Merge branch 'main' into 675-add-e2e-tests-to-ci

hackforla · Jun 26, 2024 · 3f0740a · 3f0740a
2 parents 811a1f0 + 9ddb4cd
commit 3f0740a
Show file tree

Hide file tree

Showing 66 changed files with 2,528 additions and 957 deletions.
diff --git a/.github/ISSUE_TEMPLATE/post-an-open-role.md b/.github/ISSUE_TEMPLATE/post-an-open-role.md
@@ -0,0 +1,12 @@
+---
+name: Post an open role
+about: Recruit volunteers for specific open roles template
+title: 'HUU: Open Role for: [Replace with NAME OF ROLE]'
+labels: 'Complexity: Small, feature: recruitment, role: missing'
+assignees: ''
+
+---
+
+<img src="https://user-images.githubusercontent.com/26660349/114799694-38cb3a80-9d66-11eb-8b08-78bdc1b653b3.png" />
+
+[INSERT DRAFT FROM THE Recruit volunteers for team open roles issue]
diff --git a/api/openapi_server/configs/mock_aws.py b/api/openapi_server/configs/mock_aws.py
@@ -5,7 +5,7 @@
 from flask import request
 
 from openapi_server.exceptions import AuthError
-from openapi_server.controllers.admin_controller import removeUser
+from openapi_server.controllers.admin_controller import remove_user
 from openapi_server.controllers.auth_controller import signUpAdmin
 
 class AWSTemporaryUserpool():
@@ -118,7 +118,7 @@ def create_test_users(self):
             email = user["email"]
 
             try:
-                removeUser({"email": email})
+                remove_user({"email": email})
             except AuthError:
                 # This error is expected if the local database
                 # Does not have the test user yet. We can ignore it.

diff --git a/api/openapi_server/configs/staging.py b/api/openapi_server/configs/staging.py
@@ -5,7 +5,7 @@
 @dataclass(frozen=True)
 class StagingHUUConfig(HUUConfig):
     ENV: str = "staging"
-    FLASK_DEBUG: bool = False
+    FLASK_DEBUG: bool = True
     TESTING: bool = False 
     SECRET_KEY: str = secret_str_field()
     DATABASE_URL: str = "sqlite:///./homeuniteus.db"

diff --git a/api/openapi_server/controllers/admin_controller.py b/api/openapi_server/controllers/admin_controller.py
@@ -1,15 +1,18 @@
 
 import connexion
+import jwt
 from sqlalchemy.exc import IntegrityError
 from flask import session, current_app
 
 from openapi_server.controllers import auth_controller
 from openapi_server.exceptions import AuthError
 from openapi_server.models.database import DataAccessLayer, User
+from openapi_server.repositories.user_repo import UserRepository
+from openapi_server.models.schema import user_schema
 import botocore
 
-def initial_sign_in_reset_password(): 
-    """Sets initial password.
+def new_password(): 
+    """Sets new password.
      
     Removes auto generated password and replaces with 
     user assigned password. Used for account setup.
@@ -38,24 +41,37 @@ def initial_sign_in_reset_password():
 
         )
     except Exception as e:  
-        print(e)
         raise AuthError({"message": "failed to change password"}, 500) from e
 
     access_token = response['AuthenticationResult']['AccessToken']
     refresh_token = response['AuthenticationResult']['RefreshToken']
+    id_token = response['AuthenticationResult']['IdToken']
 
-    user_data = current_app.boto_client.get_user(AccessToken=access_token)
-    user = auth_controller.get_user_attr(user_data)
+    decoded_id_token = jwt.decode(id_token, algorithms=["RS256"], options={"verify_signature": False})
+
+    try:
+        with DataAccessLayer.session() as db_session:
+            user_repo = UserRepository(db_session)
+            signed_in_user = user_repo.get_user(decoded_id_token['email'])
+            user = user_schema.dump(signed_in_user)
+    except Exception as e:
+        current_app.logger.info('Failed to retrieve user: %s from db', decoded_id_token['email'])
+        raise AuthError({
+            'code': 'database_error',
+            'message': str(e)
+        }, 401)
 
     session['refresh_token'] = refresh_token
+    session['id_token'] = id_token
+    session['username'] = decoded_id_token['email']
 
     # return user data json
     return {
         'token': access_token,
         'user': user
     }
 
-def removeUser(body: dict):
+def remove_user(body: dict, removeDB: bool = True, removeCognito: bool = True):
     '''
     Remove a user from connected database and AWS Cognito user pool.
     This method is only available to admin users.
@@ -64,11 +80,26 @@ def removeUser(body: dict):
     {
         "email": "EMAIL_TO_REMOVE"
     }
-    '''   
-    with DataAccessLayer.session() as session:
-        user = session.query(User).filter_by(email=body['email']).first()
-        if user:
-            session.delete(user)
+    Function takes removeDB and removeCognito params to specificy 
+    where the user is removed from. By default, the user is removed from both.
+    '''
+    if not removeDB and not removeCognito:
+        print("User was not deleted in Database nor Cognito")
+    if removeDB:   
+        with DataAccessLayer.session() as session:
+            user = session.query(User).filter_by(email=body['email']).first()
+            if user:
+                session.delete(user)
+            try:
+                session.commit()
+            except IntegrityError:
+                session.rollback()
+                # Since we're deleting, an IntegrityError might indicate a different problem
+                # Adjust the error message accordingly
+                raise AuthError({
+                    "message": "Could not delete the user due to a database integrity constraint."
+                }, 422)
+    if removeCognito:
         try:
             session.commit()
         except IntegrityError:
@@ -99,4 +130,4 @@ def health():
     The health check endpoint always returns a successful status code.
     This is useful for determining whether the API startup was successful.
     '''
-    return 'API is healthy 😎', 200
+    return 'API is healthy 😎', 200