def post():
is_new_install = True
# check if uuid is in there otherwise it is either a first installation
try:
in_json = request.get_json()
non_pii_uuid = in_json["uuid"]
# even if there is non_pii_uuid is in the input json, it could be a new one
# check if the dataset is existing with given uuid
dataset = mongoutils.get_non_pii_dataset_from_field(
cfg.FIELD_PROFILE_UUID, non_pii_uuid)
if dataset is not None:
is_new_install = False
msg = {
"reason":
"UUID in input json already exists in the database: " +
str(non_pii_uuid),
"error":
"Bad Request: " + request.url,
}
msg_json = jsonutils.create_log_json("Profile", "POST", msg)
logging.error("POST " + json.dumps(json.loads(msg_json)))
return rs_handlers.bad_request(msg)
except:
pass
if is_new_install:
# new installation of the app
currenttime = otherutils.get_current_time_utc()
non_pii_dataset = NonPiiData('')
non_pii_uuid = str(uuidlib.uuid4())
non_pii_dataset.set_uuid(non_pii_uuid)
non_pii_dataset.set_creation_date(currenttime)
non_pii_dataset.set_last_modified_date(currenttime)
dataset, id = mongoutils.insert_non_pii_dataset_to_mongodb(
non_pii_dataset)
profile_uuid = dataset["uuid"]
# use this if it needs to return actual dataset
dataset = jsonutils.remove_objectid_from_dataset(dataset)
# out_json = mongoutils.construct_json_from_query_list(dataset)
msg = "new profile with new uuid has been created: " + str(
profile_uuid)
msg_json = jsonutils.create_log_json("Profile", "POST", dataset)
logging.info("POST " + json.dumps(msg_json))
return rs_handlers.return_id(msg, 'uuid', profile_uuid)
def get(token_info=None, id=None):
login_id, is_login = otherutils.get_login(token_info)
data_list, is_objectid, is_error, resp = otherutils.get_data_list(
id, login_id, is_login, coll_contribution)
# if getting data process failed, that is is_error is true, return error reponse
if is_error:
return resp
jsonutils.convert_obejctid_from_dataset_json(data_list[0])
out_json = mongoutils.construct_json_from_query_list(data_list[0])
msg_json = jsonutils.create_log_json("Contribution", "GET",
{"id": str(id)})
logging.info("Contribution GET " +
json.dumps(jsonutils.remove_objectid_from_dataset(msg_json)))
return out_json
def pii_put(pid=None):
# Get ID Token data from global context variable.
auth_resp = g.user_token_data
tk_uin, tk_firstname, tk_lastname, tk_email, tk_phone, tk_is_uin, tk_is_phone = tokenutils.get_data_from_token(
auth_resp)
try:
in_json = request.get_json()
# ToDo following lines are commented out for now
# but it should be used if the email and phone number get updated
# # if there is any phone number or email information in input json, they will be removed
# # since the current policy is not updating the email or phone number
# # until further decision
# try:
# del in_json["uin"]
# except:
# pass
# try:
# del in_json["phone"]
# except:
# pass
except Exception as ex:
msg = {
"reason": "Json format error: " + str(pid),
"error": "Bad Request: " + request.url,
}
msg_json = jsonutils.create_log_json("PII", "PUT", msg)
logging.error("PII PUT " + json.dumps(msg_json))
return rs_handlers.bad_request(msg_json)
# check if the pid is really existing in the database
pii_dataset = mongoutils.get_pii_dataset_from_field(cfg.FIELD_PID, pid)
if pii_dataset == None:
msg = {
"reason": "There is no dataset with given pii uuid: " + str(pid),
"error": "Not Found: " + request.url,
}
msg_json = jsonutils.create_log_json("PII", "PUT", msg)
logging.error("PII PUT " + json.dumps(msg_json))
return rs_handlers.not_found(msg_json)
creation_date = pii_dataset.get_creation_date()
tmp_dataset = json.loads(json.dumps(pii_dataset.__dict__))
auth_pass = check_id(auth_resp, tmp_dataset)
if not (auth_pass):
msg = {
"reason": "The user info in id token and db are not matching.",
"error": "Authorization Failed."
