def org_add_user(user, org_id_slug, user_email): if not user.admin: raise AuthError('You must be an admin to add a user to an Org.') # fetch org org = fetch_by_id_or_field(Org, 'slug', org_id_slug) if not org: raise NotFoundError('This Org does not exist.') # ensure the active user can edit this Org if user.id not in org.user_ids: raise ForbiddenError('You are not allowed to edit this Org.') # localize localize(org) # get this new user by id / email new_org_user = fetch_by_id_or_field(User, 'email', user_email) if not new_org_user: raise RequestError('User "{}" does not exist'.format(user_email)) # ensure that user is not already a part of this Org. if new_org_user.id in org.user_ids: raise RequestError('User "{}" is already a part of Org "{}"'.format( new_org_user.email, org.name)) org.users.append(new_org_user) db.session.commit() return jsonify(new_org_user)
def org_user(user, org_id_slug, user_email): # fetch org org = fetch_by_id_or_field(Org, 'slug', org_id_slug) if not org: raise NotFoundError( 'This Org does not exist.') # ensure the active user can edit this Org if user.id not in org.user_ids: raise ForbiddenError( 'You are not allowed to access this Org') # localize localize(org) # get this new user by id / email org_user = fetch_by_id_or_field(User, 'email', user_email) if not org_user: raise RequestError( 'This user does not yet exist') # check whether this user can view this other user: if not len(list(set(org_user.org_ids).intersection(set(user.org_ids)))): raise ForbiddenError( 'You are not allowed to view this user.' .format(user.email)) return jsonify(org_user)
def org_delete(user, org_id_slug): if not user.admin: raise AuthError('You must be an admin to delete an Org') # fetch org org = fetch_by_id_or_field(Org, 'slug', org_id_slug) # if it still doesn't exist, raise an error. if not org: raise NotFoundError('This Org does not exist.') # localize localize(org) # ensure the active user can edit this Org if user.id not in org.user_ids: raise ForbiddenError( 'User "{}" is not allowed to access Org "{}".'.format( user.name, org.name)) db.session.delete(org) db.session.commit() return delete_response()
def decorated_function(*args, **kw): # get the org org_id = arg_str('org', default=None) if not org_id: raise AuthError( 'An org is required for this request.') # get the user object. user = kw.get('user') org = fetch_by_id_or_field(Org, 'slug', org_id) # if it still doesn't exist, raise an error. if not org: raise NotFoundError( 'An Org with ID/Slug {} does exist.' .format(org_id)) # otherwise ensure the active user can edit this Org if user.id not in org.user_ids: raise ForbiddenError( 'User "{}" is not allowed to access Org "{}".' .format(user.name, org.name)) # check if we should localize this request localize(org) kw['org'] = org return f(*args, **kw)
def decorated_function(*args, **kw): # get the org org_id = arg_str('org', default=None) if not org_id: raise AuthError('An org is required for this request.') # get the user object. user = kw.get('user') org = fetch_by_id_or_field(Org, 'slug', org_id) # if it still doesn't exist, raise an error. if not org: raise NotFoundError( 'An Org with ID/Slug {} does exist.'.format(org_id)) # otherwise ensure the active user can edit this Org if user.id not in org.user_ids: raise ForbiddenError( 'User "{}" is not allowed to access Org "{}".'.format( user.name, org.name)) # check if we should localize this request localize(org) kw['org'] = org return f(*args, **kw)
def org_delete(user, org_id_slug): if not user.admin: raise AuthError( 'You must be an admin to delete an Org') # fetch org org = fetch_by_id_or_field(Org, 'slug', org_id_slug) # if it still doesn't exist, raise an error. if not org: raise NotFoundError( 'This Org does not exist.') # localize localize(org) # ensure the active user can edit this Org if user.id not in org.user_ids: raise ForbiddenError( 'User "{}" is not allowed to access Org "{}".' .format(user.name, org.name)) db.session.delete(org) db.session.commit() return delete_response()
