def create_teams(): team_key = "" app_name = "" community_name = "" admin_user_email = "" other_users_email = [] app = AppInfo.query().filter(AppInfo.lc_name == app_name.lower()).get() if not app: appinfo_message = AppInfoMessage() appinfo_message.name = app_name app = AppInfo.insert(appinfo_message) community = Community.getCommunityFromTeamKey(team_key=team_key) if not community: community_message = CommunityMessage(name=community_name, team_key=team_key, team_secret=md5(community_name.lower())) community_message.user = UserMessage(user_email=admin_user_email) Community.insert(community_message) community = Community.getCommunityFromTeamKey(team_key=team_key) if community and app: if not app.key in community.apps: community.apps.append(app.key) community.put() for user_email in other_users_email: user = User.find_user_by_email(email=user_email, team_key=team_key) if not user: user = User.insert_user(user_email, account_type=team_key, image_url="") userrole = UserRole.insert(user, community)
def getAppAndCommunity(message, user): if message.team_key: community = Community.getCommunityFromTeamKey(team_key=message.team_key) appinfo = getAppInfo(community.key.id()) elif message.app_name: appinfo = AppInfo.get(name=message.app_name, platform=message.platform_type) community = None if appinfo is None: appInfoMessage = AppInfoMessage(name=message.app_name, version=message.app_version, platform=message.platform_type) appinfo = AppInfo.insert(appInfoMessage) else: app_community = getCommunityForApp(id=appinfo.key.id()) if app_community and isMember(app_community, user): community = app_community elif message.community_name: community_id = Community.getCommunity(community_name=message.community_name).id community = Community.get_by_id(community_id) appinfo = getAppInfo(community_id) else: raise endpoints.BadRequestException("Please specify a community or app") return appinfo, community
def dashboard_authenticate(self, request): email = request.user_email password = request.password team_key = request.team_key accounts = [] if email and password: users = User.get_all_user_by_email(email, md5(password), team_key=team_key) for user in users: if user: team_key = user.account_type team = Community.getCommunityFromTeamKey(team_key) if team: userTeamToken = get_user_team_token(email, password, team_key, team.team_secret, user.display_name, user.image_url) account = AccountAuthenticateMessage(display_name=user.display_name, image_url=user.image_url, team_name=team.name, team_key=team_key, team_hash=team.team_hash, user_team_token=json.dumps(userTeamToken), role=UserRole.getRole(user, team)) accounts.append(account) return AccountAuthenticateListMessage(authenticated=True if len(accounts) else False, account_info=accounts)
def authenticate(self, request): email = request.user_email validate_email(email) team_key = request.team_key user = User.find_user_by_email(email, team_key) if team_key: team_secret = request.team_secret validate_team_secret(team_secret) display_name = request.display_name image_url = request.user_image_url if not user: user = User.insert_user(email=email, username=display_name, account_type=team_key, image_url=image_url) community = Community.getCommunityFromTeamKey(team_key) UserRole.insert(user, community) elif (display_name != user.display_name) or (image_url != user.image_url): User.update_user(user=user, email=email, username=display_name, account_type=team_key, image_url=image_url) if not Community.authenticate(team_key, md5(team_secret)): raise endpoints.UnauthorizedException("Authentication failed. Team key and secret are not matched.") elif user.auth_source == AuthSourceType.ANNO: password = request.password validate_password(password) if not user: raise endpoints.NotFoundException("Authentication failed. User account " + email + " doesn't exist.") if not User.authenticate(email, md5(password)): raise endpoints.UnauthorizedException("Authentication failed. Email and password are not matched.") else: raise endpoints.ForbiddenException("Account for '%s' is Google or Facebook OAuth account." % email) return UserMessage(id=user.key.id(), display_name=user.display_name)
def community_users(self, request): user = auth_user(self.request_state.headers) community_userroles = [] if user: community = Community.getCommunityFromTeamKey(request.account_type) if community and (UserRole.getCircleLevel(user, community) > 0): community_userroles = UserRole.query().filter(ndb.AND(UserRole.community == community.key, UserRole.circle_level > 0) ).fetch(projection=[UserRole.user]) users = [] for community_userrole in community_userroles: current_user = community_userrole.user.get() users.append(UserMessage(id=current_user.key.id(), user_email=current_user.user_email, display_name=current_user.display_name, image_url=current_user.image_url)) # removing auth_user [ users.remove(user_info) for user_info in users if user_info.user_email == user.user_email ] # sorting users alphabetically users = sorted(users, key=lambda user_info: user_info.display_name.lower()) return UserListMessage(user_list=users)