}
msg_json = jsonutils.create_log_json("PII", "PUT", msg)
logging.error("PII PUT " + json.dumps(msg_json))
return jsonutils.create_auth_fail_message()
# get the current testResultsConset value to see if it is changed
# if changed, update last modified date after updating pii data
consent_provided = None
consent_last_modified = None
try:
consent_provided = pii_dataset.testResultsConsent["consentProvided"]
consent_last_modified = pii_dataset.testResultsConsent["dateModified"]
except:
pass
pii_dataset = datasetutils.update_pii_dataset_from_json(pii_dataset, in_json)
currenttime = otherutils.get_current_time_utc()
# if consentProvided value has been changed, update the last modified date
try:
if consent_provided != pii_dataset.testResultsConsent['consentProvided']:
pii_dataset = update_test_results_consent(pii_dataset)
else: # record the exising modified date that got lost during the json update
pii_dataset.testResultsConsent['dateModified'] = consent_last_modified
except:
pass
pii_dataset.set_last_modified_date(currenttime)
# remove creation date field and pid so doesn't get updated
del pii_dataset.creationDate
del pii_dataset.pid
# update pii_dataset's non_pii_uuid
non_pii_uuid_from_dataset = pii_dataset.get_uuid()
try:
non_pii_uuid = in_json[cfg.FIELD_PROFILE_UUID]
# both non_pii_uuid and non_pii_uuid_from_dataset should be list
if (type(non_pii_uuid) is not list) or (type(non_pii_uuid_from_dataset) is not list):
msg = {
"reason": "The uuid information is not a list.",
"error": "Json format error."
}
msg_json = jsonutils.create_log_json("PII", "PUT", msg)
logging.error("PII PUT " + json.dumps(msg_json))
return rs_handlers.bad_request(msg_json)
pii_dataset.set_uuid(non_pii_uuid)
# # the following lines can be used for item to item comparison and append when it is needed
# for i in range(len(non_pii_uuid)):
# pii_dataset = append_non_pii_uuid(non_pii_uuid[i], non_pii_uuid_from_dataset, pii_dataset)
except:
pass
# update dataset from id token info. Currently, only UIN and phone number are considered verified information and hence gets precedence through ID Token validation / parsing.
# if tk_firstname is not None:
# pii_dataset.set_firstname(tk_firstname)
# if tk_lastname is not None:
# pii_dataset.set_lastname(tk_lastname)
# if tk_email is not None:
# pii_dataset.set_email(tk_email)
if tk_phone is not None:
pii_dataset.set_phone(tk_phone)
if tk_uin is not None:
pii_dataset.set_uin(tk_uin)
result, pii_dataset = mongoutils.update_pii_dataset_in_mongo_by_field(cfg.FIELD_PID, pid,
pii_dataset)
if result is None:
msg = {
"reason": "Failed to update non pii uuid into pii dataset: " + str(pid),
"error": "Not Implemented: " + request.url,
}
msg_json = jsonutils.create_log_json("PII", "PUT", msg)
logging.error("PII PUT " + json.dumps(msg_json))
return rs_handlers.not_implemented(msg_json)
# add pid and original creation date to dataset for output json
try:
pii_dataset["pid"] = pid
pii_dataset["creationDate"] = creation_date
except:
pass
pii_dataset = jsonutils.remove_file_descriptor_from_dataset(pii_dataset)
out_json = mongoutils.construct_json_from_query_list(pii_dataset)
msg_json = jsonutils.create_log_json("PII", "PUT", jsonutils.remove_objectid_from_dataset(pii_dataset), 'pii')
logging.info("PII PUT " + json.dumps(msg_json))
return out_json
def pii_post():
# msg = {'message': 'POST info for PII:'}
# resp = jsonify(msg)
# resp.status_code = 200
# logging.debug("POST " + json.dumps(msg))
#
# return resp
# Get ID Token data from global context variable.
auth_resp = g.user_token_data
tk_uin, tk_firstname, tk_lastname, tk_email, tk_phone, tk_is_uin, tk_is_phone = tokenutils.get_data_from_token(
auth_resp)
is_new_entry = False
# Todo following variable should be revived if the email or phone number can get updated
# auth_pass = False
try:
in_json = request.get_json()
except Exception as ex:
msg = {
"reason": "Json format error.",
"error": "Bad Request: " + request.url,
}
msg_json = jsonutils.create_log_json("PII", "POST", msg)
logging.error("PII POST " + json.dumps(msg_json))
return rs_handlers.bad_request(msg_json)
# get uuid, if failed it is a bad request
try:
non_pii_uuid = in_json[cfg.FIELD_PROFILE_UUID]
if isinstance(non_pii_uuid, list) == False:
