def get_for(cls,
user,
email=None,
blake2b160=None,
blake2b=None,
email_hash=None):
"""
Return a UserEmailClaim with matching email address for the given user.
:param User user: User who claimed this email address
:param str email: Email address to look up
:param bytes blake2b160: 160-bit blake2b of email address to look up
:param bytes blake2b: 128-bit blake2b of email address to look up (deprecated)
:param str email_hash: Base58 rendering of 160-bit blake2b hash
"""
require_one_of(email=email,
blake2b160=blake2b160,
email_hash=email_hash,
blake2b=blake2b)
if blake2b:
return cls.query.filter_by(blake2b=blake2b,
user=user).one_or_none()
return (cls.query.join(EmailAddress).filter(
cls.user == user,
EmailAddress.get_filter(email=email,
blake2b160=blake2b160,
email_hash=email_hash),
).one_or_none())
def get(cls, username=None, buid=None, userid=None, defercols=False):
"""
Return a User with the given username or buid.
:param str username: Username to lookup
:param str buid: Buid to lookup
:param bool defercols: Defer loading non-critical columns
"""
require_one_of(username=username, buid=buid, userid=userid)
# userid parameter is temporary for Flask-Lastuser compatibility
if userid:
buid = userid
if username is not None:
query = cls.query.join(Profile).filter(
db.func.lower(Profile.name) == db.func.lower(username))
else:
query = cls.query.filter_by(buid=buid)
if defercols:
query = query.options(*cls._defercols)
user = query.one_or_none()
if user and user.status == USER_STATUS.MERGED:
user = user.merged_user()
if user and user.is_active:
return user
def get_for(cls, auth_client, user=None, user_session=None):
require_one_of(user=user, user_session=user_session)
if user:
return cls.query.filter_by(auth_client=auth_client,
user=user).one_or_none()
else:
return cls.query.filter_by(
auth_client=auth_client,
user_session=user_session).one_or_none()
def get(cls, name, client=None, namespace=None):
"""
Return a Resource with the given name.
:param str name: Name of the resource.
"""
require_one_of(client=client, namespace=namespace)
if client:
return cls.query.filter_by(name=name, client=client).one_or_none()
else:
return cls.query.filter_by(name=name).join(Client).filter(Client.namespace == namespace).one_or_none()
def get(cls, email=None, md5sum=None):
"""
Return a UserEmail with matching email or md5sum.
:param str email: Email address to lookup
:param str md5sum: md5sum of email address to lookup
"""
require_one_of(email=email, md5sum=md5sum)
if email:
return cls.query.filter(cls.email.in_([email, email.lower()])).one_or_none()
else:
return cls.query.filter_by(md5sum=md5sum).one_or_none()
def get(cls, name, client=None, namespace=None):
"""
Return a Resource with the given name.
:param str name: Name of the resource.
"""
require_one_of(client=client, namespace=namespace)
if client:
return cls.query.filter_by(name=name, client=client).one_or_none()
else:
return cls.query.filter_by(name=name).join(Client).filter(
Client.namespace == namespace).one_or_none()
def get(cls, email=None, md5sum=None):
"""
Return a UserEmail with matching email or md5sum.
:param str email: Email address to lookup
:param str md5sum: md5sum of email address to lookup
"""
require_one_of(email=email, md5sum=md5sum)
if email:
return cls.query.filter(cls.email.in_([email, email.lower()
])).one_or_none()
else:
return cls.query.filter_by(md5sum=md5sum).one_or_none()
def get_for(cls, user, email=None, md5sum=None):
"""
Return a UserEmail with matching md5sum if it belongs to the given user
:param User user: User to lookup for
:param str md5sum: md5sum of email address
"""
require_one_of(email=email, md5sum=md5sum)
if email:
return cls.query.filter(cls.user == user,
cls.email.in_([email, email.lower()
])).one_or_none()
else:
return cls.query.filter_by(user=user, md5sum=md5sum).one_or_none()
def get_for(cls, user, email=None, md5sum=None):
"""
Return a UserEmailClaim with matching email address for the given user.
