def setup_group(self, team_id, uid):
is_admin = False
# create a default group if not exists
from porper.models.group import Group
group = Group(self.connection, loglevel)
group_info = group.find_by_id(team_id)
if not group_info:
# if this is the first user in this group, make it as admin
is_admin = True
group_info = {"id": team_id, "name": team_id}
group.create(group_info)
# now add this user to its default group
from porper.models.user_group import UserGroup
user_group = UserGroup(self.connection, loglevel)
user_group_info = {
"user_id": uid,
"group_id": team_id,
"is_admin": is_admin
}
self.logger.debug(ser_group_info)
user_group.create(user_group_info)
class InvitedUserController(MetaResourceController):
def __init__(self, connection=None, loglevel="INFO"):
MetaResourceController.__init__(self, connection, loglevel)
from porper.models.invited_user import InvitedUser
self.invited_user = InvitedUser(self.connection, loglevel)
from porper.models.user_group import UserGroup
self.user_group = UserGroup(self.connection, loglevel)
from porper.models.group import Group
self.group = Group(self.connection, loglevel)
# from porper.controllers.user_group_controller import UserGroupController
# self.user_group_controller = UserGroupController(self.connection)
self.permission_name = "invite"
def create(self, access_token, params):
"""
possible attributes in params
- auth_type, email, group_id, [invited_at, invited_by, is_admin]
"""
self.find_user_level(access_token)
if not self.is_permitted(self.permission_name, self.permission_write):
raise Exception("not permitted")
if not self.is_member(group_id=params['group_id']):
raise Exception("not permitted")
search_params = {
'email': params['email'],
'auth_type': params['auth_type']
}
items = self.invited_user.find(search_params)
if items:
if items[0]['state'] == self.invited_user.REGISTERED:
raise Exception("Already registered")
if items[0]['state'] == self.invited_user.INVITED:
self.logger.info("Already invited")
return True
# set the status to 'invited'
self.invited_user.update_state(params['email'],
params['auth_type'],
self.invited_user.INVITED)
return True
return self._save(self.user_id, params)
def _save(self, user_id, params):
# invited_users = self.invited_user.find(params)
# if len(invited_users) > 0:
# print('already invited')
# return True
customer_id = None
if 'customer_id' in params:
customer_id = params['customer_id']
del params['customer_id']
if not params.get('invited_by'):
params['invited_by'] = user_id
if not params.get('invited_at'):
params['invited_at'] = str(datetime.utcnow())
if not params.get('state'):
params['state'] = self.invited_user.INVITED
# if not params.get('is_admin'):
# params['is_admin'] = False
# else:
# params['is_admin'] = True
params = self.invited_user.create(params)
if customer_id:
params['customer_id'] = customer_id
return params
def update(self, access_token, params):
"""
attributes in params
- auth_type, email
"""
self.find_user_level(access_token)
if not self.is_permitted(self.permission_name, self.permission_write):
raise Exception("not permitted")
items = self.invited_user.find_simple({
'email': params['email'],
'auth_type': params['auth_type']
})
if not items:
raise Exception("not permitted")
if items[0]['state'] == self.invited_user.REGISTERED:
raise Exception("Already registered")
ret = self.group.find_by_id(items[0]['group_id'])
if not ret:
raise Exception("not permitted")
if self.is_customer_admin:
if self.customer_id != ret['customer_id']:
raise Exception("not permitted")
elif not self.is_admin:
if not self.is_member(group_id=items[0]['group_id']):
raise Exception("not permitted")
params['state'] = self.invited_user.INVITED
return self.invited_user.update_state(params['email'],
params['auth_type'],
params['state'])
def find(self, access_token, params):
"""
possible attributes in params
- group_id
- auth_type, email
- None
"""
self.find_user_level(access_token)
if not self.is_permitted(self.permission_name, self.permission_read):
raise Exception("not permitted")
# if the current user is admin, return all fetched invited_users
if self.is_admin:
return self.invited_user.find(params)
elif self.is_customer_admin:
return self.invited_user.find(params, customer_id=self.customer_id)
else:
return self.invited_user.find(params, user_id=self.user_id)
def delete(self, access_token, params):
"""
attributes in params
- auth_type, email
"""
self.find_user_level(access_token)
if not self.is_permitted(self.permission_name, self.permission_write):
raise Exception("not permitted")
items = self.invited_user.find_simple({
'email': params['email'],
'auth_type': params['auth_type']
})
if not items:
raise Exception("not permitted")
if items[0]['state'] == self.invited_user.REGISTERED:
raise Exception("Already registered")
ret = self.group.find_by_id(items[0]['group_id'])
if not ret:
raise Exception("not permitted")
if self.is_customer_admin:
if self.customer_id != ret['customer_id']:
