Commit 4648da41 authored by Matthieu Lamalle's avatar Matthieu Lamalle Committed by Lionel Morin
Browse files

Acl

parent 5ba57f2c
......@@ -38,7 +38,7 @@ RUN git clone "${CONTAINERPILOT_REPO_URL}" "/tmp/orchestrate" \
# API messages description
ARG MESSAGES_API_REPO_URL=https://gitlab.mim.ovh/EOLE/Zephir/messages-api.git
ARG MESSAGES_API_REPO_REF=0.0.5-dev
ARG MESSAGES_API_REPO_REF=0.0.6-dev
RUN git clone "${MESSAGES_API_REPO_URL}" "/tmp/messages-api" \
&& cd /tmp/messages-api \
......@@ -47,13 +47,12 @@ RUN git clone "${MESSAGES_API_REPO_URL}" "/tmp/messages-api" \
# Common python Zéphir library
ARG PYTHON_ZEPHIR_REPO_URL=https://gitlab.mim.ovh/EOLE/Zephir/python-zephir.git
ARG PYTHON_ZEPHIR_REPO_REF=0.0.2-dev
ARG PYTHON_ZEPHIR_REPO_REF=0.0.3-dev
RUN git clone "${PYTHON_ZEPHIR_REPO_URL}" "/tmp/python-zephir" \
&& cd /tmp/python-zephir \
&& git checkout "${PYTHON_ZEPHIR_REPO_REF}"
####
#### Target layer
####
......@@ -64,7 +63,7 @@ MAINTAINER Pôle EOLE <eole@ac-dijon.fr>
# Packages required for working service
ENV DEBIAN_FRONTEND=noninteractive
RUN apt-get update -y && apt-get install -y \
gnupg \
gnupg \
jq \
locales \
openssl \
......@@ -76,6 +75,7 @@ RUN apt-get update -y && apt-get install -y \
python3-psycopg2 \
python3-requests \
python3-yaml \
python3-pip \
sqitch \
tzdata
......@@ -95,6 +95,9 @@ ENV LC_ALL fr_FR.UTF-8
RUN ln -fs /usr/share/zoneinfo/Europe/Paris /etc/localtime
RUN dpkg-reconfigure --frontend noninteractive tzdata
RUN pip3 install casbin
# Sqitch
RUN sqitch config --user user.name 'Equipe EOLE'\
&& sqitch config --user user.email 'eole@ac-dijon.fr'
......@@ -115,6 +118,7 @@ COPY --from=build /tmp/orchestrate/${services_conf_filename}.ctmpl ${services_co
# Install libraries required by service
COPY --from=build /tmp/python-zephir/zephir /usr/lib/python3/dist-packages/zephir
COPY --from=build /tmp/python-zephir/acl /etc/acl
COPY --from=build /tmp/messages-api/messages /srv/messages
# Manage container with ContainerPilot
......@@ -133,3 +137,4 @@ COPY src/python/server /usr/lib/python3/dist-packages/server
RUN mkdir -p /srv/bin
COPY scripts/* /srv/bin/
COPY migrations /migrations
COPY acl/* /etc/acl/
\ No newline at end of file
[request_definition]
r = sub, obj, act
[policy_definition]
p = sub, obj, act
[role_definition]
g = _, _
[policy_effect]
e = some(where (p.eft == allow))
[matchers]
m = g(r.sub, p.sub) && r.obj == p.obj && r.act == p.act
\ No newline at end of file
p, admin, server/*, create
p, admin, server/*, describe
p, admin, server/*, delete
p, admin, server/*, update
p, admin, v1.server.create, allowed
p, admin, v1.server.update, allowed
p, admin, v1.server.delete, allowed
p, user, server/*, describe
p, admin, v1.serverselection.create, allowed
p, admin, v1.serverselection.update, allowed
p, admin, v1.serverselection.delete, allowed
p, admin, v1.serverselection.server.add, allowed
p, admin, v1.serverselection.server.remove, allowed
p, admin, v1.serverselection.user.add, allowed
p, admin, v1.serverselection.user.remove, allowed
p, admin, v1.serverselection.user.update, allowed
p, manager, v1.server.exec.deploy, allowed
p, manager, v1.server.exec.command, allowed
p, manager, v1.server.peering-conf.get, allowed
p, manager, v1.server.exec.list, allowed
p, manager, v1.server.exec.describe, allowed
p, manager, v1.serverselection.exec.deploy, allowed
p, manager, v1.serverselection.exec.command, allowed
p, viewer, v1.server.list, allowed
p, viewer, v1.server.describe, allowed
p, viewer, v1.server.config.get, allowed
p, viewer, v1.serverselection.list, allowed
p, viewer, v1.serverselection.describe, allowed
g, owner, admin
g, admin, manager
g, manager, viewer
......@@ -21,7 +21,7 @@ CREATE TABLE ServerSelection (
ServerSelectionId SERIAL PRIMARY KEY,
ServerSelectionName VARCHAR(255) NOT NULL,
ServerSelectionDescription VARCHAR(255) NOT NULL,
ServerSelectionServersId INTEGER [],
ServerSelectionServersId INTEGER [] DEFAULT '{}',
ServerSelectionUsers hstore,
Dynamique BOOLEAN NOT NULL,
Requete VARCHAR(255)
......
