| 84 | return roles |
| 85 | |
| 86 | def add(self, *roles): |
| 87 | if not roles: |
| 88 | return |
| 89 | |
| 90 | roles = self._clean_roles(roles) |
| 91 | old_ids = self.role_bindings.values_list("role", flat=True) |
| 92 | need_adds = [r for r in roles if r.id not in old_ids] |
| 93 | |
| 94 | items = [] |
| 95 | for role in need_adds: |
| 96 | kwargs = {"role": role, "user": self.user, "scope": self.scope} |
| 97 | if self.scope == Scope.org: |
| 98 | if current_org.is_root(): |
| 99 | continue |
| 100 | else: |
| 101 | kwargs["org_id"] = current_org.id |
| 102 | items.append(self.role_binding_cls(**kwargs)) |
| 103 | |
| 104 | try: |
| 105 | result = bulk_create_with_signal( |
| 106 | self.role_binding_cls, items, ignore_conflicts=True |
| 107 | ) |
| 108 | self.user.expire_users_rbac_perms_cache() |
| 109 | return result |
| 110 | except Exception as e: |
| 111 | logger.error("\tCreate role binding error: {}".format(e)) |
| 112 | |
| 113 | def set(self, roles, clear=False): |
| 114 | if clear: |