# # this is an error routine when it is not a list
# # for now, this should be commented out because the endpoint will accept both string and list
# # after chaning the app only send uuid as a list, following lines should be revived
# msg = {
# "reason": "The uuid information is not a list.",
# "error": "Json format error."
# }
# msg_json = jsonutils.create_log_json("PII", "POST", msg)
# logging.error("PII POST " + json.dumps(msg_json))
# return rs_handlers.bad_request(msg_json)
# if non_pii_uuid is not a list,
# we assume that it is a single string uuid object so convert this to a list with single item
tmp_list = []
tmp_list.append(non_pii_uuid)
non_pii_uuid = tmp_list
except Exception as ex:
msg = {
"reason": "uuid not supplied.",
"error": "Bad Request: " + request.url,
}
msg_json = jsonutils.create_log_json("PII", "POST", msg)
logging.error("PII POST " + json.dumps(msg_json))
return rs_handlers.bad_request(msg_json)
# get non_pii_uuid value from the list
if len(non_pii_uuid) > 0:
non_pii_uuid = non_pii_uuid[0]
else:
msg = {
"reason": "uuid list is empty.",
"error": "Bad Request: " + request.url,
}
msg_json = jsonutils.create_log_json("PII", "POST", msg)
logging.error("PII POST " + json.dumps(msg_json))
return rs_handlers.bad_request(msg_json)
# check if it is a new record or existing record
try:
pid = in_json[cfg.FIELD_PID]
dataset = mongoutils.get_pii_dataset_from_field(cfg.FIELD_PROFILE_UUID, pid)
# if it is an existing entry, then check if the information in db matches with the id token
auth_pass = check_auth(dataset, tk_uin, tk_phone, tk_is_uin, tk_is_phone)
except:
dataset = None
is_new_entry = True
# check if the email already exists
if tk_is_uin:
try:
dataset = mongoutils.get_pii_dataset_from_field('uin', tk_uin)
# if there is a dataset, it means that the email is existing in the database
if dataset is not None:
# ToDo Following lines will be commented out due to the following assumption
# that the email in the database doesn't get updated so, no change in email.
# However, if there is email update available, the following part should be revived.
# # check if the id token and db info matches
# if not (auth_pass):
# msg = {
# "reason": "The user info in id token and db are not matching.",
# "error": "Authorization Failed."
# }
# msg_json = jsonutils.create_log_json("PII", "POST", msg)
# self.logger.error("PII POST " + json.dumps(msg_json))
# return jsonutils.create_auth_fail_message()
#
# if not (auth_pass):
# msg = {
# "reason": "The user info in id token and db are not matching.",
# "error": "Authorization Failed."
# }
# msg_json = jsonutils.create_log_json("PII", "POST", msg)
# self.logger.error("PII POST " + json.dumps(msg_json))
# return jsonutils.create_auth_fail_message()
pid = dataset.get_pid()
non_pii_uuid_from_dataset = dataset.uuid
dataset = append_non_pii_uuid(non_pii_uuid, non_pii_uuid_from_dataset, dataset)
currenttime = otherutils.get_current_time_utc()
dataset.set_last_modified_date(currenttime)
result, pii_dataset = mongoutils.update_pii_dataset_in_mongo_by_field(cfg.FIELD_PID, pid, dataset)
msg = {
"reason": "UIN already exists: " + str(pid),
"warning": "UIN already exists: " + request.url,
}
msg_json = jsonutils.create_log_json("PII", "POST", msg)
logging.warning("PII POST " + json.dumps(msg_json))
return rs_handlers.return_id('UIN already exists.', 'pid', pid)
except:
return rs_handlers.internal_server_error()
# check if the phonenumber already exists
if tk_is_phone:
try:
dataset = mongoutils.get_pii_dataset_from_field('phone', tk_phone)
