Beispiel #1
0
async def get_all_operations(request, user):
    # we already get this information populated as part of our user authentication
    output = []
    if user['admin']:
        db_ops = await db_objects.execute(Operation.select())
        operations = [o.name for o in db_ops]
    else:
        operations = user['operations']
    for op in operations:
        data = {}
        # for each operation you're a member of, get all members and the admin name
        operation = await db_objects.get(Operation, name=op)
        data['admin'] = operation.admin.username
        data['members'] = [data['admin']]
        operationmap = await db_objects.execute(
            OperatorOperation.select().where(
                OperatorOperation.operation == operation))
        for map in operationmap:
            o = await db_objects.get(Operator, id=map.operator)
            if o.username not in data['members']:
                data['members'].append(o.username)
        data['name'] = op
        data['complete'] = operation.complete
        output.append(data)
    return json(output)
Beispiel #2
0
async def retrieve_user(request, payload, *args, **kwargs):
    user_id = None
    if payload:
        user_id = payload.get('user_id', None)
    try:
        user = await db_objects.get(Operator, id=user_id)
        user_json = user.to_json()
        operationmap = await db_objects.execute(
            OperatorOperation.select().where(
                OperatorOperation.operator == user))
        operations = []
        for operation in operationmap:
            op = await db_objects.get(Operation, id=operation.operation)
            operations.append(op.name)
        admin_operations = await db_objects.execute(
            Operation.select().where(Operation.admin == user))
        admin_ops = []
        for op in admin_operations:
            admin_ops.append(op.name)
        if user_json['current_operation'] != "" and user_json[
                'current_operation'] != 'null':
            links['current_operation'] = user.current_operation.name
        else:
            links['current_operation'] = ""
            user_json['current_operation'] = ""
        return {
            **user_json, "user_id": user.id,
            "operations": operations,
            "admin_operations": admin_ops
        }
    except Exception as e:
        print("failed to get user in retrieve_user")
        print(e)
        raise exceptions.AuthenticationFailed("Delete your cookies")
Beispiel #3
0
async def retrieve_user(request, payload, *args, **kwargs):
    user_id = None
    if payload:
        user_id = payload.get('user_id', None)
    try:
        user = await db_objects.get(Operator, id=user_id)
        user_json = user.to_json()
        operationmap = await db_objects.execute(
            OperatorOperation.select().where(
                OperatorOperation.operator == user))
        operations = []
        for operation in operationmap:
            op = await db_objects.get(Operation, id=operation)
            operations.append(op.name)
        admin_operations = await db_objects.execute(
            Operation.select().where(Operation.admin == user))
        admin_ops = []
        for op in admin_operations:
            admin_ops.append(op.name)
        return {
            **user_json, "user_id": user.id,
            "operations": operations,
            "admin_operations": admin_ops
        }
    except Exception as e:
        print("failed to get user in retrieve_user")
        return {}
Beispiel #4
0
async def get_comments_by_operator_in_current_operation(request, user):
    try:
        operation = await db_objects.get(Operation, name=user['current_operation'])
        operator_operation = await db_objects.execute(OperatorOperation.select().where(OperatorOperation.operation == operation))
    except Exception as e:
        return json({'status': 'error', 'error': 'failed to find operator or operation: ' + str(e)})
    operators_list = []
    for mapping in operator_operation:
        operator = mapping.operator
        tasks = await db_objects.execute(Task.select().where( (Task.comment_operator == operator) & (Task.comment != "")).join(Callback).where(Callback.operation == operation).order_by(Task.id))
        callbacks = {}
        for t in tasks:
            responses = await db_objects.execute(Response.select().where(Response.task == t))
            if t.callback.id not in callbacks:
                callbacks[t.callback.id] = t.callback.to_json()
                callbacks[t.callback.id]['tasks'] = []
            callbacks[t.callback.id]['tasks'].append({**t.to_json(), "responses": [r.to_json() for r in responses]})
        if len(callbacks.keys()) > 0:
            operators_list.append({**operator.to_json(), 'callbacks': list(callbacks.values())})
    return json({'status': 'success', 'operators': operators_list})
Beispiel #5
0
async def get_one_operation(request, user, op):
    # get information about a single operation
    # first confirm that this authenticated user as permission to view the op
    #   side effect is that we confirm if the op is real or not
    op = unquote_plus(op)
    if op in user['operations']:
