def list_users(request, access_token):
conf = _get_config(request)
get = request.GET
starts_with = None
if 'startsWith' in get:
starts_with = get['startsWith']
client = UsersClient('https://' + conf['org'], config.get_api_key(request))
is_org_token = False
try:
token_obj = parse_bearer_token(access_token)
if token_obj['iss'] == 'https://{0}'.format(conf['org']):
is_org_token = True
except Exception as e:
print(e)
if is_org_token:
client.set_bearer_token(access_token)
users = client.list_users(15, starts_with)
else:
profile_dict = request.session['profile']
company_name = profile_dict.get('companyName')
if api_access_admin(conf, access_token):
users = client.list_users(15, starts_with)
elif api_access_company_admin(conf, access_token):
users = client.list_users_scoped(15, company_name, starts_with)
else:
return not_authorized(request)
response = HttpResponse()
response.status_code = 200
response.content = users
return response
def update_perm(request, access_token):
conf = _get_config(request)
req = request.POST
group_id = None
perms = None
if 'group_id' in req:
group_id = req['group_id']
if 'perms' in req:
perms = req['perms']
response = HttpResponse()
response.status_code = 200
if (api_access_admin(conf, access_token) or api_access_company_admin(conf, access_token))\
and group_id and group_id and perms:
if perms[-1:] == ',':
perms = perms[:-1]
perms = perms.split(',')
print(perms)
perm = {"profile": {"role_permissions": perms}}
client = AppsClient('https://' + conf['org'],
config.get_api_key(request), conf['aud'])
perms = client.update_app_group(group_id, perm)
response.content = perms
else:
return not_authorized(request)
return response
def update_perm(request, token):
req = request.POST
group_id = None
perms = None
if 'group_id' in req:
group_id = req['group_id']
if 'perms' in req:
perms = req['perms']
response = HttpResponse()
response.status_code = 200
if api_access_company_admin(token) and group_id and group_id and perms:
if perms[-1:] == ',':
perms = perms[:-1]
perms = perms.split(',')
print(perms)
perm = {"profile": {"role_permissions": perms}}
client = AppsClient('https://' + OKTA_ORG, API_KEY, CLIENT_ID)
perms = client.update_app_group(group_id, perm)
response.content = perms
else:
return not_authorized(request)
return response
def update_user(request, access_token):
conf = _get_config(request)
response = HttpResponse()
response.status_code = 200
if request.method == 'POST':
req = request.POST
if 'user_id' in req:
user_id = req['user_id']
email = ''
first_name = ''
last_name = ''
role = ''
company_name = ''
deactivate = None
if 'email' in req:
email = req['email']
if 'firstName' in req:
first_name = req['firstName']
if 'lastName' in req:
last_name = req['lastName']
if 'role' in req:
role = req['role']
if 'deactivate' in req:
deactivate = req['deactivate']
if 'companyName' in req:
company_name = req['companyName']
client = UsersClient('https://' + conf['org'],
config.get_api_key(request))
user = {
"profile": {
"firstName": first_name,
"lastName": last_name,
"email": email,
"login": email,
"customer_role": role,
"companyName": company_name
}
}
if api_access_admin(conf, access_token):
users = client.update_user(user=user,
user_id=user_id,
deactivate=deactivate)
elif api_access_company_admin(conf, access_token):
users = client.update_user(user=user,
user_id=user_id,
deactivate=deactivate)
else:
return not_authorized(request)
response.content = users
return response
def add_users(request, access_token):
conf = _get_config(request)
response = HttpResponse()
response.status_code = 200
if request.method == 'POST':
req = request.POST
email = ''
first_name = ''
last_name = ''
role = ''
activate = False
profile_dict = request.session['profile']
company_name = ''
if 'companyName' in profile_dict:
company_name = profile_dict.get('companyName')
if 'email' in req:
email = req['email']
if 'firstName' in req:
first_name = req['firstName']
if 'lastName' in req:
last_name = req['lastName']
if 'role' in req:
role = req['role']
if 'activate' in req:
activate = req['activate']
client = UsersClient('https://' + conf['org'],
