sartography/spiff-arena
1
0
Fork 0
mirror of https://github.com/sartography/spiff-arena.git synced 2025-03-04 02:50:38 +00:00
Code Issues Packages Projects Releases Wiki Activity
spiff-arena/spiffworkflow-backend/src/spiffworkflow_backend/services/user_service.py

158 lines
5.3 KiB
Python
Raw Normal View History

Squashed 'spiffworkflow-backend/' content from commit 50f28073 git-subtree-dir: spiffworkflow-backend git-subtree-split: 50f28073add91265f00826bd175c8b2fff76cdc5
2022-10-12 10:22:22 -04:00
"""User_service."""
from typing import Any
from typing import Optional
from flask import current_app
from flask import g
pyl passes
2022-12-08 13:47:30 -05:00
from flask_bpmn.api.api_error import ApiError
from flask_bpmn.models.db import db
pyl
2022-11-11 11:39:15 -05:00
Squashed 'spiffworkflow-backend/' changes from 22766521..b978f502 b978f502 Merge pull request #148 from sartography/feature/respect_lanes e7f2d23e merged in main and resolved conflicts w/ burnettk 3a382b40 add new user to active task if appropriate w/ burnettk d1571c58 added default group to demo and development w/ burnettk afdf81a0 added test to ensure users can update their own task w/ burnettk 6e13ee4e Merge remote-tracking branch 'origin/main' into feature/respect_lanes 645e4d8f updated flask-bpmn for sentry and fixed for pyl w/ burnettk 57248eab fixed submitting and getting user tasks w/ burnettk c9b086d9 ignore all null-ls w/ burnettk 63796d50 fixed model load issue w/ burnettk 49eefc56 some precommit stuff w/ burnettk 579f0902 Merge remote-tracking branch 'origin/main' into feature/respect_lanes 47bdb99f fixed swagger ui w/ burnettk 5128f752 merged in main and resolved conflicts be1f4bcc added validation to ensure user has access to task w/ burnettk a387b787 added some code to respect lanes in a process model w/ burnettk git-subtree-dir: spiffworkflow-backend git-subtree-split: b978f502a0f840554940125c6b729b9b99086001
2022-10-21 16:28:09 -04:00
from spiffworkflow_backend.models.active_task import ActiveTaskModel
from spiffworkflow_backend.models.active_task_user import ActiveTaskUserModel
Squashed 'spiffworkflow-backend/' content from commit 50f28073 git-subtree-dir: spiffworkflow-backend git-subtree-split: 50f28073add91265f00826bd175c8b2fff76cdc5
2022-10-12 10:22:22 -04:00
from spiffworkflow_backend.models.group import GroupModel
from spiffworkflow_backend.models.principal import PrincipalModel
from spiffworkflow_backend.models.user import UserModel
from spiffworkflow_backend.models.user_group_assignment import UserGroupAssignmentModel
class UserService:
"""Provides common tools for working with users."""
@classmethod
def create_user(
cls,
service: str,
service_id: str,
username: Optional[str] = "",
email: Optional[str] = "",
) -> UserModel:
"""Create_user."""
user_model: Optional[UserModel] = (
UserModel.query.filter(UserModel.service == service)
.filter(UserModel.service_id == service_id)
.first()
)
if user_model is None:
if username == "":
username = service_id
user_model = UserModel(
username=username,
service=service,
service_id=service_id,
email=email,
)
db.session.add(user_model)
try:
db.session.commit()
except Exception as e:
db.session.rollback()
raise ApiError(
error_code="add_user_error",
message=f"Could not add user {username}",
) from e
cls.create_principal(user_model.id)
return user_model
else:
# TODO: username may be ''.
# not sure what to send in error message.
# Don't really want to send service_id.
raise (
ApiError(
error_code="user_already_exists",
message=f"User already exists: {username}",
status_code=409,
)
)
# Returns true if the current user is logged in.
@staticmethod
def has_user() -> bool:
"""Has_user."""
