app/dao/users_dao.py

import uuid
from datetime import datetime, timedelta
from secrets import randbelow

from sqlalchemy import func
from sqlalchemy.orm import joinedload

from app import db
from app.dao.dao_utils import autocommit
from app.dao.permissions_dao import permission_dao
from app.dao.service_user_dao import dao_get_service_users_by_user_id
from app.enums import AuthType
from app.errors import InvalidRequest
from app.models import User, VerifyCode
from app.utils import escape_special_characters, get_archived_db_column_value


def _remove_values_for_keys_if_present(dict, keys):
    for key in keys:
        dict.pop(key, None)


def create_secret_code(length=6):
    random_number = randbelow(10**length)
    return "{:0{length}d}".format(random_number, length=length)


def save_user_attribute(usr, update_dict=None):
    db.session.query(User).filter_by(id=usr.id).update(update_dict or {})
    db.session.commit()


def save_model_user(
    user, update_dict=None, password=None, validated_email_access=False
):
    if password:
        user.password = password
        user.password_changed_at = datetime.utcnow()
    if validated_email_access:
        user.email_access_validated_at = datetime.utcnow()
    if update_dict:
        _remove_values_for_keys_if_present(update_dict, ["id", "password_changed_at"])
        db.session.query(User).filter_by(id=user.id).update(update_dict or {})
    else:
        db.session.add(user)
    db.session.commit()


def create_user_code(user, code, code_type):
    verify_code = VerifyCode(
        code_type=code_type,
        expiry_datetime=datetime.utcnow() + timedelta(minutes=30),
        user=user,
    )
    verify_code.code = code
    db.session.add(verify_code)
    db.session.commit()
    return verify_code


def get_user_code(user, code, code_type):
    # Get the most recent codes to try and reduce the
    # time searching for the correct code.
    codes = VerifyCode.query.filter_by(user=user, code_type=code_type).order_by(
        VerifyCode.created_at.desc()
    )
    return next((x for x in codes if x.check_code(code)), None)


def delete_codes_older_created_more_than_a_day_ago():
    deleted = (
        db.session.query(VerifyCode)
        .filter(VerifyCode.created_at < datetime.utcnow() - timedelta(hours=24))
        .delete()
    )
    db.session.commit()
    return deleted


def use_user_code(id):
    verify_code = VerifyCode.query.get(id)
    verify_code.code_used = True
    db.session.add(verify_code)
    db.session.commit()


def delete_model_user(user):
    db.session.delete(user)
    db.session.commit()


def delete_user_verify_codes(user):
    VerifyCode.query.filter_by(user=user).delete()
    db.session.commit()


def count_user_verify_codes(user):
    query = VerifyCode.query.filter(
        VerifyCode.user == user,
        VerifyCode.expiry_datetime > datetime.utcnow(),
        VerifyCode.code_used.is_(False),
    )
    return query.count()


def get_user_by_id(user_id=None):
    if user_id:
        return User.query.filter_by(id=user_id).one()
    return User.query.filter_by().all()


def get_users():
    return User.query.all()


def get_user_by_email(email):
    return User.query.filter(func.lower(User.email_address) == func.lower(email)).one()


def get_users_by_partial_email(email):
    email = escape_special_characters(email)
    return User.query.filter(User.email_address.ilike("%{}%".format(email))).all()


def increment_failed_login_count(user):
    user.failed_login_count += 1
    db.session.add(user)
    db.session.commit()


def reset_failed_login_count(user):
    if user.failed_login_count > 0:
        user.failed_login_count = 0
        db.session.add(user)
        db.session.commit()


def update_user_password(user, password):
    # reset failed login count - they've just reset their password so should be fine
    user.password = password
    user.password_changed_at = datetime.utcnow()
    db.session.add(user)
    db.session.commit()


def get_user_and_accounts(user_id):
    return (
        User.query.filter(User.id == user_id)
        .options(
            # eagerly load the user's services and organizations, and also the service's org and vice versa
            # (so we can see if the user knows about it)
            joinedload("services"),
            joinedload("organizations"),
            joinedload("organizations.services"),
            joinedload("services.organization"),
        )
        .one()
    )


