def put(task_id): """Update a task.""" request_json = request.get_json() token = g.jwt_oidc_token_info valid_format, errors = schema_utils.validate(request_json, 'task_request') if not valid_format: return {'message': schema_utils.serialize(errors)}, http_status.HTTP_400_BAD_REQUEST try: task = TaskService(TaskModel.find_by_task_id(task_id)) if task: # Update task and its relationships origin = request.environ.get('HTTP_ORIGIN', 'localhost') response, status = task.update_task(task_info=request_json, token_info=token, origin_url=origin).as_dict(), http_status.HTTP_200_OK else: response, status = {'message': 'The requested task could not be found.'}, \ http_status.HTTP_404_NOT_FOUND except BusinessException as exception: response, status = {'code': exception.code, 'message': exception.message}, exception.status_code return response, status
def put(org_id): """Update the org specified by the provided id with the request body.""" request_json = request.get_json() valid_format, errors = schema_utils.validate(request_json, 'org') token_info = g.jwt_oidc_token_info if not valid_format: return { 'message': schema_utils.serialize(errors) }, http_status.HTTP_400_BAD_REQUEST try: org = OrgService.find_by_org_id(org_id, allowed_roles=(*CLIENT_ADMIN_ROLES, STAFF)) if org and org.as_dict().get('accessType', None) == AccessType.ANONYMOUS.value and \ Role.STAFF_CREATE_ACCOUNTS.value not in token_info.get('realm_access').get('roles'): return {'message': 'The organisation can only be updated by a staff admin.'}, \ http_status.HTTP_401_UNAUTHORIZED if org: response, status = org.update_org(org_info=request_json).as_dict(), \ http_status.HTTP_200_OK else: response, status = {'message': 'The requested organization could not be found.'}, \ http_status.HTTP_404_NOT_FOUND except BusinessException as exception: response, status = { 'code': exception.code, 'message': exception.message }, exception.status_code return response, status
def post(): """Post a new user using the request body (which will contain a JWT). If the user already exists, update the name. """ token = g.jwt_oidc_token_info try: request_json = request.get_json(silent=True) # For BCeID users validate schema. if token.get('loginSource', None) == LoginSource.BCEID.value and request_json is not None: valid_format, errors = schema_utils.validate(request_json, 'user') if not valid_format: return {'message': schema_utils.serialize(errors)}, http_status.HTTP_400_BAD_REQUEST user = UserService.save_from_jwt_token(token, request_json) response, status = user.as_dict(), http_status.HTTP_201_CREATED # Add the user to public_users group if the user doesn't have public_user group if token.get('loginSource', '') != LoginSource.STAFF.value: KeycloakService.join_users_group(token) # For anonymous users, there are no invitation process for members, # so whenever they login perform this check and add them to corresponding groups if token.get('loginSource', '') == LoginSource.BCROS.value: if len(OrgService.get_orgs(user.identifier, [Status.ACTIVE.value])) > 0: KeycloakService.join_account_holders_group() except BusinessException as exception: response, status = {'code': exception.code, 'message': exception.message}, exception.status_code return response, status
def post(): """Post a new user using the request body who has a proper invitation.""" try: request_json = request.get_json() invitation_token = request.headers.get('invitation_token', None) invitation = InvitationService.validate_token(invitation_token).as_dict() valid_format, errors = schema_utils.validate(request_json, 'anonymous_user') if not valid_format: return {'message': schema_utils.serialize(errors)}, http_status.HTTP_400_BAD_REQUEST membership_details = { 'email': invitation['recipientEmail'], 'membershipType': invitation['membership'][0]['membershipType'], 'update_password_on_login': False } membership_details.update(request_json) user = UserService.create_user_and_add_membership([membership_details], invitation['membership'][0]['org']['id'], single_mode=True) user_dict = user['users'][0] if user_dict['http_status'] != http_status.HTTP_201_CREATED: response, status = {'code': user_dict['http_status'], 'message': user_dict['error']}, user_dict[ 'http_status'] else: InvitationService.accept_invitation(invitation['id'], None, None, False) response, status = user, http_status.HTTP_201_CREATED except BusinessException as exception: response, status = {'code': exception.code, 'message': exception.message}, exception.status_code return response, status
def post(org_id): """Create a new contact for the specified org.""" request_json = request.get_json() valid_format, errors = schema_utils.validate(request_json, 'contact') if not valid_format: return { 'message': schema_utils.serialize(errors) }, http_status.HTTP_400_BAD_REQUEST try: org = OrgService.find_by_org_id(org_id, g.jwt_oidc_token_info, allowed_roles=CLIENT_ADMIN_ROLES) if org: response, status = org.add_contact( request_json).as_dict(), http_status.HTTP_201_CREATED else: response, status = {'message': 'The requested organization could not be found.'}, \ http_status.HTTP_404_NOT_FOUND except BusinessException as exception: response, status = { 'code': exception.code, 'message': exception.message }, exception.status_code return response, status
