-
Notifications
You must be signed in to change notification settings - Fork 19
/
account.py
113 lines (99 loc) · 4.28 KB
/
account.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
from enum import Enum
from microsetta_private_api.model.model_base import ModelBase
from microsetta_private_api.model.address import Address
class AuthorizationMatch(Enum):
FULL_MATCH = 0
LEGACY_MATCH = 1
AUTH_ONLY_MATCH = 2
NO_MATCH = 3
class Account(ModelBase):
@staticmethod
def from_dict(input_dict, auth_iss, auth_sub):
result = Account(
input_dict["id"],
input_dict['email'],
# NOTICE: input_dict is passed by users,
# we obviously cannot let them declare themselves to be admins :D
"standard",
auth_iss,
auth_sub,
input_dict['first_name'],
input_dict['last_name'],
Address(
input_dict['address']['street'],
input_dict['address']['city'],
input_dict['address']['state'],
input_dict['address']['post_code'],
input_dict['address']['country_code']
),
input_dict['kit_name'],
input_dict['language']
)
return result
def __init__(self, account_id, email,
account_type, auth_issuer, auth_sub,
first_name, last_name,
address, created_with_kit_id,
language,
creation_time=None, update_time=None):
self.id = account_id
self.email = email
self.account_type = account_type
self.auth_issuer = auth_issuer
self.auth_sub = auth_sub
self.first_name = first_name
self.last_name = last_name
self.address = address
self.created_with_kit_id = created_with_kit_id
self.creation_time = creation_time
self.update_time = update_time
self.language = language
def to_api(self):
# api is not given the auth_issuer or auth_sub
return {
"account_id": self.id,
"first_name": self.first_name,
"last_name": self.last_name,
"email": self.email,
"address": self.address.to_api(),
"account_type": self.account_type,
"language": self.language,
"creation_time": self.creation_time,
"update_time": self.update_time,
"kit_name": self.created_with_kit_id
}
def account_matches_auth(self, email, auth_issuer, auth_sub):
# Return values:
# AuthorizationMatch.FULL_MATCH: email, auth_issuer, and auth_sub on
# account all match inputs
# AuthorizationMatch.LEGACY_MATCH: email in account and input match,
# but BOTH auth_sub and auth_iss in account are None
# AuthorizationMatch.AUTH_ONLY_MATCH: auth_issuer and auth_sub on
# account are both non-null and both match those in input, but email in
# account mismatches input
# AuthorizationMatch.NO_MATCH: Any other situation, such as none of
# email, auth_issuer, and auth_sub on account match input; or email in
# account and input match, but auth_sub and auth_iss on account are
# both non-null and one or both of them mismatches input; or any weird
# inconsistent case such as one but not both of auth_issuer and
# auth_sub on account being null.
# check if emails match
email_matches = self.email == email
auth_info_null = (self.auth_issuer is None and
self.auth_sub is None)
# check auth_iss and auth_sub for account (and require non-nulls)
auth_info_matches = (not auth_info_null and
self.auth_issuer == auth_issuer and
self.auth_sub == auth_sub)
if auth_info_matches and email_matches:
# everything matches: happy path!
return AuthorizationMatch.FULL_MATCH
if auth_info_null and email_matches:
# legacy account--emails match but has no auth info
return AuthorizationMatch.LEGACY_MATCH
if auth_info_matches and not email_matches:
# maybe this account has no email associated with it in our db,
# or maybe the user changed their email with the auth provider
# but DIDN'T change it with us.
return AuthorizationMatch.AUTH_ONLY_MATCH
return AuthorizationMatch.NO_MATCH