2024-12-16 10:40:48 +00:00
|
|
|
#!/bin/python3
|
|
|
|
import os
|
|
|
|
import sys
|
|
|
|
import logging
|
|
|
|
import requests
|
|
|
|
import json
|
|
|
|
import argparse
|
|
|
|
|
|
|
|
from subject import main
|
|
|
|
|
|
|
|
logging.basicConfig(format='%(levelname)s\t- %(message)s')
|
|
|
|
logger = logging.getLogger()
|
|
|
|
logger.setLevel(logging.INFO)
|
|
|
|
|
|
|
|
state = main(sys.argv)
|
|
|
|
|
|
|
|
BASE_DIR = os.path.join(os.path.expanduser('~'), '.sio/')
|
|
|
|
|
|
|
|
#session file - role - permission
|
|
|
|
def removePermission(args):
|
|
|
|
parser = argparse.ArgumentParser()
|
|
|
|
|
|
|
|
parser.add_argument("-k", '--key', nargs=1, help="Path to the key file")
|
|
|
|
parser.add_argument("-r", '--repo', nargs=1, help="Address:Port of the repository")
|
|
|
|
parser.add_argument("-v", '--verbose', help="Increase verbosity", action="store_true")
|
|
|
|
|
|
|
|
parser.add_argument('session', nargs='?', default=None)
|
|
|
|
parser.add_argument('role', nargs='?',default=None)
|
2024-12-17 10:00:05 +00:00
|
|
|
parser.add_argument('value', nargs='?',default=None)
|
2024-12-16 10:40:48 +00:00
|
|
|
|
|
|
|
args = parser.parse_args()
|
|
|
|
|
|
|
|
#Check number of arguments
|
2024-12-17 10:00:05 +00:00
|
|
|
if not args.session or not args.role or not args.value:
|
2024-12-16 10:40:48 +00:00
|
|
|
logger.error("Need session file and role.")
|
|
|
|
sys.exit(1)
|
|
|
|
|
|
|
|
#Validate role name
|
|
|
|
#TODO
|
|
|
|
|
|
|
|
# Check for session file
|
2024-12-17 10:00:05 +00:00
|
|
|
if not os.path.isfile(BASE_DIR + args.session):
|
2024-12-16 10:40:48 +00:00
|
|
|
logger.error("File '" + args.session + "' not found.")
|
|
|
|
sys.exit(1)
|
|
|
|
|
|
|
|
# Get session file content
|
|
|
|
with open(BASE_DIR + args.session, 'r') as f:
|
|
|
|
args.session = json.load(f)
|
|
|
|
|
2024-12-17 10:00:05 +00:00
|
|
|
|
|
|
|
isPerm = False; isUsername = False
|
|
|
|
|
|
|
|
# query for permission
|
|
|
|
if args.value in ['ROLE_ACL', 'SUBJECT_NEW', 'SUBJECT_DOWN', 'SUBJECT_UP', 'DOC_NEW']:
|
|
|
|
isPerm = True
|
|
|
|
else:
|
|
|
|
try:
|
|
|
|
subjects = requests.get(f'http://{state['REP_ADDRESS']}/user/list',
|
|
|
|
json=json.dumps({'username' : args.value}),
|
|
|
|
headers={'Authorization': args.session['token']})
|
|
|
|
subjects.raise_for_status()
|
|
|
|
isUsername = True
|
|
|
|
except requests.exceptions.RequestException as errex:
|
|
|
|
logger.error("Username doesn't exist.")
|
|
|
|
sys.exit(1)
|
|
|
|
|
|
|
|
|
|
|
|
if isPerm:
|
|
|
|
try:
|
|
|
|
req = requests.post(f'http://{state['REP_ADDRESS']}/role/' + args.role + '/perm/remove/' + args.value,
|
|
|
|
headers={'Authorization': args.session['token']})
|
|
|
|
req.raise_for_status()
|
|
|
|
except requests.exceptions.RequestException as errex:
|
|
|
|
logger.error("Failed to obtain response from server.")
|
|
|
|
sys.exit(-1)
|
|
|
|
elif isUsername:
|
|
|
|
try:
|
|
|
|
req = requests.post(f'http://{state['REP_ADDRESS']}/role/' + args.role + '/user/remove/' + args.value,
|
|
|
|
headers={'Authorization': args.session['token']})
|
|
|
|
req.raise_for_status()
|
|
|
|
except requests.exceptions.RequestException as errex:
|
|
|
|
logger.error("Failed to obtain response from server.")
|
|
|
|
sys.exit(-1)
|
|
|
|
else:
|
|
|
|
logger.error("Invalid permission or username.")
|
|
|
|
sys.exit(1)
|
|
|
|
|
|
|
|
# TODO: print response
|
|
|
|
|
|
|
|
req = req.json()
|
|
|
|
|
2024-12-16 10:40:48 +00:00
|
|
|
|
|
|
|
if __name__ == '__main__':
|
|
|
|
removePermission(sys.argv[1:])
|