def put(org_id): """Update the org specified by the provided id with the request body.""" request_json = request.get_json() valid_format, errors = schema_utils.validate(request_json, 'org') if not valid_format: return { 'message': schema_utils.serialize(errors) }, http_status.HTTP_400_BAD_REQUEST try: org = OrgService.find_by_org_id(org_id, g.jwt_oidc_token_info, allowed_roles=CLIENT_ADMIN_ROLES) if org: response, status = org.update_org( request_json).as_dict(), http_status.HTTP_200_OK else: response, status = {'message': 'The requested organization could not be found.'}, \ http_status.HTTP_404_NOT_FOUND except BusinessException as exception: response, status = { 'code': exception.code, 'message': exception.message }, exception.status_code return response, status
def post(org_id): """Post a new product subscription to the org using the request body.""" request_json = request.get_json() valid_format, errors = schema_utils.validate( request_json, 'org_product_subscription') if not valid_format: return { 'message': schema_utils.serialize(errors) }, http_status.HTTP_400_BAD_REQUEST try: subscriptions = OrgService.create_product_subscription( org_id, request_json) if subscriptions is None: response, status = {'message': 'Not authorized to perform this action'}, \ http_status.HTTP_401_UNAUTHORIZED else: response, status = {'subscriptions': ProductSubscriptionSchema().dump(subscriptions, many=True)}, \ http_status.HTTP_201_CREATED except BusinessException as exception: response, status = { 'code': exception.code, 'message': exception.message }, exception.status_code return response, status
def put(business_identifier): """Update the business contact for the Entity identified by the provided id.""" request_json = request.get_json() valid_format, errors = schema_utils.validate(request_json, 'contact') if not valid_format: return { 'message': schema_utils.serialize(errors) }, http_status.HTTP_400_BAD_REQUEST try: entity = EntityService.find_by_business_identifier( business_identifier, token_info=g.jwt_oidc_token_info, allowed_roles=ALL_ALLOWED_ROLES) if entity: response, status = entity.update_contact(request_json).as_dict(), \ http_status.HTTP_200_OK else: response, status = {'message': 'The requested business could not be found.'}, \ http_status.HTTP_404_NOT_FOUND except BusinessException as exception: response, status = { 'code': exception.code, 'message': exception.message }, exception.status_code return response, status
def patch(business_identifier): """Update an existing business by it's business number.""" request_json = request.get_json() valid_format, errors = schema_utils.validate(request_json, 'entity') if not valid_format: return { 'message': schema_utils.serialize(errors) }, http_status.HTTP_400_BAD_REQUEST try: entity = EntityService.update_entity( business_identifier, request_json, token_info=g.jwt_oidc_token_info) if entity is not None: response, status = entity.as_dict(), http_status.HTTP_200_OK else: response, status = {'message': 'A business for {} was not found.'.format(business_identifier)}, \ http_status.HTTP_404_NOT_FOUND except BusinessException as exception: response, status = { 'code': exception.code, 'message': exception.message }, exception.status_code return response, status
def post(): """Post a new Entity using the request body.""" request_json = request.get_json() # If the record exists, just return existing record. entity = EntityService.find_by_business_identifier( request_json.get('businessIdentifier'), token_info=g.jwt_oidc_token_info, allowed_roles=ALL_ALLOWED_ROLES) if entity: return entity.as_dict(), http_status.HTTP_202_ACCEPTED valid_format, errors = schema_utils.validate(request_json, 'entity') if not valid_format: return { 'message': schema_utils.serialize(errors) }, http_status.HTTP_400_BAD_REQUEST try: response, status = EntityService.save_entity( request_json).as_dict(), http_status.HTTP_201_CREATED except BusinessException as exception: response, status = { 'code': exception.code, 'message': exception.message }, exception.status_code return response, status
