flaschengeist/flaschengeist/plugins/users/__init__.py

"""Users plugin

Provides routes used to manage users
"""
from http.client import NO_CONTENT, CREATED

from flaschengeist.config import config
from flask import Blueprint, request, jsonify, make_response
from werkzeug.exceptions import BadRequest, Forbidden, MethodNotAllowed

from flaschengeist import logger
from flaschengeist.models.user import User
from flaschengeist.plugins import Plugin
from flaschengeist.decorator import login_required, extract_session
from flaschengeist.controller import userController

users_bp = Blueprint("users", __name__)
_permission_edit = "users_edit_other"
_permission_set_roles = "users_set_roles"
_permission_delete = "users_delete_other"
_permission_register = "users_register"


class UsersPlugin(Plugin):
    def __init__(self, config):
        super().__init__(blueprint=users_bp, permissions=[_permission_edit, _permission_delete, _permission_set_roles])


@users_bp.route("/users", methods=["POST"])
def register():
    """Register a new user

    Route: ``/users`` | Method: ``POST``

    POST-data: Same as `flaschengeist.models.user.User` + ``password?: string``

    Returns:
        JSON encoded `flaschengeist.models.user.User` or HTTP error
    """
    registration = config["users"].get("registration", False)
    if not registration or registration not in ["managed", "public"]:
        logger.debug("Config for Registration is set to >{}<".format(registration))
        raise MethodNotAllowed
    if registration == "managed":
        extract_session(_permission_register)

    data = request.get_json()
    if not data:
        raise BadRequest

    logger.debug("Register new User...")
    return make_response(jsonify(userController.register(data)), CREATED)


@users_bp.route("/users", methods=["GET"])
@login_required()
def list_users(current_session):
    """List all existing users

    Route: ``/users`` | Method: ``GET``

    Args:
        current_session: Session sent with Authorization Header

    Returns:
        JSON encoded array of `flaschengeist.models.user.User` or HTTP error
    """
    logger.debug("Retrieve list of all users")
    users = userController.get_users()
    return jsonify(users)


@users_bp.route("/users/<userid>", methods=["GET"])
@login_required()
def get_user(userid, current_session):
    """Retrieve user by userid

    Route: ``/users/<userid>`` | Method: ``GET``

    Args:
        userid: UserID of user to retrieve
        current_session: Session sent with Authorization Header

    Returns:
        JSON encoded `flaschengeist.models.user.User` or if userid is current user also containing permissions or HTTP error
    """
    logger.debug("Get information of user {{ {} }}".format(userid))
    user: User = userController.get_user(userid)
    serial = user.serialize()
    if (userid == current_session._user.userid):
        serial['permissions'] = user.get_permissions()
    return jsonify(serial)


@users_bp.route("/users/<userid>", methods=["DELETE"])
@login_required(permission=_permission_delete)
def delete_user(userid, current_session):
    """Delete user by userid

    Route: ``/users/<userid>`` | Method: ``DELETE``

    Args:
        userid: UserID of user to retrieve
        current_session: Session sent with Authorization Header

    Returns:
        HTTP-204 or HTTP error
    """
    logger.debug("Delete user {{ {} }}".format(userid))
    user = userController.get_user(userid)
    userController.delete(user)
    return "", NO_CONTENT


@users_bp.route("/users/<userid>", methods=["PUT"])
@login_required()
def edit_user(userid, current_session):
    """Modify user by userid

    Route: ``/users/<userid>`` | Method: ``PUT``

    POST-data: ```{firstname?: string, lastname?: string, display_name?: string, mail?: string,
    password?: string, roles?: string[]}```

    Args:
        userid: UserID of user to retrieve
        current_session: Session sent with Authorization Header