......@@ -22,7 +22,7 @@ from server.serverselection.lib import ServerSelection
from server.serverselection.error import (ServerSelectionError,
ServerSelectionErrorDatabaseNotAvailable,
ServerSelectionErrorDbConnection,
ServerSelectionErrorInvalidServerSelectionId,
ServerSelectionErrorInvalidServerSelectionId,
ServerSelectionErrorServerSelectionNameNotProvided,
ServerSelectionErrorUnknownServerSelectionId,
ServerSelectionErrorDuplicateServerSelectionName,
......@@ -43,11 +43,75 @@ class ServerRunner(ZephirCommonController):
self.serverselection = ServerSelection()
self.conn = None
# GET ROLE
def get_profil_for_server(self, cursor, uri, message_arguments):
if 'serverid' in message_arguments:
server_id = message_arguments['serverid']
if 'server_id' in message_arguments:
server_id = message_arguments['server_id']
if '_session_user' not in message_arguments:
return 'root'
else:
profils = self._get_serverselection_user_server_role(cursor, server_id, message_arguments['_session_user']['username'])
for profil in profils:
if 'role' in profil:
role = profil['role']
if self.policy.enforce(role, uri, 'allowed'):
return role
return None
def get_profil_for_serverselection(self, cursor, uri, message_arguments):
serverselection_id = message_arguments['serverselectionid']
if '_session_user' not in message_arguments:
return 'root'
else:
if message_arguments['_session_user']['profil'] == 'root':
role = message_arguments['_session_user']['profil']
else:
profil = self._get_serverselection_user_role(cursor, serverselection_id, message_arguments['_session_user']['username'])
if not 'role' in profil:
return None
role = profil['role']
if self.policy.enforce(role, uri, 'allowed'):
return role
return None
def get_profil_for_all(self, cursor, uri, message_arguments):
server_ok = False
serverselection_ok = False
server_role = self.get_profil_for_server(cursor, uri, message_arguments)
if server_role is None :
return None
for role in server_role:
if self.policy.enforce(role, uri, 'allowed'):
server_ok = True
if not server_ok:
return None
serverselection_role = self.get_profil_for_serverselection(cursor, uri, message_arguments)
if serverselection_role is None :
return None
for role in serverselection_role:
if self.policy.enforce(role, uri, 'allowed'):
serverselection_ok = True
if not serverselection_ok:
return None
return role
@register_wamp('v1.server.list', notification_uri=None, database=True)
async def list_servers(self, cursor):
async def list_servers(self, cursor, _session_user):
try:
return self.server.list_servers(cursor)
if _session_user['profil'] == 'root':
return self.server.list_servers(cursor)
else:
ret = []
for server_id in self._list_user_servers(cursor, _session_user).get('serverselectionserversid', []):
ret.append(self._describe_server(cursor, server_id, False, False))
return ret
except ServerErrorDatabaseNotAvailable as err:
raise ApplicationError('server.error.database-not-available', reason=str(err))
......@@ -57,14 +121,16 @@ class ServerRunner(ZephirCommonController):
except ServerError as err:
raise ApplicationError('server.error', reason=str(err))
@register_wamp('v1.server.describe', notification_uri=None, database=True)
async def describe_server(self, cursor, serverid, configuration):
@register_wamp('v1.server.describe', notification_uri=None, database=True, profil_adapter='get_profil_for_server')
async def describe_server(self, cursor,_session_user, serverid, configuration):
return self._describe_server(cursor, serverid, configuration, True)
def _describe_server(self, cursor, serverid, configuration, environment):
try:
server = self.server.describe_server(cursor, serverid)
server = self.server.describe_server(cursor, serverid, environment)
