magpie.api.management.group.group_utils

Module Contents

Functions

get_all_group_names(→ List[magpie.typedefs.Str])	Get all existing group names from the database.
get_group_resources(→ magpie.typedefs.JSON)	Get formatted JSON body describing all service resources the group as permissions on.
create_group(→ pyramid.httpexceptions.HTTPException)	Creates a group if it is permitted and not conflicting.
get_similar_group_resource_permission(...)	Obtains the group service/resource permission that corresponds to the provided one.
create_group_resource_permission_response(...)	Creates a permission on a group/resource combination if it is permitted and not conflicting.
get_group_resources_permissions_dict(...)	Get a dictionary of resources and corresponding permissions that a group has on the resources.
get_group_resource_permissions_response(...)	Get validated response with group resource permissions as content.
delete_group_resource_permission_response(...)	Get validated response on deleted group resource permission.
get_group_services(→ magpie.typedefs.JSON)	Nest and regroup the resource permissions under corresponding root service types.
get_group_services_response(...)	Get validated response of services the group has permissions on.
get_group_service_permissions(...)	Get all permissions the group has on a specific service.
get_group_service_permissions_response(...)	Get validated response of found group service permissions.
get_group_service_resources_permissions_dict(...)	Get all permissions the group has on a specific service's children resources.
get_group_service_resources_response(...)	Get validated response of all found service resources which the group has permissions on.

magpie.api.management.group.group_utils.get_all_group_names(db_session: sqlalchemy.orm.session.Session) → List[magpie.typedefs.Str]

Get all existing group names from the database.

magpie.api.management.group.group_utils.get_group_resources(group: magpie.models.Group, db_session: sqlalchemy.orm.session.Session, service_types: List[magpie.typedefs.Str] | None = None) → magpie.typedefs.JSON

Get formatted JSON body describing all service resources the group as permissions on.

magpie.api.management.group.group_utils.create_group(group_name: magpie.typedefs.Str, description: magpie.typedefs.Str, discoverable: bool, terms: magpie.typedefs.Str, db_session: sqlalchemy.orm.session.Session) → pyramid.httpexceptions.HTTPException

Creates a group if it is permitted and not conflicting.

Returns:

valid HTTP response on successful operations.

Raises:

HTTPException – error HTTP response of corresponding situation.

magpie.api.management.group.group_utils.get_similar_group_resource_permission(group: magpie.models.Group, resource: magpie.typedefs.ServiceOrResourceType, permission: magpie.permissions.PermissionSet, db_session: sqlalchemy.orm.session.Session) → magpie.permissions.PermissionSet | None

Obtains the group service/resource permission that corresponds to the provided one.

Lookup considers only similar applied permission such that other permission modifiers don’t affect comparison.

magpie.api.management.group.group_utils.create_group_resource_permission_response(group: magpie.models.Group, resource: magpie.typedefs.ServiceOrResourceType, permission: magpie.permissions.PermissionSet, db_session: sqlalchemy.orm.session.Session, overwrite: bool = False) → pyramid.httpexceptions.HTTPException

Creates a permission on a group/resource combination if it is permitted and not conflicting.

Parameters:

• group – group for which to create/update the permission.

• resource – service or resource for which to create the permission.

• permission – permission with modifiers to be applied.

• db_session – database connection.

• overwrite – If the corresponding (group, resource, permission[name]) exists, there is a conflict. Conflict is considered only by permission-name regardless of other modifiers. If overwrite is False, the conflict will be raised and not be applied. If overwrite is True, the permission modifiers will be replaced by the new ones, or created if missing.

Returns:

valid HTTP response on successful operations.

Raises:

HTTPException – error HTTP response of corresponding situation.

magpie.api.management.group.group_utils.get_group_resources_permissions_dict(group: magpie.models.Group, db_session: sqlalchemy.orm.session.Session, resource_ids: Iterable[int] | None = None, resource_types: Iterable[magpie.typedefs.Str] | None = None) → magpie.typedefs.ResourcePermissionMap

Get a dictionary of resources and corresponding permissions that a group has on the resources.

Filter search by resource_ids and/or resource_types if specified.

magpie.api.management.group.group_utils.get_group_resource_permissions_response(group: magpie.models.Group, resource: magpie.models.Resource, db_session: sqlalchemy.orm.session.Session) → pyramid.httpexceptions.HTTPException

Get validated response with group resource permissions as content.

Returns:

valid HTTP response on successful operations.

Raises:

HTTPException – error HTTP response of corresponding situation.

magpie.api.management.group.group_utils.delete_group_resource_permission_response(group: magpie.models.Group, resource: magpie.typedefs.ServiceOrResourceType, permission: magpie.permissions.PermissionSet, db_session: sqlalchemy.orm.session.Session, similar: bool = True) → pyramid.httpexceptions.HTTPException

Get validated response on deleted group resource permission.

Parameters:

• group – group for which to delete the permission.

• resource – service or resource for which to delete the permission.

• permission – permission with modifiers to be deleted.

• db_session – database connection.

• similar – Allow matching provided permission against any similar database permission. Otherwise, must match exactly.

Returns:

valid HTTP response on successful operations.

Raises:

HTTPException – error HTTP response of corresponding situation.

magpie.api.management.group.group_utils.get_group_services(resources_permissions_dict: magpie.typedefs.JSON, db_session: sqlalchemy.orm.session.Session, service_types: List[magpie.typedefs.Str] | None = None) → magpie.typedefs.JSON

Nest and regroup the resource permissions under corresponding root service types.

magpie.api.management.group.group_utils.get_group_services_response(group: magpie.models.Group, db_session: sqlalchemy.orm.session.Session, service_types: List[magpie.typedefs.Str] | None = None) → pyramid.httpexceptions.HTTPException

Get validated response of services the group has permissions on.

Returns:

valid HTTP response on successful operations.

Raises:

HTTPException – error HTTP response of corresponding situation.

magpie.api.management.group.group_utils.get_group_service_permissions(group: magpie.models.Group, service: magpie.models.Service, db_session: sqlalchemy.orm.session.Session) → List[magpie.permissions.PermissionSet]

Get all permissions the group has on a specific service.

magpie.api.management.group.group_utils.get_group_service_permissions_response(group: magpie.models.Group, service: magpie.models.Service, db_session: sqlalchemy.orm.session.Session) → pyramid.httpexceptions.HTTPException

Get validated response of found group service permissions.

Returns:

valid HTTP response on successful operations.

Raises:

HTTPException – error HTTP response of corresponding situation.

magpie.api.management.group.group_utils.get_group_service_resources_permissions_dict(group: magpie.models.Group, service: magpie.models.Service, db_session: sqlalchemy.orm.session.Session) → magpie.typedefs.ResourcePermissionMap

Get all permissions the group has on a specific service’s children resources.

magpie.api.management.group.group_utils.get_group_service_resources_response(group: magpie.models.Group, service: magpie.models.Service, db_session: sqlalchemy.orm.session.Session) → pyramid.httpexceptions.HTTPException

Get validated response of all found service resources which the group has permissions on.

Returns:

valid HTTP response on successful operations.

Raises:

HTTPException – error HTTP response of corresponding situation.