Merge branch 'develop' into feature/add_csp

README.md

@@ -162,6 +162,8 @@ You can set environment variables in your OS, write on ```.env``` file or pass v
 | OIDC_RP_SCOPES | ```string``` | ```openid email``` | The OpenID Connect scopes to request during login.
 | CONNECT_GRPC_SERVER_URL | ```string``` | ```localhost:8002``` | Define grpc connect server url
 | CONNECT_CERTIFICATE_GRPC_CRT | ```string``` | ```None``` | Absolute certificate path for secure grpc communication
+| CONNECT_API_URL | ```string``` | ```None``` | Connect module api url
+| USE_GRPC | ```bool``` | ```False``` | Use connect gRPC clients
 | RECAPTCHA_SECRET_KEY | ```string``` | ```''``` | Token of the recaptcha used in the validation of a user's registration.
 | REPOSITORY_NLP_LOG_LIMIT | ```int``` | ```10000``` | Limit of query size to repository log.
 | REPOSITORY_RESTRICT_ACCESS_NLP_LOGS | ```list``` | ```[]``` | Restricts log access to a particular or multiple intelligences

bothub/api/grpc/repository/serializers.py

@@ -5,6 +5,8 @@
 from bothub.common.models import Repository
 from weni.protobuf.intelligence import repository_pb2
 
+from bothub.utils import internal_serializer_fields
+
 
 class RepositoryProtoSerializer(proto_serializers.ModelProtoSerializer):
     owner__nickname = serializers.SerializerMethodField()
@@ -15,26 +17,7 @@ class RepositoryProtoSerializer(proto_serializers.ModelProtoSerializer):
     class Meta:
         model = Repository
         proto_class = repository_pb2.Repository
-        fields = [
-            "uuid",
-            "name",
-            "slug",
-            "description",
-            "is_private",
-            "created_at",
-            "language",
-            "owner",
-            "algorithm",
-            "use_competing_intents",
-            "use_name_entities",
-            "use_analyze_char",
-            "owner__nickname",
-            "intents",
-            "categories",
-            "available_languages",
-            "categories_list",
-            "repository_type",
-        ]
+        fields = internal_serializer_fields
 
     def get_owner__nickname(self, repository: Repository):
         return repository.owner.nickname

bothub/api/v2/internal/connect_rest_client.py

@@ -0,0 +1,82 @@
+import requests
+import json
+from typing import List, Dict
+
+from django.conf import settings
+
+
+class ConnectRESTClient:
+    def __init__(self):
+        self.base_url = settings.CONNECT_API_URL
+        self.headers = {
+            "Content-Type": "application/json; charset: utf-8",
+            "Authorization": self.get_auth_token(),
+        }
+
+    def get_auth_token(self) -> str:
+        request = requests.post(
+            url=settings.OIDC_OP_TOKEN_ENDPOINT,
+            data={
+                "client_id": settings.OIDC_RP_CLIENT_ID,
+                "client_secret": settings.OIDC_RP_CLIENT_SECRET,
+                "grant_type": "client_credentials",
+            },
+        )
+        token = request.json().get("access_token")
+        return f"Bearer {token}"
+
+    def list_classifiers(
+        self, project_uuid: str, user_email: str
+    ) -> List[Dict[str, str]]:
+        request = requests.get(
+            url=f"{self.base_url}/v1/organization/project/list_classifier/",
+            headers=self.headers,
+            params={"project_uuid": project_uuid, "user_email": user_email},
+        )
+
+        return request.json()
+
+    def list_authorizations(self, project_uuid: str, user_email: str) -> List[str]:
+        classifiers = self.list_classifiers(
+            project_uuid=project_uuid, user_email=user_email
+        )
+
+        return [classifier.get("authorization_uuid") for classifier in classifiers]
+
+    def get_authorization_classifier(
+        self, project_uuid: str, authorization_uuid: str, user_email: str
+    ) -> str:
+        """
+        Recives a authorization UUID and returns the respective classifier UUID
+        """
+        classifiers = self.list_classifiers(project_uuid, user_email)
+        classifier = filter(
+            lambda classifier: classifier["authorization_uuid"] == authorization_uuid,
+            classifiers,
+        )
+
+        return classifier.get("uuid")
+
+    def remove_authorization(
+        self, project_uuid: str, authorization_uuid: str, user_email: str
+    ):
+        classifier_uuid = self.get_authorization_classifier(
+            project_uuid,
+            authorization_uuid,
+            user_email,
+        )
+        request = requests.delete(
+            url=f"{self.base_url}/v1/organization/project/destroy_classifier/",
+            headers=self.headers,
+            json=json.dumps({"uuid": classifier_uuid, "user_email": user_email}),
+        )
+
+        return request.json()
+
+    def create_classifier(self, **kwargs):
+        request = requests.post(
+            url=f"{self.base_url}/v1/organization/project/create_classifier/",
+            headers=self.headers,
+            json=json.dumps({**kwargs, "classifier_type": "bothub"}),
+        )
+        return request.json()