        # get all users associated with that operation and the admin
        operators = []
        operation = await db_objects.get(Operation, name=op)
        operatorsmap = await db_objects.execute(
            OperatorOperation.select().where(
                OperatorOperation.operation == operation))
        for operator in operatorsmap:
            o = await db_objects.get(Operator, id=operator.operator)
            operators.append(o.username)
        status = {'status': 'success'}
        return json({**operation.to_json(), "operators": operators, **status})
    else:
        return json({
            "status": 'error',
            'error': 'failed to find operation or not authorized'
        })
Beispiel #6
0
async def add_scopes_to_payload(user, *args, **kwargs):
    # return an array of scopes
    scopes = []
    try:
        user = await db_objects.get(Operator, id=user['user_id'])
    except Exception as e:
        print(e)
        return []
    try:
        operationsmap = await db_objects.execute(
            OperatorOperation.select().where(
                OperatorOperation.operator == user))
        if user.admin:
            scopes.append('admin')
        for map in operationsmap:
            # map is an OperatorOperation object that points to an operator and operation
            # need to get that corresponding operation's name to add to our scope list
            operation = await db_objects.get(Operation, id=map.operation)
            scopes.append(operation.name)
        return scopes
    except Exception as e:
        print(e)
        return []
Beispiel #7
0
async def update_operation(request, user, op):
    # this can change the name (assuming it's still unique), ['name']
    # this can change the admin user assuming the person submitting is the current admin or overall admin ['admin']
    # this can change the users ['add_users'], ['remove_users']
    op = unquote_plus(op)
    if op in user['admin_operations'] or user['admin']:
        data = request.json
        operation = await db_objects.get(Operation, name=op)
        if not operation.complete:
            if 'admin' in data:
                try:
                    new_admin = await db_objects.get(Operator,
                                                     username=data['admin'])
                    operation.admin = new_admin
                    await db_objects.update(operation)
                except Exception as e:
                    return json({
                        'status': 'error',
                        'error': 'failed to update the admin'
                    })
            if 'add_users' in data:
                for new_member in data['add_users']:
                    try:
                        operator = await db_objects.get(Operator,
                                                        username=new_member)
                        map = await db_objects.create(OperatorOperation,
                                                      operator=operator,
                                                      operation=operation)
                    except Exception as e:
                        return json({
                            'status':
                            'error',
                            'error':
                            'failed to add user to the operation'
                        })
            if 'remove_users' in data:
                for old_member in data['remove_users']:
                    try:
                        operator = await db_objects.get(Operator,
                                                        username=old_member)
                        operatoroperation = await db_objects.get(
                            OperatorOperation,
                            operator=operator,
                            operation=operation)
                        await db_objects.delete(operatoroperation)
                    except Exception as e:
                        return json({
                            'status':
                            'error',
                            'error':
                            'failed to remove user from operation. Were they a member?'
                        })
            all_users = []
            current_members = await db_objects.execute(
                OperatorOperation.select().where(
                    OperatorOperation.operation == operation))
            for mem in current_members:
                member = await db_objects.get(Operator, id=mem.operator)
                all_users.append(member.username)
            if 'complete' in data:
                operation.complete = data['complete']
                await db_objects.update(operation)
            return json({
                'status': 'success',
                'operators': all_users,
                **operation.to_json()
            })
        else:
            return json({
                'status': 'error',
                'error': 'operation is complete and cannot be modified'
            })
    else:
        return json({
            'status': 'error',
            'error': 'not authorized to make the change'
        })