Added new role management

61e512c2 · Luka · Maarten de Waard · efbc1b21 · 61e512c2 · 61e512c2
Commit 61e512c2 authored 2 years ago by Luka Committed by Maarten de Waard 2 years ago
--- a/areas/users/user_service.py
+++ b/areas/users/user_service.py
 import copy
+from areas.apps.models import App

 from database import db
 from areas.apps import AppRole
@@ -28,14 +29,18 @@ class UserService:
        }
        res = KratosApi.post("/admin/identities", kratos_data).json()

-        appRole = AppRole(
-            user_id=res["id"],
-            role_id=data["role_id"] if "role_id" in data else None,
-            app_id=1,
-        )
+        if data["app_roles"]:
+            app_roles = data["app_roles"]
+            for ar in app_roles:
+                app = App.query.filter_by(slug=ar["name"]).first()
+                app_role = AppRole(
+                    user_id=res["id"],
+                    role_id=ar["role_id"] if "role_id" in ar else None,
+                    app_id=app.id,
+                )

-        db.session.add(appRole)
-        db.session.commit()
+                db.session.add(app_role)
+            db.session.commit()

        return UserService.get_user(res["id"])

@@ -47,24 +52,48 @@ class UserService:
        }
        KratosApi.put("/admin/identities/{}".format(id), kratos_data)

-        app_role = AppRole.query.filter_by(user_id=id).first()
-        if app_role:
-            app_role.role_id = data["role_id"] if "role_id" in data else None
-            db.session.commit()
-        else:
-            appRole = AppRole(
-                user_id=id,
-                role_id=data["role_id"] if "role_id" in data else None,
-                app_id=1,
-            )
-            db.session.add(appRole)
-            db.session.commit()
+        if data["app_roles"]:
+            app_roles = data["app_roles"]
+            for ar in app_roles:
+                app = App.query.filter_by(slug=ar["name"]).first()
+                app_role = AppRole.query.filter_by(user_id=id, app_id=app.id).first()
+
+                if app_role:
+                    app_role.role_id = ar["role_id"] if "role_id" in ar else None
+                    db.session.commit()
+                else:
+                    appRole = AppRole(
+                        user_id=id,
+                        role_id=ar["role_id"] if "role_id" in ar else None,
+                        app_id=app.id,
+                    )
+                    db.session.add(appRole)
+                    db.session.commit()

        return UserService.get_user(id)

+    @staticmethod
+    def delete_user(id):
+        app_role = AppRole.query.filter_by(user_id=id).all()
+        for ar in app_role:
+            db.session.delete(ar)
+        db.session.commit()
+
    @staticmethod
    def __insertAppRoleToUser(userId, userRes):
-        app_role = AppRole.query.filter_by(user_id=userId).first()
-        userRes["traits"]["role_id"] = app_role.role_id if app_role else None
+        app_role = AppRole.query.filter_by(user_id=userId)
+        apps = App.query.all()
+
+        app_roles = []
+
+        for app in apps:
+            tmp_app_role = app_role.filter_by(app_id=app.id).first()
+            app_roles.append(
+                {
+                    "name": app.slug,
+                    "role_id": tmp_app_role.role_id if tmp_app_role else None,
+                }
+            )

+        userRes["traits"]["app_roles"] = app_roles
        return userRes
--- a/areas/users/users.py
+++ b/areas/users/users.py
@@ -51,6 +51,7 @@ def put_user(id):
 @cross_origin()
 def delete_user(id):
    res = KratosApi.delete("/identities/{}".format(id))
+    UserService.delete_user(id)
    if res.status_code == 204:
        return jsonify(), res.status_code
    return jsonify(res.json()), res.status_code
--- a/areas/users/validation.py
+++ b/areas/users/validation.py
@@ -9,11 +9,25 @@ schema = {
            "pattern": r"(?:[a-z0-9!#$%&'*+/=?^_`{|}~-]+(?:\.[a-z0-9!#$%&'*+/=?^_`{|}~-]+)*|\"(?:[\x01-\x08\x0b\x0c\x0e-\x1f\x21\x23-\x5b\x5d-\x7f]|\\[\x01-\x09\x0b\x0c\x0e-\x7f])*\")@(?:(?:[a-z0-9](?:[a-z0-9-]*[a-z0-9])?\.)+[a-z0-9](?:[a-z0-9-]*[a-z0-9])?|\[(?:(?:(2(5[0-5]|[0-4][0-9])|1[0-9][0-9]|[1-9]?[0-9]))\.){3}(?:(2(5[0-5]|[0-4][0-9])|1[0-9][0-9]|[1-9]?[0-9])|[a-z0-9-]*[a-z0-9]:(?:[\x01-\x08\x0b\x0c\x0e-\x1f\x21-\x5a\x53-\x7f]|\\[\x01-\x09\x0b\x0c\x0e-\x7f])+)\])",
            "minLength": 1,
        },
-        "role_id": {
-            "type": "integer",
-            "description": "Role of the user",
-            "minimum": 1,
+        "app_roles": {
+            "type": "array",
+            "items": {
+                "type": "object",
+                "properties": {
+                    "name": {
+                        "type": "string",
+                        "description": "Name of the app",
+                        "minLenght": 1,
+                    },
+                    "role_id": {
+                        "type": ["integer", "null"],
+                        "description": "Role of the user",
+                        "minimum": 1,
+                    },
+                },
+                "required": ["name", "role_id"],
+            },
        },
    },
-    "required": ["email"],
+    "required": ["email", "app_roles"],
 }