cr-connect-workflow/crc/services/user_service.py

from flask import g

from crc import db
from crc.api.common import ApiError
from crc.models.user import UserModel


class UserService(object):
    """Provides common tools for working with users"""

    # Returns true if the current user is logged in.
    @staticmethod
    def has_user():
        return 'user' in g and bool(g.user)

    # Returns true if the current user is an admin.
    @staticmethod
    def user_is_admin():
        return UserService.has_user() and g.user.is_admin()

    # Returns true if the current admin user is impersonating another user.
    @staticmethod
    def admin_is_impersonating():
        return UserService.user_is_admin() and \
               "impersonate_user" in g and \
               g.impersonate_user is not None

    # Returns true if the given user uid is different from the current user's uid.
    @staticmethod
    def is_different_user(uid):
        return UserService.has_user() and uid is not None and uid is not g.user.uid

    @staticmethod
    def current_user(allow_admin_impersonate=False):
        if not UserService.has_user():
            raise ApiError("logged_out", "You are no longer logged in.", status_code=401)

        # Admins can pretend to be different users and act on a users behalf in
        # some circumstances.
        if allow_admin_impersonate and UserService.admin_is_impersonating():
            return g.impersonate_user
        else:
            return g.user

    # Admins can pretend to be different users and act on a users behalf in some circumstances.
    # This method allows an admin user to start impersonating another user with the given uid.
    # Stops impersonating if the uid is None or invalid.
    @staticmethod
    def impersonate(uid=None):
        # Clear out the current impersonating user.
        g.impersonate_user = None

        if not UserService.has_user():
            raise ApiError("logged_out", "You are no longer logged in.", status_code=401)

        if not UserService.admin_is_impersonating() and UserService.is_different_user(uid):
            # Impersonate the user if the given uid is valid.
            g.impersonate_user = db.session.query(UserModel).filter(UserModel.uid == uid).first()

    @staticmethod
    def in_list(uids, allow_admin_impersonate=False):
        """Returns true if the current user's id is in the given list of ids.  False if there
        is no user, or the user is not in the list."""
        if UserService.has_user():  # If someone is logged in, lock tasks that don't belong to them.
            user = UserService.current_user(allow_admin_impersonate)
            if user.uid in uids:
                return True
        return False
Building out a user service for getting the current user, it will provide a number of functions, one of which will allow administrative users to impersonate other users in some circumstances (but will assure that we log events correctly when an impersonation occures) 2020-07-27 18:38:57 +00:00			`from flask import g`

Adds list_users endpoint. Adds admin impersonate uid parameter to user endpoint. Adds some utility methods to user service. Refactors authentication tests. 2020-07-30 02:47:47 +00:00			`from crc import db`
Building out a user service for getting the current user, it will provide a number of functions, one of which will allow administrative users to impersonate other users in some circumstances (but will assure that we log events correctly when an impersonation occures) 2020-07-27 18:38:57 +00:00			`from crc.api.common import ApiError`
Adds list_users endpoint. Adds admin impersonate uid parameter to user endpoint. Adds some utility methods to user service. Refactors authentication tests. 2020-07-30 02:47:47 +00:00			`from crc.models.user import UserModel`
Building out a user service for getting the current user, it will provide a number of functions, one of which will allow administrative users to impersonate other users in some circumstances (but will assure that we log events correctly when an impersonation occures) 2020-07-27 18:38:57 +00:00

			`class UserService(object):`
			`"""Provides common tools for working with users"""`

