def put(task_id):
"""Update a task."""
request_json = request.get_json()
token = g.jwt_oidc_token_info
valid_format, errors = schema_utils.validate(request_json, 'task_request')
if not valid_format:
return {'message': schema_utils.serialize(errors)}, http_status.HTTP_400_BAD_REQUEST
try:
task = TaskService(TaskModel.find_by_task_id(task_id))
if task:
# Update task and its relationships
origin = request.environ.get('HTTP_ORIGIN', 'localhost')
response, status = task.update_task(task_info=request_json,
token_info=token,
origin_url=origin).as_dict(), http_status.HTTP_200_OK
else:
response, status = {'message': 'The requested task could not be found.'}, \
http_status.HTTP_404_NOT_FOUND
except BusinessException as exception:
response, status = {'code': exception.code, 'message': exception.message}, exception.status_code
return response, status
def put(org_id):
"""Update the org specified by the provided id with the request body."""
request_json = request.get_json()
valid_format, errors = schema_utils.validate(request_json, 'org')
token_info = g.jwt_oidc_token_info
if not valid_format:
return {
'message': schema_utils.serialize(errors)
}, http_status.HTTP_400_BAD_REQUEST
try:
org = OrgService.find_by_org_id(org_id,
allowed_roles=(*CLIENT_ADMIN_ROLES,
STAFF))
if org and org.as_dict().get('accessType', None) == AccessType.ANONYMOUS.value and \
Role.STAFF_CREATE_ACCOUNTS.value not in token_info.get('realm_access').get('roles'):
return {'message': 'The organisation can only be updated by a staff admin.'}, \
http_status.HTTP_401_UNAUTHORIZED
if org:
response, status = org.update_org(org_info=request_json).as_dict(), \
http_status.HTTP_200_OK
else:
response, status = {'message': 'The requested organization could not be found.'}, \
http_status.HTTP_404_NOT_FOUND
except BusinessException as exception:
response, status = {
'code': exception.code,
'message': exception.message
}, exception.status_code
return response, status
def post():
"""Post a new user using the request body (which will contain a JWT).
If the user already exists, update the name.
"""
token = g.jwt_oidc_token_info
try:
request_json = request.get_json(silent=True)
# For BCeID users validate schema.
if token.get('loginSource', None) == LoginSource.BCEID.value and request_json is not None:
valid_format, errors = schema_utils.validate(request_json, 'user')
if not valid_format:
return {'message': schema_utils.serialize(errors)}, http_status.HTTP_400_BAD_REQUEST
user = UserService.save_from_jwt_token(token, request_json)
response, status = user.as_dict(), http_status.HTTP_201_CREATED
# Add the user to public_users group if the user doesn't have public_user group
if token.get('loginSource', '') != LoginSource.STAFF.value:
KeycloakService.join_users_group(token)
# For anonymous users, there are no invitation process for members,
# so whenever they login perform this check and add them to corresponding groups
if token.get('loginSource', '') == LoginSource.BCROS.value:
if len(OrgService.get_orgs(user.identifier, [Status.ACTIVE.value])) > 0:
KeycloakService.join_account_holders_group()
except BusinessException as exception:
response, status = {'code': exception.code, 'message': exception.message}, exception.status_code
return response, status
def post():
"""Post a new user using the request body who has a proper invitation."""
try:
request_json = request.get_json()
invitation_token = request.headers.get('invitation_token', None)
invitation = InvitationService.validate_token(invitation_token).as_dict()
valid_format, errors = schema_utils.validate(request_json, 'anonymous_user')
if not valid_format:
return {'message': schema_utils.serialize(errors)}, http_status.HTTP_400_BAD_REQUEST
membership_details = {
'email': invitation['recipientEmail'],
'membershipType': invitation['membership'][0]['membershipType'],
'update_password_on_login': False
}
membership_details.update(request_json)
user = UserService.create_user_and_add_membership([membership_details],
invitation['membership'][0]['org']['id'],
single_mode=True)
user_dict = user['users'][0]
if user_dict['http_status'] != http_status.HTTP_201_CREATED:
response, status = {'code': user_dict['http_status'], 'message': user_dict['error']}, user_dict[
'http_status']
else:
InvitationService.accept_invitation(invitation['id'], None, None, False)
response, status = user, http_status.HTTP_201_CREATED
except BusinessException as exception:
response, status = {'code': exception.code, 'message': exception.message}, exception.status_code
return response, status
def post(org_id):
"""Create a new contact for the specified org."""
