ositah 24.4.dev1__py3-none-any.whl → 24.7.dev1__py3-none-any.whl

ositah/static/style.css

@@ -1,54 +0,0 @@
-/* CSS for the validation part of OSITAH */
-
-div.login_page {
-    margin-left: 50px;
-}
-
-div.login_form_field {
-    font-weight: bold;
-    margin-top: 20px;
-}
-
-input.login_button {
-    margin-top: 30px;
-    margin-left: 45px;
-}
-
-ul.flash-message {
-    display: inline-block;
-    list-style-type: none;
-    padding-left: 0;
-}
-
-
-/* CSS for Dash components */
-
-.team_list_dropdown {
-   margin-top: 15px;
-}
-
-.validated_hito_missing {
-   background-color: tomato;
-}
-
-table.sortable th::after, th.sorttable_sorted::after, th.sorttable_sorted_reverse::after {
-  content: " ";
-  display: inline-block;
-  width: 24px;
-  height: 24px;
-}
-
-table.sortable th:not(.sorttable_sorted):not(.sorttable_sorted_reverse):not(.sorttable_nosort):after {
-  content: url("arrow_down_up.svg");
-}
-
-th.sorttable_sorted::after {
-  background: url("sort_ascending.svg");
-  background-size: contain;
-}
-th.sorttable_sorted_reverse::after {
-  background: url("sort_descending.svg");
-  background-size: cover;
-}
-
-#sorttable_sortfwdind, #sorttable_sortrevind { display: none; }

ositah/templates/base.html

@@ -1,22 +0,0 @@
-<!doctype html>
-<html>
-<head>
-  <meta charset="UTF-8">
-  <title>OSITAH Login page</title>
-  <link rel="stylesheet" href="https://stackpath.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css">
-  <link rel="stylesheet" href="{{ url_for('static', filename='style.css') }}">
-</head>
-<body>
-    {% with messages = get_flashed_messages(with_categories=True) %}
-        {% if messages %}
-            <ul class="bg-warning flash-message">
-                {%- for category, message in messages %}
-                    <li>{{ category }}: {{ message }}</li>
-                {% endfor -%}
-            </ul>
-        {% endif %}
-    {% endwith %}
-
-    {% block content %}{% endblock %}
-</body>
-</html>

ositah/templates/bootstrap_login.html

@@ -1,38 +0,0 @@
-<!doctype html>
-<html lang="en">
-  <head>
-    <meta charset="utf-8">
-    <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
-    <meta name="description" content="">
-    <meta name="author" content="">
-    <link rel="icon" href="/docs/4.0/assets/img/favicons/favicon.ico">
-
-    <title>Signin Template for Bootstrap</title>
-
-    <link rel="canonical" href="https://getbootstrap.com/docs/4.0/examples/sign-in/">
-
-    <!-- Bootstrap core CSS -->
-    <link href="../../dist/css/bootstrap.min.css" rel="stylesheet">
-
-    <!-- Custom styles for this template -->
-    <link href="signin.css" rel="stylesheet">
-  </head>
-
-  <body class="text-center">
-    <form class="form-signin">
-      <img class="mb-4" src="https://getbootstrap.com/docs/4.0/assets/brand/bootstrap-solid.svg" alt="" width="72" height="72">
-      <h1 class="h3 mb-3 font-weight-normal">Please sign in</h1>
-      <label for="inputEmail" class="sr-only">Email address</label>
-      <input type="email" id="inputEmail" class="form-control" placeholder="Email address" required autofocus>
-      <label for="inputPassword" class="sr-only">Password</label>
-      <input type="password" id="inputPassword" class="form-control" placeholder="Password" required>
-      <div class="checkbox mb-3">
-        <label>
-          <input type="checkbox" value="remember-me"> Remember me
-        </label>
-      </div>
-      <button class="btn btn-lg btn-primary btn-block" type="submit">Sign in</button>
-      <p class="mt-5 mb-3 text-muted">&copy; 2017-2018</p>
-    </form>
-  </body>
-</html>

