Jump to content

Manage Roles


Remus Avram

Recommended Posts

  • 4 months later...

We start testing it and we have a couple of issues:

1. Roles can be deleted even if they are in use.

2. Multiple roles can be created with the same name and type.

3. Roles can not be created via API:

session.create('SecurityRole', {"name": name, "type": role_type})
ftrack_api.session.Session> ERROR | 2016/12/22 16:29:30.990 (MainThread)|Server reported error: TypeError('NoneType' object is not iterable)

4. Roles can not be deleted via API:

session.delete(role)
ftrack_api.session.Session> ERROR | 2016/12/22 17:54:27.930 (MainThread)|Server reported error: PermissionError(Permission denied: not allowed to 'delete' 'Auth_Role'. Operation 'delete' can never be done on 'Auth_Role'.)

5. Can not add and then get added roles in the same session:

user = session.query("User where username is '%s'" % (username)).first()
role = session.query("SecurityRole where name is '%s'" % (role_name)).first()
is_all_projects = True
project = None
session.create('UserSecurityRole',
               {"user_id": user['id'],
                "is_all_projects": is_all_projects,
                "security_role_id": role['id'],
                "projects": projects})
session.commit()
user = session.query("User where username is '%s'" % (username)).first()
user_roles = user['user_security_roles']
print role in user_roles

Result:
False

If I check in the Ftrack web interface the role is added to the user.

6. Can't get user security roles:

session.query("UserSecurityRole").all()
Result:
    raise ftrack_api.exception.ServerError(error_message)
ServerError: Server reported error: KeyError(u'role_id')

I think it should be security_role_id instead of role_id.

Link to comment
Share on other sites

  • 3 weeks later...

Hi Remus,

we currently only support managing UserSecurityRoles via the API. So basically assigning existing roles to users.

Regarding point 5, that is a misstake from our side in the schema. Will fix that and until then you can work around it by specifying what to query like this:

session.query('select user_id, security_role_id from UserSecurityRole').all()

to avoid it using the defaults which include a typo.

 

And for 6, you should also explicitly query the relation to ensure it is being updates.

"select user_security_roles from User"

 

Let me know if that helps.

Cheers

Link to comment
Share on other sites

  • 8 months later...

No, It doesn't. 

Instead clearing the cache and querying the data again works.

> print len(user['user_security_roles'])
2
> del user['user_security_roles']
> user = get_ftrack_user(username="unittest_artist")
> print len(user['user_security_roles'])
2
> session.cache.clear()
> user = get_ftrack_user(username="unittest_artist")
> print len(user['user_security_roles'])
1

 

Link to comment
Share on other sites

  • 1 month later...

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...