sdk-codegen/examples/python/folder_permission_access.py at main · looker-open-source/sdk-codegen · GitHub

Name: sdk-codegen/examples/python/folder_permission_access.py at main · looker-open-source/sdk-codegen · GitHub
Rating: 4.4 (5109 reviews)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
"""
This script will construct and output an object detailing content access metadata for each folder,
providing an example of how to recursively traverse the folder tree. For each folder, the object will
contain a list of Groups and Users who have either been explicitly been granted view/edit access to
the folder, or implicitly given via inheritence from a parent folder.

To include personal and/or the embed shared folders, modify the parameters below.
"""

importlooker_sdk
importpprintaspp

sdk=looker_sdk.init40()

# includes both folders under folders/users "People" folder and folders/embed_users "Embed Users"
INCLUDE_PERSONAL=False
# include folders under folders/embed_shared "Embed Groups" folder
INCLUDE_EMBED_SHARED=False


defget_folders():
print('** gathering folder info **')
all_folders=sdk.all_folders() # get all folder metadata
folder_access= {}

forfinall_folders:
personal=f.is_personalorf.is_personal_descendant
if (personalorf.is_users_rootorf.is_embed_users_root) andnotINCLUDE_PERSONAL:
continue
if (notpersonalandf.is_embed) andnotINCLUDE_EMBED_SHARED:
continue
folder_access[f.id] = {"folder_id": f.id,
"name": f.name,
"parent_id": f.parent_id,
"content_metadata_id": f.content_metadata_id,
"personal": personal,
"child_count": f.child_count}

folder_access.pop('lookml') # remove lookml dashboard folder
returnfolder_access


defgrab_folder_permissions(f: str, folders: object):
print('checking folder: {}'.format(f))

if'access'infolders[f]:
print('skipping folder {}: already have access details'.format(f))
else:
# groups / users can view / edit in folder (content_metadata_id)
cmgu=sdk.all_content_metadata_accesses(
content_metadata_id=folders[f]["content_metadata_id"], fields='group_id,user_id,permission_type')

access= {"groups": [], "users": []}
access["groups"] = [{"id": i.group_id, "permission_type": i.permission_type.value}
foriincmguifi.group_idisnotNone]
access["users"] = [{"id": i.user_id, "permission_type": i.permission_type.value}
foriincmguifi.user_idisnotNone]
folders[f]['access'] =access

# folders / dash / looks in folder (content_metadata_id). use to check if folder 'inherits' content access
cm=sdk.all_content_metadatas(
parent_id=folders[f]['content_metadata_id'], fields='folder_id,inherits')

# add access to all inheriting folders
forcincm:
ifc.folder_idisnotNone:
try:
ifc.inherits:
print('{} inherits as parent {}'.format(c.folder_id, f))
folders[c.folder_id]['access'] =folders[f]['access']
# recursively set child folders (depth first)
grab_folder_permissions(c.folder_id, folders)
except:
# most likely the folder has been deleted
print('skipping folder {}: no access data'.format(c.folder_id))

returnfolders


defmain():
"""Construct a dictionary of folder objects with access permissions:

 folder_id: {
 folder_id: string
 name: string
 parent_id: string
 content_metadata_id: string
 personal: bool based on is_personal or is_personal_descendant
 child_count: number of folders inside the folder
 access: {groups:[{id: int,permission_type: 'view' | 'edit'}], users:[{id: int,permission_type: 'view' | 'edit'}]}
 }

 admins have access to all content folders and are not included"""

folders=get_folders()
print('** gathering shared folders **')
folder_access=grab_folder_permissions(
'1', folders) # start at folders/home
ifINCLUDE_PERSONALorINCLUDE_EMBED_SHARED:
print('** gathering personal and/or embed folders **')
forfinfolders:
if'access'notinfolders[f]:
folder_access=grab_folder_permissions(f, folders)

pp.pprint(folder_access, sort_dicts=False)


main()