def get_invitations_for_org(org_id, status=None, token_info: Dict = None):
"""Get invitations for an org."""
org_model = OrgModel.find_by_org_id(org_id)
if not org_model:
return None
if status:
status = InvitationStatus[status]
# If staff return full list
if 'staff' in token_info.get('realm_access').get('roles'):
return InvitationModel.find_pending_invitations_by_org(org_id)
current_user: UserService = UserService.find_by_jwt_token(token_info)
current_user_membership: MembershipModel = \
MembershipModel.find_membership_by_user_and_org(user_id=current_user.identifier, org_id=org_id)
# If no active membership return empty array
if current_user_membership is None or \
current_user_membership.status != Status.ACTIVE.value:
return []
# Ensure either ADMIN or COORDINATOR
if current_user_membership.membership_type_code == USER:
return []
return InvitationModel.find_invitations_by_org(org_id=org_id, status=status)
def get_invitations_for_org(org_id, status=None, **kwargs):
"""Get invitations for an org."""
user_from_context: UserContext = kwargs['user_context']
org_model = OrgModel.find_by_org_id(org_id)
if not org_model:
return None
if status:
status = InvitationStatus[status]
# If staff return full list
if user_from_context.is_staff():
return InvitationModel.find_pending_invitations_by_org(org_id)
current_user: UserService = UserService.find_by_jwt_token()
current_user_membership: MembershipModel = \
MembershipModel.find_membership_by_user_and_org(user_id=current_user.identifier, org_id=org_id)
# If no active membership return empty array
if current_user_membership is None or \
current_user_membership.status != Status.ACTIVE.value:
return []
# Ensure either ADMIN or COORDINATOR
if current_user_membership.membership_type_code == USER:
return []
return InvitationModel.find_invitations_by_org(org_id=org_id,
status=status)
def get(user_id):
"""Get info related to the user.
Currently returns the org details associated with the user.But later can be extended to applications etc
"""
token = g.jwt_oidc_token_info
# TODO make this check better.may be read from DB or something
if token.get('sub', None) != user_id:
return {
'message': 'Unauthorized'
}, http_status.HTTP_401_UNAUTHORIZED
try:
user = UserService.find_by_jwt_token(token)
if not user:
response, status = json.dumps([]), http_status.HTTP_200_OK
else:
all_settings = UserSettingsService.fetch_user_settings(
user.identifier)
response, status = jsonify(
UserSettingsSchema(
many=True).dump(all_settings)), http_status.HTTP_200_OK
except BusinessException:
response, status = json.dumps([]), http_status.HTTP_200_OK
return response, status
def get():
"""Return the user profile associated with the JWT in the authorization header."""
token = g.jwt_oidc_token_info
try:
response, status = UserService.find_by_jwt_token(token).as_dict(), http_status.HTTP_200_OK
except BusinessException as exception:
response, status = {'code': exception.code, 'message': exception.message}, exception.status_code
return response, status
def get(org_id):
"""Get the membership for the given org and user."""
token = g.jwt_oidc_token_info
try:
user = UserService.find_by_jwt_token(token)
if not user:
response, status = {'message': 'User not found.'}, http_status.HTTP_404_NOT_FOUND
else:
membership = MembershipService \
.get_membership_for_org_and_user_all_status(org_id=org_id, user_id=user.identifier)
response, status = MembershipSchema(exclude=['org']).dump(membership), http_status.HTTP_200_OK
except BusinessException as exception:
response, status = {'code': exception.code, 'message': exception.message}, exception.status_code
return response, status
def get():
"""Get a list of orgs that the current user is associated with."""
token = g.jwt_oidc_token_info
try:
user = UserService.find_by_jwt_token(token)
if not user:
response, status = {'message': 'User not found.'}, http_status.HTTP_404_NOT_FOUND
else:
all_orgs = OrgService.get_orgs(user.identifier)
orgs = OrgSchema().dump(
all_orgs, many=True)
response, status = jsonify({'orgs': orgs}), http_status.HTTP_200_OK
except BusinessException as exception:
response, status = {'code': exception.code, 'message': exception.message}, exception.status_code
return response, status
def get():
"""Get a list of orgs that the current user is associated with."""
token = g.jwt_oidc_token_info
if not token:
return {
'message': 'Authorization required.'
}, http_status.HTTP_401_UNAUTHORIZED
try:
user = UserService.find_by_jwt_token(token)
if not user:
response, status = {
'message': 'User not found.'
}, http_status.HTTP_404_NOT_FOUND
else:
response, status = jsonify(
user.get_orgs()), http_status.HTTP_200_OK
except BusinessException as exception:
response, status = {
'code': exception.code,
'message': exception.message
}, exception.status_code
return response, status
def get():
"""Get a list of orgs that the current user is associated with."""
token = g.jwt_oidc_token_info
try:
user = UserService.find_by_jwt_token(token)
if not user:
response, status = {'message': 'User not found.'}, http_status.HTTP_404_NOT_FOUND
else:
# response, status = jsonify(user.get_orgs()), http_status.HTTP_200_OK
all_orgs = OrgService.get_orgs(user.identifier)
exclude_fields = []
# only approved users should see entities..
# TODO when endpoints are separated into afilliations endpoint, this logic can be removed
if all_orgs:
if all_orgs[0].members and all_orgs[0].members[0].status != Status.ACTIVE.value:
exclude_fields.append('affiliated_entities')
orgs = OrgSchema(exclude=exclude_fields).dump(
all_orgs, many=True)
response, status = jsonify({'orgs': orgs}), http_status.HTTP_200_OK
except BusinessException as exception:
response, status = {'code': exception.code, 'message': exception.message}, exception.status_code
return response, status