magpie.api.management.group.group_views

Classes

TemporaryToken

Model that defines a token for temporary URL completion of a given pending operation.

TokenOperation

Supported operations by the temporary tokens.

UserGroupStatus

Supported statuses of user-group relationships.

Functions

get_constant(→ magpie.typedefs.SettingValue)

Search in order for matched value of constant_name:

get_groups_view(request)

Get list of group names.

create_group_view(request)

Create a group.

get_group_view(request)

Get group information.

edit_group_view(request)

Update a group by name.

delete_group_view(request)

Delete a group by name.

get_group_users_view(request)

List all users from a group.

get_group_services_view(request)

List all services a group has permission on.

get_group_service_permissions_view(request)

List all permissions a group has on a specific service.

create_group_service_permission_view(request)

Create a permission on a specific resource for a group.

replace_group_service_permissions_view(request)

Create or modify an existing permission on a service for a group.

delete_group_service_permission_view(request)

Delete a permission from a specific resource for a group.

delete_group_service_permission_name_view(request)

Delete a permission by name from a specific service for a group.

get_group_resources_view(request)

List all resources a group has permission on.

get_group_resource_permissions_view(request)

List all permissions a group has on a specific resource.

create_group_resource_permissions_view(request)

Create a permission on a specific resource for a group.

replace_group_resource_permissions_view(request)

Create or modify an existing permission on a resource for a group.

delete_group_resource_permissions_view(request)

Delete a permission from a specific resource for a group.

delete_group_resource_permission_name_view(request)

Delete a permission by name from a specific resource for a group.

get_group_service_resources_view(request)

List all resources under a service a group has permission on.

Module Contents

magpie.api.management.group.group_views.get_constant(constant_name: magpie.typedefs.Str, settings_container: magpie.typedefs.AnySettingsContainer | None = None, settings_name: magpie.typedefs.Str | None = None, default_value: magpie.typedefs.SettingValue | None = None, raise_not_set: bool = True, raise_missing: bool = True, print_missing: bool = False, empty_missing: bool = False) magpie.typedefs.SettingValue[source]
Search in order for matched value of constant_name:

  1. search in MAGPIE_CONSTANTS

  2. search in settings if specified

  3. search alternative setting names (see below)

  4. search in magpie.constants definitions

  5. search in environment variables

Parameter constant_name is expected to have the format MAGPIE_[VARIABLE_NAME] although any value can be passed to retrieve generic settings from all above-mentioned search locations.

If settings_name is provided as alternative name, it is used as is to search for results if constant_name was not found. Otherwise, magpie.[variable_name] is used for additional search when the format MAGPIE_[VARIABLE_NAME] was used for constant_name (i.e.: MAGPIE_ADMIN_USER will also search for magpie.admin_user and so on for corresponding constants).

Parameters:

  • constant_name – key to search for a value

  • settings_container – WSGI application settings container (if not provided, uses found one in current thread)

  • settings_name – alternative name for settings if specified

  • default_value – default value to be returned if not found anywhere, and exception raises are disabled.

  • raise_not_set – raise an exception if the found key is None, search until last case if others are None

  • raise_missing – raise exception if key is not found anywhere

  • print_missing – print message if key is not found anywhere, return None

  • empty_missing – consider an empty value for an existing key as if it was missing (i.e.: as if not set).

Returns:

found value or default_value

Raises:

  • ValueError – if resulting value is invalid based on options (by default raise missing/empty/None value)

  • LookupError – if no appropriate value could be found from all search locations (according to options)

class magpie.api.management.group.group_views.TemporaryToken(*_, **__)[source]

Bases: ziggurat_foundations.models.base.BaseModel, Base

Model that defines a token for temporary URL completion of a given pending operation.

