~homeworkprod/byceps

ref: 4237b3ec9496efe95dcce82bea3207ab9de4d520 byceps/byceps/services/user/command_service.py -rw-r--r-- 9.2 KiB
4237b3ec — Jochen Kupperschmidt Move ticketing blueprint into `site` subpackage 1 year, 11 months ago
                                                                                
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
"""
byceps.services.user.command_service
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

:Copyright: 2006-2020 Jochen Kupperschmidt
:License: Modified BSD, see LICENSE for details.
"""

from datetime import date
from typing import Any, Optional

from ...database import db
from ...events.user import (
    UserAccountDeleted,
    UserAccountSuspended,
    UserAccountUnsuspended,
    UserDetailsUpdated,
    UserEmailAddressChanged,
    UserScreenNameChanged,
)
from ...typing import UserID

from ..authorization.models import RoleID
from ..authorization import service as authorization_service

from . import event_service
from .models.detail import UserDetail as DbUserDetail
from .models.event import UserEventData
from .models.user import User as DbUser
from . import service as user_service


def initialize_account(
    user_id: UserID,
    *,
    initiator_id: Optional[UserID] = None,
    assign_roles: bool = True,
) -> None:
    """Initialize the user account.

    This is meant to happen only once at most, and can not be undone.
    """
    user = _get_user(user_id)

    if user.initialized:
        raise ValueError(f'Account is already initialized.')

    user.initialized = True

    event_data = {}
    if initiator_id:
        event_data['initiator_id'] = str(initiator_id)
    event = event_service.build_event('user-initialized', user.id, event_data)
    db.session.add(event)

    db.session.commit()

    if assign_roles:
        _assign_roles(user.id, initiator_id=initiator_id)


def _assign_roles(
    user_id: UserID, *, initiator_id: Optional[UserID] = None
) -> None:
    board_user_role = authorization_service.find_role(RoleID('board_user'))

    authorization_service.assign_role_to_user(
        board_user_role.id, user_id, initiator_id=initiator_id
    )


def suspend_account(
    user_id: UserID, initiator_id: UserID, reason: str
) -> UserAccountSuspended:
    """Suspend the user account."""
    user = _get_user(user_id)

    user.suspended = True

    event = event_service.build_event(
        'user-suspended',
        user.id,
        {
            'initiator_id': str(initiator_id),
            'reason': reason,
        },
    )
    db.session.add(event)

    db.session.commit()

    return UserAccountSuspended(
        occurred_at=event.occurred_at,
        user_id=user.id,
        initiator_id=initiator_id,
    )


def unsuspend_account(
    user_id: UserID, initiator_id: UserID, reason: str
) -> UserAccountUnsuspended:
    """Unsuspend the user account."""
    user = _get_user(user_id)

    user.suspended = False

    event = event_service.build_event(
        'user-unsuspended',
        user.id,
        {
            'initiator_id': str(initiator_id),
            'reason': reason,
        },
    )
    db.session.add(event)

    db.session.commit()

    return UserAccountUnsuspended(
        occurred_at=event.occurred_at,
        user_id=user.id,
        initiator_id=initiator_id,
    )


def delete_account(
    user_id: UserID, initiator_id: UserID, reason: str
) -> UserAccountDeleted:
    """Delete the user account."""
    user = _get_user(user_id)

    user.deleted = True
    _anonymize_account(user)

    event = event_service.build_event(
        'user-deleted',
        user.id,
        {
            'initiator_id': str(initiator_id),
            'reason': reason,
        },
    )
    db.session.add(event)

    # Deassign authorization roles.
    authorization_service.deassign_all_roles_from_user(
        user.id, initiator_id, commit=False
    )

    db.session.commit()

    return UserAccountDeleted(
        occurred_at=event.occurred_at,
        user_id=user.id,
        initiator_id=initiator_id,
    )


def change_screen_name(
    user_id: UserID,
    new_screen_name: str,
    initiator_id: UserID,
    *,
    reason: Optional[str] = None,
) -> UserScreenNameChanged:
    """Change the user's screen name."""
    user = _get_user(user_id)

    old_screen_name = user.screen_name

    user.screen_name = new_screen_name

    event_data = {
        'old_screen_name': old_screen_name,
        'new_screen_name': new_screen_name,
        'initiator_id': str(initiator_id),
    }
    if reason:
        event_data['reason'] = reason

    event = event_service.build_event(
        'user-screen-name-changed', user.id, event_data
    )
    db.session.add(event)

    db.session.commit()

    return UserScreenNameChanged(
        occurred_at=event.occurred_at,
        user_id=user.id,
        initiator_id=initiator_id,
        old_screen_name=old_screen_name,
        new_screen_name=new_screen_name,
    )


