def resource_email(authtoken, args, files=None):
"""
Return user's email addresses.
"""
if "all" in args and getbool(args["all"]):
return {"email": unicode(authtoken.user.email), "all": [unicode(email) for email in authtoken.user.emails]}
else:
return {"email": unicode(authtoken.user.email)}
def resource_phone(authtoken, args, files=None):
"""
Return user's phone numbers.
"""
if "all" in args and getbool(args["all"]):
return {"phone": unicode(authtoken.user.phone), "all": [unicode(phone) for phone in authtoken.user.phones]}
else:
return {"phone": unicode(authtoken.user.phone)}
def resource_id(authtoken, args, files=None):
"""
Return user's id
"""
if "all" in args and getbool(args["all"]):
return get_userinfo(authtoken.user, authtoken.client, scope=authtoken.scope, get_permissions=True)
else:
return get_userinfo(authtoken.user, authtoken.client, scope=["id"], get_permissions=False)
def resource_id(authtoken, args, files=None):
"""
Return user's id
"""
if 'all' in args and getbool(args['all']):
return get_userinfo(authtoken.user, authtoken.client, scope=authtoken.scope, get_permissions=True)
else:
return get_userinfo(authtoken.user, authtoken.client, scope=['id'], get_permissions=False)
def login_listener(self, userinfo, token):
user = self.load_user_userinfo(userinfo,
token['access_token'],
update=True)
user.lastuser_token = token['access_token']
user.lastuser_token_type = token['token_type']
user.lastuser_token_scope = token['scope']
g.user = user
g.lastuserinfo = self.make_userinfo(user)
# Are we tracking teams? Sync data from Lastuser.
# TODO: Syncing the list of teams is an org-level operation, not a user-level operation.
# Move it out of here as there's a higher likelihood of database conflicts
if self.teammodel:
org_teams = self.lastuser.org_teams(
user.organizations_memberof_ids())
# TODO: If an org has revoked access to teams for this app, it won't be in org_teams
# We need to scan for teams in organizations that aren't in this list and revoke them
user_team_ids = [t['userid'] for t in user.userinfo['teams']]
# org_teams will be empty if this app's team_access flag isn't set in lastuser
for orgid, teams in org_teams.items():
# 1/4: Remove teams that are no longer in lastuser
removed_teams = self.teammodel.query.filter_by(
orgid=orgid).filter(~self.teammodel.userid.in_(
[t['userid'] for t in teams])).all()
for team in removed_teams:
self.db.session.delete(team)
for teamdata in teams:
# 2/4: Create teams
team = self.teammodel.query.filter_by(
userid=teamdata['userid']).first()
if team is None:
team = self.teammodel(userid=teamdata['userid'],
orgid=teamdata['org'],
title=teamdata['title'],
owners=getbool(
teamdata['owners']))
self.db.session.add(team)
else:
# Check if title has changed. The others will never change
if team.title != teamdata['title']:
team.title = teamdata['title']
if team.userid in user_team_ids:
# 3/4: Add user to teams they are in
if user not in team.users:
team.users.append(user)
else:
# 4/4: Remove users from teams they are no longer in
if user in team.users:
team.users.remove(user)
# Commit this so that token info is saved even if the user account is an existing account.
# This is called before the request is processed by the client app, so there should be no
# other data in the transaction
self.db.session.commit()
def resource_email(authtoken, args, files=None):
"""
Return user's email addresses.
"""
if 'all' in args and getbool(args['all']):
return {'email': unicode(authtoken.user.email),
'all': [unicode(email) for email in authtoken.user.emails]}
else:
return {'email': unicode(authtoken.user.email)}
def resource_phone(authtoken, args, files=None):
"""
Return user's phone numbers.
"""
if 'all' in args and getbool(args['all']):
return {'phone': unicode(authtoken.user.phone),
'all': [unicode(phone) for phone in authtoken.user.phones]}
else:
return {'phone': unicode(authtoken.user.phone)}
def resource_email(authtoken, args, files=None):
"""
Return user's email addresses.
"""
if 'all' in args and getbool(args['all']):
return {'email': unicode(authtoken.user.email),
'all': [unicode(email) for email in authtoken.user.emails]}
else:
return {'email': unicode(authtoken.user.email)}
def login_listener(self, userinfo, token):
user = self.load_user_userinfo(userinfo, token['access_token'], update=True)
user.lastuser_token = token['access_token']
user.lastuser_token_type = token['token_type']
user.lastuser_token_scope = token['scope']
g.user = user
g.lastuserinfo = self.make_userinfo(user)
# Are we tracking teams? Sync data from Lastuser.
# TODO: Syncing the list of teams is an org-level operation, not a user-level operation.
# Move it out of here as there's a higher likelihood of database conflicts
if self.teammodel:
org_teams = self.lastuser.org_teams(user.organizations_memberof_ids())
# TODO: If an org has revoked access to teams for this app, it won't be in org_teams
# We need to scan for teams in organizations that aren't in this list and revoke them
user_team_ids = [t['userid'] for t in user.userinfo['teams']]
# org_teams will be empty if this app's team_access flag isn't set in lastuser
for orgid, teams in org_teams.items():
# 1/4: Remove teams that are no longer in lastuser
removed_teams = self.teammodel.query.filter_by(orgid=orgid).filter(
~self.teammodel.userid.in_([t['userid'] for t in teams])).all()
for team in removed_teams:
self.db.session.delete(team)
for teamdata in teams:
# 2/4: Create teams
team = self.teammodel.query.filter_by(userid=teamdata['userid']).first()
if team is None:
team = self.teammodel(userid=teamdata['userid'],
orgid=teamdata['org'],
title=teamdata['title'],
owners=getbool(teamdata['owners']))
self.db.session.add(team)
else:
# Check if title has changed. The others will never change
if team.title != teamdata['title']:
team.title = teamdata['title']
if team.userid in user_team_ids:
# 3/4: Add user to teams they are in
if user not in team.users:
team.users.append(user)
else:
# 4/4: Remove users from teams they are no longer in
if user in team.users:
team.users.remove(user)
# Commit this so that token info is saved even if the user account is an existing account.
# This is called before the request is processed by the client app, so there should be no
# other data in the transaction
self.db.session.commit()