ositah/templates/login_form.html

@@ -1,27 +0,0 @@
-<div class="login_page">
-    {% extends 'base.html' %}
-    {% block content %}
-        <p>Log in using <strong>{{ provider.title }}</strong></p>
-
-        <form method=post>
-            <div class="login_form">
-                {% for field in form %}
-                    {% if field.widget.__class__.__name__ == 'HiddenInput' %}
-                        {{ field() }}
-                    {% else %}
-                        <div class="login_form_field">
-                            {{ field.label() }}
-                        </div>
-                        <div>
-                            {{ field() }}
-                            {% if field.errors %}
-                                Errors: {{ field.errors|join(' / ') }}
-                            {% endif %}
-                        </div>
-                    {% endif %}
-                {% endfor %}
-                <input type="submit" value="Login" class="btn btn-secondary login_button">
-            </div>
-        </form>
-    {% endblock %}
-</div>

ositah/utils/agents.py

@@ -1,117 +0,0 @@
-# Helper functions to interact with the agent table
-import pandas as pd
-from flask import session
-
-from ositah.utils.exceptions import SessionDataMissing
-from ositah.utils.utils import TEAM_LIST_ALL_AGENTS, GlobalParams, no_session_id_jumbotron
-
-NSIP_AGENT_COLUMNS = {
-    "email_reseda": "email_reseda",
-    "firstname": "firstname",
-    "lastname": "lastname",
-}
-
-
-def get_agent_by_email(connexion_email: str) -> str:
-    """
-    Retrieve an agent from Hito using the connexion email. If the connexion email is not
-    defined for the agent, try to use the contact email.
-
-    :param connexion_email: agent's email
-    :return: agent entry (row)
-    """
-
-    from ositah.utils.hito_db_model import Agent
-
-    user = Agent.query.filter_by(email_auth=session["user_email"]).first()
-    if user is None:
-        user = Agent.query.filter_by(email=session["user_email"]).first()
-
-    return user
-
-
-def get_agents(period_date: str, team: str = None) -> pd.DataFrame:
-    """
-    Read agent table in Hito database and return it as a dataframe. If a cached version exists,
-    use it.
-
-    :param period_date: a date that must be inside the declaration period
-    :param team: selected team (and subteams). Ignored if None or TEAM_LIST_ALL_AGENTS.
-    :return: dataframe
-    """
-
-    from ositah.utils.hito_db import get_db
-
-    global_params = GlobalParams()
-    columns = global_params.columns
-    db = get_db()
-
-    try:
-        session_data = global_params.session_data
-    except SessionDataMissing:
-        return no_session_id_jumbotron()
-
-    # start_date, _ = get_validation_period_dates(period_date)
-
-    agents = session_data.agent_list
-    if agents is None:
-        agent_list = pd.read_sql_query(global_params.agent_query, con=db.engine)
-        # WIP ; attempt to refine the agent list taking into account arrival and departure date
-        # Difficulty: carriere table has a suboptimal structure making a SQL request difficult
-        # TODO: query separately agent+team and carriere, then use Pandas to join them taking all
-        # the criteria into account
-        # Ignore archived agents that left before the start of the declaration period
-        # agent_list = agent_list.loc[(agent_list.archive == 0) |
-        #                          (agent_list.date_fin >= start_date.date().isoformat())]
-        if team and team != TEAM_LIST_ALL_AGENTS:
-            agent_list = agent_list[agent_list["team"].str.match(team, case=False, na=False)]
-        agent_list[columns["fullname"]] = agent_list[
-            [columns["lastname"], columns["firstname"]]
-        ].agg(" ".join, axis=1)
-        agent_list.columns = agent_list.columns.str.lower()
-        agent_list["statut"] = agent_list["statut"].str.extract("^statut_(.+)$")
-        agent_list["optional"] = agent_list["statut"].isin(
-            global_params.declaration_options["optional_statutes"]
-        )
-        agent_list["email_auth"] = agent_list["email_auth"].str.lower()
-        team_list = pd.DataFrame(agent_list[columns["team"]].unique(), columns=["name"])
-        optional_teams_list = []
-        for opt_team in global_params.declaration_options["optional_teams"]:
-            optional_teams_list.append(
-                team_list[team_list["name"].str.match(opt_team, case=False, na=False)]["name"]
-            )
-        optional_teams = pd.concat(optional_teams_list)
-        agent_list.loc[~agent_list["optional"], "optional"] = agent_list["team"].isin(
-            optional_teams
-        )
-        session_data.agent_list = agent_list
-    else:
-        agent_list = session_data.agent_list
-
-    return agent_list
-
-
-def get_nsip_agents():
-    """
-    Retrieve agents from NSIP and return them in a dataframe.
-
-    :return: dataframe or None if NSIP is not configured
-    """
-
-    global_params = GlobalParams()
-
-    if global_params.nsip:
-        agents = pd.DataFrame.from_dict(global_params.nsip.get_agent_list())
-        columns_to_delete = []
-        for c in agents.columns.tolist():
-            if c not in NSIP_AGENT_COLUMNS.values():
-                columns_to_delete.append(c)
-        agents["fullname"] = agents[
-            [NSIP_AGENT_COLUMNS["lastname"], NSIP_AGENT_COLUMNS["firstname"]]
-        ].agg(" ".join, axis=1)
-        agents.drop(columns=columns_to_delete, inplace=True)
-
-        return agents
-
-    else:
-        return None

