コード例 #1
0
ファイル: affiliation.py プロジェクト: saravanpa-aot/sbc-auth
    def create_affiliation(org_id, business_identifier, pass_code=None):
        """Create an Affiliation."""
        # Validate if org_id is valid by calling Org Service.
        current_app.logger.info(
            f'<create_affiliation org_id:{org_id} business_identifier:{business_identifier}'
        )
        org = OrgService.find_by_org_id(org_id,
                                        allowed_roles=ALL_ALLOWED_ROLES)
        if org is None:
            raise BusinessException(Error.DATA_NOT_FOUND, None)

        entity = EntityService.find_by_business_identifier(business_identifier,
                                                           skip_auth=True)
        if entity is None:
            raise BusinessException(Error.DATA_NOT_FOUND, None)
        current_app.logger.debug('<create_affiliation entity found')
        entity_id = entity.identifier

        authorized = True
        already_claimed = False

        # Authorized if the entity has been claimed
        if entity.as_dict()['pass_code_claimed']:
            authorized = False
            already_claimed = True

        # If a passcode was provided...
        elif pass_code:
            # ... and the entity has a passcode on it, check that they match
            authorized = validate_passcode(pass_code, entity.pass_code)
        # If a passcode was not provided...
        else:
            # ... check that the entity does not have a passcode protecting it
            if entity.pass_code:
                authorized = False

        if not authorized:
            # show a different message when the passcode is already claimed
            if already_claimed:
                current_app.logger.debug(
                    '<create_affiliation passcode already claimed')
                raise BusinessException(Error.ALREADY_CLAIMED_PASSCODE, None)
            current_app.logger.debug('<create_affiliation not authorized')
            raise BusinessException(Error.INVALID_USER_CREDENTIALS, None)
        current_app.logger.debug('<create_affiliation find affiliation')
        # Ensure this affiliation does not already exist
        affiliation = AffiliationModel.find_affiliation_by_org_and_entity_ids(
            org_id, entity_id)
        if affiliation is not None:
            raise BusinessException(Error.DATA_ALREADY_EXISTS, None)

        affiliation = AffiliationModel(org_id=org_id, entity_id=entity_id)
        affiliation.save()

        entity.set_pass_code_claimed(True)
        publish_activity(
            f'{ActivityAction.CREATE_AFFILIATION.value}-{entity.name}',
            entity.name, entity_id, org_id)
        return Affiliation(affiliation)
コード例 #2
0
    def create_affiliation(org_id,
                           business_identifier,
                           pass_code=None,
                           token_info: Dict = None):
        """Create an Affiliation."""
        # Validate if org_id is valid by calling Org Service.
        current_app.logger.info(
            f'<create_affiliation org_id:{org_id} business_identifier:{business_identifier}'
        )
        org = OrgService.find_by_org_id(org_id,
                                        token_info=token_info,
                                        allowed_roles=CLIENT_AUTH_ROLES)
        if org is None:
            raise BusinessException(Error.DATA_NOT_FOUND, None)

        entity = EntityService.find_by_business_identifier(business_identifier,
                                                           skip_auth=True)
        if entity is None:
            raise BusinessException(Error.DATA_NOT_FOUND, None)
        current_app.logger.debug('<create_affiliation entity found')
        entity_id = entity.identifier

        authorized = True

        # Authorized if the entity has been claimed
        if entity.as_dict()['passCodeClaimed']:
            authorized = False

        # If a passcode was provided...
        elif pass_code:
            # ... and the entity has a passcode on it, check that they match
            authorized = validate_passcode(pass_code, entity.pass_code)
        # If a passcode was not provided...
        else:
            # ... check that the entity does not have a passcode protecting it
            if entity.pass_code:
                authorized = False

        if not authorized:
            current_app.logger.debug('<create_affiliation not authorized')
            raise BusinessException(Error.INVALID_USER_CREDENTIALS, None)
        current_app.logger.debug('<create_affiliation find affiliation')
        # Ensure this affiliation does not already exist
        affiliation = AffiliationModel.find_affiliation_by_org_and_entity_ids(
            org_id, entity_id)
        if affiliation is not None:
            raise BusinessException(Error.DATA_ALREADY_EXISTS, None)

