Mirror
/
zulip
mirror of https://github.com/zulip/zulip.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
zulip/zerver/lib/users.py

414 lines
18 KiB
Python
Raw Normal View History

events: Extract user_data function from get_raw_user_data. This extracts the user_data inner function from get_raw_user_data as a reusable function. We intend to reuse it for cross-realm user dicts. A few changes were made while extracting it: * Renaming the UserProfile argument to acting_user, so we can do loops over a local user_profile variable. * Moved it to zerver.lib.users, as that's a more appropriate home for this function formatting data on users. * Simplified the calling convention for passing custom profile fields to reflect the fact that this function processes a single user (and is expected to be called in a loop).
2020-01-13 22:11:19 +01:00
from typing import Any, Dict, List, Optional, Tuple, Union, cast
users: Consolidate name change enforcement logic. This has the side effect of fixing an issue where one could edit a bot to have an invalid name.
2017-02-08 04:39:55 +01:00
models: Enforce stricter requirements on the full_name field. This changes the requirements for UserProfile to disallow some additional characters, with the overall goal of being able to use formataddr in send_mail.py. We don't need to be particularly careful in the database migration, because user full_names are not required to be unique.
2019-06-29 04:41:13 +02:00
import unicodedata
refactor: Cleanup actions.py and events.py in zerver/lib. This moves get_cross_realm_dicts (from zerver.lib.actions), get_raw_user_data and get_custom_profile_field_values (from zerver.lib.events) to zerver.lib.users.
2020-01-13 22:11:19 +01:00
from collections import defaultdict
models: Enforce stricter requirements on the full_name field. This changes the requirements for UserProfile to disallow some additional characters, with the overall goal of being able to use formataddr in send_mail.py. We don't need to be particularly careful in the database migration, because user full_names are not required to be unique.
2019-06-29 04:41:13 +02:00
events: Extract user_data function from get_raw_user_data. This extracts the user_data inner function from get_raw_user_data as a reusable function. We intend to reuse it for cross-realm user dicts. A few changes were made while extracting it: * Renaming the UserProfile argument to acting_user, so we can do loops over a local user_profile variable. * Moved it to zerver.lib.users, as that's a more appropriate home for this function formatting data on users. * Simplified the calling convention for passing custom profile fields to reflect the fact that this function processes a single user (and is expected to be called in a loop).
2020-01-13 22:11:19 +01:00
from django.conf import settings
cross_realm: Use bulk_get_users to fix handling of missing users. This fixes a regression in ae5ba7f4fdee91438238e2856f167fcf9b2d57e6, where Zulip would 500 if the newly added system bots didn't exist on the server. This also fixes a moderate size performance problem where we'd fetch 5 users from memcached or the database in a loop.
2017-11-16 02:28:50 +01:00
from django.db.models.query import QuerySet
users: Rewrite get_cross_realm_dicts to call format_user_row. This modifies get_cross_realm_dicts in zerver.lib.users to call format_user_row. This is done to remove current and prevent future inconsistencies between in the dictionary formats for get_raw_user_data and get_cross_realm_dicts. Implementation substantially rewritten by tabbott. Fixes #13638.
2020-01-14 18:19:35 +01:00
from django.forms.models import model_to_dict
users: Consolidate name change enforcement logic. This has the side effect of fixing an issue where one could edit a bot to have an invalid name.
2017-02-08 04:39:55 +01:00
from django.utils.translation import ugettext as _
users.py: Implement user_ids_to_users() by generic_bulk_cached_fetch(). Optimize users.user_ids_to_users() implementation by using generic_bulk_cached_fetch() to obtain user profiles
2018-04-04 18:38:37 +02:00
from zerver.lib.cache import generic_bulk_cached_fetch, user_profile_cache_key_id, \
users: Rewrite get_cross_realm_dicts to call format_user_row. This modifies get_cross_realm_dicts in zerver.lib.users to call format_user_row. This is done to remove current and prevent future inconsistencies between in the dictionary formats for get_raw_user_data and get_cross_realm_dicts. Implementation substantially rewritten by tabbott. Fixes #13638.
2020-01-14 18:19:35 +01:00
user_profile_by_id_cache_key, realm_user_dict_fields
users: Consolidate name change enforcement logic. This has the side effect of fixing an issue where one could edit a bot to have an invalid name.
2017-02-08 04:39:55 +01:00
from zerver.lib.request import JsonableError
events: Extract user_data function from get_raw_user_data. This extracts the user_data inner function from get_raw_user_data as a reusable function. We intend to reuse it for cross-realm user dicts. A few changes were made while extracting it: * Renaming the UserProfile argument to acting_user, so we can do loops over a local user_profile variable. * Moved it to zerver.lib.users, as that's a more appropriate home for this function formatting data on users. * Simplified the calling convention for passing custom profile fields to reflect the fact that this function processes a single user (and is expected to be called in a loop).
