def action(space: Space) -> Space: if space_service.is_storable_id_faked(space.spaceId): space_service.redress_storable_id(space) user_group_ids = ArrayHelper(space.groupIds).distinct().to_list() space.groupIds = user_group_ids topic_ids = ArrayHelper(space.topicIds).distinct().to_list() space.topicIds = topic_ids # check topics validate_topics(space_service, topic_ids, space.tenantId) # noinspection PyTypeChecker space: Space = space_service.create(space) # synchronize space to user groups sync_space_to_groups(space_service, space.spaceId, user_group_ids, space.tenantId) else: # noinspection PyTypeChecker,DuplicatedCode existing_space: Optional[Space] = space_service.find_by_id(space.spaceId) if existing_space is not None: if existing_space.tenantId != space.tenantId: raise_403() user_group_ids = ArrayHelper(space.groupIds).distinct().to_list() space.groupIds = user_group_ids topic_ids = ArrayHelper(space.topicIds).distinct().to_list() space.topicIds = topic_ids # check topics validate_topics(space_service, topic_ids, space.tenantId) # noinspection PyTypeChecker space: Space = space_service.update(space) # remove space from user groups, in case user groups are removed removed_user_group_ids = ArrayHelper(existing_space.groupIds).difference(user_group_ids).to_list() remove_space_from_groups(space_service, space.spaceId, removed_user_group_ids, space.tenantId) # synchronize space to user groups sync_space_to_groups(space_service, space.spaceId, user_group_ids, space.tenantId) return space
def action(user: User) -> User: # crypt password pwd = user.password if is_not_blank(pwd): user.password = crypt_password(pwd) if user.isActive is None: user.isActive = True if user_service.is_storable_id_faked(user.userId): if principal_service.is_super_admin() and check_user_group: if user.groupIds is not None and len(user.groupIds) != 0: # for super admin create user, there is no user group allowed raise_400( 'No user group allowed for creating user by super admin.' ) user_service.redress_storable_id(user) user_group_ids = ArrayHelper(user.groupIds).distinct().to_list() user.groupIds = user_group_ids # noinspection PyTypeChecker user: User = user_service.create(user) # synchronize user to user groups sync_user_to_groups(user_service, user.userId, user_group_ids, user.tenantId) else: # noinspection PyTypeChecker existing_user: Optional[User] = user_service.find_by_id( user.userId) if existing_user is not None: if existing_user.tenantId != user.tenantId: raise_403() elif is_blank(user.password): # keep original password user.password = existing_user.password if principal_service.is_super_admin() and check_user_group: # for super admin update user, simply keep user group user.groupIds = existing_user.groupIds else: user_group_ids = ArrayHelper( user.groupIds).distinct().to_list() user.groupIds = user_group_ids user_group_ids = user.groupIds # noinspection PyTypeChecker user: User = user_service.update(user) if principal_service.is_tenant_admin(): # remove user from user groups, in case user groups are removed removed_user_group_ids = ArrayHelper( existing_user.groupIds).difference( user_group_ids).to_list() remove_user_from_groups(user_service, user.userId, removed_user_group_ids, user.tenantId) # synchronize user to user groups sync_user_to_groups(user_service, user.userId, user_group_ids, user.tenantId) # remove password clear_pwd(user) return user
