app/main/views/find_users.py

from flask import flash, redirect, render_template, request, url_for
from flask_login import current_user
from notifications_python_client.errors import HTTPError

from app import user_api_client
from app.event_handlers import create_archive_user_event
from app.main import main
from app.main.forms import AdminSearchUsersByEmailForm, AuthTypeForm
from app.models.user import User
from app.utils.user import user_is_platform_admin


@main.route("/find-users-by-email", methods=["GET", "POST"])
@user_is_platform_admin
def find_users_by_email():
    form = AdminSearchUsersByEmailForm()
    users_found = None
    if form.validate_on_submit():
        users_found = user_api_client.find_users_by_full_or_partial_email(
            form.search.data
        )["data"]
    return render_template(
        "views/find-users/find-users-by-email.html", form=form, users_found=users_found
    )


@main.route("/users/<uuid:user_id>", methods=["GET"])
@user_is_platform_admin
def user_information(user_id):
    return render_template(
        "views/find-users/user-information.html",
        user=User.from_id(user_id),
    )


@main.route("/users/<uuid:user_id>/archive", methods=["GET", "POST"])
@user_is_platform_admin
def archive_user(user_id):
    if request.method == "POST":
        try:
            user_api_client.archive_user(user_id)
        except HTTPError as e:
            if e.status_code == 400 and "manage_settings" in e.message:
                flash(
                    "User can’t be removed from a service - "
                    "check all services have another team member with manage_settings"
                )
                return redirect(url_for("main.user_information", user_id=user_id))
        create_archive_user_event(user_id=str(user_id), archived_by_id=current_user.id)

        return redirect(url_for(".user_information", user_id=user_id))
    else:
        flash(
            "There's no way to reverse this! Are you sure you want to archive this user?",
            "delete",
        )
        return user_information(user_id)


@main.route("/users/<uuid:user_id>/change_auth", methods=["GET", "POST"])
@user_is_platform_admin
def change_user_auth(user_id):
    user = User.from_id(user_id)

    form = AuthTypeForm(auth_type=user.auth_type)

    if form.validate_on_submit():
        user.update(auth_type=form.auth_type.data)
        return redirect(url_for(".user_information", user_id=user_id))

    return render_template(
        "views/find-users/auth_type.html",
        form=form,
        user=user,
    )
-												Remove webauthn hooks

This changeset removes webauthn from the Notify.gov admin app.  We are not using webauthn at all in our implementation and will be looking at an entirely different authentication system in the near future.

Signed-off-by: Carlo Costino <carlo.costino@gsa.gov>

											
										
										
											2023-08-14 16:59:38 -04:00
+								from flask import flash, redirect, render_template, request, url_for
-												Have permissions decorators check user signed in

Rather than force us to write the decorators in a specific order let’s
just have one decorator call the other. This should make fewer lines of
code, and fewer annoying test failures. It also means that the same way
of raising a `401` (through the `current_app` method) is used
everywhere.

											
										
										
											2019-07-01 15:22:08 +01:00
+								from flask_login import current_user
-												Show error when user cannot be archived

A user can't be archived if they are the only member of their service
with `manage_settings` permission. `notifications-api` returns a `400`
and an error message if that is the case, however this PR to remove the
`400` error handler
https://github.com/alphagov/notifications-admin/pull/3320 stopped the
error message from showing. This meant that instead of seeing a message
about why a user couldn't be archived, we would just show a `500` error
page instead. This change checks the response from `notifications-api`
and shows an error banner with a message if the user can't be archived.

											
										
										
											2020-04-21 17:40:47 +01:00
+								from notifications_python_client.errors import HTTPError
-												find_users_by_email view loads a page with search form and is linked to

											
										
										
											2018-07-06 11:10:14 +01:00
-												find_users_by_email view calls API and feeds results to template

Template then displays the results.

Page displays a message if no results found

											
										
										
											2018-07-06 16:16:21 +01:00
+								from app import user_api_client
-												Add an event if a user is archived

This adds a new type of event, 'archive_user', which stores the id of
the archived user and the id of the user who is doing the archiving.

											
										
										
											2019-05-22 14:05:19 +01:00
+								from app.event_handlers import create_archive_user_event
-												find_users_by_email view loads a page with search form and is linked to

											
										
										
											2018-07-06 11:10:14 +01:00
+								from app.main import main
-												Rename other "Admin" forms consistently

I've also tweaked some of the names to make them clearer e.g. that
the form is used to apply a change to a service.

