def request_loader(request):
"""Get the user provided in X-GGRC-user if whitelisted Appid provided."""
whitelist = settings.ALLOWED_QUERYAPI_APP_IDS
inbound_appid = request.headers.get("X-Appengine-Inbound-Appid")
if not inbound_appid:
# don't check X-GGRC-user if the request doesn't come from another app
return None
if inbound_appid not in whitelist:
# by default, we don't allow incoming app2app connections from
# non-whitelisted apps
raise exceptions.BadRequest(
"X-Appengine-Inbound-Appid header contains "
"untrusted application id: {}".format(inbound_appid))
email = parse_user_email(request, "X-GGRC-user", mandatory=True)
# External Application User should be created if doesn't exist.
if is_external_app_user_email(email):
db_user = find_or_create_ext_app_user()
try:
# Create in the DB external app user provided in X-external-user header.
parse_user_email(request, "X-external-user", mandatory=False)
except exceptions.BadRequest as exp:
logger.error("Creation of external user has failed. %s",
exp.message)
raise
else:
db_user = all_models.Person.query.filter_by(email=email).first()
if not db_user:
raise exceptions.BadRequest(
"No user with such email: {}".format(email))
return db_user
def get_current_user(use_external_user=True):
"""Gets current user.
Retrieves the current logged-in user or the external user given
in the X-external-user header based on the provided flag.
Args:
use_external_user: indicates should we use external user or not.
Returns:
current user.
"""
logged_in_user = _get_current_logged_user()
if use_external_user and is_external_app_user():
try:
from ggrc.utils.user_generator import parse_user_email
external_user_email = parse_user_email(request,
"X-external-user",
mandatory=False)
if external_user_email:
from ggrc.utils.user_generator import find_user
ext_user = find_user(external_user_email,
modifier=logged_in_user.id)
if ext_user:
return ext_user
except RuntimeError:
logger.info("Working outside of request context.")
return logged_in_user
def get_current_user(use_external_user=True):
"""Gets current user.
Retrieves the current logged-in user or the external user given
in the X-external-user header based on the provided flag.
Args:
use_external_user: indicates should we use external user or not.
Returns:
current user.
"""
logged_in_user = _get_current_logged_user()
if use_external_user and is_external_app_user():
try:
from ggrc.utils.user_generator import parse_user_email
external_user_email = parse_user_email(request,
"X-external-user",
mandatory=False)
if external_user_email:
from ggrc.utils.user_generator import find_user
ext_user = find_user(external_user_email, modifier=logged_in_user.id)
if ext_user:
return ext_user
except RuntimeError:
logger.info("Working outside of request context.")
return logged_in_user
def get_ggrc_user(request, mandatory):
"""Find user from email in "X-GGRC-user" header."""
email = parse_user_email(request, "X-GGRC-user", mandatory=mandatory)
if not email:
return None
if is_external_app_user_email(email):
# External Application User should be created if doesn't exist.
user = get_external_app_user(request)
else:
user = all_models.Person.query.filter_by(email=email).first()
if not user:
raise exceptions.BadRequest("No user with such email: %s" % email)
return user
def get_ggrc_user(request, mandatory):
"""Find user from email in "X-GGRC-user" header."""
email = parse_user_email(request, "X-GGRC-user", mandatory=mandatory)
if not email:
return None
if is_external_app_user_email(email):
# External Application User should be created if doesn't exist.
user = get_external_app_user(request)
else:
user = all_models.Person.query.filter_by(email=email).first()
if not user:
raise exceptions.BadRequest("No user with such email: %s" % email)
return user
def get_external_app_user(request):
"""Find or create external app user from email in "X-GGRC-user" header."""
app_user = find_or_create_ext_app_user()
if app_user.id is None:
db.session.flush()
external_user_email = parse_user_email(
request, "X-external-user", mandatory=False
)
if external_user_email:
# Create external app user provided in X-external-user header.
try:
create_external_user(app_user, external_user_email)
except exceptions.BadRequest as exp:
logger.error("Creation of external user has failed. %s", exp.message)
raise
return app_user
def get_external_app_user(request):
"""Find or create external app user from email in "X-GGRC-user" header."""
app_user = find_or_create_ext_app_user()
if app_user.id is None:
db.session.flush()
external_user_email = parse_user_email(request,
"X-external-user",
mandatory=False)
if external_user_email:
# Create external app user provided in X-external-user header.
try:
create_external_user(app_user, external_user_email)
except exceptions.BadRequest as exp:
logger.error("Creation of external user has failed. %s",
exp.message)
raise
return app_user