    Returns:
        HTTP-204 or HTTP error
    """
    logger.debug("Modify information of user {{ {} }}".format(userid))
    user = userController.get_user(userid)
    data = request.get_json()

    password = None
    new_password = data["new_password"] if "new_password" in data else None

    author = user
    if userid != current_session._user.userid:
        author = current_session._user
        if not author.has_permission(_permission_edit):
            raise Forbidden
    else:
        if "password" not in data:
            raise BadRequest("Password is missing")
        password = data["password"]

    for key in ["firstname", "lastname", "display_name", "mail"]:
        if key in data:
            setattr(user, key, data[key])

    if "roles" in data:
        if not author.has_permission(_permission_set_roles):
            raise Forbidden
        userController.set_roles(user, data["roles"])

    userController.modify_user(user, password, new_password)
    userController.update_user(user)
    return "", NO_CONTENT
[Doc] User plugin documentation created 2020-10-30 04:53:15 +00:00			`"""Users plugin`

			`Provides routes used to manage users`
			`"""`
[Plugin] Fixed return values in auth and users routes 2020-10-31 14:20:28 +00:00			`from http.client import NO_CONTENT, CREATED`

Added registration feature 2020-10-30 23:02:02 +00:00			`from flaschengeist.config import config`
[Plugin] Fixed return values in auth and users routes 2020-10-31 14:20:28 +00:00			`from flask import Blueprint, request, jsonify, make_response`
Added registration feature 2020-10-30 23:02:02 +00:00			`from werkzeug.exceptions import BadRequest, Forbidden, MethodNotAllowed`
Added first version of 'users' module, fixed LDAP 2020-09-03 23:01:00 +00:00
			`from flaschengeist import logger`
[API][Plugin] Bugfix and API change * users: Fixed bug in edit_user where if modify by admin * API: Users return list of roles as string not Roles 2020-11-06 00:13:52 +00:00			`from flaschengeist.models.user import User`
Restructured project, renamed modules, removed geruecht as it is dead. 2020-10-30 02:30:46 +00:00			`from flaschengeist.plugins import Plugin`
Added registration feature 2020-10-30 23:02:02 +00:00			`from flaschengeist.decorator import login_required, extract_session`
Restructured project, renamed modules, removed geruecht as it is dead. 2020-10-30 02:30:46 +00:00			`from flaschengeist.controller import userController`
Added first version of 'users' module, fixed LDAP 2020-09-03 23:01:00 +00:00
			`users_bp = Blueprint("users", __name__)`
Added some permissions, reworked permission system. 2020-10-23 00:29:55 +00:00			`_permission_edit = "users_edit_other"`
[Plugin] Users now allows setting the role of an user 2020-10-24 18:10:43 +00:00			`_permission_set_roles = "users_set_roles"`
Added some permissions, reworked permission system. 2020-10-23 00:29:55 +00:00			`_permission_delete = "users_delete_other"`
Added registration feature 2020-10-30 23:02:02 +00:00			`_permission_register = "users_register"`
Added first version of 'users' module, fixed LDAP 2020-09-03 23:01:00 +00:00
Split installation and app creation. Added Readme 2020-10-15 12:44:58 +00:00
Only use one plugin system, load auth and "normal" plugins at once. * Added Plugin class, where to inheritate from 2020-10-15 19:58:56 +00:00			`class UsersPlugin(Plugin):`
			`def __init__(self, config):`
[Plugin] Users now allows setting the role of an user 2020-10-24 18:10:43 +00:00			`super().__init__(blueprint=users_bp, permissions=[_permission_edit, _permission_delete, _permission_set_roles])`
Added first version of 'users' module, fixed LDAP 2020-09-03 23:01:00 +00:00

Fixed Hooks, use own implementation. Fixed routes. 2020-10-15 22:37:57 +00:00			`@users_bp.route("/users", methods=["POST"])`
Added registration feature 2020-10-30 23:02:02 +00:00			`def register():`
			`"""Register a new user`