def patch(username): """Patch the user profile associated with the provided username. User only for patching the password. """ try: request_json = request.get_json() valid_format, errors = schema_utils.validate( request_json, 'anonymous_user') if not valid_format: return { 'message': schema_utils.serialize(errors) }, http_status.HTTP_400_BAD_REQUEST user = UserService.find_by_username(username) if user is None: response, status = {'message': 'User {} does not exist.'.format(username)}, \ http_status.HTTP_404_NOT_FOUND elif user.as_dict().get('type', None) != Role.ANONYMOUS_USER.name: response, status = { 'Normal users cant be patched', http_status.HTTP_501_NOT_IMPLEMENTED } else: UserService.reset_password_for_anon_user( request_json, username, token_info=g.jwt_oidc_token_info) response, status = '', http_status.HTTP_204_NO_CONTENT except BusinessException as exception: response, status = { 'code': exception.code, 'message': exception.message }, exception.status_code return response, status
def patch(business_identifier): """Update an existing business by it's business number.""" request_json = request.get_json() valid_format, errors = schema_utils.validate(request_json, 'entity') if not valid_format: return {'message': schema_utils.serialize(errors)}, http_status.HTTP_400_BAD_REQUEST passcode_reset = request_json.get('resetPasscode', False) try: if passcode_reset: entity = EntityService.reset_passcode(business_identifier, email_addresses=request_json.get('passcodeResetEmail', None)) else: entity = EntityService.update_entity(business_identifier, request_json) if entity is not None: response, status = entity.as_dict(), http_status.HTTP_200_OK else: response, status = {'message': 'A business for {} was not found.'.format(business_identifier)}, \ http_status.HTTP_404_NOT_FOUND except BusinessException as exception: response, status = {'code': exception.code, 'message': exception.message}, exception.status_code return response, status
def post(org_id): """Post a new Affiliation for an org using the request body.""" request_json = request.get_json() valid_format, errors = schema_utils.validate(request_json, 'affiliation') bearer_token = request.headers['Authorization'].replace('Bearer ', '') if not valid_format: return { 'message': schema_utils.serialize(errors) }, http_status.HTTP_400_BAD_REQUEST try: response, status = AffiliationService.create_affiliation( org_id, request_json.get('businessIdentifier'), request_json.get('passCode'), token_info=g.jwt_oidc_token_info, bearer_token=bearer_token).as_dict( ), http_status.HTTP_201_CREATED except BusinessException as exception: response, status = { 'code': exception.code, 'message': exception.message }, exception.status_code return response, status
def post(): """Post a new user using the request body (which will contain a JWT). If the user already exists, update the name. """ token = g.jwt_oidc_token_info try: request_json = request.get_json(silent=True) # For BCeID users validate schema. if token.get('loginSource', None) == LoginSource.BCEID.value and request_json is not None: valid_format, errors = schema_utils.validate(request_json, 'user') if not valid_format: return {'message': schema_utils.serialize(errors)}, http_status.HTTP_400_BAD_REQUEST user = UserService.save_from_jwt_token(token, request_json) response, status = user.as_dict(), http_status.HTTP_201_CREATED # Add the user to public_users group if the user doesn't have public_user group KeycloakService.join_users_group(token) # If the user doesn't have account_holder role check if user is part of any orgs and add to the group if token.get('loginSource', '') in \ (LoginSource.BCSC.value, LoginSource.BCROS.value, LoginSource.BCEID.value) \ and Role.ACCOUNT_HOLDER.value not in token.get('roles', []) \ and len(OrgService.get_orgs(user.identifier, [Status.ACTIVE.value])) > 0: KeycloakService.join_account_holders_group() except BusinessException as exception: response, status = {'code': exception.code, 'message': exception.message}, exception.status_code return response, status
def post(): """Post a new org using the request body. If the org already exists, update the attributes. """ token = g.jwt_oidc_token_info request_json = request.get_json() valid_format, errors = schema_utils.validate(request_json, 'org') if not valid_format: return { 'message': schema_utils.serialize(errors) }, http_status.HTTP_400_BAD_REQUEST try: user = UserService.find_by_jwt_token(token) if user is None: response, status = {'message': 'Not authorized to perform this action'}, \ http_status.HTTP_401_UNAUTHORIZED return response, status bearer_token = request.headers['Authorization'].replace( 'Bearer ', '') response, status = OrgService.create_org( request_json, user.identifier, token, bearer_token=bearer_token).as_dict( ), http_status.HTTP_201_CREATED except BusinessException as exception: response, status = { 'code': exception.code, 'message': exception.message }, exception.status_code return response, status
def put(org_id): """Update an existing contact for the specified org.""" request_json = request.get_json() valid_format, errors = schema_utils.validate(request_json, 'contact') if not valid_format: return {'message': schema_utils.serialize(errors)}, http_status.HTTP_400_BAD_REQUEST try: response, status = OrgService.update_contact(org_id, request_json).as_dict(), http_status.HTTP_200_OK except BusinessException as exception: response, status = {'code': exception.code, 'message': exception.message}, exception.status_code return response, status
