def get(self, request, pk=None): try: user_org = UserOrgAccessDataService.get_user_org_access_by_user_profile( request.user.profile) except UserOrgAccessDoesNotExistError as e: return FailureResponse(status.HTTP_403_FORBIDDEN, errors.USER_ORG_MAPPING_NOT_PRESENT, str(e)) requested_user_org_access = UserOrgAccessDataService.get_user_org_access_by_user_id( pk) if user_org.organization != requested_user_org_access.organization: raise UserDoesNotExistError(pk) serializer = UserDetailsResponseSerializer( {'user': requested_user_org_access}) return SuccessResponse(data=serializer.data)
def filter_by_params(self, user_ids, org, query, sort_field, size): accesses = UserOrgAccessDataService.get_user_org_access_for_org( org, ('user', 'user__user')) if user_ids: accesses = UserOrgAccessDataService.filter_org_access_by_user_ids( accesses, user_ids) query_set = accesses if query: query_set = UserOrgAccessDataService.filter_accesses_by_name( accesses, query) if sort_field: query_set = query_set.order_by(sort_field) if size: query_set = query_set[:size] return query_set
def delete(self, request, pk=None): try: user_org = UserOrgAccessDataService.get_user_org_access_by_user_profile( request.user.profile) except UserOrgAccessDoesNotExistError as e: return FailureResponse(status.HTTP_403_FORBIDDEN, errors.USER_ORG_MAPPING_NOT_PRESENT, str(e)) requested_user_org_access = UserOrgAccessDataService.get_user_org_access_by_user_id( pk) if user_org.organization != requested_user_org_access.organization: raise UserDoesNotExistError(pk) user_profile = requested_user_org_access.user with transaction.atomic(): UserDataService.delete_user_by_user_profile(user_profile) return SuccessResponse(status.HTTP_200_OK)
def has_permission(self, request, view): try: user_org = UserOrgAccessDataService.get_user_org_access_by_user_profile( request.user.profile) return (user_org is not None) and user_org.is_admin except UserOrgAccessDoesNotExistError: logger.error('User org access does not exist for user') return False
def put(self, request, pk): try: user_org = UserOrgAccessDataService.get_user_org_access_by_user_profile( request.user.profile) except UserOrgAccessDoesNotExistError as e: return FailureResponse(status.HTTP_403_FORBIDDEN, errors.USER_ORG_MAPPING_NOT_PRESENT, str(e)) formatted_request_data = self.validate_and_format_request(request) requested_user_org_access = UserOrgAccessDataService.get_user_org_access_by_user_id( pk) if user_org.organization != requested_user_org_access.organization: raise UserDoesNotExistError(pk) with transaction.atomic(): UserDataService.update_user_by_uuid(pk, formatted_request_data) channel = PubnubService.get_organization_channel( user_org.organization) user_update_message = PubnubService.get_user_update_message( requested_user_org_access.user) PubnubService.publish(channel, user_update_message) return SuccessResponse(status.HTTP_200_OK, {})
def get_access_and_profile(self, request): user = request.user data = request.data if 'userID' in data: user_id = data['userID'] profile = UserDataService.get_user_profile_by_uuid(user_id) else: profile = user.profile user_org_access = UserOrgAccessDataService.get_user_org_access_by_user_profile( profile) return user_org_access, profile
def get(self, request): user_org = UserOrgAccessDataService.get_user_org_access_by_user_profile( request.user.profile) organization = user_org.organization query, sort_field, size = self.parse_query_params(request.query_params) # Get list of all users in that org user_ids = request.GET.getlist('ids') accesses = self.filter_by_params(user_ids, organization, query, sort_field, size) # TODO Remove organization - why is org required? serializer = AdminUserResponseSerializer({ 'organization': organization, 'users': accesses }) return SuccessResponse(status.HTTP_200_OK, serializer.data)
def post(self, request): try: try: user_org = UserOrgAccessDataService.get_user_org_access_by_user_profile( request.user.profile) except UserOrgAccessDoesNotExistError as e: return FailureResponse(status.HTTP_403_FORBIDDEN, errors.USER_ORG_MAPPING_NOT_PRESENT, str(e)) formatted_request_data = self.validate_and_format_request(request) with transaction.atomic(): UserDataService.create_user(formatted_request_data, user_org.organization) return SuccessResponse(status.HTTP_201_CREATED) except UserAlreadyExistsError as e: return FailureResponse(status.HTTP_409_CONFLICT, errors.USER_ALREADY_EXISTS, str(e))