if configuration:
server['configuration'] = serverid
return server
except ServerErrorDatabaseNotAvailable as err:
raise ApplicationError('server.error.database-not-available', reason=str(err))
except ServerErrorDbConnection as err:
......@@ -84,6 +150,7 @@ class ServerRunner(ZephirCommonController):
else:
return b'{}'
#FIXME a supprimer, cf server.describe avec configuration=True
@register_wamp('v1.server.config.get', notification_uri=None, database=True)
async def get_config(self, cursor, serverid):
return {'configuration': serverid}
......@@ -95,6 +162,7 @@ class ServerRunner(ZephirCommonController):
return json.dumps(values).encode()
else:
return b'{}'
#FIXME END
@register_wamp('v1.server.create', notification_uri='v1.server.created', database=True)
async def create_server(self, cursor, _session_user, servername, serverdescription, servermodelid, serverpassphrase):
......@@ -125,8 +193,8 @@ class ServerRunner(ZephirCommonController):
except ServerError as err:
raise ApplicationError('server.error', reason=str(err))
@register_wamp('v1.server.update', notification_uri='v1.server.updated', database=True)
async def update_server(self, cursor, serverid, servername, serverdescription):
@register_wamp('v1.server.update', notification_uri='v1.server.updated', database=True, profil_adapter='get_profil_for_server')
async def update_server(self, cursor, _session_user, serverid, servername, serverdescription):
try:
return self.server.update_server(cursor, serverid, servername, serverdescription)
......@@ -143,10 +211,11 @@ class ServerRunner(ZephirCommonController):
except ServerError as err:
raise ApplicationError('server.error', reason=str(err))
@register_wamp('v1.server.delete', notification_uri='v1.server.deleted', database=True)
async def delete_server(self, cursor, serverid):
@register_wamp('v1.server.delete', notification_uri='v1.server.deleted', database=True, profil_adapter='get_profil_for_server')
async def delete_server(self, cursor,_session_user, serverid):
try:
return self.server.delete_server(cursor, serverid)
except ServerErrorDatabaseNotAvailable as err:
raise ApplicationError('server.error.database-not-available', reason=str(err))
except ServerErrorDbConnection as err:
......@@ -158,11 +227,12 @@ class ServerRunner(ZephirCommonController):
except ServerError as err:
raise ApplicationError('server.error', reason=str(err))
@register_wamp('v1.server.peering-conf.get', notification_uri='v1.server.peering-conf.sent')
async def get_peering_conf(self, serverid):
@register_wamp('v1.server.peering-conf.get', notification_uri='v1.server.peering-conf.sent', database=True, profil_adapter='get_profil_for_server')
async def get_peering_conf(self, cursor, _session_user, serverid):
try:
secret = await self.call('v1.vault.secret.get', secretkey="{}_peeringconf".format(serverid))
return secret['secret']
except ServerErrorPeeringConfNotAvailable as err:
raise ApplicationError('server.error.peering-conf-not-available', reason=str(err))
except ServerError as err:
......@@ -188,11 +258,8 @@ class ServerRunner(ZephirCommonController):
raise ApplicationError('server.registering.error',
reason=str(err))
@register_wamp('v1.server.exec.command', notification_uri='v1.server.executed', database=True)
async def exec_cmd_on_server(self, cursor, server_id, command):
return await self._exec_cmd_on_server(cursor, server_id, command)
async def _exec_cmd_on_server(self, cursor, server_id, command):
@register_wamp('v1.server.exec.command', notification_uri='v1.server.executed', database=True, profil_adapter='get_profil_for_server')
async def exec_cmd_on_server(self, cursor,_session_user, server_id, command):
"""
Transfer command transmitted to automation (salt, ...)