def put(business_identifier): """Update the business contact for the Entity identified by the provided id.""" request_json = request.get_json() valid_format, errors = schema_utils.validate(request_json, 'contact') if not valid_format: return {'message': schema_utils.serialize(errors)}, http_status.HTTP_400_BAD_REQUEST try: response, status = EntityService.update_contact(business_identifier, request_json).as_dict(), \ http_status.HTTP_200_OK except BusinessException as exception: response, status = {'code': exception.code, 'message': exception.message}, exception.status_code return response, status
def put(): """Update an existing contact for the user associated with the JWT in the authorization header.""" token = g.jwt_oidc_token_info request_json = request.get_json() valid_format, errors = schema_utils.validate(request_json, 'contact') if not valid_format: return {'message': schema_utils.serialize(errors)}, http_status.HTTP_400_BAD_REQUEST try: response, status = UserService.update_contact(token, request_json).as_dict(), http_status.HTTP_200_OK except BusinessException as exception: response, status = {'code': exception.code, 'message': exception.message}, exception.status_code return response, status
def post(org_id): """Create new api key for the org.""" request_json = request.get_json() valid_format, errors = schema_utils.validate(request_json, 'api_key') if not valid_format: return {'message': schema_utils.serialize(errors)}, http_status.HTTP_400_BAD_REQUEST try: response, status = ApiGatewayService.create_key(org_id, request_json), http_status.HTTP_201_CREATED except BusinessException as exception: response, status = {'code': exception.code, 'message': exception.message}, exception.status_code return response, status
def post(): """Post a new Entity using the request body.""" request_json = request.get_json() valid_format, errors = schema_utils.validate(request_json, 'entity') if not valid_format: return {'message': schema_utils.serialize(errors)}, http_status.HTTP_400_BAD_REQUEST try: response, status = EntityService.save_entity(request_json).as_dict(), http_status.HTTP_201_CREATED except BusinessException as exception: response, status = {'code': exception.code, 'message': exception.message}, exception.status_code return response, status
def put(org_id): """Update the org specified by the provided id with the request body.""" org = OrgService.find_by_org_id(org_id) request_json = request.get_json() valid_format, errors = schema_utils.validate(request_json, 'org') if not valid_format: return {'message': schema_utils.serialize(errors)}, http_status.HTTP_400_BAD_REQUEST try: response, status = org.update_org(request_json).as_dict(), http_status.HTTP_200_OK except BusinessException as exception: response, status = {'code': exception.code, 'message': exception.message}, exception.status_code return response, status
def post(): """Send a new invitation using the details in request and saves the invitation.""" origin = request.environ.get('HTTP_ORIGIN', 'localhost') request_json = request.get_json() valid_format, errors = schema_utils.validate(request_json, 'invitation') if not valid_format: return {'message': schema_utils.serialize(errors)}, http_status.HTTP_400_BAD_REQUEST try: user = UserService.find_by_jwt_token() response, status = InvitationService.create_invitation(request_json, user, origin).as_dict(), \ http_status.HTTP_201_CREATED except BusinessException as exception: response, status = {'code': exception.code, 'message': exception.message}, exception.status_code return response, status
def post(): """Post a new Entity using the request body.""" request_json = request.get_json() valid_format, errors = schema_utils.validate(request_json, 'entity') if not valid_format: return {'message': schema_utils.serialize(errors)}, http_status.HTTP_400_BAD_REQUEST try: response, status = EntityService.create_entity(request_json).as_dict(), http_status.HTTP_201_CREATED except BusinessException as exception: response, status = {'code': exception.code, 'message': exception.message}, exception.status_code except exc.IntegrityError: response, status = {'message': 'Business with specified identifier already exists.'}, \ http_status.HTTP_409_CONFLICT return response, status
def post(): """Admin users can post multiple users to his org.Use it for anonymous purpose only.""" try: request_json = request.get_json() valid_format, errors = schema_utils.validate(request_json, 'bulk_user') token = g.jwt_oidc_token_info if not valid_format: return {'message': schema_utils.serialize(errors)}, http_status.HTTP_400_BAD_REQUEST users = UserService.create_user_and_add_membership(request_json['users'], request_json['orgId'], token) response, status = users, http_status.HTTP_201_CREATED except BusinessException as exception: response, status = {'code': exception.code, 'message': exception.message}, exception.status_code return response, status
