def get_invitations_for_org(org_id, status=None, token_info: Dict = None): """Get invitations for an org.""" org_model = OrgModel.find_by_org_id(org_id) if not org_model: return None if status: status = InvitationStatus[status] # If staff return full list if 'staff' in token_info.get('realm_access').get('roles'): return InvitationModel.find_pending_invitations_by_org(org_id) current_user: UserService = UserService.find_by_jwt_token(token_info) current_user_membership: MembershipModel = \ MembershipModel.find_membership_by_user_and_org(user_id=current_user.identifier, org_id=org_id) # If no active membership return empty array if current_user_membership is None or \ current_user_membership.status != Status.ACTIVE.value: return [] # Ensure either ADMIN or COORDINATOR if current_user_membership.membership_type_code == USER: return [] return InvitationModel.find_invitations_by_org(org_id=org_id, status=status)
def get_invitations_for_org(org_id, status=None, **kwargs): """Get invitations for an org.""" user_from_context: UserContext = kwargs['user_context'] org_model = OrgModel.find_by_org_id(org_id) if not org_model: return None if status: status = InvitationStatus[status] # If staff return full list if user_from_context.is_staff(): return InvitationModel.find_pending_invitations_by_org(org_id) current_user: UserService = UserService.find_by_jwt_token() current_user_membership: MembershipModel = \ MembershipModel.find_membership_by_user_and_org(user_id=current_user.identifier, org_id=org_id) # If no active membership return empty array if current_user_membership is None or \ current_user_membership.status != Status.ACTIVE.value: return [] # Ensure either ADMIN or COORDINATOR if current_user_membership.membership_type_code == USER: return [] return InvitationModel.find_invitations_by_org(org_id=org_id, status=status)
def delete_anonymous_user(user_name, token_info: Dict = None): """ Delete User Profile. 1) check if the token user is admin/owner of the current user 2) disable the user from kc 3) set user status as INACTIVE 4) set membership as inactive """ admin_user: UserModel = UserModel.find_by_jwt_token(token_info) if not admin_user: raise BusinessException(Error.DATA_NOT_FOUND, None) if admin_user.status == UserStatus.INACTIVE.value: raise BusinessException(Error.DELETE_FAILED_INACTIVE_USER, None) # handle validations. user = UserModel.find_by_username(user_name) membership = MembershipModel.find_membership_by_userid(user.id) org_id = membership.org_id is_valid_action = False # admin/owner deleteion admin_user_membership = MembershipModel.find_membership_by_user_and_org( admin_user.id, org_id) if admin_user_membership.membership_type_code in [ADMIN]: is_valid_action = True # staff admin deleteion is_staff_admin = token_info and Role.STAFF_CREATE_ACCOUNTS.value in token_info.get( 'realm_access').get('roles') if is_staff_admin: is_valid_action = True # self deletion if user.keycloak_guid == admin_user.keycloak_guid: is_valid_action = True # is the only owner getting deleted if is_valid_action and membership.membership_type_code == ADMIN: count_of_owners = MembershipModel.get_count_active_owner_org_id( org_id) if count_of_owners == 1: is_valid_action = False if not is_valid_action: raise BusinessException(Error.INVALID_USER_CREDENTIALS, None) user.is_terms_of_use_accepted = False user.status = UserStatus.INACTIVE.value user.save() membership.status = Status.INACTIVE.value membership.save() update_user_request = KeycloakUser() update_user_request.user_name = user_name.replace( IdpHint.BCROS.value + '/', '') update_user_request.enabled = False KeycloakService.update_user(update_user_request)
def get_members_for_org( org_id, status=Status.ACTIVE, # pylint:disable=too-many-return-statements membership_roles=ALL_ALLOWED_ROLES, token_info: Dict = None): """Get members of org.Fetches using status and roles.""" org_model = OrgModel.find_by_org_id(org_id) if not org_model: return None status = Status.ACTIVE.value if status is None else Status[status].value membership_roles = ALL_ALLOWED_ROLES if membership_roles is None else membership_roles # If staff return full list if 'staff' in token_info.get('realm_access').get('roles'): return MembershipModel.find_members_by_org_id_by_status_by_roles( org_id, membership_roles, status) current_user: UserService = UserService.find_by_jwt_token(token_info) current_user_membership: MembershipModel = \ MembershipModel.find_membership_by_user_and_org(user_id=current_user.identifier, org_id=org_id) # If no active or pending membership return empty array if current_user_membership is None or \ current_user_membership.status == Status.INACTIVE.value or \ current_user_membership.status == Status.REJECTED.value: return [] # If pending approval, return empty for active, array of self only for pending if current_user_membership.status == Status.PENDING_APPROVAL.value: return [current_user_membership ] if status == Status.PENDING_APPROVAL.value else [] # If active status for current user, then check organizational role if current_user_membership.status == Status.ACTIVE.value: if current_user_membership.membership_type_code == ADMIN or \ current_user_membership.membership_type_code == COORDINATOR: return MembershipModel.find_members_by_org_id_by_status_by_roles( org_id, membership_roles, status) return MembershipModel.find_members_by_org_id_by_status_by_roles(org_id, membership_roles, status) \ if status == Status.ACTIVE.value else [] return []
def get_members_for_org( org_id, status=Status.ACTIVE.name, # pylint:disable=too-many-return-statements membership_roles=ALL_ALLOWED_ROLES, **kwargs): """Get members of org.Fetches using status and roles.""" org_model = OrgModel.find_by_org_id(org_id) if not org_model: return None user_from_context: UserContext = kwargs['user_context'] status = Status.ACTIVE.value if status is None else Status[status].value membership_roles = ALL_ALLOWED_ROLES if membership_roles is None else membership_roles # If staff return full list if user_from_context.is_staff(): return MembershipModel.find_members_by_org_id_by_status_by_roles( org_id, membership_roles, status) current_user: UserService = UserService.find_by_jwt_token() current_user_membership: MembershipModel = \ MembershipModel.find_membership_by_user_and_org(user_id=current_user.identifier, org_id=org_id) # If no active or pending membership return empty array if current_user_membership is None or \ current_user_membership.status == Status.INACTIVE.value or \ current_user_membership.status == Status.REJECTED.value: return [] # If pending approval, return empty for active, array of self only for pending if current_user_membership.status == Status.PENDING_APPROVAL.value: return [current_user_membership ] if status == Status.PENDING_APPROVAL.value else [] # If active status for current user, then check organizational role if current_user_membership.status == Status.ACTIVE.value: if current_user_membership.membership_type_code in (ADMIN, COORDINATOR): return MembershipModel.find_members_by_org_id_by_status_by_roles( org_id, membership_roles, status) return MembershipModel.find_members_by_org_id_by_status_by_roles(org_id, membership_roles, status) \ if status == Status.ACTIVE.value else [] return []
def get_membership_for_org_and_user(org_id, user_id): """Get the membership for the given org and user id.""" return MembershipModel.find_membership_by_user_and_org(user_id, org_id)