def _session(self):
# TODO(#8046): Figure out whether it makes sense to use `using_database` instead
# and what downstream would have to be refactored.
return SessionFactory.deprecated__for_database(self.database_key)
def dashboard_user_restrictions_by_email(
) -> Tuple[Union[Auth0AppMetadata, str], HTTPStatus]:
"""This endpoint is accessed by a service account used by an Auth0 hook that is called at the pre-registration when
a user first signs up for an account. Given a user email address in the request, it responds with
the app_metadata that the hook will save on the user so that the UP dashboards can apply the appropriate
restrictions.
Query parameters:
email_address: (required) The email address that requires a user restrictions lookup
region_code: (required) The region code to use to lookup the user restrictions
Returns:
JSON response of the app_metadata associated with the given email address and an HTTP status
Raises:
Nothing. Catch everything so that we can always return a response to the request
"""
email_address = get_only_str_param_value("email_address", request.args)
region_code = get_only_str_param_value("region_code",
request.args,
preserve_case=True)
try:
if not email_address:
return "Missing email_address param", HTTPStatus.BAD_REQUEST
if not region_code:
return "Missing region_code param", HTTPStatus.BAD_REQUEST
_validate_region_code(region_code)
validate_email_address(email_address)
except ValueError as error:
logging.error(error)
return str(error), HTTPStatus.BAD_REQUEST
database_key = SQLAlchemyDatabaseKey.for_schema(
schema_type=SchemaType.CASE_TRIAGE)
# TODO(#8046): Don't use the deprecated session fetcher
session = SessionFactory.deprecated__for_database(
database_key=database_key)
try:
user_restrictions = (session.query(
DashboardUserRestrictions.allowed_supervision_location_ids,
DashboardUserRestrictions.allowed_supervision_location_level,
DashboardUserRestrictions.can_access_leadership_dashboard,
DashboardUserRestrictions.can_access_case_triage,
).filter(
DashboardUserRestrictions.state_code == region_code.upper(),
func.lower(DashboardUserRestrictions.restricted_user_email) ==
email_address.lower(),
).one())
restrictions = _format_db_results(user_restrictions)
return (restrictions, HTTPStatus.OK)
except sqlalchemy.orm.exc.NoResultFound:
return (
f"User not found for email address {email_address} and region code {region_code}.",
HTTPStatus.NOT_FOUND,
)
except Exception as error:
logging.error(error)
return (
f"An error occurred while fetching dashboard user restrictions with the email {email_address} for "
f"region_code {region_code}: {error}",
HTTPStatus.INTERNAL_SERVER_ERROR,
)
finally:
session.close()
