def _has_project_org_scope(self, project_sfid: str, organization_id: str,
username: str, scopes: dict) -> bool:
"""
Helper function that checks whether there exists project_org_scope for given role
:param project_sfid: salesforce project sfid
:type project_sfid: string
:param organization_id: organization ID
:type organization_id: string
:param username: lf username
:type username: string
:param scopes: service scopes for organization
:type scopes: dict
:rtype: bool
"""
function = '_has_project_org_scope_role'
try:
user_roles = scopes['userroles']
log.info(f'{function} - User roles: {user_roles}')
except KeyError as err:
log.warning(f'{function} - error: {err} ')
return False
for user_role in user_roles:
if user_role['Contact']['Username'] == username:
#Since already filtered by role ...get first item
for scope in user_role['RoleScopes'][0]['Scopes']:
log.info(
f'{function}- Checking objectID for scope: {project_sfid}|{organization_id}'
)
if scope[
'ObjectID'] == f'{project_sfid}|{organization_id}':
return True
return False
def has_parent(self, project) -> bool:
""" checks if project has parent """
fn = 'project_service.has_parent'
try:
log.info(
f"{fn} - Checking if {project['Name']} has parent project")
parent = project['Parent']
if parent:
return True
except KeyError as err:
log.debug(
f"{fn} - Failed to find parent for {project['Name']} , error: {err}"
)
return False
return False
def is_parent(self, project) -> bool:
"""
checks whether salesforce project is a parent
:param project: salesforce project
:type project: dict
:return: Whether salesforce project is a parent
:rtype: Boolean
"""
fn = 'project_service.is_parent'
try:
log.info(f"{fn} - Checking if {project['Name']} is a parent")
project_type = project['ProjectType']
if project_type == 'Project Group':
return True
except KeyError as err:
log.debug(
f"{fn} - Failed to get ProjectType for project: {project['Name']} error: {err}"
)
return False
return False
def _get_users_by_key_value(self, key: str, value: str):
"""
Queries the platform user service for the specified criteria.
The result will return summary information for the users as a
dictionary.
"""
fn = 'user_service._get_users_by_key_value'
headers = {
'Authorization': f'bearer {self.get_access_token()}',
'accept': 'application/json'
}
users = []
offset = 0
pagesize = 1000
while True:
try:
log.info(
f'{fn} - Search User using key: {key} with value: {value}')
url = f'{self.platform_gateway_url}/user-service/v1/users/search?' \
f'{key}={quote(value)}&pageSize={pagesize}&offset={offset}'
log.debug(f'{fn} - sending GET request to {url}')
r = requests.get(url, headers=headers)
r.raise_for_status()
response_model = json.loads(r.text)
total = response_model['Metadata']['TotalSize']
if response_model['Data']:
users = users + response_model['Data']
if total < (pagesize + offset):
break
offset = offset + pagesize
except requests.exceptions.HTTPError as err:
log.warning(f'{fn} - Could not get projects, error: {err}')
return None
log.debug(f'{fn} - total users : {len(users)}')
return users
def has_role(self, username: str, role: str, organization_id: str,
cla_group_id: str) -> bool:
"""
Function that checks whether lf user has a role
:param username: The lf username
:type username: string
:param cla_group_id: cla_group_id associated with Project/Foundation SFIDs for role check
:type cla_group_id: string
:param role: given role check for user
:type role: string
:param organization_id: salesforce org ID
:type organization_id: string
:rtype: bool
"""
scopes = {}
function = 'has_role'
scopes = self._list_org_user_scopes(organization_id, role)
if scopes:
log.info(
f'{function} - Found scopes : {scopes} for organization: {organization_id}'
)
log.info(
f'{function} - Getting projectCLAGroups for cla_group_id: {cla_group_id}'
)
pcg = ProjectCLAGroup()
pcgs = pcg.get_by_cla_group_id(cla_group_id)
log.info(f'{function} - Found ProjectCLAGroup Mappings: {pcgs}')
if pcgs:
if pcgs[0].signed_at_foundation:
log.info(f'{cla_group_id} signed at foundation level ')
log.info(
f'{function} - Checking if {username} has role... ')
return self._has_project_org_scope(
pcgs[0].get_project_sfid(), organization_id, username,
scopes)
log.info(
f'{cla_group_id} signed at project level and checking user roles for user: {username}'
)
has_role_project_org = {}
for pcg in pcgs:
has_scope = self._has_project_org_scope(
pcg.get_project_sfid(), organization_id, username,
scopes)
has_role_project_org[username] = (pcg.get_project_sfid(),
organization_id,
has_scope)
log.info(
f'{function} - user_scopes_status : {has_role_project_org}'
)
# check if all projects have user scope
user_scopes = [
has_scope[2]
for has_scope in list(has_role_project_org.values())
]
if all(user_scopes):
log.info(
f'{function} - {username} has role scope at project level'
)
return True
log.info(f'{function} - {username} does not have role scope')
return False