--- /dev/null
+from PLC.Faults import *
+from PLC.Method import Method
+from PLC.Parameter import Parameter, Mixed
+from PLC.Keys import Key, Keys
+from PLC.Persons import Person, Persons
+from PLC.Auth import PasswordAuth
+
+class AddKey(Method):
+ """
+ Adds a new key for the specified person. If the key already exists,
+ the call returns successful.
+
+ Non-admin, they can only modify their own keys.
+
+ Returns the new key_id (> 0) if successful, faults otherwise.
+ """
+
+ roles = ['admin', 'pi', 'tech', 'user']
+
+ can_update = lambda (field, value): field in \
+ ['key_type', 'key','is_blacklisted', 'is_primary']
+ update_fields = dict(filter(can_update, Key.fields.items()))
+
+ accepts = [
+ PasswordAuth(),
+ Mixed(Person.fields['person_id'],
+ Person.fields['email']),
+ update_fields
+ ]
+
+ returns = Parameter(int, 'New Key_id (> 0) if successful')
+
+ def call(self, auth, person_id_or_email, key_fields = {}):
+ if filter(lambda field: field not in self.update_fields, key_fields):
+ raise PLCInvalidArgument, "Invalid field specified"
+
+ # Get account details
+ persons = Persons(self.api, [person_id_or_email]).values()
+ if not persons:
+ raise PLCInvalidArgument, "No such account"
+ person = persons[0]
+
+ #If we are not admin, make sure caller is adding a key to their account
+ if 'admin' not in self.caller['roles']:
+ if person['person_id'] not in [self.caller['person_id']]:
+ raise PLCPermissionDenied, "You may only modify your own keys"
+
+ key = Key(self.api, key_fields)
+ key.sync()
+ key.add_person(person)
+
+ return key['key_id']
--- /dev/null
+from PLC.Faults import *
+from PLC.Method import Method
+from PLC.Parameter import Parameter, Mixed
+from PLC.Keys import Key, Keys
+from PLC.Auth import PasswordAuth
+
+class DeleteKey(Method):
+ """
+ Deletes a Key.
+
+ Non-admins may only delete their own keys.
+
+ Returns 1 if successful, faults otherwise.
+ """
+
+ roles = ['admin', 'pi', 'tech', 'user']
+
+ accepts = [
+ PasswordAuth(),
+ Key.fields['key_id'],
+ ]
+
+ returns = Parameter(int, '1 if successful')
+
+ def call(self, auth, key_id):
+ # Get associated address details
+ keys = Keys(self.api, [key_id]).values()
+ if not keys:
+ raise PLCInvalidArgument, "No such key"
+ key = keys[0]
+
+ if 'admin' not in self.caller['roles']:
+ if key['key_id'] not in self.caller['key_ids']:
+ raise PLCPermissionDenied, "Key must be associated with one your account"
+
+ key.delete()
+
+ return 1
--- /dev/null
+from PLC.Faults import *
+from PLC.Method import Method
+from PLC.Parameter import Parameter, Mixed
+from PLC.Keys import Key, Keys
+from PLC.Auth import PasswordAuth
+
+class GetKeys(Method):
+ """
+ Get an array of structs containing the keys for the specified
+ key_ids. If key_id_list is not specified, all keys
+ will be queried.
+
+ Admin may get all keys. Non-admins can only get their own keys
+ """
+
+ roles = ['admin', 'pi', 'user', 'tech']
+
+ accepts = [
+ PasswordAuth(),
+ [Key.fields['key_id']]
+ ]
+
+ returns = [Key.fields]
+
+ def call(self, auth, key_id_list = None):
+
+ #if we are not admin, make sure to only return our own keys
+ if 'admin' not in self.caller['roles']:
+ if key_id_list is None:
+ key_id_list = self.caller['key_ids']
+ else:
+ valid_keys = lambda x: x in self.caller['key_ids']
+ key_id_list = filter(valid_keys, key_id_list)
+
+ keys = Keys(self.api, key_id_list).values()
+
+ return keys
--- /dev/null
+from PLC.Faults import *
+from PLC.Method import Method
+from PLC.Parameter import Parameter, Mixed
+from PLC.Keys import Key, Keys
+from PLC.Auth import PasswordAuth
+
+class UpdateKey(Method):
+ """
+ Updates the parameters of an existing key with the values in
+ key_fields.
+
+ Non admins may only update their own keys.
+
+ Returns 1 if successful, faults otherwise.
