def set_processor_profile(user_id, processor_profile):
""" Set data processor profile. """
session = db.get_db_session()
result = {}
result['success'] = False
session = db.get_db_session()
try:
profile = session.query(Processor).filter_by(puid=user_id).one()
if 'name' in processor_profile:
profile.name = processor_profile['name']
if 'address' in processor_profile:
profile.address = processor_profile['address']
if 'postcode' in processor_profile:
profile.postcode = processor_profile['postcode']
if 'city' in processor_profile:
profile.city = processor_profile['city']
if 'org_type' in processor_profile and processor_profile[
'org_type'] in [x.value for x in enums.OrganizationType]:
profile.org_type = processor_profile['org_type']
if 'thumbnail_url' in processor_profile:
profile.thumbnail_url = processor_profile['thumbnail_url']
session.commit()
result['success'] = True
result['response'] = ""
return result
except Exception:
if Configuration.test_mode:
logging.exception("An error occured:")
session.rollback()
session.close()
error = {}
error['code'] = enums.Error.UNDEFINED
error['message'] = "undefined"
result['error'] = error
return result
def check_login(user_id, passw):
""" check password (internal)
Args:
- user_id (int): uid of the user
- passw (str): password of the user
Returns:
- success (bool)
"""
# FIXME: Add check for tokens
session = db.get_db_session()
try:
# check if password was right
account_to_check = session.query(User).filter_by(
**{'user_id': user_id})
if account_to_check.count() == 0:
session.close()
return False
account_to_check = account_to_check.one()
if account_to_check.password_hash == passw:
session.close()
return True
session.close()
return False
except Exception:
session.close()
logging.exception("An error occured:")
return False
def register(new_acc, db_query, pers_inf, param):
""" Add new user to database. (internal)
Args:
- new_acc (object): User object to be added to database of type ``db_query``
- db_query (class): User class, e.g. ``User``
- pers_inf (object): Object of type personal_information.PersonalInformation
- param (dict): Contains the user id, e.g. `` {'user_id': user_id} ``
Returns:
- success (bool)
- error (dict):
- code (int): one of
- 6 -- Account already existing
- 99 -- Undefined
- message (str): error code meaning
- response (empty dict)
(returns error only if success == False and response otherwise)
"""
session = db.get_db_session()
result = {}
result['success'] = False
try:
# account already registered
if session.query(db_query).filter_by(**param).count():
session.close()
Configuration.print_config()
error = {}
error['code'] = enums.Error.USER_ALREADY_EXISTS
error['message'] = "account already exists"
result['error'] = error
return result
else:
session.add(new_acc)
if pers_inf is not None:
session.add(pers_inf)
for code in UserDataType:
session.add(
PrivacyDefault(code.value, new_acc.user_id, 0, True))
session.commit()
session.close()
except Exception:
if Configuration.test_mode:
logging.exception("An error occured:")
session.rollback()
session.close()
error = {}
error['code'] = enums.Error.UNDEFINED
error['message'] = "undefined"
result['error'] = error
return result
result['success'] = True
result['response'] = {}
return result
def add_data_to_database(data):
""" This function enables to commit data to the database
without repeating the following three lines in every
set-function. """
session = db.get_db_session()
session.add(data)
session.commit()
session.close()
def list_default_privacy_levels(user_id, labels=None):
""" Return current default privacy settings for all attribute catgeories if labels is None
and only for the passed categories (=labels) otherwise.
