mirror of
https://github.com/GSA/notifications-admin.git
synced 2026-02-05 10:53:28 -05:00
Merge branch 'master' into fix-permissions
Conflicts: app/main/views/jobs.py tests/app/main/views/test_manage_users.py
This commit is contained in:
Rebecca Law
@@ -162,6 +162,11 @@ def valid_phone_number(phone_number):
|
||||
return False
|
||||
|
||||
|
||||
@login_manager.user_loader
|
||||
def load_user(user_id):
|
||||
return user_api_client.get_user(user_id)
|
||||
|
||||
|
||||
# https://www.owasp.org/index.php/List_of_useful_HTTP_headers
|
||||
def useful_headers_after_request(response):
|
||||
response.headers.add('X-Frame-Options', 'deny')
|
||||
|
||||
@@ -1,91 +0,0 @@
|
||||
from flask import url_for, current_app
|
||||
from app import service_api_client
|
||||
from app.utils import BrowsableItem
|
||||
|
||||
|
||||
def update_service(service):
|
||||
return service_api_client.update_service(
|
||||
service['id'],
|
||||
service['name'],
|
||||
service['active'],
|
||||
service['limit'],
|
||||
service['restricted'],
|
||||
service['users'])
|
||||
|
||||
|
||||
def get_service_by_id(id_):
|
||||
return service_api_client.get_service(id_)
|
||||
|
||||
|
||||
def get_service_by_id_or_404(id_):
|
||||
return service_api_client.get_service(id_)['data']
|
||||
|
||||
|
||||
def get_services(user_id=None):
|
||||
if user_id:
|
||||
return service_api_client.get_services({'user_id': str(user_id)})
|
||||
else:
|
||||
return service_api_client.get_services()
|
||||
|
||||
|
||||
def unrestrict_service(service_id):
|
||||
resp = service_api_client.get_service(service_id)
|
||||
if resp['data']['restricted']:
|
||||
resp = service_api_client.update_service(
|
||||
service_id,
|
||||
resp['data']['name'],
|
||||
resp['data']['active'],
|
||||
resp['data']['limit'],
|
||||
False,
|
||||
resp['data']['users'])
|
||||
|
||||
|
||||
def activate_service(service_id):
|
||||
resp = service_api_client.get_service(service_id)
|
||||
if not resp['data']['active']:
|
||||
resp = service_api_client.update_service(
|
||||
service_id,
|
||||
resp['data']['name'],
|
||||
True,
|
||||
resp['data']['limit'],
|
||||
resp['data']['restricted'],
|
||||
resp['data']['users'])
|
||||
|
||||
|
||||
# TODO Fix when functionality is added to the api.
|
||||
def find_service_by_service_name(service_name, user_id=None):
|
||||
resp = service_api_client.get_services(user_id)
|
||||
retval = None
|
||||
for srv_json in resp['data']:
|
||||
if srv_json['name'] == service_name:
|
||||
retval = srv_json
|
||||
break
|
||||
return retval
|
||||
|
||||
|
||||
def delete_service(id_):
|
||||
return service_api_client.delete_service(id_)
|
||||
|
||||
|
||||
def find_all_service_names(user_id=None):
|
||||
resp = service_api_client.get_services(user_id)
|
||||
return [x['name'] for x in resp['data']]
|
||||
|
||||
|
||||
class ServicesBrowsableItem(BrowsableItem):
|
||||
|
||||
@property
|
||||
def title(self):
|
||||
return self._item['name']
|
||||
|
||||
@property
|
||||
def link(self):
|
||||
return url_for('main.service_dashboard', service_id=self._item['id'])
|
||||
|
||||
@property
|
||||
def destructive(self):
|
||||
return False
|
||||
|
||||
@property
|
||||
def hint(self):
