2018-02-20 11:22:17 +00:00
|
|
|
from flask import abort, flash, redirect, render_template, request, url_for
|
|
|
|
|
from flask_login import current_user, login_required
|
2016-04-15 11:04:35 +01:00
|
|
|
from notifications_python_client.errors import HTTPError
|
2018-02-20 11:22:17 +00:00
|
|
|
|
|
|
|
|
from app import (
|
|
|
|
|
current_service,
|
|
|
|
|
invite_api_client,
|
|
|
|
|
service_api_client,
|
|
|
|
|
user_api_client,
|
2016-03-09 13:00:52 +00:00
|
|
|
)
|
2018-02-20 11:22:17 +00:00
|
|
|
from app.main import main
|
2018-06-12 11:51:37 +01:00
|
|
|
from app.main.forms import (
|
|
|
|
|
AdminInviteUserForm,
|
|
|
|
|
AdminPermissionsForm,
|
|
|
|
|
SearchUsersForm,
|
|
|
|
|
)
|
2018-01-11 22:12:30 +00:00
|
|
|
from app.notify_client.models import roles
|
2016-03-03 13:00:12 +00:00
|
|
|
from app.utils import user_has_permissions
|
2016-02-19 15:02:13 +00:00
|
|
|
|
|
|
|
|
|
|
|
|
|
@main.route("/services/<service_id>/users")
|
|
|
|
|
@login_required
|
2018-03-01 10:30:17 +00:00
|
|
|
@user_has_permissions('view_activity')
|
2016-02-19 15:02:13 +00:00
|
|
|
def manage_users(service_id):
|
2018-01-26 17:16:07 +00:00
|
|
|
users = sorted(
|
|
|
|
|
user_api_client.get_users_for_service(service_id=service_id) + [
|
2018-01-26 17:14:00 +00:00
|
|
|
invite for invite in invite_api_client.get_invites_for_service(service_id=service_id)
|
|
|
|
|
if invite.status != 'accepted'
|
2018-01-26 17:16:07 +00:00
|
|
|
],
|
|
|
|
|
key=lambda user: user.email_address,
|
2018-01-26 17:14:00 +00:00
|
|
|
)
|
2017-11-01 15:36:27 +00:00
|
|
|
|
2016-03-22 13:18:06 +00:00
|
|
|
return render_template(
|
|
|
|
|
'views/manage-users.html',
|
2016-06-06 11:57:20 +01:00
|
|
|
users=users,
|
2016-03-22 13:18:06 +00:00
|
|
|
current_user=current_user,
|
2018-01-26 17:21:06 +00:00
|
|
|
show_search_box=(len(users) > 7),
|
|
|
|
|
form=SearchUsersForm(),
|
2016-03-22 13:18:06 +00:00
|
|
|
)
|
2016-02-19 15:02:13 +00:00
|
|
|
|
|
|
|
|
|
|
|
|
|
@main.route("/services/<service_id>/users/invite", methods=['GET', 'POST'])
|
|
|
|
|
@login_required
|
2018-03-01 10:30:17 +00:00
|
|
|
@user_has_permissions('manage_service')
|
2016-02-19 15:02:13 +00:00
|
|
|
def invite_user(service_id):
|
2016-03-22 13:18:06 +00:00
|
|
|
|
2018-06-12 11:51:37 +01:00
|
|
|
form = AdminInviteUserForm(
|
2017-11-01 15:36:27 +00:00
|
|
|
invalid_email_address=current_user.email_address
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
service_has_email_auth = 'email_auth' in current_service['permissions']
|
|
|
|
|
if not service_has_email_auth:
|
|
|
|
|
form.login_authentication.data = 'sms_auth'
|
2016-03-03 13:00:12 +00:00
|
|
|
|
2016-02-19 15:02:13 +00:00
|
|
|
if form.validate_on_submit():
|
2016-02-26 13:07:35 +00:00
|
|
|
email_address = form.email_address.data
|
2016-03-22 13:18:06 +00:00
|
|
|
invited_user = invite_api_client.create_invite(
|
|
|
|
|
current_user.id,
|
|
|
|
|
service_id,
|
|
|
|
|
email_address,
|
2018-06-13 12:07:08 +01:00
|
|
|
form.permissions,
|
2017-11-01 15:36:27 +00:00
|
|
|
form.login_authentication.data
|
2016-03-22 13:18:06 +00:00
|
|
|
)
|
2016-03-18 10:49:22 +00:00
|
|
|
|
2016-03-03 13:00:12 +00:00
|
|
|
flash('Invite sent to {}'.format(invited_user.email_address), 'default_with_tick')
|
|
|
|
|
return redirect(url_for('.manage_users', service_id=service_id))
|
2016-02-19 15:02:13 +00:00
|
|
|
|
|
|
|
|
return render_template(
|
|
|
|
|
'views/invite-user.html',
|
2017-11-01 15:36:27 +00:00
|
|
|
form=form,
|
|
|
|
|
service_has_email_auth=service_has_email_auth
|
2016-02-19 15:02:13 +00:00
|
|
|
)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
@main.route("/services/<service_id>/users/<user_id>", methods=['GET', 'POST'])
|
|
|
|
|
@login_required
|
2018-03-01 10:30:17 +00:00
|
|
|
@user_has_permissions('manage_service')
|
2016-03-01 16:12:26 +00:00