Args:
- user_id (int): uid of the user
Kwargs:
- labels (list of int): if not ``None``, only the levels for the matching labels will be returned
Returns:
- success (bool)
- error (dict):
- code (int): one of
- 1 -- Invalid token
- 99 -- Undefined
- message (str): error code meaning
- response (list of dicts):
- form of dicts: ``{"label":label, "level":level}``
(returns error only if success == False and response otherwise)
"""
result = {}
result['success'] = False
# check if user token was correct
session = db.get_db_session()
try:
if labels is None:
privacy_default_list = session.query(PrivacyDefault)\
.filter(PrivacyDefault.user_id == user_id).all()
else:
privacy_default_list = session.query(PrivacyDefault).\
filter(PrivacyDefault.user_id == user_id).\
filter(PrivacyDefault.label.in_(labels)).all()
session.close()
response = [{
"label": row.label,
"level": row.level,
"explicitconsent": row.explicitconsent
} for row in privacy_default_list]
result['success'] = True
result['response'] = response
return result
except Exception:
if Configuration.test_mode:
logging.exception("An error occured:")
session.rollback()
session.close()
error = {}
error['code'] = enums.Error.UNDEFINED
error['message'] = "undefined"
result['error'] = error
return result
def finish_login(user_id, is_processor=False):
""" check password and create token. (internal)
Args:
- user_id (int): uid of the user
- passw (str): password of the user
- db_query (class): class of the user, e.g. ``User``
- param (dict): Contains the user id, e.g. ``{'user_id': user_id}``
Returns:
- success (bool)
- error (dict):
- code (int): one of
4 -- Invalid password
99 -- Undefined
- message (str): error code meaning
- response (str): user session token
(returns error only if success == False and response otherwise)
"""
session = db.get_db_session()
# Password check is performed in apicalls using check_login()
token_scope = 'processor' if is_processor else 'user'
try:
loggedin = session.query(JwtToken).filter(JwtToken.user_id == user_id)
if loggedin.count():
response = loggedin.one()
validity_check = JwtToken.check_token(response.token, user_id,
token_scope)
if validity_check:
return_token = response.token
session.close()
else:
updated_token = JwtToken.generate_general_token(
user_id, scope=token_scope)
loggedin.update({JwtToken.token: updated_token.token})
return_token = updated_token.token
session.commit()
session.close()
return return_token
new_token = JwtToken.generate_general_token(user_id, scope=token_scope)
session.add(new_token)
response = new_token.token
session.commit()
session.close()
return response
except Exception as e:
return None
def user_register(user_id, username, firstname, lastname, birthday, street,
postal, city, country, email, gender, password_hash,
btc_address, anon):
""" Add new user to database.
Args:
- user_id (int): uid of the user
- username (str): username of the user
- firstname (str)
- lastname (str)
- birthday (str)
- street (str)
- postal (str)
- city (str)
- country (str)
- email (str)
- gender (str)
- password_hash (str)
-btc_address (str)
-anon (bool)
Returns:
- success (bool)
- error (dict):
- code (int): one of
6 -- Account already exists
99 -- Undefined
- message (str): error code meaning
- response (empty dict)
(returns error only if success == False and response otherwise)
"""
new_user = User(user_id, username, password_hash, btc_address)
session = db.get_db_session()
new_personal_information = personal_information.PersonalInformation(
user_id, int(round(time.time() * 1000)), username, firstname, lastname,
street, city, postal, country, birthday, email, gender, anon)
return register(new_user, User, new_personal_information,
{'user_id': user_id})
def update(db_query_acc, db_query_inf, pers_inf, param):
""" Update existing user profile. (internal)
We deliberately use over-expressive error messages for the sake of
our research demonstrator. In real deployments, this approach will
leak sensitive information to attackers.
Args:
- db_query_acc (class): class of the user, e.g. ``User``
- db_query_inf (class): class of the personal information, e.g. ``personal_information.PersonalInformation``
- pers_inf (object): Object of type ``db_query_inf``
- param (dict): Contains the user id, e.g. ``{'user_id': user_id}``
Returns:
- success (bool)
- error (dict):
- code (int): one of
- 1 -- Token error
- 6 -- Account does not exist
- message (str): error code meaning
- response (empty dict)
(returns error only if success == False and response otherwise)
"""