"""
......@@ -230,8 +297,8 @@ class ServerRunner(ZephirCommonController):
dico['return'] = result['return']
return dico
@register_wamp('v1.server.exec.list', notification_uri=None, database=True)
async def exec_job_on_server(self, cursor, server_id):
@register_wamp('v1.server.exec.list', notification_uri=None, database=True, profil_adapter='get_profil_for_server')
async def exec_job_on_server(self, cursor,_session_user, server_id):
automation, automation_command = self.server.get_automation_command(cursor, server_id)
if automation == 'salt':
results = await self.call('v1.execution.salt.job.list',
......@@ -298,10 +365,10 @@ class ServerRunner(ZephirCommonController):
except ServerError as err:
raise ApplicationError('server.error', reason=str(err))
@register_wamp('v1.serverselection.list', notification_uri=None, database=True)
async def list_serverselections(self, cursor):
def _list_user_servers(self, cursor, _session_user):
try:
return self.serverselection.list_serverselections(cursor)
username = _session_user['username']
return self.serverselection.list_user_servers(cursor, username)
except ServerSelectionErrorDatabaseNotAvailable as err:
raise ApplicationError('serverselection.error.database_not_available', reason=str(err))
......@@ -310,49 +377,70 @@ class ServerRunner(ZephirCommonController):
except ServerSelectionError as err:
raise ApplicationError('serverselection.error', reason=str(err))
@register_wamp('v1.serverselection.describe', notification_uri=None, database=True)
async def describe_serverselection(self, cursor, serverselectionid):
@register_wamp('v1.serverselection.list', notification_uri=None, database=True)
async def list_serverselections(self, cursor, _session_user):
try:
return self.serverselection.describe_serverselection(cursor, serverselectionid)
if _session_user['profil'] == 'root':
return self.serverselection.list_serverselections(cursor)
else:
return self._list_user_serverselections(cursor, _session_user)
except ServerSelectionErrorDatabaseNotAvailable as err:
raise ApplicationError('serverselection.error.database_not_available', reason=str(err))
except ServerSelectionErrorDbConnection as err:
raise ApplicationError('serverselection.error.db-connection', reason=str(err))
except ServerSelectionErrorInvalidServerSelectionId as err:
raise ApplicationError('serverselection.error.invalid_server_id', reason=str(err))
except ServerSelectionErrorUnknownServerSelectionId as err:
raise ApplicationError('serverselection.error.unknown_server_id', reason=str(err))
except ServerSelectionError as err:
raise ApplicationError('serverselection.error', reason=str(err))
@register_wamp('v1.serverselection.user.list', notification_uri=None, database=True)
async def list_user_serverselections(self, cursor, _session_user):
return self._list_user_serverselections(cursor, _session_user)
def _list_user_serverselections(self, cursor, _session_user):
try:
serverselectionuser = _session_user['username']
return self.serverselection.list_user_serverselections(cursor, serverselectionuser)
username = _session_user['username']
return self.serverselection.list_user_serverselections(cursor, username)
except ServerSelectionErrorDatabaseNotAvailable as err:
raise ApplicationError('serverselection.error.database_not_available', reason=str(err))
except ServerSelectionErrorDbConnection as err:
raise ApplicationError('serverselection.error.db-connection', reason=str(err))
except ServerSelectionError as err:
raise ApplicationError('serverselection.error', reason=str(err))
@register_wamp('v1.serverselection.describe', notification_uri=None, database=True, profil_adapter='get_profil_for_serverselection')
async def describe_serverselection(self, cursor, _session_user, serverselectionid):
return self._describe_serverselection(cursor, _session_user, serverselectionid)
def _describe_serverselection(self, cursor, _session_user, serverselectionid):
try:
return self.serverselection.describe_serverselection(cursor, serverselectionid)
except ServerSelectionErrorDatabaseNotAvailable as err:
raise ApplicationError('serverselection.error.database_not_available', reason=str(err))
except ServerSelectionErrorDbConnection as err:
raise ApplicationError('serverselection.error.db-connection', reason=str(err))
except ServerSelectionErrorInvalidServerSelectionId as err:
raise ApplicationError('serverselection.error.invalid_server_id', reason=str(err))
except ServerSelectionErrorUnknownServerSelectionId as err:
raise ApplicationError('serverselection.error.unknown_server_id', reason=str(err))