@autocommit
def dao_archive_user(user):
    if not user_can_be_archived(user):
        msg = "User can’t be removed from a service - check all services have another team member with manage_settings"
        raise InvalidRequest(msg, 400)

    permission_dao.remove_user_service_permissions_for_all_services(user)

    service_users = dao_get_service_users_by_user_id(user.id)
    for service_user in service_users:
        db.session.delete(service_user)

    user.organizations = []

    user.auth_type = AuthType.EMAIL
    user.email_address = get_archived_db_column_value(user.email_address)
    user.mobile_number = None
    user.password = str(uuid.uuid4())
    # Changing the current_session_id signs the user out
    user.current_session_id = "00000000-0000-0000-0000-000000000000"
    user.state = "inactive"

    db.session.add(user)


def user_can_be_archived(user):
    active_services = [x for x in user.services if x.active]

    for service in active_services:
        other_active_users = [
            x for x in service.users if x.state == "active" and x != user
        ]

        if not other_active_users:
            return False

        if not any(
            "manage_settings" in user.get_permissions(service.id)
            for user in other_active_users
        ):
            # no-one else has manage settings
            return False

    return True
-												Add DAO function to archive a user

For a user to be able to be archived, each service that they are a
member of must have at least one other user who is active and who has
the 'manage-settings' permission.

To archive a user we remove them from all their services and
organisations, remove all permissions that they have and change some of
their details:
- email_address will start with '_archived_<date>'
- the current_session_id is changed (to sign them out of their current
session)
- mobile_number is removed (so we also need to switch their auth type to
email_auth)
- password is changed to a random password
- state is changed to 'inactive'

If any of the steps fail, we rollback all changes.

											
										
										
											2019-05-21 15:53:48 +01:00
+								import uuid
-												Run auto-correct on app/ and tests/

											
										
										
											2021-03-10 13:55:06 +00:00
+								from datetime import datetime, timedelta
-												Use cryptographically secure random number for sms codes

Also, increase token length to 6 digits

											
										
										
											2023-02-17 11:54:17 -05:00
+								from secrets import randbelow
-												use joinedload to only hit the database once per request

also:

* only include active orgs
* write lots of tests

											
										
										
											2018-03-13 13:07:02 +00:00
-												Make the get_user_by_email_address case insenstive.

											
										
										
											2016-05-20 13:43:31 +01:00
+								from sqlalchemy import func
-												use joinedload to only hit the database once per request

also:

* only include active orgs
* write lots of tests

											
										
										
											2018-03-13 13:07:02 +00:00
+								from sqlalchemy.orm import joinedload
-												Initial code added for models and services not functional yet. Bootstrap and migrations added for db.

											
										
										
											2016-01-07 17:31:17 +00:00
+								from app import db
-												Rename database management functions.

Rename @transactional to @autocommit.
Rename nested_transaction to tranaction.

											
										
										
											2021-04-14 07:11:01 +01:00
+								from app.dao.dao_utils import autocommit
-												Add DAO function to archive a user

For a user to be able to be archived, each service that they are a
member of must have at least one other user who is active and who has
the 'manage-settings' permission.

To archive a user we remove them from all their services and
organisations, remove all permissions that they have and change some of
their details:
- email_address will start with '_archived_<date>'
- the current_session_id is changed (to sign them out of their current
session)
- mobile_number is removed (so we also need to switch their auth type to
email_auth)
- password is changed to a random password
- state is changed to 'inactive'

If any of the steps fail, we rollback all changes.

											
										
										
											2019-05-21 15:53:48 +01:00
+								from app.dao.permissions_dao import permission_dao
 								from app.dao.service_user_dao import dao_get_service_users_by_user_id
-												All string "constants" in app.models converted to app.enums.

Signed-off-by: Cliff Hill <Clifford.hill@gsa.gov>

											
										
										
											2024-01-15 16:45:55 -05:00
+								from app.enums import AuthType
-												Add DAO function to archive a user

For a user to be able to be archived, each service that they are a
member of must have at least one other user who is active and who has
the 'manage-settings' permission.

To archive a user we remove them from all their services and
organisations, remove all permissions that they have and change some of
their details:
- email_address will start with '_archived_<date>'
- the current_session_id is changed (to sign them out of their current
session)
- mobile_number is removed (so we also need to switch their auth type to
email_auth)
- password is changed to a random password
- state is changed to 'inactive'

If any of the steps fail, we rollback all changes.