raise Exception("not permitted")
elif not self.is_admin:
if not self.is_member(group_id=items[0]['group_id']):
raise Exception("not permitted")
params['state'] = self.invited_user.CANCELLED
self.invited_user.update_state(params['email'], params['auth_type'],
params['state'])
return True
class GroupController(MetaResourceController):
def __init__(self, connection=None, loglevel="INFO"):
#self.connection = connection
MetaResourceController.__init__(self, connection, loglevel)
from porper.models.group import Group
self.group = Group(self.connection, loglevel)
from porper.models.user import User
self.user = User(self.connection, loglevel)
# from porper.controllers.user_group_controller import UserGroupController
# self.user_group_controller = UserGroupController(self.connection)
self.permission_name = 'group'
# only the admin can create a group
def create(self, access_token, params):
"""
possible attributes in params
- [id], name
"""
self.logger.info(f"params={params}")
self.logger.info(f"access_token={access_token}")
# self.logger.info(f"paths={paths}")
self.find_user_level(access_token)
if not self.is_permitted(self.permission_name, self.permission_write):
raise Exception("not permitted")
if "customer_id" not in params or not self.is_member(
customer_id=params['customer_id']):
raise Exception("not permitted")
return self.group.create(params)
def update(self, access_token, params):
"""
possible attributes in params
- id, name
"""
self.logger.info(f'group_controller_update-params={params}')
self.logger.info(
f'group_controller_update-access_token={access_token}')
self.find_user_level(access_token)
if not self.is_permitted(self.permission_name, self.permission_write):
raise Exception("not permitted")
item = self.group.find_by_id(params['id'])
if not item or not self.is_member(customer_id=item['customer_id']):
raise Exception("not permitted")
if params.get('customer_id'):
raise Exception('You cannot update the group customer')
if 'name' in params:
ret = self.group.find({'name': params['name']})
if ret and ret[0]['id'] != params['id']:
raise Exception("the group name already exists")
return self.group.update(params)
def delete(self, access_token, params):
"""
possible attributes in params
- id
"""
self.find_user_level(access_token)
if not self.is_permitted(self.permission_name, self.permission_write):
raise Exception("not permitted")
item = self.group.find_by_id(params['id'])
if not item or not self.is_member(customer_id=item['customer_id']):
raise Exception("not permitted")
# cannot remove it when it has users
users = self.user.find({'group_id': params['id']})
if len(users) > 0:
raise Exception(
"You must remove all users before removing this group")
return self.group.delete(params['id'])
def find(self, access_token, params):
"""
possible attributes in params
- user_id: find all groups where this given user belongs
- id: find a specific group
- ids: find specific groups
- None: No condition
- name
"""
self.find_user_level(access_token)
if 'closed' in params:
if not self.is_permitted(self.permission_name,
self.permission_read):
raise Exception("not permitted")
customer_id = None
user_id = None
if 'closed' in params:
# allow users/groups of the groups only this user belongs
if self.is_customer_admin:
customer_id = self.customer_id
elif not self.is_admin:
user_id = self.user_id
del params['closed']
else:
# allow all users/groups of the customer this user belongs
if not self.is_admin:
customer_id = self.customer_id
if 'ids' in params:
groups = self.group.find_by_ids(params['ids'],
customer_id=customer_id,
user_id=user_id)
return groups
else:
groups = self.group.find(params,
customer_id=customer_id,
user_id=user_id)
if groups and 'id' in params:
return groups[0]
return groups
from porper.models.user_group import UserGroup
user_group = UserGroup(dynamodb)
admin_user_groups = user_group.find_by_group_ids(admin_group_ids)
admin_user_ids = [ug['user_id'] for ug in admin_user_groups]
all_user_groups = user_group.find({})
all_user_ids = [ug['user_id'] for ug in all_user_groups]
non_admin_user_ids = [u for u in all_user_ids if u not in admin_user_ids]
# finally non-admin groups & users
non_admin_user_group_ids = user_group.find_by_user_ids(non_admin_user_ids)
# fill customer ids
from porper.models.group import Group
group = Group(dynamodb)
for ug_id in non_admin_user_group_ids:
ug_id['customer_id'] = group.find_by_id(ug_id['group_id'])['customer_id']
# non_admin_group_ids = [ug['group_id'] for ug in non_admin_user_group_ids]
#
# # group by customers
# from porper.models.group import Group
# group = Group(dynamodb)
# non_admin_groups = group.find_by_ids(non_admin_group_ids)
# non_admin_by_customer_id = {}
# for g in non_admin_groups:
# if g['customer_id'] in non_admin_by_customer_id:
# non_admin_by_customer_id[g['customer_id']][g['id']] = None
# else:
# non_admin_by_customer_id[g['customer_id']] = {g['id']: None}
#
# # fill users in groups by customer