2020-01-13 22:11:19 +01:00
from zerver.lib.avatar import avatar_url, get_avatar_field
decorator: Extract OrganizationAdministratorRequired common exception. This eliminates significant code duplication of error messages for situations where an organization administrator is required.
2019-11-16 15:53:56 +01:00
from zerver.lib.exceptions import OrganizationAdministratorRequired
user-groups: Add create API endpoint. Significantly modified by tabbott for better security structure.
2017-11-01 10:04:16 +01:00
from zerver.models import UserProfile, Service, Realm, \
refactor: Cleanup actions.py and events.py in zerver/lib. This moves get_cross_realm_dicts (from zerver.lib.actions), get_raw_user_data and get_custom_profile_field_values (from zerver.lib.events) to zerver.lib.users.
2020-01-13 22:11:19 +01:00
get_user_profile_by_id_in_realm, CustomProfileFieldValue, \
get_realm_user_dicts, \
zerver/lib/users.py: Extract func `validate_user_custom_profile_data`. Extract function `validate_user_custom_profile_data` to validate user's custom profile field values according to field type.
2018-09-04 20:23:44 +02:00
CustomProfileField
users: Consolidate name change enforcement logic. This has the side effect of fixing an issue where one could edit a bot to have an invalid name.
2017-02-08 04:39:55 +01:00
Display error when creating embedded bot with incorrect config data. "incorrect" here means rejected by a bot's validate_config() method. A common scenario for this is validating API keys before the bot is created. If validate_config() fails, the bot will not be created.
2018-02-13 11:47:40 +01:00
from zulip_bots.custom_exceptions import ConfigValidationError
zerver/lib: Change use of typing.Text to str.
2018-05-11 01:40:23 +02:00
def check_full_name(full_name_raw: str) -> str:
users: Verify full names explicitly in user creation. This fixes an issue where users could be created with an invalid name (introduced only a couple commits ago when we added character set restrictions).
2017-02-08 04:51:01 +01:00
full_name = full_name_raw.strip()
if len(full_name) > UserProfile.MAX_NAME_LENGTH:
raise JsonableError(_("Name too long!"))
users: Ban names shorter than 3 characters. The empty string is not a reasonable name.
2017-05-12 04:21:49 +02:00
if len(full_name) < UserProfile.MIN_NAME_LENGTH:
raise JsonableError(_("Name too short!"))
models: Enforce stricter requirements on the full_name field. This changes the requirements for UserProfile to disallow some additional characters, with the overall goal of being able to use formataddr in send_mail.py. We don't need to be particularly careful in the database migration, because user full_names are not required to be unique.
2019-06-29 04:41:13 +02:00
for character in full_name:
if (unicodedata.category(character)[0] == 'C' or
character in UserProfile.NAME_INVALID_CHARS):
raise JsonableError(_("Invalid characters in name!"))
users: Verify full names explicitly in user creation. This fixes an issue where users could be created with an invalid name (introduced only a couple commits ago when we added character set restrictions).
2017-02-08 04:51:01 +01:00
return full_name
bots: Add basic documentation for duplicate bot names feature.
2018-10-25 02:01:34 +02:00
# NOTE: We don't try to absolutely prevent 2 bots from having the same
# name (e.g. you can get there by reactivating a deactivated bot after
# making a new bot with the same name). This is just a check designed
# to make it unlikely to happen by accident.
bots: Prevent bots from having duplicate full names. Bots are not allowed to use the same name as other users in the realm (either bot or human). This is kind of a big commit, but I wanted to combine the post/patch (aka add/edit) checks into one commit, since it's a change in policy that affects both codepaths. A lot of the noise is in tests. We had good coverage on the previous code, including some places like event testing where we were expediently not bothering to use different names for different bots in some longer tests. And then of course I test some new scenarios that are relevant with the new policy. There are two new functions: check_bot_name_available: very simple Django query check_change_bot_full_name: this diverges from the 3-line check_change_full_name, where the latter is still used for the "humans" use case And then we just call those in appropriate places. Note that there is still a loophole here where you can get two bots with the same name if you reactivate a bot named Fred that was inactive when the second bot named Fred was created. Also, we don't attempt to fix historical data. So this commit shouldn't be considered any kind of lockdown, it's just meant to help people from inadvertently creating two bots of the same name where they don't intend to. For more context, we are continuing to allow two human users in the same realm to have the same full name, and our code should generally be tolerant of that possibility. (A good example is our new mention syntax, which disambiguates same-named people using ids.) It's also worth noting that our web app client doesn't try to scrub full_name from its payload in situations where the user has actually only modified other fields in the "Edit bot" UI. Starting here we just handle this on the server, since it's easy to fix there, and even if we fixed it in the web app, there's no guarantee that other clients won't be just as brute force. It wasn't exactly broken before, but we'd needlessly write rows to audit tables. Fixes #10509
2018-09-27 19:25:18 +02:00
def check_bot_name_available(realm_id: int, full_name: str) -> None:
dup_exists = UserProfile.objects.filter(
realm_id=realm_id,
full_name=full_name.strip(),
is_active=True,
).exists()
if dup_exists:
raise JsonableError(_("Name is already in use!"))
zerver/lib: Change use of typing.Text to str.
