Beispiel #1
0
def create_user(user: NewUser):
    """
    Create a invalid user in database including its credentials and
    security questions.

    \f
    :param user: User input
    """

    user_found = UserInterface.find_one(email=user.email, is_valid=False)
    if user_found:
        return UJSONResponse(UserMessage.exist, HTTP_400_BAD_REQUEST)

    user_found = UserInterface.find_one(email=user.email)
    if user_found:
        return UJSONResponse(UserMessage.exist, HTTP_400_BAD_REQUEST)

    user_dict = user.dict(
        exclude={'password', 'otp_code', 'security_questions'})
    new_user = User(**user_dict)
    credential = Credentials(user=new_user,
                             password=user.password,
                             otp_code=user.otp_code)
    security_questions = SecurityQuestions(
        user=new_user,
        questions=[question.dict() for question in user.security_questions])

    try:
        new_user.save()
        credential.save()
        security_questions.save()
    except Exception as error:
        return UJSONResponse(str(error), HTTP_400_BAD_REQUEST)
    return UJSONResponse(UserMessage.created, HTTP_201_CREATED,
                         BsonObject.dict(new_user))
Beispiel #2
0
def validate_credentials(user: UserCredentials):
    """
    Validate if user credentials are valid, if didn't match, will return bad
    request error.

    \f
    :param user: user credentials like email and password.
    """
    user_found = UserInterface.find_one(user.email, is_valid=True)
    if not user_found:
        return UJSONResponse(UserMessage.not_found, HTTP_404_NOT_FOUND)

    credentials = CredentialInterface.find_one(user_found)
    if not credentials:
        return UJSONResponse(CredentialMessage.invalid, HTTP_400_BAD_REQUEST)

    if credentials.password != user.password:
        return UJSONResponse(CredentialMessage.invalid, HTTP_400_BAD_REQUEST)

    # TODO: Verify User Role
    data = {
        'email': user.email,
        'name': user_found.name,
        'role': user_found.role.value
    }
    return UJSONResponse(CredentialMessage.logged, HTTP_200_OK, data)
Beispiel #3
0
def set_security_questions(email: str, questions: List[SecurityQuestion]):
    """
    Update security questions from specific user, all questions will be replaced
    depends of the input questions.

    \f
    :param email: user email to update questions.
    :param questions: array of questions.
    """
    user_found = UserInterface.find_one(email)
    if not user_found:
        return UJSONResponse(UserMessage.not_found, HTTP_404_NOT_FOUND)

    security_question = QuestionInterface.find_one(user_found)
    if not security_question:
        return UJSONResponse(QuestionMessage.not_found, HTTP_400_BAD_REQUEST)

    security_question.questions = [
        Question(**question.dict()) for question in questions
    ]
    try:
        security_question.save()
    except Exception as error:
        return UJSONResponse(str(error), HTTP_400_BAD_REQUEST)
    return UJSONResponse(QuestionMessage.updated, HTTP_200_OK)
Beispiel #4
0
def create_root_user(email: str):
    user_found = UserInterface.find_one(email)
    if not user_found:
        return UJSONResponse(UserMessage.not_found, HTTP_404_NOT_FOUND)

    try:
        user_found.update(role=UserRoles.ROOT)
        user_found.reload()
    except Exception as error:
        return UJSONResponse(str(error), HTTP_400_BAD_REQUEST)

    return UJSONResponse(UserMessage.updated, HTTP_200_OK)
Beispiel #5
0
def enable_user(email: str):
    """

    :param email:
    """
    user_found = UserInterface.find_one(email, is_enabled=False)
    if not user_found:
        return UJSONResponse(UserMessage.not_found, HTTP_404_NOT_FOUND)

    user_found.is_enabled = True
    user_found.save()
    return UJSONResponse(UserMessage.enabled, HTTP_200_OK)
Beispiel #6
0
def validate_user(email: str):
    """
    Validate user if the state user is invalid, if is valid, will return
    user not found.

    \f
    :param email: email from the user to validate.
    """
    user_found = UserInterface.find_one(email=email, is_valid=False)
    if not user_found:
        return UJSONResponse(UserMessage.not_found, HTTP_404_NOT_FOUND)
    user_found.is_valid = True
    user_found.save()

    return UJSONResponse(UserMessage.validated, HTTP_200_OK)
Beispiel #7
0
def delete_user(email: str):
    """
    Delete user data from database as logic field, if user has been deleted
    before, will return user not found or return user deleted successfully.

    \f
    :param email: email from the user to delete.
    """
    user_found = UserInterface.find_one(email)
    if not user_found:
        return UJSONResponse(UserMessage.not_found, HTTP_404_NOT_FOUND)

    user_found.is_deleted = True
    user_found.save()
    return UJSONResponse(UserMessage.deleted, HTTP_200_OK)
Beispiel #8
0
def find_user(email: str, is_valid: bool = True, is_enabled: bool = True):
    """
    Find user in database, depends of invalid param, could be a valid or invalid
    user, if user did not exist, will return user not found.