request_json = request.get_json()
valid_format, errors = schema_utils.validate(request_json, 'contact')
if not valid_format:
return {
'message': schema_utils.serialize(errors)
}, http_status.HTTP_400_BAD_REQUEST
try:
org = OrgService.find_by_org_id(org_id,
g.jwt_oidc_token_info,
allowed_roles=CLIENT_ADMIN_ROLES)
if org:
response, status = org.add_contact(
request_json).as_dict(), http_status.HTTP_201_CREATED
else:
response, status = {'message': 'The requested organization could not be found.'}, \
http_status.HTTP_404_NOT_FOUND
except BusinessException as exception:
response, status = {
'code': exception.code,
'message': exception.message
}, exception.status_code
return response, status
def put(org_id):
"""Update the org specified by the provided id with the request body."""
request_json = request.get_json()
valid_format, errors = schema_utils.validate(request_json, 'org')
if not valid_format:
return {
'message': schema_utils.serialize(errors)
}, http_status.HTTP_400_BAD_REQUEST
try:
org = OrgService.find_by_org_id(org_id,
g.jwt_oidc_token_info,
allowed_roles=CLIENT_ADMIN_ROLES)
if org:
response, status = org.update_org(
request_json).as_dict(), http_status.HTTP_200_OK
else:
response, status = {'message': 'The requested organization could not be found.'}, \
http_status.HTTP_404_NOT_FOUND
except BusinessException as exception:
response, status = {
'code': exception.code,
'message': exception.message
}, exception.status_code
return response, status
def post(org_id):
"""Post a new product subscription to the org using the request body."""
request_json = request.get_json()
valid_format, errors = schema_utils.validate(
request_json, 'org_product_subscription')
if not valid_format:
return {
'message': schema_utils.serialize(errors)
}, http_status.HTTP_400_BAD_REQUEST
try:
subscriptions = OrgService.create_product_subscription(
org_id, request_json)
if subscriptions is None:
response, status = {'message': 'Not authorized to perform this action'}, \
http_status.HTTP_401_UNAUTHORIZED
else:
response, status = {'subscriptions': ProductSubscriptionSchema().dump(subscriptions, many=True)}, \
http_status.HTTP_201_CREATED
except BusinessException as exception:
response, status = {
'code': exception.code,
'message': exception.message
}, exception.status_code
return response, status
def put(business_identifier):
"""Update the business contact for the Entity identified by the provided id."""
request_json = request.get_json()
valid_format, errors = schema_utils.validate(request_json, 'contact')
if not valid_format:
return {
'message': schema_utils.serialize(errors)
}, http_status.HTTP_400_BAD_REQUEST
try:
entity = EntityService.find_by_business_identifier(
business_identifier,
token_info=g.jwt_oidc_token_info,
allowed_roles=ALL_ALLOWED_ROLES)
if entity:
response, status = entity.update_contact(request_json).as_dict(), \
http_status.HTTP_200_OK
else:
response, status = {'message': 'The requested business could not be found.'}, \
http_status.HTTP_404_NOT_FOUND
except BusinessException as exception:
response, status = {
'code': exception.code,
'message': exception.message
}, exception.status_code
return response, status
def patch(business_identifier):
"""Update an existing business by it's business number."""
