예제 #1
0
def add_members(
        organization_id: int,
        *,
        invites: List[UserInvite] = Body(...),
        auth=Depends(authorization("organizations:add_members")),
        db: Session = Depends(get_db),
        current_user: User = Depends(get_current_user),
):
    try:
        members = crud.organization.get_members(db, id=organization_id)

        users_to_add = (invite for invite in invites
                        if invite.email not in (u.get("email")
                                                for u in members))

        for invite in users_to_add:
            user_in_db = user.get_by_email(db, email=invite.email)
            role = invite.role if invite.role else "guest"

            if not user_in_db:
                user_in_db = user.create(
                    db,
                    obj_in=UserCreate(
                        full_name=invite.full_name,
                        email=invite.email,
                        password=pwd.genword(),
                    ),
                )
            else:
                organization_in_db = crud.organization.get(db,
                                                           id=organization_id)

                if organization_in_db:
                    send_new_invitation_email_task.delay(
                        full_name=user_in_db.full_name,
                        email_to=user_in_db.email,
                        organization=organization_in_db.name,
                        role=role)

            enforcer.add_role_for_user_in_domain(
                str(user_in_db.id),
                role,
                str(organization_id),
            )
            enforcer.load_policy()

        return [
            user for user in get_members(
                organization_id, auth=auth, db=db, current_user=current_user)
            if user.get("email") in (invite.email for invite in invites)
        ]
    except Exception as e:
        logging.error(e)
예제 #2
0
def create_organization_root_node(
    *,
    db: Session = Depends(get_db),
    organization_in: OrganizationCreateRoot,
    current_user: User = Depends(get_current_user),
) -> Optional[Organization]:
    """
    Create a new **root node for organizations tree**;
    
    If `owner_email` is present organization tree ownership will be affected to *existing or newly created user*,
    else organizations tree ownership will be affected to *superuser*.
    """
    if not current_user.is_superuser:
        raise HTTPException(
            status_code=403,
            detail="You are not authorized to perform this action.")
    new_organization_root_node = organization.create_root(
        db, obj_in=organization_in).to_schema()
    if organization_in.owner_email:
        user_in_db = user.get_by_email(db, email=organization_in.owner_email)
        if not user_in_db:
            user_in_db = user.create(
                db,
                obj_in=UserCreate(
                    full_name=organization_in.owner_email.split("@")[0],
                    email=organization_in.owner_email,
                    password=pwd.genword(),
                ),
            )
        if new_organization_root_node:
            send_new_invitation_email_task.delay(
                full_name=user_in_db.full_name,
                email_to=user_in_db.email,
                organization=new_organization_root_node.name,
                role="owner")
            enforcer.add_role_for_user_in_domain(
                str(user_in_db.id), "owner",
                str(new_organization_root_node.id))
            enforcer.load_policy()
    else:
        enforcer.add_role_for_user_in_domain(
            str(current_user.id), "owner", str(new_organization_root_node.id))
        enforcer.load_policy()
    current_roles = enforcer.get_roles_for_user_in_domain(
        str(current_user.id), str(new_organization_root_node.id))
    if len(current_roles) > 0:
        new_organization_root_node.current_user_role = current_roles[0]
    if current_user.is_superuser:
        new_organization_root_node.current_user_role = 'admin'
    # new_organization_root_node.current_user_role = current_roles[0]
    return new_organization_root_node
예제 #3
0
def create_user(*, db: Session = Depends(get_db), user_in: UserCreate):
    """
    Create new user.
    """
    user = crud_user.get_by_email(db, email=user_in.email)
    if user:
        raise HTTPException(status_code=HTTP_400_BAD_REQUEST,
                            detail="Email already registered")
    user = crud_user.create(db=db, user_in=user_in)
    if config.EMAILS_ENABLED and user_in.email:
        send_new_account_email(email_to=user_in.email,
                               username=user_in.email,
                               password=user_in.password)
    return user
예제 #4
0
def init_db(db_session):
    # Tables should be created with Alembic migrations
    # But if you don't want to use migrations, create
    # the tables un-commenting the next line
    # Base.metadata.create_all(bind=engine)

    user = crud_user.get_by_email(db_session, email=config.FIRST_SUPERUSER)
    if not user:
        user_in = UserCreate(
            full_name='Admin',
            email=config.FIRST_SUPERUSER,
            password=config.FIRST_SUPERUSER_PASSWORD,
            is_superuser=True,
        )
        user = crud_user.create(db_session, user_in=user_in)
예제 #5
0
def create_user(user_create: UserCreate, db=Depends(get_db)):
    """Register a new user. Email, CPF and PIS must be valid and not yet registered"""
    db_user = get_by_cpf(db, user_create.cpf)
    if db_user:
        raise HTTPException(status_code=400, detail="CPF already registered")