											
										
										
											2019-05-21 15:53:48 +01:00
+								from app.errors import InvalidRequest
-												All string "constants" in app.models converted to app.enums.

Signed-off-by: Cliff Hill <Clifford.hill@gsa.gov>

											
										
										
											2024-01-15 16:45:55 -05:00
+								from app.models import User, VerifyCode
-												Move function to get archived email address value

This function will be used when archiving services too, so it has been
renamed and moved to `app/utils.py`.

											
										
										
											2020-05-22 09:36:07 +01:00
+								from app.utils import escape_special_characters, get_archived_db_column_value
-												fixed pep 8 issues

											
										
										
											2017-06-13 18:11:13 +01:00
-												All tests working, second time around.

											
										
										
											2016-01-21 17:29:24 +00:00
-												Add user dao method to update a single user attr

											
										
										
											2016-11-07 17:42:39 +00:00
+								def _remove_values_for_keys_if_present(dict, keys):
 								    for key in keys:
 								        dict.pop(key, None)
-												Use cryptographically secure random number for sms codes

Also, increase token length to 6 digits

											
										
										
											2023-02-17 11:54:17 -05:00
+								def create_secret_code(length=6):
-												reformat

											
										
										
											2023-08-29 14:54:30 -07:00
+								    random_number = randbelow(10**length)
-												Fix formatting for secret code to ensure 0 padding no matter the passed length

											
										
										
											2023-02-22 10:48:15 -05:00
+								    return "{:0{length}d}".format(random_number, length=length)
-												Initial code added for models and services not functional yet. Bootstrap and migrations added for db.

											
										
										
											2016-01-07 17:31:17 +00:00
-												Do extra code style checks with flake8-bugbear

Flake8 Bugbear checks for some extra things that aren’t code style
errors, but are likely to introduce bugs or unexpected behaviour. A
good example is having mutable default function arguments, which get
shared between every call to the function and therefore mutating a value
in one place can unexpectedly cause it to change in another.

This commit enables all the extra warnings provided by Flake8 Bugbear,
except for:
- the line length one (because we already lint for that separately)
- B903 Data class should either be immutable or use `__slots__` because
  this seems to false-positive on some of our custom exceptions
- B902 Invalid first argument 'cls' used for instance method because
  some SQLAlchemy decorators (eg `declared_attr`) make things that
  aren’t formally class methods take a class not an instance as their
  first argument

It disables:
- _B306: BaseException.message is removed in Python 3_ because I think
  our exceptions have a custom structure that means the `.message`
  attribute is still present

Matches the work done in other repos:
- https://github.com/alphagov/notifications-admin/pull/3172/files

											
										
										
											2020-12-22 15:46:31 +00:00
+								def save_user_attribute(usr, update_dict=None):
 								    db.session.query(User).filter_by(id=usr.id).update(update_dict or {})
-												Add user dao method to update a single user attr

											
										
										
											2016-11-07 17:42:39 +00:00
+								    db.session.commit()
-												reformat

											
										
										
											2023-08-29 14:54:30 -07:00
+								def save_model_user(
 								    user, update_dict=None, password=None, validated_email_access=False
 								):
-												Add email_access_valdiated_at field to user table, populate it

and update it when users have to use their email to interact with
Notify service.

Initial population:
If user has email_auth, set last_validated_at to logged_in_at.
If user has sms_auth,  set it to created_at.

Then:
Update email_access_valdiated_at date when:
- user with email_auth logs in
- new user is created
- user resets password when logged out, meaning we send them an
email with a link they have to click to reset their password.

											
										
										
											2020-01-24 15:18:39 +00:00
+								    if password:
 								        user.password = password
 								        user.password_changed_at = datetime.utcnow()
 								    if validated_email_access:
 								        user.email_access_validated_at = datetime.utcnow()
-												All four http methods working now for user and service restful apis.

											
										
										
											2016-01-11 17:19:06 +00:00
+								    if update_dict:
-												reformat

											
										
										
											2023-08-29 14:54:30 -07:00
+								        _remove_values_for_keys_if_present(update_dict, ["id", "password_changed_at"])
-												Do extra code style checks with flake8-bugbear

Flake8 Bugbear checks for some extra things that aren’t code style
errors, but are likely to introduce bugs or unexpected behaviour. A
good example is having mutable default function arguments, which get
shared between every call to the function and therefore mutating a value
in one place can unexpectedly cause it to change in another.