request_json = request.get_json()
valid_format, errors = schema_utils.validate(request_json, 'entity')
if not valid_format:
return {
'message': schema_utils.serialize(errors)
}, http_status.HTTP_400_BAD_REQUEST
try:
entity = EntityService.update_entity(
business_identifier,
request_json,
token_info=g.jwt_oidc_token_info)
if entity is not None:
response, status = entity.as_dict(), http_status.HTTP_200_OK
else:
response, status = {'message': 'A business for {} was not found.'.format(business_identifier)}, \
http_status.HTTP_404_NOT_FOUND
except BusinessException as exception:
response, status = {
'code': exception.code,
'message': exception.message
}, exception.status_code
return response, status
def post():
"""Post a new Entity using the request body."""
request_json = request.get_json()
# If the record exists, just return existing record.
entity = EntityService.find_by_business_identifier(
request_json.get('businessIdentifier'),
token_info=g.jwt_oidc_token_info,
allowed_roles=ALL_ALLOWED_ROLES)
if entity:
return entity.as_dict(), http_status.HTTP_202_ACCEPTED
valid_format, errors = schema_utils.validate(request_json, 'entity')
if not valid_format:
return {
'message': schema_utils.serialize(errors)
}, http_status.HTTP_400_BAD_REQUEST
try:
response, status = EntityService.save_entity(
request_json).as_dict(), http_status.HTTP_201_CREATED
except BusinessException as exception:
response, status = {
'code': exception.code,
'message': exception.message
}, exception.status_code
return response, status
def patch(username):
"""Patch the user profile associated with the provided username.
User only for patching the password.
"""
try:
request_json = request.get_json()
valid_format, errors = schema_utils.validate(
request_json, 'anonymous_user')
if not valid_format:
return {
'message': schema_utils.serialize(errors)
}, http_status.HTTP_400_BAD_REQUEST
user = UserService.find_by_username(username)
if user is None:
response, status = {'message': 'User {} does not exist.'.format(username)}, \
http_status.HTTP_404_NOT_FOUND
elif user.as_dict().get('type', None) != Role.ANONYMOUS_USER.name:
response, status = {
'Normal users cant be patched',
http_status.HTTP_501_NOT_IMPLEMENTED
}
else:
UserService.reset_password_for_anon_user(
request_json, username, token_info=g.jwt_oidc_token_info)
response, status = '', http_status.HTTP_204_NO_CONTENT
except BusinessException as exception:
response, status = {
'code': exception.code,
'message': exception.message
}, exception.status_code
return response, status
def patch(business_identifier):
"""Update an existing business by it's business number."""
request_json = request.get_json()
valid_format, errors = schema_utils.validate(request_json, 'entity')
if not valid_format:
return {'message': schema_utils.serialize(errors)}, http_status.HTTP_400_BAD_REQUEST
passcode_reset = request_json.get('resetPasscode', False)
try:
if passcode_reset:
entity = EntityService.reset_passcode(business_identifier,
email_addresses=request_json.get('passcodeResetEmail', None))
else:
entity = EntityService.update_entity(business_identifier, request_json)
if entity is not None:
response, status = entity.as_dict(), http_status.HTTP_200_OK
else:
response, status = {'message': 'A business for {} was not found.'.format(business_identifier)}, \
http_status.HTTP_404_NOT_FOUND
except BusinessException as exception:
response, status = {'code': exception.code, 'message': exception.message}, exception.status_code
return response, status
def post(org_id):
"""Post a new Affiliation for an org using the request body."""
request_json = request.get_json()
valid_format, errors = schema_utils.validate(request_json,
'affiliation')
bearer_token = request.headers['Authorization'].replace('Bearer ', '')
if not valid_format:
return {
'message': schema_utils.serialize(errors)
}, http_status.HTTP_400_BAD_REQUEST
try:
response, status = AffiliationService.create_affiliation(
org_id,
request_json.get('businessIdentifier'),
request_json.get('passCode'),
token_info=g.jwt_oidc_token_info,
bearer_token=bearer_token).as_dict(
), http_status.HTTP_201_CREATED
except BusinessException as exception:
response, status = {
'code': exception.code,
'message': exception.message
}, exception.status_code
return response, status
def post():
"""Post a new user using the request body (which will contain a JWT).