2018-05-11 01:40:23 +02:00
def check_short_name(short_name_raw: str) -> str:
bots: Add validation to add_bot_backend to prevent empty short names Fixes #5487
2017-06-21 13:46:58 +02:00
short_name = short_name_raw.strip()
if len(short_name) == 0:
raise JsonableError(_("Bad name or username"))
return short_name
bot_config: Have check_valid_bot_config also take the bot_type. This is a prep commit to allow us to validate user provided bot config data using the same function for incoming webhook type bots alongside embedded bots (as opposed to creating a new function just for incoming webhook bots).
2019-08-17 19:06:51 +02:00
def check_valid_bot_config(bot_type: int, service_name: str,
config_data: Dict[str, str]) -> None:
bots: Allow incoming webhook bots to be configured via /bots. Without disturbing the flow of the existing code for configuring embedded bots too much, we now use the config_options feature to allow incoming webhook type bot to be configured via. the "/bots" endpoint of the API.
2019-08-18 12:56:21 +02:00
if bot_type == UserProfile.INCOMING_WEBHOOK_BOT:
from zerver.lib.integrations import WEBHOOK_INTEGRATIONS
config_options = None
for integration in WEBHOOK_INTEGRATIONS:
if integration.name == service_name:
# key: validator
config_options = {c[1]: c[2] for c in integration.config_options}
break
if not config_options:
raise JsonableError(_("Invalid integration '%s'.") % (service_name,))
missing_keys = set(config_options.keys()) - set(config_data.keys())
if missing_keys:
raise JsonableError(_("Missing configuration parameters: %s") % (
missing_keys,))
for key, validator in config_options.items():
value = config_data[key]
error = validator(key, value)
if error:
raise JsonableError(_("Invalid {} value {} ({})").format(
key, value, error))
elif bot_type == UserProfile.EMBEDDED_BOT:
bot_config: Have check_valid_bot_config also take the bot_type. This is a prep commit to allow us to validate user provided bot config data using the same function for incoming webhook type bots alongside embedded bots (as opposed to creating a new function just for incoming webhook bots).
2019-08-17 19:06:51 +02:00
try:
from zerver.lib.bot_lib import get_bot_handler
bot_handler = get_bot_handler(service_name)
if hasattr(bot_handler, 'validate_config'):
bot_handler.validate_config(config_data)
except ConfigValidationError:
# The exception provides a specific error message, but that
# message is not tagged translatable, because it is
# triggered in the external zulip_bots package.
# TODO: Think of some clever way to provide a more specific
# error message.
raise JsonableError(_("Invalid configuration data!"))
Display error when creating embedded bot with incorrect config data. "incorrect" here means rejected by a bot's validate_config() method. A common scenario for this is validating API keys before the bot is created. If validate_config() fails, the bot will not be created.
2018-02-13 11:47:40 +01:00
users: Move add_service to zerver.lib.users so it is reusable.
2018-06-01 17:25:15 +02:00
# Adds an outgoing webhook or embedded bot service.
def add_service(name: str, user_profile: UserProfile, base_url: Optional[str]=None,
interface: Optional[int]=None, token: Optional[str]=None) -> None:
Service.objects.create(name=name,
user_profile=user_profile,
base_url=base_url,
interface=interface,
token=token)
org settings: Add setting to prevent users from adding bots. Fixes: #7908.
2018-01-29 16:10:54 +01:00
def check_bot_creation_policy(user_profile: UserProfile, bot_type: int) -> None:
# Realm administrators can always add bot
if user_profile.is_realm_admin:
return
if user_profile.realm.bot_creation_policy == Realm.BOT_CREATION_EVERYONE:
return
if user_profile.realm.bot_creation_policy == Realm.BOT_CREATION_ADMINS_ONLY:
decorator: Extract OrganizationAdministratorRequired common exception. This eliminates significant code duplication of error messages for situations where an organization administrator is required.
2019-11-16 15:53:56 +01:00
raise OrganizationAdministratorRequired()
org settings: Add setting to prevent users from adding bots. Fixes: #7908.
2018-01-29 16:10:54 +01:00
if user_profile.realm.bot_creation_policy == Realm.BOT_CREATION_LIMIT_GENERIC_BOTS and \
bot_type == UserProfile.DEFAULT_BOT:
decorator: Extract OrganizationAdministratorRequired common exception. This eliminates significant code duplication of error messages for situations where an organization administrator is required.
2019-11-16 15:53:56 +01:00
raise OrganizationAdministratorRequired()
org settings: Add setting to prevent users from adding bots. Fixes: #7908.