			Route: ``/users`` \| Method: ``POST``

			POST-data: Same as `flaschengeist.models.user.User` + ``password?: string``

			`Returns:`
			JSON encoded `flaschengeist.models.user.User` or HTTP error
			`"""`
			`registration = config["users"].get("registration", False)`
			`if not registration or registration not in ["managed", "public"]:`
			`logger.debug("Config for Registration is set to >{}<".format(registration))`
			`raise MethodNotAllowed`
			`if registration == "managed":`
			`extract_session(_permission_register)`

			`data = request.get_json()`
			`if not data:`
			`raise BadRequest`

[Plugin] Fixed return values in auth and users routes 2020-10-31 14:20:28 +00:00			`logger.debug("Register new User...")`
			`return make_response(jsonify(userController.register(data)), CREATED)`
Fixed Hooks, use own implementation. Fixed routes. 2020-10-15 22:37:57 +00:00

			`@users_bp.route("/users", methods=["GET"])`
			`@login_required()`
[Doc] User plugin documentation created 2020-10-30 04:53:15 +00:00			`def list_users(current_session):`
			`"""List all existing users`

			Route: ``/users`` \| Method: ``GET``

			`Args:`
			`current_session: Session sent with Authorization Header`

			`Returns:`
			JSON encoded array of `flaschengeist.models.user.User` or HTTP error
			`"""`
Fixed Hooks, use own implementation. Fixed routes. 2020-10-15 22:37:57 +00:00			`logger.debug("Retrieve list of all users")`
			`users = userController.get_users()`
			`return jsonify(users)`
Added first version of 'users' module, fixed LDAP 2020-09-03 23:01:00 +00:00

[Doc] User plugin documentation created 2020-10-30 04:53:15 +00:00			`@users_bp.route("/users/<userid>", methods=["GET"])`
Fixed Hooks, use own implementation. Fixed routes. 2020-10-15 22:37:57 +00:00			`@login_required()`
[Doc] User plugin documentation created 2020-10-30 04:53:15 +00:00			`def get_user(userid, current_session):`
			`"""Retrieve user by userid`

			Route: ``/users/<userid>`` \| Method: ``GET``

			`Args:`
			`userid: UserID of user to retrieve`
			`current_session: Session sent with Authorization Header`
Fixed Hooks, use own implementation. Fixed routes. 2020-10-15 22:37:57 +00:00
[Doc] User plugin documentation created 2020-10-30 04:53:15 +00:00			`Returns:`
[API][Plugin] Bugfix and API change * users: Fixed bug in edit_user where if modify by admin * API: Users return list of roles as string not Roles 2020-11-06 00:13:52 +00:00			JSON encoded `flaschengeist.models.user.User` or if userid is current user also containing permissions or HTTP error
[Doc] User plugin documentation created 2020-10-30 04:53:15 +00:00			`"""`
			`logger.debug("Get information of user {{ {} }}".format(userid))`
[API][Plugin] Bugfix and API change * users: Fixed bug in edit_user where if modify by admin * API: Users return list of roles as string not Roles 2020-11-06 00:13:52 +00:00			`user: User = userController.get_user(userid)`
			`serial = user.serialize()`
			`if (userid == current_session._user.userid):`
			`serial['permissions'] = user.get_permissions()`
			`return jsonify(serial)`
Fixed Hooks, use own implementation. Fixed routes. 2020-10-15 22:37:57 +00:00
[Doc] User plugin documentation created 2020-10-30 04:53:15 +00:00
			`@users_bp.route("/users/<userid>", methods=["DELETE"])`
Added some permissions, reworked permission system. 2020-10-23 00:29:55 +00:00			`@login_required(permission=_permission_delete)`
[Doc] User plugin documentation created 2020-10-30 04:53:15 +00:00			`def delete_user(userid, current_session):`
			`"""Delete user by userid`

			Route: ``/users/<userid>`` \| Method: ``DELETE``

			`Args:`
			`userid: UserID of user to retrieve`
			`current_session: Session sent with Authorization Header`