If the user already exists, update the name.
"""
token = g.jwt_oidc_token_info
try:
request_json = request.get_json(silent=True)
# For BCeID users validate schema.
if token.get('loginSource', None) == LoginSource.BCEID.value and request_json is not None:
valid_format, errors = schema_utils.validate(request_json, 'user')
if not valid_format:
return {'message': schema_utils.serialize(errors)}, http_status.HTTP_400_BAD_REQUEST
user = UserService.save_from_jwt_token(token, request_json)
response, status = user.as_dict(), http_status.HTTP_201_CREATED
# Add the user to public_users group if the user doesn't have public_user group
KeycloakService.join_users_group(token)
# If the user doesn't have account_holder role check if user is part of any orgs and add to the group
if token.get('loginSource', '') in \
(LoginSource.BCSC.value, LoginSource.BCROS.value, LoginSource.BCEID.value) \
and Role.ACCOUNT_HOLDER.value not in token.get('roles', []) \
and len(OrgService.get_orgs(user.identifier, [Status.ACTIVE.value])) > 0:
KeycloakService.join_account_holders_group()
except BusinessException as exception:
response, status = {'code': exception.code, 'message': exception.message}, exception.status_code
return response, status
def post():
"""Post a new org using the request body.
If the org already exists, update the attributes.
"""
token = g.jwt_oidc_token_info
request_json = request.get_json()
valid_format, errors = schema_utils.validate(request_json, 'org')
if not valid_format:
return {
'message': schema_utils.serialize(errors)
}, http_status.HTTP_400_BAD_REQUEST
try:
user = UserService.find_by_jwt_token(token)
if user is None:
response, status = {'message': 'Not authorized to perform this action'}, \
http_status.HTTP_401_UNAUTHORIZED
return response, status
bearer_token = request.headers['Authorization'].replace(
'Bearer ', '')
response, status = OrgService.create_org(
request_json,
user.identifier,
token,
bearer_token=bearer_token).as_dict(
), http_status.HTTP_201_CREATED
except BusinessException as exception:
response, status = {
'code': exception.code,
'message': exception.message
}, exception.status_code
return response, status
def put(org_id):
"""Update an existing contact for the specified org."""
request_json = request.get_json()
valid_format, errors = schema_utils.validate(request_json, 'contact')
if not valid_format:
return {'message': schema_utils.serialize(errors)}, http_status.HTTP_400_BAD_REQUEST
try:
response, status = OrgService.update_contact(org_id, request_json).as_dict(), http_status.HTTP_200_OK
except BusinessException as exception:
response, status = {'code': exception.code, 'message': exception.message}, exception.status_code
return response, status
def put(business_identifier):
"""Update the business contact for the Entity identified by the provided id."""
request_json = request.get_json()
valid_format, errors = schema_utils.validate(request_json, 'contact')
if not valid_format:
return {'message': schema_utils.serialize(errors)}, http_status.HTTP_400_BAD_REQUEST
try:
response, status = EntityService.update_contact(business_identifier, request_json).as_dict(), \
http_status.HTTP_200_OK
except BusinessException as exception:
response, status = {'code': exception.code, 'message': exception.message}, exception.status_code
return response, status
def put():
"""Update an existing contact for the user associated with the JWT in the authorization header."""
token = g.jwt_oidc_token_info
request_json = request.get_json()
valid_format, errors = schema_utils.validate(request_json, 'contact')
if not valid_format:
return {'message': schema_utils.serialize(errors)}, http_status.HTTP_400_BAD_REQUEST
try:
response, status = UserService.update_contact(token, request_json).as_dict(), http_status.HTTP_200_OK
except BusinessException as exception:
response, status = {'code': exception.code, 'message': exception.message}, exception.status_code
return response, status
def post(org_id):
"""Create new api key for the org."""