|
||||
return None
|
||||
@@ -1,58 +0,0 @@
|
||||
from notifications_python_client import HTTPError
|
||||
|
||||
from app import login_manager
|
||||
from app import user_api_client
|
||||
|
||||
#
|
||||
# TODO fix up this, do we really need this class why not just use the clients
|
||||
# directly??
|
||||
#
|
||||
|
||||
|
||||
@login_manager.user_loader
|
||||
def load_user(user_id):
|
||||
return get_user_by_id(user_id)
|
||||
|
||||
|
||||
# TODO Would be better to have a generic get and update for user
|
||||
# something that replicates the sql functionality.
|
||||
def get_user_by_id(id):
|
||||
return user_api_client.get_user(id)
|
||||
|
||||
|
||||
def get_all_users():
|
||||
return user_api_client.get_users()
|
||||
|
||||
|
||||
def get_user_by_email(email_address):
|
||||
return user_api_client.get_user_by_email(email_address)
|
||||
|
||||
|
||||
def verify_password(user_id, password):
|
||||
return user_api_client.verify_password(user_id, password)
|
||||
|
||||
|
||||
def update_user(user):
|
||||
return user_api_client.update_user(user)
|
||||
|
||||
|
||||
def increment_failed_login_count(id):
|
||||
user = get_user_by_id(id)
|
||||
user.failed_login_count += 1
|
||||
return user_api_client.update_user(user)
|
||||
|
||||
|
||||
def activate_user(user):
|
||||
return user_api_client.activate_user(user)
|
||||
|
||||
|
||||
def is_email_unique(email_address):
|
||||
return user_api_client.is_email_unique(email_address)
|
||||
|
||||
|
||||
def send_verify_code(user_id, code_type, to):
|
||||
return user_api_client.send_verify_code(user_id, code_type, to)
|
||||
|
||||
|
||||
def check_verify_code(user_id, code, code_type):
|
||||
return user_api_client.check_verify_code(user_id, code, code_type)
|
||||
@@ -8,7 +8,6 @@ from flask import (
|
||||
from flask_login import login_required
|
||||
|
||||
from app.main import main
|
||||
from app.main.dao import services_dao
|
||||
from app.main.forms import AddServiceForm
|
||||
from app.notify_client.models import InvitedUser
|
||||
|
||||
@@ -32,7 +31,7 @@ def add_service():
|
||||
invite_api_client.accept_invite(service_id, invitation.id)
|
||||
return redirect(url_for('main.service_dashboard', service_id=service_id))
|
||||
|
||||
form = AddServiceForm(services_dao.find_all_service_names)
|
||||
form = AddServiceForm(service_api_client.find_all_service_names)
|
||||
heading = 'Which service do you want to set up notifications for?'
|
||||
if form.validate_on_submit():
|
||||
session['service_name'] = form.name.data
|
||||
|
||||
@@ -3,13 +3,13 @@ from flask_login import login_required
|
||||
|
||||
from app import service_api_client
|
||||
from app.main import main
|
||||
from app.main.dao import services_dao
|
||||
from app.utils import user_has_permissions
|
||||
from app.notify_client.api_client import ServicesBrowsableItem
|
||||
|
||||
|
||||
@main.route("/all-services")
|
||||
@login_required
|
||||
@user_has_permissions(None, admin_override=True)
|
||||
def show_all_services():
|
||||
services = [services_dao.ServicesBrowsableItem(x) for x in service_api_client.get_services()['data']]
|
||||
services = [ServicesBrowsableItem(x) for x in service_api_client.get_services()['data']]
|
||||
return render_template('views/all-services.html', services=services)
|
||||
|
||||
@@ -1,8 +1,8 @@
|
||||
from flask import (render_template, redirect, url_for, session)
|
||||
from flask_login import login_required, current_user
|
||||
from app.main.dao.services_dao import ServicesBrowsableItem
|
||||
from app import service_api_client
|
||||
from app.main import main
|
||||