return "token" in g and bool(g.token) and "user" in g and bool(g.user)
@staticmethod
Squashed 'spiffworkflow-backend/' changes from 400fa583f..dba09086b dba09086b Merge pull request #164 from sartography/feature/remove_unused_tables 6baaf092b fixed group test w/ burnettk d55298517 update SpiffWorkflow w/ burnettk 10fee6d84 Merge remote-tracking branch 'origin/main' into feature/remove_unused_tables a2d4604ca pyl passes w/ burnettk b7aee0549 removed tables for file, admin_session, task_event, and data_store w/ burnettk git-subtree-dir: spiffworkflow-backend git-subtree-split: dba09086ba6e2ef090998a22a086a633e6c13694
2022-11-02 14:17:16 -04:00
def current_user() -> Any:
Squashed 'spiffworkflow-backend/' content from commit 50f28073 git-subtree-dir: spiffworkflow-backend git-subtree-split: 50f28073add91265f00826bd175c8b2fff76cdc5
2022-10-12 10:22:22 -04:00
"""Current_user."""
if not UserService.has_user():
raise ApiError(
"logged_out", "You are no longer logged in.", status_code=401
)
Squashed 'spiffworkflow-backend/' changes from 400fa583f..dba09086b dba09086b Merge pull request #164 from sartography/feature/remove_unused_tables 6baaf092b fixed group test w/ burnettk d55298517 update SpiffWorkflow w/ burnettk 10fee6d84 Merge remote-tracking branch 'origin/main' into feature/remove_unused_tables a2d4604ca pyl passes w/ burnettk b7aee0549 removed tables for file, admin_session, task_event, and data_store w/ burnettk git-subtree-dir: spiffworkflow-backend git-subtree-split: dba09086ba6e2ef090998a22a086a633e6c13694
2022-11-02 14:17:16 -04:00
return g.user
Squashed 'spiffworkflow-backend/' content from commit 50f28073 git-subtree-dir: spiffworkflow-backend git-subtree-split: 50f28073add91265f00826bd175c8b2fff76cdc5
2022-10-12 10:22:22 -04:00
@staticmethod
def get_principal_by_user_id(user_id: int) -> PrincipalModel:
"""Get_principal_by_user_id."""
Squashed 'spiffworkflow-backend/' changes from 5225a8b4..1e831706 1e831706 Merge pull request #146 from sartography/test_arena_push df95dccf fixed conflicts and updated usage of active task status w/ burnettk 33b81894 Merge pull request #145 from sartography/feature/remove-task-data-from-active-task 7e1ce35c remove task_data column b9cd1c06 Merge pull request #144 from sartography/feature/lib-updates-and-mypy 5e09e28d fix mypy 68485ab4 use fork of sqlalchemy-stubs 872480db Merge remote-tracking branch 'origin/main' into feature/lib-updates-and-mypy 18a892f6 work in progress 84344d53 Pause/resume process instances (#2) 53652cff Merge commit '4a48d9cccd1ca8619b3dbef3c10bcce667c9d9e0' 9ea3def2 lint c05b5181 Merge remote-tracking branch 'origin/main' into feature/lib-updates-and-mypy b2a75f60 Merge commit 'c661100e03eef762cb51b02be1b309ec47be7002' 3ddaa5d0 lib updates and mypy 30d04282 Merge commit '4fdb0f3ec4b3b6a68cc2e56ed84ffb6dc2743068' a961b2a1 Merge commit '81746ee508f6ab0ffe757856d9a3d5d855db2560' 10651984 Merge commit '8f8b4717990eb86c6bfd2f309ef064152c51b452' 59b90fba Merge branch 'main' of github.com:sartography/spiff-arena 577e0fe3 Merge commit 'a166df83031cb88d223e5c75ae8db8c896622821' 11d40241 Merge commit '106e2ca7214aec4dba965ccb3f94b0658acaa2b2' 1fcc935e Merge commit '9781908243408ed221f2b0131a00b8a9612f81f3' e9734bff Merge commit '64e7049c9a0a4360101a155a41ce64ae692acd3c' 28239aa4 Merge commit 'aa22f4b397a899fa06d06c2e9127ca98d9eb909a' 8b184a5c Merge commit '4f0f5b1ece069ec56f8eb4154d61334a321749a1' bd1effc6 Merge commit 'b4975660431c275ce736e0431b98c39548200af1' eafa4f61 Merge commit 'c9bd62250452403550ae1bf1d27547d4796dd316' 50d9a0c3 Merge commit '9be0517531543655a35023af17b76dbb41eab93e' 34e98b77 Merge commit 'a1a01ad25a1ef60b879dede6f037f0fff3381ae4' c8d0cb8a Merge commit 'bee232a55a82054e629f48f0333495b61a7da7d1' 00478271 Merge commit '71e189afbc127b574cca8d02fc31b2e65aff0d52' 657fbad9 Merge commit 'f21d0ef3a98458deb347fb2a51fab0b5b41f7fe2' c91c279e Merge commit '93dbce681ec89bc45479748aaae06ddd92b64da4' b95a1af9 Merge commit '48918b00428e777ea29d351662467c0ac4e34a36' afea9254 pre-commit updates e3bc3b76 Merge main, resolve conflicts 2e317da8 Updaging the jinja processing so it doesn't leave a bunch of blank lines in the markdown that has strong feelings about white space. Updating the front end to render markdown formatted instructions. And adding a little css love to tables that are generated in Markdown. git-subtree-dir: spiffworkflow-backend git-subtree-split: 1e831706a1f7ed841e343537cfe1dc05d5eedaca