def post(user_guid): """Create affidavit record for the user.""" token = g.jwt_oidc_token_info request_json = request.get_json() if token.get('sub', None) != user_guid: abort(403) valid_format, errors = schema_utils.validate(request_json, 'affidavit') if not valid_format: return {'message': schema_utils.serialize(errors)}, http_status.HTTP_400_BAD_REQUEST try: response, status = AffidavitService.create_affidavit(token, request_json).as_dict(), http_status.HTTP_200_OK except BusinessException as exception: response, status = {'code': exception.code, 'message': exception.message}, exception.status_code return response, status
def put(org_id): """Update an existing contact for the specified org.""" request_json = request.get_json() valid_format, errors = schema_utils.validate(request_json, 'contact') if not valid_format: return {'message': schema_utils.serialize(errors)}, http_status.HTTP_400_BAD_REQUEST try: org = OrgService.find_by_org_id(org_id) if org: response, status = org.update_contact(request_json).as_dict(), http_status.HTTP_200_OK else: response, status = {'message': 'The requested organization could not be found.'}, \ http_status.HTTP_404_NOT_FOUND except BusinessException as exception: response, status = {'code': exception.code, 'message': exception.message}, exception.status_code return response, status
def patch(): """Update terms of service for the user.""" token = g.jwt_oidc_token_info request_json = request.get_json() valid_format, errors = schema_utils.validate(request_json, 'termsofuse') if not valid_format: return {'message': schema_utils.serialize(errors)}, http_status.HTTP_400_BAD_REQUEST version = request_json['termsversion'] is_terms_accepted = request_json['istermsaccepted'] try: response, status = UserService.update_terms_of_use(token, is_terms_accepted, version).as_dict(), \ http_status.HTTP_200_OK except BusinessException as exception: response, status = {'code': exception.code, 'message': exception.message}, exception.status_code return response, status
def post(): """Create a new contact for the user associated with the JWT in the authorization header.""" request_json = request.get_json() valid_format, errors = schema_utils.validate(request_json, 'contact') if not valid_format: return { 'message': schema_utils.serialize(errors) }, http_status.HTTP_400_BAD_REQUEST try: response, status = UserService.add_contact( request_json).as_dict(), http_status.HTTP_201_CREATED except BusinessException as exception: response, status = { 'code': exception.code, 'message': exception.message }, exception.status_code return response, status
def put(org_id): """Update the org specified by the provided id with the request body.""" request_json = request.get_json() action = request.args.get('action', '').upper() valid_format, errors = schema_utils.validate(request_json, 'org') toke_info = g.jwt_oidc_token_info bearer_token = request.headers['Authorization'].replace('Bearer ', '') origin = request.environ.get('HTTP_ORIGIN', 'localhost') if not valid_format: return { 'message': schema_utils.serialize(errors) }, http_status.HTTP_400_BAD_REQUEST try: org = OrgService.find_by_org_id(org_id, g.jwt_oidc_token_info, allowed_roles=(*CLIENT_ADMIN_ROLES, STAFF)) if org and org.as_dict().get('accessType', None) == AccessType.ANONYMOUS.value and \ Role.STAFF_CREATE_ACCOUNTS.value not in toke_info.get('realm_access').get('roles'): return {'message': 'The organisation can only be updated by a staff admin.'}, \ http_status.HTTP_401_UNAUTHORIZED if org: if action in (ChangeType.DOWNGRADE.value, ChangeType.UPGRADE.value): response, status = org.change_org_ype( request_json, action, bearer_token).as_dict(), http_status.HTTP_200_OK else: response, status = org.update_org(org_info=request_json, token_info=toke_info, bearer_token=bearer_token, origin_url=origin).as_dict(), \ http_status.HTTP_200_OK else: response, status = {'message': 'The requested organization could not be found.'}, \ http_status.HTTP_404_NOT_FOUND except BusinessException as exception: response, status = { 'code': exception.code, 'message': exception.message }, exception.status_code return response, status
def post(org_id): """Post a new product subscription to the org using the request body.""" request_json = request.get_json() valid_format, errors = schema_utils.validate( request_json, 'org_product_subscription') if not valid_format: return { 'message': schema_utils.serialize(errors) }, http_status.HTTP_400_BAD_REQUEST try: subscriptions = ProductService.create_product_subscription( org_id, request_json) response, status = { 'subscriptions': subscriptions }, http_status.HTTP_201_CREATED except BusinessException as exception: response, status = { 'code': exception.code, 'message': exception.message }, exception.status_code return response, status