diff --git a/Makefile b/Makefile index a35a88a5..e754ba75 100644 --- a/Makefile +++ b/Makefile @@ -35,30 +35,30 @@ create-user: create-admin: source ./venv/bin/activate && python -m auth_backend user create --email test-admin@profcomff.com --password string - source ./venv/bin/activate && python -m auth_backend scope create --name auth.group.create --comment auth.group.create --creator 1 - source ./venv/bin/activate && python -m auth_backend scope create --name auth.group.delete --comment auth.group.delete --creator 1 - source ./venv/bin/activate && python -m auth_backend scope create --name auth.group.read --comment auth.group.read --creator 1 - source ./venv/bin/activate && python -m auth_backend scope create --name auth.group.update --comment auth.group.update --creator 1 - source ./venv/bin/activate && python -m auth_backend scope create --name auth.scope.create --comment auth.scope.create --creator 1 - source ./venv/bin/activate && python -m auth_backend scope create --name auth.scope.delete --comment auth.scope.delete --creator 1 - source ./venv/bin/activate && python -m auth_backend scope create --name auth.scope.read --comment auth.scope.read --creator 1 - source ./venv/bin/activate && python -m auth_backend scope create --name auth.scope.update --comment auth.scope.update --creator 1 - source ./venv/bin/activate && python -m auth_backend scope create --name auth.user.delete --comment auth.user.delete --creator 1 - source ./venv/bin/activate && python -m auth_backend scope create --name auth.user.read --comment auth.user.read --creator 1 - source ./venv/bin/activate && python -m auth_backend scope create --name auth.user.update --comment auth.user.update --creator 1 - source ./venv/bin/activate && python -m auth_backend scope create --name auth.airflow_outer_auth.link.read --comment auth.airflow_outer_auth.link.read --creator 1 - source ./venv/bin/activate && python -m auth_backend scope create --name auth.airflow_outer_auth.link.create --comment auth.airflow_outer_auth.link.create --creator 1 - source ./venv/bin/activate && python -m auth_backend scope create --name auth.airflow_outer_auth.link.delete --comment auth.airflow_outer_auth.link.delete --creator 1 - source ./venv/bin/activate && python -m auth_backend scope create --name auth.coder_outer_auth.link.read --comment auth.coder_outer_auth.link.read --creator 1 - source ./venv/bin/activate && python -m auth_backend scope create --name auth.coder_outer_auth.link.create --comment auth.coder_outer_auth.link.create --creator 1 - source ./venv/bin/activate && python -m auth_backend scope create --name auth.coder_outer_auth.link.delete --comment auth.coder_outer_auth.link.delete --creator 1 - source ./venv/bin/activate && python -m auth_backend scope create --name auth.mailu_outer_auth.link.read --comment auth.mailu_outer_auth.link.read --creator 1 - source ./venv/bin/activate && python -m auth_backend scope create --name auth.mailu_outer_auth.link.create --comment auth.mailu_outer_auth.link.create --creator 1 - source ./venv/bin/activate && python -m auth_backend scope create --name auth.mailu_outer_auth.link.delete --comment auth.mailu_outer_auth.link.delete --creator 1 - source ./venv/bin/activate && python -m auth_backend scope create --name auth.postgres_outer_auth.link.read --comment auth.postgres_outer_auth.link.read --creator 1 - source ./venv/bin/activate && python -m auth_backend scope create --name auth.postgres_outer_auth.link.create --comment auth.postgres_outer_auth.link.create --creator 1 - source ./venv/bin/activate && python -m auth_backend scope create --name auth.postgres_outer_auth.link.delete --comment auth.postgres_outer_auth.link.delete --creator 1 - source ./venv/bin/activate && python -m auth_backend user_group create --user_id 1 --group_id 1 + source ./venv/bin/activate && python -m auth_backend scope create --name auth.group.create --comment auth.group.create --creator_email test-admin@profcomff.com + source ./venv/bin/activate && python -m auth_backend scope create --name auth.group.delete --comment auth.group.delete --creator_email test-admin@profcomff.com + source ./venv/bin/activate && python -m auth_backend scope create --name auth.group.read --comment auth.group.read --creator_email test-admin@profcomff.com + source ./venv/bin/activate && python -m auth_backend scope create --name auth.group.update --comment auth.group.update --creator_email test-admin@profcomff.com + source ./venv/bin/activate && python -m auth_backend scope create --name auth.scope.create --comment auth.scope.create --creator_email test-admin@profcomff.com + source ./venv/bin/activate && python -m auth_backend scope create --name auth.scope.delete --comment auth.scope.delete --creator_email test-admin@profcomff.com + source ./venv/bin/activate && python -m auth_backend scope create --name auth.scope.read --comment auth.scope.read --creator_email test-admin@profcomff.com + source ./venv/bin/activate && python -m auth_backend scope create --name auth.scope.update --comment auth.scope.update --creator_email test-admin@profcomff.com + source ./venv/bin/activate && python -m auth_backend scope create --name auth.user.delete --comment auth.user.delete --creator_email test-admin@profcomff.com + source ./venv/bin/activate && python -m auth_backend scope create --name auth.user.read --comment auth.user.read --creator_email test-admin@profcomff.com + source ./venv/bin/activate && python -m auth_backend scope create --name auth.user.update --comment auth.user.update --creator_email test-admin@profcomff.com + source ./venv/bin/activate && python -m auth_backend scope create --name auth.airflow_outer_auth.link.read --comment auth.airflow_outer_auth.link.read --creator_email