# ToDo Following lines will be commented out due to the following assumption
# that the email in the database doesn't get updated so, no change in email.
# However, if there is email update available, the following part should be revived.
# check if the id token and db info matches
# if not (auth_pass):
# auth_pass = self.check_auth(dataset, tk_uin, tk_phone, tk_is_uin, tk_is_phone)
#
# if not (auth_pass):
# msg = {
# "reason": "The user info in id token and db are not matching.",
# "error": "Authorization Failed."
# }
# msg_json = jsonutils.create_log_json("PII", "POST", msg)
# self.logger.error("PII POST " + json.dumps(msg_json))
# return jsonutils.create_auth_fail_message()
if dataset is not None:
pid = dataset.get_pid()
non_pii_uuid_from_dataset = dataset.uuid
dataset = append_non_pii_uuid(non_pii_uuid, non_pii_uuid_from_dataset, dataset)
currenttime = otherutils.get_current_time_utc()
dataset.set_last_modified_date(currenttime)
result, pii_dataset = mongoutils.update_pii_dataset_in_mongo_by_field(cfg.FIELD_PID, pid, dataset)
msg = {
"reason": "Phone number already exists: " + str(pid),
"warning": "Phone number already exists: " + request.url,
}
msg_json = jsonutils.create_log_json("PII", "POST", msg)
logging.warning("PII POST " + json.dumps(msg_json))
return rs_handlers.return_id('Phone number already exists.', 'pid', pid)
except:
return rs_handlers.internal_server_error()
if dataset is not None:
is_new_entry = False
pii_dataset = PiiData(in_json)
if is_new_entry:
# insert new pii_dataset
currenttime = otherutils.get_current_time_utc()
pid = str(uuidlib.uuid4())
pii_dataset.set_pid(pid)
non_pii_uuid_from_dataset = []
non_pii_uuid_from_dataset.append(non_pii_uuid)
pii_dataset.set_uuid(non_pii_uuid_from_dataset)
pii_dataset.set_creation_date(currenttime)
pii_dataset.set_last_modified_date(currenttime)
# to check if there is testResultsConsent and update modified date
try:
if in_json["testResultsConsent"]:
pii_dataset = update_test_results_consent(pii_dataset)
except:
pass
# update dataset from id token info. Currently, only UIN and phone number are considered verified information and hence gets precedence through ID Token validation / parsing.
# if tk_firstname is not None:
# pii_dataset.set_firstname(tk_firstname)
# if tk_lastname is not None:
# pii_dataset.set_lastname(tk_lastname)
# if tk_email is not None:
# pii_dataset.set_email(tk_email)
if tk_phone is not None:
pii_dataset.set_phone(tk_phone)
if tk_uin is not None:
pii_dataset.set_uin(tk_uin)
pii_dataset = mongoutils.insert_pii_dataset_to_mongodb(pii_dataset)
if pii_dataset is None:
msg = {
"reason": "Failed to update profile uuid into pii dataset: " + str(pid),
"error": "Not Implemented: " + request.url,
}
msg_json = jsonutils.create_log_json("PII", "POST", msg)
logging.error("PII POST " + json.dumps(msg_json))
return rs_handlers.not_implemented(msg_json)
msg = "Pii data has been posted with : " + str(pid)
msg_json = jsonutils.create_log_json("PII", "POST", jsonutils.remove_objectid_from_dataset(pii_dataset), 'pii')
logging.info("PII POST " + json.dumps(msg_json))
return rs_handlers.return_id(msg, 'pid', pid)
else:
msg = {
"reason": "The request is wrong or the entry already exists: " + str(pid),
"error": "Bad Request: " + request.url,
}
msg_json = jsonutils.create_log_json("PII", "POST", msg)
logging.error("PII POST " + json.dumps(msg_json))
return rs_handlers.bad_request(msg_json)
def post(token_info):
is_new_install = True
in_json = None
# check if name is in there otherwise it is either a first installation
try:
in_json = request.get_json()
name = in_json[cfg.FIELD_NAME]
# check if the dataset is existing with given name
dataset = mongoutils.get_contribution_dataset_from_field_no_status(
coll_contribution, cfg.FIELD_NAME, name)
if dataset is not None:
is_new_install = False
msg = {
"reason":
"NAME in input json already exists in the database: " +
str(name),
"error":
"Bad Request: " + request.url,
}
msg_json = jsonutils.create_log_json("Contribution", "POST", msg)
logging.error("Contribution POST " + json.dumps(msg_json))
return rs_handlers.bad_request(msg)
except:
pass
if is_new_install:
# new installation of the app
currenttime = datetime.datetime.now()
currenttime = currenttime.strftime("%Y/%m/%dT%H:%M:%S")
contribution_dataset = Contribution('')
contribution_dataset, restjson = datasetutils.update_contribution_dataset_from_json(
contribution_dataset, in_json)
contribution_dataset.set_date_created(currenttime)
contribution_dataset.set_date_modified(currenttime)
# get contribution admins, if failed it is a bad request
contribution_admins = in_json['contributionAdmins']
