# -*- coding: utf-8 -*- import threading import transaction import typing as typing from sqlalchemy.orm import Session from tracim import CFG from tracim.models.auth import User, Group from sqlalchemy.orm.exc import NoResultFound from tracim.exceptions import WrongUserPassword, UserNotExist from tracim.exceptions import AuthenticationFailed from tracim.models.context_models import UserInContext class UserApi(object): def __init__( self, current_user: typing.Optional[User], session: Session, config: CFG, ) -> None: self._session = session self._user = current_user self._config = config def _base_query(self): return self._session.query(User) def get_user_with_context(self, user: User) -> UserInContext: """ Return UserInContext object from User """ user = UserInContext( user=user, dbsession=self._session, config=self._config, ) return user # Getters def get_one(self, user_id: int) -> User: """ Get one user by user id """ try: user = self._base_query().filter(User.user_id == user_id).one() except NoResultFound: raise UserNotExist() return user def get_one_by_email(self, email: str) -> User: """ Get one user by email :param email: Email of the user :return: one user """ try: user = self._base_query().filter(User.email == email).one() except NoResultFound: raise UserNotExist() return user # FIXME - G.M - 24-04-2018 - Duplicate method with get_one. def get_one_by_id(self, id: int) -> User: return self.get_one(user_id=id) def get_current_user(self) -> User: """ Get current_user """ if not self._user: raise UserNotExist() return self._user def get_all(self) -> typing.Iterable[User]: return self._session.query(User).order_by(User.display_name).all() # Check methods def user_with_email_exists(self, email: str) -> bool: try: self.get_one_by_email(email) return True # TODO - G.M - 09-04-2018 - Better exception except: return False def authenticate_user(self, email: str, password: str) -> User: """ Authenticate user with email and password, raise AuthenticationFailed if uncorrect. :param email: email of the user :param password: cleartext password of the user :return: User who was authenticated. """ try: user = self.get_one_by_email(email) if user.validate_password(password): return user else: raise WrongUserPassword() except (WrongUserPassword, NoResultFound, UserNotExist): raise AuthenticationFailed() def can_see_private_info_of_user(self, user: User): """ Return boolean wheter current api user has right to see private information of a user. :param user: :return: """ return self._user and ( self._user.user_id == user.user_id or self._user.profile.id >= Group.TIM_ADMIN) # Actions def update( self, user: User, name: str=None, email: str=None, do_save=True, timezone: str='', ) -> None: if name is not None: user.display_name = name if email is not None: user.email = email user.timezone = timezone if do_save: self.save(user) def create_user(self, email=None, groups=[], save_now=False) -> User: user = User() if email: user.email = email for group in groups: user.groups.append(group) self._session.add(user) if save_now: self._session.flush() return user def save(self, user: User): self._session.flush() def execute_created_user_actions(self, created_user: User) -> None: """ Execute actions when user just been created :return: """ # NOTE: Cyclic import # TODO - G.M - 28-03-2018 - [Calendar] Reenable Calendar stuff #from tracim.lib.calendar import CalendarManager #from tracim.model.organisational import UserCalendar # TODO - G.M - 04-04-2018 - [auth] # Check if this is already needed with # new auth system created_user.ensure_auth_token( session=self._session, validity_seconds=self._config.USER_AUTH_TOKEN_VALIDITY ) # Ensure database is up-to-date self._session.flush() transaction.commit() # TODO - G.M - 28-03-2018 - [Calendar] Reenable Calendar stuff # calendar_manager = CalendarManager(created_user) # calendar_manager.create_then_remove_fake_event( # calendar_class=UserCalendar, # related_object_id=created_user.user_id, # )