def ecommerce_approvals_get():
logger.debug("workflow_approvals()")
workflow_list = []
user_info = get_userinfo()
okta_admin = OktaAdmin(session[SESSION_INSTANCE_SETTINGS_KEY])
user = okta_admin.get_user(user_info["sub"])
user_groups = okta_admin.get_user_groups(user["id"])
user_get_response = okta_admin.get_user_list_by_search(
'profile.{0} pr '.format(get_udp_ns_fieldname("access_requests")))
for list in user_get_response:
for grp in list["profile"][get_udp_ns_fieldname("access_requests")]:
group_get_response = okta_admin.get_group(id=grp)
logging.debug(group_get_response)
var = {
"requestor": list["profile"]["login"],
"request": group_get_response["profile"]["description"],
"usr_grp": {
"user_id": list["id"],
"group_id": grp
}
}
for clist in user_groups:
if grp == clist['id']:
workflow_list.append(var)
return render_template(
"{0}/workflow-approvals.html".format(get_app_vertical()),
templatename=get_app_vertical(),
workflow_list=workflow_list,
user_info=user_info,
config=session[SESSION_INSTANCE_SETTINGS_KEY],
_scheme=session[SESSION_INSTANCE_SETTINGS_KEY]["app_scheme"])
def workflow_approvals_get():
logger.debug("workflow_approvals()")
CONFIG_GROUP_ADMIN = get_udp_ns_fieldname(CONFIG_ADMIN)
workflow_list = []
user_info = get_userinfo()
okta_admin = OktaAdmin(session[SESSION_INSTANCE_SETTINGS_KEY])
user = okta_admin.get_user(user_info["sub"])
user_id = user["id"]
# On a GET display the registration page with the defaults
admin_groups = okta_admin.get_user_groups(user_id)
admin_group_id = ""
# Must be an admin
for item in admin_groups:
if item["profile"]["name"] == CONFIG_GROUP_ADMIN:
admin_group_id = item["id"]
if admin_group_id:
# access_requests attribute contains workflow request
# 'profile.access_requests eq pr"
user_get_response = okta_admin.get_user_list_by_search(
'profile.{0} pr '.format(get_udp_ns_fieldname("access_requests")))
for list in user_get_response:
for grp in list["profile"][get_udp_ns_fieldname(
"access_requests")]:
group_get_response = okta_admin.get_group(id=grp)
var = {
"requestor": list["profile"]["login"],
"request": group_get_response["profile"]["description"],
"usr_grp": {
"user_id": list["id"],
"group_id": grp
}
}
workflow_list.append(var)
return render_template(
"{0}/workflow-approvals.html".format(get_app_vertical()),
templatename=get_app_vertical(),
workflow_list=workflow_list,
user_info=user_info,
config=session[SESSION_INSTANCE_SETTINGS_KEY],
_scheme=session[SESSION_INSTANCE_SETTINGS_KEY]["app_scheme"])
else:
return "ERROR: Unauthorized", 401
def gbac_users():
logger.debug("gbac_users()")
user_info = get_userinfo()
okta_admin = OktaAdmin(session[SESSION_INSTANCE_SETTINGS_KEY])
group_id = request.args.get('group_id')
if group_id:
selectedgroup_id = group_id
user_group = okta_admin.get_group(selectedgroup_id)
else:
user_group = gbac_get_group_by_name("everyone")
selectedgroup_id = user_group["id"]
group_user_list = okta_admin.get_user_list_by_group_id(selectedgroup_id)
group_list = okta_admin.get_user_groups(user_info["sub"])
return render_template("/manageusers.html",
templatename=get_app_vertical(),
user_info=get_userinfo(),
userlist=group_user_list,
config=session[SESSION_INSTANCE_SETTINGS_KEY],
group_list=group_list,
user_group=user_group)