request_json = request.get_json()
valid_format, errors = schema_utils.validate(request_json, 'api_key')
if not valid_format:
return {'message': schema_utils.serialize(errors)}, http_status.HTTP_400_BAD_REQUEST
try:
response, status = ApiGatewayService.create_key(org_id, request_json), http_status.HTTP_201_CREATED
except BusinessException as exception:
response, status = {'code': exception.code, 'message': exception.message}, exception.status_code
return response, status
def post():
"""Post a new Entity using the request body."""
request_json = request.get_json()
valid_format, errors = schema_utils.validate(request_json, 'entity')
if not valid_format:
return {'message': schema_utils.serialize(errors)}, http_status.HTTP_400_BAD_REQUEST
try:
response, status = EntityService.save_entity(request_json).as_dict(), http_status.HTTP_201_CREATED
except BusinessException as exception:
response, status = {'code': exception.code, 'message': exception.message}, exception.status_code
return response, status
def put(org_id):
"""Update the org specified by the provided id with the request body."""
org = OrgService.find_by_org_id(org_id)
request_json = request.get_json()
valid_format, errors = schema_utils.validate(request_json, 'org')
if not valid_format:
return {'message': schema_utils.serialize(errors)}, http_status.HTTP_400_BAD_REQUEST
try:
response, status = org.update_org(request_json).as_dict(), http_status.HTTP_200_OK
except BusinessException as exception:
response, status = {'code': exception.code, 'message': exception.message}, exception.status_code
return response, status
def post():
"""Send a new invitation using the details in request and saves the invitation."""
origin = request.environ.get('HTTP_ORIGIN', 'localhost')
request_json = request.get_json()
valid_format, errors = schema_utils.validate(request_json, 'invitation')
if not valid_format:
return {'message': schema_utils.serialize(errors)}, http_status.HTTP_400_BAD_REQUEST
try:
user = UserService.find_by_jwt_token()
response, status = InvitationService.create_invitation(request_json, user, origin).as_dict(), \
http_status.HTTP_201_CREATED
except BusinessException as exception:
response, status = {'code': exception.code, 'message': exception.message}, exception.status_code
return response, status
def post():
"""Post a new Entity using the request body."""
request_json = request.get_json()
valid_format, errors = schema_utils.validate(request_json, 'entity')
if not valid_format:
return {'message': schema_utils.serialize(errors)}, http_status.HTTP_400_BAD_REQUEST
try:
response, status = EntityService.create_entity(request_json).as_dict(), http_status.HTTP_201_CREATED
except BusinessException as exception:
response, status = {'code': exception.code, 'message': exception.message}, exception.status_code
except exc.IntegrityError:
response, status = {'message': 'Business with specified identifier already exists.'}, \
http_status.HTTP_409_CONFLICT
return response, status
def post():
"""Admin users can post multiple users to his org.Use it for anonymous purpose only."""
try:
request_json = request.get_json()
valid_format, errors = schema_utils.validate(request_json, 'bulk_user')
token = g.jwt_oidc_token_info
if not valid_format:
return {'message': schema_utils.serialize(errors)}, http_status.HTTP_400_BAD_REQUEST
users = UserService.create_user_and_add_membership(request_json['users'],
request_json['orgId'], token)
response, status = users, http_status.HTTP_201_CREATED
except BusinessException as exception:
response, status = {'code': exception.code, 'message': exception.message}, exception.status_code
return response, status
def post(user_guid):
"""Create affidavit record for the user."""
token = g.jwt_oidc_token_info
request_json = request.get_json()
if token.get('sub', None) != user_guid:
abort(403)
valid_format, errors = schema_utils.validate(request_json, 'affidavit')
if not valid_format:
return {'message': schema_utils.serialize(errors)}, http_status.HTTP_400_BAD_REQUEST
try:
response, status = AffidavitService.create_affidavit(token, request_json).as_dict(), http_status.HTTP_200_OK
except BusinessException as exception:
response, status = {'code': exception.code, 'message': exception.message}, exception.status_code
return response, status
def put(org_id):
"""Update an existing contact for the specified org."""