I've constrained the scope of this change to avoid forms that may
be accessible by non-admins in the future.

											
										
										
											2022-03-15 10:50:18 +00:00
+								from app.main.forms import AdminSearchUsersByEmailForm, AuthTypeForm
-												Make user API client return JSON, not a model

The data flow of other bits of our application looks like this:
```
                         API (returns JSON)
                                  ⬇
          API client (returns a built in type, usually `dict`)
                                  ⬇
          Model (returns an instance, eg of type `Service`)
                                  ⬇
                         View (returns HTML)
```
The user API client was architected weirdly, in that it returned a model
directly, like this:

```
                         API (returns JSON)
                                  ⬇
    API client (returns a model, of type `User`, `InvitedUser`, etc)
                                  ⬇
                         View (returns HTML)
```

This mixing of different layers of the application is bad because it
makes it hard to write model code that doesn’t have circular
dependencies. As our application gets more complicated we will be
relying more on models to manage this complexity, so we should make it
easy, not hard to write them.

It also means that most of our mocking was of the User model, not just
the underlying JSON. So it would have been easy to introduce subtle bugs
to the user model, because it wasn’t being comprehensively tested. A lot
of the changed lines of code in this commit mean changing the tests to
mock only the JSON, which means that the model layer gets implicitly
tested.

For those reasons this commit changes the user API client to return
JSON, not an instance of `User` or other models.

											
										
										
											2019-05-23 15:27:35 +01:00
+								from app.models.user import User
-												Extract user utility code into own module

This provides more room for expansion, and reduces the amount of
arbitrary code in the __init__.py file for the new package.

											
										
										
											2021-06-09 13:19:05 +01:00
+								from app.utils.user import user_is_platform_admin
-												find_users_by_email view loads a page with search form and is linked to

											
										
										
											2018-07-06 11:10:14 +01:00
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								@main.route("/find-users-by-email", methods=["GET", "POST"])
-												find_users_by_email view loads a page with search form and is linked to

											
										
										
											2018-07-06 11:10:14 +01:00
+								@user_is_platform_admin
 								def find_users_by_email():
-												Rename other "Admin" forms consistently

I've also tweaked some of the names to make them clearer e.g. that
the form is used to apply a change to a service.

I've constrained the scope of this change to avoid forms that may
be accessible by non-admins in the future.

											
										
										
											2022-03-15 10:50:18 +00:00
+								    form = AdminSearchUsersByEmailForm()
-												find_users_by_email view calls API and feeds results to template

Template then displays the results.

Page displays a message if no results found

											
										
										
											2018-07-06 16:16:21 +01:00
+								    users_found = None
 								    if form.validate_on_submit():
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        users_found = user_api_client.find_users_by_full_or_partial_email(
 								            form.search.data
 								        )["data"]
-												find_users_by_email view loads a page with search form and is linked to

											
										
										
											2018-07-06 11:10:14 +01:00
+								    return render_template(
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        "views/find-users/find-users-by-email.html", form=form, users_found=users_found
-												Simplify find users by email view - valdiation already done by form

											
										
										
											2019-08-16 11:20:36 +01:00
+								    )
-												Add view that displays user information, including:

- name
- email
- phone number
- services
- last login
- failed login attempts if any

The view can be accessed from results of find_users_by_email

logged_in_at added to User serialization on admin frontend as
a part of this work

											
										
										
											2018-07-10 17:24:20 +01:00
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								@main.route("/users/<uuid:user_id>", methods=["GET"])
-												Add view that displays user information, including:

- name
- email
- phone number
- services
- last login
- failed login attempts if any

The view can be accessed from results of find_users_by_email

logged_in_at added to User serialization on admin frontend as
a part of this work

											
										
										
											2018-07-10 17:24:20 +01:00
+								@user_is_platform_admin
 								def user_information(user_id):
 								    return render_template(
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        "views/find-users/user-information.html",
-												Put organisations on the user model

As in other places, putting a model layer between the view and the API
client makes the code cleaner and clearer.

											
										
										
											2019-06-07 09:26:11 +01:00
+								        user=User.from_id(user_id),
-												Add view that displays user information, including:

- name
- email
- phone number
- services
- last login
- failed login attempts if any

The view can be accessed from results of find_users_by_email

logged_in_at added to User serialization on admin frontend as
a part of this work

											
										
										
											2018-07-10 17:24:20 +01:00
+								    )
-												Add page to archive user

Users can only be archived by Platform Admin from the user page
(/users/<user_id>). This removes them from all services and orgs and
updates their details.