from app import service_api_client
|
||||
from app.notify_client.api_client import ServicesBrowsableItem
|
||||
|
||||
|
||||
@main.route("/services")
|
||||
@@ -15,15 +15,11 @@ def choose_service():
|
||||
|
||||
|
||||
@main.route("/services-or-dashboard")
|
||||
@login_required
|
||||
def show_all_services_or_dashboard():
|
||||
services = service_api_client.get_services()['data']
|
||||
|
||||
if current_user.is_authenticated():
|
||||
|
||||
services = service_api_client.get_services()['data']
|
||||
|
||||
if 1 == len(services):
|
||||
return redirect(url_for('.service_dashboard', service_id=services[0]['id']))
|
||||
else:
|
||||
return redirect(url_for('.choose_service'))
|
||||
|
||||
return redirect(url_for('main.index'))
|
||||
if 1 == len(services):
|
||||
return redirect(url_for('.service_dashboard', service_id=services[0]['id']))
|
||||
else:
|
||||
return redirect(url_for('.choose_service'))
|
||||
|
||||
@@ -7,9 +7,8 @@ from flask import (
|
||||
|
||||
from flask_login import login_required
|
||||
from app.main import main
|
||||
from app.main.dao.services_dao import get_service_by_id
|
||||
from app.main.dao import templates_dao
|
||||
from app import job_api_client, statistics_api_client
|
||||
from app import (job_api_client, statistics_api_client, service_api_client)
|
||||
from app.utils import user_has_permissions
|
||||
|
||||
|
||||
@@ -20,7 +19,7 @@ def service_dashboard(service_id):
|
||||
templates = templates_dao.get_service_templates(service_id)['data']
|
||||
jobs = job_api_client.get_job(service_id)['data']
|
||||
|
||||
service = get_service_by_id(service_id)
|
||||
service = service_api_client.get_service(service_id)
|
||||
session['service_name'] = service['data']['name']
|
||||
session['service_id'] = service['data']['id']
|
||||
|
||||
|
||||
@@ -10,11 +10,11 @@ from flask import (
|
||||
from notifications_python_client.errors import HTTPError
|
||||
|
||||
from app.main import main
|
||||
from app.main.dao.services_dao import get_service_by_id_or_404
|
||||
|
||||
from app import (
|
||||
invite_api_client,
|
||||
user_api_client
|
||||
user_api_client,
|
||||
service_api_client
|
||||
)
|
||||
|
||||
|
||||
@@ -24,7 +24,7 @@ def accept_invite(token):
|
||||
|
||||
if invited_user.status == 'cancelled':
|
||||
from_user = user_api_client.get_user(invited_user.from_user)
|
||||
service = get_service_by_id_or_404(invited_user.service)
|
||||
service = service_api_client.get_service(invited_user.service)['data']
|
||||
return render_template('views/cancelled-invitation.html',
|
||||
from_user=from_user.name,
|
||||
service_name=service['name'])
|
||||
|
||||
@@ -11,10 +11,13 @@ from flask import (
|
||||
from flask_login import login_required
|
||||
from utils.template import Template
|
||||
|
||||
from app import job_api_client, notification_api_client
|
||||
from app import (job_api_client, notification_api_client, service_api_client)
|
||||
from app.main import main
|
||||
from app.main.dao import (services_dao, templates_dao)
|
||||
from app.utils import (get_page_from_request, generate_previous_next_dict, user_has_permissions)
|
||||
from app.main.dao import templates_dao
|
||||
from app.utils import (
|
||||
get_page_from_request,
|
||||
generate_previous_next_dict,
|
||||
user_has_permissions)
|
||||
|
||||
|
||||
@main.route("/services/<service_id>/jobs")
|
||||
@@ -33,7 +36,7 @@ def view_jobs(service_id):
|
||||
@login_required
|
||||
@user_has_permissions('view_activity', admin_override=True)
|
||||
def view_job(service_id, job_id):
|
||||
service = services_dao.get_service_by_id_or_404(service_id)