This commit enables all the extra warnings provided by Flake8 Bugbear,
except for:
- the line length one (because we already lint for that separately)
- B903 Data class should either be immutable or use `__slots__` because
  this seems to false-positive on some of our custom exceptions
- B902 Invalid first argument 'cls' used for instance method because
  some SQLAlchemy decorators (eg `declared_attr`) make things that
  aren’t formally class methods take a class not an instance as their
  first argument

It disables:
- _B306: BaseException.message is removed in Python 3_ because I think
  our exceptions have a custom structure that means the `.message`
  attribute is still present

Matches the work done in other repos:
- https://github.com/alphagov/notifications-admin/pull/3172/files

											
										
										
											2020-12-22 15:46:31 +00:00
+								        db.session.query(User).filter_by(id=user.id).update(update_dict or {})
-												All four http methods working now for user and service restful apis.

											
										
										
											2016-01-11 17:19:06 +00:00
+								    else:
-												Add email_access_valdiated_at field to user table, populate it

and update it when users have to use their email to interact with
Notify service.

Initial population:
If user has email_auth, set last_validated_at to logged_in_at.
If user has sms_auth,  set it to created_at.

Then:
Update email_access_valdiated_at date when:
- user with email_auth logs in
- new user is created
- user resets password when logged out, meaning we send them an
email with a link they have to click to reset their password.

											
										
										
											2020-01-24 15:18:39 +00:00
+								        db.session.add(user)
-												Initial code added for models and services not functional yet. Bootstrap and migrations added for db.

											
										
										
											2016-01-07 17:31:17 +00:00
+								    db.session.commit()
-												All tests working, second time around.

											
										
										
											2016-01-21 17:29:24 +00:00
+								def create_user_code(user, code, code_type):
-												reformat

											
										
										
											2023-08-29 14:54:30 -07:00
+								    verify_code = VerifyCode(
 								        code_type=code_type,
 								        expiry_datetime=datetime.utcnow() + timedelta(minutes=30),
 								        user=user,
 								    )
-												All tests working, second time around.

											
										
										
											2016-01-21 17:29:24 +00:00
+								    verify_code.code = code
 								    db.session.add(verify_code)
 								    db.session.commit()
 								    return verify_code
 								def get_user_code(user, code, code_type):
 								    # Get the most recent codes to try and reduce the
 								    # time searching for the correct code.
-												reformat

											
										
										
											2023-08-29 14:54:30 -07:00
+								    codes = VerifyCode.query.filter_by(user=user, code_type=code_type).order_by(
 								        VerifyCode.created_at.desc()
 								    )
-												add email code verification

by hitting POST /<user_id>/email-code, we create an email two factor
code to send to the user. That email contains a link with a token that
will sign the user in when opened.

Also some other things:

"email verification" (aka when you first create an account) doesn't
hit the API anymore

refactor 2fa code verification and sending to use jsonschema, and share code between sms and email

Die marshmallow die!

											
										
										
											2017-11-03 09:51:50 +00:00
+								    return next((x for x in codes if x.check_code(code)), None)
-												All tests working, second time around.

											
										
										
											2016-01-21 17:29:24 +00:00
-												Scheduled tasks to clean up the database

- tasks run hourly
- uses celery beat to schedule the tasks

4 new tasks
- delete verify codes (after 1 day)
- delete invitations (after 1 day)
- delete successful notifications  (after 1 day)
- delete failed notifications (after 7 days)

Delete methods in the DAO classes

											
										
										
											2016-03-09 17:46:01 +00:00
+								def delete_codes_older_created_more_than_a_day_ago():
-												reformat

											
										
										
											2023-08-29 14:54:30 -07:00
+								    deleted = (
 								        db.session.query(VerifyCode)
 								        .filter(VerifyCode.created_at < datetime.utcnow() - timedelta(hours=24))
 								        .delete()
 								    )
-												Scheduled tasks to clean up the database

- tasks run hourly
- uses celery beat to schedule the tasks

4 new tasks
- delete verify codes (after 1 day)
- delete invitations (after 1 day)
- delete successful notifications  (after 1 day)
- delete failed notifications (after 7 days)

Delete methods in the DAO classes

											
										
										
											2016-03-09 17:46:01 +00:00
+								    db.session.commit()
 								    return deleted
-												All tests working, second time around.

