selfprivacy-rest-api/selfprivacy_api/actions/users.py

"""Actions to manage the users."""

import re
import uuid
from typing import Optional

from selfprivacy_api.models.user import UserDataUser, UserDataUserOrigin

from selfprivacy_api.utils import is_username_forbidden
from selfprivacy_api.actions.ssh import get_ssh_keys


from selfprivacy_api.repositories.users.json_user_repository import JsonUserRepository
from selfprivacy_api.repositories.users import ACTIVE_USERS_PROVIDER
from selfprivacy_api.repositories.users.exceptions import (
    UsernameForbidden,
    UsernameNotAlphanumeric,
    UsernameTooLong,
    UserNotFound,
    UserAlreadyExists,
    InvalidConfiguration,
)


class ApiUsingWrongUserRepository(Exception):
    """
    API is using a too old or unfinished user repository. Are you debugging?
    """

    @staticmethod
    def get_error_message() -> str:
        return "API is using a too old or unfinished user repository"


class RootIsNotAvailableForModification(Exception):
    """
    Root is not available for modification. Operation is restricted.
    """

    @staticmethod
    def get_error_message() -> str:
        return "Root is not available for modification. Operation is restricted."


def get_users(
    exclude_primary: bool = False,
    exclude_root: bool = False,
) -> list[UserDataUser]:
    users = ACTIVE_USERS_PROVIDER.get_users(
        exclude_primary=exclude_primary, exclude_root=exclude_root
    )

    if isinstance(ACTIVE_USERS_PROVIDER, JsonUserRepository):
        for user in users:
            try:
                user.ssh_keys = get_ssh_keys(username=user.username)
            except UserNotFound:
                pass

        if not exclude_root:
            users.append(
                UserDataUser(
                    username="root",
                    user_type=UserDataUserOrigin.ROOT,
                    ssh_keys=get_ssh_keys(username=user.username),
                )
            )

    return users


def create_user(
    username: str,
    password: Optional[str] = None,
    directmemberof: Optional[list[str]] = None,
    displayname: Optional[str] = None,
) -> None:

    if is_username_forbidden(username):
        raise UsernameForbidden("Username is forbidden")

    if not re.match(r"^[a-z_][a-z0-9_]+$", username):
        raise UsernameNotAlphanumeric(
            "Username must be alphanumeric and start with a letter"
        )

    if len(username) >= 32:
        raise UsernameTooLong("Username must be less than 32 characters")

    # need to maintain the logic of the old repository, since ssh management uses it.
    if not isinstance(ACTIVE_USERS_PROVIDER, JsonUserRepository):
        try:
            JsonUserRepository.create_user(
                username=username, password=str(uuid.uuid4())
            )  # random password for legacy
        except (UserAlreadyExists, InvalidConfiguration):
            pass

    ACTIVE_USERS_PROVIDER.create_user(
        username=username,
        password=password,
        directmemberof=directmemberof,
        displayname=displayname,
    )


def delete_user(username: str) -> None:

    # need to maintain the logic of the old repository, since ssh management uses it.
    if not isinstance(ACTIVE_USERS_PROVIDER, JsonUserRepository):
        try:
            JsonUserRepository.delete_user(username=username)
        except UserNotFound:
            pass

    ACTIVE_USERS_PROVIDER.delete_user(username=username)


def update_user(
    username: str,
    password: Optional[str] = None,
    directmemberof: Optional[list[str]] = None,
    displayname: Optional[str] = None,
) -> None:

    ACTIVE_USERS_PROVIDER.update_user(
        username=username,
        password=password,
        directmemberof=directmemberof,
        displayname=displayname,
    )


def get_user_by_username(username: str) -> Optional[UserDataUser]:
    user: UserDataUser | None = ACTIVE_USERS_PROVIDER.get_user_by_username(
        username=username
    )

    if not isinstance(ACTIVE_USERS_PROVIDER, JsonUserRepository):
        if username == "root":
            return UserDataUser(
                username="root",
                user_type=UserDataUserOrigin.ROOT,
                ssh_keys=get_ssh_keys(username="root"),
            )

        try:
            if user:
                user.ssh_keys = get_ssh_keys(username=user.username)
        except UserNotFound:
            pass

    return user


def generate_password_reset_link(username: str) -> str:
    if isinstance(ACTIVE_USERS_PROVIDER, JsonUserRepository):
        raise ApiUsingWrongUserRepository