:param User user: User who claimed this email address
:param str email: Email address to lookup
:param str md5sum: md5sum of email address to lookup
"""
require_one_of(email=email, md5sum=md5sum)
if email:
return (cls.query.filter(
UserEmailClaim.email.in_(
[email,
email.lower()])).filter_by(user=user).one_or_none())
else:
return cls.query.filter_by(md5sum=md5sum, user=user).one_or_none()
def loader(self, profile, project, suuid, url_name_suuid=None, url_id_name=None):
require_one_of(url_name_suuid=url_name_suuid, url_id_name=url_id_name)
if url_name_suuid:
proposal = Proposal.query.join(Project, Profile).filter(
Profile.name == profile, Project.name == project, Proposal.url_name_suuid == url_name_suuid
).first_or_404()
else:
proposal = Proposal.query.join(Project, Profile).filter(
Profile.name == profile, Project.name == project, Proposal.url_name == url_id_name
).first_or_404()
comment = Comment.query.join(
Proposal, Comment.commentset_id == Proposal.commentset_id
).filter(Comment.suuid == suuid, Proposal.id == proposal.id).first_or_404()
return ProposalComment(proposal, comment)
def get(cls, name=None, userid=None, buid=None):
require_one_of(name=name, userid=userid, buid=buid)
if userid:
profile = cls.query.filter_by(userid=userid, status=USER_STATUS.ACTIVE).one_or_none()
elif buid:
# buid is used in Nodular, where it has slightly different semantics from
# userid: buid always gets the Node if it exists, so there's no check
# against the status column
profile = cls.query.filter_by(buid=buid).one_or_none()
else:
profile = cls.query.filter_by(name=name, status=USER_STATUS.ACTIVE).one_or_none()
if profile.is_merged:
profile = profile.merged_profile()
if profile.is_active:
return profile
def get_by(cls,
verification_code,
blake2b=None,
blake2b160=None,
email_hash=None):
require_one_of(blake2b=blake2b,
blake2b160=blake2b160,
email_hash=email_hash)
if blake2b:
return cls.query.filter_by(
blake2b=blake2b,
verification_code=verification_code).one_or_none()
return (cls.query.join(EmailAddress).filter(
cls.verification_code == verification_code,
EmailAddress.get_filter(blake2b160=blake2b160,
email_hash=email_hash),
).one_or_none())
def get(cls, name=None, buid=None, defercols=False):
"""
Return an Organization with matching name or buid. Note that ``name`` is the username, not the title.
:param str name: Name of the organization
:param str buid: Buid of the organization
:param bool defercols: Defer loading non-critical columns
"""
require_one_of(name=name, buid=buid)
if name is not None:
query = cls.query.join(Name).filter(Name.name == name)
else:
query = cls.query.filter_by(buid=buid)
if defercols:
query = query.options(*cls._defercols)
return query.one_or_none()
def get(cls, name=None, buid=None, defercols=False):
"""
Return an Organization with matching name or buid. Note that ``name`` is the username, not the title.
:param str name: Name of the organization
:param str buid: Buid of the organization
:param bool defercols: Defer loading non-critical columns
"""
require_one_of(name=name, buid=buid)
if name is not None:
query = cls.query.join(Name).filter(Name.name == name)
else:
query = cls.query.filter_by(buid=buid)
if defercols:
query = query.options(*cls._defercols)
return query.one_or_none()
def get(cls, key=None, namespace=None):
"""
Return a Client identified by its client key or namespace. Only returns active clients.
:param str key: Client key to lookup
:param str namespace: Client namespace to lookup
"""
param, value = require_one_of(True, key=key, namespace=namespace)
return cls.query.filter_by(**{param: value, 'active': True}).one_or_none()
def get(cls, username=None, userid=None, defercols=True):
"""
Return a User with the given username or userid.
:param str username: Username to lookup
:param str userid: Userid to lookup
"""
param, value = require_one_of(True, username=username, userid=userid)
query = cls.query.filter_by(**{param: value})
if not defercols:
query = query.options(undefer('userinfo'))
return query.one_or_none()
def get(cls, buid=None, namespace=None):
"""
Return a AuthClient identified by its client buid or namespace. Only returns active clients.
:param str buid: AuthClient buid to lookup
:param str namespace: AuthClient namespace to lookup
"""
param, value = require_one_of(True, buid=buid, namespace=namespace)
return cls.query.filter_by(**{
param: value,
'active': True
}).one_or_none()
def get(cls, key=None, namespace=None):
"""
Return a Client identified by its client key or namespace. Only returns active clients.
:param str key: Client key to lookup
:param str namespace: Client namespace to lookup
"""
param, value = require_one_of(True, key=key, namespace=namespace)
return cls.query.filter_by(**{
param: value,
'active': True
}).one_or_none()
def get(cls, username=None, buid=None, defercols=False):
"""
Return a User with the given username or buid.