config.get_api_key(request))
user = {
"profile": {
"firstName": first_name,
"lastName": last_name,
"email": email,
"login": email,
"customer_role": role,
"companyName": company_name
}
}
if api_access_admin(conf, access_token):
users = client.create_user(user=user, activate=activate)
elif api_access_company_admin(conf, access_token):
users = client.create_user(user=user, activate=activate)
else:
return not_authorized(request)
response.content = users
return response
def add_users(request, token):
response = HttpResponse()
response.status_code = 200
if request.method == 'POST':
req = request.POST
email = ''
firstName = ''
lastName = ''
role = ''
activate = False
#profile_dict = json.loads(request.session['profile'])
profile_dict = request.session['profile']
companyName = ''
if 'companyName' in profile_dict:
companyName = profile_dict.get('companyName')
if 'email' in req:
email = req['email']
if 'firstName' in req:
firstName = req['firstName']
if 'lastName' in req:
lastName = req['lastName']
if 'role' in req:
role = req['role']
if 'activate' in req:
activate = req['activate']
client = UsersClient('https://' + OKTA_ORG, API_KEY)
user = {
"profile": {
"firstName": firstName,
"lastName": lastName,
"email": email,
"login": email,
"customer_role": role,
"companyName": companyName
}
}
if api_access_admin(token):
users = client.create_user(user=user, activate=activate)
elif api_access_company_admin(token):
users = client.create_user(user=user, activate=activate)
# users = client.create_user_scoped(user=user, activate="false", group="")
else:
return not_authorized(request)
response.content = users
return response
def app_schema(request, token):
response = HttpResponse()
response.status_code = 200
if api_access_company_admin(token):
client = AppsClient('https://' + OKTA_ORG, API_KEY, CLIENT_ID)
schema = client.get_schema()
response.content = schema
else:
return not_authorized(request)
return response
def app_schema(request, access_token):
conf = _get_config(request)
response = HttpResponse()
response.status_code = 200
if api_access_company_admin(conf, access_token):
client = AppsClient('https://' + conf['org'],
config.get_api_key(request), conf['aud'])
schema = client.get_schema()
response.content = schema
else:
return not_authorized(request)
return response
def list_user(request, token):
get = request.GET
user_id = None
if 'user' in get:
user_id = get['user']
client = UsersClient('https://' + OKTA_ORG, API_KEY)
if api_access_admin(token) or api_access_company_admin(token):
users = client.list_user(user_id)
else:
return not_authorized(request)
response = HttpResponse()
response.status_code = 200
response.content = users
return response
def get_group(request, token):
get = request.GET
response = HttpResponse()
response.status_code = 200
group_id = None
if 'group_id' in get:
group_id = get['group_id']
client = GroupsClient('https://' + OKTA_ORG, API_KEY)
if api_access_company_admin(token):
response.content = client.get_group_by_id(group_id)
else:
return not_authorized(request)
return response
def list_groups(request, token):
response = HttpResponse()
response.status_code = 200
profile_dict = request.session['profile']
#profile_dict = json.loads(profile)
companyName = ''
if 'companyName' in profile_dict:
companyName = profile_dict.get('companyName')
if api_access_company_admin(token):
client = GroupsClient('https://' + OKTA_ORG, API_KEY)
response.content = client.list_groups(15, companyName)
else:
return not_authorized(request)
return response
def list_perms(request, token):
get = request.GET
response = HttpResponse()
response.status_code = 200
if api_access_company_admin(token):
client = AppsClient('https://' + OKTA_ORG, API_KEY, CLIENT_ID)
group_id = None
if 'group_id' in get:
group_id = get['group_id']
perms = client.get_app_group_by_id(group_id)
response.content = perms
else:
return not_authorized(request)
return response
def list_user(request, access_token):
conf = _get_config(request)
get = request.GET
user_id = None
if 'user' in get:
user_id = get['user']
client = UsersClient('https://' + conf['org'], config.get_api_key(request))
