kiwi-vpn/api/kiwi_vpn_api/db/schemata/user.py

175 lines
3.7 KiB
Python
Raw Normal View History

2022-03-20 03:45:40 +00:00
"""
Pydantic representation of database contents.
"""
2022-03-18 23:45:09 +00:00
from __future__ import annotations
2022-03-20 03:45:40 +00:00
from typing import Any
2022-03-18 23:45:09 +00:00
from passlib.context import CryptContext
2022-03-25 23:03:56 +00:00
from pydantic import BaseModel, Field, validator
from sqlalchemy.exc import IntegrityError, InvalidRequestError
2022-03-18 23:45:09 +00:00
from sqlalchemy.orm import Session
from .. import models
from .device import Device
from .user_capability import UserCapability
2022-03-20 03:45:40 +00:00
2022-03-19 18:31:03 +00:00
2022-03-17 17:06:00 +00:00
class UserBase(BaseModel):
name: str
2022-03-25 23:03:56 +00:00
country: str
state: str
city: str
organization: str
organizational_unit: str
email: str
2022-03-17 17:06:00 +00:00
class UserCreate(UserBase):
password: str
class User(UserBase):
capabilities: list[UserCapability] = []
2022-03-25 23:03:56 +00:00
devices: list[Device] = Field(
2022-03-23 15:44:35 +00:00
default=[], repr=False
)
2022-03-17 17:06:00 +00:00
class Config:
orm_mode = True
2022-03-19 18:31:03 +00:00
@validator("capabilities", pre=True)
@classmethod
2022-03-20 03:45:40 +00:00
def unify_capabilities(cls, value: list[Any]) -> list[UserCapability]:
"""
Import the capabilities from various formats
"""
2022-03-19 18:31:03 +00:00
return [
2022-03-19 23:56:11 +00:00
UserCapability.from_value(capability)
2022-03-19 18:31:03 +00:00
for capability in value
]
2022-03-18 23:45:09 +00:00
@classmethod
2022-03-19 02:38:32 +00:00
def from_db(
2022-03-18 23:45:09 +00:00
cls,
db: Session,
name: str,
) -> User | None:
2022-03-20 03:45:40 +00:00
"""
Load user from database by name.
"""
try:
db_user = models.User(name=name)
db.refresh(db_user)
return cls.from_orm(db_user)
except InvalidRequestError:
return None
2022-03-18 23:45:09 +00:00
@classmethod
def create(
cls,
db: Session,
user: UserCreate,
crypt_context: CryptContext,
2022-03-19 18:06:17 +00:00
) -> User | None:
2022-03-20 03:45:40 +00:00
"""
Create a new user in the database.
"""
2022-03-19 18:06:17 +00:00
try:
2022-03-25 23:03:56 +00:00
db_user = models.User(
2022-03-19 18:06:17 +00:00
name=user.name,
password=crypt_context.hash(user.password),
2022-03-25 23:03:56 +00:00
capabilities=[
capability.model
for capability in user.capabilities
],
2022-03-19 18:06:17 +00:00
)
2022-03-25 23:03:56 +00:00
db.add(db_user)
2022-03-19 18:06:17 +00:00
db.commit()
2022-03-25 23:03:56 +00:00
db.refresh(db_user)
2022-03-19 18:06:17 +00:00
2022-03-25 23:03:56 +00:00
return cls.from_orm(db_user)
2022-03-19 18:06:17 +00:00
except IntegrityError:
2022-03-20 03:45:40 +00:00
# user already existed
return None
2022-03-18 23:45:09 +00:00
2022-03-23 13:23:33 +00:00
def is_admin(self) -> bool:
return UserCapability.admin in self.capabilities
def authenticate(
self,
db: Session,
password: str,
crypt_context: CryptContext,
) -> User | None:
"""
Authenticate with name/password against users in database.
"""
2022-03-25 23:03:56 +00:00
db_user = models.User(name=self.name)
db.refresh(db_user)
if db_user is None:
# nonexistent user, fake doing password verification
crypt_context.dummy_verify()
return False
if not crypt_context.verify(password, db_user.password):
# password hash mismatch
return False
self.from_orm(db_user)
return True
2022-03-20 13:14:12 +00:00
def update(
2022-03-19 19:24:43 +00:00
self,
db: Session,
2022-03-20 00:12:37 +00:00
) -> None:
2022-03-20 03:45:40 +00:00
"""
2022-03-20 13:14:12 +00:00
Update this user in the database.
2022-03-20 03:45:40 +00:00
"""
2022-03-25 23:03:56 +00:00
db_user = models.User(name=self.name)
db.refresh(db_user)
2022-03-20 13:14:12 +00:00
2022-03-25 23:03:56 +00:00
for capability in db_user.capabilities:
db.delete(capability)
2022-03-20 00:12:37 +00:00
2022-03-25 23:03:56 +00:00
db_user.capabilities = [
capability.model
for capability in self.capabilities
]
2022-03-23 00:39:19 +00:00
2022-03-20 00:12:37 +00:00
db.commit()
2022-03-23 13:25:00 +00:00
def delete(
self,
db: Session,
) -> bool:
"""
Delete this user from the database.
"""
2022-03-25 23:03:56 +00:00
db_user = models.User(name=self.name)
db.refresh(db_user)
if db_user is None:
2022-03-23 13:25:00 +00:00
# nonexistent user
return False
db.delete(db_user)
db.commit()
return True