예제 #1
0
def create_user(db_session, user: User, requester):
    """
    Create a new user.
    :param db_session: The postgres db session to be used
    :param user: User The user to be created. This is a simple dictionary with all 'fillable' field
                 listed in Models.User class.
    :param requester: Who is creating this user. This is a dictionary with two keys:
                      "userid" and "username"
    :return: The result of creating this user.
    :raises HTTPRequestError: If username is already in use
    :raises HTTPRequestError: If e-mail is already in use
    :raises HTTPRequestError: If any problem occurs while configuring Kong
    """
    # Drop invalid fields
    user = {k: user[k] for k in user if k in User.fillable}
    LOGGER.debug("Checking user data...")
    check_user(user)
    LOGGER.debug("... user data is OK.")

    if not user.get('profile', ""):
        raise HTTPRequestError(400, "Missing profile")
    if len(user['profile']) > UserLimits.profile:
        raise HTTPRequestError(400, "Profile name too long")

    # Sanity checks
    # Check whether username and e-mail are unique.
    LOGGER.debug("Checking whether user already exist...")
    if db_session.query(
            User.id).filter_by(username=user['username']).one_or_none():
        LOGGER.warning("User already exists.")
        raise HTTPRequestError(400, f"Username {user['username']} is in use.")
    LOGGER.debug("... user doesn't exist.")

    LOGGER.debug("Checking whether user e-mail is already being used...")
    if db_session.query(User.id).filter_by(email=user['email']).one_or_none():
        LOGGER.warning("User e-mail is already being used.")
        raise HTTPRequestError(400, f"E-mail {user['email']} is in use.")

    LOGGER.debug("... user e-mail is not being used.")

    if conf.emailHost == 'NOEMAIL':
        user['salt'], user['hash'] = password.create_pwd(
            conf.temporaryPassword)

    # Last field to be filled automatically, before parsing
    user['created_by'] = requester['userid']

    # User structure is finished.
    LOGGER.debug("Creating user instance...")
    new_user = User(**user)
    LOGGER.debug("... user instance was created.")
    LOGGER.debug(
        f"User data is: {user['username']} created by {requester['username']}")

    # If no problems occur to create user (no exceptions), configure kong
    LOGGER.debug("Configuring Kong...")
    kong_data = kongUtils.configure_kong(new_user.username)
    if kong_data is None:
        LOGGER.warning("Could not configure Kong.")
        raise HTTPRequestError(500,
                               'failed to configure verification subsystem')
    LOGGER.debug("... Kong was successfully configured.")
    new_user.secret = kong_data['secret']
    new_user.key = kong_data['key']
    new_user.kongId = kong_data['kongid']

    # Add the new user to the database
    LOGGER.debug("Adding new user to database session...")
    db_session.add(new_user)
    LOGGER.debug("... new user was added to database session.")
    LOGGER.debug("Committing database changes...")
    db_session.commit()
    LOGGER.debug("... database changes were committed.")

    # Configuring groups and user profiles
    group_success = []
    group_failed = []
    LOGGER.debug("Configuring user profile...")
    if 'profile' in user.keys():
        group_success, group_failed = rship. \
            add_user_many_groups(db_session, new_user.id,
                                 user['profile'], requester)
        db_session.commit()
    LOGGER.debug("... user profile was configured.")

    LOGGER.debug("Configuring user password...")
    if conf.emailHost != 'NOEMAIL':
        try:
            pwdc.create_password_set_request(db_session, new_user)
            db_session.commit()
        except Exception as e:
            LOGGER.warning(e)
    LOGGER.debug("... user password was configured.")

    LOGGER.debug("Sending tenant creation message to other components...")
    if count_tenant_users(db_session, new_user.service) == 1:
        LOGGER.info(
            f"Will emit tenant lifecycle event {new_user.service} - CREATE")
        Publisher.send_notification({
            "type": 'CREATE',
            'tenant': new_user.service
        })

    LOGGER.debug("... tenant creation message was sent.")
    ret = {
        "user": new_user.safe_dict(),
        "groups": group_success,
        "could not add": group_failed,
        "message": "user created"
    }
    return ret
예제 #2
0
def create_user(db_session, user: User, requester):
    """
    Create a new user.
    :param db_session: The postgres db session to be used
    :param user: User The user to be created. This is a simple dictionary with all 'fillable' field
                 listed in Models.User class.
    :param requester: Who is creating this user. This is a dictionary with two keys:
                      "userid" and "username"
    :return: The result of creating this user.
    :raises HTTPRequestError: If username is already in use
    :raises HTTPRequestError: If e-mail is already in use
    :raises HTTPRequestError: If any problem occurs while configuring Kong
    """
    # Drop invalid fields
    user = {k: user[k] for k in user if k in User.fillable}
    check_user(user)

    # Sanity checks
    # Check whether username and e-mail are unique.
    if db_session.query(
            User.id).filter_by(username=user['username']).one_or_none():
        raise HTTPRequestError(400, f"Username {user['username']} is in use.")

    if db_session.query(User.id).filter_by(email=user['email']).one_or_none():
        raise HTTPRequestError(400, f"E-mail {user['email']} is in use.")

    if conf.emailHost == 'NOEMAIL':
        user['salt'], user['hash'] = password.create_pwd(
            conf.temporaryPassword)

    # Last field to be filled automatically, before parsing
    user['created_by'] = requester['userid']

    # User structure is finished.
    new_user = User(**user)
    log().info(f"User {user['username']} created by {requester['username']}")
    log().info(new_user)

    # If no problems occur to create user (no exceptions), configure kong
    kong_data = kongUtils.configure_kong(new_user.username)
    if kong_data is None:
        raise HTTPRequestError(500,
                               'failed to configure verification subsystem')
    new_user.secret = kong_data['secret']
    new_user.key = kong_data['key']
    new_user.kongId = kong_data['kongid']

    # Add the new user to the database
    db_session.add(new_user)
    db_session.commit()

    # Configuring groups and user profiles
    group_success = []
    group_failed = []
    if 'profile' in user.keys():
        group_success, group_failed = rship. \
            add_user_many_groups(db_session, new_user.id,
                                 user['profile'], requester)
        db_session.commit()
    if conf.emailHost != 'NOEMAIL':
        pwdc.create_password_set_request(db_session, new_user)
        db_session.commit()

    if count_tenant_users(db_session, new_user.service) == 1:
        log().info(
            f"Will emit tenant lifecycle event {new_user.service} - CREATE")
        send_notification({"type": 'CREATE', 'tenant': new_user.service})

    ret = {
        "user": new_user.safe_dict(),
        "groups": group_success,
        "could not add": group_failed,
        "message": "user created"
    }
    return ret