def reset_passcode(business_identifier: str,
email_addresses: str = None,
token_info: Dict = None):
"""Reset the entity passcode and send email."""
check_auth(token_info,
one_of_roles=ALL_ALLOWED_ROLES,
business_identifier=business_identifier)
current_app.logger.debug(
'reset passcode identifier:{}; token:{}'.format(
business_identifier, token_info))
entity: EntityModel = EntityModel.find_by_business_identifier(
business_identifier)
# generate passcode and set
new_pass_code = ''.join(
secrets.choice(string.digits) for i in range(9))
entity.pass_code = passcode_hash(new_pass_code)
entity.pass_code_claimed = False
entity.save()
if email_addresses:
mailer_payload = dict(emailAddresses=email_addresses,
passCode=new_pass_code,
businessIdentifier=business_identifier,
businessName=entity.name,
isStaffInitiated=Role.STAFF.value
in token_info.get('roles'))
publish_to_mailer(notification_type='resetPasscode',
business_identifier=business_identifier,
data=mailer_payload)
entity = Entity(entity)
return entity
def update_entity(business_identifier: str,
entity_info: dict,
token_info: Dict = None):
"""Update an entity from the given dictionary.
Completely replaces the entity including the business identifier
"""
if not entity_info or not business_identifier:
return None
# todo No memberhsip created at this point. check_auth wont work.ideally we shud put the logic in here
# check_auth(token_info, one_of_roles=allowed_roles, business_identifier=business_identifier)
entity = EntityModel.find_by_business_identifier(business_identifier)
if entity is None or entity.corp_type_code is None:
raise BusinessException(Error.DATA_NOT_FOUND, None)
# if entity.corp_type_code != token_info.get('corp_type', None):
# raise BusinessException(Error.INVALID_USER_CREDENTIALS, None)
is_system = token_info and Role.SYSTEM.value in token_info.get(
'realm_access').get('roles')
if is_system:
if entity_info.get('passCode') is not None:
entity_info['passCode'] = passcode_hash(
entity_info['passCode'])
entity.update_from_dict(**camelback2snake(entity_info))
entity.commit()
entity = Entity(entity)
return entity
def reset_passcode(business_identifier: str, email_addresses: str = None, **kwargs):
"""Reset the entity passcode and send email."""
user_from_context: UserContext = kwargs['user_context']
check_auth(one_of_roles=ALL_ALLOWED_ROLES, business_identifier=business_identifier)
current_app.logger.debug(f'reset passcode identifier:{business_identifier}')
entity: EntityModel = EntityModel.find_by_business_identifier(business_identifier)
# generate passcode and set
new_pass_code = ''.join(secrets.choice(string.digits) for i in range(9))
entity.pass_code = passcode_hash(new_pass_code)
entity.pass_code_claimed = False
entity.save()
if email_addresses:
mailer_payload = dict(
emailAddresses=email_addresses,
passCode=new_pass_code,
businessIdentifier=business_identifier,
businessName=entity.name,
isStaffInitiated=user_from_context.is_staff()
)
publish_to_mailer(
notification_type='resetPasscode', business_identifier=business_identifier, data=mailer_payload
)
entity = Entity(entity)
return entity
def update_entity(business_identifier: str, entity_info: dict, **kwargs):
"""Update an entity from the given dictionary.
Completely replaces the entity including the business identifier
"""
if not entity_info or not business_identifier:
return None
user_from_context: UserContext = kwargs['user_context']
# todo No memberhsip created at this point. check_auth wont work.ideally we shud put the logic in here
# check_auth(token_info, one_of_roles=allowed_roles, business_identifier=business_identifier)
entity = EntityModel.find_by_business_identifier(business_identifier)
if entity is None or entity.corp_type_code is None:
raise BusinessException(Error.DATA_NOT_FOUND, None)
# if entity.corp_type_code != token_info.get('corp_type', None):
# raise BusinessException(Error.INVALID_USER_CREDENTIALS, None)
if user_from_context.is_system():
if entity_info.get('passCode') is not None:
entity_info['passCode'] = passcode_hash(entity_info['passCode'])
# Small mapping from state -> status. EX in LEAR: Business.State.HISTORICAL
if 'state' in entity_info:
entity_info['status'] = entity_info['state']
del entity_info['state']
entity.update_from_dict(**camelback2snake(entity_info))
entity.commit()
entity = Entity(entity)
return entity
def test_validate_passcode_fail():
"""Assert that passcode can be validate."""
pass_code: str = '111111111'
hashed_pass_code: str = passcode.passcode_hash(pass_code)
checked_pass_code: str = '222222222'
validated: bool = passcode.validate_passcode(checked_pass_code,
hashed_pass_code)
assert not validated
def test_validate_passcode_empty_input():
"""Assert that passcode can be validate."""
pass_code: str = '111111111'
hashed_pass_code: str = passcode.passcode_hash(pass_code)
checked_pass_code: str = None
validated: bool = passcode.validate_passcode(checked_pass_code,
hashed_pass_code)
assert not validated
def create_from_dict(cls, entity_info: dict):
"""Create a new Entity from the provided dictionary."""
if entity_info:
entity = Entity(**camelback2snake(entity_info))
entity.pass_code = passcode_hash(entity.pass_code)
current_app.logger.debug(
'Creating entity from dictionary {}'.format(entity_info))
entity.save()
return entity
return None
def save_entity(entity_info: dict):
"""Create/update an entity from the given dictionary."""
if not entity_info:
return None
existing_entity = EntityModel.find_by_business_identifier(entity_info['businessIdentifier'])
if existing_entity is None:
entity_model = EntityModel.create_from_dict(entity_info)
else:
# TODO temporary allow update passcode, should replace with reset passcode endpoint.
entity_info['passCode'] = passcode_hash(entity_info['passCode'])
existing_entity.update_from_dict(**camelback2snake(entity_info))
entity_model = existing_entity
entity_model.commit()
entity = Entity(entity_model)
return entity
def test_passcode_hash_different():
"""Assert that the same passcode get different hash value by multiple running."""
pass_code: str = '111111111'
hashed_pass_code: str = passcode.passcode_hash(pass_code)
hashed_pass_code2: str = passcode.passcode_hash(pass_code)
assert hashed_pass_code != hashed_pass_code2
def test_passcode_hash_fail():
"""Assert that passcode can be hash."""
pass_code: str = None
hashed_pass_code: str = passcode.passcode_hash(pass_code)
assert hashed_pass_code is None
def test_passcode_hash():
"""Assert that passcode can be hashed."""
pass_code: str = '111111111'
hashed_pass_code: str = passcode.passcode_hash(pass_code)
assert hashed_pass_code