__tablename__ = 'tmp_tokens'
token
operation
created
user_id
_user
user_pending_id
_pending_user
group_id
group
user() AnyUser[source]
url(settings: magpie.typedefs.AnySettingsContainer = None) magpie.typedefs.Str[source]
expired() bool[source]
static by_token(token: magpie.typedefs.Str | sqlalchemy.dialects.postgresql.UUID, db_session: sqlalchemy.orm.session.Session | None = None) TemporaryToken | None[source]
static by_user(user: AnyUser, db_session: sqlalchemy.orm.session.Session | None = None) sqlalchemy.orm.query.Query | None[source]
json() magpie.typedefs.JSON[source]
class magpie.api.management.group.group_views.TokenOperation[source]

Bases: magpie.utils.ExtendedEnum

Supported operations by the temporary tokens.

GROUP_ACCEPT_TERMS = 'group-accept-terms'

Temporary token associated to an URL endpoint called by a user that accepts the terms and conditions (T&C) to join a particular group.

USER_PASSWORD_RESET = 'user-password-reset'

Temporary token associated to an URL endpoint to request a user password reset.

USER_REGISTRATION_CONFIRM_EMAIL = 'user-registration-confirm-email'

Temporary token associated to a pending user registration that requires email validation by visiting the link.

USER_REGISTRATION_ADMIN_APPROVE = 'user-registration-admin-approve'

Temporary token associated to a pending user registration that will be approved by an administrator when visited.

USER_REGISTRATION_ADMIN_DECLINE = 'user-registration-admin-decline'

Temporary token associated to a pending user registration that will be declined by an administrator when visited.

WEBHOOK_USER_STATUS_ERROR = 'webhook-user-status-error'

Temporary token employed to provide a callback URL that a registered webhook can call following the triggered event to indicate that the corresponding operation resulted into an invalid user status.

class magpie.api.management.group.group_views.UserGroupStatus[source]

Bases: magpie.utils.FlexibleNameEnum

Supported statuses of user-group relationships.

ALL = 'all'
ACTIVE = 'active'
PENDING = 'pending'
classmethod allowed() List[magpie.typedefs.Str][source]

Returns all supported representation values that can be mapped to a valid status.

magpie.api.management.group.group_views.get_groups_view(request)[source]

Get list of group names.

magpie.api.management.group.group_views.create_group_view(request)[source]

Create a group.

magpie.api.management.group.group_views.get_group_view(request)[source]

Get group information.

magpie.api.management.group.group_views.edit_group_view(request)[source]

Update a group by name.

magpie.api.management.group.group_views.delete_group_view(request)[source]

Delete a group by name.

magpie.api.management.group.group_views.get_group_users_view(request)[source]

List all users from a group.

Users can be filtered by status depending of input arguments.

magpie.api.management.group.group_views.get_group_services_view(request)[source]

List all services a group has permission on.

magpie.api.management.group.group_views.get_group_service_permissions_view(request)[source]

List all permissions a group has on a specific service.

magpie.api.management.group.group_views.create_group_service_permission_view(request)[source]

Create a permission on a specific resource for a group.

magpie.api.management.group.group_views.replace_group_service_permissions_view(request)[source]

Create or modify an existing permission on a service for a group.

Can be used to adjust permission modifiers.

magpie.api.management.group.group_views.delete_group_service_permission_view(request)[source]

Delete a permission from a specific resource for a group.

magpie.api.management.group.group_views.delete_group_service_permission_name_view(request)[source]

Delete a permission by name from a specific service for a group.

magpie.api.management.group.group_views.get_group_resources_view(request)[source]

List all resources a group has permission on.

magpie.api.management.group.group_views.get_group_resource_permissions_view(request)[source]

List all permissions a group has on a specific resource.

magpie.api.management.group.group_views.create_group_resource_permissions_view(request)[source]

Create a permission on a specific resource for a group.

magpie.api.management.group.group_views.replace_group_resource_permissions_view(request)[source]

Create or modify an existing permission on a resource for a group.

Can be used to adjust permission modifiers.

magpie.api.management.group.group_views.delete_group_resource_permissions_view(request)[source]

Delete a permission from a specific resource for a group.

magpie.api.management.group.group_views.delete_group_resource_permission_name_view(request)[source]

Delete a permission by name from a specific resource for a group.

magpie.api.management.group.group_views.get_group_service_resources_view(request)[source]

List all resources under a service a group has permission on.