session = db.get_db_session()
result = {}
result['success'] = False
try:
# check if user exists and correct password
session.update(db_query_inf).where(
db_query_acc.user_id == param['user_id']).values(pers_inf)
session.commit()
session.close()
result['success'] = True
result['response'] = {}
return result
except Exception:
if Configuration.test_mode:
logging.exception("An error occured:")
session.rollback()
session.close()
error = {}
error['code'] = enums.Error.USER_NOT_IN_DB
error['message'] = "account does not exist yet"
result['error'] = error
return result
def remove_default_privacy(db_query_privacy, param):
""" Remove the default privacy settings for a user (internal)
Args:
- db_query_privacy (class): class of the privacy information, e.g. ``PrivacyDefault``
- param (dict): Contains the user id, e.g. ``{'user_id': user_id}``
Returns:
- success (bool)
- error (dict):
- code (int):
- 19 -- cannot remove default privacy information from Db
- message (str): error code meaning
- response (empty dict)
(returns error only if success == False and response otherwise)
"""
session = db.get_db_session()
result = {}
result['success'] = False
try:
# try to remove default privacy settings from db
default_privacy_to_delete = session.query(db_query_privacy).filter_by(
**param).all()
session.delete(default_privacy_to_delete)
session.commit()
session.close()
except Exception:
if Configuration.test_mode:
logging.exception("An error occured:")
session.rollback()
session.commit()
session.close()
error = {}
error['code'] = enums.Error.CANNOT_REMOVE_PRIVACY_DEFAULTS
error['message'] = "cannot remove default privacy information from Db"
result['error'] = error
return result
result['success'] = True
result['response'] = {}
return result
def remove_personal_information(db_query_inf, param):
""" Remove the personal infotmation (internal)
Args:
- db_query_inf (class): class of the personal information, e.g. ``personal_information.PersonalInformation``
- param (dict): Contains the user id, e.g. ``{'user_id': user_id}``
Returns:
- success (bool)
- error (dict):
- code (int):
- 17 -- Cannot remove personal information from database
- message (str): error code meaning
- response (empty dict)
(returns error only if success == False and response otherwise)
"""
session = db.get_db_session()
result = {}
result['success'] = False
try:
# try to remove personal information from db
pers_inf_to_delete = session.query(db_query_inf).filter_by(
**param).one()
session.delete(pers_inf_to_delete)
session.commit()
session.close()
except Exception:
if Configuration.test_mode:
logging.exception("An error occured:")
session.rollback()
session.commit()
session.close()
error = {}
error['code'] = enums.Error.CANNOT_REMOVE_PERSONAL_INFORMATION
error['message'] = "cannot remove personal information from Db"
result['error'] = error
return result
result['success'] = True
result['response'] = {}
return result
def get_wizard_state(user_id):
""" Get wizard state. """
result = {}
result['success'] = False
session = db.get_db_session()
try:
profile = session.query(User). \
filter_by(user_id=user_id).one()
result['response'] = profile.wizard_state
result['success'] = True
return result
except Exception:
if Configuration.test_mode:
logging.exception("An error occured:")
session.rollback()
session.close()
error = {}
error['code'] = enums.Error.UNDEFINED
error['message'] = "undefined"
result['error'] = error
return result
def get_proc_profile(proc_id, is_user=True):
""" Get data processor profile. """
result = {}
result['success'] = False
session = db.get_db_session()
try:
profile = session.query(Processor).filter_by(puid=proc_id).one()
response = {
"name": profile.name,
"address": profile.address,
"postcode": profile.postcode,
"city": profile.city,
"org_type": profile.org_type,
"thumbnail_url": profile.thumbnail_url
}
if profile == []:
session.close()
error = {}
error['code'] = enums.Error.PROFILE_NOT_FOUND
error[
'message'] = "Error, Profile not found even though user is registered."
result['error'] = error
return result
result['success'] = True
result['response'] = response
return result
except Exception:
if Configuration.test_mode:
logging.exception("An error occured:")
session.rollback()
session.close()
error = {}
error['code'] = enums.Error.UNDEFINED
error['message'] = "undefined"
result['error'] = error
return result
def select_query_data(users, start_time, end_time, passed_session=None):
""" Return a dict with the user_id and relevant data needed for calculating the query result.
