def reset_token_value(service_id):
confirm_service_admin(service_id)
service = Service.query.get(service_id)
token = generate_token()
service.hashed_token = secure_hash(token)
db.session.merge(service)
return {"token_value": token}, 200
def delete_service_invitation(id):
service_invitation = _service_invitation_query() \
.filter(ServiceInvitation.id == id) \
.one()
confirm_service_admin(service_invitation.service_id)
return delete(ServiceInvitation, id)
def service_invites():
data = current_request.get_json()
service_id = data["service_id"]
confirm_service_admin(service_id)
administrators = data.get("administrators", [])
message = data.get("message", None)
intended_role = "admin"
service = Service.query.get(service_id)
user = User.query.get(current_user_id())
for administrator in administrators:
invitation = ServiceInvitation(hash=generate_token(), message=message, invitee_email=administrator,
service=service, user=user, created_by=user.uid,
intended_role=intended_role, expiry_date=default_expiry_date(json_dict=data))
invitation = db.session.merge(invitation)
mail_service_invitation({
"salutation": "Dear",
"invitation": invitation,
"base_url": current_app.app_config.base_url,
"wiki_link": current_app.app_config.wiki_link,
"recipient": administrator
}, service, [administrator])
return None, 201
def delete_all():
data = current_request.get_json()
service_id = int(data["service_id"])
confirm_service_admin(service_id)
ServiceAup.query.filter(ServiceAup.service_id == service_id).delete()
return {}, 201
def reset_ldap_password(service_id):
confirm_service_admin(service_id)
service = Service.query.get(service_id)
password = "".join(random.sample(string.ascii_lowercase + string.digits + "_,./~=+@*-", k=32))
hashed = sha512_crypt.using(rounds=100_000).hash(password)
service.ldap_password = hashed
db.session.merge(service)
return {"ldap_password": password}, 200
def delete_service_membership(service_id, user_id):
confirm_service_admin(service_id)
memberships = ServiceMembership.query \
.filter(ServiceMembership.service_id == service_id) \
.filter(ServiceMembership.user_id == user_id) \
.all()
for membership in memberships:
db.session.delete(membership)
return (None, 204) if len(memberships) > 0 else (None, 404)
def abbreviation_exists():
abbreviation = query_param("abbreviation")
existing_service = query_param("existing_service", required=False, default="")
service = Service.query.options(load_only("id")) \
.filter(func.lower(Service.abbreviation) == func.lower(abbreviation)) \
.filter(func.lower(Service.abbreviation) != func.lower(existing_service)) \
.first()
if service:
confirm_service_admin(service.id)
return service is not None, 200
def entity_id_exists():
entity_id = query_param("entity_id")
existing_service = query_param("existing_service", required=False, default="")
service = Service.query.options(load_only("id")) \
.filter(func.lower(Service.entity_id) == func.lower(entity_id)) \
.filter(func.lower(Service.entity_id) != func.lower(existing_service)) \
.first()
if service:
confirm_service_admin(service.id)
return service is not None, 200
def do_resend(service_invitation_id):
service_invitation = _service_invitation_query() \
.filter(ServiceInvitation.id == service_invitation_id) \
.one()
confirm_service_admin(service_invitation.service_id)
service_invitation.expiry_date = default_expiry_date()
service_invitation.created_at = datetime.date.today(),
service_invitation = db.session.merge(service_invitation)
mail_service_invitation({
"salutation": "Dear",
"invitation": service_invitation,
"base_url": current_app.app_config.base_url,
"recipient": service_invitation.invitee_email
}, service_invitation.service, [service_invitation.invitee_email])
def update_service():
data = current_request.get_json()
service_id = data["id"]
confirm_service_admin(service_id)
validate_ip_networks(data)
_token_validity_days(data)
cleanse_short_name(data, "abbreviation")
service = Service.query.get(service_id)
if not is_application_admin() and is_service_admin(service_id):
forbidden = ["white_listed", "non_member_users_access_allowed", "token_enabled", "token", "entity_id"]
for attr in [fb for fb in forbidden if fb in data]:
data[attr] = getattr(service, attr)
res = update(Service, custom_json=data, allow_child_cascades=False, allowed_child_collections=["ip_networks"])
service = res[0]
service.ip_networks
return res