    if username == "root":
        raise RootIsNotAvailableForModification

    return ACTIVE_USERS_PROVIDER.generate_password_reset_link(username=username)
Migrate to FastAPI (#13) Co-authored-by: inexcode <inex.code@selfprivacy.org> Reviewed-on: https://git.selfprivacy.org/SelfPrivacy/selfprivacy-rest-api/pulls/13 2022-08-25 17:03:56 +00:00			`"""Actions to manage the users."""`
style: Reformat with new Black version 2024-07-26 19:59:44 +00:00
Migrate to FastAPI (#13) Co-authored-by: inexcode <inex.code@selfprivacy.org> Reviewed-on: https://git.selfprivacy.org/SelfPrivacy/selfprivacy-rest-api/pulls/13 2022-08-25 17:03:56 +00:00			`import re`
fix: from review and make new error messages 2024-12-05 23:05:28 +00:00			`import uuid`
Migrate to FastAPI (#13) Co-authored-by: inexcode <inex.code@selfprivacy.org> Reviewed-on: https://git.selfprivacy.org/SelfPrivacy/selfprivacy-rest-api/pulls/13 2022-08-25 17:03:56 +00:00			`from typing import Optional`

feat: add legacy support 2024-12-01 13:29:29 +00:00			`from selfprivacy_api.models.user import UserDataUser, UserDataUserOrigin`
Migrate to FastAPI (#13) Co-authored-by: inexcode <inex.code@selfprivacy.org> Reviewed-on: https://git.selfprivacy.org/SelfPrivacy/selfprivacy-rest-api/pulls/13 2022-08-25 17:03:56 +00:00
refactor: mv hash_password to repository 2024-11-15 14:30:51 +00:00			`from selfprivacy_api.utils import is_username_forbidden`
feat: add legacy support 2024-12-01 13:29:29 +00:00			`from selfprivacy_api.actions.ssh import get_ssh_keys`
feat: removed unnecessary functionality from the repository 2024-11-02 23:15:51 +00:00
fix: from review and make new error messages 2024-12-05 23:05:28 +00:00
feat: add legacy code support 2024-11-29 15:32:02 +00:00			`from selfprivacy_api.repositories.users.json_user_repository import JsonUserRepository`
feat: removed unnecessary functionality from the repository 2024-11-02 23:15:51 +00:00			`from selfprivacy_api.repositories.users import ACTIVE_USERS_PROVIDER`
refactor: moved json user management to a separate repository 2024-10-26 18:22:31 +00:00			`from selfprivacy_api.repositories.users.exceptions import (`
			`UsernameForbidden,`
			`UsernameNotAlphanumeric,`
			`UsernameTooLong,`
feat: add legacy support 2024-12-01 13:29:29 +00:00			`UserNotFound,`
fix: typing, expect errors 2024-12-05 23:41:06 +00:00			`UserAlreadyExists,`
			`InvalidConfiguration,`
refactor: moved json user management to a separate repository 2024-10-26 18:22:31 +00:00			`)`
Migrate to FastAPI (#13) Co-authored-by: inexcode <inex.code@selfprivacy.org> Reviewed-on: https://git.selfprivacy.org/SelfPrivacy/selfprivacy-rest-api/pulls/13 2022-08-25 17:03:56 +00:00

fix: from review and make new error messages 2024-12-05 23:05:28 +00:00			`class ApiUsingWrongUserRepository(Exception):`
			`"""`
			`API is using a too old or unfinished user repository. Are you debugging?`
			`"""`

			`@staticmethod`
			`def get_error_message() -> str:`
			`return "API is using a too old or unfinished user repository"`


feat: detect more errors 2024-12-10 02:15:15 +00:00			`class RootIsNotAvailableForModification(Exception):`
			`"""`
			`Root is not available for modification. Operation is restricted.`
			`"""`

			`@staticmethod`
			`def get_error_message() -> str:`
			`return "Root is not available for modification. Operation is restricted."`