def org_user(user, org_id_slug, user_email): # fetch org org = fetch_by_id_or_field(Org, 'slug', org_id_slug) if not org: raise NotFoundError('This Org does not exist.') # ensure the active user can edit this Org if user.id not in org.user_ids: raise ForbiddenError('You are not allowed to access this Org') # localize localize(org) # get this new user by id / email org_user = fetch_by_id_or_field(User, 'email', user_email) if not org_user: raise RequestError('This user does not yet exist') # check whether this user can view this other user: if not len(list(set(org_user.org_ids).intersection(set(user.org_ids)))): raise ForbiddenError('You are not allowed to view this user.'.format( user.email)) return jsonify(org_user)
def org_metrics_summary(user, org_id_slug): # fetch org org = fetch_by_id_or_field(Org, 'slug', org_id_slug) # if it still doesn't exist, raise an error. if not org: raise NotFoundError( 'This Org does not exist.') # ensure the active user can edit this Org if user.id not in org.user_ids: raise ForbiddenError( 'You are not allowed to access this Org') # localize localize(org) req_data = request_data() ret = ingest_metric.org_summary( req_data, org_id=org.id, valid_metrics=org.org_summary_metric_names, commit=True ) return jsonify(ret)
def org_create_user(user, org_id_slug): if not user.admin: raise AuthError( 'You must be an admin to create a user for an Org.') # get the form. req_data = request_data() email = req_data.get('email') password = req_data.get('password') name = req_data.get('name') admin = req_data.get('admin', False) if not all([email, password, name]): raise RequestError( 'An email, password, and name are required to create a User.') # fetch org org = fetch_by_id_or_field(Org, 'slug', org_id_slug) # if it still doesn't exist, raise an error. if not org: raise NotFoundError('This Org does not exist.') # localize localize(org) # ensure the active user can edit this Org if user.id not in org.user_ids: raise ForbiddenError( "You are not allowed to access this Org.") if User.query.filter_by(email=email).first(): raise RequestError( 'A User with email "{}" already exists' .format(email)) if not mail.validate(email): raise RequestError( '{} is an invalid email address.' .format(email)) new_org_user = User( email=email, password=password, name=name, admin=admin) org.users.append(new_org_user) db.session.commit() return jsonify(new_org_user)
def org_remove_user(user, org_id_slug, user_email): if not user.admin: raise AuthError( 'You must be an admin to remove a user from an Org.') # fetch org org = fetch_by_id_or_field(Org, 'slug', org_id_slug) # if it still doesn't exist, raise an error. if not org: raise NotFoundError('This Org does not exist.') # localize localize(org) # ensure the active user can edit this Org if user.id not in org.user_ids: raise ForbiddenError( "You are not allowed to access this Org.") # get this existing user by id / email existing_user = fetch_by_id_or_field(User, 'email', user_email) if not existing_user: raise RequestError( 'User "{}" does not yet exist' .format(user_email)) # ensure that user is not already a part of this Org. if existing_user.id not in org.user_ids: raise RequestError( 'User "{}" is not a part of Org "{}"' .format(existing_user.email, org.name)) # remove the user from the org org.users.remove(existing_user) # if we're force-deleting the user, do so # but make sure their recipes are re-assigned # to the super-user if arg_bool('force', False): cmd = "UPDATE recipes set user_id={} WHERE user_id={}"\ .format(org.super_user.id, existing_user.id) db.session.execute(cmd) db.session.delete(user) db.session.commit() return delete_response()
def org(user, org_id): # fetch org org = fetch_by_id_or_field(Org, 'slug', org_id) # if it still doesn't exist, raise an error. if not org: raise NotFoundError('Org {} does not exist.'.format(org_id)) # ensure the active user can edit this Org if user.id not in org.user_ids: raise ForbiddenError('You are not allowed to access this Org') # localize localize(org) return jsonify(org.to_dict(incl_domains=True))