    db_user = get_by_pis(db, user_create.pis)
    if db_user:
        raise HTTPException(status_code=400, detail="PIS already registered")

    db_user = get_by_email(db, user_create.email)
    if db_user:
        raise HTTPException(status_code=400, detail="Email already registered")

    return create(db, user_create)
예제 #6
0
def register_new_user(*, db: Session = Depends(get_db), user_in: UserCreate):
    user_in_db = user.get_by_email(db, email=user_in.email)

    if user_in_db:
        raise HTTPException(
            status_code=status.HTTP_400_BAD_REQUEST,
            detail="The user with this username already exists in the system.",
        )

    user_in_db = user.create(db, obj_in=user_in)

    send_new_registration_email_task.delay(user_in.email, user_in.full_name,
                                           user_in.password)

    generate_and_insert_registration_link_task.delay(user_in_db.id)

    return {"msg": "User created"}
예제 #7
0
def init_db(db_session):
    # Tables should be created with Alembic migrations
    # But if you don't want to use migrations, create
    # the tables un-commenting the next line
    # Base.metadata.create_all(bind=engine)
    user = db_user.get_by_email(db_session, email=config.FIRST_SUPERUSER_EMAIL)
    if not user:
        user_in = UserCreate(username=config.FIRST_SUPERUSER,
                             full_name=config.FIRST_SUPERUSER_FULLNAME,
                             email=config.FIRST_SUPERUSER_EMAIL,
                             password=get_password_hash(
                                 config.FIRST_SUPERUSER_PASSWORD),
                             document="01311104542",
                             phone_number="9023819283",
                             is_superuser=True,
                             is_active=True)
        user = db_user.create(db_session, user_in=user_in)
예제 #8
0
def password_recovery(email: str, db: Session = Depends(get_db)) -> Any:
    """
    Password Recovery
    """

    user_in_db = user.get_by_email(db, email=email)

    if user_in_db:
        tokens = generate_access_token_and_refresh_token_response(
            user_id=user_in_db.id, is_superuser=user_in_db.is_superuser)

        send_reset_password_email(
            email_to=user_in_db.email,
            username=user_in_db.full_name,
            token=tokens["access_token"],
        )

        return {"msg": "Password recovery email sent"}
    else:
        raise HTTPException(
            status_code=404,
            detail="The user with this username does not exist in the system.",
        )
예제 #9
0
def create_user(
        *,
        db: Session = Depends(get_db),
        user_in: UserCreate,
        current_user: User = Depends(get_current_user_if_is_superuser),
) -> Any:
    """
    Create new user.
    """
    user_in_db = user.get_by_email(db, email=user_in.email)
    if user_in_db:
        raise HTTPException(
            status_code=400,
            detail="The user with this username already exists in the system.",
        )
    user_in_db = user.create(db, obj_in=user_in)
    # if settings.EMAILS_ENABLED and user_in.email:
    #     send_new_account_email(
    #         email_to=user_in.email,
    #         username=user_in.email,
    #         password=user_in.password
    #     )
    return user_in_db
예제 #10
0
def init_db(db: Session) -> None:
    # Tables should be created with Alembic migrations
    # But if you don't want to use migrations, create
    # the tables un-commenting the next line
    # Base.metadata.create_all(bind=engine)

    # insert_organizations(db=db)

    organization_in_db = organization.get_by_name(db,
                                                  name=settings.ORGANIZATION)

    if not organization_in_db:
        organization_in = OrganizationCreate(name=settings.ORGANIZATION,
                                             slug=slug.slug(
                                                 settings.ORGANIZATION),
                                             mode="private")
        organization_in_db = organization.create(db, obj_in=organization_in)

    user_in_db = user.get_by_email(db, email=settings.FIRST_SUPERUSER)

    if not user_in_db:
        user_in = UserCreate(
            full_name=settings.FIRST_SUPERUSER_FULLNAME,
            email=settings.FIRST_SUPERUSER,
            password=settings.FIRST_SUPERUSER_PASSWORD,
        )

        user_in_db = user.create(db, obj_in=user_in)  # noqa: F841
        user_in_db.is_superuser = True
        user_in_db.is_verified = True
        db.add(user_in_db)
        db.commit()
        db.refresh(user_in_db)

    if len(enforcer.get_roles_for_user_in_domain("1", "1")) == 0:
        enforcer.add_role_for_user_in_domain("1", "admin", "1")