2
0
mirror of https://github.com/xcat2/confluent.git synced 2024-11-26 11:30:23 +00:00

Require role explicitly on user/group creation

Rather than default to administrator, require
the user to explicitly set the role to administrator.
This commit is contained in:
Jarrod Johnson 2020-01-27 16:12:03 -05:00
parent 0652a7321b
commit cf72cf2d8c
2 changed files with 15 additions and 10 deletions

View File

@ -1349,7 +1349,7 @@ class ConfigManager(object):
_mark_dirtykey('usergroups', groupname, self.tenant)
self._bg_sync_to_file()
def create_usergroup(self, groupname, role="Administrator"):
def create_usergroup(self, groupname, role):
"""Create a new user
:param groupname: The name of the user group
@ -1365,7 +1365,7 @@ class ConfigManager(object):
role)
self._true_create_usergroup(groupname, role)
def _true_create_usergroup(self, groupname, role="Administrator"):
def _true_create_usergroup(self, groupname, role):
if 'usergroups' not in self._cfgstore:
self._cfgstore['usergroups'] = {}
groupname = confluent.util.stringify(groupname)
@ -1440,7 +1440,7 @@ class ConfigManager(object):
self._bg_sync_to_file()
def create_user(self, name,
role="Administrator", uid=None, displayname=None,
role, uid=None, displayname=None,
attributemap=None):
"""Create a new user
@ -1459,7 +1459,7 @@ class ConfigManager(object):
role, uid, displayname, attributemap)
self._true_create_user(name, role, uid, displayname, attributemap)
def _true_create_user(self, name, role="Administrator", uid=None,
def _true_create_user(self, name, role, uid=None,
displayname=None, attributemap=None):
if 'idmap' not in _cfgstore['main']:
_cfgstore['main']['idmap'] = {}
@ -1478,9 +1478,10 @@ class ConfigManager(object):
self._cfgstore['users'][name]['displayname'] = displayname
_cfgstore['main']['idmap'][uid] = {
'tenant': self.tenant,
'username': name
'username': name,
'role': role,
}
if attributemap is not None:
if attributemap:
self._true_set_user(name, attributemap)
_mark_dirtykey('users', name, self.tenant)
_mark_dirtykey('idmap', uid)

View File

@ -412,18 +412,22 @@ def create_user(inputdata, configmanager):
try:
username = inputdata['name']
del inputdata['name']
role = inputdata['role']
del inputdata['role']
except (KeyError, ValueError):
raise exc.InvalidArgumentException()
configmanager.create_user(username, attributemap=inputdata)
raise exc.InvalidArgumentException('Missing user name or role')
configmanager.create_user(username, role, attributemap=inputdata)
def create_usergroup(inputdata, configmanager):
try:
groupname = inputdata['name']
role = inputdata['role']
del inputdata['name']
del inputdata['role']
except (KeyError, ValueError):
raise exc.InvalidArgumentException()
configmanager.create_usergroup(groupname)
raise exc.InvalidArgumentException("Missing user name or role")
configmanager.create_usergroup(groupname, role)
def update_usergroup(groupname, attribmap, configmanager):