User subsystem

Change-Id: Ibef4ede9b2d6a3ea465f79a9b5cbcc821afbccae Signed-off-by: Justin Choquette <jchoquette@iol.unh.edu>
author: Justin Choquette <jchoquette@iol.unh.edu> 2023-08-07 14:10:19 -0400
committer: Justin Choquette <jchoquette@iol.unh.edu> 2023-08-07 14:16:04 -0400
commit: a6168306c08e8d5b207b9acc48869180d194ff01 (patch)
tree: 51ffcafac4ae0b5fd4da363d9bf839e8ad3fc286 /src/api/views.py
parent: a09db9f287a02873c0226759f8ea444bb304cd59 (diff)
1 files changed, 105 insertions, 13 deletions
diff --git a/src/api/views.py b/src/api/views.py
index ea36a6d..98dd3dc 100644
--- a/src/api/views.py
+++ b/src/api/views.py
@@ -23,7 +23,7 @@ from django.views import View
 from django.http import HttpResponseNotFound
 from django.http.response import JsonResponse, HttpResponse
 import requests
-from rest_framework import viewsets
+from api.utils import ipa_query_user, ipa_set_ssh, ipa_set_company
 from rest_framework.authtoken.models import Token
 from django.views.decorators.csrf import csrf_exempt
 from django.core.exceptions import ObjectDoesNotExist
@@ -51,7 +51,7 @@ Most functions let you GET or POST to the same endpoint, and
 the correct thing will happen
 """
 
-
+liblaas_base_url = os.environ.get('LIBLAAS_BASE_URL')
 @method_decorator(login_required, name='dispatch')
 class GenerateTokenView(View):
     def get(self, request, *args, **kwargs):
@@ -249,20 +249,31 @@ def make_booking(request):
     data = json.loads(request.body)
     print("incoming data is ", data)
 
-    allowed_users = list(data["allowed_users"])
-    allowed_users.append(str(request.user))
+    # todo - test this
+    ipa_users = list(UserProfile.objects.get(user=request.user).ipa_username) # add owner's ipa username to list of allowed users to be sent to liblaas
+
+    for user in list(data["allowed_users"]):
+        collab_profile = UserProfile.objects.get(user=User.objects.get(username=user))
+        if (collab_profile.ipa_username == "" or collab_profile.ipa_username == None):
+            return JsonResponse(
+            data={},
+            status=406, # Not good practice but a quick solution until blob validation is fully supported within django instead of the frontend
+            safe=False
+        )
+        else:
+            ipa_users.append(collab_profile.ipa_username)
 
     bookingBlob = {
         "template_id": data["template_id"],
-        "allowed_users": allowed_users,
+        "allowed_users": ipa_users,
         "global_cifile": data["global_cifile"],
         "metadata": {
             "booking_id": None, # fill in after creating django object
-            "owner": str(request.user),
+            "owner": UserProfile.objects.get(user=request.user).ipa_username,
             "lab": "UNH_IOL",
             "purpose": data["metadata"]["purpose"],
             "project": data["metadata"]["project"],
-            "length": data["metadata"]["length"]
+            "length": int(data["metadata"]["length"])
         }
     }
     
@@ -279,9 +290,8 @@ def make_booking(request):
         print("successfully created booking object with id ", booking.id)
 
         # Now add collabs
-        for c in bookingBlob["allowed_users"]:
-            if c != bookingBlob["metadata"]["owner"]: # Don't add self as a collab
-                booking.collaborators.add(User.objects.get(username=c))
+        for c in list(data["allowed_users"]):
+            booking.collaborators.add(User.objects.get(username=c))
         print("successfully added collabs")
 
         # Now create it in liblaas
@@ -479,7 +489,7 @@ def liblaas_request(request) -> JsonResponse:
     liblaas_endpoint = post_data["endpoint"]
     payload = post_data["workflow_data"]
     # Fill in actual username
-    liblaas_endpoint = liblaas_endpoint.replace("[username]", str(request.user))
+    liblaas_endpoint = liblaas_endpoint.replace("[username]", UserProfile.objects.get(user=request.user).ipa_username)
     liblaas_endpoint = liblaas_base_url + liblaas_endpoint
     print("processed endpoint is ", liblaas_endpoint)
 