ositah/utils/authentication.py

@@ -1,287 +0,0 @@
-# Module to handle user login with flask-multipass, a multi-backend authentication module for Flask
-# The code is largely based on a simplified version of what Indico is doing and is focused on using
-# LDAP (IJCLab ActiveDirectory) as the backend.
-#
-# There is no attempt to store session data in a database.
-
-import functools
-import json
-from urllib.parse import urlparse
-from uuid import uuid1
-
-from flask import flash, redirect, request, session
-from flask_multipass import InvalidCredentials, Multipass, NoSuchUser
-
-from ositah.utils.utils import GlobalParams
-
-# Redirect URL for login and logout
-LOGIN_URL = "/login"
-LOGOUT_URL = "/logout"
-
-
-# Session validity duration (in hours), i.e. max time since the last use
-SESSION_MAX_DURATION = 4
-
-
-# List of authenticated users
-user_list = {}
-identity_list = {}
-
-
-class User:
-    def __init__(self, first_name=None, last_name=None, email=None):
-        self._id = uuid1()
-        self._firstname = first_name
-        self._lastname = last_name
-        self._email = email
-        self._identities = []
-
-    def add_identity(self, identity):
-        self._identities.append(identity)
-
-    @property
-    def identities(self):
-        return self._identities
-
-    @property
-    def email(self):
-        return self._email
-
-    def get_first_identity(self):
-        if len(self._identities) >= 1:
-            return self._identities[0]
-        else:
-            return Exception(f"No identity defined for user '{self.email}'")
-
-    @property
-    def id(self):
-        return self._id
-
-
-class Identity:
-    def __init__(self, provider=None, identifier=None):
-        self._id = identifier
-        self._provider = provider
-        self._multipass_data = None
-
-    @property
-    def id(self):
-        return self._id
-
-    @property
-    def multipass_data(self):
-        return self._multipass_data
-
-    @multipass_data.setter
-    def multipass_data(self, data):
-        self._multipass_data = data
-
-    @property
-    def provider(self):
-        return self._provider
-
-
-class OSITAHMultipass(Multipass):
-    def init_app(self, app):
-        super(OSITAHMultipass, self).init_app(app)
-        with app.app_context():
-            self._check_default_provider()
-
-    def _check_default_provider(self):
-        # Ensure that there is maximum one sync provider
-        sync_providers = [
-            p for p in self.identity_providers.values() if p.settings.get("synced_fields")
-        ]
-        if len(sync_providers) > 1:
-            raise ValueError("There can only be one sync provider.")
-        # Ensure that there is exactly one form-based default auth provider
-        auth_providers = list(self.auth_providers.values())
-        external_providers = [p for p in auth_providers if p.is_external]
-        local_providers = [p for p in auth_providers if not p.is_external]
-        if any(p.settings.get("default") for p in external_providers):
-            raise ValueError("The default provider cannot be external")
-        if all(p.is_external for p in auth_providers):
-            return
-        default_providers = [p for p in auth_providers if p.settings.get("default")]
-        if len(default_providers) > 1:
-            raise ValueError("There can only be one default auth provider")
-        elif not default_providers:
-            if len(local_providers) == 1:
-                local_providers[0].settings["default"] = True
-            else:
-                raise ValueError("There is no default auth provider")
-
-    def handle_auth_error(self, exc, redirect_to_login=False):
-        if isinstance(exc, (NoSuchUser, InvalidCredentials)):
-            print("Invalid credentials")
-        else:
-            exc_str = str(exc)
-            print(
-                "Authentication via %s failed: %s (%r)",
-                exc.provider.name if exc.provider else None,
-                exc_str,
-                exc.details,
-            )
-        return super(OSITAHMultipass, self).handle_auth_error(
-            exc, redirect_to_login=redirect_to_login
-        )
-
-
-def configure_multipass_ldap(app, provider_title):
-    """
-    Configure Flask_multipass from configuration. Inspired from Indico and its configuration file.
-    Required flask_multipass with PR #42.
-
-    :param app: Flask app
-    :param provider_title: text associated with the auth/identity provider
-    :return: none
-    """
-
-    global_params = GlobalParams()
-    config = global_params.ldap
-