|
|
|
def edit_user_permissions(service_id, user_id):
|
2017-11-01 15:36:27 +00:00
|
|
|
service_has_email_auth = 'email_auth' in current_service['permissions']
|
2016-03-03 13:00:12 +00:00
|
|
|
# TODO we should probably using the service id here in the get user
|
2016-03-29 22:50:40 +01:00
|
|
|
# call as well. eg. /user/<user_id>?&service=service_id
|
2016-03-03 13:00:12 +00:00
|
|
|
user = user_api_client.get_user(user_id)
|
2017-11-01 15:36:27 +00:00
|
|
|
user_has_no_mobile_number = user.mobile_number is None
|
|
|
|
|
|
2018-06-12 11:51:37 +01:00
|
|
|
form = AdminPermissionsForm(
|
2018-02-28 18:13:29 +00:00
|
|
|
**{role: user.has_permission_for_service(service_id, role) for role in roles.keys()},
|
2017-11-01 15:36:27 +00:00
|
|
|
login_authentication=user.auth_type
|
|
|
|
|
)
|
2016-03-03 13:00:12 +00:00
|
|
|
if form.validate_on_submit():
|
2016-03-22 13:18:06 +00:00
|
|
|
user_api_client.set_user_permissions(
|
|
|
|
|
user_id, service_id,
|
2018-06-13 12:07:08 +01:00
|
|
|
permissions=form.permissions,
|
2016-03-22 13:18:06 +00:00
|
|
|
)
|
2017-11-01 15:36:27 +00:00
|
|
|
if service_has_email_auth:
|
2017-11-15 17:19:32 +00:00
|
|
|
user_api_client.update_user_attribute(user_id, auth_type=form.login_authentication.data)
|
2016-02-19 15:02:13 +00:00
|
|
|
return redirect(url_for('.manage_users', service_id=service_id))
|
|
|
|
|
|
|
|
|
|
return render_template(
|
2016-03-09 13:00:52 +00:00
|
|
|
'views/edit-user-permissions.html',
|
2016-03-03 13:00:12 +00:00
|
|
|
user=user,
|
2017-11-01 15:36:27 +00:00
|
|
|
form=form,
|
|
|
|
|
service_has_email_auth=service_has_email_auth,
|
|
|
|
|
user_has_no_mobile_number=user_has_no_mobile_number
|
2016-02-19 15:02:13 +00:00
|
|
|
)
|
|
|
|
|
|
|
|
|
|
|
2016-03-23 10:46:31 +00:00
|
|
|
@main.route("/services/<service_id>/users/<user_id>/delete", methods=['GET', 'POST'])
|
|
|
|
|
@login_required
|
2018-03-01 10:30:17 +00:00
|
|
|
@user_has_permissions('manage_service')
|
2016-03-23 10:46:31 +00:00
|
|
|
def remove_user_from_service(service_id, user_id):
|
|
|
|
|
user = user_api_client.get_user(user_id)
|
|
|
|
|
# Need to make the email address read only, or a disabled field?
|
|
|
|
|
# Do it through the template or the form class?
|
2018-06-12 11:51:37 +01:00
|
|
|
form = AdminPermissionsForm(**{
|
2018-02-28 18:13:29 +00:00
|
|
|
role: user.has_permission_for_service(service_id, role) for role in roles.keys()
|
2017-10-18 14:51:26 +01:00
|
|
|
})
|
2016-03-23 10:46:31 +00:00
|
|
|
|
|
|
|
|
if request.method == 'POST':
|
|
|
|
|
try:
|
|
|
|
|
service_api_client.remove_user_from_service(service_id, user_id)
|
|
|
|
|
except HTTPError as e:
|
|
|
|
|
msg = "You cannot remove the only user for a service"
|
|
|
|
|
if e.status_code == 400 and msg in e.message:
|
|
|
|
|
flash(msg, 'info')
|
|
|
|
|
return redirect(url_for(
|
|
|
|
|
'.manage_users',
|
|
|
|
|
service_id=service_id))
|
|
|
|
|
else:
|
|
|
|
|
abort(500, e)
|
|
|
|
|
|
|
|
|
|
return redirect(url_for(
|
|
|
|
|
'.manage_users',
|
|
|
|
|
service_id=service_id
|
|
|
|
|
))
|
|
|
|
|
|
|
|
|
|
flash('Are you sure you want to remove {}?'.format(user.name), 'remove')
|
|
|
|
|
return render_template(
|
|
|
|
|
'views/edit-user-permissions.html',
|
|
|
|
|
user=user,
|
2016-04-04 16:53:52 +01:00
|
|
|
form=form
|
2016-03-23 10:46:31 +00:00
|
|
|
)
|
|
|
|
|
|
|
|
|
|
|
2016-03-01 17:00:01 +00:00
|
|
|
@main.route("/services/<service_id>/cancel-invited-user/<invited_user_id>", methods=['GET'])
|
2018-03-01 10:30:17 +00:00
|
|
|
@user_has_permissions('manage_service')
|
2016-03-01 16:12:26 +00:00
|
|
|
def cancel_invited_user(service_id, invited_user_id):
|
|
|
|
|
invite_api_client.cancel_invited_user(service_id=service_id, invited_user_id=invited_user_id)
|
|
|
|
|
|
|
|
|
|
return redirect(url_for('main.manage_users', service_id=service_id))
|