2022-10-21 10:36:41 -04:00
principal = (
Squashed 'spiffworkflow-backend/' content from commit 50f28073 git-subtree-dir: spiffworkflow-backend git-subtree-split: 50f28073add91265f00826bd175c8b2fff76cdc5
2022-10-12 10:22:22 -04:00
db.session.query(PrincipalModel)
.filter(PrincipalModel.user_id == user_id)
.first()
)
Squashed 'spiffworkflow-backend/' changes from 1e338f955..153061d41 153061d41 Merge branch 'main' of github.com:sartography/spiffworkflow-backend into main 3724ef7f9 Assure that the Active Task Users table is cleared out before deleting the Active Task Record. We were depending on a cascade here, which seems to fail randomly -- apparently due to some sort of race condition. 137ebbc4b Merge branch 'main' of github.com:sartography/spiffworkflow-backend f8f38f813 pyl - prettier maybe? 02fe90969 Merge branch 'main' into feature/edit-task-data ca7d7d9b3 Merge branch 'main' into feature/edit-task-data c38efe2bd w/Jon Api endpoint to update task data 15b99bf90 mypy git-subtree-dir: spiffworkflow-backend git-subtree-split: 153061d413afc5d7ed0c9cec25b292393585f757
2022-10-25 14:20:02 -04:00
if isinstance(principal, PrincipalModel):
Squashed 'spiffworkflow-backend/' content from commit 50f28073 git-subtree-dir: spiffworkflow-backend git-subtree-split: 50f28073add91265f00826bd175c8b2fff76cdc5
2022-10-12 10:22:22 -04:00
return principal
raise ApiError(
error_code="no_principal_found",
message=f"No principal was found for user_id: {user_id}",
)
@classmethod
Squashed 'spiffworkflow-backend/' changes from 03bf7a61..10c443a2 10c443a2 Merge pull request #130 from sartography/feature/data 71c803aa allow passing in the log level into the app w/ burnettk daeb82d9 Merge pull request #126 from sartography/dependabot/pip/typing-extensions-4.4.0 14c8f52c Merge pull request #123 from sartography/dependabot/pip/dot-github/workflows/poetry-1.2.2 92d204e6 Merge remote-tracking branch 'origin/main' into feature/data 1cb77901 run the save all bpmn script on server boot w/ burnettk 16a6f476 Bump typing-extensions from 4.3.0 to 4.4.0 d8ac61fc Bump poetry from 1.2.1 to 1.2.2 in /.github/workflows 3be27786 Merge pull request #131 from sartography/feature/permissions2 1fd8fc78 Merge remote-tracking branch 'origin/main' into feature/permissions2 d29621ae data setup on app boot 0b21a5d4 refactor bin/save_all_bpmn.py into service code 02fb9d61 lint c95db461 refactor scripts 98628fc2 This caused a problem with scopes when token timed out. d8b2323b merged in main and resolved conflicts d01b4fc7 updated sentry-sdk to resolve deprecation warnings 5851ddf5 update for mypy in python 3.9 508f9900 merged in main and resolved conflicts 68d69978 precommit w/ burnettk 85a4ee16 removed debug print statements w/ burnettk 93eb91f4 added keycloak configs and user perms for staging w/ burnettk e4ded8fc added method to import permissions from yml file w/ burnettk 22ba89ae use percents instead of asterisks to better support db syntax w/ burnettk 0c116ae8 postgres does not use backticks w/ burnettk 621ad3ef attempting to see if sql like statement works in other dbs as well w/ burnettk git-subtree-dir: spiffworkflow-backend git-subtree-split: 10c443a2d82752e8ed9d1679afe6409d81029006
2022-10-12 15:28:52 -04:00
def create_principal(
cls, child_id: int, id_column_name: str = "user_id"
) -> PrincipalModel:
Squashed 'spiffworkflow-backend/' content from commit 50f28073 git-subtree-dir: spiffworkflow-backend git-subtree-split: 50f28073add91265f00826bd175c8b2fff76cdc5
2022-10-12 10:22:22 -04:00
"""Create_principal."""