-    if not config or len(config) == 0:
-        raise Exception("Missing LDAP configuration")
-
-    ldap_config = {
-        "uri": config["uri"],
-        "bind_dn": config["bind_dn"],
-        "bind_password": config["password"],
-        "timeout": 30,
-        "verify_cert": True,
-        "page_size": 10000,
-        "uid": "sAMAccountName",
-        "user_base": config["base_dn"],
-        "user_filter": "(objectcategory=user)",
-    }
-
-    auth_provider = {
-        "ldap": {
-            "type": "ldap",
-            "title": provider_title,
-            "ldap": ldap_config,
-        },
-    }
-
-    identity_provider = {
-        "ldap": {
-            "type": "ldap",
-            "title": provider_title,
-            "ldap": ldap_config,
-            "identifier_field": "mail",
-            "accepted_users": "all",
-            "mapping": {
-                "first_name": "givenName",
-                "last_name": "sn",
-                "email": "mail",
-                "affiliation": "company",
-                "phone": "telephoneNumber",
-            },
-            "trusted_email": True,
-        },
-    }
-
-    app.config["MULTIPASS_AUTH_PROVIDERS"] = auth_provider
-    app.config["MULTIPASS_IDENTITY_PROVIDERS"] = identity_provider
-    app.config["MULTIPASS_PROVIDER_MAP"] = {"ldap": "ldap"}
-    app.config["MULTIPASS_IDENTITY_INFO_KEYS"] = {"first_name", "last_name", "email"}
-    app.config["MULTIPASS_LOGIN_FORM_TEMPLATE"] = "login_form.html"
-    app.config["MULTIPASS_SUCCESS_ENDPOINT"] = "/"
-    app.config["MULTIPASS_FAILURE_MESSAGE"] = "Login failed: {error}"
-
-
-multipass = OSITAHMultipass()
-
-
-@multipass.identity_handler
-def identity_handler(identity_info):
-    if identity_info.identifier in identity_list:
-        user = identity_list[identity_info.identifier]
-        identity = user.get_first_identity()
-    else:
-        if identity_info.data["email"] in user_list:
-            user = user_list[identity_info.data["email"]]
-        else:
-            user = User(**identity_info.data.to_dict())
-            user_list[user.email] = user
-        identity = Identity(
-            provider=identity_info.provider.name, identifier=identity_info.identifier
-        )
-        user.add_identity(identity)
-        identity_list[identity.id] = user
-    identity.multipass_data = json.dumps(identity_info.multipass_data)
-    session["user_id"] = identity.id
-    flash("Received IdentityInfo: {}".format(identity_info), "success")
-
-
-def login_required(view):
-    """
-    A decorator to require login on Flask views
-
-    :param view: a function
-    :return: decorated function
-    """
-
-    @functools.wraps(view)
-    def wrapped_view(**kwargs):
-        redirect_path = urlparse(request.base_url).path
-        if len(redirect_path) == 0:
-            redirect_path = "/"
-        if "user_id" not in session:
-            if redirect_path != "/favicon.ico":
-                return redirect(f"{LOGIN_URL}?next={redirect_path}")
-        elif redirect_path == LOGOUT_URL:
-            remove_session()
-            return multipass.logout("/", clear_session=True)
-
-        return view(**kwargs)
-
-    return wrapped_view
-
-
-def protect_views(app):
-    for view_func in app.server.view_functions:
-        if view_func.startswith("/<path:path>"):
-            app.server.view_functions[view_func] = login_required(
-                app.server.view_functions[view_func]
-            )
-
-    return app
-
-
-def remove_session():
-    """
-    Remove a session from the database and do additional session cleanup.
-
-    :return: None
-    """
-
-    from sqlalchemy import delete
-
-    from ositah.utils.hito_db import get_db
-    from ositah.utils.hito_db_model import OSITAHSession
-
-    global_params = GlobalParams()
-
-    if "uid" in session:
-        del global_params.session_data
-
-        if session["user_id"] in identity_list:
-            del user_list[identity_list[session["user_id"]].email]
-            del identity_list[session["user_id"]]
-        else:
-            print(
-                (
-                    f"WARNING: attempt to delete a non-existing user/identity"
-                    f" {session['uid']} (user={session['user_id']})"
-                )
-            )
-
-        if "user_email" in session:
-            sql_cmd = delete(OSITAHSession).where(
-                OSITAHSession.id == session["uid"],
-                OSITAHSession.email == session["user_email"],
-            )
-            db = get_db()
-            db.session.execute(sql_cmd)
-            db.session.commit()