def action(an_indicator: Indicator) -> Indicator: if indicator_service.is_storable_id_faked(an_indicator.indicatorId): indicator_service.redress_storable_id(an_indicator) user_group_ids = ArrayHelper(an_indicator.groupIds).distinct().to_list() an_indicator.groupIds = user_group_ids # noinspection PyTypeChecker an_indicator: Indicator = indicator_service.create(an_indicator) # synchronize space to user groups sync_indicator_to_groups(indicator_service, an_indicator.indicatorId, user_group_ids, indicator.tenantId) else: # noinspection PyTypeChecker existing_indicator: Optional[Indicator] = indicator_service.find_by_id(an_indicator.indicatorId) if existing_indicator is not None: if existing_indicator.tenantId != an_indicator.tenantId: raise_403() user_group_ids = ArrayHelper(an_indicator.groupIds).distinct().to_list() an_indicator.groupIds = user_group_ids # noinspection PyTypeChecker an_indicator: Indicator = indicator_service.update(an_indicator) # remove indicator from user groups, in case user groups are removed removed_user_group_ids = ArrayHelper(existing_indicator.groupIds).difference(user_group_ids).to_list() remove_indicator_from_groups( indicator_service, indicator.indicatorId, removed_user_group_ids, indicator.tenantId) # synchronize indicator to user groups sync_indicator_to_groups(indicator_service, indicator.indicatorId, user_group_ids, indicator.tenantId) return an_indicator
def validate_reports( dashboard: Dashboard, dashboard_service: DashboardService, principal_service: PrincipalService) -> None: reports = dashboard.reports if reports is None: dashboard.reports = [] return if len(reports) == 0: return report_ids = ArrayHelper(reports).map(lambda x: x.reportId).distinct().to_list() if len(report_ids) == 0: dashboard.reports = [] return report_service = get_report_service(dashboard_service) for report_id in report_ids: existing_one = report_service.find_tenant_and_user(report_id) if existing_one is None: raise_400('Report ids do not match.') existing_tenant_id, existing_user_id = existing_one if existing_tenant_id != principal_service.get_tenant_id(): raise_403() if existing_user_id != principal_service.get_user_id(): raise_403()
async def load_user_by_id( user_id: Optional[UserId] = None, principal_service: PrincipalService = Depends(get_any_principal) ) -> User: if is_blank(user_id): raise_400('User id is required.') if not principal_service.is_admin(): # console user cannot visit other users if user_id != principal_service.get_user_id(): raise_403() user_service = get_user_service(principal_service) def action() -> User: # noinspection PyTypeChecker user: User = user_service.find_by_id(user_id) if user is None: raise_404() # check tenant id if not principal_service.is_super_admin(): # tenant id must match current principal's, except current is super admin if user.tenantId != principal_service.get_tenant_id(): raise_404() # remove password clear_pwd(user) return user return trans_readonly(user_service, action)
def action() -> SubjectForIndicator: subject: Optional[Subject] = subject_service.find_by_id(subject_id) if subject is None: raise_404() if subject.tenantId != principal_service.get_tenant_id(): raise_403() connected_space_service = get_connected_space_service(subject_service) connected_space: Optional[ ConnectedSpace] = connected_space_service.find_by_id( subject.connectId) if connected_space is None: raise IndicatorKernelException( f'Connected space not found for subject[id={subject_id}].') space_service = get_space_service(subject_service) space: Optional[Space] = space_service.find_by_id( connected_space.spaceId) if space is None: raise IndicatorKernelException( f'Space not found for subject[id={subject_id}].') topic_service = get_topic_service(subject_service) topics = topic_service.find_by_ids(space.topicIds, principal_service.get_tenant_id()) topic_map: Dict[TopicId, Topic] = ArrayHelper(topics).to_map( lambda x: x.topicId, lambda x: x) all_topic_ids = space.topicIds all_topics = ArrayHelper(all_topic_ids).map( lambda x: topic_map[x]).to_list() return SubjectForIndicator(**subject.to_dict(), topics=all_topics)