|
||||
service = service_api_client.get_service(service_id)['data']
|
||||
job = job_api_client.get_job(service_id, job_id)['data']
|
||||
template = templates_dao.get_service_template_or_404(service_id, job['template'])['data']
|
||||
notifications = notification_api_client.get_notifications_for_service(service_id, job_id)
|
||||
@@ -62,7 +65,7 @@ def view_job(service_id, job_id):
|
||||
@login_required
|
||||
@user_has_permissions('view_activity')
|
||||
def view_job_updates(service_id, job_id):
|
||||
service = services_dao.get_service_by_id_or_404(service_id)
|
||||
service = service_api_client.get_service(service_id)['data']
|
||||
job = job_api_client.get_job(service_id, job_id)['data']
|
||||
notifications = notification_api_client.get_notifications_for_service(service_id, job_id)
|
||||
finished = job['status'] == 'finished'
|
||||
|
||||
@@ -20,10 +20,7 @@ from app.main.forms import (
|
||||
InviteUserForm,
|
||||
PermissionsForm
|
||||
)
|
||||
from app.main.dao.services_dao import get_service_by_id
|
||||
from app import user_api_client
|
||||
from app import service_api_client
|
||||
from app import invite_api_client
|
||||
from app import (user_api_client, service_api_client, invite_api_client)
|
||||
from app.utils import user_has_permissions
|
||||
|
||||
|
||||
@@ -54,7 +51,7 @@ def manage_users(service_id):
|
||||
@login_required
|
||||
@user_has_permissions('manage_users', admin_override=True)
|
||||
def invite_user(service_id):
|
||||
get_service_by_id(service_id)
|
||||
service = service_api_client.get_service(service_id)['data']
|
||||
|
||||
form = InviteUserForm(invalid_email_address=current_user.email_address)
|
||||
|
||||
@@ -84,9 +81,9 @@ def invite_user(service_id):
|
||||
@user_has_permissions('manage_users', admin_override=True)
|
||||
def edit_user_permissions(service_id, user_id):
|
||||
# TODO we should probably using the service id here in the get user
|
||||
# call as well. eg. /user/<user_id>?&service_id=service_id
|
||||
# call as well. eg. /user/<user_id>?&service=service_id
|
||||
user = user_api_client.get_user(user_id)
|
||||
get_service_by_id(service_id)
|
||||
service = service_api_client.get_service(service_id)['data']
|
||||
# Need to make the email address read only, or a disabled field?
|
||||
# Do it through the template or the form class?
|
||||
form = PermissionsForm(**{
|
||||
@@ -115,7 +112,7 @@ def edit_user_permissions(service_id, user_id):
|
||||
@user_has_permissions('manage_users', admin_override=True)
|
||||
def remove_user_from_service(service_id, user_id):
|
||||
user = user_api_client.get_user(user_id)
|
||||
service = get_service_by_id(service_id)
|
||||
service = service_api_client.get_service(service_id)['data']
|
||||
# Need to make the email address read only, or a disabled field?
|
||||
# Do it through the template or the form class?
|
||||
form = PermissionsForm(**{
|
||||
|
||||
@@ -4,9 +4,9 @@ from flask import (render_template, url_for, redirect, flash, session, current_a
|
||||
from itsdangerous import SignatureExpired
|
||||
|
||||
from app.main import main
|
||||
from app.main.dao import users_dao
|
||||
from app.main.forms import NewPasswordForm
|
||||
from datetime import datetime
|
||||
from app import user_api_client
|
||||
|
||||
|
||||
@main.route('/new-password/<path:token>', methods=['GET', 'POST'])
|
||||
@@ -20,10 +20,7 @@ def new_password(token):
|
||||
return redirect(url_for('.forgot_password'))
|
||||
|
||||
email_address = json.loads(token_data)['email']
|
||||
user = users_dao.get_user_by_email(email_address=email_address)
