def _session(self): # TODO(#8046): Figure out whether it makes sense to use `using_database` instead # and what downstream would have to be refactored. return SessionFactory.deprecated__for_database(self.database_key)
def dashboard_user_restrictions_by_email( ) -> Tuple[Union[Auth0AppMetadata, str], HTTPStatus]: """This endpoint is accessed by a service account used by an Auth0 hook that is called at the pre-registration when a user first signs up for an account. Given a user email address in the request, it responds with the app_metadata that the hook will save on the user so that the UP dashboards can apply the appropriate restrictions. Query parameters: email_address: (required) The email address that requires a user restrictions lookup region_code: (required) The region code to use to lookup the user restrictions Returns: JSON response of the app_metadata associated with the given email address and an HTTP status Raises: Nothing. Catch everything so that we can always return a response to the request """ email_address = get_only_str_param_value("email_address", request.args) region_code = get_only_str_param_value("region_code", request.args, preserve_case=True) try: if not email_address: return "Missing email_address param", HTTPStatus.BAD_REQUEST if not region_code: return "Missing region_code param", HTTPStatus.BAD_REQUEST _validate_region_code(region_code) validate_email_address(email_address) except ValueError as error: logging.error(error) return str(error), HTTPStatus.BAD_REQUEST database_key = SQLAlchemyDatabaseKey.for_schema( schema_type=SchemaType.CASE_TRIAGE) # TODO(#8046): Don't use the deprecated session fetcher session = SessionFactory.deprecated__for_database( database_key=database_key) try: user_restrictions = (session.query( DashboardUserRestrictions.allowed_supervision_location_ids, DashboardUserRestrictions.allowed_supervision_location_level, DashboardUserRestrictions.can_access_leadership_dashboard, DashboardUserRestrictions.can_access_case_triage, ).filter( DashboardUserRestrictions.state_code == region_code.upper(), func.lower(DashboardUserRestrictions.restricted_user_email) == email_address.lower(), ).one()) restrictions = _format_db_results(user_restrictions) return (restrictions, HTTPStatus.OK) except sqlalchemy.orm.exc.NoResultFound: return ( f"User not found for email address {email_address} and region code {region_code}.", HTTPStatus.NOT_FOUND, ) except Exception as error: logging.error(error) return ( f"An error occurred while fetching dashboard user restrictions with the email {email_address} for " f"region_code {region_code}: {error}", HTTPStatus.INTERNAL_SERVER_ERROR, ) finally: session.close()