Adds list_users endpoint. Adds admin impersonate uid parameter to user endpoint. Adds some utility methods to user service. Refactors authentication tests. 2020-07-30 02:47:47 +00:00			`# Returns true if the current user is logged in.`
Building out a user service for getting the current user, it will provide a number of functions, one of which will allow administrative users to impersonate other users in some circumstances (but will assure that we log events correctly when an impersonation occures) 2020-07-27 18:38:57 +00:00			`@staticmethod`
			`def has_user():`
Adds list_users endpoint. Adds admin impersonate uid parameter to user endpoint. Adds some utility methods to user service. Refactors authentication tests. 2020-07-30 02:47:47 +00:00			`return 'user' in g and bool(g.user)`
Building out a user service for getting the current user, it will provide a number of functions, one of which will allow administrative users to impersonate other users in some circumstances (but will assure that we log events correctly when an impersonation occures) 2020-07-27 18:38:57 +00:00
Adds list_users endpoint. Adds admin impersonate uid parameter to user endpoint. Adds some utility methods to user service. Refactors authentication tests. 2020-07-30 02:47:47 +00:00			`# Returns true if the current user is an admin.`
Building out a user service for getting the current user, it will provide a number of functions, one of which will allow administrative users to impersonate other users in some circumstances (but will assure that we log events correctly when an impersonation occures) 2020-07-27 18:38:57 +00:00			`@staticmethod`
Adds list_users endpoint. Adds admin impersonate uid parameter to user endpoint. Adds some utility methods to user service. Refactors authentication tests. 2020-07-30 02:47:47 +00:00			`def user_is_admin():`
			`return UserService.has_user() and g.user.is_admin()`

			`# Returns true if the current admin user is impersonating another user.`
			`@staticmethod`
			`def admin_is_impersonating():`
			`return UserService.user_is_admin() and \`
			`"impersonate_user" in g and \`
			`g.impersonate_user is not None`
Building out a user service for getting the current user, it will provide a number of functions, one of which will allow administrative users to impersonate other users in some circumstances (but will assure that we log events correctly when an impersonation occures) 2020-07-27 18:38:57 +00:00
Adds list_users endpoint. Adds admin impersonate uid parameter to user endpoint. Adds some utility methods to user service. Refactors authentication tests. 2020-07-30 02:47:47 +00:00			`# Returns true if the given user uid is different from the current user's uid.`
			`@staticmethod`
			`def is_different_user(uid):`
			`return UserService.has_user() and uid is not None and uid is not g.user.uid`

			`@staticmethod`
			`def current_user(allow_admin_impersonate=False):`
Building out a user service for getting the current user, it will provide a number of functions, one of which will allow administrative users to impersonate other users in some circumstances (but will assure that we log events correctly when an impersonation occures) 2020-07-27 18:38:57 +00:00			`if not UserService.has_user():`
			`raise ApiError("logged_out", "You are no longer logged in.", status_code=401)`

			`# Admins can pretend to be different users and act on a users behalf in`
			`# some circumstances.`
Adds list_users endpoint. Adds admin impersonate uid parameter to user endpoint. Adds some utility methods to user service. Refactors authentication tests. 2020-07-30 02:47:47 +00:00			`if allow_admin_impersonate and UserService.admin_is_impersonating():`
Building out a user service for getting the current user, it will provide a number of functions, one of which will allow administrative users to impersonate other users in some circumstances (but will assure that we log events correctly when an impersonation occures) 2020-07-27 18:38:57 +00:00			`return g.impersonate_user`
			`else:`
			`return g.user`

Adds list_users endpoint. Adds admin impersonate uid parameter to user endpoint. Adds some utility methods to user service. Refactors authentication tests. 2020-07-30 02:47:47 +00:00			`# Admins can pretend to be different users and act on a users behalf in some circumstances.`
			`# This method allows an admin user to start impersonating another user with the given uid.`
			`# Stops impersonating if the uid is None or invalid.`
			`@staticmethod`
			`def impersonate(uid=None):`
			`# Clear out the current impersonating user.`
			`g.impersonate_user = None`

			`if not UserService.has_user():`
			`raise ApiError("logged_out", "You are no longer logged in.", status_code=401)`

			`if not UserService.admin_is_impersonating() and UserService.is_different_user(uid):`
			`# Impersonate the user if the given uid is valid.`
			`g.impersonate_user = db.session.query(UserModel).filter(UserModel.uid == uid).first()`

Building out a user service for getting the current user, it will provide a number of functions, one of which will allow administrative users to impersonate other users in some circumstances (but will assure that we log events correctly when an impersonation occures) 2020-07-27 18:38:57 +00:00			`@staticmethod`
			`def in_list(uids, allow_admin_impersonate=False):`
			`"""Returns true if the current user's id is in the given list of ids. False if there`
			`is no user, or the user is not in the list."""`
			`if UserService.has_user(): # If someone is logged in, lock tasks that don't belong to them.`
			`user = UserService.current_user(allow_admin_impersonate)`
			`if user.uid in uids:`
			`return True`
			`return False`