2018-01-29 16:10:54 +01:00
settings: Limit the creation of generic bots. This commit adds a setting to limit creation of generic bots to admins for realms that want that restriction. (Generic bots, apart from being considered spammy on some realms, have less locked down permissions than webhook bots). Fixes #7066.
2017-11-24 16:24:24 +01:00
def check_valid_bot_type(user_profile: UserProfile, bot_type: int) -> None:
if bot_type not in user_profile.allowed_bot_types:
bots: Add UI for creating different types of bot. Add 'Type of bot' option for bots by adding dropdown option in settings->"Your bots". For now, this allows creating incoming webhook bots in addition to default bots. This will enable users to add a bot as an incoming webhook (in addition to add full-featured bots). With various minor tweaks and cleanups by tabbott. Fixes #2186.
2017-05-30 19:19:48 +02:00
raise JsonableError(_('Invalid bot type'))
bots: Add UI to select Slack compatible interface for webhooks. interface_type select menu will be used to choose the interface for outgoing webhooks. It will be displayed only when the selected bot type is OUTGOING WEBHOOK type. The default value is GENERIC interface type (1).
2017-07-03 18:35:12 +02:00
mypy: Clean zerver/views/users.py for strict-optional.
2018-06-01 17:47:50 +02:00
def check_valid_interface_type(interface_type: Optional[int]) -> None:
bots: Add UI to select Slack compatible interface for webhooks. interface_type select menu will be used to choose the interface for outgoing webhooks. It will be displayed only when the selected bot type is OUTGOING WEBHOOK type. The default value is GENERIC interface type (1).
2017-07-03 18:35:12 +02:00
if interface_type not in Service.ALLOWED_INTERFACE_TYPES:
raise JsonableError(_('Invalid interface type'))
user-groups: Add create API endpoint. Significantly modified by tabbott for better security structure.
2017-11-01 10:04:16 +01:00
cross_realm: Use bulk_get_users to fix handling of missing users. This fixes a regression in ae5ba7f4fdee91438238e2856f167fcf9b2d57e6, where Zulip would 500 if the newly added system bots didn't exist on the server. This also fixes a moderate size performance problem where we'd fetch 5 users from memcached or the database in a loop.
2017-11-16 02:28:50 +01:00
def bulk_get_users(emails: List[str], realm: Optional[Realm],
base_query: 'QuerySet[UserProfile]'=None) -> Dict[str, UserProfile]:
if base_query is None:
assert realm is not None
mypy: Introduce query variable in lib/users.py for clarity. This also avoids mypy showsing an error.
2018-03-22 18:36:10 +01:00
query = UserProfile.objects.filter(realm=realm, is_active=True)
bulk_get_users: Fix issues with users in multiple realms. The previous implementation had a subtle caching bug: because it was sharing its cache with the `get_user_profile_by_email` cache, if a user happened to have an email in that cache, we'd return it, even though that user didn't match `base_query`. This causes `get_cross_realm_users` to no longer have a problematic caching bug.
2017-11-27 23:33:13 +01:00
realm_id = realm.id
else:
bulk_get_users: Edit the cache keys to make them more unique. While at this point I was to rewrite this function, this at least plugs the issues for now.
2017-11-27 23:41:05 +01:00
# WARNING: Currently, this code path only really supports one
# version of `base_query` being used (because otherwise,
# they'll share the cache, which can screw up the filtering).
# If you're using this flow, you'll need to re-do any filters
# in base_query in the code itself; base_query is just a perf
# optimization.
mypy: Introduce query variable in lib/users.py for clarity. This also avoids mypy showsing an error.
2018-03-22 18:36:10 +01:00
query = base_query
bulk_get_users: Fix issues with users in multiple realms. The previous implementation had a subtle caching bug: because it was sharing its cache with the `get_user_profile_by_email` cache, if a user happened to have an email in that cache, we'd return it, even though that user didn't match `base_query`. This causes `get_cross_realm_users` to no longer have a problematic caching bug.
2017-11-27 23:33:13 +01:00
realm_id = 0
cross_realm: Use bulk_get_users to fix handling of missing users. This fixes a regression in ae5ba7f4fdee91438238e2856f167fcf9b2d57e6, where Zulip would 500 if the newly added system bots didn't exist on the server. This also fixes a moderate size performance problem where we'd fetch 5 users from memcached or the database in a loop.
2017-11-16 02:28:50 +01:00
def fetch_users_by_email(emails: List[str]) -> List[UserProfile]:
# This should be just
#
# UserProfile.objects.select_related("realm").filter(email__iexact__in=emails,
# realm=realm)
#
# But chaining __in and __iexact doesn't work with Django's
# ORM, so we have the following hack to construct the relevant where clause
upper_list = ", ".join(["UPPER(%s)"] * len(emails))
where_clause = "UPPER(zerver_userprofile.email::text) IN (%s)" % (upper_list,)
mypy: Introduce query variable in lib/users.py for clarity. This also avoids mypy showsing an error.