ositah/utils/cache.py

@@ -1,19 +0,0 @@
-# Helper functions to manage the data cache
-
-from ositah.utils.exceptions import SessionDataMissing
-from ositah.utils.utils import GlobalParams, no_session_id_jumbotron
-
-
-def clear_cached_data():
-    """
-    Clear the data cached by the previous requests
-
-    :return: None
-    """
-
-    global_params = GlobalParams()
-    try:
-        session_data = global_params.session_data
-        session_data.reset_caches()
-    except SessionDataMissing:
-        return no_session_id_jumbotron()

ositah/utils/core.py

@@ -1,13 +0,0 @@
-# Module with utility functions
-
-
-# Singleton decorator definition
-def singleton(cls):
-    instances = {}
-
-    def getinstance(*args, **kwargs):
-        if cls not in instances:
-            instances[cls] = cls(*args, **kwargs)
-        return instances[cls]
-
-    return getinstance

ositah/utils/exceptions.py

@@ -1,64 +0,0 @@
-# OSITAH exceptions not specific to one of the sub-application
-
-from hito_tools.exceptions import EXIT_STATUS_GENERAL_ERROR
-
-
-class InvalidCallbackInput(Exception):
-    def __init__(self, input_name):
-        self.msg = f"internal error: invalid input ({input_name}) in callback"
-        self.status = EXIT_STATUS_GENERAL_ERROR
-
-    def __str__(self):
-        return repr(self.msg)
-
-
-class InvalidDataSource(Exception):
-    def __init__(self, source):
-        self.msg = f"attempt to use and invalid data source ({source})"
-        self.status = EXIT_STATUS_GENERAL_ERROR
-
-    def __str__(self):
-        return repr(self.msg)
-
-
-class InvalidHitoProjectName(Exception):
-    def __init__(self, projects):
-        self.msg = (
-            f"The following Hito project names don't match the format 'masterproject / project' :"
-            f" {', '.join(projects)}"
-        )
-        self.status = EXIT_STATUS_GENERAL_ERROR
-
-    def __str__(self):
-        return repr(self.msg)
-
-
-class SessionDataMissing(Exception):
-    def __init__(self, session_id=None):
-        if session_id:
-            session_txt = f" (session={session_id})"
-        else:
-            session_txt = ""
-        self.msg = f"Attempt to use non existing session data{session_txt}"
-        self.status = EXIT_STATUS_GENERAL_ERROR
-
-    def __str__(self):
-        return repr(self.msg)
-
-
-class ValidationPeriodAmbiguous(Exception):
-    def __init__(self, date):
-        self.msg = f"Configuration error: several periods matching {date}"
-        self.status = EXIT_STATUS_GENERAL_ERROR
-
-    def __str__(self):
-        return repr(self.msg)
-
-
-class ValidationPeriodMissing(Exception):
-    def __init__(self, date):
-        self.msg = f"No defined declaration period matching {date}"
-        self.status = EXIT_STATUS_GENERAL_ERROR
-
-    def __str__(self):
-        return repr(self.msg)