|
||||
# TODO: what should this be??
|
||||
if not user:
|
||||
abort(404, 'user not found')
|
||||
user = user_api_client.get_user_by_email(email_address)
|
||||
if user.password_changed_at and datetime.strptime(user.password_changed_at, '%Y-%m-%d %H:%M:%S.%f') > \
|
||||
datetime.strptime(json.loads(token_data)['created_at'], '%Y-%m-%d %H:%M:%S.%f'):
|
||||
flash('The link in the email has already been used')
|
||||
@@ -32,7 +29,7 @@ def new_password(token):
|
||||
form = NewPasswordForm()
|
||||
|
||||
if form.validate_on_submit():
|
||||
users_dao.send_verify_code(user.id, 'sms', user.mobile_number)
|
||||
user_api_client.send_verify_code(user.id, 'sms', user.mobile_number)
|
||||
session['user_details'] = {
|
||||
'id': user.id,
|
||||
'email': user.email_address,
|
||||
|
||||
@@ -26,10 +26,7 @@ from app.main.uploader import (
|
||||
s3download
|
||||
)
|
||||
from app.main.dao import templates_dao
|
||||
from app import (
|
||||
job_api_client,
|
||||
service_api_client
|
||||
)
|
||||
from app import (job_api_client, service_api_client)
|
||||
from app.utils import user_has_permissions, get_errors_for_csv
|
||||
|
||||
|
||||
|
||||
@@ -13,24 +13,18 @@ from flask_login import (
|
||||
)
|
||||
from notifications_python_client import HTTPError
|
||||
|
||||
from app.main.dao.services_dao import (
|
||||
get_service_by_id,
|
||||
delete_service,
|
||||
update_service,
|
||||
find_all_service_names
|
||||
)
|
||||
|
||||
from app import service_api_client
|
||||
from app.main import main
|
||||
from app.utils import user_has_permissions
|
||||
from app.main.dao.users_dao import verify_password
|
||||
from app.main.forms import ConfirmPasswordForm, ServiceNameForm
|
||||
from app import user_api_client
|
||||
|
||||
|
||||
@main.route("/services/<service_id>/service-settings")
|
||||
@login_required
|
||||
@user_has_permissions('manage_settings', admin_override=True)
|
||||
def service_settings(service_id):
|
||||
service = get_service_by_id(service_id)['data']
|
||||
service = service_api_client.get_service(service_id)['data']
|
||||
|
||||
return render_template(
|
||||
'views/service-settings.html',
|
||||
@@ -43,9 +37,9 @@ def service_settings(service_id):
|
||||
@login_required
|
||||
@user_has_permissions('manage_settings', admin_override=True)
|
||||
def service_name_change(service_id):
|
||||
service = get_service_by_id(service_id)['data']
|
||||
service = service_api_client.get_service(service_id)['data']
|
||||
|
||||
form = ServiceNameForm(find_all_service_names)
|
||||
form = ServiceNameForm(service_api_client.find_all_service_names)
|
||||
|
||||
if form.validate_on_submit():
|
||||
session['service_name_change'] = form.name.data
|
||||
@@ -62,17 +56,23 @@ def service_name_change(service_id):
|
||||
@login_required
|
||||
@user_has_permissions('manage_settings', admin_override=True)
|
||||
def service_name_change_confirm(service_id):
|
||||
service = get_service_by_id(service_id)['data']
|
||||
service = service_api_client.get_service(service_id)['data']
|
||||
|
||||
# Validate password for form
|
||||
def _check_password(pwd):
|
||||
return verify_password(current_user.id, pwd)
|
||||
return user_api_client.verify_password(current_user.id, pwd)
|
||||
form = ConfirmPasswordForm(_check_password)
|
||||
|
||||
if form.validate_on_submit():
|
||||
service['name'] = session['service_name_change']
|
||||
try:
|
||||
update_service(service)
|
||||
service_api_client.update_service(
|
||||
service['id'],
|
||||
service['name'],
|
||||
service['active'],
|
||||
service['limit'],
|
||||
service['restricted'],
|
||||
service['users'])
|
||||
except HTTPError as e:
|
||||
error_msg = "Duplicate service name '{}'".format(session['service_name_change'])
|
||||
if e.status_code == 400 and error_msg in e.message['name']:
|
||||
@@ -96,7 +96,7 @@ def service_name_change_confirm(service_id):
|
||||
@login_required
|
||||