    \f
    :param email: email from the user to find.
    :param is_valid: if valid state user is valid or invalid.
    :param is_enabled:
    """
    user = UserInterface.find_one(email,
                                  is_valid=is_valid,
                                  is_enabled=is_enabled)
    if not user:
        return UJSONResponse(UserMessage.not_found, HTTP_404_NOT_FOUND)

    return UJSONResponse(UserMessage.found, HTTP_200_OK, BsonObject.dict(user))
Beispiel #9
0
def find_security_questions(email: str):
    """
    Find security questions from a specific user, if user did not exist, will
    return user not found, else, could return questions from the user.

    \f
    :param email: email from the user to find questions.
    """
    user_found = UserInterface.find_one(email)
    if not user_found:
        return UJSONResponse(UserMessage.not_found, HTTP_404_NOT_FOUND)

    security_question = QuestionInterface.find_one(user_found)
    if not security_question:
        return UJSONResponse(QuestionMessage.not_found, HTTP_400_BAD_REQUEST)
    data = [BsonObject.dict(q) for q in security_question.questions]
    return UJSONResponse(QuestionMessage.found, HTTP_200_OK, data)
Beispiel #10
0
def update_user(email: str, user: UpdateUser):
    """
    Update data user information, except email and credentials information, all
    null fields will be ignored.

    \f
    :param email: email from the user to update.
    :param user: user data to update.
    """
    user_found = UserInterface.find_one(email)
    if not user_found:
        return UJSONResponse(UserMessage.not_found, HTTP_404_NOT_FOUND)

    user_found.update(**user.dict(exclude_none=True))
    user_found.save().reload()

    return UJSONResponse(UserMessage.updated, HTTP_200_OK,
                         BsonObject.dict(user_found))
Beispiel #11
0
def get_otp_code(email: str, is_valid: bool = True):
    """
    Find otp code from user credentials and return its information.

    \f
    :param is_valid:
    :param email: user email to find otp code.
    """
    user_found = UserInterface.find_one(email, is_valid=is_valid)
    if not user_found:
        return UJSONResponse(UserMessage.not_found, HTTP_404_NOT_FOUND)

    credential = CredentialInterface.find_one(user_found)
    if not user_found:
        return UJSONResponse(UserMessage.not_found, HTTP_404_NOT_FOUND)

    data = {'otp_code': credential.otp_code}
    return UJSONResponse(UserMessage.found, HTTP_200_OK, data)
Beispiel #12
0
def get_security_code(email: str):
    """
    Find security code from the user credentials, if user or credentials did not
    exist, will return not found

    \f
    :param email: email from the user to find security code.
    """
    user_found = UserInterface.find_one(email)
    if not user_found:
        return UJSONResponse(UserMessage.not_found, HTTP_404_NOT_FOUND)

    credentials = CredentialInterface.find_one(user_found)
    if not credentials:
        return UJSONResponse(CredentialMessage.invalid, HTTP_400_BAD_REQUEST)

    data = {
        'security_code': credentials.security_code,
    }
    return UJSONResponse(CredentialMessage.code_found, HTTP_200_OK, data)
Beispiel #13
0
def update_password(user: UserCredentials):
    """
    Update password from specific user, if user not found or is not valid, will
    return not found.

    \f
    :param user: email from the user to update passwords.
    """
    user_found = UserInterface.find_one(user.email)
    if not user_found:
        return UJSONResponse(UserMessage.not_found, HTTP_404_NOT_FOUND)

    credentials = CredentialInterface.find_one(user_found)
    if not credentials:
        return UJSONResponse(CredentialMessage.invalid, HTTP_400_BAD_REQUEST)

    credentials.password = user.password
    try:
        credentials.save()
    except Exception as error:
        return UJSONResponse(str(error), HTTP_400_BAD_REQUEST)
    return UJSONResponse(CredentialMessage.pass_updated, HTTP_200_OK)
Beispiel #14
0
def set_security_code(email: str, code: str):
    """
    Update security code to specific user at its credentials.

    \f
    :param email: email from the user to set security code.
    :param code: code to update in its credentials
    """
    user_found = UserInterface.find_one(email)
    if not user_found:
        return UJSONResponse(UserMessage.not_found, HTTP_404_NOT_FOUND)

    credentials = CredentialInterface.find_one(user_found)
    if not credentials:
        return UJSONResponse(CredentialMessage.invalid, HTTP_400_BAD_REQUEST)

    credentials.security_code = code.strip()
    try:
        credentials.save()
    except Exception as error:
        return UJSONResponse(str(error), HTTP_400_BAD_REQUEST)
    return UJSONResponse(CredentialMessage.code_updated, HTTP_200_OK)
    def test_find_one_not_found(self):
        user = UserInterface.find_one('*****@*****.**')

        self.assertIsNone(user)
    def test_find_one_inactive_successful(self):
        user = UserInterface.find_one(self.inactive_user, is_valid=False)

        self.assertIsNotNone(user)
        self.assertIsInstance(user, User)
        self.assertEqual(user.email, self.inactive_user)
    def test_find_one_active_not_found(self):
        user = UserInterface.find_one(self.inactive_user)

        self.assertIsNone(user)
    def test_find_one_inactive_not_found(self):
        user = UserInterface.find_one(self.active_user, is_valid=False)

        self.assertIsNone(user)