async def get_all_operations(request, user):
# we already get this information populated as part of our user authentication
output = []
if user['admin']:
db_ops = await db_objects.execute(Operation.select())
operations = [o.name for o in db_ops]
else:
operations = user['operations']
for op in operations:
data = {}
# for each operation you're a member of, get all members and the admin name
operation = await db_objects.get(Operation, name=op)
data['admin'] = operation.admin.username
data['members'] = [data['admin']]
operationmap = await db_objects.execute(
OperatorOperation.select().where(
OperatorOperation.operation == operation))
for map in operationmap:
o = await db_objects.get(Operator, id=map.operator)
if o.username not in data['members']:
data['members'].append(o.username)
data['name'] = op
data['complete'] = operation.complete
output.append(data)
return json(output)
async def retrieve_user(request, payload, *args, **kwargs):
user_id = None
if payload:
user_id = payload.get('user_id', None)
try:
user = await db_objects.get(Operator, id=user_id)
user_json = user.to_json()
operationmap = await db_objects.execute(
OperatorOperation.select().where(
OperatorOperation.operator == user))
operations = []
for operation in operationmap:
op = await db_objects.get(Operation, id=operation.operation)
operations.append(op.name)
admin_operations = await db_objects.execute(
Operation.select().where(Operation.admin == user))
admin_ops = []
for op in admin_operations:
admin_ops.append(op.name)
if user_json['current_operation'] != "" and user_json[
'current_operation'] != 'null':
links['current_operation'] = user.current_operation.name
else:
links['current_operation'] = ""
user_json['current_operation'] = ""
return {
**user_json, "user_id": user.id,
"operations": operations,
"admin_operations": admin_ops
}
except Exception as e:
print("failed to get user in retrieve_user")
print(e)
raise exceptions.AuthenticationFailed("Delete your cookies")
async def retrieve_user(request, payload, *args, **kwargs):
user_id = None
if payload:
user_id = payload.get('user_id', None)
try:
user = await db_objects.get(Operator, id=user_id)
user_json = user.to_json()
operationmap = await db_objects.execute(
OperatorOperation.select().where(
OperatorOperation.operator == user))
operations = []
for operation in operationmap:
op = await db_objects.get(Operation, id=operation)
operations.append(op.name)
admin_operations = await db_objects.execute(
Operation.select().where(Operation.admin == user))
admin_ops = []
for op in admin_operations:
admin_ops.append(op.name)
return {
**user_json, "user_id": user.id,
"operations": operations,
"admin_operations": admin_ops
}
except Exception as e:
print("failed to get user in retrieve_user")
return {}
async def get_comments_by_operator_in_current_operation(request, user):
try:
operation = await db_objects.get(Operation, name=user['current_operation'])
operator_operation = await db_objects.execute(OperatorOperation.select().where(OperatorOperation.operation == operation))
except Exception as e:
return json({'status': 'error', 'error': 'failed to find operator or operation: ' + str(e)})
operators_list = []
for mapping in operator_operation:
operator = mapping.operator
tasks = await db_objects.execute(Task.select().where( (Task.comment_operator == operator) & (Task.comment != "")).join(Callback).where(Callback.operation == operation).order_by(Task.id))
callbacks = {}
for t in tasks:
responses = await db_objects.execute(Response.select().where(Response.task == t))
if t.callback.id not in callbacks:
callbacks[t.callback.id] = t.callback.to_json()
callbacks[t.callback.id]['tasks'] = []
callbacks[t.callback.id]['tasks'].append({**t.to_json(), "responses": [r.to_json() for r in responses]})
if len(callbacks.keys()) > 0:
operators_list.append({**operator.to_json(), 'callbacks': list(callbacks.values())})
return json({'status': 'success', 'operators': operators_list})
async def get_one_operation(request, user, op):
# get information about a single operation
# first confirm that this authenticated user as permission to view the op
# side effect is that we confirm if the op is real or not
op = unquote_plus(op)
if op in user['operations']:
# get all users associated with that operation and the admin
operators = []
operation = await db_objects.get(Operation, name=op)
operatorsmap = await db_objects.execute(
OperatorOperation.select().where(
OperatorOperation.operation == operation))
for operator in operatorsmap:
o = await db_objects.get(Operator, id=operator.operator)
operators.append(o.username)
status = {'status': 'success'}
return json({**operation.to_json(), "operators": operators, **status})
else:
return json({
"status": 'error',
'error': 'failed to find operation or not authorized'
})
async def add_scopes_to_payload(user, *args, **kwargs):
# return an array of scopes
scopes = []
try:
user = await db_objects.get(Operator, id=user['user_id'])
except Exception as e:
print(e)
return []
try:
operationsmap = await db_objects.execute(
OperatorOperation.select().where(
OperatorOperation.operator == user))
if user.admin:
scopes.append('admin')
for map in operationsmap:
# map is an OperatorOperation object that points to an operator and operation
# need to get that corresponding operation's name to add to our scope list
operation = await db_objects.get(Operation, id=map.operation)
scopes.append(operation.name)
return scopes
except Exception as e:
print(e)
return []
async def update_operation(request, user, op):
# this can change the name (assuming it's still unique), ['name']
# this can change the admin user assuming the person submitting is the current admin or overall admin ['admin']
# this can change the users ['add_users'], ['remove_users']
op = unquote_plus(op)
if op in user['admin_operations'] or user['admin']:
data = request.json
operation = await db_objects.get(Operation, name=op)
if not operation.complete:
if 'admin' in data:
try:
new_admin = await db_objects.get(Operator,
username=data['admin'])
operation.admin = new_admin
await db_objects.update(operation)
except Exception as e:
return json({
'status': 'error',
'error': 'failed to update the admin'
})
if 'add_users' in data:
for new_member in data['add_users']:
try:
operator = await db_objects.get(Operator,
username=new_member)
map = await db_objects.create(OperatorOperation,
operator=operator,
operation=operation)
except Exception as e:
return json({
'status':
'error',
'error':
'failed to add user to the operation'
})
if 'remove_users' in data:
for old_member in data['remove_users']:
try:
operator = await db_objects.get(Operator,
username=old_member)
operatoroperation = await db_objects.get(
OperatorOperation,
operator=operator,
operation=operation)
await db_objects.delete(operatoroperation)
except Exception as e:
return json({
'status':
'error',
'error':
'failed to remove user from operation. Were they a member?'
})
all_users = []
current_members = await db_objects.execute(
OperatorOperation.select().where(
OperatorOperation.operation == operation))
for mem in current_members:
member = await db_objects.get(Operator, id=mem.operator)
all_users.append(member.username)
if 'complete' in data:
operation.complete = data['complete']
await db_objects.update(operation)
return json({
'status': 'success',
'operators': all_users,
**operation.to_json()
})
else:
return json({
'status': 'error',
'error': 'operation is complete and cannot be modified'
})
else:
return json({
'status': 'error',
'error': 'not authorized to make the change'
})