Args:
- users (dict): output of select_users()
- start_time (int): user should have data with timestamps above this value (in milliseconds)
- start_time (int): user should have data with timestamps below this value (in milliseconds)
- passed_session (db_session): already existing session passed for consistency
Returns:
- dict of int : dict of the form: { user_id1 : {'v': [], 't': [], 'a': '', 'fg': '', 'cg': ''}, user_id2 : {'v': [], 't': [], 'a': '', 'fg': '', 'cg': ''}, ... }
- v = list of values of single data points
- t = list of timestamps belonging to the data point values in v
- a = privacy level
- fg = finest granularity = minimum distance between the timestamps of two succeeding values
- cg = coarsest granularity = maximum distance between the timestamps of two succeeding values
Example:
{ 839923732067498363: {'random_one': {'v':[40.29, 50.52, 56.68, 67.73],
't':[1539122760000, 1539122940000, 1539123120000, 1539123300000],
'a':1,
'fg':180000,
'cg':180000}},
391676021478103493: {'random_one': {'v':[35.19, 84.48, 61.24, 76.92, 82.56, 49.59, 40.78],
't':[1539122640000, 1539122760000, 1539122880000, 1539123000000, 1539123120000, 1539123240000, 1539123360000],
'a':3,
'fg':120000,
'cg':120000}}
}
"""
if passed_session is None:
session = db.get_db_session()
else:
session = passed_session
try:
# for every data source
attributes = users[list(users.keys())[0]]
for attribute in attributes:
cur_source = HelperMethods.classname_to_source(attribute[0])
# get entries for user_ids contained in user list and the given time interval
query_data = session.query(cur_source).\
filter(cur_source.timestamp.between(start_time, end_time - 1), cur_source.user_id.in_(users)).\
order_by(cur_source.user_id.asc(), cur_source.timestamp.asc())
# sort data for every user and every attribute into values dict
values_dict = {}
# collect attributes of first user's first data source
for user in users:
settings = users[user]
attributes_dict = {}
for setting in settings:
if setting[0] == attribute[0]:
a = setting[1]
vals = create_values_dict()
vals['v'] = [
round(HelperMethods.str_to_attr(a, row), 2)
for row in (r for r in query_data
if r.user_id == user)
]
vals['t'] = [
row.timestamp for row in (r for r in query_data
if r.user_id == user)
]
vals['a'] = setting[2]
vals['fg'] = setting[3]
vals['cg'] = setting[4]
attributes_dict[a] = vals
else:
break
if len(attributes_dict) > 0:
values_dict[user] = attributes_dict
if passed_session is None:
session.close()
return values_dict
except Exception:
if Configuration.test_mode:
logging.exception("An error occured:")
session.rollback()
raise
finally:
if passed_session is None:
session.close()
def select_users(data_sources, attributes, constraints, max_granularity,
max_privacy_level, start_time, end_time):
"""Return an dict of user_ids (int) which are relevant for the current query and their settings for the relevant attributes
Args:
- data_sources (list of str): list containing strings with the data source class names, e.g. 'RandomData'
- attributes (list of str): list attribute names, e.g. 'random_one'
- constraints (list of lists): each list contains the data source name, the attribute name and the value/bounds which should be matched
in the form [data_source_class, attribute_name, bounds]
bounds is a string of the form a) "x:y" or b) "z" where
a) x and y are integers or dates (of the form 'year/month/day') with x being a lower bound and y being an upper bound for the attribute value
b) z can be string or integer and is compared to the attribute value
- start_time (int): user should have data with timestamps above this value (in milliseconds)
- end_time (int): user should have data with timestamps below this value (in milliseconds)
- max_privacy_level (int): maximum privacy the attributes should require (because higher privacy lowers accuracy of the data)
- max_granularity (int): maximum distance between timestamps of succeeding data points in milliseconds (because higher granularities lower the accuracy of the data)
Returns:
- dict of int : list of lists
- content: { user_id1: [[data_source_name, attribute_name, a, fg, cg]], user_id2: [[data_source_name, attribute_name, a, fg, cg]], ... }
- a = privacy level
- fg = finest granularity = minimum distance between the timestamps of two succeeding values
- cg = coarsest granularity = maximum distance between the timestamps of two succeeding values
Example:
{ 97546848572549905: [['RandomData', 'random_one', 2, 60000, 60000]] }
"""
session = db.get_db_session()
try:
# Get internal row IDs of data sources that appear in the query
unified_data_sources = list(set(data_sources))
data_source_tablenames = [
HelperMethods.classname_to_tablename(ds)
for ds in unified_data_sources
]
available_sources = session.query(
AvailableDataSource.data_source_id,
AvailableDataSource.data_source_name).filter(
AvailableDataSource.data_source_name.in_(
data_source_tablenames)).order_by(
AvailableDataSource.data_source_id).all()
source_mapping = dict()
for i, name in enumerate(unified_data_sources):
source_mapping[name] = available_sources[i][0]
relevant_data_sources = list(
filter(lambda avs: avs[1] in data_source_tablenames,
available_sources))
relevant_data_source_ids = list(
map(lambda avs: avs[0], relevant_data_sources))
# Determine users who registered all relevant data sources and
# who have compatible privacy settings
user_ids_with_data_sources = session.query(
RegisteredDataSource, PrivacySetting).filter(
and_(
RegisteredDataSource.user_id == PrivacySetting.user_id,
RegisteredDataSource.data_source_id ==
PrivacySetting.data_source_id,
RegisteredDataSource.data_source_id.in_(
relevant_data_source_ids),
RegisteredDataSource.timestamp <= start_time,
PrivacySetting.attribute.in_(attributes),
PrivacySetting.level.between(1, max_privacy_level))).all()
potential_user_ids = [u[0].user_id for u in user_ids_with_data_sources]