except ServerSelectionError as err:
raise ApplicationError('serverselection.error', reason=str(err))
@register_wamp('v1.serverselection.user.default', notification_uri=None, database=True)
async def default_user_serverselection(self, cursor, _session_user):
return self._default_user_serverselection(cursor, _session_user)
def _default_user_serverselection(self, cursor, _session_user):
try:
serverselectionuser = _session_user['username']
return self.serverselection.default_user_serverselection(cursor, serverselectionuser)
username = _session_user['username']
return self.serverselection.default_user_serverselection(cursor, username)
except ServerSelectionEmptyRecordDatabaseError as err:
serverselectionname = serverselectionuser + "_DEFAULT"
serverselectiondescription = serverselectionuser + " server selection"
self.serverselection.create_serverselection(cursor, serverselectionname, serverselectiondescription, serverselectionuser)
return self.serverselection.default_user_serverselection(cursor, serverselectionuser)
serverselectionname = username + "_DEFAULT"
serverselectiondescription = username + " server selection"
self._create_default_user_serverselection(cursor, serverselectionname, serverselectiondescription, username)
return self.serverselection.default_user_serverselection(cursor, username)
except ServerSelectionErrorDatabaseNotAvailable as err:
raise ApplicationError('serverselection.error.database_not_available', reason=str(err))
......@@ -361,40 +449,45 @@ class ServerRunner(ZephirCommonController):
except ServerSelectionError as err:
raise ApplicationError('serverselection.error', reason=str(err))
@register_wamp('v1.serverselection.user.server.list', notification_uri=None, database=True)
async def list_user_servers(self, cursor, _session_user):
def _create_default_user_serverselection(self, cursor, serverselectionname, serverselectiondescription, username):
try:
serverselectionuser = _session_user['username']
return self.serverselection.list_user_servers(cursor, serverselectionuser)
return self.serverselection.create_serverselection(cursor, serverselectionname, serverselectiondescription, username)
except ServerSelectionErrorDatabaseNotAvailable as err:
raise ApplicationError('serverselection.error.database_not_available', reason=str(err))
raise ApplicationError('serverselection.error.database-not-available', reason=str(err))
except ServerSelectionErrorDbConnection as err:
raise ApplicationError('serverselection.error.db-connection', reason=str(err))
except ServerSelectionErrorDuplicateServerSelectionName as err:
raise ApplicationError('serverselection.static.create.error.duplicate_serverselection', reason=str(err))
except ServerSelectionError as err:
raise ApplicationError('serverselection.error', reason=str(err))
@register_wamp('v1.serverselection.create', notification_uri=None, database=True)
async def create_serverselection(self, cursor, serverselectionname, serverselectiondescription, _session_user):
try:
serverselectionuser = _session_user['username']
return self.serverselection.create_serverselection(cursor, serverselectionname, serverselectiondescription, serverselectionuser)
if _session_user['profil'] in ['root', 'admin'] or ('_DEFAULT' not in serverselectionname and _session_user['profil'] not in ['root', 'admin']):
username = _session_user['username']
return self.serverselection.create_serverselection(cursor, serverselectionname, serverselectiondescription, username)
else:
raise Exception(_('Unable to create _DEFAULT serverselection'))
except ServerSelectionErrorDatabaseNotAvailable as err:
raise ApplicationError('serverselection.error.database-not-available', reason=str(err))
except ServerSelectionErrorDbConnection as err:
raise ApplicationError('serverselection.error.db-connection', reason=str(err))
raise ApplicationError('serverselection.error.db-connection', reason=str(err))
except ServerSelectionErrorDuplicateServerSelectionName as err:
raise ApplicationError('serverselection.static.create.error.duplicate_serverselection', reason=str(err))
raise ApplicationError('serverselection.static.create.error.duplicate_serverselection', reason=str(err))
except ServerSelectionError as err:
raise ApplicationError('serverselection.error', reason=str(err))
@register_wamp('v1.serverselection.update', notification_uri=None, database=True)
async def update_serverselection(self, cursor, serverselectionid, serverselectionname, serverselectiondescription, dynamique, requete):
try:
return self.serverselection.update_serverselection(cursor, serverselectionid, serverselectionname, serverselectiondescription, dynamique, requete)