2018-03-22 18:36:10 +01:00
return query.select_related("realm").extra(
cross_realm: Use bulk_get_users to fix handling of missing users. This fixes a regression in ae5ba7f4fdee91438238e2856f167fcf9b2d57e6, where Zulip would 500 if the newly added system bots didn't exist on the server. This also fixes a moderate size performance problem where we'd fetch 5 users from memcached or the database in a loop.
2017-11-16 02:28:50 +01:00
where=[where_clause],
params=emails)
cache: Fix typing for generic_bulk_cached_fetch. The typing for generic_bulk_cached_fetch is complicated, and was recorded incorrectly previously for the case where a cache_transformer function is required. We fix this by adding the new CacheItemT, and additionally add comments explaining what's going on with these types for future reference. Thanks to Mateusz Mandera for raising this issue.
2019-08-08 21:34:06 +02:00
def user_to_email(user_profile: UserProfile) -> str:
return user_profile.email.lower()
cross_realm: Use bulk_get_users to fix handling of missing users. This fixes a regression in ae5ba7f4fdee91438238e2856f167fcf9b2d57e6, where Zulip would 500 if the newly added system bots didn't exist on the server. This also fixes a moderate size performance problem where we'd fetch 5 users from memcached or the database in a loop.
2017-11-16 02:28:50 +01:00
return generic_bulk_cached_fetch(
bulk_get_users: Edit the cache keys to make them more unique. While at this point I was to rewrite this function, this at least plugs the issues for now.
2017-11-27 23:41:05 +01:00
# Use a separate cache key to protect us from conflicts with
# the get_user cache.
lambda email: 'bulk_get_users:' + user_profile_cache_key_id(email, realm_id),
cross_realm: Use bulk_get_users to fix handling of missing users. This fixes a regression in ae5ba7f4fdee91438238e2856f167fcf9b2d57e6, where Zulip would 500 if the newly added system bots didn't exist on the server. This also fixes a moderate size performance problem where we'd fetch 5 users from memcached or the database in a loop.
2017-11-16 02:28:50 +01:00
fetch_users_by_email,
[email.lower() for email in emails],
cache: Fix typing for generic_bulk_cached_fetch. The typing for generic_bulk_cached_fetch is complicated, and was recorded incorrectly previously for the case where a cache_transformer function is required. We fix this by adding the new CacheItemT, and additionally add comments explaining what's going on with these types for future reference. Thanks to Mateusz Mandera for raising this issue.
2019-08-08 21:34:06 +02:00
id_fetcher=user_to_email,
cross_realm: Use bulk_get_users to fix handling of missing users. This fixes a regression in ae5ba7f4fdee91438238e2856f167fcf9b2d57e6, where Zulip would 500 if the newly added system bots didn't exist on the server. This also fixes a moderate size performance problem where we'd fetch 5 users from memcached or the database in a loop.
2017-11-16 02:28:50 +01:00
)
user-groups: Add create API endpoint. Significantly modified by tabbott for better security structure.
2017-11-01 10:04:16 +01:00
def user_ids_to_users(user_ids: List[int], realm: Realm) -> List[UserProfile]:
# TODO: Consider adding a flag to control whether deactivated
# users should be included.
users.py: Implement user_ids_to_users() by generic_bulk_cached_fetch(). Optimize users.user_ids_to_users() implementation by using generic_bulk_cached_fetch() to obtain user profiles
2018-04-04 18:38:37 +02:00
def fetch_users_by_id(user_ids: List[int]) -> List[UserProfile]:
return list(UserProfile.objects.filter(id__in=user_ids).select_related())
user_profiles_by_id = generic_bulk_cached_fetch(
cache_key_function=user_profile_by_id_cache_key,
query_function=fetch_users_by_id,
object_ids=user_ids
) # type: Dict[int, UserProfile]
found_user_ids = user_profiles_by_id.keys()
missed_user_ids = [user_id for user_id in user_ids if user_id not in found_user_ids]
if missed_user_ids:
lint: Fix calls to _() on computed strings. Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2019-04-20 03:49:03 +02:00
raise JsonableError(_("Invalid user ID: %s") % (missed_user_ids[0],))
users.py: Implement user_ids_to_users() by generic_bulk_cached_fetch(). Optimize users.user_ids_to_users() implementation by using generic_bulk_cached_fetch() to obtain user profiles
2018-04-04 18:38:37 +02:00
user_profiles = list(user_profiles_by_id.values())
for user_profile in user_profiles:
user-groups: Add create API endpoint. Significantly modified by tabbott for better security structure.
2017-11-01 10:04:16 +01:00
if user_profile.realm != realm:
lint: Fix calls to _() on computed strings. Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2019-04-20 03:49:03 +02:00
raise JsonableError(_("Invalid user ID: %s") % (user_profile.id,))
user-groups: Add create API endpoint. Significantly modified by tabbott for better security structure.
