Provision PDA user privileges based On LDAP Attributes (#980)

2025-09-17 15:52:30 +00:00 · 2021-08-05 20:37:48 +03:00
parent 32983635c6
commit 6e04d0419b
7 changed files with 499 additions and 8 deletions
--- a/powerdnsadmin/models/domain.py
+++ b/powerdnsadmin/models/domain.py
@@ -582,6 +582,33 @@ class Domain(db.Model):
                    format(self.name, e))
            current_app.logger.debug(print(traceback.format_exc()))

+    def revoke_privileges_by_id(self, user_id):
+        """
+        Remove a single user from privilege list based on user_id
+        """
+        new_uids = [u for u in self.get_user() if u != user_id]
+        users = []
+        for uid in new_uids:
+            users.append(User(id=uid).get_user_info_by_id().username)
+
+        self.grant_privileges(users)
+
+    def add_user(self, user):
+        """
+        Add a single user to Domain by User
+        """
+        try:
+            du = DomainUser(self.id, user.id)
+            db.session.add(du)
+            db.session.commit()
+            return True
+        except Exception as e:
+            db.session.rollback()
+            current_app.logger.error(
+                'Cannot add user privileges on domain {0}. DETAIL: {1}'.
+                format(self.name, e))
+            return False
+
    def update_from_master(self, domain_name):
        """
        Update records from Master DNS server