def return_url(signature_id, event=None): # pylint: disable=unused-argument
"""
Handle the GET request from the user once they have successfully signed.
:param signature_id: The ID of the signature they have just signed.
:type signature_id: string
:param event: The event GET flag sent back from the signing service provider.
:type event: string | None
"""
try: # Load the signature based on ID.
signature = get_signature_instance()
signature.load(str(signature_id))
except DoesNotExist as err:
cla.log.error('Invalid signature_id provided when trying to send user back to their ' + \
'return_url after signing: %s', signature_id)
return {'errors': {'signature_id': str(err)}}
# Ensure everything went well on the signing service provider's side.
if event is not None:
# Expired signing URL - the user was redirected back immediately but still needs to sign.
if event == 'ttl_expired' and not signature.get_signature_signed():
# Need to re-generate a sign_url and try again.
cla.log.info('DocuSign URL used was expired, re-generating sign_url')
callback_url = signature.get_signature_callback_url()
get_signing_service().populate_sign_url(signature, callback_url)
signature.save()
raise falcon.HTTPFound(signature.get_signature_sign_url())
ret_url = signature.get_signature_return_url()
if ret_url is not None:
cla.log.info('Signature success - sending user to return_url: %s', ret_url)
raise falcon.HTTPFound(ret_url)
cla.log.info('No return_url set for signature - returning success message')
return {'success': 'Thank you for signing'}
def post_individual_signed_gerrit(content, user_id):
"""
Handle the posted callback from the signing service after ICLA signature for Gerrit.
:param content: The POST body from the signing service callback.
:type content: string
:param user_id: The ID of the user that signed.
:type user_id: string
"""
get_signing_service().signed_individual_callback_gerrit(content, user_id)
def post_corporate_signed(content, project_id, company_id):
"""
Handle the posted callback from the signing service after CCLA signature.
:param content: The POST body from the signing service callback.
:type content: string
:param project_id: The ID of the project that was signed.
:type project_id: string
:param company_id: The ID of the company that signed.
:type company_id: string
"""
get_signing_service().signed_corporate_callback(content, project_id, company_id)
def post_individual_signed(content, installation_id, github_repository_id, change_request_id):
"""
Handle the posted callback from the signing service after ICLA signature.
:param content: The POST body from the signing service callback.
:type content: string
:param repository_id: The ID of the repository that this signature was requested for.
:type repository_id: string
:param change_request_id: The ID of the change request or pull request that
initiated this signature.
:type change_request_id: string
"""
get_signing_service().signed_individual_callback(content, installation_id, github_repository_id, change_request_id)
def request_employee_signature(project_id,
company_id,
user_id,
return_url_type,
return_url=None):
"""
Creates placeholder signature object that represents a user signing a CCLA as an employee.
:param project_id: The ID of the project the user is signing a CCLA for.
:type project_id: string
:param company_id: The ID of the company the employee belongs to.
:type company_id: string
:param user_id: The ID of the user.
:type user_id: string
:param return_url_type: Refers to the return url provider type: Gerrit or Github
:type return_url_type: string
:param return_url: The URL to return the user to after signing is complete.
"""
signing_service = get_signing_service()
if return_url_type == "Gerrit":
return signing_service.request_employee_signature_gerrit(
str(project_id), str(company_id), str(user_id), return_url)
elif return_url_type == "Github":
return signing_service.request_employee_signature(
str(project_id), str(company_id), str(user_id), return_url)
def request_corporate_signature(auth_user,
project_id,
company_id,
send_as_email=False,
authority_name=None,
authority_email=None,
return_url_type=None,
return_url=None):
"""
Creates CCLA signature object that represents a company signing a CCLA.
:param auth_user: the authenticated user
:type auth_user: an auth user object
:param project_id: The ID of the project the company is signing a CCLA for.
:type project_id: string
:param company_id: The ID of the company that is signing the CCLA.
:type company_id: string
:param send_as_email: the send as email flag
:type send_as_email: bool
:param authority_name: the company manager/authority who is responsible for whitelisting/managing the company, but
may not be a CLA signatory
:type authority_name: str
:param authority_email: the company manager/authority email
:type authority_email: str
:param return_url_type:
:type return_url_type: str
:param return_url:
:type return_url: str
:param return_url: The URL to return the user to after signing is complete.
