#827 ability for users to set permission equal to anothers and to ALL permissinos

Author: allmightyspiff

.gitignore

@@ -14,3 +14,4 @@ dist/*
 *.egg-info
 .cache
 .idea
+.pytest_cache/*

.pytest_cache/v/cache/lastfailed

@@ -12,20 +12,22 @@
 @click.argument('identifier')
 @click.option('--enable/--disable', default=True,
               help="Enable (DEFAULT) or Disable selected permissions")
-@click.option('--permission', '-p', multiple=True, required=True,
-              help="Permission keyName to set, multiple instances allowed. Use keyword ALL to select ALL permisssions")
-@click.option('--from-user', '-u', default=None, 
-              help="Set permissions to match this user's permissions")
+@click.option('--permission', '-p', multiple=True,
+              help="Permission keyName to set, multiple instances allowed. "
+                   "Use keyword ALL to select ALL permisssions")
+@click.option('--from-user', '-u', default=None,
+              help="Set permissions to match this user's permissions. "
+                   "Will add then remove the appropriate permissions")
 @environment.pass_env
 def cli(env, identifier, enable, permission, from_user):
     """Enable or Disable specific permissions."""
     mgr = SoftLayer.UserManager(env.client)
     user_id = helpers.resolve_id(mgr.resolve_ids, identifier, 'username')
     result = False
-    # TODO, this bit. Make sure from-user and permission/enable are exclusive
     if from_user:
-       result = mgr.permissions_from_user(user_id, from_user) 
-    if enable:
+        from_user_id = helpers.resolve_id(mgr.resolve_ids, from_user, 'username')
+        result = mgr.permissions_from_user(user_id, from_user_id)
+    elif enable:
         result = mgr.add_permissions(user_id, permission)
     else:
         result = mgr.remove_permissions(user_id, permission)

.pytest_cache/v/cache/nodeids

@@ -8,7 +8,6 @@
 from SoftLayer.CLI import environment
 from SoftLayer.CLI import formatting
 
-from pprint import pprint as pp
 
 COLUMNS = [
     column_helper.Column('id', ('id',)),

SoftLayer/CLI/user/edit_permissions.py

@@ -3,5 +3,10 @@
         "key": "T_1",
         "keyName": "TICKET_VIEW",
         "name": "View Tickets"
+    },
+    {
+        "key": "T_2",
+        "keyName": "TEST",
+        "name": "A Testing Permission"
     }
 ]

SoftLayer/CLI/user/list.py

@@ -6,12 +6,14 @@
     :license: MIT, see LICENSE for more details.
 """
 import datetime
+import logging
 from operator import itemgetter
 
 from SoftLayer import exceptions
 from SoftLayer import utils
 
-from pprint import pprint as pp
+LOGGER = logging.getLogger(__name__)
+
 
 class UserManager(utils.IdentifierMixin, object):
     """Manages Users.
@@ -34,6 +36,7 @@ def __init__(self, client):
         self.user_service = self.client['SoftLayer_User_Customer']
         self.account_service = self.client['SoftLayer_Account']
         self.resolvers = [self._get_id_from_username]
+        self.all_permissions = None
 
     def list_users(self, objectmask=None, objectfilter=None):
         """Lists all users on an account
@@ -66,10 +69,13 @@ def get_user(self, user_id, objectmask=None):
     def get_all_permissions(self):
         """Calls SoftLayer_User_CustomerPermissions_Permission::getAllObjects
 
