mirror of
https://github.com/GSA/notifications-admin.git
synced 2025-12-13 00:23:20 -05:00
52 lines
1.8 KiB
Python
52 lines
1.8 KiB
Python
from itertools import chain
|
|
|
|
permission_mappings = {
|
|
# TODO: consider turning off email-sending permissions during SMS pilot
|
|
"send_messages": ["send_texts", "send_emails"],
|
|
"manage_templates": ["manage_templates"],
|
|
"manage_service": ["manage_users", "manage_settings"],
|
|
"manage_api_keys": ["manage_api_keys"],
|
|
"view_activity": ["view_activity"],
|
|
}
|
|
|
|
all_ui_permissions = set(permission_mappings.keys())
|
|
all_db_permissions = set(chain(*permission_mappings.values()))
|
|
|
|
permission_options = (
|
|
("view_activity", "See dashboard"),
|
|
("send_messages", "Send messages"),
|
|
("manage_templates", "Add and edit templates"),
|
|
("manage_service", "Manage settings, team and usage"),
|
|
("manage_api_keys", "Manage API integration"),
|
|
)
|
|
|
|
|
|
def translate_permissions_from_db_to_ui(db_permissions):
|
|
"""
|
|
Given a list of database permissions, return a set of UI permissions
|
|
|
|
A UI permission is returned if all of its DB permissions are in the permission list that is passed in.
|
|
Any DB permissions in the list that are not known permissions are also returned.
|
|
"""
|
|
unknown_database_permissions = set(db_permissions) - all_db_permissions
|
|
|
|
return {
|
|
ui_permission
|
|
for ui_permission, db_permissions_for_ui_permission in permission_mappings.items()
|
|
if set(db_permissions_for_ui_permission) <= set(db_permissions)
|
|
} | unknown_database_permissions
|
|
|
|
|
|
def translate_permissions_from_ui_to_db(ui_permissions):
|
|
"""
|
|
Given a list of UI permissions (ie: checkboxes on a permissions edit page), return a set of DB permissions
|
|
|
|
Looks them up in the mapping, falling back to just passing through if they're not recognised.
|
|
"""
|
|
return set(
|
|
chain.from_iterable(
|
|
permission_mappings.get(ui_permission, [ui_permission])
|
|
for ui_permission in ui_permissions
|
|
)
|
|
)
|