:type return_url: string
"""
return get_signing_service().request_corporate_signature(
auth_user, str(project_id), str(company_id), send_as_email,
authority_name, authority_email, return_url_type, return_url)
def request_individual_signature(project_id,
user_id,
return_url_type,
return_url=None,
request=None):
"""
Handle POST request to send ICLA signature request to user.
:param project_id: The project to sign for.
:type project_id: string
:param user_id: The ID of the user that will sign.
:type user_id: string
:param return_url_type: Refers to the return url provider type: Gerrit or Github
:type return_url_type: string
:param return_url: The URL to return the user to after signing is complete.
:type return_url: string
:param request: The Falcon Request object.
:type request: object
"""
signing_service = get_signing_service()
if return_url_type == "Gerrit":
return signing_service.request_individual_signature_gerrit(
str(project_id), str(user_id), return_url)
elif return_url_type == "Github":
# fetching the primary for the account
github = get_repository_service("github")
primary_user_email = github.get_primary_user_email(request)
return signing_service.request_individual_signature(
str(project_id),
str(user_id),
return_url,
preferred_email=primary_user_email)
def check_and_prepare_employee_signature(project_id, company_id, user_id):
"""
Checks that
1. The given project, company, and user exists
2. The company signatory has signed the CCLA for their company.
3. The user is included as part of the whitelist of the CCLA that the company signed.
:param project_id: The ID of the CLA Group (project) the user is signing a CCLA for.
:type project_id: string
:param company_id: The ID of the company the employee belongs to.
:type company_id: string
:param user_id: The ID of the user.
:type user_id: string
"""
return get_signing_service().check_and_prepare_employee_signature(str(project_id), str(company_id), str(user_id))
def request_individual_signature(project_id, user_id, return_url_type, return_url=None):
"""
Handle POST request to send ICLA signature request to user.
:param project_id: The project to sign for.
:type project_id: string
:param user_id: The ID of the user that will sign.
:type user_id: string
:param return_url_type: Refers to the return url provider type: Gerrit or Github
:type return_url_type: string
:param return_url: The URL to return the user to after signing is complete.
:type return_url: string
"""
signing_service = get_signing_service()
if return_url_type == "Gerrit":
return signing_service.request_individual_signature_gerrit(str(project_id), str(user_id), return_url)
elif return_url_type == "Github":
return signing_service.request_individual_signature(str(project_id), str(user_id), return_url)
def request_corporate_signature(auth_user,
project_id,
company_id,
send_as_email=False,
authority_name=None,
authority_email=None,
return_url_type=None,
return_url=None):
"""
Creates CCLA signature object that represents a company signing a CCLA.
:param project_id: The ID of the project the company is signing a CCLA for.
:type project_id: string
:param company_id: The ID of the company that is signing the CCLA.
:type company_id: string
:param return_url: The URL to return the user to after signing is complete.
:type return_url: string
"""
return get_signing_service().request_corporate_signature(
auth_user, str(project_id), str(company_id), send_as_email,
authority_name, authority_email, return_url_type, return_url)
ENVELOPE_ID = sys.argv[2]
INSTALLATION_ID = 49309 # Assumed to be testing on the CLA-Test repository
import cla
from cla.utils import get_signature_instance, get_user_instance, get_signing_service, \
get_active_signature_metadata, delete_active_signature_metadata
from cla.models.docusign_models import update_repository_provider
cla.log.info('Completing the signature: %s' % SIGNATURE_ID)
signature = get_signature_instance()
signature.load(SIGNATURE_ID)
signature.set_signature_signed(True)
signature.save()
if signature.get_signature_reference_type() != 'user':
cla.log.error('Trying to handle CCLA as a ICLA - not implemented yet')
raise NotImplementedError()
user = get_user_instance()
user.load(signature.get_signature_reference_id())
# Remove the active signature metadata.
metadata = get_active_signature_metadata(user.get_user_id())
delete_active_signature_metadata(user.get_user_id())
# Send email with signed document.
cla.log.info('Sending signed document to user - see Mailhog')
docusign = get_signing_service()
docusign.send_signed_document(ENVELOPE_ID, user)
# Update the repository provider with this change.
cla.log.info('Updating GitHub PR...')
update_repository_provider(INSTALLATION_ID, metadata['repository_id'],
metadata['pull_request_id'])
cla.log.info('Done')
# Copyright The Linux Foundation and each contributor to CommunityBridge.
# SPDX-License-Identifier: MIT
"""
Convenience script to send a DocuSign document to the user's email address.