2017-11-01 10:04:16 +01:00
return user_profiles
users: Replace duplication with generic func to validate bot id. This adds a common function `access_bot_by_id` to access bot id within same realm. It probably fixes some corner case bugs where we weren't checking for deactivated bots when regenerating API keys.
2018-05-28 20:42:31 +02:00
def access_bot_by_id(user_profile: UserProfile, user_id: int) -> UserProfile:
try:
target = get_user_profile_by_id_in_realm(user_id, user_profile.realm)
except UserProfile.DoesNotExist:
raise JsonableError(_("No such bot"))
if not target.is_bot:
raise JsonableError(_("No such bot"))
if not user_profile.can_admin_user(target):
raise JsonableError(_("Insufficient permission"))
return target
users: Replace duplication with generic func to validate user id. This adds a common function `access_user_by_id` to access user id within same realm, complete with a full suite of unit tests. Tweaked by tabbott to make the test much more readable.
2018-06-04 07:04:19 +02:00
def access_user_by_id(user_profile: UserProfile, user_id: int,
allow_deactivated: bool=False, allow_bots: bool=False) -> UserProfile:
try:
target = get_user_profile_by_id_in_realm(user_id, user_profile.realm)
except UserProfile.DoesNotExist:
raise JsonableError(_("No such user"))
if target.is_bot and not allow_bots:
raise JsonableError(_("No such user"))
if not target.is_active and not allow_deactivated:
raise JsonableError(_("User is deactivated"))
if not user_profile.can_admin_user(target):
raise JsonableError(_("Insufficient permission"))
return target
signup: Create get_accounts_for_email function.
2018-06-19 10:55:56 +02:00
def get_accounts_for_email(email: str) -> List[Dict[str, Optional[str]]]:
email: Convert accounts code to use delivery_email. A key part of this is the new helper, get_user_by_delivery_email. Its verbose name is important for clarity; it should help avoid blind copy-pasting of get_user (which we'll also want to rename). Unfortunately, it requires detailed understanding of the context to figure out which one to use; each is used in about half of call sites. Another important note is that this PR doesn't migrate get_user calls in the tests except where not doing so would cause the tests to fail. This probably deserves a follow-up refactor to avoid bugs here.
2018-12-07 00:05:57 +01:00
profiles = UserProfile.objects.select_related('realm').filter(delivery_email__iexact=email.strip(),
signup: Create get_accounts_for_email function.
2018-06-19 10:55:56 +02:00
is_active=True,
signup: Set oldest account as default option in import settings. Fixes: #11018
2018-12-25 13:45:01 +01:00
realm__deactivated=False,
is_bot=False).order_by('date_joined')
signup: Create get_accounts_for_email function.
2018-06-19 10:55:56 +02:00
return [{"realm_name": profile.realm.name,
"string_id": profile.realm.string_id,
"full_name": profile.full_name,
"avatar": avatar_url(profile)}
for profile in profiles]
users: Get all API keys via wrapper method. Now reading API keys from a user is done with the get_api_key wrapper method, rather than directly fetching it from the user object. Also, every place where an action should be done for each API key is now using get_all_api_keys. This method returns for the moment a single-item list, containing the specified user's API key. This commit is the first step towards allowing users have multiple API keys.
2018-08-01 10:53:40 +02:00
def get_api_key(user_profile: UserProfile) -> str:
return user_profile.api_key
def get_all_api_keys(user_profile: UserProfile) -> List[str]:
# Users can only have one API key for now
return [user_profile.api_key]
zerver/lib/users.py: Extract func `validate_user_custom_profile_data`. Extract function `validate_user_custom_profile_data` to validate user's custom profile field values according to field type.
2018-09-04 20:23:44 +02:00
lib: Extract `validate_user_custom_profile_field()`.
2019-01-28 20:08:04 +01:00
def validate_user_custom_profile_field(realm_id: int, field: CustomProfileField,
value: Union[int, str, List[int]]) -> Optional[str]:
validators = CustomProfileField.FIELD_VALIDATORS
field_type = field.field_type
var_name = '{}'.format(field.name)
if field_type in validators:
validator = validators[field_type]
result = validator(var_name, value)
elif field_type == CustomProfileField.CHOICE:
choice_field_validator = CustomProfileField.CHOICE_FIELD_VALIDATORS[field_type]
field_data = field.field_data
# Put an assertion so that mypy doesn't complain.
assert field_data is not None
result = choice_field_validator(var_name, field_data, value)
elif field_type == CustomProfileField.USER:
user_field_validator = CustomProfileField.USER_FIELD_VALIDATORS[field_type]
result = user_field_validator(realm_id, cast(List[int], value), False)
else:
raise AssertionError("Invalid field type")
return result
zerver/lib/users.py: Extract func `validate_user_custom_profile_data`. Extract function `validate_user_custom_profile_data` to validate user's custom profile field values according to field type.