def get_org_summary(user, org_id_slug): # fetch org org = fetch_by_id_or_field(Org, "slug", org_id_slug) # if it still doesn't exist, raise an error. if not org: raise NotFoundError("This Org does not exist.") # ensure the active user can edit this Org if user.id not in org.user_ids: raise ForbiddenError("You are not allowed to access this Org") # localize localize(org) return jsonify(org.summary_metrics)
def get_org_summary(user, org_id_slug): # fetch org org = fetch_by_id_or_field(Org, 'slug', org_id_slug) # if it still doesn't exist, raise an error. if not org: raise NotFoundError('This Org does not exist.') # ensure the active user can edit this Org if user.id not in org.user_ids: raise ForbiddenError('You are not allowed to access this Org') # localize localize(org) return jsonify(org.summary_metrics)
def org_remove_user(user, org_id_slug, user_email): if not user.admin: raise AuthError('You must be an admin to remove a user from an Org.') # fetch org org = fetch_by_id_or_field(Org, 'slug', org_id_slug) # if it still doesn't exist, raise an error. if not org: raise NotFoundError('This Org does not exist.') # localize localize(org) # ensure the active user can edit this Org if user.id not in org.user_ids: raise ForbiddenError("You are not allowed to access this Org.") # get this existing user by id / email existing_user = fetch_by_id_or_field(User, 'email', user_email) if not existing_user: raise RequestError('User "{}" does not yet exist'.format(user_email)) # ensure that user is not already a part of this Org. if existing_user.id not in org.user_ids: raise RequestError('User "{}" is not a part of Org "{}"'.format( existing_user.email, org.name)) # remove the user from the org org.users.remove(existing_user) # if we're force-deleting the user, do so # but make sure their recipes are re-assigned # to the super-user if arg_bool('force', False): cmd = "UPDATE recipes set user_id={} WHERE user_id={}"\ .format(org.super_user.id, existing_user.id) db.session.execute(cmd) db.session.delete(user) db.session.commit() return delete_response()
def org_update(user, org_id_slug): req_data = request_data() # fetch org org = fetch_by_id_or_field(Org, 'slug', org_id_slug) # if the org doesnt exist, create it. if not org: raise NotFoundError( 'This Org does not exist.') if user.id not in org.user_ids: raise ForbiddenError( "You are not allowed to access this Org.") # localize localize(org) # update the requesting user to the org if 'name' in req_data: org.name = req_data['name'] if 'slug' in req_data: org.slug = req_data['slug'] elif 'name' in req_data: org.slug = slugify(req_data['name']) if 'timezone' in req_data: org.timezone = req_data['timezone'] try: db.session.add(org) db.session.commit() except Exception as e: raise RequestError( "An error occurred while updating this Org '{}'. " "Here's the error message: {}" .format(org.name, e.message)) return jsonify(org)
def org(user, org_id_slug): # fetch org org = fetch_by_id_or_field(Org, 'slug', org_id_slug) # if it still doesn't exist, raise an error. if not org: raise NotFoundError( 'This Org does not exist.') # ensure the active user can edit this Org if user.id not in org.user_ids: raise ForbiddenError( 'You are not allowed to access this Org') # localize localize(org) return jsonify(org)
def org_content(user, org_id_slug): """ Return a simple list of all content items an organization owns. """ # fetch org org = fetch_by_id_or_field(Org, 'slug', org_id_slug) # if it still doesn't exist, raise an error. if not org: raise NotFoundError('This Org does not exist.') # ensure the active user can edit this Org if user.id not in org.user_ids: raise ForbiddenError('You are not allowed to access this Org') # localize localize(org) return jsonify(org.simple_content_items)
