqflask/oauth2/routes.py
+++ b/wqflask/wqflask/oauth2/routes.py
@@ -1,4 +1,5 @@
 """Routes for the OAuth2 auth system in GN3"""
+import uuid
 import requests
 from typing import Optional
 from urllib.parse import urljoin
@@ -239,7 +240,7 @@ def user_resources():
 @oauth2.route("/user-roles", methods=["GET"])
 def user_roles():
     def __success__(roles):
-        return render_template("oauth2/roles.html", roles=roles)
+        return render_template("oauth2/list_roles.html", roles=roles)
 
     return oauth2_get("oauth2/user-roles").either(
         __request_error__, __success__)
@@ -251,3 +252,11 @@ def user_group():
 
     return oauth2_get("oauth2/user-group").either(
         __request_error__, __success__)
+
+@oauth2.route("/role/<uuid:role_id>", methods=["GET"])
+def role(role_id: uuid.UUID):
+    def __success__(the_role):
+        return render_template("oauth2/role.html", role=the_role)
+
+    return oauth2_get(f"oauth2/role/{role_id}").either(
+        __request_error__, __success__)
diff --git a/wqflask/wqflask/templates/oauth2/list_roles.html b/wqflask/wqflask/templates/oauth2/list_roles.html
new file mode 100644
index 00000000..25763ec1
--- /dev/null
+++ b/wqflask/wqflask/templates/oauth2/list_roles.html
@@ -0,0 +1,31 @@
+{%extends "base.html"%}
+{%from "oauth2/profile_nav.html" import profile_nav%}
+{%block title%}View User{%endblock%}
+{%block content%}
+<div class="container" style="min-width: 1250px;">
+  {{profile_nav("roles")}}
+  <h3>Roles</h3>
+
+  {{flash_me()}}
+
+  <div class="container-fluid">
+    <div class="row">
+      <ul>
+	{%for role in roles %}
+	<li>
+	  <a href="{{url_for('oauth2.role', role_id=role.role_id)}}"
+	     title="Link to role {{role.role_name}}">{{role.role_name}}</a>
+	</li>
+	{%else%}
+	<li>
+	  <span class="glyphicon glyphicon-warning-sign"></span>&nbsp;
+	  <span class="text-warning">No roles attached to this user</span>
+	</li>
+	{%endfor%}
+      </ul>
+    </div>
+
+  </div>
+
+</div>
+{%endblock%}
diff --git a/wqflask/wqflask/templates/oauth2/request_error.html b/wqflask/wqflask/templates/oauth2/request_error.html
index 35842e68..f39b096d 100644
--- a/wqflask/wqflask/templates/oauth2/request_error.html
+++ b/wqflask/wqflask/templates/oauth2/request_error.html
@@ -8,8 +8,6 @@
 
   {{flash_me()}}
 
-  {{response}}
-
   <div class="container-fluid">
 
     <div class="row">
@@ -21,7 +19,12 @@
 	<dd>{{response.url}}</dd>
 
 	<dt>Content Type</dt>
-	<dd>{{response.content_type}}</dd>
+	<dd>{{response.content_type or "-"}}</dd>
+
+	{%if response.json()%}
+	<dt>{{response.json().get("error")}}</dt>
+	<dd>{{response.json().get("error_description")}}</dd>
+	{%endif%}
       </dl>
     </div>
 
diff --git a/wqflask/wqflask/templates/oauth2/role.html b/wqflask/wqflask/templates/oauth2/role.html
new file mode 100644
index 00000000..52bb772d
--- /dev/null
+++ b/wqflask/wqflask/templates/oauth2/role.html
@@ -0,0 +1,48 @@
+{%extends "base.html"%}
+{%from "oauth2/profile_nav.html" import profile_nav%}
+{%block title%}View User{%endblock%}
+{%block content%}
+<div class="container" style="min-width: 1250px;">
+  {{profile_nav("roles")}}
+  <h3>Role: {{role.role_name}}</h3>
+
+  {{flash_me()}}
+
+  <div class="container-fluid">
+    <div class="row">
+      <div class="panel panel-info">
+	<div class="panel-heading">
+	  <strong>{{role.role_name}}</strong>
+	</div>
+	<div class="panel-body">
+	  <table class="table">
+	    <thead>
+	      <tr><th>privilege id</th><th>description</th></tr>
+	    </thead>
+	    <tbody>
+	      {%for privilege in role.privileges:%}
+	      <tr>
+		<td>{{privilege.privilege_id}}</td>
+		<td>{{privilege.privilege_description}}</td>
+	      </tr>
+	      {%else%}
+	      <tr>
+		<td>
+		  <span class="glyphicon glyphicon-warning-sign text-warning"></span>
+		  &nbsp;
+		</td>
+		<td>
+		  <span class="text-warning">No privileges found for this role.</span>
+		</td>
+	      </tr>
+	      {%endfor%}
+	    </tbody>
+	  </table>
+	</div>
+      </div>
+    </div>
+
+  </div>
+
+</div>
+{%endblock%}
diff --git a/wqflask/wqflask/templates/oauth2/roles.html b/wqflask/wqflask/templates/oauth2/roles.html
deleted file mode 100644
index 5086ed39..00000000
--- a/wqflask/wqflask/templates/oauth2/roles.html
+++ /dev/null
@@ -1,26 +0,0 @@
-{%extends "base.html"%}
-{%from "oauth2/profile_nav.html" import profile_nav%}
-{%block title%}View User{%endblock%}
-{%block content%}
-<div class="container" style="min-width: 1250px;">
-  {{profile_nav("roles")}}
-  <h3>Roles</h3>
-
-  {{flash_me()}}
-
-  <div class="container-fluid">
-    <div class="row">
-      {%for role in roles %}
-      {{role}}
-      {%else%}
-      <p>
-	<span class="glyphicon glyphicon-warning-sign"></span>&nbsp;
-	<span class="text-warning">No roles attached to this user</span>
-      </p>
-      {%endfor%}
-    </div>
-
-  </div>
-
-</div>
-{%endblock%}
-- 
cgit v1.2.3


privilege id	description
{{privilege.privilege_id}}	{{privilege.privilege_description}}
+ + +	+ No privileges found for this role. +