# Get update history of granularities for potentially interesting users
# restricted to their relevant data sources.
relevant_upload_granularity_histories = session.query(
UploadGranularity).filter(
and_(
UploadGranularity.user_id.in_(potential_user_ids),
UploadGranularity.data_source_id.in_(
relevant_data_source_ids),
UploadGranularity.timestamp <= end_time)).group_by(
UploadGranularity.user_id,
UploadGranularity.data_source_id).all()
granularity_updates_per_user = dict()
for g in relevant_upload_granularity_histories:
if g.user_id not in granularity_updates_per_user.keys():
granularity_updates_per_user[g.user_id] = dict()
if g.data_source_id not in granularity_updates_per_user[
g.user_id].keys():
granularity_updates_per_user[g.user_id][
g.data_source_id] = list()
granularity_updates_per_user[g.user_id][g.data_source_id].append(
(g.timestamp, g.interval))
# Filter out users with granularities during the query interval that are too coarse
potential_users_granularities = dict()
for u, srcs in granularity_updates_per_user.items():
# Only keep user if he has no granularity updates violating the data processor's requirements
exclude_user = False
user_granularities = dict()
for data_source_id, gs in srcs.items():
granularities = [g[1] for g in gs]
if max(granularities) <= max_granularity:
user_granularities[data_source_id] = (min(granularities),
max(granularities))
else:
exclude_user = True
if not exclude_user:
potential_users_granularities[u] = user_granularities
potential_user_ids = [u for u in potential_users_granularities.keys()]
# additional constraints (attributes with lower and/or upper bounds)
for constraint in constraints:
data_source_class = HelperMethods.classname_to_source(
constraint[0])
attr = HelperMethods.str_to_attr(constraint[1], data_source_class)
bounds = constraint[2].split(':')
# upper and/or lower bounds
if len(bounds) == 2:
lower = bounds[0]
upper = bounds[1]
if lower != '' and upper != '': # Check for values outside the boundaries
exclusion_check = session.query(
data_source_class.user_id, func.count(attr)).filter(
data_source_class.user_id.in_(potential_user_ids),
or_(attr < lower, attr > upper))
elif lower != '': # We have only a lower bound (exclude all smaller values)
exclusion_check = session.query(
data_source_class.user_id, func.count(attr)).filter(
data_source_class.user_id.in_(potential_user_ids),
attr < lower)
else: # We have only an upper bound (exclude all larger values)
exclusion_check = session.query(
data_source_class.user_id, func.count(attr)).filter(
data_source_class.user_id.in_(potential_user_ids),
attr > upper)
# check quality
elif len(bounds) == 1 and bounds[0] != '':
comparator = bounds[0]
exclusion_check = session.query(
data_source_class.user_id,
# func.count(attr)
attr).filter(
data_source_class.user_id.in_(potential_user_ids),
attr != comparator)
elif len(bounds) > 2:
raise AssertionError(
"Constraint value interval contains too many values: {}".