											
										
										
											2016-01-21 17:29:24 +00:00
+								def use_user_code(id):
 								    verify_code = VerifyCode.query.get(id)
 								    verify_code.code_used = True
 								    db.session.add(verify_code)
 								    db.session.commit()
-												Added delete endpoint and tests.

											
										
										
											2016-01-12 10:39:49 +00:00
+								def delete_model_user(user):
 								    db.session.delete(user)
 								    db.session.commit()
-												Purge functional tests command added with passing test.

Code quality fix.

											
										
										
											2016-05-06 11:07:11 +01:00
+								def delete_user_verify_codes(user):
 								    VerifyCode.query.filter_by(user=user).delete()
 								    db.session.commit()
-												Add a limit to the number of active 2fa codes that we create. At the moment that is set to 10.

											
										
										
											2017-02-15 16:18:05 +00:00
+								def count_user_verify_codes(user):
-												rework query to use count()

											
										
										
											2017-02-16 12:44:40 +00:00
+								    query = VerifyCode.query.filter(
 								        VerifyCode.user == user,
 								        VerifyCode.expiry_datetime > datetime.utcnow(),
-												reformat

											
										
										
											2023-08-29 14:54:30 -07:00
+								        VerifyCode.code_used.is_(False),
-												rework query to use count()

											
										
										
											2017-02-16 12:44:40 +00:00
+								    )
 								    return query.count()
-												Add a limit to the number of active 2fa codes that we create. At the moment that is set to 10.

											
										
										
											2017-02-15 16:18:05 +00:00
-												Add user dao method to update a single user attr

											
										
										
											2016-11-07 17:42:39 +00:00
+								def get_user_by_id(user_id=None):
-												Initial code added for models and services not functional yet. Bootstrap and migrations added for db.

											
										
										
											2016-01-07 17:31:17 +00:00
+								    if user_id:
-												Changed db queries to use one, which throws NoResultFound exception, this exception is dealt with in our error handlers.
Now a lot of the if none checks can be removed.

											
										
										
											2016-03-11 12:39:55 +00:00
+								        return User.query.filter_by(id=user_id).one()
-												Initial code added for models and services not functional yet. Bootstrap and migrations added for db.

											
										
										
											2016-01-07 17:31:17 +00:00
+								    return User.query.filter_by().all()
-												Record and persist failed login count on api.

											
										
										
											2016-01-25 11:14:23 +00:00
-												notify-admin-641 let platform admins export listing of all users (#370)

Co-authored-by: Kenneth Kehl <@kkehl@flexion.us>
											
										
										
											2023-07-26 09:13:57 -07:00
+								def get_users():
 								    return User.query.all()
-												Add endpoint for getting user by email address

											
										
										
											2016-02-23 11:03:59 +00:00
+								def get_user_by_email(email):
-												Make the get_user_by_email_address case insenstive.

											
										
										
											2016-05-20 13:43:31 +01:00
+								    return User.query.filter(func.lower(User.email_address) == func.lower(email)).one()
-												Add endpoint for getting user by email address

											
										
										
											2016-02-23 11:03:59 +00:00
-												Add data endpoint for finding users by full or partial email

											
										
										
											2018-07-09 17:25:13 +01:00
+								def get_users_by_partial_email(email):
-												Move code that escapes special chars to helper function and use it

in query get_users_by_partial_email

											
										
										
											2018-07-13 15:26:42 +01:00
+								    email = escape_special_characters(email)
 								    return User.query.filter(User.email_address.ilike("%{}%".format(email))).all()
-												Add data endpoint for finding users by full or partial email

											
										
										
											2018-07-09 17:25:13 +01:00
-												Record and persist failed login count on api.

											
										
										
											2016-01-25 11:14:23 +00:00
+								def increment_failed_login_count(user):
 								    user.failed_login_count += 1
 								    db.session.add(user)
 								    db.session.commit()
-												If failed login count > 0 and user subsequently logs in sucessfully,
then failed logins set to 0.