+        Stores the result in self.all_permissions
         :returns: A list of dictionaries that contains all valid permissions
         """
-        permissions = self.client.call('User_Customer_CustomerPermission_Permission', 'getAllObjects')
-        return sorted(permissions, key=itemgetter('keyName'))
+        if self.all_permissions is None:
+            permissions = self.client.call('User_Customer_CustomerPermission_Permission', 'getAllObjects')
+            self.all_permissions = sorted(permissions, key=itemgetter('keyName'))
+        return self.all_permissions
 
     def add_permissions(self, user_id, permissions):
         """Enables a list of permissions for a user
@@ -82,6 +88,7 @@ def add_permissions(self, user_id, permissions):
             add_permissions(123, ['BANDWIDTH_MANAGE'])
         """
         pretty_permissions = self.format_permission_object(permissions)
+        LOGGER.warning("Adding the following permissions to %s: %s", user_id, pretty_permissions)
         return self.user_service.addBulkPortalPermission(pretty_permissions, id=user_id)
 
     def remove_permissions(self, user_id, permissions):
@@ -95,8 +102,32 @@ def remove_permissions(self, user_id, permissions):
             remove_permissions(123, ['BANDWIDTH_MANAGE'])
         """
         pretty_permissions = self.format_permission_object(permissions)
+        LOGGER.warning("Removing the following permissions to %s: %s", user_id, pretty_permissions)
         return self.user_service.removeBulkPortalPermission(pretty_permissions, id=user_id)
 
+    def permissions_from_user(self, user_id, from_user_id):
+        """Sets user_id's permission to be the same as from_user_id's
+
+        Any permissions from_user_id has will be added to user_id.
+        Any permissions from_user_id doesn't have will be removed from user_id.
+
+        :param int user_id: The user to change permissions.
+        :param int from_user_id: The use to base permissions from.
+        :returns: True on success, Exception otherwise.
+        """
+        from_permissions = self.get_user_permissions(from_user_id)
+        self.add_permissions(user_id, from_permissions)
+        all_permissions = self.get_all_permissions()
+        remove_permissions = []
+        for permission in all_permissions:
+            # If permission does not exist for from_user_id add it to the list to be removed
+            if _keyname_search(all_permissions, permission):
+                continue
+            else:
+                remove_permissions.append({'keyName': permission['keyName']})
+        self.remove_permissions(user_id, remove_permissions)
+        return True
+
     def get_user_permissions(self, user_id):
         """Returns a sorted list of a users permissions"""
         permissions = self.user_service.getPermissions(id=user_id)
@@ -131,13 +162,14 @@ def get_events(self, user_id, start_date=None):
         """Gets the event log for a specific user, default start_date is 30 days ago
 
         :param int id: User id to view
-        :param string start_date: "%Y-%m-%dT%H:%M:%s.0000-06:00" formatted string. Anything else wont work
+        :param string start_date: "%Y-%m-%dT%H:%M:%s.0000-06:00" is the full formatted string.
+                                  The Timezone part has to be HH:MM, notice the : there.
         :returns: https://softlayer.github.io/reference/datatypes/SoftLayer_Event_Log/
         """
 
         if start_date is None:
             date_object = datetime.date.today() - datetime.timedelta(days=30)
-            start_date = date_object.strftime("%Y-%m-%dT00:00:00.0000-06:00")
+            start_date = date_object.strftime("%Y-%m-%dT00:00:00")
 
         object_filter = {
             'userId': {
@@ -149,7 +181,10 @@ def get_events(self, user_id, start_date=None):
             }
         }
 
-        return self.client.call('Event_Log', 'getAllObjects', filter=object_filter)
+        events = self.client.call('Event_Log', 'getAllObjects', filter=object_filter)
+        if events is None:
+            events = [{'eventName': 'No Events Found'}]
+        return events
 
     def _get_id_from_username(self, username):
         """Looks up a username's id
@@ -162,24 +197,39 @@ def _get_id_from_username(self, username):
         user = self.list_users(_mask, _filter)
         if len(user) == 1:
             return [user[0]['id']]
+        elif len(user) > 1:
+            raise exceptions.SoftLayerError("Multiple users found with the name: %s" % username)
         else:
-            # Might eventually want to throw an exception if len(user) > 1
             raise exceptions.SoftLayerError("Unable to find user id for %s" % username)
 
