def add_user(
first_name: str,
last_name: str,
email: str,
agency_ein: str,
middle_initial: str = None,
is_admin: bool = False,
is_active: bool = False,
):
"""
Add an agency user into the database.
"""
if not first_name:
raise click.UsageError("First name is required")
if not last_name:
raise click.UsageError("Last name is required")
if not email:
raise click.UsageError("Email Address is required")
if not agency_ein:
raise click.UsageError("Agency EIN is required")
user = Users(
guid=generate_guid(),
first_name=first_name,
middle_initial=middle_initial,
last_name=last_name,
email=email,
email_validated=False,
is_nyc_employee=True,
is_anonymous_requester=False,
)
db.session.add(user)
agency_user = AgencyUsers(
user_guid=user.guid,
agency_ein=agency_ein,
is_agency_active=is_active,
is_agency_admin=is_admin,
is_primary_agency=True,
)
db.session.add(agency_user)
db.session.commit()
if is_admin:
redis_key = "{current_user_guid}-{update_user_guid}-{agency_ein}-{timestamp}".format(
current_user_guid="openrecords_support",
update_user_guid=user.guid,
agency_ein=agency_ein,
timestamp=datetime.now(),
)
make_user_admin.apply_async(args=(user.guid, "openrecords_support",
agency_ein),
task_id=redis_key)
print(user)
def create_user(
first_name=None,
last_name=None,
email=None,
ein=None,
is_admin=False,
is_active=False,
):
"""Create an agency user."""
if first_name is None:
raise InvalidCommand("First name is required")
if last_name is None:
raise InvalidCommand("Last name is required")
if email is None:
raise InvalidCommand("Email is required")
if ein is None:
raise InvalidCommand("Agency EIN is required")
user = Users(
guid=generate_guid(),
auth_user_type=user_type_auth.AGENCY_LDAP_USER,
email=email,
first_name=first_name,
last_name=last_name,
title=None,
organization=None,
email_validated=True,
terms_of_use_accepted=True,
phone_number=None,
fax_number=None,
mailing_address=create_mailing_address(None, None, None, None),
)
db.session.add(user)
agency_user = AgencyUsers(
user_guid=user.guid,
auth_user_type=user.auth_user_type,
agency_ein=ein,
is_agency_active=is_active,
is_agency_admin=is_admin,
is_primary_agency=True,
)
db.session.add(agency_user)
db.session.commit()
print(user)
def fix_anonymous_requesters():
"""
Ensures there is only one anonymous requester per request by
creating a new anonymous requester (User) for every User Requests record with
a duplicate anonymous requester guid and updates the User Requests record.
The new user will be identical to the existing one with the exception of the guid.
"""
from app.constants import user_type_request
from app.request.utils import generate_guid
from app.lib.db_utils import create_object, update_object
guids = db.engine.execute("""
SELECT
user_requests.user_guid AS "GUID"
FROM user_requests
JOIN users ON user_requests.user_guid = users.guid AND user_requests.auth_user_type = users.auth_user_type
WHERE user_requests.request_user_type = 'requester'
GROUP BY user_requests.user_guid
HAVING COUNT(user_requests.request_id) > 1;
""")
for guid, in guids:
# get all User Requests with dups, excluding the first (since we need to change all but 1)
for ur in UserRequests.query.filter_by(
user_guid=guid,
request_user_type=user_type_request.REQUESTER).offset(1):
user = Users.query.filter_by(
guid=guid, auth_user_type=user_type_auth.ANONYMOUS_USER).one()
new_guid = generate_guid()
print("{} -> {}".format(guid, new_guid))
# create new anonymous requester with new guid
create_object(
Users(guid=new_guid,
auth_user_type=user_type_auth.ANONYMOUS_USER,
email=user.email,
first_name=user.first_name,
last_name=user.last_name,
title=user.title,
organization=user.organization,
email_validated=False,
terms_of_use_accepted=False,
phone_number=user.phone_number,
fax_number=user.fax_number,
mailing_address=user.mailing_address))
# update user request with new guid
update_object({"user_guid": new_guid}, UserRequests,
(ur.user_guid, ur.auth_user_type, ur.request_id))
def transfer_users(user_ids_to_guids, user):
"""
Agency users are determined by the presence of a department_id, otherwise
a user is stored as anonymous.
A user's first and last name and middle initial are parsed from `alias`.
