def dashboard():
"""Primary dashboard the users will interact with."""
logger.info("User: {} authenticated proceeding to dashboard.".format(
session.get("id_token")["sub"]))
if "Mozilla-LDAP" in session.get("userinfo")["sub"]:
logger.info(
"Mozilla IAM user detected. Attempt enriching with ID-Vault data.")
try:
session["idvault_userinfo"] = person_api.get_userinfo(
session.get("id_token")["sub"])
except Exception as e:
logger.error(
"Could not enrich profile due to: {}. Perhaps it doesn't exist?"
.format(e))
# Hotfix to set user id for firefox alert
# XXXTBD Refactor rules later to support full id_conformant session
session["userinfo"]["user_id"] = session.get("id_token")["sub"]
# Transfer any updates in to the app_tiles.
S3Transfer(config.Config(app).settings).sync_config()
# Send the user session and browser headers to the alert rules engine.
Rules(userinfo=session["userinfo"], request=request).run()
user = User(session, config.Config(app).settings)
apps = user.apps(Application(app_list.apps_yml).apps)
return render_template("dashboard.html",
config=app.config,
user=user,
apps=apps,
alerts=None)
def alert_operation(alert_id):
if request.method == "POST":
user = User(session, config.Config(app).settings)
if request.data is not None:
data = json.loads(request.data.decode())
helpfulness = data.get("helpfulness")
alert_action = data.get("alert_action")
result = user.take_alert_action(alert_id, alert_action, helpfulness)
if result["ResponseMetadata"]["HTTPStatusCode"] == 200:
return "200"
else:
return "500"
def alert_faking():
if request.method == "GET":
if app.config.get("SERVER_NAME") != "sso.mozilla.com":
"""Only allow alert faking in non production environment."""
user = User(session, config.Config(app).settings)
fake_alerts = FakeAlert(user_id=user.userinfo.get("sub"))
fake_alerts.create_fake_alerts()
return redirect("/dashboard", code=302)
def notifications():
user = User(session, config.Config(app).settings)
return render_template("notifications.html", config=app.config, user=user)
def get_request_user(request):
user_id = authenticated_userid(request)
try:
return User.get(User.id == user_id)
except NoResultFound:
return None