:param str username: Username to lookup
:param str buid: Buid to lookup
:param bool defercols: Defer loading non-critical columns
"""
require_one_of(username=username, buid=buid)
if username is not None:
query = cls.query.join(Name).filter(Name.name == username)
else:
query = cls.query.filter_by(buid=buid)
if defercols:
query = query.options(*cls._defercols)
user = query.one_or_none()
if user and user.status == USER_STATUS.MERGED:
user = user.merged_user()
if user and user.is_active:
return user
def loader(self, profile, project, url_name_suuid=None, url_id_name=None):
require_one_of(url_name_suuid=url_name_suuid, url_id_name=url_id_name)
if url_name_suuid:
proposal = self.model.query.join(Project, Profile).filter(
Proposal.url_name_suuid == url_name_suuid
).first_or_404()
else:
proposal = self.model.query.join(Project, Profile).filter(
Profile.name == profile, Project.name == project, Proposal.url_name == url_id_name
).first()
if proposal is None:
if request.method == 'GET':
redirect = ProposalRedirect.query.join(Project, Profile).filter(
Profile.name == profile, Project.name == project, ProposalRedirect.url_name == url_id_name
).first_or_404()
return redirect
else:
abort(404)
if proposal.project.state.DELETED or proposal.state.DELETED:
abort(410)
return proposal
def get(cls, username=None, buid=None, defercols=False):
"""
Return a User with the given username or buid.
:param str username: Username to lookup
:param str buid: Buid to lookup
:param bool defercols: Defer loading non-critical columns
"""
require_one_of(username=username, buid=buid)
if username is not None:
query = cls.query.join(Name).filter(Name.name == username)
else:
query = cls.query.filter_by(buid=buid)
if defercols:
query = query.options(*cls._defercols)
user = query.one_or_none()
if user and user.status == USER_STATUS.MERGED:
user = user.merged_user()
if user and user.is_active:
return user
def loader(self,
profile,
project,
url_name_uuid_b58=None,
url_id_name=None):
require_one_of(url_name_uuid_b58=url_name_uuid_b58,
url_id_name=url_id_name)
if url_name_uuid_b58:
proposal = (self.model.query.join(Project, Profile).filter(
Proposal.url_name_uuid_b58 == url_name_uuid_b58).first())
if proposal is None:
if request.method == 'GET':
redirect = (
ProposalSuuidRedirect.query.join(Proposal).filter(
ProposalSuuidRedirect.suuid ==
url_name_uuid_b58.split('-')[-1]).first_or_404())
return redirect
else:
abort(404)
else:
proposal = (self.model.query.join(Project, Profile).filter(
db.func.lower(Profile.name) == db.func.lower(profile),
Project.name == project,
Proposal.url_name == url_id_name,
).first())
if proposal is None:
if request.method == 'GET':
redirect = (ProposalRedirect.query.join(
Project, Profile).filter(
db.func.lower(
Profile.name) == db.func.lower(profile),
Project.name == project,
ProposalRedirect.url_name == url_id_name,
).first_or_404())
return redirect
else:
abort(404)
if proposal.project.state.DELETED or proposal.state.DELETED:
abort(410)
return proposal
def get(cls, name=None, buid=None, defercols=False):
"""
Return an Organization with matching name or buid. Note that ``name`` is the username, not the title.
:param str name: Name of the organization
:param str buid: Buid of the organization
:param bool defercols: Defer loading non-critical columns
"""
param, value = require_one_of(True, name=name, buid=buid)
query = cls.query.filter_by(**{param: value})
if defercols:
query = query.options(*cls._defercols)
return query.one_or_none()
def get_filter(
cls,
email: Optional[str] = None,
blake2b160: Optional[bytes] = None,
email_hash: Optional[str] = None,
):
"""
Get an filter condition for retriving an EmailAddress.
Accepts an email address or a blake2b160 hash in either bytes or base58 form.
Internally converts all lookups to a bytes-based hash lookup. Returns an
expression suitable for use as a query filter.
"""
require_one_of(email=email, blake2b160=blake2b160, email_hash=email_hash)
if email:
if not cls.is_valid_email_address(email):
return
blake2b160 = email_blake2b160_hash(email)
elif email_hash:
blake2b160 = base58.b58decode(email_hash)
return cls.blake2b160 == blake2b160
def get(cls, name=None, buid=None, defercols=False):
"""
Return an Organization with matching name or buid. Note that ``name`` is the username, not the title.
:param str name: Name of the organization
:param str buid: Buid of the organization
:param bool defercols: Defer loading non-critical columns
"""
param, value = require_one_of(True, name=name, buid=buid)
query = cls.query.filter_by(**{param: value})
if defercols:
query = query.options(*cls._defercols)
return query.one_or_none()
def get(cls, service, userid=None, username=None):
"""
Return a UserExternalId with the given service and userid or username.
:param str service: Service to lookup
:param str userid: Userid to lookup
:param str username: Username to lookup (may be non-unique)
Usernames are not guaranteed to be unique within a service. An example is with Google,
where the userid is a directed OpenID URL, unique but subject to change if the Lastuser
site URL changes. The username is the email address, which will be the same despite
different userids.
"""
param, value = require_one_of(True, userid=userid, username=username)
return cls.query.filter_by(**{param: value, 'service': service}).one_or_none()
def get(cls, name, user=None, org=None, allusers=False):
"""
Get a permission with the given name and owned by the given user or org,
or a permission available to all users.
:param str name: Name of the permission
:param User user: User who owns this permission
:param Organization org: Organization which owns this permission
:param bool allusers: Whether resources that belong to all users should be returned
One of ``user`` and ``org`` must be specified, unless ``allusers`` is ``True``.
"""
if allusers:
return cls.query.filter_by(name=name, allusers=True).one_or_none()
else:
param, value = require_one_of(True, user=user, org=org)
return cls.query.filter_by(**{param: value, 'name': name}).one_or_none()
def get(cls, service, userid=None, username=None):
"""
Return a UserExternalId with the given service and userid or username.
:param str service: Service to lookup
:param str userid: Userid to lookup
:param str username: Username to lookup (may be non-unique)
Usernames are not guaranteed to be unique within a service. An example is with Google,
where the userid is a directed OpenID URL, unique but subject to change if the Lastuser
site URL changes. The username is the email address, which will be the same despite
different userids.
"""
param, value = require_one_of(True, userid=userid, username=username)
return cls.query.filter_by(**{
param: value,
'service': service
}).one_or_none()
def get(cls, name, user=None, org=None, allusers=False):
"""
Get a permission with the given name and owned by the given user or org,
or a permission available to all users.
:param str name: Name of the permission
:param User user: User who owns this permission
:param Organization org: Organization which owns this permission
:param bool allusers: Whether resources that belong to all users should be returned
One of ``user`` and ``org`` must be specified, unless ``allusers`` is ``True``.
"""
if allusers:
return cls.query.filter_by(name=name, allusers=True).one_or_none()
else:
param, value = require_one_of(True, user=user, org=org)
return cls.query.filter_by(**{
param: value,
'name': name
}).one_or_none()
def test_require_one_of(self):
# Valid scenarios
require_one_of(solo='solo')
require_one_of(first='first', second=None)
# Invalid scenarios
with pytest.raises(TypeError):
require_one_of()
with pytest.raises(TypeError):
require_one_of(solo=None)
with pytest.raises(TypeError):
require_one_of(first=None, second=None)
with pytest.raises(TypeError):
require_one_of(first='first', second='second')
with pytest.raises(TypeError):
require_one_of(first='first', second='second', third=None)
with pytest.raises(TypeError):
require_one_of(first='first', second='second', third='third')
# Ask for which was passed in
assert require_one_of(True, first='a', second=None) == ('first', 'a')
assert require_one_of(True, first=None, second='b') == ('second', 'b')
def test_require_one_of(self):
# Valid scenarios
require_one_of(solo='solo')
require_one_of(first='first', second=None)
# Invalid scenarios
with self.assertRaises(TypeError):
require_one_of()
with self.assertRaises(TypeError):
require_one_of(solo=None)
with self.assertRaises(TypeError):
require_one_of(first=None, second=None)
with self.assertRaises(TypeError):
require_one_of(first='first', second='second')
with self.assertRaises(TypeError):
require_one_of(first='first', second='second', third=None)
with self.assertRaises(TypeError):
require_one_of(first='first', second='second', third='third')
# Ask for which was passed in
self.assertEqual(require_one_of(True, first='a', second=None), ('first', 'a'))
self.assertEqual(require_one_of(True, first=None, second='b'), ('second', 'b'))
def test_require_one_of(self):
# Valid scenarios
require_one_of(solo='solo')
require_one_of(first='first', second=None)
# Invalid scenarios
with self.assertRaises(TypeError):
require_one_of()
with self.assertRaises(TypeError):
require_one_of(solo=None)
with self.assertRaises(TypeError):
require_one_of(first=None, second=None)
with self.assertRaises(TypeError):
require_one_of(first='first', second='second')
with self.assertRaises(TypeError):
require_one_of(first='first', second='second', third=None)
with self.assertRaises(TypeError):
require_one_of(first='first', second='second', third='third')
# Ask for which was passed in
self.assertEqual(require_one_of(True, first='a', second=None),
('first', 'a'))
self.assertEqual(require_one_of(True, first=None, second='b'),
('second', 'b'))