											
										
										
											2016-01-28 11:32:46 +00:00
 								def reset_failed_login_count(user):
 								    if user.failed_login_count > 0:
 								        user.failed_login_count = 0
 								        db.session.add(user)
 								        db.session.commit()
-												Add separate method to update user password

											
										
										
											2017-02-07 11:05:15 +00:00
-												Don’t update `email_access_validated_at` on password reset

As of https://github.com/alphagov/notifications-admin/pull/4000/files
the admin app is doing this, so we don’t need to do it here as well.

											
										
										
											2021-08-17 16:59:51 +01:00
+								def update_user_password(user, password):
-												ensure we reset failed_login_count when appropriate

in verify_user_password, if succesful we reset the failed_login_count.
now we use failed_login_count for 2FA attempts, we need to make sure we
reset it in other places too, so that people don't get blocked,
especially in the reset-password user journey.

* verify_user_code - if it's succesful, reset the failed_login_count
* update_password - reset failed_login_count because either
  * you're logged in and so it's 0 anyway
  * you're resetting your password via pword reset link, and the old
    count isn't relevant anymore

											
										
										
											2017-02-16 15:20:30 +00:00
+								    # reset failed login count - they've just reset their password so should be fine
-												Add separate method to update user password

											
										
										
											2017-02-07 11:05:15 +00:00
+								    user.password = password
 								    user.password_changed_at = datetime.utcnow()
 								    db.session.add(user)
 								    db.session.commit()
-												use joinedload to only hit the database once per request

also:

* only include active orgs
* write lots of tests

											
										
										
											2018-03-13 13:07:02 +00:00
 								def get_user_and_accounts(user_id):
-												reformat

											
										
										
											2023-08-29 14:54:30 -07:00
+								    return (
 								        User.query.filter(User.id == user_id)
 								        .options(
 								            # eagerly load the user's services and organizations, and also the service's org and vice versa
 								            # (so we can see if the user knows about it)
 								            joinedload("services"),
 								            joinedload("organizations"),
 								            joinedload("organizations.services"),
 								            joinedload("services.organization"),
 								        )
 								        .one()
 								    )
-												Add DAO function to archive a user

For a user to be able to be archived, each service that they are a
member of must have at least one other user who is active and who has
the 'manage-settings' permission.

To archive a user we remove them from all their services and
organisations, remove all permissions that they have and change some of
their details:
- email_address will start with '_archived_<date>'
- the current_session_id is changed (to sign them out of their current
session)
- mobile_number is removed (so we also need to switch their auth type to
email_auth)
- password is changed to a random password
- state is changed to 'inactive'

If any of the steps fail, we rollback all changes.

											
										
										
											2019-05-21 15:53:48 +01:00
-												Rename database management functions.

Rename @transactional to @autocommit.
Rename nested_transaction to tranaction.

											
										
										
											2021-04-14 07:11:01 +01:00
+								@autocommit
-												Add DAO function to archive a user

For a user to be able to be archived, each service that they are a
member of must have at least one other user who is active and who has
the 'manage-settings' permission.

To archive a user we remove them from all their services and
organisations, remove all permissions that they have and change some of
their details:
- email_address will start with '_archived_<date>'
- the current_session_id is changed (to sign them out of their current
session)
- mobile_number is removed (so we also need to switch their auth type to
email_auth)
- password is changed to a random password
- state is changed to 'inactive'

If any of the steps fail, we rollback all changes.

											
										
										
											2019-05-21 15:53:48 +01:00
+								def dao_archive_user(user):
 								    if not user_can_be_archived(user):
 								        msg = "User can’t be removed from a service - check all services have another team member with manage_settings"
 								        raise InvalidRequest(msg, 400)
 								    permission_dao.remove_user_service_permissions_for_all_services(user)
 								    service_users = dao_get_service_users_by_user_id(user.id)
 								    for service_user in service_users:
 								        db.session.delete(service_user)
-												notify-api-332 rename organisation

											
										
										
											2023-07-10 11:06:29 -07:00
+								    user.organizations = []
-												Add DAO function to archive a user

For a user to be able to be archived, each service that they are a
member of must have at least one other user who is active and who has
the 'manage-settings' permission.