Migrate to FastAPI (#13) Co-authored-by: inexcode <inex.code@selfprivacy.org> Reviewed-on: https://git.selfprivacy.org/SelfPrivacy/selfprivacy-rest-api/pulls/13 2022-08-25 17:03:56 +00:00			`def get_users(`
			`exclude_primary: bool = False,`
			`exclude_root: bool = False,`
			`) -> list[UserDataUser]:`
feat: add legacy code support 2024-11-29 15:32:02 +00:00			`users = ACTIVE_USERS_PROVIDER.get_users(`
feat: removed unnecessary functionality from the repository 2024-11-02 23:15:51 +00:00			`exclude_primary=exclude_primary, exclude_root=exclude_root`
			`)`
Migrate to FastAPI (#13) Co-authored-by: inexcode <inex.code@selfprivacy.org> Reviewed-on: https://git.selfprivacy.org/SelfPrivacy/selfprivacy-rest-api/pulls/13 2022-08-25 17:03:56 +00:00
fix: typing 2024-12-09 08:37:57 +00:00			`if isinstance(ACTIVE_USERS_PROVIDER, JsonUserRepository):`
feat: add legacy support 2024-12-01 13:29:29 +00:00			`for user in users:`
			`try:`
fix: missing username 2024-12-03 18:06:12 +00:00			`user.ssh_keys = get_ssh_keys(username=user.username)`
feat: add legacy support 2024-12-01 13:29:29 +00:00			`except UserNotFound:`
			`pass`

			`if not exclude_root:`
			`users.append(`
			`UserDataUser(`
			`username="root",`
fix: rename user_type 2024-12-04 14:10:14 +00:00			`user_type=UserDataUserOrigin.ROOT,`
fix: missing username 2024-12-03 18:06:12 +00:00			`ssh_keys=get_ssh_keys(username=user.username),`
feat: add legacy support 2024-12-01 13:29:29 +00:00			`)`
			`)`

feat: add legacy code support 2024-11-29 15:32:02 +00:00			`return users`

Migrate to FastAPI (#13) Co-authored-by: inexcode <inex.code@selfprivacy.org> Reviewed-on: https://git.selfprivacy.org/SelfPrivacy/selfprivacy-rest-api/pulls/13 2022-08-25 17:03:56 +00:00
feat: update UserMutationInput 2024-11-15 00:19:24 +00:00			`def create_user(`
			`username: str,`
			`password: Optional[str] = None,`
			`directmemberof: Optional[list[str]] = None,`
fix: change default params 2024-12-10 00:52:13 +00:00			`displayname: Optional[str] = None,`
feat: update UserMutationInput 2024-11-15 00:19:24 +00:00			`) -> None:`
Migrate to FastAPI (#13) Co-authored-by: inexcode <inex.code@selfprivacy.org> Reviewed-on: https://git.selfprivacy.org/SelfPrivacy/selfprivacy-rest-api/pulls/13 2022-08-25 17:03:56 +00:00
			`if is_username_forbidden(username):`
			`raise UsernameForbidden("Username is forbidden")`

			`if not re.match(r"^[a-z_][a-z0-9_]+$", username):`
			`raise UsernameNotAlphanumeric(`
			`"Username must be alphanumeric and start with a letter"`
			`)`

			`if len(username) >= 32:`
			`raise UsernameTooLong("Username must be less than 32 characters")`

fix: typing, expect errors 2024-12-05 23:41:06 +00:00			`# need to maintain the logic of the old repository, since ssh management uses it.`
fix: typing 2024-12-09 08:37:57 +00:00			`if not isinstance(ACTIVE_USERS_PROVIDER, JsonUserRepository):`
fix: typing, expect errors 2024-12-05 23:41:06 +00:00			`try:`
			`JsonUserRepository.create_user(`
			`username=username, password=str(uuid.uuid4())`
			`) # random password for legacy`
			`except (UserAlreadyExists, InvalidConfiguration):`
			`pass`
feat: add legacy code support 2024-11-29 15:32:02 +00:00
fix: delete return from None functions 2024-12-05 23:12:10 +00:00			`ACTIVE_USERS_PROVIDER.create_user(`
fix: None password, fix fields 2024-11-15 00:53:20 +00:00			`username=username,`
refactor: mv hash_password to repository 2024-11-15 14:30:51 +00:00			`password=password,`
fix: None password, fix fields 2024-11-15 00:53:20 +00:00			`directmemberof=directmemberof,`
fix: change default params 2024-12-10 00:52:13 +00:00			`displayname=displayname,`
feat: removed unnecessary functionality from the repository 2024-11-02 23:15:51 +00:00			`)`
Migrate to FastAPI (#13) Co-authored-by: inexcode <inex.code@selfprivacy.org> Reviewed-on: https://git.selfprivacy.org/SelfPrivacy/selfprivacy-rest-api/pulls/13 2022-08-25 17:03:56 +00:00

