def post(): is_new_install = True # check if uuid is in there otherwise it is either a first installation try: in_json = request.get_json() non_pii_uuid = in_json["uuid"] # even if there is non_pii_uuid is in the input json, it could be a new one # check if the dataset is existing with given uuid dataset = mongoutils.get_non_pii_dataset_from_field( cfg.FIELD_PROFILE_UUID, non_pii_uuid) if dataset is not None: is_new_install = False msg = { "reason": "UUID in input json already exists in the database: " + str(non_pii_uuid), "error": "Bad Request: " + request.url, } msg_json = jsonutils.create_log_json("Profile", "POST", msg) logging.error("POST " + json.dumps(json.loads(msg_json))) return rs_handlers.bad_request(msg) except: pass if is_new_install: # new installation of the app currenttime = otherutils.get_current_time_utc() non_pii_dataset = NonPiiData('') non_pii_uuid = str(uuidlib.uuid4()) non_pii_dataset.set_uuid(non_pii_uuid) non_pii_dataset.set_creation_date(currenttime) non_pii_dataset.set_last_modified_date(currenttime) dataset, id = mongoutils.insert_non_pii_dataset_to_mongodb( non_pii_dataset) profile_uuid = dataset["uuid"] # use this if it needs to return actual dataset dataset = jsonutils.remove_objectid_from_dataset(dataset) # out_json = mongoutils.construct_json_from_query_list(dataset) msg = "new profile with new uuid has been created: " + str( profile_uuid) msg_json = jsonutils.create_log_json("Profile", "POST", dataset) logging.info("POST " + json.dumps(msg_json)) return rs_handlers.return_id(msg, 'uuid', profile_uuid)
def get(token_info=None, id=None): login_id, is_login = otherutils.get_login(token_info) data_list, is_objectid, is_error, resp = otherutils.get_data_list( id, login_id, is_login, coll_contribution) # if getting data process failed, that is is_error is true, return error reponse if is_error: return resp jsonutils.convert_obejctid_from_dataset_json(data_list[0]) out_json = mongoutils.construct_json_from_query_list(data_list[0]) msg_json = jsonutils.create_log_json("Contribution", "GET", {"id": str(id)}) logging.info("Contribution GET " + json.dumps(jsonutils.remove_objectid_from_dataset(msg_json))) return out_json
def pii_put(pid=None): # Get ID Token data from global context variable. auth_resp = g.user_token_data tk_uin, tk_firstname, tk_lastname, tk_email, tk_phone, tk_is_uin, tk_is_phone = tokenutils.get_data_from_token( auth_resp) try: in_json = request.get_json() # ToDo following lines are commented out for now # but it should be used if the email and phone number get updated # # if there is any phone number or email information in input json, they will be removed # # since the current policy is not updating the email or phone number # # until further decision # try: # del in_json["uin"] # except: # pass # try: # del in_json["phone"] # except: # pass except Exception as ex: msg = { "reason": "Json format error: " + str(pid), "error": "Bad Request: " + request.url, } msg_json = jsonutils.create_log_json("PII", "PUT", msg) logging.error("PII PUT " + json.dumps(msg_json)) return rs_handlers.bad_request(msg_json) # check if the pid is really existing in the database pii_dataset = mongoutils.get_pii_dataset_from_field(cfg.FIELD_PID, pid) if pii_dataset == None: msg = { "reason": "There is no dataset with given pii uuid: " + str(pid), "error": "Not Found: " + request.url, } msg_json = jsonutils.create_log_json("PII", "PUT", msg) logging.error("PII PUT " + json.dumps(msg_json)) return rs_handlers.not_found(msg_json) creation_date = pii_dataset.get_creation_date() tmp_dataset = json.loads(json.dumps(pii_dataset.