# get contribution_admins value from the list
# doing this because connexion's minItems doesn't work, otherwise this is not needed
if len(contribution_admins) == 0:
msg = {
"reason": "Contribution admin list is empty.",
"error": "Bad Request: " + request.url,
}
msg_json = jsonutils.create_log_json("Contribution", "POST", msg)
logging.error("Contribution POST " + json.dumps(msg_json))
return rs_handlers.bad_request(msg_json)
# check if the logged in user's login is included in contribution admin list
is_admin_user = otherutils.check_login_admin(token_info["login"],
contribution_admins)
if not is_admin_user:
msg = {
"reason":
"Contribution admin list must contain logged in user",
"error": "Bad Request: " + request.url,
}
msg_json = jsonutils.create_log_json("Contribution", "POST", msg)
logging.error("Contribution POST " + json.dumps(msg_json))
return rs_handlers.bad_request(msg_json)
# set contributors list
contributors_list = []
try:
contributors_json = in_json["contributors"]
for i in range(len(contributors_json)):
contributor, rest_contributor_json, msg = modelutils.construct_contributors(
contributors_json[i])
if contributor is None:
return rs_handlers.bad_request(msg)
contributors_list.append(contributor)
contribution_dataset.set_contributors(contributors_list)
except:
pass
# set capability list
capability_list = []
try:
capability_json = in_json["capabilities"]
for i in range(len(capability_json)):
capability, rest_capability_json, msg = modelutils.construct_capability(
capability_json[i])
if capability is None:
return rs_handlers.bad_request(msg)
# following two lines are for creating id. However, it might not needed for now
# because catalog will create it and send it to endpoint.
# If not, use following two lines that commented out
# capability_id = str(uuidlib.uuid4())
# capability.set_id(capability_id)
# check if the capability id is in uuid format
is_uuid = otherutils.check_if_uuid(capability.id)
if not is_uuid:
msg = {
"reason": "Capability id is not in uuid format",
"error": "Bad Request: " + request.url,
}
msg_json = jsonutils.create_log_json(
"Contribution", "POST", msg)
logging.error("Contribution POST " + json.dumps(msg_json))
return rs_handlers.bad_request(msg)
capability_list.append(capability)
contribution_dataset.set_capabilities(capability_list)
except:
pass
# set talent list
talent_list = []
try:
talent_json = in_json["talents"]
for i in range(len(talent_json)):
talent, rest_talent_json, msg = modelutils.construct_talent(
talent_json[i])
if talent is None:
return rs_handlers.bad_request(msg)
# following two lines are for creating id. However, it might not needed for now
# because catalog will create it and send it to endpoint.
# If not, use following two lines that commented out
# talent_id = str(uuidlib.uuid4())
# talent.set_id(talent_id)
# check if the talent id is in uuid format
is_uuid = otherutils.check_if_uuid(talent.id)
if not is_uuid:
msg = {
"reason": "Talent id is not in uuid format",
"error": "Bad Request: " + request.url,
}
msg_json = jsonutils.create_log_json(
"Contribution", "POST", msg)
logging.error("Contribution POST " + json.dumps(msg_json))
return rs_handlers.bad_request(msg)
# check required capabilities id format
if talent.requiredCapabilities is not None:
required_cap_list = talent.requiredCapabilities
for capability_json in required_cap_list:
capability, rest_capability_json, msg = modelutils.construct_required_capability(
capability_json)
is_uuid = otherutils.check_if_uuid(capability.id)
if not is_uuid:
msg = {
"reason":
"Capability id in requiredCapabilities is not in uuid format",
"error": "Bad Request: " + request.url,
}
msg_json = jsonutils.create_log_json(
"Contribution", "POST", msg)
logging.error("Contribution POST " +
json.dumps(msg_json))
return rs_handlers.bad_request(msg)
talent_list.append(talent)
contribution_dataset.set_talents(talent_list)
except:
pass
# insert contribution dataset
dataset, id = mongoutils.insert_dataset_to_mongodb(
coll_contribution, contribution_dataset)
contribution_name = dataset[cfg.FIELD_NAME]
contribution_id = str(dataset['_id'])
# use this if it needs to return actual dataset
dataset = jsonutils.remove_objectid_from_dataset(dataset)
# out_json = mongoutils.construct_json_from_query_list(dataset)
msg = "new contribution has been created: " + str(contribution_name)
msg_json = jsonutils.create_log_json("Contribution", "POST",
{"id": str(contribution_id)})
logging.info("Contribution POST " + json.dumps(msg_json))
return rs_handlers.return_id(msg, 'id', contribution_id)