@@ -513,7 +523,7 @@ def liblaas_request(request) -> JsonResponse:
         )
 
 def liblaas_templates(request):
-    liblaas_url = os.environ.get("LIBLAAS_BASE_URL") + "template/list/" + str(request.user)
+    liblaas_url = os.environ.get("LIBLAAS_BASE_URL") + "template/list/" + UserProfile.objects.get(user=request.user).ipa_username
     print("api call to " + liblaas_url)
     return requests.get(liblaas_url)
 
@@ -553,4 +563,86 @@ def liblaas_end_booking(aggregateId):
         return response
     except:
         print("failed to end booking")
-        return HttpResponse(status=500)
-\ No newline at end of file
+        return HttpResponse(status=500)
+    
+def ipa_create_account(request):
+    # Called when no username was found
+    # Only allow if user does not have a linked ipa account
+    profile =  UserProfile.objects.get(user=request.user)
+    if (profile.ipa_username):
+        return HttpResponse(status=401)
+
+    post_data = request.POST
+    user = {
+        'uid': str(request.user),
+        'givenname': post_data['first_name'],
+        'sn': post_data['last_name'],
+        'cn': post_data['first_name'] + " " + post_data['last_name'],
+        'mail': post_data['email'],
+        'ou': post_data['company'],
+        'random': True
+    }
+
+    try:
+        response = requests.post(liblaas_base_url + "user/create", data=json.dumps(user), headers={'Content-Type': 'application/json'})
+        profile.ipa_username = user['uid']
+        print("Saving ipa username", profile.ipa_username)
+        profile.save()
+        return redirect("dashboard:index")
+    except Exception as e:
+        print(e)
+        return redirect("dashboard:index")
+    
+def ipa_confirm_account(request):
+    # Called when username was found and email matches
+    profile =  UserProfile.objects.get(user=request.user)
+    if (profile.ipa_username):
+        return HttpResponse(status=401)
+    
+    profile.ipa_username = str(request.user)
+    print("Saving ipa username", profile.ipa_username)
+    profile.save()
+    return redirect("dashboard:index")
+
+def ipa_conflict_account(request):
+    # Called when username was found but emails do not match
+    # Need to ask user to input alternate username
+    # To verify username is not taken, call query_username and accept if returns None
+    print("ipa conflict account")
+    profile =  UserProfile.objects.get(user=request.user)
+    print("profile is", profile)
+    if (profile.ipa_username):
+        return HttpResponse(status=401)
+
+    post_data = request.POST
+    user = {
+        'uid': post_data['ipa_username'],
+        'givenname': post_data['first_name'],
+        'sn': post_data['last_name'],
+        'cn': post_data['first_name'] + " " + post_data['last_name'],
+        'mail': post_data['email'],
+        'ou': post_data['company'],
+        'random': True,
+    }
+
+    try:
+        response = requests.post(liblaas_base_url + "user/create", data=json.dumps(user), headers={'Content-Type': 'application/json'})
+        profile.ipa_username = user['uid']
+        print("Saving ipa username", profile.ipa_username)
+        profile.save()
+        return redirect("dashboard:index")
+    except Exception as e:
+        print(e)
+        return redirect("dashboard:index")
+
+def ipa_set_company_from_workflow(request):
+    profile = UserProfile.objects.get(user=request.user)
+    ipa_set_company(profile, request.POST["company"])
+    return redirect("workflow:book_a_pod")
+
+def ipa_add_ssh_from_workflow(request):
+    profile = UserProfile.objects.get(user=request.user)
+    key_as_list = []
+    key_as_list.append(request.POST["ssh_public_key"])
+    ipa_set_ssh(profile, key_as_list)
+    return redirect("workflow:book_a_pod")
author	Justin Choquette <jchoquette@iol.unh.edu>	2023-08-07 14:10:19 -0400
committer	Justin Choquette <jchoquette@iol.unh.edu>	2023-08-07 14:16:04 -0400
commit	a6168306c08e8d5b207b9acc48869180d194ff01 (patch)
tree	51ffcafac4ae0b5fd4da363d9bf839e8ad3fc286 /src/api/views.py
parent	a09db9f287a02873c0226759f8ea444bb304cd59 (diff)