def create_or_update_user_profile():
params = request.get_json()
profile = params.get('profile', None)
memberships = params.get('memberships', None)
delete_action = to_bool_or_none(util.get(params, 'deleteAction'))
if not profile or not profile.get('uid') or memberships is None:
raise errors.BadRequestError('Required parameters are missing')
authorized_user = _update_or_create_authorized_user(memberships,
profile,
include_deleted=True)
_delete_existing_memberships(authorized_user)
_create_department_memberships(authorized_user, memberships)
if delete_action is True and not authorized_user.deleted_at:
AuthorizedUser.delete(authorized_user.uid)
elif delete_action is False and authorized_user.deleted_at:
AuthorizedUser.un_delete(authorized_user.uid)
user_id = authorized_user.id
UserSession.flush_cache_for_id(user_id)
updated_user = AuthorizedUser.find_by_id(user_id, include_deleted=True)
users_json = authorized_users_api_feed([updated_user])
return tolerant_jsonify(users_json and users_json[0])
def all_user_profiles():
# This feature is not available in production
if app.config['DEVELOPER_AUTH_ENABLED']:
users = AuthorizedUser.query.all()
return tolerant_jsonify(authorized_users_api_feed(users))
else:
raise errors.ResourceNotFoundError('Unknown path')
def _get_boa_user_groups(sort_users_by=None):
depts = {}
def _put(_dept_code, _user):
if _dept_code not in depts:
if _dept_code == 'ADMIN':
dept_name = 'Admins'
elif _dept_code == 'GUEST':
dept_name = 'Guest Access'
elif _dept_code == 'NOTESONLY':
dept_name = 'Notes Only'
else:
dept_name = BERKELEY_DEPT_CODE_TO_NAME.get(
_dept_code, _dept_code)
depts[_dept_code] = {
'code': _dept_code,
'name': dept_name,
'users': [],
}
depts[_dept_code]['users'].append(_user)
for user in AuthorizedUser.get_all_active_users():
if user.is_admin:
_put('ADMIN', user)
if user.can_access_canvas_data:
for m in user.department_memberships:
_put(m.university_dept.dept_code, user)
else:
_put('NOTESONLY', user)
user_groups = []
for dept_code, dept in depts.items():
dept['users'] = authorized_users_api_feed(dept['users'], sort_users_by)
user_groups.append(dept)
return sorted(user_groups, key=lambda dept: dept['name'])
def user_by_uid(uid):
ignore_deleted = to_bool_or_none(util.get(request.args, 'ignoreDeleted'))
user = _find_user_by_uid(uid, ignore_deleted)
if user:
users_feed = authorized_users_api_feed([user])
return tolerant_jsonify(users_feed[0])
else:
raise errors.ResourceNotFoundError('User not found')
def _get_coe_profiles():
users = list(
filter(lambda user: '******' in get_dept_codes(user),
AuthorizedUser.query.all()))
profiles = []
for user in authorized_users_api_feed(users):
uid = user['uid']
first_name = user.get('firstName')
last_name = user.get('lastName')
name = f'{first_name} {last_name}' if first_name or last_name else uid
profiles.append({'name': name, 'value': uid})
return sorted(profiles, key=lambda p: p['name'])
def get_admin_users():
params = request.get_json()
ignore_deleted = to_bool_or_none(util.get(params, 'ignoreDeleted'))
users = AuthorizedUser.get_admin_users(
ignore_deleted=True if ignore_deleted is None else ignore_deleted)
return tolerant_jsonify({
'users':
authorized_users_api_feed(
users,
sort_by=util.get(params, 'sortBy'),
sort_descending=to_bool_or_none(util.get(params,
'sortDescending')),
),
'totalUserCount':
len(users),
})
def _department_data(d):
scheduler_response = AuthorizedUser.get_users(
deleted=False,
dept_code=d['code'],
role='scheduler',
)
scheduler_data = [
_distill_scheduler_data(s)
for s in authorized_users_api_feed(scheduler_response[0],
sort_by='lastName')
]
return {
'code': d['code'],
'name': d['name'],
'schedulers': scheduler_data,
}
def all_users():
params = request.get_json()
users, total_user_count = AuthorizedUser.get_users(
blocked=to_bool_or_none(util.get(params, 'blocked')),
deleted=to_bool_or_none(util.get(params, 'deleted')),
dept_code=util.get(params, 'deptCode', None),
role=util.get(params, 'role', None) or None,
)
return tolerant_jsonify({
'users':
authorized_users_api_feed(
users,
sort_by=util.get(params, 'sortBy', 'lastName'),
sort_descending=to_bool_or_none(
util.get(params, 'sortDescending', False)),
),
'totalUserCount':
total_user_count,
})
def _get_boa_users():
users = []
def _put(_dept, _user):
users.append({
'last_name':
_user.get('lastName') or '',
'first_name':
_user.get('firstName') or '',
'uid':
_user.get('uid'),
'title':
_user.get('title'),
'email':
_user.get('campusEmail') or _user.get('email'),
'department':
_describe_dept_roles(_dept),
'appointment_roles':
_describe_appointment_roles(_dept,
_user.get('dropInAdvisorStatus'),
_user.get('sameDayAdvisorStatus')),
'can_access_advising_data':
_user.get('canAccessAdvisingData'),
'can_access_canvas_data':
_user.get('canAccessCanvasData'),
'is_blocked':
_user.get('isBlocked'),
'last_login':
_user.get('lastLogin'),
})
admin_dept = {
'code': 'ADMIN',
'name': 'Admins',
}
for user in authorized_users_api_feed(
AuthorizedUser.get_all_active_users()):
if user.get('isAdmin'):
_put(admin_dept, user)
for dept in user.get('departments'):
_put(dept, user)
return users
def _advisor_attrs_for_uid(advisor_uid):
authorized_user = AuthorizedUser.find_by_uid(advisor_uid)
if not authorized_user:
return None
api_feeds = authorized_users_api_feed([authorized_user])
if not api_feeds:
return None
api_feed = api_feeds[0]
if next((d for d in api_feed['departments'] if d['role'] == 'scheduler'), False):
role = 'Intake Desk'
else:
role = api_feed.get('title') or 'Advisor'
return {
'id': authorized_user.id,
'uid': advisor_uid,
'name': api_feed['name'],
'role': role,
'deptCodes': [d['code'] for d in api_feed.get('departments', [])],
}
def get_users_report(dept_code):
dept_code = dept_code.upper()
dept_name = BERKELEY_DEPT_CODE_TO_NAME.get(dept_code)
if dept_name:
if current_user.is_admin or _current_user_is_director_of(dept_code):
users, total_user_count = AuthorizedUser.get_users(
deleted=False, dept_code=dept_code)
users = authorized_users_api_feed(users, sort_by='lastName')
note_count_per_user = get_note_count_per_user(dept_code)
for user in users:
user['notesCreated'] = note_count_per_user.get(user['uid'], 0)
return tolerant_jsonify({
'users': users,
'totalUserCount': total_user_count,
})
else:
raise ForbiddenRequestError(
f'You are unauthorized to view {dept_name} reports')
else:
raise ResourceNotFoundError(
f'Unrecognized department code {dept_code}')
def _get_boa_users(sort_user_by=None):
users = AuthorizedUser.get_all_users()
return authorized_users_api_feed(users, sort_user_by)