Squashed 'spiffworkflow-backend/' changes from 03bf7a61..10c443a2 10c443a2 Merge pull request #130 from sartography/feature/data 71c803aa allow passing in the log level into the app w/ burnettk daeb82d9 Merge pull request #126 from sartography/dependabot/pip/typing-extensions-4.4.0 14c8f52c Merge pull request #123 from sartography/dependabot/pip/dot-github/workflows/poetry-1.2.2 92d204e6 Merge remote-tracking branch 'origin/main' into feature/data 1cb77901 run the save all bpmn script on server boot w/ burnettk 16a6f476 Bump typing-extensions from 4.3.0 to 4.4.0 d8ac61fc Bump poetry from 1.2.1 to 1.2.2 in /.github/workflows 3be27786 Merge pull request #131 from sartography/feature/permissions2 1fd8fc78 Merge remote-tracking branch 'origin/main' into feature/permissions2 d29621ae data setup on app boot 0b21a5d4 refactor bin/save_all_bpmn.py into service code 02fb9d61 lint c95db461 refactor scripts 98628fc2 This caused a problem with scopes when token timed out. d8b2323b merged in main and resolved conflicts d01b4fc7 updated sentry-sdk to resolve deprecation warnings 5851ddf5 update for mypy in python 3.9 508f9900 merged in main and resolved conflicts 68d69978 precommit w/ burnettk 85a4ee16 removed debug print statements w/ burnettk 93eb91f4 added keycloak configs and user perms for staging w/ burnettk e4ded8fc added method to import permissions from yml file w/ burnettk 22ba89ae use percents instead of asterisks to better support db syntax w/ burnettk 0c116ae8 postgres does not use backticks w/ burnettk 621ad3ef attempting to see if sql like statement works in other dbs as well w/ burnettk git-subtree-dir: spiffworkflow-backend git-subtree-split: 10c443a2d82752e8ed9d1679afe6409d81029006
2022-10-12 15:28:52 -04:00
column = PrincipalModel.__table__.columns[id_column_name]
principal: Optional[PrincipalModel] = PrincipalModel.query.filter(
column == child_id
Squashed 'spiffworkflow-backend/' content from commit 50f28073 git-subtree-dir: spiffworkflow-backend git-subtree-split: 50f28073add91265f00826bd175c8b2fff76cdc5
2022-10-12 10:22:22 -04:00
).first()
if principal is None:
Squashed 'spiffworkflow-backend/' changes from 03bf7a61..10c443a2 10c443a2 Merge pull request #130 from sartography/feature/data 71c803aa allow passing in the log level into the app w/ burnettk daeb82d9 Merge pull request #126 from sartography/dependabot/pip/typing-extensions-4.4.0 14c8f52c Merge pull request #123 from sartography/dependabot/pip/dot-github/workflows/poetry-1.2.2 92d204e6 Merge remote-tracking branch 'origin/main' into feature/data 1cb77901 run the save all bpmn script on server boot w/ burnettk 16a6f476 Bump typing-extensions from 4.3.0 to 4.4.0 d8ac61fc Bump poetry from 1.2.1 to 1.2.2 in /.github/workflows 3be27786 Merge pull request #131 from sartography/feature/permissions2 1fd8fc78 Merge remote-tracking branch 'origin/main' into feature/permissions2 d29621ae data setup on app boot 0b21a5d4 refactor bin/save_all_bpmn.py into service code 02fb9d61 lint c95db461 refactor scripts 98628fc2 This caused a problem with scopes when token timed out. d8b2323b merged in main and resolved conflicts d01b4fc7 updated sentry-sdk to resolve deprecation warnings 5851ddf5 update for mypy in