request_json = request.get_json()
valid_format, errors = schema_utils.validate(request_json, 'contact')
if not valid_format:
return {'message': schema_utils.serialize(errors)}, http_status.HTTP_400_BAD_REQUEST
try:
org = OrgService.find_by_org_id(org_id)
if org:
response, status = org.update_contact(request_json).as_dict(), http_status.HTTP_200_OK
else:
response, status = {'message': 'The requested organization could not be found.'}, \
http_status.HTTP_404_NOT_FOUND
except BusinessException as exception:
response, status = {'code': exception.code, 'message': exception.message}, exception.status_code
return response, status
def patch():
"""Update terms of service for the user."""
token = g.jwt_oidc_token_info
request_json = request.get_json()
valid_format, errors = schema_utils.validate(request_json, 'termsofuse')
if not valid_format:
return {'message': schema_utils.serialize(errors)}, http_status.HTTP_400_BAD_REQUEST
version = request_json['termsversion']
is_terms_accepted = request_json['istermsaccepted']
try:
response, status = UserService.update_terms_of_use(token, is_terms_accepted, version).as_dict(), \
http_status.HTTP_200_OK
except BusinessException as exception:
response, status = {'code': exception.code, 'message': exception.message}, exception.status_code
return response, status
def post():
"""Create a new contact for the user associated with the JWT in the authorization header."""
request_json = request.get_json()
valid_format, errors = schema_utils.validate(request_json, 'contact')
if not valid_format:
return {
'message': schema_utils.serialize(errors)
}, http_status.HTTP_400_BAD_REQUEST
try:
response, status = UserService.add_contact(
request_json).as_dict(), http_status.HTTP_201_CREATED
except BusinessException as exception:
response, status = {
'code': exception.code,
'message': exception.message
}, exception.status_code
return response, status
def put(org_id):
"""Update the org specified by the provided id with the request body."""
request_json = request.get_json()
action = request.args.get('action', '').upper()
valid_format, errors = schema_utils.validate(request_json, 'org')
toke_info = g.jwt_oidc_token_info
bearer_token = request.headers['Authorization'].replace('Bearer ', '')
origin = request.environ.get('HTTP_ORIGIN', 'localhost')
if not valid_format:
return {
'message': schema_utils.serialize(errors)
}, http_status.HTTP_400_BAD_REQUEST
try:
org = OrgService.find_by_org_id(org_id,
g.jwt_oidc_token_info,
allowed_roles=(*CLIENT_ADMIN_ROLES,
STAFF))
if org and org.as_dict().get('accessType', None) == AccessType.ANONYMOUS.value and \
Role.STAFF_CREATE_ACCOUNTS.value not in toke_info.get('realm_access').get('roles'):
return {'message': 'The organisation can only be updated by a staff admin.'}, \
http_status.HTTP_401_UNAUTHORIZED
if org:
if action in (ChangeType.DOWNGRADE.value,
ChangeType.UPGRADE.value):
response, status = org.change_org_ype(
request_json, action,
bearer_token).as_dict(), http_status.HTTP_200_OK
else:
response, status = org.update_org(org_info=request_json, token_info=toke_info,
bearer_token=bearer_token, origin_url=origin).as_dict(), \
http_status.HTTP_200_OK
else:
response, status = {'message': 'The requested organization could not be found.'}, \
http_status.HTTP_404_NOT_FOUND
except BusinessException as exception:
response, status = {
'code': exception.code,
'message': exception.message
}, exception.status_code
return response, status
def post(org_id):
"""Post a new product subscription to the org using the request body."""
request_json = request.get_json()
valid_format, errors = schema_utils.validate(
request_json, 'org_product_subscription')
if not valid_format:
return {
'message': schema_utils.serialize(errors)
}, http_status.HTTP_400_BAD_REQUEST
try:
subscriptions = ProductService.create_product_subscription(
org_id, request_json)
response, status = {
'subscriptions': subscriptions
}, http_status.HTTP_201_CREATED
except BusinessException as exception:
response, status = {
'code': exception.code,
'message': exception.message
}, exception.status_code
return response, status
