added migration script for users to add 'No access' roles in app_roles
This commit is contained in:
Davor
parent
b6f3765a3a
commit
c1e62089b6
2 changed files with 37 additions and 0 deletions
12
areas/apps/apps_service.py
Normal file
12
areas/apps/apps_service.py
Normal file
|
|
@ -0,0 +1,12 @@
|
||||||
|
from .models import App, AppRole
|
||||||
|
|
||||||
|
class AppsService:
|
||||||
|
@staticmethod
|
||||||
|
def get_apps():
|
||||||
|
apps = App.query.all()
|
||||||
|
return [{"id": app.id, "name": app.name, "slug": app.slug} for app in apps]
|
||||||
|
|
||||||
|
@staticmethod
|
||||||
|
def get_app_roles():
|
||||||
|
app_roles = AppRole.query.all()
|
||||||
|
return [{"user_id": app_role.user_id, "app_id": app_role.app_id, "role_id": app_role.role_id} for app_role in app_roles]
|
||||||
|
|
@ -8,6 +8,7 @@ Create Date: 2022-06-08 17:24:51.305129
|
||||||
from alembic import op
|
from alembic import op
|
||||||
import sqlalchemy as sa
|
import sqlalchemy as sa
|
||||||
|
|
||||||
|
from areas.apps.apps_service import AppsService
|
||||||
|
|
||||||
# revision identifiers, used by Alembic.
|
# revision identifiers, used by Alembic.
|
||||||
revision = 'b514cca2d47b'
|
revision = 'b514cca2d47b'
|
||||||
|
|
@ -21,10 +22,34 @@ def upgrade():
|
||||||
|
|
||||||
# Insert role "user" as ID 2
|
# Insert role "user" as ID 2
|
||||||
op.execute("INSERT INTO `role` (id, `name`) VALUES (2, 'user')")
|
op.execute("INSERT INTO `role` (id, `name`) VALUES (2, 'user')")
|
||||||
|
# Insert role "no access" as ID 3
|
||||||
|
op.execute("INSERT INTO `role` (id, `name`) VALUES (3, 'no access')")
|
||||||
# Set role_id 2 to all current "user" users which by have NULL role ID
|
# Set role_id 2 to all current "user" users which by have NULL role ID
|
||||||
op.execute("UPDATE app_role SET role_id = 2 WHERE role_id IS NULL")
|
op.execute("UPDATE app_role SET role_id = 2 WHERE role_id IS NULL")
|
||||||
|
|
||||||
|
# Add 'no access' role for all users that don't have any roles for specific apps
|
||||||
|
app_ids = [app['id'] for app in AppsService.get_apps()]
|
||||||
|
app_roles = AppsService.get_app_roles()
|
||||||
|
user_ids = [app_role['user_id'] for app_role in app_roles]
|
||||||
|
|
||||||
|
for user_id in user_ids:
|
||||||
|
existing_app_ids = [x['app_id'] for x in list(filter(lambda role: role['user_id'] == user_id, app_roles))]
|
||||||
|
missing_app_ids = [x for x in app_ids if x not in existing_app_ids]
|
||||||
|
|
||||||
|
if len(missing_app_ids) > 0:
|
||||||
|
insert_statement = "INSERT INTO app_role (user_id, app_id, role_id) VALUES"
|
||||||
|
for app_id in missing_app_ids:
|
||||||
|
insert_statement += " ('"+ user_id +"'," + str(app_id) +",3),"
|
||||||
|
op.execute(insert_statement[:-1])
|
||||||
|
|
||||||
|
|
||||||
def downgrade():
|
def downgrade():
|
||||||
|
# Revert all users role_id to NULL where role is 'user'
|
||||||
op.execute("UPDATE app_role SET role_id = NULL WHERE role_id = 2")
|
op.execute("UPDATE app_role SET role_id = NULL WHERE role_id = 2")
|
||||||
|
# Delete role 'user' from roles
|
||||||
op.execute("DELETE FROM `role` WHERE id = 2")
|
op.execute("DELETE FROM `role` WHERE id = 2")
|
||||||
|
|
||||||
|
# Delete all user app roles where role is 'no access' with role_id 3
|
||||||
|
op.execute("DELETE FROM app_role WHERE role_id = 3")
|
||||||
|
# Delete role 'no access' from roles
|
||||||
|
op.execute("DELETE FROM `role` WHERE id = 3")
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue