def request_loader(request):
"""Get the user provided in X-GGRC-user if whitelisted Appid provided."""
whitelist = settings.ALLOWED_QUERYAPI_APP_IDS
inbound_appid = request.headers.get("X-Appengine-Inbound-Appid")
if not inbound_appid:
# don't check X-GGRC-user if the request doesn't come from another app
return None
if inbound_appid not in whitelist:
# by default, we don't allow incoming app2app connections from
# non-whitelisted apps
raise exceptions.BadRequest(
"X-Appengine-Inbound-Appid header contains "
"untrusted application id: {}".format(inbound_appid))
email = parse_user_email(request, "X-GGRC-user", mandatory=True)
# External Application User should be created if doesn't exist.
if is_external_app_user_email(email):
db_user = find_or_create_ext_app_user()
try:
# Create in the DB external app user provided in X-external-user header.
parse_user_email(request, "X-external-user", mandatory=False)
except exceptions.BadRequest as exp:
logger.error("Creation of external user has failed. %s",
exp.message)
raise
else:
db_user = all_models.Person.query.filter_by(email=email).first()
if not db_user:
raise exceptions.BadRequest(
"No user with such email: {}".format(email))
return db_user
def get_external_app_user(email):
"""Find or create external app user from email in "X-GGRC-user" header."""
app_user = find_or_create_ext_app_user(email)
if app_user.id is None:
db.session.flush()
return app_user
def test_find_or_create_ext_app_user_exists(self, create_user_mock,
find_by_email_mock):
"""External App User exists in database."""
usr = mock.MagicMock()
find_by_email_mock.return_value = usr
self.assertEqual(usr, user_generator.find_or_create_ext_app_user())
find_by_email_mock.assert_called_once_with('*****@*****.**')
create_user_mock.assert_not_called()
def test_find_or_create_ext_app_user_exists(self, create_user_mock,
find_by_email_mock):
"""External App User exists in database."""
usr = mock.MagicMock()
find_by_email_mock.return_value = usr
self.assertEqual(usr, user_generator.find_or_create_ext_app_user())
find_by_email_mock.assert_called_once_with('*****@*****.**')
create_user_mock.assert_not_called()
def get_external_app_user(request):
"""Find or create external app user from email in "X-GGRC-user" header."""
app_user = find_or_create_ext_app_user()
if app_user.id is None:
db.session.flush()
external_user_email = parse_user_email(
request, "X-external-user", mandatory=False
)
if external_user_email:
# Create external app user provided in X-external-user header.
try:
create_external_user(app_user, external_user_email)
except exceptions.BadRequest as exp:
logger.error("Creation of external user has failed. %s", exp.message)
raise
return app_user
def request_loader(request):
"""Get the user provided in X-GGRC-user if whitelisted Appid provided."""
whitelist = settings.ALLOWED_QUERYAPI_APP_IDS
inbound_appid = request.headers.get("X-Appengine-Inbound-Appid")
if not inbound_appid:
# don't check X-GGRC-user if the request doesn't come from another app
return None
if inbound_appid not in whitelist:
# by default, we don't allow incoming app2app connections from
# non-whitelisted apps
raise exceptions.BadRequest("X-Appengine-Inbound-Appid header contains "
"untrusted application id: {}"
.format(inbound_appid))
user = request.headers.get("X-GGRC-user")
if not user:
# no user provided
raise exceptions.BadRequest("X-GGRC-user should be set, contains {!r} "
"instead."
.format(user))
try:
user = json.loads(user)
email = str(user["email"])
except (TypeError, ValueError, KeyError):
# user provided in invalid syntax
raise exceptions.BadRequest("X-GGRC-user should have JSON object like "
"{{'email': str}}, contains {!r} instead."
.format(user))
# External Application User should be created if doesn't exist.
if is_external_app_user_email(email):
db_user = find_or_create_ext_app_user()
else:
db_user = all_models.Person.query.filter_by(email=email).first()
if not db_user:
raise exceptions.BadRequest("No user with such email: {}"
.format(email))
return db_user
def get_external_app_user(request):
"""Find or create external app user from email in "X-GGRC-user" header."""
app_user = find_or_create_ext_app_user()
if app_user.id is None:
db.session.flush()
external_user_email = parse_user_email(request,
"X-external-user",
mandatory=False)
if external_user_email:
# Create external app user provided in X-external-user header.
try:
create_external_user(app_user, external_user_email)
except exceptions.BadRequest as exp:
logger.error("Creation of external user has failed. %s",
exp.message)
raise
return app_user