def get_circle_users(self, request): roles = [UserRoleType.MEMBER, UserRoleType.ADMIN] community = Community.getCommunityFromTeamKey(request.team_key) circle_list_message = [] for circle_value, circle_name in community.circles.items(): circle_message = CommunityCircleMembersMessage() circle_message.circle_name = circle_name circle_message.users = [] for userrole in UserRole.getUsersByCircle(community.key, int(circle_value)): user = userrole.user.get() if user and (user.account_type == community.team_key): if user.user_email.split("@")[1] == "devnull.usersource.io": break user_message = UserAdminMasterMessage() user_message.display_name = user.display_name user_message.user_email = user.user_email user_message.password_present = True if user.password else False user_message.role = userrole.role user_message.image_url = user.image_url circle_message.users.append(user_message) circle_list_message.append(circle_message) return CommunityCircleMembersListMessage(circle_list=circle_list_message, roles=roles)
def update_user(self, request): action_auth_user = auth_user(self.request_state.headers) if not (action_auth_user.user_email == request.user_email): if not is_auth_user_admin(action_auth_user=action_auth_user): return ResponseMessage(success=False) user = get_user_from_request(user_id=request.user_id, user_email=request.user_email, team_key=request.team_key) if user: user.display_name = request.user_display_name or user.display_name user.password = md5(request.user_password) if request.user_password else user.password user.image_url = request.user_image_url or user.image_url or "" user.put() community = Community.getCommunityFromTeamKey(request.team_key) if request.team_key else Community.get_by_id(request.community_id) resp = None if user and community: circle = 0 for circle_value, circle_name in community.circles.iteritems(): if circle_name == request.circle: circle = int(circle_value) resp = UserRole.edit(user, community, request.role, circle) return ResponseMessage(success=True if resp else False)
def insert_user(self, request): if not is_auth_user_admin(headers=self.request_state.headers): return ResponseMessage(success=False) action_user = auth_user(self.request_state.headers) user = get_user_from_request(user_id=request.user_id, user_email=request.user_email, team_key=request.team_key) if not user: user = User.insert_user(request.user_email, username=request.user_display_name, account_type=request.team_key, auth_source=AuthSourceType.PLUGIN, password=md5(request.user_password), image_url=request.user_image_url or "") community = Community.getCommunityFromTeamKey(request.team_key) if request.team_key else Community.get_by_id(request.community_id) role = request.role if request.role else UserRoleType.MEMBER resp = None if user and community: circle = 0 for circle_value, circle_name in community.circles.iteritems(): if circle_name == request.circle: circle = int(circle_value) resp = UserRole.insert(user, community, role, circle) send_added_user_email(community.name, user.display_name, "added", action_user.display_name, community.team_hash) return ResponseMessage(success=True if resp else False)
def is_auth_user_admin(headers=None, action_auth_user=None): is_admin = False user = auth_user(headers) if (not action_auth_user and headers) else action_auth_user if user: community = Community.getCommunityFromTeamKey(user.account_type) if community: role = UserRole.getRole(user, community) is_admin = role == UserRoleType.ADMIN return is_admin
def migrate_photo_time_annos(cursor=None): team_key = 'us.orbe.Reko-Album' phototime_app = AppInfo.query().filter(AppInfo.lc_name == 'phototime').get() phototime_community = Community.getCommunityFromTeamKey(team_key=team_key) anno_list = Anno.query().filter(Anno.app == phototime_app.key).fetch() for anno in anno_list: anno.community = phototime_community.key user_email = anno.creator.get().user_email anno.creator = User.find_user_by_email(email=user_email, team_key=team_key).key anno.put()
def get_all_teams_by_email(cls, email): from model.community import Community users = cls.query().filter(cls.user_email == email).fetch() accounts = [] for user in users: if user: team_key = user.account_type team = Community.getCommunityFromTeamKey(team_key) if team: account = AccountAuthenticateMessage(team_name=team.name, team_key=team_key) accounts.append(account) return accounts
def auth_user(headers): current_user = get_endpoints_current_user(raise_unauthorized=False) user = None if current_user is None: credential_pair = get_credential(headers) signinMethod = SignInMethod.ANNO team_key = None team_secret = None display_name = None image_url = None if len(credential_pair) == 2: email, password = credential_pair elif len(credential_pair) == 5: signinMethod, email, password, team_key, team_secret = credential_pair else: signinMethod, email, password, team_key, team_secret, display_name, image_url = credential_pair validate_email(email) user = User.find_user_by_email(email, team_key) if signinMethod == SignInMethod.ANNO: User.authenticate(email, md5(password)) elif signinMethod == SignInMethod.PLUGIN: if not Community.authenticate(team_key, team_secret): raise endpoints.UnauthorizedException("Incorrect team key or secret") display_name = unicode(display_name, "utf-8", "ignore") if not user: user = User.insert_user(email=email, username=display_name, account_type=team_key, image_url=image_url) community = Community.getCommunityFromTeamKey(team_key) UserRole.insert(user, community) elif (display_name and display_name != user.display_name) or (image_url and image_url != user.image_url): User.update_user(user=user, email=email, username=display_name, account_type=team_key, image_url=image_url) else: user = User.find_user_by_email(current_user.email()) if user is None: raise endpoints.UnauthorizedException("Oops, something went wrong. Please try later.") return user