def db_create_identityaccessrequest_notifications(session, tid, itip, rtip, iar):
users = session.query(models.User).filter(models.User.role == u'custodian', models.User.notification == True)
for user in users:
node = db_admin_serialize_node(session, tid, user.language)
context = session.query(models.Context).filter(models.Context.id == itip.context_id, models.Context.tid == tid).one()
data = {
'type': 'identity_access_request'
}
data['user'] = user_serialize_user(session, user, user.language)
data['tip'] = serialize_rtip(session, rtip, itip, user.language)
data['context'] = admin_serialize_context(session, context, user.language)
data['iar'] = serialize_identityaccessrequest(session, iar)
data['node'] = db_admin_serialize_node(session, tid, user.language)
if data['node']['mode'] != u'whistleblowing.it':
data['notification'] = db_get_notification(session, tid, user.language)
else:
data['notification'] = db_get_notification(session, 1, user.language)
subject, body = Templating().get_mail_subject_and_body(data)
session.add(models.Mail({
'address': data['user']['mail_address'],
'subject': subject,
'body': body,
'tid': tid
}))
def create_identityaccessrequest(store, user_id, rtip_id, request, language):
rtip = db_access_rtip(store, user_id, rtip_id)
iar = IdentityAccessRequest()
iar.request_motivation = request['request_motivation']
iar.receivertip_id = rtip.id
store.add(iar)
return serialize_identityaccessrequest(iar, language)
def create_identityaccessrequest(session, tid, user_id, rtip_id, request):
rtip, itip = db_access_rtip(session, tid, user_id, rtip_id)
iar = models.IdentityAccessRequest()
iar.request_motivation = request['request_motivation']
iar.receivertip_id = rtip.id
session.add(iar)
session.flush()
db_create_identityaccessrequest_notifications(session, tid, itip, rtip, iar)
return serialize_identityaccessrequest(session, iar)
def db_get_rtip_identityaccessrequest_list(session, rtip_id):
"""
Transaction for retrieving identity associated to an rtip
:param session: An ORM session
:param rtip_id: An rtip ID
:return: The list of descriptors of the identity access requests associated to the specified rtip
"""
return [
serialize_identityaccessrequest(session, iar)
for iar in session.query(models.IdentityAccessRequest).filter(
models.IdentityAccessRequest.receivertip_id == rtip_id)
]
def create_identityaccessrequest(session, tid, user_id, rtip_id, request):
rtip, itip = db_access_rtip(session, tid, user_id, rtip_id)
iar = models.IdentityAccessRequest()
iar.request_motivation = request['request_motivation']
iar.receivertip_id = rtip.id
session.add(iar)
session.flush()
db_create_identityaccessrequest_notifications(session, tid, itip, rtip, iar)
return serialize_identityaccessrequest(session, iar)
def db_create_identityaccessrequest_notifications(session, tid, itip, rtip,
iar):
"""
Transaction for the creation of notifications related to identity access requests
:param session: An ORM session
:param tid: A tenant ID on which the request is issued
:param itip: A itip ID of the tip involved in the request
:param rtip: A rtip ID of the rtip involved in the request
:param iar: A identity access request model
"""
for user in session.query(models.User).filter(
models.User.role == 'custodian', models.User.tid == tid,
models.User.notification.is_(True)):
context = session.query(models.Context).filter(
models.Context.id == itip.context_id,
models.Context.tid == tid).one()
data = {'type': 'identity_access_request'}
data['user'] = user_serialize_user(session, user, user.language)
data['tip'] = serialize_rtip(session, rtip, itip, user.language)
data['context'] = admin_serialize_context(session, context,
user.language)
data['iar'] = serialize_identityaccessrequest(session, iar)
data['node'] = db_admin_serialize_node(session, tid, user.language)
if data['node']['mode'] == 'default':
data['notification'] = db_get_notification(session, tid,
user.language)
else:
data['notification'] = db_get_notification(session, 1,
user.language)
subject, body = Templating().get_mail_subject_and_body(data)
session.add(
models.Mail({
'address': data['user']['mail_address'],
'subject': subject,
'body': body,
'tid': tid
}))
def create_identityaccessrequest(session, tid, user_id, rtip_id, request):
"""
Transaction for the creation of notifications related to identity access requests
:param session: An ORM session
:param tid: A tenant ID of the user issuing the request
:param user_id: A user ID of the user issuing the request
:param rtip_id: A rtip_id ID of the rtip involved in the request
:param request: The request data
"""
rtip, itip = db_access_rtip(session, tid, user_id, rtip_id)
iar = models.IdentityAccessRequest()
iar.request_motivation = request['request_motivation']
iar.receivertip_id = rtip.id
session.add(iar)
session.flush()
db_create_identityaccessrequest_notifications(session, itip, rtip, iar)
return serialize_identityaccessrequest(session, iar)
def db_get_rtip_identityaccessrequest_list(session, rtip_id):
return [serialize_identityaccessrequest(session, iar) for iar in session.query(models.IdentityAccessRequest).filter(models.IdentityAccessRequest.receivertip_id == rtip_id)]
def get_identityaccessrequest_list(store, user_id, rtip_id, language):
rtip = db_access_rtip(store, user_id, rtip_id)
iars = store.find(IdentityAccessRequest, IdentityAccessRequest.receivertip_id == rtip.id)
return [serialize_identityaccessrequest(iar, language) for iar in iars]
def db_get_rtip_identityaccessrequest_list(session, rtip_id):
return [
serialize_identityaccessrequest(session, iar)
for iar in session.query(models.IdentityAccessRequest).filter(
models.IdentityAccessRequest.receivertip_id == rtip_id)
]
def get_identityaccessrequest_list(store, user_id, rtip_id, language):
rtip = db_access_rtip(store, user_id, rtip_id)
iars = store.find(IdentityAccessRequest, IdentityAccessRequest.receivertip_id == rtip.id)
return [serialize_identityaccessrequest(iar, language) for iar in iars]
def db_get_identityaccessrequest_list(store, rtip_id, language):
iars = store.find(IdentityAccessRequest,
IdentityAccessRequest.receivertip_id == rtip_id)
return [serialize_identityaccessrequest(iar, language) for iar in iars]
def db_get_identityaccessrequest_list(store, rtip_id, language):
return [serialize_identityaccessrequest(store, iar) for iar in store.find(models.IdentityAccessRequest, receivertip_id=rtip_id)]
def db_get_identityaccessrequest_list(store, rtip_id, language):
iars = store.find(IdentityAccessRequest, IdentityAccessRequest.receivertip_id == rtip_id)
return [serialize_identityaccessrequest(iar, language) for iar in iars]