def move_task(request, space_id, project_id, data):
moveTask = db_utils.find(space_id, domain, {'_id': data['moveTaskId']})[0]
afterTask = db_utils.find(space_id, domain,
{'_id': data['afterTaskId']})[0]
inc = afterTask['order'] + 1
last_stage = stage_service.get_last_stage(space_id, project_id)
if moveTask['order'] != inc:
recompute_order(space_id, project_id, afterTask['order'])
moveTask['order'] = inc
else:
sub = afterTask['order']
afterTask['order'] = moveTask['order']
moveTask['order'] = sub
afterTask['status'] = 'open'
if afterTask['stageId'] == last_stage['_id']:
afterTask['status'] = 'complete'
updated_record = db_utils.upsert(space_id, domain, afterTask,
request.user_id)
moveTask['stageId'] = afterTask['stageId']
moveTask['status'] = 'open'
if moveTask['stageId'] == last_stage['_id']:
moveTask['status'] = 'complete'
updated_record = db_utils.upsert(space_id, domain, moveTask,
request.user_id)
return (200, {'data': updated_record})
def create_sequence(space_id, field, context, factor):
db_utils.upsert(space_id, domain, {
'field': field,
'context': context,
'nextVal': 1,
'factor': factor
})
def nextval(space_id, field, context):
data = db_utils.find(space_id, domain, {
'field': field,
'context': context
})[0]
currVal = data['nextVal']
data['nextVal'] = data['nextVal'] + data['factor']
db_utils.upsert(space_id, domain, data)
return currVal
def recompute_order(space_id, project_id, order):
stages = db_utils.find(
space_id, domain,
{'$and': [{
'projectId': project_id
}, {
'order': {
'$gt': order
}
}]}, [('order', pymongo.ASCENDING)])
for stage in stages:
stage['order'] = nextval(space_id, 'stageOrder', project_id)
db_utils.upsert(space_id, domain, stage)
def recompute_order(space_id, project_id, order):
last_stage = stage_service.get_last_stage(space_id, project_id)
tasks = db_utils.find(
space_id, domain,
{'$and': [{
'projectId': project_id
}, {
'order': {
'$gt': order
}
}]}, [('order', pymongo.ASCENDING)])
for task in tasks:
task['order'] = nextval(space_id, 'taskOrder', project_id)
db_utils.upsert(space_id, domain, task)
def verify_email_confirmation_link(space_id, auth_code):
reset_link = db_utils.find(space_id, domain_emailconfirmationcode,
{'_id': auth_code})
if len(reset_link) < 1:
return (404, {'data': 'email confirmation link is invalid'})
else:
user_record = db_utils.find(space_id, domain,
{'_id': reset_link[0]['userId']})
if len(user_record) > 0:
user = user_record[0]
user['emailConfirmation'] = True
db_utils.upsert(space_id, domain, user)
return (200, {'data': 'email confirmed'})
else:
return (404, {'data': 'user not found'})
def update_profile(space_id, data, user_id):
user_list = db_utils.find(space_id, domain, {
'_id': user_id,
'emailConfirmation': True
})
if len(user_list) < 1:
return (404, {'data': 'user does not exist'})
else:
user = user_list[0]
if 'firstName' in data:
user['firstName'] = data['firstName']
if 'lastName' in data:
user['lastName'] = data['lastName']
db_utils.upsert(space_id, domain, user)
return (200, {'data': 'profile updated'})
def reset_password_link(space_id, data):
user_record = db_utils.find(space_id, domain, {
'email': data['email'],
'emailConfirmation': True
})
if len(user_record) < 1:
return (404, {'data': 'user does not exist'})
else:
db_utils.delete(space_id, domain_passwordresetcode,
{'userId': user_record[0]['_id']})
updated_record = db_utils.upsert(space_id, domain_passwordresetcode,
{'userId': user_record[0]['_id']})
if space_id == 100:
auth_url = ONEAUTH_URL + "/#/login?type=reset&auth=" + updated_record[
'_id']
else:
auth_url = ONEAUTH_URL + "/#/space/" + space_id + "/login?type=reset&auth=" + updated_record[
