def get_user_actions(identifier: str = None):
"""
Get a list of actions (changes) by the user entry with uuid ``identifier``.
Can be accessed by actual user and admin (USER_MANAGEMENT).
Args:
identifier (str): The uuid of the user.
Returns:
flask.Response: Information about the user as json.
"""
if identifier is None:
identifier = str(flask.g.current_user['_id'])
if str(flask.g.current_user['_id']) != identifier and not has_permission(
'USER_MANAGEMENT'):
flask.abort(403)
try:
user_uuid = utils.str_to_uuid(identifier)
except ValueError:
flask.abort(status=404)
# only report a list of actions, not the actual data
user_logs = list(flask.g.db['logs'].find({'user': user_uuid}, {'user': 0}))
for entry in user_logs:
entry['entry_id'] = entry['data']['_id']
del entry['data']
return utils.response_json({'logs': user_logs})
def delete_user(identifier: str):
"""
Delete a user.
Args:
identifier (str): The uuid of the user to modify.
Returns:
flask.Response: Response code.
"""
if not has_permission('USER_MANAGEMENT'):
flask.abort(403)
try:
user_uuid = utils.str_to_uuid(identifier)
except ValueError:
flask.abort(status=404)
if not flask.g.db['users'].find_one({'_id': user_uuid}):
flask.abort(status=404)
result = flask.g.db['users'].delete_one({'_id': user_uuid})
if not result.acknowledged:
flask.current_app.logger.error('User deletion failed: %s', user_uuid)
flask.Response(status=500)
else:
utils.make_log('user', 'delete', 'User delete', {'_id': user_uuid})
return flask.Response(status=200)
def update_user_info(identifier: str):
"""
Update the information about a user.
Args:
identifier (str): The uuid of the user to modify.
Returns:
flask.Response: Response code.
"""
if not has_permission('USER_MANAGEMENT'):
flask.abort(403)
try:
user_uuid = utils.str_to_uuid(identifier)
except ValueError:
flask.abort(status=404)
if not (user_data := flask.g.db['users'].find_one({'_id': user_uuid})): # pylint: disable=superfluous-parens
flask.abort(status=404)
def get_user_log(identifier: str = None):
"""
Get change logs for the user entry with uuid ``identifier``.
Can be accessed by actual user and admin (USER_MANAGEMENT).
Args:
identifier (str): The uuid of the user.
Returns:
flask.Response: Information about the user as json.
"""
if identifier is None:
identifier = str(flask.g.current_user['_id'])
if str(flask.g.current_user['_id']) != identifier and not has_permission(
'USER_MANAGEMENT'):
flask.abort(403)
try:
user_uuid = utils.str_to_uuid(identifier)
except ValueError:
flask.abort(status=404)
user_logs = list(flask.g.db['logs'].find({
'data_type': 'user',
'data._id': user_uuid
}))
for log in user_logs:
del log['data_type']
utils.incremental_logs(user_logs)
return utils.response_json({
'entry_id': user_uuid,
'data_type': 'user',
'logs': user_logs
})
def gen_new_api_key(identifier: str = None):
"""
Generate a new API key for the provided or current user.
Args:
identifier (str): The uuid of the user.
Returns:
flask.Response: The new API key
"""
if not identifier:
user_data = flask.g.current_user
else:
if not has_permission('USER_MANAGEMENT'):
flask.abort(403)
try:
user_uuid = utils.str_to_uuid(identifier)
except ValueError:
flask.abort(status=404)
if not (user_data := flask.g.db['users'].find_one({'_id': user_uuid})): # pylint: disable=superfluous-parens
flask.abort(status=404)