def change_email_address(
    user_id: UserID,
    new_email_address: Optional[str],
    initiator_id: UserID,
    *,
    reason: Optional[str] = None,
) -> UserEmailAddressChanged:
    """Change the user's e-mail address."""
    user = _get_user(user_id)

    old_email_address = user.email_address

    user.email_address = new_email_address
    user.email_address_verified = False

    event_data = {
        'old_email_address': old_email_address,
        'new_email_address': new_email_address,
        'initiator_id': str(initiator_id),
    }
    if reason:
        event_data['reason'] = reason

    event = event_service.build_event(
        'user-email-address-changed', user.id, event_data
    )
    db.session.add(event)

    db.session.commit()

    return UserEmailAddressChanged(
        occurred_at=event.occurred_at,
        user_id=user.id,
        initiator_id=initiator_id,
    )


def update_user_details(
    user_id: UserID,
    first_names: str,
    last_name: str,
    date_of_birth: date,
    country: str,
    zip_code,
    city: str,
    street: str,
    phone_number: str,
    initiator_id: UserID,
) -> UserDetailsUpdated:
    """Update the user's details."""
    detail = _get_user_detail(user_id)

    old_first_names = detail.first_names
    old_last_name = detail.last_name
    old_date_of_birth = detail.date_of_birth
    old_country = detail.country
    old_zip_code = detail.zip_code
    old_city = detail.city
    old_street = detail.street
    old_phone_number = detail.phone_number

    detail.first_names = first_names
    detail.last_name = last_name
    detail.date_of_birth = date_of_birth
    detail.country = country
    detail.zip_code = zip_code
    detail.city = city
    detail.street = street
    detail.phone_number = phone_number

    event_data = {
        'initiator_id': str(initiator_id),
    }
    _add_if_different(event_data, 'first_names', old_first_names, first_names)
    _add_if_different(event_data, 'last_name', old_last_name, last_name)
    _add_if_different(
        event_data, 'date_of_birth', old_date_of_birth, date_of_birth
    )
    _add_if_different(event_data, 'country', old_country, country)
    _add_if_different(event_data, 'zip_code', old_zip_code, zip_code)
    _add_if_different(event_data, 'city', old_city, city)
    _add_if_different(event_data, 'street', old_street, street)
    _add_if_different(
        event_data, 'phone_number', old_phone_number, phone_number
    )
    event = event_service.build_event(
        'user-details-updated', user_id, event_data
    )
    db.session.add(event)

    db.session.commit()

    return UserDetailsUpdated(
        occurred_at=event.occurred_at,
        user_id=event.user_id,
        initiator_id=initiator_id,
    )


def _add_if_different(
    event_data: UserEventData, base_key_name: str, old_value: str, new_value
) -> None:
    if old_value != new_value:
        event_data[f'old_{base_key_name}'] = _to_str_if_not_none(old_value)
        event_data[f'new_{base_key_name}'] = _to_str_if_not_none(new_value)


def _to_str_if_not_none(value: Any) -> Optional[str]:
    return str(value) if (value is not None) else None


def set_user_detail_extra(user_id: UserID, key: str, value: str) -> None:
    """Set a value for a key in the user's detail extras map."""
    detail = _get_user_detail(user_id)

    if detail.extras is None:
        detail.extras = {}

    detail.extras[key] = value

    db.session.commit()


def remove_user_detail_extra(user_id: UserID, key: str) -> None:
    """Remove the entry with that key from the user's detail extras map."""
    detail = _get_user_detail(user_id)

    if (detail.extras is None) or (key not in detail.extras):
        return

    del detail.extras[key]
    db.session.commit()


def _anonymize_account(user: DbUser) -> None:
    """Remove user details from the account."""
    user.screen_name = None
    user.email_address = None
    user.legacy_id = None

    # Remove details.
    user.detail.first_names = None
    user.detail.last_name = None
    user.detail.date_of_birth = None
    user.detail.country = None
    user.detail.zip_code = None
    user.detail.city = None
    user.detail.street = None
    user.detail.phone_number = None

    # Remove avatar association.
    if user.avatar_selection is not None:
        db.session.delete(user.avatar_selection)


def _get_user(user_id: UserID) -> DbUser:
    """Return the user with that ID, or raise an exception."""
    return user_service.get_db_user(user_id)


def _get_user_detail(user_id: UserID) -> DbUserDetail:
    """Return the user's details, or raise an exception."""
    detail = DbUserDetail.query \
        .filter_by(user_id=user_id) \
        .one_or_none()

    if detail is None:
        raise ValueError(f"Unknown user ID '{user_id}'")

    return detail