'_id']
message_body = email_template_service.compose_message(
'reset_password_link', {
'TEMPLATE_AUTH_URL':
auth_url,
'TEMPLATE_AUTH_CODE':
updated_record['_id'],
'TEMPLATE_USER_DISPLAY_NAME':
user_record[0]['firstName'] + ' ' + user_record[0]['lastName']
})
mail_utils.send_mail(data['email'],
"Link to reset your oneauth user account",
message_body)
return (200, {'data': 'password reset link sent'})
def do_create(data_in, banner):
data = data_in.copy()
if banner != None:
data['banner'] = banner.read()
tenant = db_utils.upsert(domain, doamin_tenant, data)
do_update_stages(data['name'], {'name': 'Support'}, None)
return (200, {'_id': tenant})
def reset_sequence(space_id, field, context):
sequence = db_utils.find(space_id, domain, {
'field': field,
'context': context
})[0]
sequence['nextVal'] = 1
return db_utils.upsert(space_id, domain, sequence)
def do_signin_via_jwt(tenant, data):
tenantData=get_collection('qrgen', 'tenant').find_one({'name': tenant})
#tenantData = db_utils.find(tenant, domain, {'name': tenant})
jwtPassword = tenantData.get('jwtPassword')
jwtToken = data.get('jwtToken')
tokenData = jwt.decode(jwtToken, jwtPassword, algorithm='HS256')
user = get_collection(tenant, 'user').find_one({'email': tokenData.get('email')})
#user = db_utils.find(tenant, domain,{'email': tokenData.get('email')})
if user is None:
""" get_collection(tenant, 'user').insert_one({
'name': tokenData.get('name'),
'email': tokenData.get('email'),
'type': 'JWT_USER'
}) """
db_utils.upsert(tenant, domain,{
'name': tokenData.get('name'),
'email': tokenData.get('email'),
'type': 'JWT_USER'
})
else:
""" get_collection(tenant, 'user').update({'_id': user.get('_id')},
{
'name': tokenData.get('name'),
'email': tokenData.get('email'),
'type': 'JWT_USER'
}, upsert=True) """
db_utils.upsert(tenant, domain, {
{'_id': user.get('_id')},
{
'name': tokenData.get('name'),
'email': tokenData.get('email'),
'type': 'JWT_USER'
}
})
user = get_collection(tenant, 'user').find_one({'email': tokenData.get('email')})
#user = db_utils.find(tenant, user, {'email': tokenData.get('email')})
return (200, {
'name': user.get('name'),
'email': user.get('email'),
'token': jwt.encode({
'name': str(user.get('_id')),
'exp': datetime.datetime.utcnow() + datetime.timedelta(hours=8)
}, jwtPassword, algorithm='HS256').decode('utf-8'),
'tenant': tenant,
'secret': 'none'
})
def do_signup_extern_provider(space_id, data):
existing_user = db_utils.find(space_id, domain, {'email': data['email']})
if len(existing_user) > 0:
return (403, {'data': 'user already present'})
else:
data['emailConfirmation'] = True
user = db_utils.upsert(space_id, domain, data)
return (200, {'data': user})
def update(request, data):
try:
data['appId']
except KeyError:
data['appId'] = secrets.token_hex(12)
appspace_service.create(data)
updated_record = db_utils.upsert(database_name, domain, data, request.user_id)
return (200, {'data': updated_record})
def reset_password(space_id, auth_code, data):
reset_link = db_utils.find(space_id, domain_passwordresetcode,
{'_id': auth_code})
if len(reset_link) < 1:
return (404, {'data': 'password reset code is invalid'})
elif int(
(datetime.datetime.now() -
reset_link[0]['createdAt']).total_seconds()) > (2 * 24 * 60 * 60):
return (410, {'data': 'password reset code is expired'})
else:
user_data = db_utils.find(space_id, domain,
{'_id': reset_link[0]['userId']})
user_data[0]['password'] = data['password']
auth_user_data = get_user_with_auth_data(user_data[0])
db_utils.upsert(space_id, domain, auth_user_data)
db_utils.delete(space_id, domain_passwordresetcode,