bothub/api/v2/internal/organization/permissions.py

@@ -0,0 +1,11 @@
+from rest_framework import permissions
+
+from bothub.utils import get_user
+
+
+class InternalOrganizationAdminHasPermission(permissions.BasePermission):
+    def has_object_permission(self, request, view, obj):
+        authorization = obj.organization.get_organization_authorization(
+            get_user(request.query_params.get("user_email", None))
+        )
+        return authorization.is_admin

bothub/api/v2/internal/organization/serializers.py

@@ -0,0 +1,83 @@
+from django.db.models import F
+from django.utils.translation import ugettext_lazy as _
+
+from rest_framework import serializers
+from rest_framework.exceptions import ValidationError
+
+from bothub.authentication.models import User
+from bothub.common.models import Organization, OrganizationAuthorization
+
+
+class OrganizationSerializer(serializers.ModelSerializer):
+
+    users = serializers.SerializerMethodField()
+
+    def get_users(self, org: Organization):
+        return list(
+            org.organization_authorizations.exclude(
+                role=OrganizationAuthorization.LEVEL_NOTHING
+            )
+            .annotate(
+                org_user_id=F("user__user_owner__pk"),
+                org_user_email=F("user__user_owner__email"),
+                org_user_nickname=F("user__user_owner__nickname"),
+                org_user_name=F("user__user_owner__name"),
+            )
+            .values(
+                "org_user_id", "org_user_email", "org_user_nickname", "org_user_name"
+            )
+        )
+
+    class Meta:
+        model = Organization
+        fields = ["id", "name", "users"]
+
+
+class OrgCreateSerializer(serializers.ModelSerializer):
+
+    organization_name = serializers.CharField()
+    user_email = serializers.CharField()
+
+    def validate_user_email(self, value: str) -> str:
+        try:
+            User.objects.get(email=value)
+        except User.DoesNotExist:
+            raise ValidationError(_("{} not found!").format(value))
+
+        return value
+
+    class Meta:
+        model = Organization
+        fields = ["organization_name", "user_email"]
+
+
+class OrgUpdateSerializer(serializers.ModelSerializer):
+
+    id = serializers.IntegerField()
+    name = serializers.CharField(required=False)
+
+    def validate_id(self, value):
+        try:
+            Organization.objects.get(pk=value)
+        except Organization.DoesNotExist:
+            raise ValidationError(f"{value} not found!")
+
+        return value
+
+    def save(self):
+        data = dict(self.validated_data)
+
+        org = Organization.objects.get(pk=data.get("id"))
+
+        updated_fields = self.get_updated_fields(data)
+
+        if updated_fields:
+            org.__dict__.update(**updated_fields)
+        org.save()
+
+    def get_updated_fields(self, data):
+        return {key: value for key, value in data.items() if key not in ["id"]}
+
+    class Meta:
+        model = Organization
+        fields = ["id", "name"]