:param user_ids_to_guids: empty dictionary that will be populated
"""
# get agency_ein and auth_user_type
auth_user_type = user_type_auth.AGENCY_LDAP_USER
is_active = False
if user.department_id:
CUR_V1.execute("SELECT name FROM department WHERE id = %s" % user.department_id)
agency_ein = AGENCY_V1_NAME_TO_EIN[CUR_V1.fetchone().name]
is_active = True
else:
agency_ein = None
auth_user_type = user_type_auth.ANONYMOUS_USER
mailing_address = create_mailing_address(
user.address1,
user.city,
user.state,
user.zipcode,
user.address2
)
name = HumanName(user.alias) # alias assumed never none
guid = generate_guid()
user_ids_to_guids[user.id] = guid
query = ("INSERT INTO users ("
"guid, "
"auth_user_type, "
"agency_ein, "
"is_super, "
"is_agency_active, "
"is_agency_admin, "
"first_name, "
"middle_initial, "
"last_name, "
"email, "
"email_validated, "
"terms_of_use_accepted, "
"title, "
"organization, "
"phone_number, "
"fax_number, "
"mailing_address) "
"VALUES(%s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s)")
CUR_V2.execute(query, (
guid, # guid
auth_user_type, # auth_user_type
agency_ein, # agency_ein
False, # is_super
user.is_staff, # is_agency_active
user.role == role_name.AGENCY_ADMIN, # is_agency_admin
name.first.title().strip(), # first_name
name.middle[0].upper() if name.middle else None, # middle_initial
name.last.title().strip(), # last_name
user.email, # email
is_active, # email_validated
is_active, # terms_of_user_accepted
None, # title
None, # organization
user.phone if user.phone != 'None' else None, # phone_number
user.fax if user.fax != 'None' else None, # fax_number
json.dumps(mailing_address) # mailing_address
))
def transfer_users(user_ids_to_guids, user):
"""
Agency users are determined by the presence of a department_id, otherwise
a user is stored as anonymous.
A user's first and last name and middle initial are parsed from `alias`.
:param user_ids_to_guids: empty dictionary that will be populated
"""
# get agency_ein and auth_user_type
auth_user_type = user_type_auth.AGENCY_LDAP_USER
is_active = False
if user.department_id:
CUR_V1.execute("SELECT name FROM department WHERE id = %s" %
user.department_id)
agency_ein = AGENCY_V1_NAME_TO_EIN[CUR_V1.fetchone().name]
is_active = True
else:
agency_ein = None
auth_user_type = user_type_auth.ANONYMOUS_USER
mailing_address = create_mailing_address(user.address1, user.city,
user.state, user.zipcode,
user.address2)
name = HumanName(user.alias) # alias assumed never none
guid = generate_guid()
user_ids_to_guids[user.id] = guid
query = (
"INSERT INTO users ("
"guid, "
"auth_user_type, "
"agency_ein, "
"is_super, "
"is_agency_active, "
"is_agency_admin, "
"first_name, "
"middle_initial, "
"last_name, "
"email, "
"email_validated, "
"terms_of_use_accepted, "
"title, "
"organization, "
"phone_number, "
"fax_number, "
"mailing_address) "
"VALUES(%s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s)"
)
CUR_V2.execute(
query,
(
guid, # guid
auth_user_type, # auth_user_type
agency_ein, # agency_ein
False, # is_super
user.is_staff, # is_agency_active
user.role == role_name.AGENCY_ADMIN, # is_agency_admin
name.first.title().strip(), # first_name
name.middle[0].upper() if name.middle else None, # middle_initial
name.last.title().strip(), # last_name
user.email, # email
is_active, # email_validated
is_active, # terms_of_user_accepted
None, # title
None, # organization
user.phone if user.phone != 'None' else None, # phone_number
user.fax if user.fax != 'None' else None, # fax_number
json.dumps(mailing_address) # mailing_address
))
def add_user():
"""Adds a user to the users and agency_users tables.
Returns:
Template with context.
"""
form = AddAgencyUserForm()
if form.validate_on_submit():
agency_ein = form.agency.data
first_name = form.first_name.data
last_name = form.last_name.data
email = form.email.data
user = Users.query.filter(
func.lower(Users.email) == email.lower(),
Users.is_nyc_employee == True).first()
if user is not None:
flash('{} {} has already been added.'.format(
first_name, last_name),
category='warning')
else:
new_user = Users(
guid=generate_guid(),
first_name=first_name,
last_name=last_name,
email=email,
email_validated=False,
is_nyc_employee=True,
is_anonymous_requester=False,
)
create_object(new_user)
agency_user = AgencyUsers(user_guid=new_user.guid,
agency_ein=agency_ein,
is_agency_active=False,
is_agency_admin=False,
is_primary_agency=True)
create_object(agency_user)
agency = Agencies.query.filter_by(ein=agency_ein).one()
admin_emails = get_agency_admin_emails(agency)
send_email(
subject='User {} Added'.format(new_user.fullname),
to=admin_emails,
template='email_templates/email_agency_user_added',
agency_name=agency.name,
name=new_user.fullname,
)
content_id = 'login_screenshot'
image = {
'path': current_app.config['LOGIN_IMAGE_PATH'],
'content_id': content_id
}
send_email(subject='OpenRecords Portal',
to=[new_user.email],
email_content=render_template(
'email_templates/email_user_added.html',
agency_name=agency.name,
content_id=content_id,
domain=new_user.email.split('@')[1],
name=new_user.fullname),
image=image)
send_email(
subject='User {} Added'.format(new_user.fullname),
to=[OPENRECORDS_DL_EMAIL],
email_content=
'{} has been added to OpenRecords. Add {} to the service desk.'
.format(new_user.fullname, new_user.email))
flash('{} has been added.'.format(new_user.fullname),
category='success')
return redirect(url_for('admin.add_user'))
return render_template('admin/add_user.html', form=form)