def action(enumeration: Enum) -> Enum: if enum_service.is_storable_id_faked(enumeration.enumId): enum_service.redress_storable_id(enumeration) if enumeration.items is None: enumeration.items = [] # noinspection PyTypeChecker enumeration: Enum = enum_service.create(enumeration) enum_item_service = get_enum_item_service(enum_service) ArrayHelper(enumeration.items).each( lambda x: create_enum_item(enum_item_service, x, enumeration)) else: # noinspection PyTypeChecker existing_enum: Optional[Enum] = enum_service.find_by_id( enumeration.enumId) if existing_enum is not None: if existing_enum.tenantId != enumeration.tenantId: raise_403() if enumeration.items is None: enumeration.items = [] # noinspection PyTypeChecker enumeration: Enum = enum_service.update(enumeration) enum_item_service = get_enum_item_service(enum_service) enum_item_service.delete_by_enum_id(enumeration.enumId) ArrayHelper(enumeration.items).each( lambda x: create_enum_item(enum_item_service, x, enumeration)) return enumeration
def prepare_and_validate_request( request: MixImportDataRequest, user_service: UserService, principal_service: PrincipalService) -> None: tenant_id = validate_tenant_id(request, user_service, principal_service) clear_data_source_id(request.topics) clear_user_group_ids(request.spaces) def set_user_id_to_report(report: Report, user_id: UserId) -> None: report.userId = user_id def set_user_id_to_subject(subject: SubjectWithReports, user_id: UserId) -> None: subject.userId = user_id ArrayHelper(subject.reports) \ .flatten() \ .filter(lambda x: x is not None) \ .each(lambda x: set_user_id_to_report(x, user_id)) def set_user_id_to_connected_space(connected_space: ConnectedSpaceWithSubjects, user_id: UserId) -> None: connected_space.userId = user_id ArrayHelper(connected_space.subjects) \ .flatten() \ .filter(lambda x: x is not None) \ .each(lambda x: set_user_id_to_subject(x, user_id)) if principal_service.is_super_admin(): # to find a tenant admin tenant_admin: Optional[User] = user_service.find_admin(tenant_id) if tenant_admin is None: raise_400(f'Admin user on tenant[{tenant_id}] to receive imported data is not found.') elif principal_service.is_tenant_admin(): ArrayHelper(request.connectedSpaces).each( lambda x: set_user_id_to_connected_space(x, principal_service.get_user_id())) else: raise_403()
def action() -> ConnectedSpaceWithSubjects: space_service = get_space_service(connected_space_service) space: Optional[Space] = space_service.find_by_id(space_id) if space is None: raise_400('Incorrect space id.') if space.tenantId != principal_service.get_tenant_id(): raise_403() template_connected_spaces = find_template_connected_spaces_by_ids( connected_space_service, template_ids, space_id, space.tenantId) connected_space = ConnectedSpace(spaceId=space_id, name=name, isTemplate=False) connected_space_service.redress_storable_id(connected_space) connected_space.userId = principal_service.get_user_id() connected_space.tenantId = principal_service.get_tenant_id() connected_space.lastVisitTime = get_current_time_in_seconds() # noinspection PyTypeChecker connected_space: ConnectedSpace = connected_space_service.create( connected_space) subjects_with_reports = ArrayHelper(template_connected_spaces) \ .map(lambda x: copy_to_connected_space(x, connected_space, connected_space_service)) \ .flatten().to_list() connected_space_with_subjects = ConnectedSpaceWithSubjects( **connected_space.dict()) connected_space_with_subjects.subjects = subjects_with_reports return connected_space_with_subjects
def validate_user(a_tuple: UserBasedTuple, user_service: UserService, principal_service: PrincipalService) -> None: if not principal_service.is_admin(): raise_403() if is_blank(a_tuple.userId): if principal_service.is_super_admin(): raise_400('User id is required.') elif principal_service.is_tenant_admin(): a_tuple.userId = principal_service.get_user_id() else: raise_403() else: if a_tuple.userId == principal_service.get_user_id(): if principal_service.is_super_admin(): raise_400(f'Incorrect user id[{a_tuple.userId}].') else: user: Optional[User] = user_service.find_by_id(a_tuple.userId) if user is None: raise_400('User id is required.') if principal_service.is_super_admin(): if user.tenantId == principal_service.get_tenant_id(): raise_400(f'Incorrect user id[{a_tuple.userId}].') elif principal_service.is_tenant_admin(): if user.tenantId != principal_service.get_tenant_id(): raise_400(f'Incorrect user id[{a_tuple.userId}].')