__dict__)) auth_pass = check_id(auth_resp, tmp_dataset) if not (auth_pass): msg = { "reason": "The user info in id token and db are not matching.", "error": "Authorization Failed." } msg_json = jsonutils.create_log_json("PII", "PUT", msg) logging.error("PII PUT " + json.dumps(msg_json)) return jsonutils.create_auth_fail_message() # get the current testResultsConset value to see if it is changed # if changed, update last modified date after updating pii data consent_provided = None consent_last_modified = None try: consent_provided = pii_dataset.testResultsConsent["consentProvided"] consent_last_modified = pii_dataset.testResultsConsent["dateModified"] except: pass pii_dataset = datasetutils.update_pii_dataset_from_json(pii_dataset, in_json) currenttime = otherutils.get_current_time_utc() # if consentProvided value has been changed, update the last modified date try: if consent_provided != pii_dataset.testResultsConsent['consentProvided']: pii_dataset = update_test_results_consent(pii_dataset) else: # record the exising modified date that got lost during the json update pii_dataset.testResultsConsent['dateModified'] = consent_last_modified except: pass pii_dataset.set_last_modified_date(currenttime) # remove creation date field and pid so doesn't get updated del pii_dataset.creationDate del pii_dataset.pid # update pii_dataset's non_pii_uuid non_pii_uuid_from_dataset = pii_dataset.get_uuid() try: non_pii_uuid = in_json[cfg.FIELD_PROFILE_UUID] # both non_pii_uuid and non_pii_uuid_from_dataset should be list if (type(non_pii_uuid) is not list) or (type(non_pii_uuid_from_dataset) is not list): msg = { "reason": "The uuid information is not a list.", "error": "Json format error." } msg_json = jsonutils.create_log_json("PII", "PUT", msg) logging.error("PII PUT " + json.dumps(msg_json)) return rs_handlers.bad_request(msg_json) pii_dataset.set_uuid(non_pii_uuid) # # the following lines can be used for item to item comparison and append when it is needed # for i in range(len(non_pii_uuid)): # pii_dataset = append_non_pii_uuid(non_pii_uuid[i], non_pii_uuid_from_dataset, pii_dataset) except: pass # update dataset from id token info. Currently, only UIN and phone number are considered verified information and hence gets precedence through ID Token validation / parsing. # if tk_firstname is not None: # pii_dataset.set_firstname(tk_firstname) # if tk_lastname is not None: # pii_dataset.set_lastname(tk_lastname) # if tk_email is not None: # pii_dataset.set_email(tk_email) if tk_phone is not None: pii_dataset.set_phone(tk_phone) if tk_uin is not None: pii_dataset.set_uin(tk_uin) result, pii_dataset = mongoutils.update_pii_dataset_in_mongo_by_field(cfg.FIELD_PID, pid, pii_dataset) if result is None: msg = { "reason": "Failed to update non pii uuid into pii dataset: " + str(pid), "error": "Not Implemented: " + request.url, } msg_json = jsonutils.create_log_json("PII", "PUT", msg) logging.error("PII PUT " + json.dumps(msg_json)) return rs_handlers.not_implemented(msg_json) # add pid and original creation date to dataset for output json try: pii_dataset["pid"] = pid pii_dataset["creationDate"] = creation_date except: pass pii_dataset = jsonutils.remove_file_descriptor_from_dataset(pii_dataset) out_json = mongoutils.construct_json_from_query_list(pii_dataset) msg_json = jsonutils.create_log_json("PII", "PUT", jsonutils.remove_objectid_from_dataset(pii_dataset), 'pii') logging.info("PII PUT " + json.dumps(msg_json)) return out_json
def pii_post(): # msg = {'message': 'POST info for PII:'} # resp = jsonify(msg) # resp.status_code = 200 # logging.debug("POST " + json.dumps(msg)) # # return resp # Get ID Token data from global context variable. auth_resp = g.user_token_data tk_uin, tk_firstname, tk_lastname, tk_email, tk_phone, tk_is_uin, tk_is_phone = tokenutils.get_data_from_token( auth_resp) is_new_entry = False # Todo following variable should be revived if the email or phone number can get updated # auth_pass = False try: in_json = request.get_json() except Exception as ex: msg = { "reason": "Json format error.", "error": "Bad Request: " + request.url, } msg_json = jsonutils.create_log_json("PII", "POST", msg) logging.error("PII POST " + json.dumps(msg_json)) return rs_handlers.bad_request(msg_json) # get uuid, if failed it is a bad request try: non_pii_uuid = in_json[cfg.FIELD_PROFILE_UUID] if isinstance(non_pii_uuid, list) == False: # # this is an error routine when it is not a list # # for now, this should be commented out because the endpoint will accept both string and list # # after chaning the app only send uuid as a list, following lines should be revived # msg = { # "reason": "The uuid information