2018-09-04 20:23:44 +02:00
def validate_user_custom_profile_data(realm_id: int,
profile_data: List[Dict[str, Union[int, str, List[int]]]]) -> None:
# This function validate all custom field values according to their field type.
for item in profile_data:
field_id = item['id']
try:
field = CustomProfileField.objects.get(id=field_id)
except CustomProfileField.DoesNotExist:
raise JsonableError(_('Field id {id} not found.').format(id=field_id))
lib: Extract `validate_user_custom_profile_field()`.
2019-01-28 20:08:04 +01:00
result = validate_user_custom_profile_field(realm_id, field, item['value'])
zerver/lib/users.py: Extract func `validate_user_custom_profile_data`. Extract function `validate_user_custom_profile_data` to validate user's custom profile field values according to field type.
2018-09-04 20:23:44 +02:00
if result is not None:
raise JsonableError(result)
home: Extract compute_show_invites_and_add_streams. This extracts a function for computing show_invites and show_add_streams, for better readability and testability. This commit was substantially cleaned up by tabbott.
2020-01-13 18:47:30 +01:00
def compute_show_invites_and_add_streams(user_profile: UserProfile) -> Tuple[bool, bool]:
show_invites = True
show_add_streams = True
# Some realms only allow admins to invite users
if user_profile.realm.invite_by_admins_only and not user_profile.is_realm_admin:
show_invites = False
if user_profile.is_guest:
show_invites = False
show_add_streams = False
return (show_invites, show_add_streams)
events: Extract user_data function from get_raw_user_data. This extracts the user_data inner function from get_raw_user_data as a reusable function. We intend to reuse it for cross-realm user dicts. A few changes were made while extracting it: * Renaming the UserProfile argument to acting_user, so we can do loops over a local user_profile variable. * Moved it to zerver.lib.users, as that's a more appropriate home for this function formatting data on users. * Simplified the calling convention for passing custom profile fields to reflect the fact that this function processes a single user (and is expected to be called in a loop).
2020-01-13 22:11:19 +01:00
def format_user_row(realm: Realm, acting_user: UserProfile, row: Dict[str, Any],
client_gravatar: bool,
custom_profile_field_data: Optional[Dict[str, Any]] = None) -> Dict[str, Any]:
"""Formats a user row returned by a database fetch using
.values(*realm_user_dict_fields) into a dictionary representation
of that user for API delivery to clients. The acting_user
argument is used for permissions checks.
"""
avatar_url = get_avatar_field(user_id=row['id'],
realm_id=realm.id,
email=row['delivery_email'],
avatar_source=row['avatar_source'],
avatar_version=row['avatar_version'],
medium=False,
client_gravatar=client_gravatar,)
is_admin = row['role'] == UserProfile.ROLE_REALM_ADMINISTRATOR
is_guest = row['role'] == UserProfile.ROLE_GUEST
is_bot = row['is_bot']
# This format should align with get_cross_realm_dicts() and notify_created_user
result = dict(
email=row['email'],
user_id=row['id'],
avatar_url=avatar_url,
is_admin=is_admin,
is_guest=is_guest,
is_bot=is_bot,
full_name=row['full_name'],
timezone=row['timezone'],
is_active = row['is_active'],
date_joined = row['date_joined'].isoformat(),
)
if (realm.email_address_visibility == Realm.EMAIL_ADDRESS_VISIBILITY_ADMINS and
acting_user.is_realm_admin):
result['delivery_email'] = row['delivery_email']
if is_bot:
result["bot_type"] = row["bot_type"]
if row['email'] in settings.CROSS_REALM_BOT_EMAILS:
result['is_cross_realm_bot'] = True
# Note that bot_owner_id can be None with legacy data.
result['bot_owner_id'] = row['bot_owner_id']
elif custom_profile_field_data is not None:
result['profile_data'] = custom_profile_field_data
return result
refactor: Cleanup actions.py and events.py in zerver/lib. This moves get_cross_realm_dicts (from zerver.lib.actions), get_raw_user_data and get_custom_profile_field_values (from zerver.lib.events) to zerver.lib.users.
2020-01-13 22:11:19 +01:00
users: Use format_user_row in events system as well. This completes the deduplication of our logic for turning users into dictionaries in the Zulip API.