def action() -> List[Enum]: topic_service = get_topic_service(enum_service) topic: Optional[Topic] = topic_service.find_by_id(topic_id) if topic.tenantId != principal_service.get_tenant_id(): raise_403() return ArrayHelper(topic.factors) \ .filter(lambda x: is_not_blank(x.enumId)) \ .map(lambda x: enum_service.find_by_id(x.enumId)) \ .to_list()
def action() -> None: # noinspection PyTypeChecker existing_catalog: Optional[Catalog] = catalog_service.find_by_id( catalog_id) if existing_catalog is None: raise_404() if existing_catalog.tenantId != principal_service.get_tenant_id(): raise_403() catalog_service.delete(catalog_id)
def action(topic: Topic) -> Tuple[Topic, Callable[[], None]]: if topic_service.is_storable_id_faked(topic.topicId): topic_service.redress_storable_id(topic) redress_factor_ids(topic, topic_service) # noinspection PyTypeChecker topic: Topic = topic_service.create(topic) tail = sync_topic_structure(topic, None, principal_service) else: # noinspection PyTypeChecker existing_topic: Optional[Topic] = topic_service.find_by_id( topic.topicId) if existing_topic is not None: if existing_topic.tenantId != topic.tenantId: raise_403() redress_factor_ids(topic, topic_service) # noinspection PyTypeChecker topic: Topic = topic_service.update(topic) if handle_snapshots: scheduler_service = get_snapshot_scheduler_service( topic_service) schedulers = scheduler_service.find_by_topic(topic.topicId) if len(schedulers) != 0: # first find the task topic task_topic_name = as_snapshot_task_topic_name(topic) task_topic = topic_service.find_by_name_and_tenant( task_topic_name, topic.tenantId) if task_topic is None: # create task topic task_topic = create_snapshot_task_topic(topic) else: # rebuild task topic task_topic = rebuild_snapshot_task_topic( task_topic, topic) # save task topic task_topic, tail_task_topic = ask_save_topic_action( topic_service, principal_service)(task_topic) # handle target topic and pipelines for each scheduler tails = ArrayHelper(schedulers) \ .map( lambda x: handle_scheduler( x, topic, task_topic, topic_service, scheduler_service, principal_service)) \ .filter(lambda x: x is not None) \ .to_list() tail = combine_tail_actions( ArrayHelper(tails).grab(tail_task_topic).to_list()) else: tail = sync_topic_structure(topic, existing_topic, principal_service) else: tail = sync_topic_structure(topic, existing_topic, principal_service) post_save_topic(topic, topic_service) return topic, tail
def validate_tenant_id( request: MixImportDataRequest, user_service: UserService, principal_service: PrincipalService) -> TenantId: if principal_service.is_super_admin(): return validate_tenant_id_when_super_admin(request, user_service, principal_service) elif principal_service.is_tenant_admin(): return validate_tenant_id_when_tenant_admin(request, principal_service) else: raise_403()
def action() -> None: # noinspection PyTypeChecker existing_dashboard: Optional[Dashboard] = dashboard_service.find_by_id(dashboard_id) if existing_dashboard is None: raise_404() if existing_dashboard.tenantId != principal_service.get_tenant_id(): raise_403() if not principal_service.is_tenant_admin() and existing_dashboard.userId != principal_service.get_user_id(): raise_403() dashboard_service.delete(dashboard_id)
def action() -> None: # noinspection PyTypeChecker existing_report: Optional[Report] = report_service.find_by_id(report_id) if existing_report is None: raise_404() if existing_report.tenantId != principal_service.get_tenant_id(): raise_403() if not principal_service.is_tenant_admin() and existing_report.userId != principal_service.get_user_id(): raise_403() report_service.delete(report_id)
def action() -> None: existing_tenant_id: Optional[ TenantId] = pipeline_service.find_tenant_id(pipeline_id) if existing_tenant_id is None: raise_404() elif existing_tenant_id != principal_service.get_tenant_id(): raise_403() # noinspection PyTypeChecker pipeline: Pipeline = pipeline_service.update_enablement( pipeline_id, enabled, principal_service.get_tenant_id()) post_update_pipeline_enablement(pipeline, pipeline_service)
