adjust groups and users startup scripts to allow custom codename filter
This commit is contained in:
Les Begnaud
Christian Mäder
parent
0574ffc571
commit
927a545f41
@ -7,10 +7,16 @@
|
|||||||
# writers:
|
# writers:
|
||||||
# users:
|
# users:
|
||||||
# - writer
|
# - writer
|
||||||
|
## specify explicit permission codenames or codename filter functions and filters to match on
|
||||||
# permissions:
|
# permissions:
|
||||||
# - add_device
|
|
||||||
# - change_device
|
|
||||||
# - delete_device
|
# - delete_device
|
||||||
# - add_virtualmachine
|
|
||||||
# - change_virtualmachine
|
|
||||||
# - delete_virtualmachine
|
# - delete_virtualmachine
|
||||||
|
# - codename__startswith:
|
||||||
|
# - add_
|
||||||
|
# - change_
|
||||||
|
# vm_managers:
|
||||||
|
# - codename__endswith:
|
||||||
|
# - _virtualmachine
|
||||||
|
# creators:
|
||||||
|
# - codename__startswith:
|
||||||
|
# - add_
|
||||||
|
|||||||
@ -4,10 +4,10 @@
|
|||||||
# password: reader
|
# password: reader
|
||||||
# writer:
|
# writer:
|
||||||
# password: writer
|
# password: writer
|
||||||
|
## specify explicit permission codenames or codename filter functions and filters to match on
|
||||||
# permissions:
|
# permissions:
|
||||||
# - add_device
|
|
||||||
# - change_device
|
|
||||||
# - delete_device
|
# - delete_device
|
||||||
# - add_virtualmachine
|
|
||||||
# - change_virtualmachine
|
|
||||||
# - delete_virtualmachine
|
# - delete_virtualmachine
|
||||||
|
# - codename__startswith:
|
||||||
|
# - add_
|
||||||
|
# - change_
|
||||||
|
|||||||
@ -25,10 +25,23 @@ with file.open('r') as stream:
|
|||||||
if user_details.get('api_token', 0):
|
if user_details.get('api_token', 0):
|
||||||
Token.objects.create(user=user, key=user_details['api_token'])
|
Token.objects.create(user=user, key=user_details['api_token'])
|
||||||
|
|
||||||
user_permissions = user_details.get('permissions', [])
|
yaml_permissions = user_details.get('permissions', [])
|
||||||
if user_permissions:
|
permission_object = user
|
||||||
user.user_permissions.clear()
|
if yaml_permissions:
|
||||||
for permission_codename in user_details.get('permissions', []):
|
permission_object.permissions.clear()
|
||||||
for permission in Permission.objects.filter(codename=permission_codename):
|
for yaml_permission in yaml_permissions:
|
||||||
user.user_permissions.add(permission)
|
if isinstance(yaml_permission,dict):
|
||||||
user.save()
|
# assume this is the specific codename filter function instead of an exact codename
|
||||||
|
permission_codename_function = list(yaml_permission.keys())[0]
|
||||||
|
permission_codenames = yaml_permission[permission_codename_function]
|
||||||
|
else:
|
||||||
|
permission_codename_function = 'codename'
|
||||||
|
permission_codenames = list({yaml_permission})
|
||||||
|
|
||||||
|
# supports either one codename from the permissions list, or multiple codenames in a codename_function dict
|
||||||
|
for permission_codename in permission_codenames:
|
||||||
|
# supports non-unique permission codenames
|
||||||
|
for permission in eval('Permission.objects.filter(' + permission_codename_function + '=permission_codename)'):
|
||||||
|
permission_object.permissions.add(permission)
|
||||||
|
|
||||||
|
permission_object.save()
|
||||||
|
|||||||
@ -24,9 +24,21 @@ with file.open('r') as stream:
|
|||||||
if user:
|
if user:
|
||||||
user.groups.add(group)
|
user.groups.add(group)
|
||||||
|
|
||||||
group_permissions = group_details.get('permissions', [])
|
yaml_permissions = group_details.get('permissions', [])
|
||||||
if group_permissions:
|
permission_object = group
|
||||||
group.permissions.clear()
|
if yaml_permissions:
|
||||||
for permission_codename in group_details.get('permissions', []):
|
permission_object.permissions.clear()
|
||||||
for permission in Permission.objects.filter(codename=permission_codename):
|
for yaml_permission in yaml_permissions:
|
||||||
group.permissions.add(permission)
|
if isinstance(yaml_permission,dict):
|
||||||
|
# assume this is the specific codename filter function instead of an exact codename
|
||||||
|
permission_codename_function = list(yaml_permission.keys())[0]
|
||||||
|
permission_codenames = yaml_permission[permission_codename_function]
|
||||||
|
else:
|
||||||
|
permission_codename_function = 'codename'
|
||||||
|
permission_codenames = list({yaml_permission})
|
||||||
|
|
||||||
|
# supports either one codename from the permissions list, or multiple codenames in a codename_function dict
|
||||||
|
for permission_codename in permission_codenames:
|
||||||
|
# supports non-unique permission codenames
|
||||||
|
for permission in eval('Permission.objects.filter(' + permission_codename_function + '=permission_codename)'):
|
||||||
|
permission_object.permissions.add(permission)
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user