@user_has_permissions('manage_settings', admin_override=True)
|
||||
def service_request_to_go_live(service_id):
|
||||
service = get_service_by_id(service_id)['data']
|
||||
service = service_api_client.get_service(service_id)['data']
|
||||
if request.method == 'GET':
|
||||
return render_template(
|
||||
'views/service-settings/request-to-go-live.html',
|
||||
@@ -113,7 +113,7 @@ def service_request_to_go_live(service_id):
|
||||
@login_required
|
||||
@user_has_permissions('manage_settings', admin_override=True)
|
||||
def service_status_change(service_id):
|
||||
service = get_service_by_id(service_id)['data']
|
||||
service = service_api_client.get_service(service_id)['data']
|
||||
|
||||
if request.method == 'GET':
|
||||
return render_template(
|
||||
@@ -129,16 +129,22 @@ def service_status_change(service_id):
|
||||
@login_required
|
||||
@user_has_permissions('manage_settings', admin_override=True)
|
||||
def service_status_change_confirm(service_id):
|
||||
service = get_service_by_id(service_id)['data']
|
||||
service = service_api_client.get_service(service_id)['data']
|
||||
|
||||
# Validate password for form
|
||||
def _check_password(pwd):
|
||||
return verify_password(current_user.id, pwd)
|
||||
return user_api_client.verify_password(current_user.id, pwd)
|
||||
form = ConfirmPasswordForm(_check_password)
|
||||
|
||||
if form.validate_on_submit():
|
||||
service['active'] = True
|
||||
update_service(service)
|
||||
service_api_client.update_service(
|
||||
service['id'],
|
||||
service['name'],
|
||||
service['active'],
|
||||
service['limit'],
|
||||
service['restricted'],
|
||||
service['users'])
|
||||
return redirect(url_for('.service_settings', service_id=service_id))
|
||||
return render_template(
|
||||
'views/service-settings/confirm.html',
|
||||
@@ -152,7 +158,7 @@ def service_status_change_confirm(service_id):
|
||||
@login_required
|
||||
@user_has_permissions('manage_settings', admin_override=True)
|
||||
def service_delete(service_id):
|
||||
service = get_service_by_id(service_id)['data']
|
||||
service = service_api_client.get_service(service_id)['data']
|
||||
|
||||
if request.method == 'GET':
|
||||
return render_template(
|
||||
@@ -168,15 +174,15 @@ def service_delete(service_id):
|
||||
@login_required
|
||||
@user_has_permissions('manage_settings', admin_override=True)
|
||||
def service_delete_confirm(service_id):
|
||||
service = get_service_by_id(service_id)['data']
|
||||
service = service_api_client.get_service(service_id)['data']
|
||||
|
||||
# Validate password for form
|
||||
def _check_password(pwd):
|
||||
return verify_password(current_user.id, pwd)
|
||||
return user_api_client.verify_password(current_user.id, pwd)
|
||||
form = ConfirmPasswordForm(_check_password)
|
||||
|
||||
if form.validate_on_submit():
|
||||
service = delete_service(service_id)
|
||||
service = service_api_client.delete_service(service_id)
|
||||
return redirect(url_for('.choose_service'))
|
||||
|
||||
return render_template(
|
||||
|
||||
@@ -14,9 +14,8 @@ from flask.ext.login import (
|
||||
)
|
||||
|
||||
from app.main import main
|
||||
from app.main.dao import services_dao
|
||||
|
||||
from app import user_api_client
|
||||
from app import (user_api_client, service_api_client)
|
||||
|
||||
|
||||
from app.main.forms import LoginForm
|
||||
@@ -41,7 +40,7 @@ def sign_in():
|
||||
current_user.id == user.id and \
|
||||
user.is_active():
|
||||
confirm_login()
|
||||
services = services_dao.get_services(user.id).get('data', [])
|
||||
services = service_api_client.get_services({'user_id': str(user.id)}).get('data', [])
|
||||
if (len(services) == 1):
|
||||
return redirect(url_for('main.service_dashboard', service_id=services[0]['id']))
|
||||
else:
|
||||
|
||||
@@ -5,7 +5,7 @@ from app.main import main
|
||||
from app.utils import user_has_permissions
|
||||
from app.main.forms import SMSTemplateForm, EmailTemplateForm