											
										
										
											2019-05-22 11:38:47 +01:00
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								@main.route("/users/<uuid:user_id>/archive", methods=["GET", "POST"])
-												Add page to archive user

Users can only be archived by Platform Admin from the user page
(/users/<user_id>). This removes them from all services and orgs and
updates their details.

											
										
										
											2019-05-22 11:38:47 +01:00
+								@user_is_platform_admin
 								def archive_user(user_id):
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								    if request.method == "POST":
-												Show error when user cannot be archived

A user can't be archived if they are the only member of their service
with `manage_settings` permission. `notifications-api` returns a `400`
and an error message if that is the case, however this PR to remove the
`400` error handler
https://github.com/alphagov/notifications-admin/pull/3320 stopped the
error message from showing. This meant that instead of seeing a message
about why a user couldn't be archived, we would just show a `500` error
page instead. This change checks the response from `notifications-api`
and shows an error banner with a message if the user can't be archived.

											
										
										
											2020-04-21 17:40:47 +01:00
+								        try:
 								            user_api_client.archive_user(user_id)
 								        except HTTPError as e:
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								            if e.status_code == 400 and "manage_settings" in e.message:
 								                flash(
 								                    "User can’t be removed from a service - "
 								                    "check all services have another team member with manage_settings"
 								                )
 								                return redirect(url_for("main.user_information", user_id=user_id))
-												DRY-up and enforce kwargs for most events

For most events this makes the purpose of each argument clearer at
the point the event is called. It's still worth having a function
for each event type, as this abstracts knowledge of the event label.
Using a schema approach will make adding new events easier.

In the next commit we'll DRY-up the duplication in the tests as well.

											
										
										
											2021-07-12 15:29:53 +01:00
+								        create_archive_user_event(user_id=str(user_id), archived_by_id=current_user.id)
-												Add an event if a user is archived

This adds a new type of event, 'archive_user', which stores the id of
the archived user and the id of the user who is doing the archiving.

											
										
										
											2019-05-22 14:05:19 +01:00
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        return redirect(url_for(".user_information", user_id=user_id))
-												Add page to archive user

Users can only be archived by Platform Admin from the user page
(/users/<user_id>). This removes them from all services and orgs and
updates their details.

											
										
										
											2019-05-22 11:38:47 +01:00
+								    else:
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        flash(
 								            "There's no way to reverse this! Are you sure you want to archive this user?",
 								            "delete",
 								        )
-												Add page to archive user

Users can only be archived by Platform Admin from the user page
(/users/<user_id>). This removes them from all services and orgs and
updates their details.

											
										
										
											2019-05-22 11:38:47 +01:00
+								        return user_information(user_id)
-												Allow platform admins to change user auth in the UI

So we do not have to go into the db when we need to change user
auth.

We do not allow this for users who use webauthn. We do not want to
enable security downgrade for those users.

											
										
										
											2022-02-23 19:57:27 +00:00
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								@main.route("/users/<uuid:user_id>/change_auth", methods=["GET", "POST"])
-												Allow platform admins to change user auth in the UI

So we do not have to go into the db when we need to change user
auth.

We do not allow this for users who use webauthn. We do not want to
enable security downgrade for those users.

											
										
										
											2022-02-23 19:57:27 +00:00
+								@user_is_platform_admin
 								def change_user_auth(user_id):
 								    user = User.from_id(user_id)
 								    form = AuthTypeForm(auth_type=user.auth_type)
 								    if form.validate_on_submit():
 								        user.update(auth_type=form.auth_type.data)
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        return redirect(url_for(".user_information", user_id=user_id))
-												Allow platform admins to change user auth in the UI

So we do not have to go into the db when we need to change user
auth.

We do not allow this for users who use webauthn. We do not want to
enable security downgrade for those users.

											
										
										
											2022-02-23 19:57:27 +00:00
 								    return render_template(
-												notify-api-412 use black to enforce python coding style

											
										
										
											2023-08-25 09:12:23 -07:00
+								        "views/find-users/auth_type.html",
-												Allow platform admins to change user auth in the UI

So we do not have to go into the db when we need to change user
auth.

We do not allow this for users who use webauthn. We do not want to
enable security downgrade for those users.

											
										
										
											2022-02-23 19:57:27 +00:00
+								        form=form,
 								        user=user,
 								    )