1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
|
# Copyright (C) 2023 Linaro Limited
#
# Author: RĂ©mi Duraffort <remi.duraffort@linaro.org>
#
# SPDX-License-Identifier: GPL-2.0-or-later
import xmlrpc
from django.contrib.auth.models import Group, Permission
from django.contrib.contenttypes.models import ContentType
from django.core.exceptions import ValidationError
from django.db import IntegrityError
from lava_scheduler_app.api import check_perm
from linaro_django_xmlrpc.models import ExposedV2API
class GroupsAPI(ExposedV2API):
@check_perm("auth.add_group")
def add(self, name):
try:
group = Group.objects.create(name=name)
except (IntegrityError, ValidationError) as exc:
raise xmlrpc.client.Fault(400, "Bad request: group already exists?")
@check_perm("auth.change_group")
def delete(self, name):
try:
Group.objects.get(name=name).delete()
except Group.DoesNotExist:
raise xmlrpc.client.Fault(404, "Bad request: group does not exists")
@check_perm("auth.view_group")
def list(self):
return [g.name for g in Group.objects.all().order_by("name")]
@check_perm("auth.view_group")
def show(self, name):
try:
group = Group.objects.get(name=name)
return {
"id": group.id,
"name": group.name,
"permissions": [
f"{p.content_type.app_label}.{p.content_type.model}.{p.codename}"
for p in group.permissions.all()
],
"users": [u.username for u in group.user_set.all()],
}
except Group.DoesNotExist:
raise xmlrpc.client.Fault(404, "Group '%s' was not found." % name)
class GroupsPermissionsAPI(ExposedV2API):
@check_perm("auth.change_group")
def add(self, name, app, model, codename):
try:
group = Group.objects.get(name=name)
except Group.DoesNotExist:
raise xmlrpc.client.Fault(404, "Group '%s' was not found." % name)
try:
ct = ContentType.objects.get(app_label=app, model=model)
except ContentType.DoesNotExist:
raise xmlrpc.client.Fault(404, "Invalid app.model '%s.%s'" % (app, model))
try:
perm = Permission.objects.get(content_type=ct, codename=codename)
except Permission.DoesNotExist:
raise xmlrpc.client.Fault(404, "Invalid permission '%s'" % (codename))
group.permissions.add(perm)
@check_perm("auth.view_group")
def list(self, name):
try:
group = Group.objects.get(name=name)
except Group.DoesNotExist:
raise xmlrpc.client.Fault(404, "Group '%s' was not found." % name)
return [
{
"app": p.content_type.app_label,
"model": p.content_type.model,
"codename": p.codename,
}
for p in group.permissions.all()
]
@check_perm("auth.change_group")
def delete(self, name, app, model, codename):
try:
group = Group.objects.get(name=name)
except Group.DoesNotExist:
raise xmlrpc.client.Fault(404, "Group '%s' was not found." % name)
try:
ct = ContentType.objects.get(app_label=app, model=model)
except ContentType.DoesNotExist:
raise xmlrpc.client.Fault(404, "Invalid app.model '%s.%s'" % (app, model))
try:
perm = Permission.objects.get(content_type=ct, codename=codename)
except Permission.DoesNotExist:
raise xmlrpc.client.Fault(404, "Invalid permission '%s'" % (codename))
group.permissions.remove(perm)
|
