def create_all_users_group(users_colln, group_name, creator_id):
existing_group_json = users_colln.find_one(
groups_helper.get_group_selector_doc(group_name=group_name),
projection={"_id": 1})
if existing_group_json is not None:
return existing_group_json['_id']
all_users_group = UsersGroup()
all_users_group.set_details(group_name=group_name,
source=None,
name='All Users',
description='all vedavaapi users',
agent_class='Group')
all_users_group_id = groups_helper.create_new_group(
users_colln,
all_users_group.to_json_map(),
creator_id, [],
ignore_source=True)
permissions_helper.add_to_agent_set(users_colln, [all_users_group_id],
[ObjectPermissions.UPDATE_CONTENT],
Permission.GRANTED,
user_pids=[creator_id])
permissions_helper.add_to_agent_set(
users_colln, [all_users_group_id],
[ObjectPermissions.READ, ObjectPermissions.CREATE_CHILDREN],
Permission.GRANTED,
user_pids=[creator_id],
group_pids=[all_users_group_id])
return all_users_group_id
def bootstrap_initial_agents(users_colln, oauth_colln, initial_agents_config):
root_admin_conf = initial_agents_config['users']['root_admin']
root_admin_id = create_root_admin(users_colln, root_admin_conf['email'],
root_admin_conf['hashedPassword'])
all_users_conf = initial_agents_config['groups']['all_users']
all_users_group_id = create_all_users_group(users_colln,
all_users_conf['group_name'],
root_admin_id)
permissions_helper.add_to_agent_set(users_colln, [root_admin_id],
[ObjectPermissions.READ],
Permission.GRANTED,
group_pids=[all_users_group_id])
root_admins_conf = initial_agents_config['groups']['root_admins']
root_admins_group_id = create_root_admins_group(
users_colln, root_admins_conf['group_name'], root_admin_id,
all_users_group_id)
root_oauth_client_conf = initial_agents_config['oauth_clients'][
'root_client']
root_client_id = create_root_oauth_client(
oauth_colln, root_oauth_client_conf['client_id'],
root_oauth_client_conf['client_secret'], root_admin_id,
root_oauth_client_conf.get('redirect_uris', None))
bootstrap_oauth2_master_config(oauth_colln, root_admin_id,
root_admins_group_id)
return InitialAgents(root_admin_id, all_users_group_id,
root_admins_group_id, root_client_id)
def create_root_admin(users_colln, email, hashed_password):
existing_user_id = users_helper.get_user_id(users_colln, email)
if existing_user_id is not None:
return existing_user_id
user = User()
user.set_details(email=email, hashed_password=hashed_password)
root_admin_id = users_helper.create_new_user(users_colln,
user.to_json_map(),
with_password=False)
permissions_helper.add_to_agent_set(users_colln, [root_admin_id],
ObjectPermissions.ACTIONS,
Permission.GRANTED,
user_pids=[root_admin_id],
group_pids=[])
return root_admin_id
def create_new_user(users_colln, user_json, initial_agents=None, with_password=True):
for k in ('_id', 'externalAuthentications'):
if k in user_json:
raise ObjModelException('you cannot set "{}" attribute.', 403)
essential_fields = ['email', 'jsonClass']
if with_password:
essential_fields.append('password')
for k in essential_fields:
if k not in user_json:
raise ObjModelException('{} should be provided for creating new user'.format(k), 400)
if user_json['jsonClass'] != 'User':
raise ObjModelException('invalid jsonClass', 403)
if with_password:
user_json['hashedPassword'] = bcrypt.hashpw(
user_json['password'].encode('utf-8'), bcrypt.gensalt()).decode('utf-8')
user_json.pop('password')
existing_user = get_user(
users_colln, get_user_selector_doc(email=user_json['email']),
projection={"_id": 1, "jsonClass": 1})
if existing_user is not None:
raise ObjModelException('user already exists', 403)
user = JsonObject.make_from_dict(user_json)
user.set_from_dict({"externalAuthentications": WrapperObject()})
new_user_id = objstore_helper.create_resource(
users_colln, user.to_json_map(), None, None, initial_agents=initial_agents, standalone=True)
permissions_helper.add_to_agent_set(
users_colln, [new_user_id], ObjectPermissions.ACTIONS, Permission.GRANTED, user_pids=[new_user_id])
from ..agents_helpers import groups_helper
if initial_agents is not None:
groups_helper.add_users_to_group(
users_colln,
groups_helper.get_group_selector_doc(_id=initial_agents.all_users_group_id), [new_user_id], None, None)
return new_user_id
def create_root_admins_group(users_colln, group_name, creator_id,
parent_group_id):
existing_group_json = users_colln.find_one(
groups_helper.get_group_selector_doc(group_name=group_name),
projection={"_id": 1})
if existing_group_json is not None:
return existing_group_json['_id']
root_admins_group = UsersGroup()
root_admins_group.set_details(group_name=group_name,
source=parent_group_id,
name='Root Admins',
description='Vedavaapi Admins',
agent_class='Group')
root_admins_group_id = groups_helper.create_new_group(
users_colln, root_admins_group.to_json_map(), creator_id, [])
permissions_helper.add_to_agent_set(users_colln, [root_admins_group_id],
ObjectPermissions.ACTIONS,
Permission.GRANTED,
user_pids=[creator_id])
return root_admins_group_id