			`Returns:`
[Plugin] Fixed return values in auth and users routes 2020-10-31 14:20:28 +00:00			`HTTP-204 or HTTP error`
[Doc] User plugin documentation created 2020-10-30 04:53:15 +00:00			`"""`
			`logger.debug("Delete user {{ {} }}".format(userid))`
			`user = userController.get_user(userid)`
Added some permissions, reworked permission system. 2020-10-23 00:29:55 +00:00			`userController.delete(user)`
[Plugin] Fixed return values in auth and users routes 2020-10-31 14:20:28 +00:00			`return "", NO_CONTENT`
Added some permissions, reworked permission system. 2020-10-23 00:29:55 +00:00

[Doc] User plugin documentation created 2020-10-30 04:53:15 +00:00			`@users_bp.route("/users/<userid>", methods=["PUT"])`
Fixed Hooks, use own implementation. Fixed routes. 2020-10-15 22:37:57 +00:00			`@login_required()`
[Doc] User plugin documentation created 2020-10-30 04:53:15 +00:00			`def edit_user(userid, current_session):`
			`"""Modify user by userid`

			Route: ``/users/<userid>`` \| Method: ``PUT``

			POST-data: ```{firstname?: string, lastname?: string, display_name?: string, mail?: string,
			password?: string, roles?: string[]}```

			`Args:`
			`userid: UserID of user to retrieve`
			`current_session: Session sent with Authorization Header`

			`Returns:`
[Plugin] Fixed return values in auth and users routes 2020-10-31 14:20:28 +00:00			`HTTP-204 or HTTP error`
[Doc] User plugin documentation created 2020-10-30 04:53:15 +00:00			`"""`
			`logger.debug("Modify information of user {{ {} }}".format(userid))`
			`user = userController.get_user(userid)`
[Plugin] Users now allows setting the role of an user 2020-10-24 18:10:43 +00:00			`data = request.get_json()`

			`password = None`
			`new_password = data["new_password"] if "new_password" in data else None`
Only use one plugin system, load auth and "normal" plugins at once. * Added Plugin class, where to inheritate from 2020-10-15 19:58:56 +00:00
[API][Plugin] Bugfix and API change * users: Fixed bug in edit_user where if modify by admin * API: Users return list of roles as string not Roles 2020-11-06 00:13:52 +00:00			`author = user`
[Doc] User plugin documentation created 2020-10-30 04:53:15 +00:00			`if userid != current_session._user.userid:`
[API][Plugin] Bugfix and API change * users: Fixed bug in edit_user where if modify by admin * API: Users return list of roles as string not Roles 2020-11-06 00:13:52 +00:00			`author = current_session._user`
			`if not author.has_permission(_permission_edit):`
			`raise Forbidden`
[Plugin] Users now allows setting the role of an user 2020-10-24 18:10:43 +00:00			`else:`
			`if "password" not in data:`
			`raise BadRequest("Password is missing")`
			`password = data["password"]`
Add permissions when plugins are loaded 2020-10-03 23:27:05 +00:00
Fixed Hooks, use own implementation. Fixed routes. 2020-10-15 22:37:57 +00:00			`for key in ["firstname", "lastname", "display_name", "mail"]:`
			`if key in data:`
			`setattr(user, key, data[key])`
[Plugin] Users now allows setting the role of an user 2020-10-24 18:10:43 +00:00
			`if "roles" in data:`
[API][Plugin] Bugfix and API change * users: Fixed bug in edit_user where if modify by admin * API: Users return list of roles as string not Roles 2020-11-06 00:13:52 +00:00			`if not author.has_permission(_permission_set_roles):`
[Plugin] Users now allows setting the role of an user 2020-10-24 18:10:43 +00:00			`raise Forbidden`
			`userController.set_roles(user, data["roles"])`

			`userController.modify_user(user, password, new_password)`
Fixed Hooks, use own implementation. Fixed routes. 2020-10-15 22:37:57 +00:00			`userController.update_user(user)`
[Plugin] Fixed return values in auth and users routes 2020-10-31 14:20:28 +00:00			`return "", NO_CONTENT`