def org_users(user, org_id_slug): # fetch org org = fetch_by_id_or_field(Org, 'slug', org_id_slug) # if it still doesn't exist, raise an error. if not org: raise NotFoundError('This Org does not exist.') # localize localize(org) # ensure the active user can edit this Org if user.id not in org.user_ids: raise ForbiddenError( 'User "{}" is not allowed to access Org "{}".'.format( user.email, org.name)) return jsonify(org.users)
def org_create_user(user, org_id_slug): if not user.admin: raise AuthError('You must be an admin to create a user for an Org.') # get the form. req_data = request_data() email = req_data.get('email') password = req_data.get('password') name = req_data.get('name') admin = req_data.get('admin', False) if not all([email, password, name]): raise RequestError( 'An email, password, and name are required to create a User.') # fetch org org = fetch_by_id_or_field(Org, 'slug', org_id_slug) # if it still doesn't exist, raise an error. if not org: raise NotFoundError('This Org does not exist.') # localize localize(org) # ensure the active user can edit this Org if user.id not in org.user_ids: raise ForbiddenError("You are not allowed to access this Org.") if User.query.filter_by(email=email).first(): raise RequestError( 'A User with email "{}" already exists'.format(email)) if not mail.validate(email): raise RequestError('{} is an invalid email address.'.format(email)) new_org_user = User(email=email, password=password, name=name, admin=admin) org.users.append(new_org_user) db.session.commit() return jsonify(new_org_user)
def org_users(user, org_id_slug): # fetch org org = fetch_by_id_or_field(Org, 'slug', org_id_slug) # if it still doesn't exist, raise an error. if not org: raise NotFoundError( 'This Org does not exist.') # localize localize(org) # ensure the active user can edit this Org if user.id not in org.user_ids: raise ForbiddenError( 'User "{}" is not allowed to access Org "{}".' .format(user.email, org.name)) return jsonify(org.users)
def create_org_timeseries(user, org_id_slug): # fetch org org = fetch_by_id_or_field(Org, "slug", org_id_slug) # if it still doesn't exist, raise an error. if not org: raise NotFoundError("This Org does not exist.") # ensure the active user can edit this Org if user.id not in org.user_ids: raise ForbiddenError("You are not allowed to access this Org") # localize localize(org) req_data = request_data() ret = load.org_timeseries(req_data, org_id=org.id, metrics_lookup=org.timeseries_metrics, queued=False, commit=True) return jsonify(ret)
def org_content(user, org_id_slug): """ Return a simple list of all content items an organization owns. """ # fetch org org = fetch_by_id_or_field(Org, 'slug', org_id_slug) # if it still doesn't exist, raise an error. if not org: raise NotFoundError( 'This Org does not exist.') # ensure the active user can edit this Org if user.id not in org.user_ids: raise ForbiddenError( 'You are not allowed to access this Org') # localize localize(org) return jsonify(org.simple_content_items)
def org_update(user, org_id): req_data = request_data() # fetch org org = fetch_by_id_or_field(Org, 'slug', org_id) # if the org doesnt exist, create it. if not org: raise NotFoundError('Org {} does not exist.'.format(org_id)) if user.id not in org.user_ids: raise ForbiddenError("You are not allowed to access this Org.") # localize localize(org) # update the requesting user to the org if 'name' in req_data: org.name = req_data['name'] if 'slug' in req_data: org.slug = req_data['slug'] elif 'name' in req_data: org.slug = slug(req_data['name']) if 'timezone' in req_data: org.timezone = req_data['timezone'] try: db.session.add(org) db.session.commit() except Exception as e: raise RequestError("An error occurred while updating this Org '{}'. " "Here's the error message: {}".format( org.name, e.message)) return jsonify(org)
def create_org_metrics_summary(user, org_id_slug): # fetch org org = fetch_by_id_or_field(Org, 'slug', org_id_slug) # if it still doesn't exist, raise an error. if not org: raise NotFoundError('This Org does not exist.') # ensure the active user can edit this Org if user.id not in org.user_ids: raise ForbiddenError('You are not allowed to access this Org') # localize localize(org) req_data = request_data() ret = load.org_summary(req_data, org_id=org.id, mertrics_lookup=org.summary_metrics, queue=False) return jsonify(ret)