|
||||
from app.main.dao import templates_dao as tdao
|
||||
from app.main.dao import services_dao as sdao
|
||||
from app import service_api_client
|
||||
|
||||
|
||||
form_objects = {
|
||||
@@ -24,7 +24,7 @@ page_headings = {
|
||||
@user_has_permissions('manage_templates', admin_override=True)
|
||||
def add_service_template(service_id, template_type):
|
||||
|
||||
service = sdao.get_service_by_id_or_404(service_id)
|
||||
service = service_api_client.get_service(service_id)
|
||||
|
||||
if template_type not in ['sms', 'email']:
|
||||
abort(404)
|
||||
|
||||
@@ -9,8 +9,9 @@ from flask import (
|
||||
|
||||
from flask_login import login_user, current_user
|
||||
from app.main import main
|
||||
from app.main.dao import users_dao, services_dao
|
||||
from app.main.forms import TwoFactorForm
|
||||
from app import service_api_client
|
||||
from app import user_api_client
|
||||
|
||||
|
||||
@main.route('/two-factor', methods=['GET', 'POST'])
|
||||
@@ -22,18 +23,18 @@ def two_factor():
|
||||
return redirect('main.sign_in')
|
||||
|
||||
def _check_code(code):
|
||||
return users_dao.check_verify_code(user_id, code, "sms")
|
||||
return user_api_client.check_verify_code(user_id, code, "sms")
|
||||
|
||||
form = TwoFactorForm(_check_code)
|
||||
|
||||
if form.validate_on_submit():
|
||||
try:
|
||||
user = users_dao.get_user_by_id(user_id)
|
||||
services = services_dao.get_services(user_id).get('data', [])
|
||||
user = user_api_client.get_user(user_id)
|
||||
services = service_api_client.get_services({'user_id': str(user_id)}).get('data', [])
|
||||
# Check if coming from new password page
|
||||
if 'password' in session['user_details']:
|
||||
user.set_password(session['user_details']['password'])
|
||||
users_dao.update_user(user)
|
||||
user_api_client.update_user(user)
|
||||
login_user(user, remember=True)
|
||||
finally:
|
||||
del session['user_details']
|
||||
|
||||
@@ -10,14 +10,6 @@ from flask.ext.login import current_user
|
||||
from flask_login import login_required
|
||||
from app.main import main
|
||||
|
||||
from app.main.dao.users_dao import (
|
||||
verify_password,
|
||||
update_user,
|
||||
check_verify_code,
|
||||
is_email_unique,
|
||||
send_verify_code
|
||||
)
|
||||
|
||||
from app.main.forms import (
|
||||
ChangePasswordForm,
|
||||
ChangeNameForm,
|
||||
@@ -50,7 +42,7 @@ def user_profile_name():
|
||||
|
||||
if form.validate_on_submit():
|
||||
current_user.name = form.new_name.data
|
||||
update_user(current_user)
|
||||
user_api_client.update_user(current_user)
|
||||
return redirect(url_for('.user_profile'))
|
||||
|
||||
return render_template(
|
||||
@@ -65,7 +57,7 @@ def user_profile_name():
|
||||
def user_profile_email():
|
||||
|
||||
def _is_email_unique(email):
|
||||
return is_email_unique(email)
|
||||
return user_api_client.is_email_unique(email)
|
||||
form = ChangeEmailForm(_is_email_unique,
|
||||
email_address=current_user.email_address)
|
||||
|
||||
@@ -84,7 +76,7 @@ def user_profile_email():
|
||||
def user_profile_email_authenticate():
|
||||
# Validate password for form
|
||||
def _check_password(pwd):
|
||||
return verify_password(current_user.id, pwd)
|
||||
return user_api_client.verify_password(current_user.id, pwd)
|
||||
form = ConfirmPasswordForm(_check_password)
|
||||
|
||||
if NEW_EMAIL not in session:
|
||||
@@ -92,7 +84,7 @@ def user_profile_email_authenticate():
|
||||
|
||||
if form.validate_on_submit():
|
||||
session[NEW_EMAIL_PASSWORD_CONFIRMED] = True
|
||||
send_verify_code(current_user.id, 'email', session[NEW_EMAIL])
|
||||
user_api_client.send_verify_code(current_user.id, 'email', session[NEW_EMAIL])
|
||||
return redirect(url_for('.user_profile_email_confirm'))
|
||||
|
||||
return render_template(
|
||||
@@ -109,7 +101,7 @@ def user_profile_email_confirm():
|
||||
|
||||
# Validate verify code for form
|
||||