2020-01-31 23:41:41 +01:00
def user_profile_to_user_row(user_profile: UserProfile) -> Dict[str, Any]:
# What we're trying to do is simulate the user_profile having been
# fetched from a QuerySet using `.values(*realm_user_dict_fields)`
# even though we fetched UserProfile objects. This is messier
# than it seems.
#
# What we'd like to do is just call model_to_dict(user,
# fields=realm_user_dict_fields). The problem with this is
# that model_to_dict has a different convention than
# `.values()` in its handling of foreign keys, naming them as
# e.g. `bot_owner`, not `bot_owner_id`; we work around that
# here.
#
# This could be potentially simplified in the future by
# changing realm_user_dict_fields to name the bot owner with
# the less readable `bot_owner` (instead of `bot_owner_id`).
user_row = model_to_dict(user_profile,
fields=realm_user_dict_fields + ['bot_owner'])
user_row['bot_owner_id'] = user_row['bot_owner']
del user_row['bot_owner']
return user_row
users: Rewrite get_cross_realm_dicts to call format_user_row. This modifies get_cross_realm_dicts in zerver.lib.users to call format_user_row. This is done to remove current and prevent future inconsistencies between in the dictionary formats for get_raw_user_data and get_cross_realm_dicts. Implementation substantially rewritten by tabbott. Fixes #13638.
2020-01-14 18:19:35 +01:00
users: Use format_user_row in events system as well. This completes the deduplication of our logic for turning users into dictionaries in the Zulip API.
2020-01-31 23:41:41 +01:00
def get_cross_realm_dicts() -> List[Dict[str, Any]]:
refactor: Cleanup actions.py and events.py in zerver/lib. This moves get_cross_realm_dicts (from zerver.lib.actions), get_raw_user_data and get_custom_profile_field_values (from zerver.lib.events) to zerver.lib.users.
2020-01-13 22:11:19 +01:00
users = bulk_get_users(list(settings.CROSS_REALM_BOT_EMAILS), None,
base_query=UserProfile.objects.filter(
users: Rewrite get_cross_realm_dicts to call format_user_row. This modifies get_cross_realm_dicts in zerver.lib.users to call format_user_row. This is done to remove current and prevent future inconsistencies between in the dictionary formats for get_raw_user_data and get_cross_realm_dicts. Implementation substantially rewritten by tabbott. Fixes #13638.
2020-01-14 18:19:35 +01:00
realm__string_id=settings.SYSTEM_BOT_REALM)).values()
result = []
for user in users:
# Important: We filter here, is addition to in
# `base_query`, because of how bulk_get_users shares its
# cache with other UserProfile caches.
if user.realm.string_id != settings.SYSTEM_BOT_REALM:
continue
users: Use format_user_row in events system as well. This completes the deduplication of our logic for turning users into dictionaries in the Zulip API.
2020-01-31 23:41:41 +01:00
user_row = user_profile_to_user_row(user)
# Because we want to avoid clients becing exposed to the
# implementation detail that these bots are self-owned, we
# just set bot_owner_id=None.
users: Rewrite get_cross_realm_dicts to call format_user_row. This modifies get_cross_realm_dicts in zerver.lib.users to call format_user_row. This is done to remove current and prevent future inconsistencies between in the dictionary formats for get_raw_user_data and get_cross_realm_dicts. Implementation substantially rewritten by tabbott. Fixes #13638.
2020-01-14 18:19:35 +01:00
user_row['bot_owner_id'] = None
result.append(format_user_row(user.realm,
acting_user=user,
row=user_row,
client_gravatar=False,
custom_profile_field_data=None))
return result
refactor: Cleanup actions.py and events.py in zerver/lib. This moves get_cross_realm_dicts (from zerver.lib.actions), get_raw_user_data and get_custom_profile_field_values (from zerver.lib.events) to zerver.lib.users.
2020-01-13 22:11:19 +01:00
def get_custom_profile_field_values(realm_id: int) -> Dict[int, Dict[str, Any]]:
# TODO: Consider optimizing this query away with caching.
custom_profile_field_values = CustomProfileFieldValue.objects.select_related(
"field").filter(user_profile__realm_id=realm_id)
profiles_by_user_id = defaultdict(dict) # type: Dict[int, Dict[str, Any]]
for profile_field in custom_profile_field_values:
user_id = profile_field.user_profile_id
if profile_field.field.is_renderable():
profiles_by_user_id[user_id][profile_field.field_id] = {
"value": profile_field.value,
"rendered_value": profile_field.rendered_value
}
else:
profiles_by_user_id[user_id][profile_field.field_id] = {
"value": profile_field.value
}
return profiles_by_user_id
def get_raw_user_data(realm: Realm, user_profile: UserProfile, client_gravatar: bool,
include_custom_profile_fields: bool=True) -> Dict[int, Dict[str, str]]:
user_dicts = get_realm_user_dicts(realm.id)
profiles_by_user_id = None
custom_profile_field_data = None
if include_custom_profile_fields:
profiles_by_user_id = get_custom_profile_field_values(realm.id)
result = {}
for row in user_dicts:
if profiles_by_user_id is not None:
custom_profile_field_data = profiles_by_user_id.get(row['id'], {})
result[row['id']] = format_user_row(realm,
acting_user = user_profile,
row=row,
client_gravatar= client_gravatar,
custom_profile_field_data = custom_profile_field_data
)
return result