def delete_organisation_invitation(id):
organisation_invitation = _organisation_invitation_query() \
.filter(OrganisationInvitation.id == id) \
.one()
confirm_organisation_admin(organisation_invitation.organisation_id)
return delete(OrganisationInvitation, id)
def delete_service_invitation(id):
service_invitation = _service_invitation_query() \
.filter(ServiceInvitation.id == id) \
.one()
confirm_service_admin(service_invitation.service_id)
return delete(ServiceInvitation, id)
def _do_cleanup_non_open_requests(app):
with app.app_context():
cfq = app.app_config.user_requests_retention
current_time = datetime.datetime.utcnow()
retention_date = current_time - datetime.timedelta(days=cfq.outstanding_join_request_days_threshold)
start = int(time.time() * 1000.0)
logger = logging.getLogger("scheduler")
logger.info("Start running cleanup_non_open_requests job")
collaboration_requests = CollaborationRequest.query \
.options(selectinload(CollaborationRequest.organisation)) \
.filter(CollaborationRequest.created_at < retention_date) \
.filter(CollaborationRequest.status != "open") \
.all()
collaboration_join_requests = JoinRequest.query \
.options(selectinload(JoinRequest.collaboration)) \
.filter(JoinRequest.created_at < retention_date) \
.filter(JoinRequest.status != "open") \
.all()
collaboration_requests_json = []
for cr in collaboration_requests:
logger.info(f"Deleting CollaborationRequest {cr.name} made by {cr.requester.name} "
f"in organisation {cr.organisation.name} with status {cr.status}")
collaboration_requests_json.append(jsonify(cr).json)
delete(CollaborationRequest, cr.id)
collaboration_join_requests_json = []
for cjr in collaboration_join_requests:
logger.info(f"Deleting JoinRequest made by {cjr.user.name} "
f"for {cjr.collaboration.name} with status {cjr.status}")
collaboration_join_requests_json.append(jsonify(cjr).json)
delete(JoinRequest, cjr.id)
end = int(time.time() * 1000.0)
logger.info(f"Finished running cleanup_non_open_requests job in {end - start} ms")
return {"collaboration_requests": collaboration_requests_json,
"collaboration_join_requests": collaboration_join_requests_json}
def organisation_invitations_accept():
organisation_invitation = _organisation_invitation_query() \
.filter(OrganisationInvitation.hash == current_request.get_json()["hash"]) \
.one()
if organisation_invitation.expiry_date and organisation_invitation.expiry_date < datetime.datetime.now():
delete(OrganisationInvitation, organisation_invitation.id)
raise Conflict(f"The invitation has expired at {organisation_invitation.expiry_date}")
organisation = organisation_invitation.organisation
user_id = current_user_id()
if organisation.is_member(user_id):
raise Conflict(f"User {user_id} is already a member of {organisation.name}")
user_uid = organisation_invitation.user.uid
organisation_membership = OrganisationMembership(user_id=user_id,
organisation_id=organisation.id,
role=organisation_invitation.intended_role,
created_by=user_uid,
updated_by=user_uid)
organisation.organisation_memberships.append(organisation_membership)
organisation.organisation_invitations.remove(organisation_invitation)
return None, 201
def service_invitations_accept():
service_invitation = _service_invitation_query() \
.filter(ServiceInvitation.hash == current_request.get_json()["hash"]) \
.one()
if service_invitation.expiry_date and service_invitation.expiry_date < datetime.datetime.now():
delete(ServiceInvitation, service_invitation.id)
raise Conflict(f"The invitation has expired at {service_invitation.expiry_date}")
service = service_invitation.service
user_id = current_user_id()
if service.is_member(user_id):
raise Conflict(f"User {user_id} is already a member of {service.name}")
user_uid = service_invitation.user.uid
service_membership = ServiceMembership(user_id=user_id,
service_id=service.id,
role=service_invitation.intended_role,
created_by=user_uid,
updated_by=user_uid)
service.service_memberships.append(service_membership)
service.service_invitations.remove(service_invitation)
return None, 201
def invitations_accept():
invitation = _invitation_query() \
