get user perms or create them on login
This commit is contained in:
parent
ac150d1af3
commit
0c0aa44468
@ -24,10 +24,17 @@ class BaseHandler(tornado.web.RequestHandler):
|
||||
|
||||
@tornado.gen.coroutine
|
||||
def _get_user_permissions(self, user_id):
|
||||
response = yield self.authz_client.post(
|
||||
"/users", json={"id": user_id, "atat_role": "ccpo"}
|
||||
response = yield self.authz_client.get(
|
||||
"/users/{}".format(user_id), raise_error=False
|
||||
)
|
||||
return response.json
|
||||
if response.code == 404:
|
||||
response = yield self.authz_client.post(
|
||||
"/users", json={"id": user_id, "atat_role": "developer"}
|
||||
)
|
||||
return response.json
|
||||
|
||||
else:
|
||||
return response.json
|
||||
|
||||
def get_current_user(self):
|
||||
cookie = self.get_secure_cookie("atat")
|
||||
|
@ -5,6 +5,7 @@ from atst.api_client import ApiClient
|
||||
|
||||
|
||||
class MockApiClient(ApiClient):
|
||||
|
||||
def __init__(self, service):
|
||||
self.service = service
|
||||
|
||||
@ -43,6 +44,7 @@ class MockApiClient(ApiClient):
|
||||
|
||||
|
||||
class MockRequestsClient(MockApiClient):
|
||||
|
||||
@tornado.gen.coroutine
|
||||
def get(self, path, **kwargs):
|
||||
json = {
|
||||
@ -64,44 +66,49 @@ class MockRequestsClient(MockApiClient):
|
||||
|
||||
|
||||
class MockAuthzClient(MockApiClient):
|
||||
_json = {
|
||||
"atat_permissions": [
|
||||
"view_original_jedi_request",
|
||||
"review_and_approve_jedi_workspace_request",
|
||||
"modify_atat_role_permissions",
|
||||
"create_csp_role",
|
||||
"delete_csp_role",
|
||||
"deactivate_csp_role",
|
||||
"modify_csp_role_permissions",
|
||||
"view_usage_report",
|
||||
"view_usage_dollars",
|
||||
"add_and_assign_csp_roles",
|
||||
"remove_csp_roles",
|
||||
"request_new_csp_role",
|
||||
"assign_and_unassign_atat_role",
|
||||
"view_assigned_atat_role_configurations",
|
||||
"view_assigned_csp_role_configurations",
|
||||
"deactivate_workspace",
|
||||
"view_atat_permissions",
|
||||
"transfer_ownership_of_workspace",
|
||||
"add_application_in_workspace",
|
||||
"delete_application_in_workspace",
|
||||
"deactivate_application_in_workspace",
|
||||
"view_application_in_workspace",
|
||||
"rename_application_in_workspace",
|
||||
"add_environment_in_application",
|
||||
"delete_environment_in_application",
|
||||
"deactivate_environment_in_application",
|
||||
"view_environment_in_application",
|
||||
"rename_environment_in_application",
|
||||
"add_tag_to_workspace",
|
||||
"remove_tag_from_workspace",
|
||||
],
|
||||
"atat_role": "ccpo",
|
||||
"id": "164497f6-c1ea-4f42-a5ef-101da278c012",
|
||||
"username": None,
|
||||
"workspace_roles": [],
|
||||
}
|
||||
|
||||
@tornado.gen.coroutine
|
||||
def post(self, path, **kwargs):
|
||||
json = {
|
||||
"atat_permissions": [
|
||||
"view_original_jedi_request",
|
||||
"review_and_approve_jedi_workspace_request",
|
||||
"modify_atat_role_permissions",
|
||||
"create_csp_role",
|
||||
"delete_csp_role",
|
||||
"deactivate_csp_role",
|
||||
"modify_csp_role_permissions",
|
||||
"view_usage_report",
|
||||
"view_usage_dollars",
|
||||
"add_and_assign_csp_roles",
|
||||
"remove_csp_roles",
|
||||
"request_new_csp_role",
|
||||
"assign_and_unassign_atat_role",
|
||||
"view_assigned_atat_role_configurations",
|
||||
"view_assigned_csp_role_configurations",
|
||||
"deactivate_workspace",
|
||||
"view_atat_permissions",
|
||||
"transfer_ownership_of_workspace",
|
||||
"add_application_in_workspace",
|
||||
"delete_application_in_workspace",
|
||||
"deactivate_application_in_workspace",
|
||||
"view_application_in_workspace",
|
||||
"rename_application_in_workspace",
|
||||
"add_environment_in_application",
|
||||
"delete_environment_in_application",
|
||||
"deactivate_environment_in_application",
|
||||
"view_environment_in_application",
|
||||
"rename_environment_in_application",
|
||||
"add_tag_to_workspace",
|
||||
"remove_tag_from_workspace",
|
||||
],
|
||||
"atat_role": "ccpo",
|
||||
"id": "164497f6-c1ea-4f42-a5ef-101da278c012",
|
||||
"username": None,
|
||||
"workspace_roles": [],
|
||||
}
|
||||
return self._get_response("POST", path, 200, json=json)
|
||||
return self._get_response("POST", path, 200, json=self._json)
|
||||
|
||||
@tornado.gen.coroutine
|
||||
def get(self, path, **kwargs):
|
||||
return self._get_response("POST", path, 200, json=self._json)
|
||||
|
Loading…
x
Reference in New Issue
Block a user