Skip to content

Commit

Permalink
added superuser group
Browse files Browse the repository at this point in the history
  • Loading branch information
cullerton committed Nov 13, 2024
1 parent b08cb4a commit 9e007c1
Show file tree
Hide file tree
Showing 2 changed files with 10 additions and 0 deletions.
1 change: 1 addition & 0 deletions config/default.py
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,7 @@
PRODUCTION = (environ.get('PRODUCTION', default="false") == "true")
TEST_UID = environ.get('TEST_UID', default="dhf8r")
ADMIN_UIDS = re.split(r',\s*', environ.get('ADMIN_UIDS', default="dhf8r,kcm4zc,cah3us"))
SUPERUSER_UIDS = re.split(r',\s*', environ.get('ADMIN_UIDS', default="dhf8r,kcm4zc,cah3us"))
DEFAULT_UID = environ.get('DEFAULT_UID', default="dhf8r")

# Sentry flag
Expand Down
9 changes: 9 additions & 0 deletions crc/models/user.py
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,11 @@ def is_admin(self):
# may change in the future.
return self.uid in app.config['ADMIN_UIDS']

def is_superuser(self):
# Currently superuser abilities are set in the configuration, but this
# may change in the future.
return self.uid in app.config['SUPERUSER_UIDS']

def encode_auth_token(self):
"""
Generates the Auth Token
Expand Down Expand Up @@ -60,13 +65,17 @@ class Meta:
include_relationships = True
uid = fields.String()
is_admin = fields.Method('get_is_admin', dump_only=True)
is_superuser = fields.Method('get_is_superuser', dump_only=True)
ldap_info = fields.Nested(LdapSchema)
impersonator = fields.Nested('self', many=False, allow_none=True)

@staticmethod
def get_is_admin(user):
return user.is_admin()

def get_is_superuser(self, user):
return user.is_superuser()


class AdminSessionModel(db.Model):
__tablename__ = 'admin_session'
Expand Down

0 comments on commit 9e007c1

Please sign in to comment.