本文整理汇总了Python中st2common.persistence.rbac.Role.get方法的典型用法代码示例。如果您正苦于以下问题:Python Role.get方法的具体用法?Python Role.get怎么用?Python Role.get使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类st2common.persistence.rbac.Role
的用法示例。
在下文中一共展示了Role.get方法的3个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: get_role_by_name
# 需要导入模块: from st2common.persistence.rbac import Role [as 别名]
# 或者: from st2common.persistence.rbac.Role import get [as 别名]
def get_role_by_name(name):
"""
Retrieve role by name.
:rtype: ``list`` of :class:`RoleDB`
"""
result = Role.get(name=name)
return result
示例2: delete_role
# 需要导入模块: from st2common.persistence.rbac import Role [as 别名]
# 或者: from st2common.persistence.rbac.Role import get [as 别名]
def delete_role(name):
""""
Delete role with the provided name.
"""
if name in SystemRole.get_valid_values():
raise ValueError("System roles can't be deleted")
role_db = Role.get(name=name)
result = Role.delete(role_db)
return result
示例3: _sync_user_role_assignments
# 需要导入模块: from st2common.persistence.rbac import Role [as 别名]
# 或者: from st2common.persistence.rbac.Role import get [as 别名]
def _sync_user_role_assignments(self, user_db, role_assignment_dbs, role_assignment_apis):
"""
Synchronize role assignments for a particular user.
:param user_db: User to synchronize the assignments for.
:type user_db: :class:`UserDB`
:param role_assignment_dbs: Existing user role assignments.
:type role_assignment_dbs: ``list`` of :class:`UserRoleAssignmentDB`
:param role_assignment_apis: List of user role assignments to apply.
:param role_assignment_apis: ``list`` of :class:`UserRoleAssignmentFileFormatAPI`
:rtype: ``tuple``
"""
db_roles = set([(entry.role, entry.source) for entry in role_assignment_dbs])
api_roles = [
list(izip_longest(entry.roles, [], fillvalue=entry.file_path))
for entry in role_assignment_apis
]
api_roles = set(list(chain.from_iterable(api_roles)))
# A list of new assignments which should be added to the database
new_roles = api_roles.difference(db_roles)
# A list of assignments which need to be updated in the database
updated_roles = db_roles.intersection(api_roles)
# A list of assignments which should be removed from the database
removed_roles = (db_roles - api_roles)
LOG.debug('New assignments for user "%s": %r' % (user_db.name, new_roles))
LOG.debug('Updated assignments for user "%s": %r' % (user_db.name, updated_roles))
LOG.debug('Removed assignments for user "%s": %r' % (user_db.name, removed_roles))
# Build a list of role assignments to delete
roles_to_delete = updated_roles.union(removed_roles)
role_assignment_dbs_to_delete = [
role_assignment_db for role_assignment_db in role_assignment_dbs
if (role_assignment_db.role, role_assignment_db.source) in roles_to_delete
]
for role_name, assignment_source in roles_to_delete:
queryset_filter = (
Q(user=user_db.name) &
Q(role=role_name) &
Q(source=assignment_source) &
(Q(is_remote=False) | Q(is_remote__exists=False))
)
UserRoleAssignmentDB.objects(queryset_filter).delete()
LOG.debug('Removed role "%s" from "%s" for user "%s".' % (role_name, assignment_source,
user_db.name))
# Build a list of roles assignments to create
roles_to_create = new_roles.union(updated_roles)
created_role_assignment_dbs = []
for role_name, assignment_source in roles_to_create:
role_db = Role.get(name=role_name)
if not role_db:
msg = 'Role "%s" referenced in assignment file "%s" doesn\'t exist'
raise ValueError(msg % (role_name, assignment_source))
role_assignment_api = [r for r in role_assignment_apis if
r.file_path == assignment_source][0]
description = getattr(role_assignment_api, 'description', None)
assignment_db = rbac_services.assign_role_to_user(
role_db=role_db, user_db=user_db, source=assignment_source, description=description)
created_role_assignment_dbs.append(assignment_db)
LOG.debug('Assigned role "%s" from "%s" for user "%s".' %
(role_name, assignment_source, user_db.name))
return (created_role_assignment_dbs, role_assignment_dbs_to_delete)