test-admin@profcomff.com + source ./venv/bin/activate && python -m auth_backend scope create --name auth.airflow_outer_auth.link.create --comment auth.airflow_outer_auth.link.create --creator_email test-admin@profcomff.com + source ./venv/bin/activate && python -m auth_backend scope create --name auth.airflow_outer_auth.link.delete --comment auth.airflow_outer_auth.link.delete --creator_email test-admin@profcomff.com + source ./venv/bin/activate && python -m auth_backend scope create --name auth.coder_outer_auth.link.read --comment auth.coder_outer_auth.link.read --creator_email test-admin@profcomff.com + source ./venv/bin/activate && python -m auth_backend scope create --name auth.coder_outer_auth.link.create --comment auth.coder_outer_auth.link.create --creator_email test-admin@profcomff.com + source ./venv/bin/activate && python -m auth_backend scope create --name auth.coder_outer_auth.link.delete --comment auth.coder_outer_auth.link.delete --creator_email test-admin@profcomff.com + source ./venv/bin/activate && python -m auth_backend scope create --name auth.mailu_outer_auth.link.read --comment auth.mailu_outer_auth.link.read --creator_email test-admin@profcomff.com + source ./venv/bin/activate && python -m auth_backend scope create --name auth.mailu_outer_auth.link.create --comment auth.mailu_outer_auth.link.create --creator_email test-admin@profcomff.com + source ./venv/bin/activate && python -m auth_backend scope create --name auth.mailu_outer_auth.link.delete --comment auth.mailu_outer_auth.link.delete --creator_email test-admin@profcomff.com + source ./venv/bin/activate && python -m auth_backend scope create --name auth.postgres_outer_auth.link.read --comment auth.postgres_outer_auth.link.read --creator_email test-admin@profcomff.com + source ./venv/bin/activate && python -m auth_backend scope create --name auth.postgres_outer_auth.link.create --comment auth.postgres_outer_auth.link.create --creator_email test-admin@profcomff.com + source ./venv/bin/activate && python -m auth_backend scope create --name auth.postgres_outer_auth.link.delete --comment auth.postgres_outer_auth.link.delete --creator_email test-admin@profcomff.com + source ./venv/bin/activate && python -m auth_backend user_group create --email test-admin@profcomff.com login-user: curl -X 'POST' 'http://localhost:8000/email/login' -H 'accept: application/json' -H 'Content-Type: application/json' -d '{"email": "test-user@profcomff.com", "password": "string"}' diff --git a/auth_backend/cli/process.py b/auth_backend/cli/process.py index bd157d0d..1c8357d7 100644 --- a/auth_backend/cli/process.py +++ b/auth_backend/cli/process.py @@ -40,14 +40,13 @@ def get_args(): scope_subparsers = scope.add_subparsers(dest='subcommand') scope_create = scope_subparsers.add_parser("create") scope_create.add_argument('--name', type=str, required=True) - scope_create.add_argument('--creator', type=str, required=True) + scope_create.add_argument('--creator_email', type=str, required=True) scope_create.add_argument('--comment', type=str, required=True) user_group = subparsers.add_parser("user_group") user_group_subparsers = user_group.add_subparsers(dest='subcommand') user_group_create = user_group_subparsers.add_parser("create") - user_group_create.add_argument('--user_id', type=str, required=True) - user_group_create.add_argument('--group_id', type=str, required=True) + user_group_create.add_argument('--email', type=str, required=True) return parser.parse_args() @@ -67,7 +66,7 @@ def process() -> None: create_group(args.name, args.scopes, args.parent, session) elif args.command == 'scope' and args.subcommand == 'create': print(f'Creating scope with params {args}') - create_scope(args.name, args.creator, args.comment, session) + create_scope(args.name, args.creator_email, args.comment, session) elif args.command == 'user_group' and args.subcommand == 'create': print(f'Creating user_group with params {args}') - create_user_group(args.user_id, args.group_id, session) + create_user_group(args.email, session) diff --git a/auth_backend/cli/scope.py b/auth_backend/cli/scope.py index 84490e96..2629d435 100644 --- a/auth_backend/cli/scope.py +++ b/auth_backend/cli/scope.py @@ -2,13 +2,19 @@ from sqlalchemy.orm import Session -from auth_backend.models.db import Scope +from auth_backend.models.db import AuthMethod, Scope -def create_scope(name: str, creator_id: int, comment: str, session: Session) -> None: +def create_scope(name: str, creator_email: str, comment: str, session: Session) -> None: if Scope.query(session=session).filter(Scope.name == name).one_or_none(): print("Scope already exists") exit(errno.EIO) + creator_id = ( + AuthMethod.query(session=session) + .filter(AuthMethod.auth_method == "email", AuthMethod.value == creator_email) + .one() + .user_id + ) scope = Scope.create(name=name, creator_id=creator_id, comment=comment, session=session) session.commit() print(f"Created scope: {scope}") diff --git a/auth_backend/cli/user_group.py b/auth_backend/cli/user_group.py index a8f63064..5dbe2aec 100644 --- a/auth_backend/cli/user_group.py +++ b/auth_backend/cli/user_group.py @@ -2,10 +2,17 @@ from sqlalchemy.orm import Session -from auth_backend.models.db import UserGroup +from auth_backend.models.db import AuthMethod, Group, UserGroup -def create_user_group(user_id: int, group_id: int, session: Session) -> None: +def create_user_group(email: str, session: Session) -> None: + user_id = ( + AuthMethod.query(session=session) + .filter(AuthMethod.auth_method == "email", AuthMethod.value == email) + .one() + .user_id + ) + group_id = Group.query(session=session).filter(Group.name == "root").one().id if ( UserGroup.query(session=session) .filter(UserGroup.user_id == user_id, UserGroup.group_id == group_id)