The user_id specified must exist in the database.
The docusign_document_id specified must exist in DocuSign.
"""
import sys
sys.path.append('../')
import cla
from cla.utils import get_signing_service, get_user_instance
docusign_document_id = 'dcd9a52b-bed8-4c6f-9a71-ce00252a4e5d'
user = get_user_instance().get_user_by_github_id(123)
cla.log.info('Sending DocuSign document (%s) to user\'s email: %s',
docusign_document_id, user.get_user_email())
get_signing_service().send_signed_document(docusign_document_id, user)
cla.log.info('Done')
def return_url(signature_id, event=None): # pylint: disable=unused-argument
"""
Handle the GET request from the user once they have successfully signed.
:param signature_id: The ID of the signature they have just signed.
:type signature_id: string
:param event: The event GET flag sent back from the signing service provider.
:type event: string | None
"""
fn = 'return_url'
try: # Load the signature based on ID.
signature = get_signature_instance()
signature.load(str(signature_id))
except DoesNotExist as err:
cla.log.error('%s - Invalid signature_id provided when trying to send user back to their ' + \
'return_url after signing: %s', fn, signature_id)
return {'errors': {'signature_id': str(err)}}
# Ensure everything went well on the signing service provider's side.
if event is not None:
# Expired signing URL - the user was redirected back immediately but still needs to sign.
if event == 'ttl_expired' and not signature.get_signature_signed():
# Need to re-generate a sign_url and try again.
cla.log.info(
'DocuSign URL used was expired, re-generating sign_url')
callback_url = signature.get_signature_callback_url()
get_signing_service().populate_sign_url(signature, callback_url)
signature.save()
raise falcon.HTTPFound(signature.get_signature_sign_url())
if event == 'cancel':
return canceled_signature_html(signature=signature)
ret_url = signature.get_signature_return_url()
if ret_url is not None:
cla.log.info('%s- Signature success - sending user to return_url: %s',
fn, ret_url)
try:
project = get_project_instance()
project.load(str(signature.get_signature_project_id()))
except DoesNotExist as err:
cla.log.error('%s - Invalid project_id provided when trying to send user back to'\
'their return_url : %s', fn, signature.get_signature_project_id())
if project.get_version() == 'v2':
if signature.get_signature_reference_type() == 'company':
cla.log.info('%s - Getting company instance : %s ', fn,
signature.get_signature_reference_id())
try:
company = get_company_instance()
company.load(str(signature.get_signature_reference_id()))
except DoesNotExist as err:
cla.log.error('%s - Invalid company_id provided : err: %s',
fn, signature.get_signature_reference_id)
user_service = UserService
cla.log.info(
'%s - Checking if cla managers have cla-manager role permission',
fn)
num_tries = 10
i = 1
cla.log.info(
f'{fn} - checking if managers:{signature.get_signature_acl()} have roles with {num_tries} tries'
)
while i <= num_tries:
cla.log.info(f'{fn} - check try #: {i}')
assigned = {}
for manager in signature.get_signature_acl():
cla.log.info(
f'{fn}- Checking {manager} for {CLA_MANAGER_ROLE} for company: {company.get_company_external_id()}, cla_group_id: {signature.get_signature_project_id()}'
)
assigned[manager] = user_service.has_role(
manager, CLA_MANAGER_ROLE,
company.get_company_external_id(),
signature.get_signature_project_id())
cla.log.info(f'{fn} - Assigned status : {assigned}')
#Ensure that assigned list doesnt have any False values -> All Managers have role assigned
if all(list(assigned.values())):
cla.log.info(
f'All managers have cla-manager role for company: {company.get_company_external_id()} and cla_group_id: {signature.get_signature_project_id()}'
)
break
time.sleep(0.5)
i += 1
raise falcon.HTTPFound(ret_url)
cla.log.info('No return_url set for signature - returning success message')
return {'success': 'Thank you for signing'}
