adjust groups and users startup scripts to allow custom codename filter

This commit is contained in:
Les Begnaud 2019-12-05 09:41:11 -06:00 committed by Christian Mäder
parent 0574ffc571
commit 927a545f41
4 changed files with 52 additions and 21 deletions

View File

@ -7,10 +7,16 @@
# writers:
# users:
# - writer
## specify explicit permission codenames or codename filter functions and filters to match on
# permissions:
# - add_device
# - change_device
# - delete_device
# - add_virtualmachine
# - change_virtualmachine
# - delete_virtualmachine
# - codename__startswith:
# - add_
# - change_
# vm_managers:
# - codename__endswith:
# - _virtualmachine
# creators:
# - codename__startswith:
# - add_

View File

@ -4,10 +4,10 @@
# password: reader
# writer:
# password: writer
## specify explicit permission codenames or codename filter functions and filters to match on
# permissions:
# - add_device
# - change_device
# - delete_device
# - add_virtualmachine
# - change_virtualmachine
# - delete_virtualmachine
# - codename__startswith:
# - add_
# - change_

View File

@ -25,10 +25,23 @@ with file.open('r') as stream:
if user_details.get('api_token', 0):
Token.objects.create(user=user, key=user_details['api_token'])
user_permissions = user_details.get('permissions', [])
if user_permissions:
user.user_permissions.clear()
for permission_codename in user_details.get('permissions', []):
for permission in Permission.objects.filter(codename=permission_codename):
user.user_permissions.add(permission)
user.save()
yaml_permissions = user_details.get('permissions', [])
permission_object = user
if yaml_permissions:
permission_object.permissions.clear()
for yaml_permission in yaml_permissions:
if isinstance(yaml_permission,dict):
# assume this is the specific codename filter function instead of an exact codename
permission_codename_function = list(yaml_permission.keys())[0]
permission_codenames = yaml_permission[permission_codename_function]
else:
permission_codename_function = 'codename'
permission_codenames = list({yaml_permission})
# supports either one codename from the permissions list, or multiple codenames in a codename_function dict
for permission_codename in permission_codenames:
# supports non-unique permission codenames
for permission in eval('Permission.objects.filter(' + permission_codename_function + '=permission_codename)'):
permission_object.permissions.add(permission)
permission_object.save()

View File

@ -24,9 +24,21 @@ with file.open('r') as stream:
if user:
user.groups.add(group)
group_permissions = group_details.get('permissions', [])
if group_permissions:
group.permissions.clear()
for permission_codename in group_details.get('permissions', []):
for permission in Permission.objects.filter(codename=permission_codename):
group.permissions.add(permission)
yaml_permissions = group_details.get('permissions', [])
permission_object = group
if yaml_permissions:
permission_object.permissions.clear()
for yaml_permission in yaml_permissions:
if isinstance(yaml_permission,dict):
# assume this is the specific codename filter function instead of an exact codename
permission_codename_function = list(yaml_permission.keys())[0]
permission_codenames = yaml_permission[permission_codename_function]
else:
permission_codename_function = 'codename'
permission_codenames = list({yaml_permission})
# supports either one codename from the permissions list, or multiple codenames in a codename_function dict
for permission_codename in permission_codenames:
# supports non-unique permission codenames
for permission in eval('Permission.objects.filter(' + permission_codename_function + '=permission_codename)'):
permission_object.permissions.add(permission)