def org_add_user(user, org_id_slug, user_email): if not user.admin: raise AuthError( 'You must be an admin to add a user to an Org.') # fetch org org = fetch_by_id_or_field(Org, 'slug', org_id_slug) if not org: raise NotFoundError( 'This Org does not exist.') # ensure the active user can edit this Org if user.id not in org.user_ids: raise ForbiddenError( 'You are not allowed to edit this Org.') # localize localize(org) # get this new user by id / email new_org_user = fetch_by_id_or_field(User, 'email', user_email) if not new_org_user: raise RequestError('User "{}" does not exist' .format(user_email)) # ensure that user is not already a part of this Org. if new_org_user.id in org.user_ids: raise RequestError('User "{}" is already a part of Org "{}"' .format(new_org_user.email, org.name)) org.users.append(new_org_user) db.session.commit() return jsonify(new_org_user)
def org_add_user(user, org_id, user_email): if not user.admin: raise AuthError('You must be an admin to add a user to an Org.') # fetch org org = fetch_by_id_or_field(Org, 'slug', org_id) if not org: raise NotFoundError('Org {} does not exist.'.format(org_id)) # ensure the active user can edit this Org if user.id not in org.user_ids: raise ForbiddenError('You are not allowed to edit this Org.') # localize localize(org) # get this new user by id / email new_org_user = fetch_by_id_or_field(User, 'email', user_email) # get the form. req_data = request_data() email = req_data.get('email') name = req_data.get('name') admin = req_data.get('admin', False) password = req_data.get('password') if email and not mail.validate(email): raise RequestError('{} is an invalid email address.'.format(email)) # insert if not new_org_user: if not all([email, password, name]): raise RequestError( 'An email, password, and name are required to create a User.') new_org_user = User(email=email, password=password, name=name, admin=admin) org.users.append(new_org_user) db.session.add(org) # ensure the active user can edit this Org elif new_org_user.id not in org.user_ids: raise ForbiddenError("You are not allowed to access this Org.") # update if name: new_org_user.name = name if email: new_org_user.email = email if admin: new_org_user.admin = admin if password: new_org_user.set_password(password) new_org_user.admin = admin db.session.add(new_org_user) db.session.commit() return jsonify(new_org_user)
def org_add_user(user, org_id_slug, user_email): if not user.admin: raise AuthError( 'You must be an admin to add a user to an Org.') # fetch org org = fetch_by_id_or_field(Org, 'slug', org_id_slug) if not org: raise NotFoundError( 'This Org does not exist.') # ensure the active user can edit this Org if user.id not in org.user_ids: raise ForbiddenError( 'You are not allowed to edit this Org.') # localize localize(org) # get this new user by id / email new_org_user = fetch_by_id_or_field(User, 'email', user_email) # get the form. req_data = request_data() email = req_data.get('email') name = req_data.get('name') admin = req_data.get('admin', False) password = req_data.get('password') if email and not mail.validate(email): raise RequestError( '{} is an invalid email address.' .format(email)) # insert if not new_org_user: if not all([email, password, name]): raise RequestError( 'An email, password, and name are required to create a User.') new_org_user = User( email=email, password=password, name=name, admin=admin) org.users.append(new_org_user) db.session.add(org) # ensure the active user can edit this Org elif new_org_user.id not in org.user_ids: raise ForbiddenError( "You are not allowed to access this Org.") # update if name: new_org_user.name = name if email: new_org_user.email = email if admin: new_org_user.admin = admin if password: new_org_user.set_password(password) new_org_user.admin = admin db.session.add(new_org_user) db.session.commit() return jsonify(new_org_user)