is not a list.", # "error": "Json format error." # } # msg_json = jsonutils.create_log_json("PII", "POST", msg) # logging.error("PII POST " + json.dumps(msg_json)) # return rs_handlers.bad_request(msg_json) # if non_pii_uuid is not a list, # we assume that it is a single string uuid object so convert this to a list with single item tmp_list = [] tmp_list.append(non_pii_uuid) non_pii_uuid = tmp_list except Exception as ex: msg = { "reason": "uuid not supplied.", "error": "Bad Request: " + request.url, } msg_json = jsonutils.create_log_json("PII", "POST", msg) logging.error("PII POST " + json.dumps(msg_json)) return rs_handlers.bad_request(msg_json) # get non_pii_uuid value from the list if len(non_pii_uuid) > 0: non_pii_uuid = non_pii_uuid[0] else: msg = { "reason": "uuid list is empty.", "error": "Bad Request: " + request.url, } msg_json = jsonutils.create_log_json("PII", "POST", msg) logging.error("PII POST " + json.dumps(msg_json)) return rs_handlers.bad_request(msg_json) # check if it is a new record or existing record try: pid = in_json[cfg.FIELD_PID] dataset = mongoutils.get_pii_dataset_from_field(cfg.FIELD_PROFILE_UUID, pid) # if it is an existing entry, then check if the information in db matches with the id token auth_pass = check_auth(dataset, tk_uin, tk_phone, tk_is_uin, tk_is_phone) except: dataset = None is_new_entry = True # check if the email already exists if tk_is_uin: try: dataset = mongoutils.get_pii_dataset_from_field('uin', tk_uin) # if there is a dataset, it means that the email is existing in the database if dataset is not None: # ToDo Following lines will be commented out due to the following assumption # that the email in the database doesn't get updated so, no change in email. # However, if there is email update available, the following part should be revived. # # check if the id token and db info matches # if not (auth_pass): # msg = { # "reason": "The user info in id token and db are not matching.", # "error": "Authorization Failed." # } # msg_json = jsonutils.create_log_json("PII", "POST", msg) # self.logger.error("PII POST " + json.dumps(msg_json)) # return jsonutils.create_auth_fail_message() # # if not (auth_pass): # msg = { # "reason": "The user info in id token and db are not matching.", # "error": "Authorization Failed." # } # msg_json = jsonutils.create_log_json("PII", "POST", msg) # self.logger.error("PII POST " + json.dumps(msg_json)) # return jsonutils.create_auth_fail_message() pid = dataset.get_pid() non_pii_uuid_from_dataset = dataset.uuid dataset = append_non_pii_uuid(non_pii_uuid, non_pii_uuid_from_dataset, dataset) currenttime = otherutils.get_current_time_utc() dataset.set_last_modified_date(currenttime) result, pii_dataset = mongoutils.update_pii_dataset_in_mongo_by_field(cfg.FIELD_PID, pid, dataset) msg = { "reason": "UIN already exists: " + str(pid), "warning": "UIN already exists: " + request.url, } msg_json = jsonutils.create_log_json("PII", "POST", msg) logging.warning("PII POST " + json.dumps(msg_json)) return rs_handlers.return_id('UIN already exists.', 'pid', pid) except: return rs_handlers.internal_server_error() # check if the phonenumber already exists if tk_is_phone: try: dataset = mongoutils.get_pii_dataset_from_field('phone', tk_phone) # ToDo Following lines will be commented out due to the following assumption # that the email in the database doesn't get updated so, no change in email. # However, if there is email update available, the following part should be revived. # check if the id token and db info matches # if not (auth_pass): # auth_pass = self.check_auth(dataset, tk_uin, tk_phone, tk_is_uin, tk_is_phone) # # if not (auth_pass): # msg = { # "reason": "The user info in id token and db are not matching.", # "error": "Authorization Failed." # } # msg_json = jsonutils.create_log_json("PII", "POST", msg) # self.logger.error("PII POST " + json.dumps(msg_json)) # return jsonutils.create_auth_fail_message() if dataset is not None: pid = dataset.get_pid() non_pii_uuid_from_dataset = dataset.uuid dataset = append_non_pii_uuid(non_pii_uuid, non_pii_uuid_from_dataset, dataset) currenttime = otherutils.get_current_time_utc() dataset.set_last_modified_date(currenttime) result, pii_dataset = mongoutils.update_pii_dataset_in_mongo_by_field(cfg.FIELD_PID, pid, dataset) msg = { "reason": "Phone number already exists: " + str(pid), "warning": "Phone number already exists: " + request.url, } msg_json = jsonutils.create_log_json("PII", "POST", msg) logging.warning("PII POST " + json.dumps(msg_json)) return rs_handlers.return_id('Phone number already exists.', 'pid', pid) except: return rs_handlers.internal_server_error() if dataset is not None: is_new_entry = False pii_dataset = PiiData(in_json) if is_new_entry: # insert new pii_dataset currenttime = otherutils.get_current_time_utc() pid = str(uuidlib.uuid4()) pii_dataset.set_pid(pid) non_pii_uuid_from_dataset = [] non_pii_uuid_from_dataset.append(non_pii_uuid) pii_dataset.set_uuid(non_pii_uuid_from_dataset) pii_dataset.set_creation_date(currenttime) pii_dataset.set_last_modified_date(currenttime) # to check if there is testResultsConsent and update modified date try: if in_json["testResultsConsent"]: pii_dataset = update_test_results_consent(pii_dataset) except: pass # update dataset from id token info. Currently, only UIN and phone number are considered verified information and hence gets precedence through ID Token validation / parsing. # if tk_firstname is not None: # pii_dataset.set_firstname(tk_firstname) # if tk_lastname is not None: # pii_dataset.set_lastname(tk_lastname) # if tk_email is not None: # pii_dataset.set_email(tk_email) if tk_phone is not None: pii_dataset.set_phone(tk_phone) if tk_uin is not None: pii_dataset.set_uin(tk_uin) pii_dataset = mongoutils.insert_pii_dataset_to_mongodb(pii_dataset) if pii_dataset is None: msg = { "reason": "Failed to update profile uuid into pii dataset: " + str(pid), "error": "Not Implemented: " + request.url, } msg_json = jsonutils.create_log_json("PII", "POST", msg) logging.error("PII POST " + json.dumps(msg_json)) return rs_handlers.not_implemented(msg_json) msg = "Pii data has been posted with : " + str(pid) msg_json = jsonutils.create_log_json("PII", "POST", jsonutils.remove_objectid_from_dataset(pii_dataset), 'pii') logging.info("PII POST " + json.dumps(msg_json)) return rs_handlers.return_id(msg, 'pid', pid) else: msg = { "reason": "The request is wrong or the entry already exists: " + str(pid), "error": "Bad Request: " + request.url, } msg_json = jsonutils.create_log_json("PII", "POST", msg) logging.error("PII POST " + json.dumps(msg_json)) return rs_handlers.bad_request(msg_json)
def post(token_info): is_new_install = True in_json = None # check if name is in there otherwise it is either a first installation try: in_json = request.get_json() name = in_json[cfg.FIELD_NAME] # check if the dataset is existing with given name dataset = mongoutils.get_contribution_dataset_from_field_no_status( coll_contribution, cfg.FIELD_NAME, name) if dataset is not None: is_new_install = False msg = { "reason": "NAME in input json already exists in the database: " + str(name), "error": "Bad Request: " + request.url, } msg_json = jsonutils.create_log_json("Contribution", "POST", msg) logging.error("Contribution POST " + json.dumps(msg_json)) return rs_handlers.bad_request(msg) except: pass if is_new_install: # new installation of the app currenttime = datetime.datetime.now() currenttime = currenttime.strftime("%Y/%m/%dT%H:%M:%S") contribution_dataset = Contribution('') contribution_dataset, restjson = datasetutils.update_contribution_dataset_from_json( contribution_dataset, in_json) contribution_dataset.set_date_created(currenttime) contribution_dataset.set_date_modified(currenttime) # get contribution admins, if failed it is a bad request contribution_admins = in_json['contributionAdmins'] # get contribution_admins value from the list # doing this because connexion's minItems doesn't work, otherwise this is not needed if len(contribution_admins) == 0: msg = { "reason": "Contribution admin list is empty.", "error": "Bad Request: " + request.url, } msg_json = jsonutils.create_log_json("Contribution", "POST", msg) logging.error("Contribution POST " + json.dumps(msg_json)) return