{'userId': reset_link[0]['userId']})
return (200, {'data': 'password updated'})
def do_signin_via_jwt(space_id, data):
spaceData = db_utils.find(self_space_id, domain, {'name': space_id})
#spaceData = db_utils.find(space, domain, {'name': space})
jwtPassword = spaceData.get('jwtPassword')
jwtToken = data.get('jwtToken')
tokenData = jwt.decode(jwtToken, jwtPassword, algorithm='HS256')
user = db_utils.find(space_id, domain, {'email': tokenData.get('email')})
#user = db_utils.find(space, domain,{'email': tokenData.get('email')})
if user is None:
db_utils.upsert(
space_id, domain, {
'name': tokenData.get('name'),
'email': tokenData.get('email'),
'type': 'JWT_USER'
})
else:
db_utils.upsert(
space_id, domain, {{
'_id': user.get('_id')
}, {
'name': tokenData.get('name'),
'email': tokenData.get('email'),
'type': 'JWT_USER'
}})
user = db_utils.find(space_id, domain, {'email': tokenData.get('email')})
return (200, {
'name':
user.get('name'),
'email':
user.get('email'),
'token':
jwt.encode(
{
'name': str(user.get('_id')),
'exp': datetime.datetime.utcnow() + datetime.timedelta(hours=8)
},
jwtPassword,
algorithm='HS256').decode('utf-8'),
'space_id':
space_id,
'secret':
'none'
})
def add_role(data, user_id):
existing_record = db_utils.find(
database_name, domain, {
'userId': data['userId'],
'domainId': data['domainId'],
'type': data['type']
})
if len(existing_record) == 0:
return db_utils.upsert(database_name, domain, data, user_id)
else:
return existing_record[0]
def create(data):
spaceData = []
if 'spaceId' in data:
spaceData = db_utils.find(database_name, domain, {'spaceId': data['spaceId']})
if len(spaceData) == 1:
return (404, {'data': 'space exists'})
else:
data['spaceId'] = str(sequence_service.nextval(100, 'spaceId', 'na'))
print(data)
updated_record = db_utils.upsert(database_name, domain, data)
return (200, {'data': updated_record})
def do_signup(space_id, data):
existing_user = db_utils.find(space_id, domain, {'email': data['email']})
if len(existing_user) > 0:
return (403, {'data': 'user already present'})
else:
data_to_add = get_user_with_auth_data(data)
data_to_add['emailConfirmation'] = False
data_to_add['type'] = 'oneauth'
user = db_utils.upsert(space_id, domain, data_to_add)
send_email_confirmation_link(space_id, user)
return (200, {'data': user})
def update(request, data):
existing_record = db_utils.find(database_name, domain, {
'appId': data['appId'],
'spaceId': data['spaceId']
})
if len(existing_record) == 0:
inserted_record = db_utils.upsert(database_name, domain, data,
request.user_id)
return (200, {'data': inserted_record})
else:
return (200, {'data': existing_record[0]})
def do_authorize_google(space_id, token):
print(token)
try:
idinfo = id_token.verify_oauth2_token(
token, requests.Request(),
"81306451496-fg67eb502dvfb50c31huhkbn481bi29h.apps.googleusercontent.com"
)
print(idinfo)
if idinfo['iss'] not in [
'accounts.google.com', 'https://accounts.google.com'
]:
raise ValueError('Wrong issuer.')
existing_user = db_utils.find(space_id, domain,
{'email': idinfo['email']})
if len(existing_user) < 1:
updated_user = db_utils.upsert(
space_id, domain, {
'firstName': idinfo['given_name'],
'lastName': idinfo['family_name'],
'email': idinfo['email'],
'emailConfirmation': True,
'type': 'google'
})
else:
updated_user = db_utils.upsert(
space_id, domain, {
'_id': existing_user[0]['_id'],
'firstName': idinfo['given_name'],
'lastName': idinfo['family_name'],
'email': idinfo['email'],
'emailConfirmation': True,
'type': 'google'
})
auth_key = create_session(space_id, updated_user)
return (200, {'auth_key': auth_key})