To archive a user we remove them from all their services and
organisations, remove all permissions that they have and change some of
their details:
- email_address will start with '_archived_<date>'
- the current_session_id is changed (to sign them out of their current
session)
- mobile_number is removed (so we also need to switch their auth type to
email_auth)
- password is changed to a random password
- state is changed to 'inactive'

If any of the steps fail, we rollback all changes.

											
										
										
											2019-05-21 15:53:48 +01:00
-												All string "constants" in app.models converted to app.enums.

Signed-off-by: Cliff Hill <Clifford.hill@gsa.gov>

											
										
										
											2024-01-15 16:45:55 -05:00
+								    user.auth_type = AuthType.EMAIL
-												Move function to get archived email address value

This function will be used when archiving services too, so it has been
renamed and moved to `app/utils.py`.

											
										
										
											2020-05-22 09:36:07 +01:00
+								    user.email_address = get_archived_db_column_value(user.email_address)
-												Add DAO function to archive a user

For a user to be able to be archived, each service that they are a
member of must have at least one other user who is active and who has
the 'manage-settings' permission.

To archive a user we remove them from all their services and
organisations, remove all permissions that they have and change some of
their details:
- email_address will start with '_archived_<date>'
- the current_session_id is changed (to sign them out of their current
session)
- mobile_number is removed (so we also need to switch their auth type to
email_auth)
- password is changed to a random password
- state is changed to 'inactive'

If any of the steps fail, we rollback all changes.

											
										
										
											2019-05-21 15:53:48 +01:00
+								    user.mobile_number = None
 								    user.password = str(uuid.uuid4())
 								    # Changing the current_session_id signs the user out
-												reformat

											
										
										
											2023-08-29 14:54:30 -07:00
+								    user.current_session_id = "00000000-0000-0000-0000-000000000000"
 								    user.state = "inactive"
-												Add DAO function to archive a user

For a user to be able to be archived, each service that they are a
member of must have at least one other user who is active and who has
the 'manage-settings' permission.

To archive a user we remove them from all their services and
organisations, remove all permissions that they have and change some of
their details:
- email_address will start with '_archived_<date>'
- the current_session_id is changed (to sign them out of their current
session)
- mobile_number is removed (so we also need to switch their auth type to
email_auth)
- password is changed to a random password
- state is changed to 'inactive'

If any of the steps fail, we rollback all changes.

											
										
										
											2019-05-21 15:53:48 +01:00
 								    db.session.add(user)
 								def user_can_be_archived(user):
 								    active_services = [x for x in user.services if x.active]
 								    for service in active_services:
-												reformat

											
										
										
											2023-08-29 14:54:30 -07:00
+								        other_active_users = [
 								            x for x in service.users if x.state == "active" and x != user
 								        ]
-												Add DAO function to archive a user

For a user to be able to be archived, each service that they are a
member of must have at least one other user who is active and who has
the 'manage-settings' permission.

To archive a user we remove them from all their services and
organisations, remove all permissions that they have and change some of
their details:
- email_address will start with '_archived_<date>'
- the current_session_id is changed (to sign them out of their current
session)
- mobile_number is removed (so we also need to switch their auth type to
email_auth)
- password is changed to a random password
- state is changed to 'inactive'

If any of the steps fail, we rollback all changes.

											
										
										
											2019-05-21 15:53:48 +01:00
 								        if not other_active_users:
 								            return False
-												reformat

											
										
										
											2023-08-29 14:54:30 -07:00
+								        if not any(
 								            "manage_settings" in user.get_permissions(service.id)
 								            for user in other_active_users
 								        ):
-												Add DAO function to archive a user

For a user to be able to be archived, each service that they are a
member of must have at least one other user who is active and who has
the 'manage-settings' permission.

To archive a user we remove them from all their services and
organisations, remove all permissions that they have and change some of
their details:
- email_address will start with '_archived_<date>'
- the current_session_id is changed (to sign them out of their current
session)
- mobile_number is removed (so we also need to switch their auth type to
email_auth)
- password is changed to a random password
- state is changed to 'inactive'

If any of the steps fail, we rollback all changes.

											
										
										
											2019-05-21 15:53:48 +01:00
+								            # no-one else has manage settings
 								            return False
 								    return True