def add_members( organization_id: int, *, invites: List[UserInvite] = Body(...), auth=Depends(authorization("organizations:add_members")), db: Session = Depends(get_db), current_user: User = Depends(get_current_user), ): try: members = crud.organization.get_members(db, id=organization_id) users_to_add = (invite for invite in invites if invite.email not in (u.get("email") for u in members)) for invite in users_to_add: user_in_db = user.get_by_email(db, email=invite.email) role = invite.role if invite.role else "guest" if not user_in_db: user_in_db = user.create( db, obj_in=UserCreate( full_name=invite.full_name, email=invite.email, password=pwd.genword(), ), ) else: organization_in_db = crud.organization.get(db, id=organization_id) if organization_in_db: send_new_invitation_email_task.delay( full_name=user_in_db.full_name, email_to=user_in_db.email, organization=organization_in_db.name, role=role) enforcer.add_role_for_user_in_domain( str(user_in_db.id), role, str(organization_id), ) enforcer.load_policy() return [ user for user in get_members( organization_id, auth=auth, db=db, current_user=current_user) if user.get("email") in (invite.email for invite in invites) ] except Exception as e: logging.error(e)
def create_organization_root_node( *, db: Session = Depends(get_db), organization_in: OrganizationCreateRoot, current_user: User = Depends(get_current_user), ) -> Optional[Organization]: """ Create a new **root node for organizations tree**; If `owner_email` is present organization tree ownership will be affected to *existing or newly created user*, else organizations tree ownership will be affected to *superuser*. """ if not current_user.is_superuser: raise HTTPException( status_code=403, detail="You are not authorized to perform this action.") new_organization_root_node = organization.create_root( db, obj_in=organization_in).to_schema() if organization_in.owner_email: user_in_db = user.get_by_email(db, email=organization_in.owner_email) if not user_in_db: user_in_db = user.create( db, obj_in=UserCreate( full_name=organization_in.owner_email.split("@")[0], email=organization_in.owner_email, password=pwd.genword(), ), ) if new_organization_root_node: send_new_invitation_email_task.delay( full_name=user_in_db.full_name, email_to=user_in_db.email, organization=new_organization_root_node.name, role="owner") enforcer.add_role_for_user_in_domain( str(user_in_db.id), "owner", str(new_organization_root_node.id)) enforcer.load_policy() else: enforcer.add_role_for_user_in_domain( str(current_user.id), "owner", str(new_organization_root_node.id)) enforcer.load_policy() current_roles = enforcer.get_roles_for_user_in_domain( str(current_user.id), str(new_organization_root_node.id)) if len(current_roles) > 0: new_organization_root_node.current_user_role = current_roles[0] if current_user.is_superuser: new_organization_root_node.current_user_role = 'admin' # new_organization_root_node.current_user_role = current_roles[0] return new_organization_root_node
def create_user(*, db: Session = Depends(get_db), user_in: UserCreate): """ Create new user. """ user = crud_user.get_by_email(db, email=user_in.email) if user: raise HTTPException(status_code=HTTP_400_BAD_REQUEST, detail="Email already registered") user = crud_user.create(db=db, user_in=user_in) if config.EMAILS_ENABLED and user_in.email: send_new_account_email(email_to=user_in.email, username=user_in.email, password=user_in.password) return user
def init_db(db_session): # Tables should be created with Alembic migrations # But if you don't want to use migrations, create # the tables un-commenting the next line # Base.metadata.create_all(bind=engine) user = crud_user.get_by_email(db_session, email=config.FIRST_SUPERUSER) if not user: user_in = UserCreate( full_name='Admin', email=config.FIRST_SUPERUSER, password=config.FIRST_SUPERUSER_PASSWORD, is_superuser=True, ) user = crud_user.create(db_session, user_in=user_in)
def create_user(user_create: UserCreate, db=Depends(get_db)): """Register a new user. Email, CPF and PIS must be valid and not yet registered""" db_user = get_by_cpf(db, user_create.cpf) if db_user: raise HTTPException(status_code=400, detail="CPF already registered") db_user = get_by_pis(db, user_create.pis) if db_user: raise HTTPException(status_code=400, detail="PIS already registered") db_user = get_by_email(db, user_create.email) if db_user: raise HTTPException(status_code=400, detail="Email already registered") return create(db, user_create)
def register_new_user(*, db: Session = Depends(get_db), user_in: UserCreate): user_in_db = user.get_by_email(db, email=user_in.email) if user_in_db: raise HTTPException( status_code=status.HTTP_400_BAD_REQUEST, detail="The user with this username already exists in the system.", ) user_in_db = user.create(db, obj_in=user_in) send_new_registration_email_task.delay(user_in.email, user_in.full_name, user_in.password) generate_and_insert_registration_link_task.delay(user_in_db.id) return {"msg": "User created"}
def init_db(db_session): # Tables should be created with Alembic migrations # But if you don't want to use migrations, create # the tables un-commenting the next line # Base.metadata.create_all(bind=engine) user = db_user.get_by_email(db_session, email=config.FIRST_SUPERUSER_EMAIL) if not user: user_in = UserCreate(username=config.FIRST_SUPERUSER, full_name=config.FIRST_SUPERUSER_FULLNAME, email=config.FIRST_SUPERUSER_EMAIL, password=get_password_hash( config.FIRST_SUPERUSER_PASSWORD), document="01311104542", phone_number="9023819283", is_superuser=True, is_active=True) user = db_user.create(db_session, user_in=user_in)
def create_user( *, db: Session = Depends(get_db), user_in: UserCreate, current_user: User = Depends(get_current_user_if_is_superuser), ) -> Any: """ Create new user. """ user_in_db = user.get_by_email(db, email=user_in.email) if user_in_db: raise HTTPException( status_code=400, detail="The user with this username already exists in the system.", ) user_in_db = user.create(db, obj_in=user_in) # if settings.EMAILS_ENABLED and user_in.email: # send_new_account_email( # email_to=user_in.email, # username=user_in.email, # password=user_in.password # ) return user_in_db
def init_db(db: Session) -> None: # Tables should be created with Alembic migrations # But if you don't want to use migrations, create # the tables un-commenting the next line # Base.metadata.create_all(bind=engine) # insert_organizations(db=db) organization_in_db = organization.get_by_name(db, name=settings.ORGANIZATION) if not organization_in_db: organization_in = OrganizationCreate(name=settings.ORGANIZATION, slug=slug.slug( settings.ORGANIZATION), mode="private") organization_in_db = organization.create(db, obj_in=organization_in) user_in_db = user.get_by_email(db, email=settings.FIRST_SUPERUSER) if not user_in_db: user_in = UserCreate( full_name=settings.FIRST_SUPERUSER_FULLNAME, email=settings.FIRST_SUPERUSER, password=settings.FIRST_SUPERUSER_PASSWORD, ) user_in_db = user.create(db, obj_in=user_in) # noqa: F841 user_in_db.is_superuser = True user_in_db.is_verified = True db.add(user_in_db) db.commit() db.refresh(user_in_db) if len(enforcer.get_roles_for_user_in_domain("1", "1")) == 0: enforcer.add_role_for_user_in_domain("1", "admin", "1")