python 3.9 508f9900 merged in main and resolved conflicts 68d69978 precommit w/ burnettk 85a4ee16 removed debug print statements w/ burnettk 93eb91f4 added keycloak configs and user perms for staging w/ burnettk e4ded8fc added method to import permissions from yml file w/ burnettk 22ba89ae use percents instead of asterisks to better support db syntax w/ burnettk 0c116ae8 postgres does not use backticks w/ burnettk 621ad3ef attempting to see if sql like statement works in other dbs as well w/ burnettk git-subtree-dir: spiffworkflow-backend git-subtree-split: 10c443a2d82752e8ed9d1679afe6409d81029006
2022-10-12 15:28:52 -04:00
principal = PrincipalModel()
setattr(principal, id_column_name, child_id)
Squashed 'spiffworkflow-backend/' content from commit 50f28073 git-subtree-dir: spiffworkflow-backend git-subtree-split: 50f28073add91265f00826bd175c8b2fff76cdc5
2022-10-12 10:22:22 -04:00
db.session.add(principal)
try:
db.session.commit()
except Exception as e:
db.session.rollback()
current_app.logger.error(f"Exception in create_principal: {e}")
raise ApiError(
error_code="add_principal_error",
Squashed 'spiffworkflow-backend/' changes from 03bf7a61..10c443a2 10c443a2 Merge pull request #130 from sartography/feature/data 71c803aa allow passing in the log level into the app w/ burnettk daeb82d9 Merge pull request #126 from sartography/dependabot/pip/typing-extensions-4.4.0 14c8f52c Merge pull request #123 from sartography/dependabot/pip/dot-github/workflows/poetry-1.2.2 92d204e6 Merge remote-tracking branch 'origin/main' into feature/data 1cb77901 run the save all bpmn script on server boot w/ burnettk 16a6f476 Bump typing-extensions from 4.3.0 to 4.4.0 d8ac61fc Bump poetry from 1.2.1 to 1.2.2 in /.github/workflows 3be27786 Merge pull request #131 from sartography/feature/permissions2 1fd8fc78 Merge remote-tracking branch 'origin/main' into feature/permissions2 d29621ae data setup on app boot 0b21a5d4 refactor bin/save_all_bpmn.py into service code 02fb9d61 lint c95db461 refactor scripts 98628fc2 This caused a problem with scopes when token timed out. d8b2323b merged in main and resolved conflicts d01b4fc7 updated sentry-sdk to resolve deprecation warnings 5851ddf5 update for mypy in python 3.9 508f9900 merged in main and resolved conflicts 68d69978 precommit w/ burnettk 85a4ee16 removed debug print statements w/ burnettk 93eb91f4 added keycloak configs and user perms for staging w/ burnettk e4ded8fc added method to import permissions from yml file w/ burnettk 22ba89ae use percents instead of asterisks to better support db syntax w/ burnettk 0c116ae8 postgres does not use backticks w/ burnettk 621ad3ef attempting to see if sql like statement works in other dbs as well w/ burnettk git-subtree-dir: spiffworkflow-backend git-subtree-split: 10c443a2d82752e8ed9d1679afe6409d81029006
2022-10-12 15:28:52 -04:00
message=f"Could not create principal {child_id}",
Squashed 'spiffworkflow-backend/' content from commit 50f28073 git-subtree-dir: spiffworkflow-backend git-subtree-split: 50f28073add91265f00826bd175c8b2fff76cdc5
2022-10-12 10:22:22 -04:00
) from e
return principal
@classmethod
def add_user_to_group(cls, user: UserModel, group: GroupModel) -> None:
"""Add_user_to_group."""