-
     def format_permission_object(self, permissions):
-        """Formats a list of permission key names into something the SLAPI will respect"""
+        """Formats a list of permission key names into something the SLAPI will respect.
+
+        :param list permissions: A list of SLAPI permissions keyNames.
+                                 keyName of ALL will return all permissions.
+        :returns: list of dictionaries that can be sent to the api to add or remove permissions
+        :throws SoftLayerError: If any permission is invalid this exception will be thrown.
+        """
         pretty_permissions = []
         available_permissions = self.get_all_permissions()
         # pp(available_permissions)
         for permission in permissions:
+            # Handle data retrieved directly from the API
+            if isinstance(permission, dict):
+                permission = permission['keyName']
             permission = permission.upper()
             if permission == 'ALL':
                 return available_permissions
             # Search through available_permissions to make sure what the user entered was valid
-            if next(filter(lambda x: x['keyName'] == permission, available_permissions), False):
+            if _keyname_search(available_permissions, permission):
                 pretty_permissions.append({'keyName': permission})
             else:
-                raise exceptions.SoftLayerError("%s is not a valid permission" % permission)
-        pp(pretty_permissions)
+                raise exceptions.SoftLayerError("|%s| is not a valid permission" % permission)
         return pretty_permissions
+
+
+def _keyname_search(haystack, needle):
+    for item in haystack:
+        if item.get('keyName') == needle:
+            return True
+    return False

SoftLayer/fixtures/SoftLayer_User_Customer_CustomerPermission_Permission.py

@@ -9,7 +9,7 @@
 import json
 
 
-class UserTests(testing.TestCase):
+class UserCLITests(testing.TestCase):
 
     """User list tests"""
 
@@ -83,11 +83,15 @@ def test_permissions_list(self):
     """User edit-permissions tests"""
 
     def test_edit_perms_on(self):
-        result = self.run_command(['user', 'edit-permissions', '11100', '--enable', '-p TEST'])
+        result = self.run_command(['user', 'edit-permissions', '11100', '--enable', '-p', 'TEST'])
         self.assert_no_fail(result)
         self.assert_called_with('SoftLayer_User_Customer', 'addBulkPortalPermission', identifier=11100)
 
+    def test_edit_perms_on_bad(self):
+        result = self.run_command(['user', 'edit-permissions', '11100', '--enable', '-p', 'TEST_NOt_exist'])
+        self.assertEqual(result.exit_code, -1)
+
     def test_edit_perms_off(self):
-        result = self.run_command(['user', 'edit-permissions', '11100', '--disable', '-p TEST'])
+        result = self.run_command(['user', 'edit-permissions', '11100', '--disable', '-p', 'TEST'])
         self.assert_no_fail(result)
         self.assert_called_with('SoftLayer_User_Customer', 'removeBulkPortalPermission', identifier=11100)

SoftLayer/managers/user.py

@@ -15,8 +15,7 @@ def set_up(self):
 
     def test_list_user_defaults(self):
         self.manager.list_users()
-        expected_mask = "mask[id, username, displayName, userStatus[name], hardwareCount, virtualGuestCount]"
-        self.assert_called_with('SoftLayer_Account', 'getUsers', mask=expected_mask)
+        self.assert_called_with('SoftLayer_Account', 'getUsers', mask=mock.ANY)
 
     def test_list_user_mask(self):
         self.manager.list_users(objectmask="mask[id]")
@@ -86,7 +85,7 @@ def test_get_events_default(self):
                 },
                 'eventCreateDate': {
                     'operation': 'greaterThanDate',
-                    'options': [{'name': 'date', 'value': ['2018-04-15T00:00:00.0000-06:00']}]
+                    'options': [{'name': 'date', 'value': ['2018-04-15T00:00:00']}]
                 }
             }
             self.assert_called_with('SoftLayer_Event_Log', 'getAllObjects', filter=expected_filter)