+ """
+
+ roles = ['admin', 'pi', 'tech', 'user']
+
+ can_update = lambda (field, value): field in \
+ ['key_type', 'key', 'is_blacklisted', 'is_primary']
+ update_fields = dict(filter(can_update, Key.fields.items()))
+
+ accepts = [
+ PasswordAuth(),
+ Key.fields['key_id'],
+ update_fields
+ ]
+
+ returns = Parameter(int, '1 if successful')
+
+ def call(self, auth, key_id, key_fields):
+
+ valid_fields = self.update_fields
+ # Remove admin only fields
+ if 'admin' not in self.caller['roles']:
+ for key in ['is_blacklisted']:
+ valid_fields.remove(key)
+
+ # Make sure only valid fields are specified
+ if filter(lambda field: field not in valid_fields, key_fields):
+ raise PLCInvalidArgument, "Invalid field specified"
+
+ # Get Key Information
+ keys = Keys(self.api, [key_id]).values()
+ if not keys:
+ raise PLCInvalidArgument, "No such key"
+ key = keys[0]
+
+ if 'admin' not in self.caller['roles']:
+ if key['key_id'] not in self.caller['key_ids']:
+ raise PLCPermissionDenied, "Key must be associated with one of your account"
+
+ key.update(key_fields)
+ key.sync()
+
+ return 1
-methods = 'AddAddress AddAddressType AddAddressTypeToAddress AddAttribute AddNodeGroup AddNodeNetwork AddNode AddNodeToNodeGroup AddPerson AddPersonToSite AddPersonToSlice AddRoleToPerson AddSite AddSliceAttribute AddSlice AddSliceToNodes AdmAddNodeGroup AdmAddNodeNetwork AdmAddNode AdmAddNodeToNodeGroup AdmAddPerson AdmAddPersonToSite AdmAddSite AdmAuthCheck AdmDeleteNodeGroup AdmDeleteNodeNetwork AdmDeleteNode AdmDeletePerson AdmDeleteSite AdmGetAllNodeNetworkBandwidthLimits AdmGetAllNodeNetworks AdmGetAllRoles AdmGetNodeGroupNodes AdmGetNodeGroups AdmGetNodes AdmGetPersonRoles AdmGetPersonSites AdmGetPersons AdmGetSiteNodes AdmGetSitePersons AdmGetSites AdmGrantRoleToPerson AdmIsPersonInRole AdmRemoveNodeFromNodeGroup AdmRemovePersonFromSite AdmRevokeRoleFromPerson AdmSetPersonEnabled AdmSetPersonPrimarySite AdmUpdateNodeGroup AdmUpdateNodeNetwork AdmUpdateNode AdmUpdatePerson AdmUpdateSite DeleteAddress DeleteAddressTypeFromAddress DeleteAddressType DeleteAttribute DeleteNodeFromNodeGroup DeleteNodeGroup DeleteNodeNetwork DeleteNode DeletePersonFromSite DeletePersonFromSlice DeletePerson DeleteRoleFromPerson DeleteSite DeleteSliceAttribute DeleteSliceFromNodes DeleteSlice GetAddresses GetAddressTypes GetAttributes GetNodeGroups GetNodeNetworks GetNodes GetPersons GetSites GetSliceAttributes GetSlices SetPersonPrimarySite UpdateAddress UpdateAddressType UpdateAttribute UpdateNodeGroup UpdateNodeNetwork UpdateNode UpdatePerson UpdateSite UpdateSliceAttribute UpdateSlice system.listMethods system.methodHelp system.methodSignature system.multicall'.split()
+methods = 'AddAddress AddAddressType AddAddressTypeToAddress AddAttribute AddKey AddNodeGroup AddNodeNetwork AddNode AddNodeToNodeGroup AddPerson AddPersonToSite AddPersonToSlice AddRoleToPerson AddSite AddSliceAttribute AddSlice AddSliceToNodes AdmAddNodeGroup AdmAddNodeNetwork AdmAddNode AdmAddNodeToNodeGroup AdmAddPerson AdmAddPersonToSite AdmAddSite AdmAuthCheck AdmDeleteNodeGroup AdmDeleteNodeNetwork AdmDeleteNode AdmDeletePerson AdmDeleteSite AdmGetAllNodeNetworkBandwidthLimits AdmGetAllNodeNetworks AdmGetAllRoles AdmGetNodeGroupNodes AdmGetNodeGroups AdmGetNodes AdmGetPersonRoles AdmGetPersonSites AdmGetPersons AdmGetSiteNodes AdmGetSitePersons AdmGetSites AdmGrantRoleToPerson AdmIsPersonInRole AdmRemoveNodeFromNodeGroup AdmRemovePersonFromSite AdmRevokeRoleFromPerson AdmSetPersonEnabled AdmSetPersonPrimarySite AdmUpdateNodeGroup AdmUpdateNodeNetwork AdmUpdateNode AdmUpdatePerson AdmUpdateSite AuthCheck DeleteAddress DeleteAddressTypeFromAddress DeleteAddressType DeleteAttribute DeleteKey DeleteNodeFromNodeGroup DeleteNodeGroup DeleteNodeNetwork DeleteNode DeletePersonFromSite DeletePersonFromSlice DeletePerson DeleteRoleFromPerson DeleteSite DeleteSliceAttribute DeleteSliceFromNodes DeleteSlice GetAddresses GetAddressTypes GetAttributes GetKeys GetNodeGroups GetNodeNetworks GetNodes GetPersons GetSites GetSliceAttributes GetSlices SetPersonPrimarySite UpdateAddress UpdateAddressType UpdateAttribute UpdateKey UpdateNodeGroup UpdateNodeNetwork UpdateNode UpdatePerson UpdateSite UpdateSliceAttribute UpdateSlice system.listMethods system.methodHelp system.methodSignature system.multicall'.split()
git://git.onelab.eu / plcapi.git / commitdiff