refactor: moved json user management to a separate repository 2024-10-26 18:22:31 +00:00			`def delete_user(username: str) -> None:`
fix: delete return from None functions 2024-12-05 23:12:10 +00:00
fix: typing, expect errors 2024-12-05 23:41:06 +00:00			`# need to maintain the logic of the old repository, since ssh management uses it.`
fix: typing 2024-12-09 08:37:57 +00:00			`if not isinstance(ACTIVE_USERS_PROVIDER, JsonUserRepository):`
fix: typing, expect errors 2024-12-05 23:41:06 +00:00			`try:`
			`JsonUserRepository.delete_user(username=username)`
			`except UserNotFound:`
			`pass`
feat: add legacy code support 2024-11-29 15:32:02 +00:00
fix: delete return from None functions 2024-12-05 23:12:10 +00:00			`ACTIVE_USERS_PROVIDER.delete_user(username=username)`
Migrate to FastAPI (#13) Co-authored-by: inexcode <inex.code@selfprivacy.org> Reviewed-on: https://git.selfprivacy.org/SelfPrivacy/selfprivacy-rest-api/pulls/13 2022-08-25 17:03:56 +00:00

feat: update UserMutationInput 2024-11-15 00:19:24 +00:00			`def update_user(`
			`username: str,`
			`password: Optional[str] = None,`
			`directmemberof: Optional[list[str]] = None,`
fix: change default params 2024-12-10 00:52:13 +00:00			`displayname: Optional[str] = None,`
feat: update UserMutationInput 2024-11-15 00:19:24 +00:00			`) -> None:`
Migrate to FastAPI (#13) Co-authored-by: inexcode <inex.code@selfprivacy.org> Reviewed-on: https://git.selfprivacy.org/SelfPrivacy/selfprivacy-rest-api/pulls/13 2022-08-25 17:03:56 +00:00
fix: delete return from None functions 2024-12-05 23:12:10 +00:00			`ACTIVE_USERS_PROVIDER.update_user(`
fix: None password, fix fields 2024-11-15 00:53:20 +00:00			`username=username,`
refactor: mv hash_password to repository 2024-11-15 14:30:51 +00:00			`password=password,`
fix: None password, fix fields 2024-11-15 00:53:20 +00:00			`directmemberof=directmemberof,`
fix: change default params 2024-12-10 00:52:13 +00:00			`displayname=displayname,`
feat: removed unnecessary functionality from the repository 2024-11-02 23:15:51 +00:00			`)`
Migrate to FastAPI (#13) Co-authored-by: inexcode <inex.code@selfprivacy.org> Reviewed-on: https://git.selfprivacy.org/SelfPrivacy/selfprivacy-rest-api/pulls/13 2022-08-25 17:03:56 +00:00

			`def get_user_by_username(username: str) -> Optional[UserDataUser]:`
fix: typing 2024-12-09 08:37:57 +00:00			`user: UserDataUser \| None = ACTIVE_USERS_PROVIDER.get_user_by_username(`
			`username=username`
			`)`
feat: add legacy code support 2024-11-29 15:32:02 +00:00
fix: typing 2024-12-09 08:37:57 +00:00			`if not isinstance(ACTIVE_USERS_PROVIDER, JsonUserRepository):`
feat: add legacy support 2024-12-01 13:29:29 +00:00			`if username == "root":`
			`return UserDataUser(`
			`username="root",`
fix: rename user_type 2024-12-04 14:10:14 +00:00			`user_type=UserDataUserOrigin.ROOT,`
fix: missing username 2024-12-03 18:06:12 +00:00			`ssh_keys=get_ssh_keys(username="root"),`
feat: add legacy support 2024-12-01 13:29:29 +00:00			`)`

			`try:`
fix: typing 2024-12-09 08:37:57 +00:00			`if user:`
			`user.ssh_keys = get_ssh_keys(username=user.username)`
feat: add legacy support 2024-12-01 13:29:29 +00:00			`except UserNotFound:`
			`pass`

feat: add legacy code support 2024-11-29 15:32:02 +00:00			`return user`
fix: rename origin, add new mutation 2024-12-03 22:54:24 +00:00

			`def generate_password_reset_link(username: str) -> str:`
fix: typing 2024-12-09 08:37:57 +00:00			`if isinstance(ACTIVE_USERS_PROVIDER, JsonUserRepository):`
fix: from review and make new error messages 2024-12-05 23:05:28 +00:00			`raise ApiUsingWrongUserRepository`
fix: rename origin, add new mutation 2024-12-03 22:54:24 +00:00
feat: detect more errors 2024-12-10 02:15:15 +00:00			`if username == "root":`
			`raise RootIsNotAvailableForModification`

fix: rename origin, add new mutation 2024-12-03 22:54:24 +00:00			`return ACTIVE_USERS_PROVIDER.generate_password_reset_link(username=username)`