def _check_code(cde):
|
||||
return check_verify_code(current_user.id, cde, 'email')
|
||||
return user_api_client.check_verify_code(current_user.id, cde, 'email')
|
||||
form = ConfirmEmailForm(_check_code)
|
||||
|
||||
if NEW_EMAIL_PASSWORD_CONFIRMED not in session:
|
||||
@@ -119,7 +111,7 @@ def user_profile_email_confirm():
|
||||
current_user.email_address = session[NEW_EMAIL]
|
||||
del session[NEW_EMAIL]
|
||||
del session[NEW_EMAIL_PASSWORD_CONFIRMED]
|
||||
update_user(current_user)
|
||||
user_api_client.update_user(current_user)
|
||||
return redirect(url_for('.user_profile'))
|
||||
|
||||
return render_template(
|
||||
@@ -152,7 +144,7 @@ def user_profile_mobile_number_authenticate():
|
||||
|
||||
# Validate password for form
|
||||
def _check_password(pwd):
|
||||
return verify_password(current_user.id, pwd)
|
||||
return user_api_client.verify_password(current_user.id, pwd)
|
||||
form = ConfirmPasswordForm(_check_password)
|
||||
|
||||
if NEW_MOBILE not in session:
|
||||
@@ -160,7 +152,7 @@ def user_profile_mobile_number_authenticate():
|
||||
|
||||
if form.validate_on_submit():
|
||||
session[NEW_MOBILE_PASSWORD_CONFIRMED] = True
|
||||
send_verify_code(current_user.id, 'sms', session[NEW_MOBILE])
|
||||
user_api_client.send_verify_code(current_user.id, 'sms', session[NEW_MOBILE])
|
||||
return redirect(url_for('.user_profile_mobile_number_confirm'))
|
||||
|
||||
return render_template(
|
||||
@@ -177,7 +169,7 @@ def user_profile_mobile_number_confirm():
|
||||
|
||||
# Validate verify code for form
|
||||
def _check_code(cde):
|
||||
return check_verify_code(current_user.id, cde, 'sms')
|
||||
return user_api_client.check_verify_code(current_user.id, cde, 'sms')
|
||||
|
||||
if NEW_MOBILE_PASSWORD_CONFIRMED not in session:
|
||||
return redirect(url_for('.user_profile_mobile_number'))
|
||||
@@ -188,7 +180,7 @@ def user_profile_mobile_number_confirm():
|
||||
current_user.mobile_number = session[NEW_MOBILE]
|
||||
del session[NEW_MOBILE]
|
||||
del session[NEW_MOBILE_PASSWORD_CONFIRMED]
|
||||
update_user(current_user)
|
||||
user_api_client.update_user(current_user)
|
||||
return redirect(url_for('.user_profile'))
|
||||
|
||||
return render_template(
|
||||
@@ -204,12 +196,12 @@ def user_profile_password():
|
||||
|
||||
# Validate password for form
|
||||
def _check_password(pwd):
|
||||
return verify_password(current_user.id, pwd)
|
||||
return user_api_client.verify_password(current_user.id, pwd)
|
||||
form = ChangePasswordForm(_check_password)
|
||||
|
||||
if form.validate_on_submit():
|
||||
current_user.set_password(form.new_password.data)
|
||||
update_user(current_user)
|
||||
user_api_client.update_user(current_user)
|
||||
return redirect(url_for('.user_profile'))
|
||||
|
||||
return render_template(
|
||||
|
||||
@@ -1,5 +1,7 @@
|
||||
from __future__ import unicode_literals
|
||||
from flask import url_for
|
||||
from notifications_python_client.notifications import NotificationsAPIClient
|
||||
from app.utils import BrowsableItem
|
||||
|
||||
|
||||
class ServiceAPIClient(NotificationsAPIClient):
|
||||
@@ -137,3 +139,26 @@ class ServiceAPIClient(NotificationsAPIClient):
|
||||
"""
|
||||
endpoint = "/service/{0}/template/{1}".format(service_id, template_id)
|
||||
return self.delete(endpoint)
|
||||
|
||||
def find_all_service_names(self, user_id=None):
|
||||
resp = self.get_services(user_id)
|
||||
return [x['name'] for x in resp['data']]
|
||||
|
||||
|
||||
class ServicesBrowsableItem(BrowsableItem):
|
||||
|
||||
@property
|
||||
def title(self):
|
||||
return self._item['name']
|
||||
|
||||
@property
|
||||
def link(self):
|
||||
return url_for('main.service_dashboard', service_id=self._item['id'])
|
||||
|
||||
@property
|
||||
def destructive(self):
|
||||
return False
|
||||
|
||||
@property
|
||||
def hint(self):
|
||||
return None
|
||||
|
||||
Reference in New Issue
Block a user