rs_handlers.bad_request(msg_json) # check if the logged in user's login is included in contribution admin list is_admin_user = otherutils.check_login_admin(token_info["login"], contribution_admins) if not is_admin_user: msg = { "reason": "Contribution admin list must contain logged in user", "error": "Bad Request: " + request.url, } msg_json = jsonutils.create_log_json("Contribution", "POST", msg) logging.error("Contribution POST " + json.dumps(msg_json)) return rs_handlers.bad_request(msg_json) # set contributors list contributors_list = [] try: contributors_json = in_json["contributors"] for i in range(len(contributors_json)): contributor, rest_contributor_json, msg = modelutils.construct_contributors( contributors_json[i]) if contributor is None: return rs_handlers.bad_request(msg) contributors_list.append(contributor) contribution_dataset.set_contributors(contributors_list) except: pass # set capability list capability_list = [] try: capability_json = in_json["capabilities"] for i in range(len(capability_json)): capability, rest_capability_json, msg = modelutils.construct_capability( capability_json[i]) if capability is None: return rs_handlers.bad_request(msg) # following two lines are for creating id. However, it might not needed for now # because catalog will create it and send it to endpoint. # If not, use following two lines that commented out # capability_id = str(uuidlib.uuid4()) # capability.set_id(capability_id) # check if the capability id is in uuid format is_uuid = otherutils.check_if_uuid(capability.id) if not is_uuid: msg = { "reason": "Capability id is not in uuid format", "error": "Bad Request: " + request.url, } msg_json = jsonutils.create_log_json( "Contribution", "POST", msg) logging.error("Contribution POST " + json.dumps(msg_json)) return rs_handlers.bad_request(msg) capability_list.append(capability) contribution_dataset.set_capabilities(capability_list) except: pass # set talent list talent_list = [] try: talent_json = in_json["talents"] for i in range(len(talent_json)): talent, rest_talent_json, msg = modelutils.construct_talent( talent_json[i]) if talent is None: return rs_handlers.bad_request(msg) # following two lines are for creating id. However, it might not needed for now # because catalog will create it and send it to endpoint. # If not, use following two lines that commented out # talent_id = str(uuidlib.uuid4()) # talent.set_id(talent_id) # check if the talent id is in uuid format is_uuid = otherutils.check_if_uuid(talent.id) if not is_uuid: msg = { "reason": "Talent id is not in uuid format", "error": "Bad Request: " + request.url, } msg_json = jsonutils.create_log_json( "Contribution", "POST", msg) logging.error("Contribution POST " + json.dumps(msg_json)) return rs_handlers.bad_request(msg) # check required capabilities id format if talent.requiredCapabilities is not None: required_cap_list = talent.requiredCapabilities for capability_json in required_cap_list: capability, rest_capability_json, msg = modelutils.construct_required_capability( capability_json) is_uuid = otherutils.check_if_uuid(capability.id) if not is_uuid: msg = { "reason": "Capability id in requiredCapabilities is not in uuid format", "error": "Bad Request: " + request.url, } msg_json = jsonutils.create_log_json( "Contribution", "POST", msg) logging.error("Contribution POST " + json.dumps(msg_json)) return rs_handlers.bad_request(msg) talent_list.append(talent) contribution_dataset.set_talents(talent_list) except: pass # insert contribution dataset dataset, id = mongoutils.insert_dataset_to_mongodb( coll_contribution, contribution_dataset) contribution_name = dataset[cfg.FIELD_NAME] contribution_id = str(dataset['_id']) # use this if it needs to return actual dataset dataset = jsonutils.remove_objectid_from_dataset(dataset) # out_json = mongoutils.construct_json_from_query_list(dataset) msg = "new contribution has been created: " + str(contribution_name) msg_json = jsonutils.create_log_json("Contribution", "POST", {"id": str(contribution_id)}) logging.info("Contribution POST " + json.dumps(msg_json)) return rs_handlers.return_id(msg, 'id', contribution_id)