if api_access_admin(conf, access_token) or api_access_company_admin(
conf, access_token):
users = client.list_user(user_id)
else:
return not_authorized(request)
response = HttpResponse()
response.status_code = 200
response.content = users
return response
def get_group(request, access_token):
conf = _get_config(request)
get = request.GET
response = HttpResponse()
response.status_code = 200
group_id = None
if 'group_id' in get:
group_id = get['group_id']
client = GroupsClient('https://' + conf['org'],
config.get_api_key(request))
if api_access_company_admin(conf, access_token):
response.content = client.get_group_by_id(group_id)
else:
return not_authorized(request)
return response
def list_users(request, token):
get = request.GET
startsWith = None
if 'startsWith' in get:
startsWith = get['startsWith']
client = UsersClient('https://' + OKTA_ORG, API_KEY)
profile_dict = request.session['profile']
#profile_dict = json.loads(profile)
companyName = profile_dict.get('companyName')
if api_access_admin(token):
users = client.list_users(15, startsWith)
elif api_access_company_admin(token):
users = client.list_users_scoped(15, companyName, startsWith)
else:
return not_authorized(request)
response = HttpResponse()
response.status_code = 200
response.content = users
return response
def list_perms(request, access_token):
conf = _get_config(request)
get = request.GET
response = HttpResponse()
response.status_code = 200
if api_access_admin(conf, access_token) or api_access_company_admin(
conf, access_token):
client = AppsClient('https://' + conf['org'],
config.get_api_key(request), conf['aud'])
group_id = None
if 'group_id' in get:
group_id = get['group_id']
perms = client.get_app_group_by_id(group_id)
response.content = perms
else:
return not_authorized(request)
return response
def add_group(request, access_token):
conf = _get_config(request)
response = HttpResponse()
response.status_code = 200
if request.method == 'POST':
req = request.POST
profile_dict = request.session['profile']
if 'groupName' in req and 'companyName' in profile_dict:
prefix = None
if 'companyName' in profile_dict:
prefix = profile_dict.get('companyName')
if prefix == '':
prefix = None
group_name = req['groupName']
if prefix:
group_name = prefix + '_' + group_name
client = GroupsClient('https://' + conf['org'],
config.get_api_key(request))
group = {
"profile": {
"name": group_name,
}
}
if api_access_admin(conf, access_token):
response.content = client.create_group(group)
elif api_access_company_admin(conf, access_token):
response.content = client.create_group(group)
else:
return not_authorized(request)
return response
def list_groups(request, access_token):
conf = _get_config(request)
response = HttpResponse()
response.status_code = 200
profile_dict = request.session['profile']
company_name = ''
if 'companyName' in profile_dict:
company_name = profile_dict.get('companyName')
if api_access_admin(conf, access_token):
client = GroupsClient('https://' + conf['org'],
config.get_api_key(request))
response.content = client.list_groups(15)
elif api_access_company_admin(conf, access_token):
client = GroupsClient('https://' + conf['org'],
config.get_api_key(request))
response.content = client.list_groups(15, company_name)
else:
return not_authorized(request)
return response
def add_group(request, token):
response = HttpResponse()
response.status_code = 200
if request.method == 'POST':
req = request.POST
profile_dict = request.session['profile']
#profile_dict = json.loads(profile)
if 'groupName' in req and 'companyName' in profile_dict:
prefix = None
if 'companyName' in profile_dict:
prefix = profile_dict.get('companyName')
if prefix == '':
prefix = None
group_name = req['groupName']
if prefix:
group_name = prefix + '_' + group_name
client = GroupsClient('https://' + OKTA_ORG, API_KEY)
group = {
"profile": {
"name": group_name,
}
}
if api_access_admin(token):
response.content = client.create_group(group)
elif api_access_company_admin(token):
response.content = client.create_group(group)
else:
return not_authorized(request)
return response
