def create_user(user: NewUser):
"""
Create a invalid user in database including its credentials and
security questions.
\f
:param user: User input
"""
user_found = UserInterface.find_one(email=user.email, is_valid=False)
if user_found:
return UJSONResponse(UserMessage.exist, HTTP_400_BAD_REQUEST)
user_found = UserInterface.find_one(email=user.email)
if user_found:
return UJSONResponse(UserMessage.exist, HTTP_400_BAD_REQUEST)
user_dict = user.dict(
exclude={'password', 'otp_code', 'security_questions'})
new_user = User(**user_dict)
credential = Credentials(user=new_user,
password=user.password,
otp_code=user.otp_code)
security_questions = SecurityQuestions(
user=new_user,
questions=[question.dict() for question in user.security_questions])
try:
new_user.save()
credential.save()
security_questions.save()
except Exception as error:
return UJSONResponse(str(error), HTTP_400_BAD_REQUEST)
return UJSONResponse(UserMessage.created, HTTP_201_CREATED,
BsonObject.dict(new_user))
def set_security_questions(email: str, questions: List[SecurityQuestion]):
"""
Update security questions from specific user, all questions will be replaced
depends of the input questions.
\f
:param email: user email to update questions.
:param questions: array of questions.
"""
user_found = UserInterface.find_one(email)
if not user_found:
return UJSONResponse(UserMessage.not_found, HTTP_404_NOT_FOUND)
security_question = QuestionInterface.find_one(user_found)
if not security_question:
return UJSONResponse(QuestionMessage.not_found, HTTP_400_BAD_REQUEST)
security_question.questions = [
Question(**question.dict()) for question in questions
]
try:
security_question.save()
except Exception as error:
return UJSONResponse(str(error), HTTP_400_BAD_REQUEST)
return UJSONResponse(QuestionMessage.updated, HTTP_200_OK)
def validate_credentials(user: UserCredentials):
"""
Validate if user credentials are valid, if didn't match, will return bad
request error.
\f
:param user: user credentials like email and password.
"""
user_found = UserInterface.find_one(user.email, is_valid=True)
if not user_found:
return UJSONResponse(UserMessage.not_found, HTTP_404_NOT_FOUND)
credentials = CredentialInterface.find_one(user_found)
if not credentials:
return UJSONResponse(CredentialMessage.invalid, HTTP_400_BAD_REQUEST)
if credentials.password != user.password:
return UJSONResponse(CredentialMessage.invalid, HTTP_400_BAD_REQUEST)
# TODO: Verify User Role
data = {
'email': user.email,
'name': user_found.name,
'role': user_found.role.value
}
return UJSONResponse(CredentialMessage.logged, HTTP_200_OK, data)
def create_root_user(email: str):
user_found = UserInterface.find_one(email)
if not user_found:
return UJSONResponse(UserMessage.not_found, HTTP_404_NOT_FOUND)
try:
user_found.update(role=UserRoles.ROOT)
user_found.reload()
except Exception as error:
return UJSONResponse(str(error), HTTP_400_BAD_REQUEST)
return UJSONResponse(UserMessage.updated, HTTP_200_OK)
def enable_user(email: str):
"""
:param email:
"""
user_found = UserInterface.find_one(email, is_enabled=False)
if not user_found:
return UJSONResponse(UserMessage.not_found, HTTP_404_NOT_FOUND)
user_found.is_enabled = True
user_found.save()
return UJSONResponse(UserMessage.enabled, HTTP_200_OK)
def validate_user(email: str):
"""
Validate user if the state user is invalid, if is valid, will return
user not found.
\f
:param email: email from the user to validate.
"""
user_found = UserInterface.find_one(email=email, is_valid=False)
if not user_found:
return UJSONResponse(UserMessage.not_found, HTTP_404_NOT_FOUND)
user_found.is_valid = True
user_found.save()
return UJSONResponse(UserMessage.validated, HTTP_200_OK)
def delete_user(email: str):
"""
Delete user data from database as logic field, if user has been deleted
before, will return user not found or return user deleted successfully.
\f
:param email: email from the user to delete.
"""
user_found = UserInterface.find_one(email)
if not user_found:
return UJSONResponse(UserMessage.not_found, HTTP_404_NOT_FOUND)
user_found.is_deleted = True
user_found.save()
return UJSONResponse(UserMessage.deleted, HTTP_200_OK)
def find_user(email: str, is_valid: bool = True, is_enabled: bool = True):
"""
Find user in database, depends of invalid param, could be a valid or invalid
user, if user did not exist, will return user not found.
\f
:param email: email from the user to find.
:param is_valid: if valid state user is valid or invalid.