def validate_tenant_based_tuples(tuples: List[TenantBasedTuple], user_service: UserService, principal_service: PrincipalService) -> None: """ check tenant of tuple is valid or not. """ if not principal_service.is_admin(): raise_403() ArrayHelper(tuples).each( lambda x: validate_tenant(x, user_service, principal_service))
def action() -> None: existing_one = dashboard_service.find_tenant_and_user(dashboard_id) if existing_one is None: raise_404() existing_tenant_id, existing_user_id = existing_one if existing_tenant_id != principal_service.get_tenant_id(): raise_403() elif existing_user_id != principal_service.get_user_id(): raise_403() # noinspection PyTypeChecker dashboard_service.update_name( dashboard_id, name, principal_service.get_user_id(), principal_service.get_tenant_id())
def action() -> None: # noinspection PyTypeChecker existing_analysis: Optional[ ObjectiveAnalysis] = analysis_service.find_by_id(analysis_id) if existing_analysis is None: raise_404() if existing_analysis.tenantId != principal_service.get_tenant_id(): raise_403() if not principal_service.is_tenant_admin( ) and existing_analysis.userId != principal_service.get_user_id(): raise_403() analysis_service.delete(analysis_id)
def action() -> None: existing_one = connected_space_service.find_tenant_and_user(connect_id) if existing_one is None: raise_404() existing_tenant_id, existing_user_id = existing_one if existing_tenant_id != principal_service.get_tenant_id(): raise_403() elif existing_user_id != principal_service.get_user_id(): raise_403() # noinspection PyTypeChecker connected_space_service.update_as_template( connect_id, is_template, principal_service.get_user_id(), principal_service.get_tenant_id())
def action() -> None: # noinspection PyTypeChecker existing_subject: Optional[Subject] = subject_service.find_by_id( subject_id) if existing_subject is None: raise_404() if existing_subject.tenantId != principal_service.get_tenant_id(): raise_403() if not principal_service.is_tenant_admin( ) and existing_subject.userId != principal_service.get_user_id(): raise_403() subject_service.delete(subject_id) report_service: ReportService = get_report_service(subject_service) report_service.delete_by_subject_id(subject_id)
def filter_indicators( indicators: List[Indicator], indicator_service: IndicatorService, principal_service: PrincipalService ) -> List[Indicator]: if principal_service.is_admin(): return indicators user_id = principal_service.get_user_id() user_service = get_user_service(indicator_service) user: Optional[User] = user_service.find_by_id(user_id) if user is None: raise_403() group_ids = user.groupIds return ArrayHelper(indicators).filter(lambda x: ArrayHelper(x.groupIds).some(lambda y: y in group_ids)).to_list()
def action(a_bucket: Bucket) -> Bucket: if bucket_service.is_storable_id_faked(a_bucket.bucketId): bucket_service.redress_storable_id(a_bucket) # noinspection PyTypeChecker a_bucket: Bucket = bucket_service.create(a_bucket) else: # noinspection PyTypeChecker existing_bucket: Optional[Bucket] = bucket_service.find_by_id(a_bucket.bucketId) if existing_bucket is not None: if existing_bucket.tenantId != a_bucket.tenantId: raise_403() # noinspection PyTypeChecker a_bucket: Bucket = bucket_service.update(a_bucket) return a_bucket
def action(analysis: ObjectiveAnalysis) -> ObjectiveAnalysis: analysis.userId = principal_service.get_user_id() analysis.tenantId = principal_service.get_tenant_id() if analysis_service.is_storable_id_faked(analysis.analysisId): analysis_service.redress_storable_id(analysis) # noinspection PyTypeChecker analysis: ObjectiveAnalysis = analysis_service.create(analysis) else: existing_inspection: Optional[ ObjectiveAnalysis] = analysis_service.find_by_id( analysis.analysisId) if existing_inspection is not None: if existing_inspection.tenantId != analysis.tenantId: raise_403() if existing_inspection.userId != analysis.userId: raise_403() # noinspection PyTypeChecker analysis: ObjectiveAnalysis = analysis_service.update(analysis) return analysis