ugam = UserGroupAssignmentModel(user_id=user.id, group_id=group.id)
db.session.add(ugam)
db.session.commit()
Squashed 'spiffworkflow-backend/' changes from f9c2fa21e..5225a8b4c 5225a8b4c pyl 259f74a1e Merge branch 'main' into bug/refresh-token d452208ef Merge pull request #135 from sartography/feature/permissions3 8e1075406 Merge branch 'main' into bug/refresh-token 2b01d2fe7 fixed authentication_callback and getting the user w/ burnettk 476e36c7d mypy changes 6403e62c0 Fix migration after merging main 594a32b67 merged in main and resolved conflicts w/ burnettk b285ba1a1 added updated columns to secrets and updated flask-bpmn 7c53fc9fa Merge remote-tracking branch 'origin/main' into feature/permissions3 201a6918a pyl changes a6112f7fb Merge branch 'main' into bug/refresh-token 87f65a6c6 auth_token should be dictionary, not string f163de61c pyl 1f443bb94 PublicAuthenticationService -> AuthenticationService 6c491a3df Don't refresh token here. They just logged in. We are validating the returned token. If it is bad, raise an error. 91b8649f8 id_token -> auth_token fc94774bb Move `store_refresh_token` to authentication_service 00d66e9c5 mypy c4e415dbe mypy 1e75716eb Pre commit a72b03e09 Rename method. We pass it auth_tokens, not id_tokens 9a6700a6d Too many things expect g.token. Reverting my change 74883fb23 Noe store refresh_token, and try to use it if auth_token is expired Renamed some methods to use correct token type be0557013 Cleanup - remove unused code cf01f0d51 Add refresh_token model 1c0c937af added method to delete all permissions so we can recreate them w/ burnettk aaeaac879 Merge remote-tracking branch 'origin/main' into feature/permissions3 44856fce2 added api endpoint to check if user has permissions based on given target uris w/ burnettk ae830054d precommit w/ burnettk 94d50efb1 created common method to check whether an api method should have auth w/ burnettk c955335d0 precommit w/ burnettk 37caf1a69 added a finance user to keycloak and fixed up the staging permission yml w/ burnettk 93c456294 merged in main and resolved conflicts w/ burnettk 06a7c6485 remaining tests are now passing w/ burnettk 50529d04c added test to make sure api gives a 403 if a permission is not found w/ burnettk 6a9d0a68a api calls are somewhat respecting permissions now and the process api tests are passing d07fbbeff attempting to respect permissions w/ burnettk git-subtree-dir: spiffworkflow-backend git-subtree-split: 5225a8b4c101133567d4f7efa33632d36c29c81d
2022-10-20 16:00:12 -04:00
@staticmethod
def get_user_by_service_and_service_id(
service: str, service_id: str
) -> Optional[UserModel]:
"""Get_user_by_service_and_service_id."""
user: UserModel = (
UserModel.query.filter(UserModel.service == service)
.filter(UserModel.service_id == service_id)
.first()
)
if user:
return user
return None
Squashed 'spiffworkflow-backend/' changes from 22766521..b978f502 b978f502 Merge pull request #148 from sartography/feature/respect_lanes e7f2d23e merged in main and resolved conflicts w/ burnettk 3a382b40 add new user to active task if appropriate w/ burnettk d1571c58 added default group to demo and development w/ burnettk afdf81a0 added test to ensure users can update their own task w/ burnettk 6e13ee4e Merge remote-tracking branch 'origin/main' into feature/respect_lanes 645e4d8f updated flask-bpmn for sentry and fixed for pyl w/ burnettk 57248eab fixed submitting and getting user tasks w/ burnettk c9b086d9 ignore all null-ls w/ burnettk 63796d50 fixed model load issue w/ burnettk 49eefc56 some precommit stuff w/ burnettk 579f0902 Merge remote-tracking branch 'origin/main' into feature/respect_lanes 47bdb99f fixed swagger ui w/ burnettk 5128f752 merged in main and resolved conflicts be1f4bcc added validation to ensure user has access to task w/ burnettk a387b787 added some code to respect lanes in a process model w/ burnettk git-subtree-dir: spiffworkflow-backend git-subtree-split: b978f502a0f840554940125c6b729b9b99086001
2022-10-21 16:28:09 -04:00
@classmethod
def add_user_to_active_tasks_if_appropriate(cls, user: UserModel) -> None:
"""Add_user_to_active_tasks_if_appropriate."""
group_ids = [g.id for g in user.groups]
active_tasks = ActiveTaskModel.query.filter(
ActiveTaskModel.lane_assignment_id.in_(group_ids) # type: ignore
).all()
for active_task in active_tasks:
active_task_user = ActiveTaskUserModel(
user_id=user.id, active_task_id=active_task.id
)
db.session.add(active_task_user)
db.session.commit()
Reference in New Issue Copy Permalink