get user perms or create them on login

This commit is contained in:
dandds 2018-07-18 10:44:42 -04:00
parent ac150d1af3
commit 0c0aa44468
2 changed files with 56 additions and 42 deletions

View File

@ -24,10 +24,17 @@ class BaseHandler(tornado.web.RequestHandler):
@tornado.gen.coroutine
def _get_user_permissions(self, user_id):
response = yield self.authz_client.post(
"/users", json={"id": user_id, "atat_role": "ccpo"}
response = yield self.authz_client.get(
"/users/{}".format(user_id), raise_error=False
)
return response.json
if response.code == 404:
response = yield self.authz_client.post(
"/users", json={"id": user_id, "atat_role": "developer"}
)
return response.json
else:
return response.json
def get_current_user(self):
cookie = self.get_secure_cookie("atat")

View File

@ -5,6 +5,7 @@ from atst.api_client import ApiClient
class MockApiClient(ApiClient):
def __init__(self, service):
self.service = service
@ -43,6 +44,7 @@ class MockApiClient(ApiClient):
class MockRequestsClient(MockApiClient):
@tornado.gen.coroutine
def get(self, path, **kwargs):
json = {
@ -64,44 +66,49 @@ class MockRequestsClient(MockApiClient):
class MockAuthzClient(MockApiClient):
_json = {
"atat_permissions": [
"view_original_jedi_request",
"review_and_approve_jedi_workspace_request",
"modify_atat_role_permissions",
"create_csp_role",
"delete_csp_role",
"deactivate_csp_role",
"modify_csp_role_permissions",
"view_usage_report",
"view_usage_dollars",
"add_and_assign_csp_roles",
"remove_csp_roles",
"request_new_csp_role",
"assign_and_unassign_atat_role",
"view_assigned_atat_role_configurations",
"view_assigned_csp_role_configurations",
"deactivate_workspace",
"view_atat_permissions",
"transfer_ownership_of_workspace",
"add_application_in_workspace",
"delete_application_in_workspace",
"deactivate_application_in_workspace",
"view_application_in_workspace",
"rename_application_in_workspace",
"add_environment_in_application",
"delete_environment_in_application",
"deactivate_environment_in_application",
"view_environment_in_application",
"rename_environment_in_application",
"add_tag_to_workspace",
"remove_tag_from_workspace",
],
"atat_role": "ccpo",
"id": "164497f6-c1ea-4f42-a5ef-101da278c012",
"username": None,
"workspace_roles": [],
}
@tornado.gen.coroutine
def post(self, path, **kwargs):
json = {
"atat_permissions": [
"view_original_jedi_request",
"review_and_approve_jedi_workspace_request",
"modify_atat_role_permissions",
"create_csp_role",
"delete_csp_role",
"deactivate_csp_role",
"modify_csp_role_permissions",
"view_usage_report",
"view_usage_dollars",
"add_and_assign_csp_roles",
"remove_csp_roles",
"request_new_csp_role",
"assign_and_unassign_atat_role",
"view_assigned_atat_role_configurations",
"view_assigned_csp_role_configurations",
"deactivate_workspace",
"view_atat_permissions",
"transfer_ownership_of_workspace",
"add_application_in_workspace",
"delete_application_in_workspace",
"deactivate_application_in_workspace",
"view_application_in_workspace",
"rename_application_in_workspace",
"add_environment_in_application",
"delete_environment_in_application",
"deactivate_environment_in_application",
"view_environment_in_application",
"rename_environment_in_application",
"add_tag_to_workspace",
"remove_tag_from_workspace",
],
"atat_role": "ccpo",
"id": "164497f6-c1ea-4f42-a5ef-101da278c012",
"username": None,
"workspace_roles": [],
}
return self._get_response("POST", path, 200, json=json)
return self._get_response("POST", path, 200, json=self._json)
@tornado.gen.coroutine
def get(self, path, **kwargs):
return self._get_response("POST", path, 200, json=self._json)