def get_user_actions(identifier: str = None): """ Get a list of actions (changes) by the user entry with uuid ``identifier``. Can be accessed by actual user and admin (USER_MANAGEMENT). Args: identifier (str): The uuid of the user. Returns: flask.Response: Information about the user as json. """ if identifier is None: identifier = str(flask.g.current_user['_id']) if str(flask.g.current_user['_id']) != identifier and not has_permission( 'USER_MANAGEMENT'): flask.abort(403) try: user_uuid = utils.str_to_uuid(identifier) except ValueError: flask.abort(status=404) # only report a list of actions, not the actual data user_logs = list(flask.g.db['logs'].find({'user': user_uuid}, {'user': 0})) for entry in user_logs: entry['entry_id'] = entry['data']['_id'] del entry['data'] return utils.response_json({'logs': user_logs})
def delete_user(identifier: str): """ Delete a user. Args: identifier (str): The uuid of the user to modify. Returns: flask.Response: Response code. """ if not has_permission('USER_MANAGEMENT'): flask.abort(403) try: user_uuid = utils.str_to_uuid(identifier) except ValueError: flask.abort(status=404) if not flask.g.db['users'].find_one({'_id': user_uuid}): flask.abort(status=404) result = flask.g.db['users'].delete_one({'_id': user_uuid}) if not result.acknowledged: flask.current_app.logger.error('User deletion failed: %s', user_uuid) flask.Response(status=500) else: utils.make_log('user', 'delete', 'User delete', {'_id': user_uuid}) return flask.Response(status=200)
def update_user_info(identifier: str): """ Update the information about a user. Args: identifier (str): The uuid of the user to modify. Returns: flask.Response: Response code. """ if not has_permission('USER_MANAGEMENT'): flask.abort(403) try: user_uuid = utils.str_to_uuid(identifier) except ValueError: flask.abort(status=404) if not (user_data := flask.g.db['users'].find_one({'_id': user_uuid})): # pylint: disable=superfluous-parens flask.abort(status=404)
def get_user_log(identifier: str = None): """ Get change logs for the user entry with uuid ``identifier``. Can be accessed by actual user and admin (USER_MANAGEMENT). Args: identifier (str): The uuid of the user. Returns: flask.Response: Information about the user as json. """ if identifier is None: identifier = str(flask.g.current_user['_id']) if str(flask.g.current_user['_id']) != identifier and not has_permission( 'USER_MANAGEMENT'): flask.abort(403) try: user_uuid = utils.str_to_uuid(identifier) except ValueError: flask.abort(status=404) user_logs = list(flask.g.db['logs'].find({ 'data_type': 'user', 'data._id': user_uuid })) for log in user_logs: del log['data_type'] utils.incremental_logs(user_logs) return utils.response_json({ 'entry_id': user_uuid, 'data_type': 'user', 'logs': user_logs })
def gen_new_api_key(identifier: str = None): """ Generate a new API key for the provided or current user. Args: identifier (str): The uuid of the user. Returns: flask.Response: The new API key """ if not identifier: user_data = flask.g.current_user else: if not has_permission('USER_MANAGEMENT'): flask.abort(403) try: user_uuid = utils.str_to_uuid(identifier) except ValueError: flask.abort(status=404) if not (user_data := flask.g.db['users'].find_one({'_id': user_uuid})): # pylint: disable=superfluous-parens flask.abort(status=404)