Package s3 :: Module s3roles :: Class S3RoleManager
[frames] | no frames]

Class S3RoleManager

source code

     object --+    
              |    
s3rest.S3Method --+
                  |
                 S3RoleManager

REST Method to manage user roles and permission rules

Instance Methods
 
apply_method(self, r, **attr)
Entry point for REST interface.
source code
 
role_list(self, r, **attr)
List or export roles
source code
 
role_list_actions(self, r)
Configure action buttons for role list
source code
 
role_form(self, r, **attr)
Create, read, update a role
source code
 
get_permissions(self, role)
Extract the permission rules for a role
source code
 
update_role(self, role, form)
Create or update a role from a role form
source code
 
update_permissions(self, role_id, rules)
Update the permission rules for a role
source code
 
copy_role(self, r, **attr)
Duplicate an existing role
source code
 
delete_role(self, r, **attr)
Delete a role
source code
 
assign_roles(self, r, **attr)
Assign/unassign roles to a user
source code
 
assign_users(self, r, **attr)
Assign/unassign users to a role
source code
 
import_roles(self, r, **attr)
Interactive import of roles (auth_roles.csv format)
source code
 
export_roles(self, r, **attr)
Export of roles (auth_roles.csv format)
source code

Inherited from s3rest.S3Method: __call__, widget

Inherited from object: __delattr__, __format__, __getattribute__, __hash__, __init__, __new__, __reduce__, __reduce_ex__, __repr__, __setattr__, __sizeof__, __str__, __subclasshook__

Static Methods
 
get_managed_users(role_id)
Get a dict of users the current user can assign to roles
source code
 
get_managed_roles(user_id)
Get a dict of roles the current user can manage
source code
 
get_managed_realms()
Get a dict of realms managed by the current user
source code

Inherited from s3rest.S3Method: crud_string

Properties

Inherited from object: __class__

Method Details

apply_method(self, r, **attr)

source code 

Entry point for REST interface.

Parameters:
  • r - the S3Request instance
  • attr - controller attributes
Returns:
output object to send to the view
Overrides: s3rest.S3Method.apply_method

role_list(self, r, **attr)

source code 

List or export roles

Parameters:
  • r - the S3Request instance
  • attr - controller attributes

    NB this function must be restricted to ADMINs (in apply_method)

role_list_actions(self, r)

source code 

Configure action buttons for role list

Parameters:
  • r - the S3Request

role_form(self, r, **attr)

source code 

Create, read, update a role

NB this function must be restricted to ADMINs (in apply_method)

get_permissions(self, role)

source code 

Extract the permission rules for a role

Parameters:
  • role - the role (Row)
Returns:
the permission rules as JSON string

update_role(self, role, form)

source code 

Create or update a role from a role form

Parameters:
  • role - the role (Row)
  • form - the form
Returns:
tuple (role ID, confirmation message)

update_permissions(self, role_id, rules)

source code 

Update the permission rules for a role

Parameters:
  • role_id - the role record ID (auth_group.id)
  • rules - the rules as JSON string

copy_role(self, r, **attr)

source code 

Duplicate an existing role

NB this function must be restricted to ADMINs (in apply_method)

delete_role(self, r, **attr)

source code 

Delete a role

NB this function must be restricted to ADMINs (in apply_method)

assign_roles(self, r, **attr)

source code 

Assign/unassign roles to a user

NB this function is accessible for non-ADMINs (e.g. ORG_ADMIN)

assign_users(self, r, **attr)

source code 

Assign/unassign users to a role

NB this function could be accessible for non-ADMINs (e.g. ORG_ADMIN)

get_managed_users(role_id)
Static Method

source code 

Get a dict of users the current user can assign to roles

@param role_id: the target role ID

@returns: a dict {user_id: {l:label,
                            t:title,
                            a:assignable,
                            r:removable,
                            u:unrestrictable,
                            }, ...}
          NB a, r and u attributes only added if non-default

get_managed_roles(user_id)
Static Method

source code 

Get a dict of roles the current user can manage

@returns: a dict {role_id: {l:label,
                            a:assignable,
                            r:removable,
                            u:unrestrictable,
                            }, ...},
          NB a, r and u attributes only added if non-default

get_managed_realms()
Static Method

source code 

Get a dict of realms managed by the current user

Returns:
tuple (realm_types, realms):
  • realm_types = [(instance_type, label), ...]
  • realms = {pe_id: {l:label, t:type}, ...}

import_roles(self, r, **attr)

source code 

Interactive import of roles (auth_roles.csv format)

NB this function must be restricted to ADMINs (in apply_method)

export_roles(self, r, **attr)

source code 

Export of roles (auth_roles.csv format)

NB this function must be restricted to ADMINs (in apply_method)