def action() -> None: # noinspection PyTypeChecker existing_connected_space: Optional[ ConnectedSpace] = connected_space_service.find_by_id(connect_id) if existing_connected_space is None: raise_404() if existing_connected_space.tenantId != principal_service.get_tenant_id( ): raise_403() if not principal_service.is_tenant_admin( ) and existing_connected_space.userId != principal_service.get_user_id( ): raise_403() connected_space_service.delete(connect_id) subject_service: SubjectService = get_subject_service( connected_space_service) subject_service.delete_by_connect_id(connect_id) report_service: ReportService = get_report_service( connected_space_service) report_service.delete_by_connect_id(connect_id)
def action(inspection: Inspection) -> Inspection: inspection.userId = principal_service.get_user_id() inspection.tenantId = principal_service.get_tenant_id() if inspection_service.is_storable_id_faked(inspection.inspectionId): inspection_service.redress_storable_id(inspection) # noinspection PyTypeChecker inspection: Inspection = inspection_service.create(inspection) else: existing_inspection: Optional[ Inspection] = inspection_service.find_by_id( inspection.inspectionId) if existing_inspection is not None: if existing_inspection.tenantId != inspection.tenantId: raise_403() if existing_inspection.userId != inspection.userId: raise_403() # noinspection PyTypeChecker inspection: Inspection = inspection_service.update(inspection) return inspection
def action(achievement: Achievement) -> Achievement: achievement.userId = principal_service.get_user_id() achievement.tenantId = principal_service.get_tenant_id() if achievement_service.is_storable_id_faked(achievement.achievementId): achievement_service.redress_storable_id(achievement) # noinspection PyTypeChecker achievement: Achievement = achievement_service.create(achievement) else: existing_inspection: Optional[ Achievement] = achievement_service.find_by_id( achievement.achievementId) if existing_inspection is not None: if existing_inspection.tenantId != achievement.tenantId: raise_403() if existing_inspection.userId != achievement.userId: raise_403() # noinspection PyTypeChecker achievement: Achievement = achievement_service.update(achievement) return achievement
async def load_tenant_by_id( tenant_id: Optional[TenantId] = None, principal_service: PrincipalService = Depends(get_any_principal) ) -> Tenant: if is_blank(tenant_id): raise_400('Tenant id is required.') if not principal_service.is_super_admin(): if tenant_id != principal_service.get_tenant_id(): raise_403() tenant_service = get_tenant_service(principal_service) def action() -> Tenant: # noinspection PyTypeChecker tenant: Tenant = tenant_service.find_by_id(tenant_id) if tenant is None: raise_404() return tenant return trans_readonly(tenant_service, action)
def action(pipeline: Pipeline) -> Pipeline: if pipeline_service.is_storable_id_faked(pipeline.pipelineId): pipeline_service.redress_storable_id(pipeline) redress_ids(pipeline, pipeline_service) # noinspection PyTypeChecker pipeline: Pipeline = pipeline_service.create(pipeline) else: # noinspection PyTypeChecker existing_pipeline: Optional[ Pipeline] = pipeline_service.find_by_id(pipeline.pipelineId) if existing_pipeline is not None: if existing_pipeline.tenantId != pipeline.tenantId: raise_403() redress_ids(pipeline, pipeline_service) # noinspection PyTypeChecker pipeline: Pipeline = pipeline_service.update(pipeline) post_save_pipeline(pipeline, pipeline_service) return pipeline