        # Retrieve entity name from Legal-API and update the entity with current name
        # TODO: Create subscription to listen for future name updates
        current_app.logger.debug('<create_affiliation sync_name')
        entity.sync_name()

        affiliation = AffiliationModel(org_id=org_id, entity_id=entity_id)
        affiliation.save()
        entity.set_pass_code_claimed(True)
        current_app.logger.debug('<create_affiliation affiliated')

        return Affiliation(affiliation)
コード例 #3
0
def test_validate_passcode_fail():
    """Assert that passcode can be validate."""
    pass_code: str = '111111111'
    hashed_pass_code: str = passcode.passcode_hash(pass_code)
    checked_pass_code: str = '222222222'
    validated: bool = passcode.validate_passcode(checked_pass_code,
                                                 hashed_pass_code)
    assert not validated
コード例 #4
0
def test_validate_passcode_empty_input():
    """Assert that passcode can be validate."""
    pass_code: str = '111111111'
    hashed_pass_code: str = passcode.passcode_hash(pass_code)
    checked_pass_code: str = None
    validated: bool = passcode.validate_passcode(checked_pass_code,
                                                 hashed_pass_code)
    assert not validated
コード例 #5
0
    def create_affiliation(org_id, business_identifier, pass_code=None, bearer_token=None):
        """Create an Affiliation."""
        # Validate if org_id is valid by calling Org Service.
        current_app.logger.info(f'<create_affiliation org_id:{org_id} business_identifier:{business_identifier}')
        org = OrgService.find_by_org_id(org_id, allowed_roles=ALL_ALLOWED_ROLES)
        if org is None:
            raise BusinessException(Error.DATA_NOT_FOUND, None)

        entity = EntityService.find_by_business_identifier(business_identifier, skip_auth=True)
        if entity is None:
            raise BusinessException(Error.DATA_NOT_FOUND, None)
        current_app.logger.debug('<create_affiliation entity found')
        entity_id = entity.identifier
        entity_type = entity.corp_type

        authorized = True

        if entity_type in ['SP', 'GP']:
            if not pass_code:
                authorized = False
            else:
                authorized = Affiliation._validate_firms_party(bearer_token, business_identifier, pass_code)
        else:
            # Unauthorized if the entity has been claimed
            # Leaving the code as it may come back. Removing as part of #8863
            # if entity.as_dict()['pass_code_claimed']:
            #     authorized = False
            #     already_claimed = True
            # If a passcode was provided...
            if pass_code:
                # ... and the entity has a passcode on it, check that they match
                authorized = validate_passcode(pass_code, entity.pass_code)
            # If a passcode was not provided...
            else:
                # ... check that the entity does not have a passcode protecting it
                if entity.pass_code:
                    authorized = False

        # show a different message when the passcode is already claimed
        # if already_claimed:
        #     current_app.logger.debug('<create_affiliation passcode already claimed')
        #     raise BusinessException(Error.ALREADY_CLAIMED_PASSCODE, None)

        if not authorized:
            current_app.logger.debug('<create_affiliation not authorized')
            raise BusinessException(Error.INVALID_USER_CREDENTIALS, None)

        current_app.logger.debug('<create_affiliation find affiliation')
        # Ensure this affiliation does not already exist
        affiliation = AffiliationModel.find_affiliation_by_org_and_entity_ids(org_id, entity_id)
        if affiliation is not None:
            raise BusinessException(Error.DATA_ALREADY_EXISTS, None)

        affiliation = AffiliationModel(org_id=org_id, entity_id=entity_id)
        affiliation.save()

        if entity_type not in ['SP', 'GP']:
            entity.set_pass_code_claimed(True)
        if entity_type != CorpType.RTMP.value:
            name = entity.name if len(entity.name) > 0 else entity.business_identifier
            ActivityLogPublisher.publish_activity(Activity(org_id, ActivityAction.CREATE_AFFILIATION.value,
                                                           name=name, id=entity.business_identifier))
        return Affiliation(affiliation)