# ID token is valid. Get the user's Google Account ID from the decoded token.
# userid = idinfo['sub']
except ValueError:
return (401, {'data': 'unauthorized'})
def create_session(space_id, user):
auth_key = secrets.token_hex(40)
db_utils.upsert(
space_id, domain_session, {
'key':
auth_key,
'token':
jwt.encode(
{
'userId': str(user.get('_id')),
'firstName': user.get('firstName'),
'lastName': user.get('lastName'),
'email': user.get('email'),
'type': user.get('type'),
'exp':
datetime.datetime.utcnow() + datetime.timedelta(hours=8)
}, 'jwtsecret').decode('utf-8'),
'userId':
user['_id']
})
return auth_key
def add(request, space_id, task_id, attachment):
data = {}
data['taskId'] = task_id
data['attachment'] = attachment.read()
data['name'] = attachment.name
data['size'] = attachment.size
updated_record = db_utils.upsert(space_id, domain, data, request.user_id)
del updated_record['attachment']
# return (200, base64.b64encode(updated_record['attachment']))
# return (200, updated_record['attachment'])
# return (200, {'data': updated_record})
return (200, {'data': updated_record})
def change_password(space_id, data, user_id):
user_list = db_utils.find(space_id, domain, {
'_id': user_id,
'emailConfirmation': True
})
if len(user_list) < 1:
return (404, {'data': 'user does not exist'})
else:
user = user_list[0]
try:
decoded_text = decrypt(user['cipher'], user['salt'],
data['oldPassword'], user['iv'])
except:
return (401, {'data': 'unauthorized'})
if hash(decoded_text) == user['hash']:
user['password'] = data['newPassword']
auth_user_data = get_user_with_auth_data(user)
db_utils.upsert(space_id, domain, auth_user_data)
return (200, {'data': 'password updated'})
else:
return (401, {'data': 'unauthorized'})
def move_stage(request, space_id, project_id, data):
moveStage = db_utils.find(space_id, domain,
{'_id': data['moveStageId']})[0]
afterStage = db_utils.find(space_id, domain,
{'_id': data['afterStageId']})[0]
inc = afterStage['order'] + 1
if moveStage['order'] != inc:
print(moveStage['order'], afterStage['order'], inc)
recompute_order(space_id, project_id, afterStage['order'])
moveStage['order'] = inc
else:
sub = afterStage['order']
afterStage['order'] = moveStage['order']
moveStage['order'] = sub
updated_record = db_utils.upsert(space_id, domain, afterStage,
request.user_id)
moveStage['stageId'] = afterStage['stageId']
updated_record = db_utils.upsert(space_id, domain, moveStage,
request.user_id)
return (200, {'data': updated_record})
def add(request, space_id, team_id, user_id):
existing_list = db_utils.find(space_id, domain, {
'teamId': team_id,
'userId': user_id
})
if len(existing_list) == 0:
inserted_record = db_utils.upsert(space_id, domain, {
'teamId': team_id,
'userId': user_id
}, request.user_id)
return (200, {'data': inserted_record})
else:
return (200, {'data': existing_list[0]})
def update(request, space_id, data):
isNewRecord = False
if '_id' not in data:
isNewRecord = True
updated_record = db_utils.upsert(space_id, domain, data, request.user_id)
if isNewRecord:
role_service.add(
space_id, {
'type': 'TeamAdministrator',
'userId': request.user_id,
'domainId': updated_record['_id']
}, request.user_id)
return (200, {'data': updated_record})
def do_authorize_facebook(space_id, data):
existing_user = db_utils.find(space_id, domain, {'email': data['email']})
if len(existing_user) < 1:
updated_user = db_utils.upsert(
space_id, domain, {
'firstName': data['firstName'],
'lastName': data['lastName'],
'email': data['email'],
'emailConfirmation': True,
'type': 'facebook'
})
else:
updated_user = db_utils.upsert(
space_id, domain, {
'_id': existing_user[0]['_id'],
'firstName': data['firstName'],
'lastName': data['lastName'],
'email': data['email'],
'emailConfirmation': True,
'type': 'facebook'
})
auth_key = create_session(space_id, updated_user)
return (200, {'auth_key': auth_key})
def add(space_id, domain_name, snapshot, new_record, audit_fields, user_id):
list_of_updated_records = []
for field in new_record.keys():
if field not in snapshot:
snapshot[field] = ''
if field in audit_fields and snapshot[field] != new_record[field]:
updated_record = db_utils.upsert(space_id, domain, {
'domain': domain_name,
'field': field,
'reference': new_record['_id'],
'before': snapshot[field],
'after': new_record[field]
}, user_id)
list_of_updated_records.append(updated_record)
return list_of_updated_records
def add(request, space_id, project_id, team_id):
if role_service.is_project_admin(space_id, request.user_id, project_id):
existing_list = db_utils.find(space_id, domain, {
'projectId': project_id,
'teamId': team_id
})
if len(existing_list) == 0:
inserted_record = db_utils.upsert(space_id, domain, {
'projectId': project_id,
'teamId': team_id
}, request.user_id)
return (200, {'data': inserted_record})
else:
return (200, {'data': existing_list[0]})
else:
return (401, {'data': 'unauthorized'})
def update(request, space_id, data):
new_record = False
if '_id' not in data:
new_record = True
updated_record = db_utils.upsert(space_id, domain, data, request.user_id)
if new_record:
sequence_service.create_sequence(space_id, 'taskOrder',
updated_record['_id'], 1)
sequence_service.create_sequence(space_id, 'stageOrder',
updated_record['_id'], 1)
sequence_service.create_sequence(space_id, 'taskId',
updated_record['_id'], 1)
sequence_service.create_sequence(space_id, 'epicColor',
updated_record['_id'], 1)
role_service.add(
space_id, {
'type': 'ProjectAdministrator',
'userId': request.user_id,
'domainId': updated_record['_id']
}, request.user_id)
return 200, {'data': updated_record}