@register_wamp('v1.serverselection.update', notification_uri=None, database=True, profil_adapter='get_profil_for_serverselection')
async def update_serverselection(self, cursor,_session_user, serverselectionid, serverselectionname, serverselectiondescription, dynamique, requete):
try:
if '_DEFAULT' not in serverselectionname:
return self.serverselection.update_serverselection(cursor, serverselectionid, serverselectionname, serverselectiondescription, dynamique, requete)
else:
raise Exception(_('Unable to update _DEFAULT serverselection'))
except ServerSelectionErrorDatabaseNotAvailable as err:
raise ApplicationError('serverselection.error.database-not-available', reason=str(err))
......@@ -407,10 +500,11 @@ class ServerRunner(ZephirCommonController):
except ServerSelectionError as err:
raise ApplicationError('serverselection.error', reason=str(err))
@register_wamp('v1.serverselection.delete', notification_uri=None, database=True)
async def delete_serverselection(self, cursor, serverselectionid):
@register_wamp('v1.serverselection.delete', notification_uri=None, database=True, profil_adapter='get_profil_for_serverselection')
async def delete_serverselection(self, cursor,_session_user, serverselectionid):
try:
return self.serverselection.delete_serverselection(cursor, serverselectionid)
except ServerSelectionErrorDatabaseNotAvailable as err:
raise ApplicationError('serverselection.error.database_not_available', reason=str(err))
except ServerSelectionErrorDbConnection as err:
......@@ -422,22 +516,23 @@ class ServerRunner(ZephirCommonController):
except ServerSelectionError as err:
raise ApplicationError('serverselection.error', reason=str(err))
@register_wamp('v1.serverselection.server.add', notification_uri=None, database=True)
async def add_server_to_selection(self, cursor, serverselectionserversid, serverselectionid):
@register_wamp('v1.serverselection.server.add', notification_uri=None, database=True, profil_adapter='get_profil_for_all')
async def add_server_to_selection(self, cursor, _session_user, serverid, serverselectionid):
try:
return self.serverselection.add_server_to_selection(cursor, serverselectionserversid, serverselectionid)
return self.serverselection.add_server_to_selection(cursor, serverid, serverselectionid)
except ServerSelectionErrorDatabaseNotAvailable as err:
raise ApplicationError('serverselection.error.database-not-available', reason=str(err))
except ServerSelectionErrorDbConnection as err:
raise ApplicationError('serverselection.error.db-connection', reason=str(err))
raise ApplicationError('serverselection.error.db-connection', reason=str(err))
except ServerSelectionError as err:
raise ApplicationError('serverselection.error', reason=str(err))
@register_wamp('v1.serverselection.server.remove', notification_uri=None, database=True)
async def remove_server_from_selection(self, cursor, serverselectionserversid, serverselectionid):
@register_wamp('v1.serverselection.server.remove', notification_uri=None, database=True, profil_adapter='get_profil_for_serverselection')
async def remove_server_from_selection(self, cursor,_session_user, serverid, serverselectionid):
try:
return self.serverselection.remove_server_from_selection(cursor, serverselectionserversid, serverselectionid)
return self.serverselection.remove_server_from_selection(cursor, serverid, serverselectionid)
except ServerSelectionErrorDatabaseNotAvailable as err:
raise ApplicationError('serverselection.error.database_not_available', reason=str(err))
except ServerSelectionErrorDbConnection as err:
......@@ -445,14 +540,15 @@ class ServerRunner(ZephirCommonController):
except ServerSelectionErrorInvalidServerSelectionId as err:
raise ApplicationError('serverselection.error.invalid_serverselection_id', reason=str(err))
except ServerSelectionErrorUnknownServerSelectionId as err:
raise ApplicationError('serverselection.error.unknown_serverselection_id', reason=str(err))
raise ApplicationError('serverselection.error.unknown_serverselection_id', reason=str(err))
except ServerSelectionError as err:
raise ApplicationError('serverselection.error', reason=str(err))
@register_wamp('v1.serverselection.user.add', notification_uri=None, database=True)
async def add_user_to_serverselection(self, cursor, serverselectionid, serverselectionuser, serverselectionuserrole):
@register_wamp('v1.serverselection.user.add', notification_uri=None, database=True, profil_adapter='get_profil_for_serverselection')
async def add_user_to_serverselection(self, cursor,_session_user, serverselectionid, username, role):
