crafty-4/app/classes/models/crafty_permissions.py

206 lines
7.8 KiB
Python

import logging
import typing as t
from enum import Enum
from peewee import (
ForeignKeyField,
CharField,
IntegerField,
DoesNotExist,
)
from app.classes.models.base_model import BaseModel
from app.classes.models.servers import HelperServers
from app.classes.models.users import Users, ApiKeys, HelperUsers
from app.classes.shared.permission_helper import PermissionHelper
logger = logging.getLogger(__name__)
# **********************************************************************************
# User_Crafty Class
# **********************************************************************************
class UserCrafty(BaseModel):
user_id = ForeignKeyField(Users, backref="users_crafty")
permissions = CharField(default="00000000")
limit_server_creation = IntegerField(default=-1)
limit_user_creation = IntegerField(default=0)
limit_role_creation = IntegerField(default=0)
class Meta:
table_name = "user_crafty"
# **********************************************************************************
# Crafty Permissions Class
# **********************************************************************************
class EnumPermissionsCrafty(Enum):
SERVER_CREATION = 0
USER_CONFIG = 1
ROLES_CONFIG = 2
class PermissionsCrafty:
# **********************************************************************************
# Crafty Permissions Methods
# **********************************************************************************
@staticmethod
def get_permissions_list():
return list(EnumPermissionsCrafty.__members__.values())
@staticmethod
def get_permissions(permissions_mask):
return [
permission
for permission in EnumPermissionsCrafty.__members__.values()
if PermissionsCrafty.has_permission(permissions_mask, permission)
]
@staticmethod
def has_permission(permission_mask, permission_tested: EnumPermissionsCrafty):
return permission_mask[permission_tested.value] == "1"
@staticmethod
def set_permission(
permission_mask, permission_tested: EnumPermissionsCrafty, value
):
index = permission_tested.value
return permission_mask[:index] + str(value) + permission_mask[index + 1 :]
@staticmethod
def get_permission(permission_mask, permission_tested: EnumPermissionsCrafty):
return permission_mask[permission_tested.value]
@staticmethod
def get_crafty_permissions_mask(user_id):
# TODO: only get the permissions of the UserCrafty
user_crafty = PermissionsCrafty.get_user_crafty(user_id)
permissions_mask = user_crafty.permissions
return permissions_mask
@staticmethod
def get_all_permission_quantity_list():
return {name: -1 for name in EnumPermissionsCrafty.__members__.keys()}
@staticmethod
def get_permission_quantity_list(user_id):
user_crafty = PermissionsCrafty.get_user_crafty(user_id)
quantity_list = {
EnumPermissionsCrafty.SERVER_CREATION.name: user_crafty.limit_server_creation, # pylint: disable=line-too-long
EnumPermissionsCrafty.USER_CONFIG.name: user_crafty.limit_user_creation,
EnumPermissionsCrafty.ROLES_CONFIG.name: user_crafty.limit_role_creation,
}
return quantity_list
# **********************************************************************************
# User_Crafty Methods
# **********************************************************************************
@staticmethod
def get_user_crafty(user_id):
try:
user_crafty = UserCrafty.get(UserCrafty.user_id == user_id)
except DoesNotExist:
UserCrafty.insert(
{
UserCrafty.user_id: user_id,
UserCrafty.permissions: "000",
UserCrafty.limit_server_creation: 0,
UserCrafty.limit_user_creation: 0,
UserCrafty.limit_role_creation: 0,
}
).execute()
user_crafty = PermissionsCrafty.get_user_crafty(user_id)
return user_crafty
@staticmethod
def get_user_crafty_optional(user_id) -> t.Optional[UserCrafty]:
try:
return UserCrafty.get(UserCrafty.user_id == user_id)
except DoesNotExist:
return None
@staticmethod
def add_user_crafty(user_id, uc_permissions):
user_crafty = UserCrafty.insert(
{UserCrafty.user_id: user_id, UserCrafty.permissions: uc_permissions}
).execute()
return user_crafty
@staticmethod
def add_or_update_user(
user_id,
permissions_mask,
limit_server_creation,
limit_user_creation,
limit_role_creation,
):
# http://docs.peewee-orm.com/en/latest/peewee/querying.html#upsert
try:
user_crafty = UserCrafty.select().where(UserCrafty.user_id == user_id).get()
user_crafty.permissions = permissions_mask
user_crafty.limit_server_creation = limit_server_creation
user_crafty.limit_user_creation = limit_user_creation
user_crafty.limit_role_creation = limit_role_creation
UserCrafty.save(user_crafty)
except:
UserCrafty.insert(
{
UserCrafty.user_id: user_id,
UserCrafty.permissions: permissions_mask,
UserCrafty.limit_server_creation: limit_server_creation,
UserCrafty.limit_user_creation: limit_user_creation,
UserCrafty.limit_role_creation: limit_role_creation,
}
).execute()
@staticmethod
def get_created_quantity_list(user_id):
quantity_list = {
EnumPermissionsCrafty.SERVER_CREATION.name: HelperServers.get_total_owned_servers( # pylint: disable=line-too-long
user_id
),
EnumPermissionsCrafty.USER_CONFIG.name: HelperUsers.get_managed_users(
user_id
).count(),
EnumPermissionsCrafty.ROLES_CONFIG.name: HelperUsers.get_managed_roles(
user_id
).count(),
}
return quantity_list
@staticmethod
def get_crafty_limit_value(user_id, permission):
quantity_list = PermissionsCrafty.get_permission_quantity_list(user_id)
return quantity_list[permission]
@staticmethod
def can_add_in_crafty(user_id, permission):
user_crafty = PermissionsCrafty.get_user_crafty(user_id)
can = PermissionsCrafty.has_permission(user_crafty.permissions, permission)
limit_list = PermissionsCrafty.get_permission_quantity_list(user_id)
quantity_list = PermissionsCrafty.get_created_quantity_list(user_id)
return can and (
(quantity_list[permission.name] < limit_list[permission.name])
or limit_list[permission.name] == -1
)
@staticmethod
def get_api_key_permissions_list(key: ApiKeys):
user = HelperUsers.get_user(key.user_id)
if user["superuser"] and key.full_access:
return PermissionsCrafty.get_permissions_list()
if user["superuser"]:
# User is superuser but API key isn't
user_permissions_mask = "111"
else:
# Not superuser
user_permissions_mask = PermissionsCrafty.get_crafty_permissions_mask(
user["user_id"]
)
key_permissions_mask: str = key.crafty_permissions
permissions_mask = PermissionHelper.combine_masks(
user_permissions_mask, key_permissions_mask
)
permissions_list = PermissionsCrafty.get_permissions(permissions_mask)
return permissions_list