format(len(bounds)))
excluded_user_ids = exclusion_check.all()
# Finally build set of user IDs that will remain after preselection
user_ids = list(set(potential_user_ids) - set(excluded_user_ids))
# Bundle required information for selected users
"""
Example:
{ 97546848572549905: [['RandomData', 'random_one', 2, 60000, 60000]] }
"""
result_users = dict()
for user_id in user_ids:
user_result = list()
for i, data_source in enumerate(data_sources):
data_source_id = source_mapping[data_source]
attr = attributes[i]
privacy_setting = [
u[1].level for u in user_ids_with_data_sources
if u[1].user_id == user_id and u[1].attribute == attr
][0]
user_result.append([
data_source,
attr,
privacy_setting,
potential_users_granularities[user_id][data_source_id][0],
potential_users_granularities[user_id][data_source_id][1],
])
result_users[user_id] = user_result
session.close()
return result_users
except Exception:
if Configuration.test_mode:
logging.exception("An error occured:")
session.rollback()
raise
finally:
session.close()
def get_user_profile(user_id):
""" Returns the user profile
Args:
- user_id (int): uid of the user
Returns:
- success (bool)
- error (dict):
- code (int): one of
21 -- Error, Profile not found even though user is registered
99 -- Undefined
- message (str): error code meaning
- response (dict)
- username (str)
- firstname (str)
- lastname (str)
- birthday (str)
- street (str)
- postal (str)
- city (str)
- country (str)
- email (str)
- gender (str)
-anon (bool)
(returns error only if success == False and response otherwise)
"""
result = {}
result['success'] = False
session = db.get_db_session()
try:
profile = session.query(personal_information.PersonalInformation). \
filter_by(user_id=user_id).one()
response = {}
response['username'] = profile.user_name
response['firstname'] = profile.first_name
response['lastname'] = profile.last_name
response['birthday'] = profile.birthday
response['street'] = profile.street
response['postal'] = profile.zip_code
response['city'] = profile.city
response['country'] = profile.country
response['email'] = profile.email
response['gender'] = profile.gender
response['anon'] = profile.anon
if profile == []:
session.close()
error = {}
error['code'] = enums.Error.PROFILE_NOT_FOUND
error[
'message'] = "Error, Profile not found even though user is registered."
result['error'] = error
return result
result['success'] = True
result['response'] = response
return result
except Exception:
if Configuration.test_mode:
logging.exception("An error occured:")
session.rollback()
session.close()
error = {}
error['code'] = enums.Error.UNDEFINED
error['message'] = "undefined"
result['error'] = error
return result
def set_default_privacy_levels(user_id, privacy_levels):
""" Set the default privacy levels for a user
Args:
- user_id (int): uid of the user
- privacy_levels (list of str : dict): Of form ``{"label":label, "level":level}``
Returns:
- success (bool)
- error (dict):
- code (int): one of
- 1 -- Invalid token
- 91 -- Privacy level out of bounds
- 99 -- Undefined
- message (str): error code meaning
- response (empty dict)
(returns error only if success == False and response otherwise)
"""
result = {}
result['success'] = False
session = db.get_db_session()
try:
registered_data_sources = session.query(AvailableDataSource).filter(
AvailableDataSource.data_source_id ==
RegisteredDataSource.data_source_id).filter(
RegisteredDataSource.user_id == user_id).all()
for privacy_level in privacy_levels:
# Only allow privacy levels between 0 and 3 for now
if 0 <= privacy_level.get("level") <= 3:
# set level in default table
cur = session.query(PrivacyDefault).filter_by(
user_id=user_id, label=privacy_level.get("label")).one()
cur.level = privacy_level.get("level")
cur.explicitconsent = privacy_level.get("explicitconsent")
# check for every registered data source if some attribute has the same label and needs to be
# updated
for source in registered_data_sources:
source_class = HelperMethods.tablename_to_source(
source.data_source_name)
for key in source_class.label:
if source_class.label.get(key) == privacy_level.get(
"label"):
privacy_setting = session.query(
PrivacySetting).filter_by(
data_source_id=source.data_source_id,
user_id=user_id,
attribute=key).one()
privacy_setting.level = privacy_level.get("level")
privacy_setting.explicitconsent = privacy_level.get(
"explicitconsent")
else:
session.rollback()
session.close()
error = {}
error['code'] = enums.Error.INVALID_PRIVACY_LEVEL
error['message'] = "Privacy level out of bounds"
result['error'] = error
return result
session.commit()
session.close()
result['success'] = True
result['response'] = {}
return result
except Exception:
if Configuration.test_mode:
logging.exception("An error occured:")
session.rollback()
session.close()
error = {}
error['code'] = enums.Error.UNDEFINED
error['message'] = "undefined"
result['error'] = error
return result
def remove(user_id, passw, db_query_inf, db_query_privacy, db_query_queries,
is_user, param):
""" Remove account by its ID. (internal)
Args:
- user_id (int): uid of the user
- passw (str): password hash of the user
- db_query_inf (class): class of the personal information, e.g. ``personal_information.PersonalInformation``
- db_query_privacy (class): class of the privacy information, e.g. ``PrivacyDefault``
- db_query_queries (class): class of the query db, e.g. ``Query_Db``
- db_query_pin_queries (class): class of the pin query db, e.g., ``Pin_Query_Db``
- is_user (bool): if ``True``, get list of registered data sources and remove them
- param (dict): Contains the user id, e.g. ``{'user_id': user_id}``
Returns:
- success (bool)
- error (dict):
- code (int): one of
6 -- Account does not exists yet
1 -- Token not found, user not logged in
17 -- cannot remove personal information from Db
19 -- cannot remove default privacy settings from Db
22 -- cannot remove queries associated with user from Db
23 -- cannot remove queries associated with processor from Db
3 -- cannot remove account from Db
4 -- invalid password
5 -- account not in db
- message (str): error code meaning
- response (empty dict)
(returns error only if success == False and response otherwise)
"""
session = db.get_db_session()
result = {}
result['success'] = False
try:
# check if user exists and correct password
db_query_acc = User if is_user else Processor
account_to_check = session.query(db_query_acc).filter_by(**param).one()
if account_to_check.password_hash == passw:
# if user, get list of registered data sources and remove them
if is_user:
try:
# try to remove personal information & default privacy settings from db
pers_inf_to_delete = session.query(db_query_inf).filter_by(
**param).one()
session.delete(pers_inf_to_delete)
except Exception:
if Configuration.test_mode:
logging.exception("An error occured:")
session.rollback()
session.commit()
session.close()
error = {}
error[
'code'] = enums.Error.CANNOT_REMOVE_PERSONAL_INFORMATION
error[
'message'] = "cannot remove personal information from Db"
result['error'] = error
return result
try:
# try to remove personal information & default privacy settings from db
default_privacy_to_delete = session.query(
db_query_privacy).filter_by(**param).all()
for setting in default_privacy_to_delete:
session.delete(setting)
except Exception:
if Configuration.test_mode:
logging.exception("An error occured:")
session.rollback()
session.commit()
session.close()
error = {}
error['code'] = enums.Error.CANNOT_REMOVE_PRIVACY_DEFAULTS
error[
'message'] = "cannot remove default privacy settings from Db"
result['error'] = error
return result
try:
# try to remove associated queries
queries_to_delete = session.query(
db_query_queries).filter_by(**param).all()
for query in queries_to_delete:
session.delete(query)
except Exception:
if Configuration.test_mode:
logging.exception("An error occured:")
session.rollback()
session.commit()
session.close()
error = {}
error['code'] = enums.Error.CANNOT_REMOVE_USER_QUERIES
error[
'message'] = "cannot remove queries associated with user from Db"
result['error'] = error
return result
session.commit()
session.close()
result['success'] = True
result['response'] = {}
data_sources = data_source_tasks.get_data_source_list(
user_id, False)
remove_result = data_source_tasks.remove_data_sources(
user_id, data_sources['response'])
if remove_result['success'] is False:
error = {}
error['code'] = enums.Error.UNDEFINED
error[
'message'] = "Undefined error while trying to remove data for user"
result['error'] = error
return result
# log user/proc out
else:
logout_result = proc_logout(user_id)
if not logout_result["success"]:
session.rollback()
session.close()
return logout_result
try:
# change status of associated queries
queries_to_modify = session.query(
db_query_queries).filter_by(
processor_id=param['puid']).all()
for query in queries_to_modify:
query.state = QueryState.ABANDONED
query.result = ""
except Exception:
if Configuration.test_mode:
logging.exception("An error occured:")
session.rollback()
session.commit()
session.close()
error = {}
error['code'] = enums.Error.CANNOT_REMOVE_PROC_QUERIES
error[
'message'] = "cannot remove queries associated with processor from Db"
result['error'] = error
return result
try:
# try to remove user from db
account_to_delete = session.query(db_query_acc).filter_by(
**param).one()
session.delete(account_to_delete)
session.commit()
session.close()
result['success'] = True
result['response'] = {}
except Exception:
if Configuration.test_mode:
logging.exception("An error occured:")
session.rollback()
session.close()
error = {}
error['code'] = enums.Error.CANNOT_REMOVE_USER
error['message'] = "cannot remove account from Db"
result['error'] = error
return result
else:
error = {}
error['code'] = enums.Error.INVALID_PASSWORD
error['message'] = "invalid password"
result['error'] = error
return result
except Exception:
if Configuration.test_mode:
logging.exception("An error occured:")
error = {}
error['code'] = enums.Error.USER_NOT_IN_DB
error['message'] = "account not in db"
result['error'] = error
return result
def is_user(username):
session = db.get_db_session()
res = session.query(User).filter_by(**{'username': username}).one_or_none()
session.close()
return res is not None