try:
return self.serverselection.add_user_to_serverselection(cursor, serverselectionid, serverselectionuser, serverselectionuserrole)
return self.serverselection.add_user_to_serverselection(cursor, serverselectionid, username, role)
except ServerSelectionErrorDatabaseNotAvailable as err:
raise ApplicationError('serverselection.error.database_not_available', reason=str(err))
except ServerSelectionErrorDbConnection as err:
......@@ -460,14 +556,18 @@ class ServerRunner(ZephirCommonController):
except ServerSelectionErrorInvalidServerSelectionId as err:
raise ApplicationError('serverselection.error.invalid_serverselection_id', reason=str(err))
except ServerSelectionErrorUnknownServerSelectionId as err:
raise ApplicationError('serverselection.error.unknown_serverselection_id', reason=str(err))
raise ApplicationError('serverselection.error.unknown_serverselection_id', reason=str(err))
except ServerSelectionError as err:
raise ApplicationError('serverselection.error', reason=str(err))
@register_wamp('v1.serverselection.user.remove', notification_uri=None, database=True)
async def remove_user_from_serverselection(self, cursor, serverselectionid, serverselectionuser):
@register_wamp('v1.serverselection.user.remove', notification_uri=None, database=True, profil_adapter='get_profil_for_serverselection')
async def remove_user_from_serverselection(self, cursor, _session_user, serverselectionid, username):
try:
return self.serverselection.remove_user_from_serverselection(cursor, serverselectionid, serverselectionuser)
if _session_user['profil'] != 'owner':
return self.serverselection.remove_user_from_serverselection(cursor, serverselectionid, username)
else:
raise Exception(_('Can not remove user with role owner from serverseleciton'))
except ServerSelectionErrorDatabaseNotAvailable as err:
raise ApplicationError('serverselection.error.database_not_available', reason=str(err))
except ServerSelectionErrorDbConnection as err:
......@@ -475,14 +575,14 @@ class ServerRunner(ZephirCommonController):
except ServerSelectionErrorInvalidServerSelectionId as err:
raise ApplicationError('serverselection.error.invalid_serverselection_id', reason=str(err))
except ServerSelectionErrorUnknownServerSelectionId as err:
raise ApplicationError('serverselection.error.unknown_serverselection_id', reason=str(err))
raise ApplicationError('serverselection.error.unknown_serverselection_id', reason=str(err))
except ServerSelectionError as err:
raise ApplicationError('serverselection.error', reason=str(err))
@register_wamp('v1.serverselection.user.update', notification_uri=None, database=True)
async def update_user_to_serverselection(self, cursor, serverselectionid, serverselectionuser, serverselectionuserrole):
@register_wamp('v1.serverselection.user.update', notification_uri=None, database=True, profil_adapter='get_profil_for_serverselection')
async def update_user_to_serverselection(self, cursor,_session_user, serverselectionid, username, role):
try:
return self.serverselection.update_user_to_serverselection(cursor, serverselectionid, serverselectionuser, serverselectionuserrole)
return self.serverselection.update_user_to_serverselection(cursor, serverselectionid, username, role)
except ServerSelectionErrorDatabaseNotAvailable as err:
raise ApplicationError('serverselection.error.database_not_available', reason=str(err))
......@@ -491,15 +591,20 @@ class ServerRunner(ZephirCommonController):
except ServerSelectionErrorInvalidServerSelectionId as err:
raise ApplicationError('serverselection.error.invalid_serverselection_id', reason=str(err))
except ServerSelectionErrorUnknownServerSelectionId as err:
raise ApplicationError('serverselection.error.unknown_serverselection_id', reason=str(err))
raise ApplicationError('serverselection.error.unknown_serverselection_id', reason=str(err))
except ServerSelectionError as err:
raise ApplicationError('serverselection.error', reason=str(err))
@register_wamp('v1.serverselection.user.role.get', notification_uri=None, database=True)
async def get_serverselection_user_role(self, cursor, serverselectionid, username):
async def get_serverselection_user_role(self, cursor, _session_user, serverselectionid, username):
return self._get_serverselection_user_role(cursor, serverselectionid, _session_user['username'])
def _get_serverselection_user_role(self, cursor, serverselectionid, username):
try:
return self.serverselection.get_serverselection_user_role(cursor, serverselectionid, username)
except ServerSelectionEmptyRecordDatabaseError as err: