def create_user_role(role, permissions):
'''create new user role'''
log.error(f'{permissions} ,{UserRolesEnum.values()}')
if not role or not permissions:
log.error(f'invalid input: {role}, {permissions}')
raise ValueError('Invalid input values!')
if not isinstance(permissions, list):
raise ValueError('Invalid permissions format: list expected')
invalid_perm = [x for x in permissions if x not in UserRolesEnum.values()]
if invalid_perm:
log.error(
f"Invalid perimissions requested:{invalid_perm}. Allowed values: {UserRolesEnum.values()}"
)
raise ValueError('Invalid permission value requested')
new_user_role = UserRoles(role=role, permissions=','.join(permissions))
try:
db.session.add(new_user_role)
db.session.commit()
except sqlalchemy.exc.IntegrityError:
db.session.rollback()
raise error.StorageErrorConflict('User role already exists')
except sqlalchemy.exc.SQLAlchemyError as ex:
db.session.rollback()
log.error(f'Could not create user role: {ex}')
raise error.StorageError('Could not reate user role!')
ret_value = new_user_role.to_dict()
log.info(f'New user role {ret_value} successfully added')
return ret_value
def get_user_all(req_username, permission):
'''get all user details depending on user privileges'''
base_query = db.session.query(UserDetails, UserRoles.role).outerjoin(
UserRoles, UserRoles.id == UserDetails.role_id)
if permission == UserRolesEnum.user.value:
query = base_query.filter(UserDetails.username == req_username)
elif permission == UserRolesEnum.user_privileged.value:
query = base_query.filter(
UserRoles.permissions.contains(UserRolesEnum.user.value))
else:
query = base_query
try:
req_list = query.all()
ret_list = []
for item in req_list:
user = item.UserDetails.to_dict()
user['role'] = item.role
ret_list.append(user)
return {'data': ret_list}
except sqlalchemy.exc.SQLAlchemyError as ex:
log.error(f'Error while retrieving user details: {ex}')
raise error.StorageError('Error while retrieving user details')
def create_user_timezone(username, name, timezone_id):
'''create a new user timezone'''
if not name or not timezone_id:
log.error(f'invalid input: {name}, {timezone_id}')
raise ValueError('Invalid input values!')
user = UserDetails.get(username)
if not user:
raise error.RecordNotFoundError(f'username {username} not found')
timezone = TimeZones.get(timezone_id)
if not timezone:
log.error(f'timezone {timezone_id} not found')
raise error.RecordNotFoundError(f'requested timezone not found')
res = _get_timezone_by_username_and_name(username, name)
if res:
raise error.StorageErrorConflict(f'timezone {name} already exists')
new_user_timezone = UserTimeZones(user_id=user.id,
name=name,
timezone_id=timezone_id)
try:
db.session.add(new_user_timezone)
db.session.commit()
except sqlalchemy.exc.SQLAlchemyError as ex:
db.session.rollback()
log.error(f'Could not create timezone {name} for {username}: {ex}')
raise error.StorageError(
f'Could not add timezone {name} for user {username}!')
log.info(f'User {username} created')
return new_user_timezone
def get_user_timezone_all(username):
'''get all timezones for a user'''
user = UserDetails.get(username)
if not user:
raise error.RecordNotFoundError(f'username {username} not found')
query = db.session.query(UserTimeZones, TimeZones, UserDetails.username)\
.join(UserDetails, UserTimeZones.user_id == UserDetails.id)\
.join(TimeZones, UserTimeZones.timezone_id == TimeZones.id)\
.filter(UserDetails.username == username)
try:
req_list = query.all()
ret_list = []
for item in req_list:
tz = item.TimeZones.to_dict()
tz.update(item.UserTimeZones.to_dict())
tz['username'] = item.username
ret_list.append(tz)
return {'data': ret_list}
except sqlalchemy.exc.SQLAlchemyError as ex:
log.error(f'Error while retrieving user timezones: {ex}')
raise error.StorageError(
f'Error while retrieving user {username} timezones')
def get_book_request(id_=None):
'''
get book requests from db
'''
query = db.session.query(BookRequests, BookTitles) \
.join(BookRequests, BookTitles.id == BookRequests.book_title_id)
try:
if id_ is not None:
query = query.filter(BookRequests.id == id_)
res = query.one_or_none()
if res is None:
raise error.BookReqFoundError('Book request not found')
book_req = res.BookTitles.to_dict()
book_req.update(res.BookRequests.to_dict())
return book_req
else:
req_list = query.all()
ret_list = []
for x in req_list:
book_req_details = x.BookTitles.to_dict()
book_req_details.update(x.BookRequests.to_dict())
ret_list.append(book_req_details)
return {'data': ret_list}
except sqlalchemy.exc.SQLAlchemyError as ex:
log.error(f'Error while retrieving book request: {ex}')
raise error.StorageError('Error while retrieving book request')
def enable_user(username, enable_value):
'''enable/disble an existing user'''
user = UserDetails.get(username)
if not user:
raise error.RecordNotFoundError(f'username {username} not found')
changed = False
try:
if user.enabled != enable_value:
user.enabled = enable_value
changed = True
if changed:
db.session.add(user)
db.session.commit()
except sqlalchemy.exc.SQLAlchemyError as ex:
db.session.rollback()
log.error(f'Could not update user {username}: {ex}')
raise error.StorageError(f'Could not update user {username}!')
except Exception as ex:
db.session.rollback()
log.error(f'Could not update user {username}: {ex}')
raise
enabled_str = 'enabled' if enable_value else 'disabled'
log.info(f'User {username} {enabled_str}')
def get_timezone_all():
'''get all timezones'''
try:
ret_list = TimeZones.get_all()
return {'data': ret_list}
except sqlalchemy.exc.SQLAlchemyError as ex:
log.error(f'Error while retrieving timezones: {ex}')
raise error.StorageError(f'Error while retrieving timezones')
def delete_user(username, req_username, permission):
'''delete a user'''
try:
user = get_user(username, req_username, permission)
UserDetails.delete(username)
except sqlalchemy.exc.SQLAlchemyError as ex:
log.error(f'Error while deleting user {username} {ex}')
raise error.StorageError(f'Error while deleting user {username}')
log.info(f'User {username} deleted')
def delete_user_role(role):
'''delete user role'''
try:
user_role = get_user_role(role)
UserRoles.delete(role)
except sqlalchemy.exc.SQLAlchemyError as ex:
log.error(f'Error while deleting user role {ex}')
raise error.StorageError(f'Error while deleting user role {role}')
log.info(f'User role {role} deleted')
def delete_book_request(id_):
'''
delete a book request by id
'''
try:
book_req = BookRequests.get(id_)
if book_req is None:
raise error.BookReqFoundError('Book request not found')
BookRequests.delete(id_)
except sqlalchemy.exc.SQLAlchemyError as ex:
log.error(f'Error while deleting book request {ex}')
raise error.StorageError('Error while deleting book request')
log.info(f'book request with id {id_} deleted')
def revoke_token(jti):
"""
revoke a token
"""
revoked_token = RevokedUserTokens(jti=jti)
try:
db.session.add(revoked_token)
db.session.commit()
except sqlalchemy.exc.SQLAlchemyError as ex:
db.session.rollback()
log.error(f'Could not add token JTI {jti} to revoked tokens: {ex}')
raise error.StorageError(f'problem revoking token')
log.info(f'token {jti} revoked')
def add_book_title(title):
'''
add a book title to db
'''
new_title = BookTitles(title=title)
try:
db.session.add(new_title)
db.session.commit()
except sqlalchemy.exc.SQLAlchemyError as ex:
db.session.rollback()
log.error(f'sqlachemy error: {ex}')
raise error.StorageError('could not add book title!')
log.info(f'Book title {title} successfully added')
return new_title
def get_user(username, req_username, permission):
'''get a user details'''
_validate_user_request(username, req_username, permission)
query = db.session.query(UserDetails, UserRoles.role).join(
UserRoles, UserRoles.id == UserDetails.role_id)
try:
query = query.filter(UserDetails.username == username)
res = query.one_or_none()
if not res:
raise error.RecordNotFoundError(f'username {username} not found')
user = res.UserDetails.to_dict()
user['role'] = res.role
return user
except sqlalchemy.exc.SQLAlchemyError as ex:
log.error(f'Error while retrieving user details: {ex}')
raise error.StorageError('Error while retrieving user details')
def get_book_title(book_title=None):
'''
get book titles from db
'''
try:
if book_title is not None:
title = BookTitles.get(book_title)
if title is None:
raise error.TitleNotFoundError('Title not found')
return title
else:
title_list = BookTitles.get_all()
return {'data': title_list}
except sqlalchemy.exc.SQLAlchemyError as ex:
log.error(f'Error while retrieving book title: {ex}')
raise error.StorageError('Error while retrieving book title')
def create_user(first_name, last_name, username, email, password):
'''create a new user'''
if not first_name or not last_name or not username or not email or not password:
log.error(
f'invalid input: {first_name}, {last_name}, {username}, {email}, {password}'
)
raise ValueError('Invalid input values!')
_check_name_field(first_name, 3)
_check_name_field(last_name, 3)
_check_name_field(username)
_check_email_address_format(email)
_check_passwd_field(password)
user = UserDetails.get(username)
if user:
raise error.StorageErrorConflict('username already exists')
user_email = db.session.query(UserDetails).filter_by(
email=email).one_or_none()
if user_email:
raise error.StorageErrorConflict('email already registered')
#user_role = get_user_role(role)
new_user = UserDetails(first_name=first_name,
last_name=last_name,
username=username,
email=email,
password=UserDetails.generate_hash(password))
try:
db.session.add(new_user)
db.session.commit()
except sqlalchemy.exc.SQLAlchemyError as ex:
db.session.rollback()
log.error(f'Could not reate user {username}: {ex}')
raise error.StorageError(f'Could not add user {username}!')
log.info(f'User {username} created')
user_info = new_user.to_dict()
return user_info
def delete_user_timezone(username, name):
'''delete a user timezone'''
user = UserDetails.get(username)
if not user:
raise error.RecordNotFoundError(f'username {username} not found')
timezone = _get_timezone_by_username_and_name(username, name)
if not timezone:
raise error.RecordNotFoundError(f'timezone {tz_name} not found')
log.error(f'deleteing {timezone}')
try:
db.session.delete(timezone)
db.session.commit()
except sqlalchemy.exc.SQLAlchemyError as ex:
db.session.rollback()
log.error(f'Error while deleting timezone {name}: {ex}')
raise error.StorageError(f'Error while deleting timezone {name}')
log.info(f'timezone {name} deleted for user {username}')
def create_book_request(email, title):
'''
validate and add a book request to db
'''
_check_email_address_format(email)
title = get_book_title(title)
timestamp = _get_timestamp_now()
new_book_request = BookRequests(email=email, timestamp=timestamp, book_title=title)
try:
db.session.add(new_book_request)
db.session.commit()
except sqlalchemy.exc.SQLAlchemyError as ex:
db.session.rollback()
log.error(f'Could not add book request: {ex}')
raise error.StorageError('Could not add book request!')
ret_value = new_book_request.to_dict()
ret_value['title'] = title.title
log.info(f'new book request {ret_value} successfully added')
return ret_value
def update_user_timezone(username, tz_name, **kwargs):
'''update a user timezone'''
new_name = kwargs.get('name')
timezone_id = kwargs.get('timezone_id')
user = UserDetails.get(username)
if not user:
raise error.RecordNotFoundError(f'username {username} not found')
timezone = _get_timezone_by_username_and_name(username, tz_name)
if not timezone:
raise error.RecordNotFoundError(f'timezone {tz_name} not found')
changed = False
if new_name and timezone.name != new_name:
tz = _get_timezone_by_username_and_name(username, new_name)
if tz:
raise error.StorageErrorConflict(
f'timezone {new_name} already exists')
timezone.name = new_name
changed = True
if timezone_id and timezone.timezone_id != timezone_id:
timezone.timezone_id = timezone_id
changed = True
if changed:
try:
db.session.add(timezone)
db.session.commit()
except sqlalchemy.exc.SQLAlchemyError as ex:
db.session.rollback()
log.error(f'Could not update timezone {tz_name}: {ex}')
raise error.StorageError(f'Could not update timezone {tz_name}!')
log.info(f'timezone {tz_name} updated user {username}')
def update_user(username, req_username, permission, **kwargs):
'''update an existing user'''
_validate_user_request(username, req_username, permission)
first_name = kwargs.get('first_name')
last_name = kwargs.get('last_name')
email = kwargs.get('email')
password = kwargs.get('password')
role = kwargs.get('role')
role_id = None
if role:
if not permission == UserRolesEnum.user_all.value:
raise error.PermissionsError(
'insufficient permissions to update role')
role_details = UserRoles.get(role)
if not role_details:
raise error.RecordNotFoundError(f'role {role} not found')
role_id = role_details['id']
if email:
_check_email_address_format(email)
user = UserDetails.get(username)
if not user:
raise error.RecordNotFoundError(f'username {username} not found')
changed = False
try:
if role_id and user.role_id != role_id:
user.role_id = role_id
changed = True
if first_name and user.first_name != first_name:
_check_name_field(first_name, 3)
user.first_name = first_name
changed = True
if last_name and user.last_name != last_name:
_check_name_field(last_name, 3)
user.last_name = last_name
changed = True
if email and user.email != email:
_check_email_address_format(email)
user.email = email
changed = True
if password and not UserDetails.verify_hash(password, user.password):
_check_passwd_field(password)
user.password = UserDetails.generate_hash(password)
changed = True
if changed:
db.session.add(user)
db.session.commit()
except sqlalchemy.exc.SQLAlchemyError as ex:
db.session.rollback()
log.error(f'Could not update user {username}: {ex}')
raise error.StorageError(f'Could not update user {username}!')
except Exception as ex:
db.session.rollback()
log.error(f'Could not update user {username}: {ex}')
raise
log.info(f'User {username} updated')
