def set_roles(user_id):
from idm.role_model import User, roles_user_assignment
user = db_session.query(User).filter(User.id == user_id).first()
if user is not None:
roles = request.json['roles_ids']
if isinstance(roles, str):
roles = [roles]
if request.method == 'POST':
for i in set(roles):
db_session.execute(roles_user_assignment.insert().values({
'user_assignment_id':
user.user_assignment_id,
'role_id':
i,
}))
else:
for i in set(roles):
db_session.execute(roles_user_assignment.delete().where(
and_(
roles_user_assignment.c.user_assignment_id ==
user.user_assignment_id,
roles_user_assignment.c.role_id == i)))
return make_response('ok', 200)
else:
return make_response('User with id "{}" not found'.format(user_id),
404)
def set_permissions(user_id):
from idm.role_model import User, personal_permission_user_assign
user = db_session.query(User).filter(User.id == user_id).first()
if user is not None:
permissions = request.json['permissions_ids']
if isinstance(permissions, str):
permissions = [permissions]
if request.method == 'POST':
for i in set(permissions):
db_session.execute(
personal_permission_user_assign.insert().values({
'user_assignment_id':
user.user_assignment_id,
'permission_id':
i,
}))
else:
for i in set(permissions):
db_session.execute(personal_permission_user_assign.delete(
).where(
and_(
personal_permission_user_assign.c.user_assignment_id ==
user.user_assignment_id,
personal_permission_user_assign.c.permission_id == i)))
return make_response('ok', 200)
else:
return make_response('User with id "{}" not found'.format(user_id),
404)
def org_types():
from idm.role_model import OrganisationType
orgs = db_session.query(OrganisationType).all()
orgs = [] if orgs is None else orgs
data = [{
'id': o.id,
'org_type': o.org_type,
} for o in orgs]
return jsonify(data)
def get_units(org_id):
from idm.role_model import Unit
units = db_session.query(Unit).filter(Unit.organisation_id == org_id).all()
units = [] if units is None else units
data = [{
'id': u.id,
'name': u.name,
} for u in units]
return jsonify(data)
def get_organisations():
from idm.role_model import Organisation
orgs = db_session.query(Organisation).all()
orgs = [] if orgs is None else orgs
data = [{
'id': o.id,
'name': o.name,
'organisation_type': o.organisation_type.org_type,
'organisation_type_id': o.organisation_type_id,
} for o in orgs]
return jsonify(data)
def get_users_list():
from idm.role_model import User
org_id = request.args.get('organisation_id')
term = User.organisation_id == org_id if org_id is not None else True
data = [{
'user_id': u.id,
'first_name': u.first_name,
'last_name': u.last_name,
'login': u.login,
'is_activated': u.is_activated,
} for u in db_session.query(User).filter(term).all()
if u.login != 'system']
return jsonify(data)
def authenticate(req):
from idm.role_model import User
from idm import db_session
login = req.json.get('login')
pwd = make_sha256(req.json.get('pwd', ''))
remember = req.json.get('remeber_me', False)
user = db_session.query(User).filter(
User.login == login).first() if login else None
if user is not None and user.password == pwd:
return login_user(user, remember)
return False
def user(user_id):
from idm.role_model import User
user = db_session.query(User).filter(User.id == user_id).first()
if user is not None:
return jsonify({
'id': user.id,
'login': user.login,
'permissions': list(user.permissions),
'organisation_id': user.organisation_id,
'unit_id': user.unit_id,
'first_name': user.first_name,
'last_name': user.last_name,
'email': user.email,
'is_activated': user.is_activated
})
else:
return make_response('User with id "{}" not found'.format(user_id),
404)
def activate_user():
from idm.role_model import User
login = request.args['user_login']
key = request.args['key']
user = db_session.query(User).filter(User.login == login).first()
if user is not None:
if user.activation_str == key:
if not user.is_activated:
user.is_activated = True
db_session.add(user)
db_session.commit()
return make_response('ok', 200)
else:
return make_response('User is already activated', 409)
else:
return make_response('Wrong activation key', 400)
else:
return make_response('User "{}" not found'.format(login), 404)
def send_activation(user_id):
from idm.role_model import User
user = db_session.query(User).filter(User.id == user_id).first()
if user is not None:
if user.is_activated:
return make_response('User is already activated', 400)
else:
conf = json.load(open('./configs/send_mail.json', 'r'))
text = conf['ACTIVATION_MESSAGE'].format(user.login,
user.activation_str)
mail_sender.send_mail(
to_addrs=[user.email],
subject=conf['ACTIVATION_MESSAGE_SUBJECT'],
msg_text=text,
use_sign=False,
)
return make_response('ok', 200)
else:
return make_response('User with id "{}" not found'.format(user_id),
404)
def login():
from idm.role_model import User
user = db_session.query(User).filter(
User.login == request.json.get('login')).first()
if user is not None:
if user.password == make_sha256(request.json.get('pwd')):
return jsonify({
'id': user.id,
'login': user.login,
'permissions': list(user.permissions),
'organisation_id': user.organisation_id,
'unit_id': user.unit_id,
'first_name': user.first_name,
'last_name': user.last_name,
'email': user.email,
'is_activated': user.is_activated,
})
else:
return make_response('wrong login or password', 400)
else:
return make_response(
'User with id "{}" not found'.format(request.json.get('login')),
404)
def user_loader(id):
from idm import db_session
from idm.role_model import User
return db_session.query(User).filter(User.id == id).one()