48 lines
1.2 KiB
Python
48 lines
1.2 KiB
Python
#!/usr/bin/env python3
|
|
"""Pipeline bridge module RBAC permission registration"""
|
|
import os, sys, subprocess
|
|
|
|
# Find Sage root
|
|
SAGE_ROOT = None
|
|
for candidate in [os.path.expanduser("~/repos/sage"), os.path.expanduser("~/sage")]:
|
|
if os.path.isdir(os.path.join(candidate, "wwwroot")):
|
|
SAGE_ROOT = candidate
|
|
break
|
|
|
|
if not SAGE_ROOT:
|
|
print("ERROR: Sage root not found")
|
|
sys.exit(1)
|
|
|
|
MOD = "pipeline"
|
|
SET_PERM = os.path.join(SAGE_ROOT, "set_role_perm.py")
|
|
PY = os.path.join(SAGE_ROOT, "py3", "bin", "python")
|
|
|
|
def set_perm(role, path):
|
|
cmd = [PY, SET_PERM, role, path]
|
|
r = subprocess.run(cmd, capture_output=True, text=True)
|
|
if r.returncode != 0:
|
|
print(f" WARN: {path} -> {r.stderr.strip()}")
|
|
|
|
# Public resources (no auth needed)
|
|
PATHS_ANY = [
|
|
f"/{MOD}/pipeline.css",
|
|
f"/{MOD}/pipeline.js",
|
|
]
|
|
|
|
# Authenticated endpoints
|
|
PATHS_LOGINED = [
|
|
f"/{MOD}",
|
|
f"/{MOD}/api/pipeline_list.dspy",
|
|
f"/{MOD}/api/pipeline_detail.dspy",
|
|
f"/{MOD}/api/pipeline_submit.dspy",
|
|
f"/{MOD}/api/pipeline_modify.dspy",
|
|
f"/{MOD}/api/pipeline_node.dspy",
|
|
]
|
|
|
|
print(f"Registering RBAC permissions for {MOD}...")
|
|
for p in PATHS_ANY:
|
|
set_perm("any", p)
|
|
for p in PATHS_LOGINED:
|
|
set_perm("logined", p)
|
|
print("Done.")
|