:param is_enabled:
"""
user = UserInterface.find_one(email,
is_valid=is_valid,
is_enabled=is_enabled)
if not user:
return UJSONResponse(UserMessage.not_found, HTTP_404_NOT_FOUND)
return UJSONResponse(UserMessage.found, HTTP_200_OK, BsonObject.dict(user))
def find_security_questions(email: str):
"""
Find security questions from a specific user, if user did not exist, will
return user not found, else, could return questions from the user.
\f
:param email: email from the user to find questions.
"""
user_found = UserInterface.find_one(email)
if not user_found:
return UJSONResponse(UserMessage.not_found, HTTP_404_NOT_FOUND)
security_question = QuestionInterface.find_one(user_found)
if not security_question:
return UJSONResponse(QuestionMessage.not_found, HTTP_400_BAD_REQUEST)
data = [BsonObject.dict(q) for q in security_question.questions]
return UJSONResponse(QuestionMessage.found, HTTP_200_OK, data)
def update_user(email: str, user: UpdateUser):
"""
Update data user information, except email and credentials information, all
null fields will be ignored.
\f
:param email: email from the user to update.
:param user: user data to update.
"""
user_found = UserInterface.find_one(email)
if not user_found:
return UJSONResponse(UserMessage.not_found, HTTP_404_NOT_FOUND)
user_found.update(**user.dict(exclude_none=True))
user_found.save().reload()
return UJSONResponse(UserMessage.updated, HTTP_200_OK,
BsonObject.dict(user_found))
def get_otp_code(email: str, is_valid: bool = True):
"""
Find otp code from user credentials and return its information.
\f
:param is_valid:
:param email: user email to find otp code.
"""
user_found = UserInterface.find_one(email, is_valid=is_valid)
if not user_found:
return UJSONResponse(UserMessage.not_found, HTTP_404_NOT_FOUND)
credential = CredentialInterface.find_one(user_found)
if not user_found:
return UJSONResponse(UserMessage.not_found, HTTP_404_NOT_FOUND)
data = {'otp_code': credential.otp_code}
return UJSONResponse(UserMessage.found, HTTP_200_OK, data)
def get_security_code(email: str):
"""
Find security code from the user credentials, if user or credentials did not
exist, will return not found
\f
:param email: email from the user to find security code.
"""
user_found = UserInterface.find_one(email)
if not user_found:
return UJSONResponse(UserMessage.not_found, HTTP_404_NOT_FOUND)
credentials = CredentialInterface.find_one(user_found)
if not credentials:
return UJSONResponse(CredentialMessage.invalid, HTTP_400_BAD_REQUEST)
data = {
'security_code': credentials.security_code,
}
return UJSONResponse(CredentialMessage.code_found, HTTP_200_OK, data)
def update_password(user: UserCredentials):
"""
Update password from specific user, if user not found or is not valid, will
return not found.
\f
:param user: email from the user to update passwords.
"""
user_found = UserInterface.find_one(user.email)
if not user_found:
return UJSONResponse(UserMessage.not_found, HTTP_404_NOT_FOUND)
credentials = CredentialInterface.find_one(user_found)
if not credentials:
return UJSONResponse(CredentialMessage.invalid, HTTP_400_BAD_REQUEST)
credentials.password = user.password
try:
credentials.save()
except Exception as error:
return UJSONResponse(str(error), HTTP_400_BAD_REQUEST)
return UJSONResponse(CredentialMessage.pass_updated, HTTP_200_OK)
def set_security_code(email: str, code: str):
"""
Update security code to specific user at its credentials.
\f
:param email: email from the user to set security code.
:param code: code to update in its credentials
"""
user_found = UserInterface.find_one(email)
if not user_found:
return UJSONResponse(UserMessage.not_found, HTTP_404_NOT_FOUND)
credentials = CredentialInterface.find_one(user_found)
if not credentials:
return UJSONResponse(CredentialMessage.invalid, HTTP_400_BAD_REQUEST)
credentials.security_code = code.strip()
try:
credentials.save()
except Exception as error:
return UJSONResponse(str(error), HTTP_400_BAD_REQUEST)
return UJSONResponse(CredentialMessage.code_updated, HTTP_200_OK)
def list_users(is_valid: bool = True,
is_enabled: bool = True,
name: Optional[str] = None,
role: UserRoles = UserRoles.USER):
"""
return a list of users that satisfy the search parameters.
\f
:param is_valid: Field that verifies that the user is valid.
:param is_enabled: Field that verifies if user is enabled.
:param name: Name for the search
:param role: Role for the search
"""
users = UserInterface.find_all(is_enabled=is_enabled,
is_valid=is_valid,
name=name,
role=role)
if not users:
return UJSONResponse(UserMessage.found, HTTP_200_OK,
BsonObject.dict(users))
return UJSONResponse(UserMessage.found, HTTP_200_OK,
BsonObject.dict(users))
def test_create_response(self):
result = UJSONResponse('any', 200)
self.assertIsInstance(result, Response)