def invite_org_user(org):
r = app.current_request.json_body
user_info = dynamodb.get_user_table().get_item(
Key={'username': r['username']})
if 'Item' not in user_info:
return Response(body={'error': 'user not found'}, status_code=400)
response = dynamodb.get_role_table().get_item(Key={
'organization': org,
'username': r['username']
})
if 'Item' not in response:
dynamodb.get_role_table().put_item(Item={
'organization': org,
'username': r['username'],
'roles': r['roles']
})
return Response(
{
'username': r['username'],
'organization': org,
'roles': r['roles']
},
status_code=201)
return Response(body={'error': 'already taken'}, status_code=400)
def remove_org_user(org, username):
response = dynamodb.get_role_table().get_item(Key={
'organization': org,
'username': username
})
if 'Item' in response:
dynamodb.get_role_table().delete_item(Key={
'organization': org,
'username': username
})
return Response(body=None, status_code=204)
return Response(body={'error': 'not found'}, status_code=404)
def delete_user(username):
user_info = get_user_response(username)
if not user_info:
return Response(body={'error': 'not found'}, status_code=400)
role_info = dynamodb.get_role_table().query(
KeyConditionExpression=Key('username').eq(username))
for role in role_info['Items']:
dynamodb.get_role_table().delete_item(
Key={
'username': username,
'organization': role['organization']
})
dynamodb.get_user_table().delete_item(Key={'username': username})
cognito_idp_client.admin_delete_user(UserPoolId=get_cognito_user_pool_id(),
Username=username)
return Response(body=None, status_code=204)
def update_org_user(org, username):
r = app.current_request.json_body
response = dynamodb.get_role_table().get_item(Key={
'organization': org,
'username': username
})
if 'Item' in response:
dynamodb.get_role_table().put_item(Item={
'organization': org,
'username': username,
'roles': r['roles']
})
return Response(
{
'username': username,
'organization': org,
'roles': r['roles']
},
status_code=201)
return Response(body={'error': 'not found'}, status_code=404)
def org_users(org):
next_key = None
if app.current_request.query_params and 'next' in app.current_request.query_params:
next_key = json.loads(app.current_request.query_params['next'])
args = {
'KeyConditionExpression': Key('organization').eq(org),
'IndexName': 'organization_index',
'Limit': 100
}
if next_key:
args['ExclusiveStartKey'] = next_key
table_response = dynamodb.get_role_table().query(**args)
results = []
if 'Items' in table_response:
for item in table_response['Items']:
result = {'username': item['username'], 'roles': item['roles']}
results.append(result)
# bind user's information
if len(results) > 0:
table_name = str(os.environ.get('OTM_USER_DYNAMODB_TABLE'))
user_info = dynamodb.client.batch_get_item(
RequestItems={
table_name: {
'Keys': [{
'username': {
'S': d.get('username')
}
} for d in results]
}
})
for user in user_info['Responses'][table_name]:
record = [
d for d in results if d['username'] == user['username']['S']
][0]
for field_key in user:
record[field_key] = deser.deserialize(user[field_key])
headers = {}
if 'LastEvaluatedKey' in table_response:
headers['X-NEXT-KEY'] = json.dumps(table_response['LastEvaluatedKey'])
return Response({
'items': results,
'next': headers.get('X-NEXT-KEY')
},
headers=headers)
def get_all_users():
next_key = None
if app.current_request.query_params and 'next' in app.current_request.query_params:
next_key = json.loads(app.current_request.query_params['next'])
args = {'Limit': 100}
if next_key:
args['ExclusiveStartKey'] = next_key
table_response = dynamodb.get_user_table().scan(**args)
results = []
if 'Items' in table_response:
for item in table_response['Items']:
role_info = dynamodb.get_role_table().query(
KeyConditionExpression=Key('username').eq(item['username']))
result = {
'username': item['username'],
'created_at':
item['created_at'] if 'created_at' in item else None,
'updated_at':
item['updated_at'] if 'updated_at' in item else None,
'email': item['email'] if 'email' in item else None
}
for role in role_info['Items']:
if 'orgs' not in result:
result['orgs'] = []
result['orgs'].append({
'org': role['organization'],
'roles': role['roles']
})
results.append(result)
headers = {}
if 'LastEvaluatedKey' in table_response:
headers['X-NEXT-KEY'] = json.dumps(table_response['LastEvaluatedKey'])
return Response({
'items': results,
'next': headers.get('X-NEXT-KEY')
},
headers=headers)
def get_user_response(username):
user_info = dynamodb.get_user_table().get_item(Key={'username': username})
if 'Item' in user_info:
result = user_info['Item']
else:
try:
idp_user = cognito_idp_client.admin_get_user(
UserPoolId=get_cognito_user_pool_id(), Username=username)
except ClientError as error:
if error.response['Error']['Code'] == 'UserNotFoundException':
return Response(body={'error': 'not found'}, status_code=404)
else:
raise error
email = [
x for x in idp_user['UserAttributes'] if x['Name'] == 'email'
][0]['Value']
ts = Decimal(time.time())
data = {
'username': username,
'email': email,
'created_at': ts,
'updated_at': ts
}
dynamodb.get_user_table().put_item(Item=data)
result = data
item = dynamodb.get_role_table().query(
KeyConditionExpression=Key('username').eq(username))
result['orgs'] = []
if 'Items' in item:
for role in item['Items']:
result['orgs'].append({
'org': role['organization'],
'roles': role['roles']
})
return result