.filter(Invitation.hash == current_request.get_json()["hash"]) \
.one()
if invitation.status != "open":
raise Conflict(f"The invitation has status {invitation.status}")
if invitation.expiry_date and invitation.expiry_date < datetime.datetime.now():
if invitation.external_identifier:
invitation.status = "expired"
db.session.merge(invitation)
db.session.commit()
else:
delete(Invitation, invitation.id)
raise Conflict(f"The invitation has expired at {invitation.expiry_date}")
collaboration = invitation.collaboration
user_id = current_user_id()
if collaboration.is_member(user_id):
delete(Invitation, invitation.id)
raise Conflict(f"User {user_id} is already a member of {collaboration.name}")
role = invitation.intended_role if invitation.intended_role else "member"
collaboration_membership = CollaborationMembership(user_id=user_id,
collaboration_id=collaboration.id,
role=role,
expiry_date=invitation.membership_expiry_date,
created_by=invitation.user.uid,
updated_by=invitation.user.uid)
if invitation.external_identifier:
collaboration_membership.invitation_id = invitation.id
collaboration_membership = db.session.merge(collaboration_membership)
# We need the persistent identifier of the collaboration_membership which will be generated after the delete-commit
if invitation.external_identifier:
invitation.status = "accepted"
db.session.merge(invitation)
db.session.commit()
else:
delete(Invitation, invitation.id)
# ensure all authorisation group membership are added
groups = invitation.groups + list(filter(lambda ag: ag.auto_provision_members, collaboration.groups))
for group in set(list({ag.id: ag for ag in groups}.values())):
group.collaboration_memberships.append(collaboration_membership)
db.session.merge(group)
add_user_aups(collaboration, user_id)
res = {'collaboration_id': collaboration.id, 'user_id': user_id}
return res, 201
def delete_invitation(invitation_id):
invitation = Invitation.query.filter(Invitation.id == invitation_id).one()
confirm_collaboration_admin(invitation.collaboration_id)
return delete(Invitation, invitation_id)
def delete_api_key(api_key_id):
organisation_id = ApiKey.query.get(api_key_id).organisation_id
confirm_organisation_admin(organisation_id)
return delete(ApiKey, api_key_id)
def delete_group(group_id):
group = Group.query.filter(Group.id == group_id).one()
confirm_collaboration_admin(group.collaboration_id)
return delete(Group, group_id)
def delete_join_request(join_request_id):
join_request = JoinRequest.query.get(join_request_id)
confirm_collaboration_admin(join_request.collaboration_id)
if join_request.status == STATUS_OPEN:
raise BadRequest("Join request with status 'open' can not be deleted")
return delete(JoinRequest, join_request_id)
def delete_collaboration(id):
confirm_collaboration_admin(id)
return delete(Collaboration, id)
def delete_service_group(service_group_id):
confirm_write_access()
# Return 404 if not found
ServiceGroup.query.filter(ServiceGroup.id == service_group_id).one()
return delete(ServiceGroup, service_group_id)
def delete_service(service_id):
confirm_write_access()
return delete(Service, service_id)
def delete_service_request_connection(service_connection_request_id):
service_connection_request = ServiceConnectionRequest.query.get(service_connection_request_id)
confirm_collaboration_admin(service_connection_request.collaboration_id)
return delete(ServiceConnectionRequest, service_connection_request_id)
def delete_api_key(user_token_id):
user_token = UserToken.query.get(user_token_id)
if current_user_id() != user_token.user_id:
raise Forbidden("Can not delete user_token from someone else")
return delete(UserToken, user_token_id)
def delete_organisation(id):
confirm_write_access()
return delete(Organisation, id)
def delete_request_collaboration(collaboration_request_id):
collaboration_request = CollaborationRequest.query.get(collaboration_request_id)
confirm_organisation_admin_or_manager(collaboration_request.organisation_id)
if collaboration_request.status == STATUS_OPEN:
raise BadRequest("Collaboration request with status 'open' can not be deleted")
return delete(CollaborationRequest, collaboration_request_id)