PyPI - zou - Versions diffs - 0.19.14__py3-none-any.whl → 0.20.11__py3-none-any.whl - Mend

zou 0.19.14py3-none-any.whl → 0.20.11py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (165) hide show

zou/__init__.py +1 -1
zou/app/__init__.py +10 -2
zou/app/api.py +2 -0
zou/app/blueprints/assets/__init__.py +22 -0
zou/app/blueprints/assets/resources.py +241 -4
zou/app/blueprints/auth/__init__.py +4 -0
zou/app/blueprints/auth/resources.py +154 -22
zou/app/blueprints/breakdown/resources.py +4 -4
zou/app/blueprints/chats/__init__.py +22 -0
zou/app/blueprints/chats/resources.py +199 -0
zou/app/blueprints/comments/resources.py +36 -19
zou/app/blueprints/crud/__init__.py +12 -0
zou/app/blueprints/crud/attachment_file.py +14 -5
zou/app/blueprints/crud/base.py +29 -28
zou/app/blueprints/crud/chat.py +13 -0
zou/app/blueprints/crud/chat_message.py +13 -0
zou/app/blueprints/crud/comments.py +85 -29
zou/app/blueprints/crud/custom_action.py +1 -1
zou/app/blueprints/crud/day_off.py +47 -9
zou/app/blueprints/crud/department.py +1 -25
zou/app/blueprints/crud/entity.py +46 -5
zou/app/blueprints/crud/entity_type.py +13 -1
zou/app/blueprints/crud/event.py +1 -1
zou/app/blueprints/crud/file_status.py +1 -1
zou/app/blueprints/crud/metadata_descriptor.py +24 -10
zou/app/blueprints/crud/organisation.py +22 -5
zou/app/blueprints/crud/output_file.py +1 -1
zou/app/blueprints/crud/output_type.py +1 -1
zou/app/blueprints/crud/person.py +32 -24
zou/app/blueprints/crud/playlist.py +1 -1
zou/app/blueprints/crud/preview_background_file.py +6 -7
zou/app/blueprints/crud/preview_file.py +1 -1
zou/app/blueprints/crud/project.py +14 -6
zou/app/blueprints/crud/project_status.py +1 -1
zou/app/blueprints/crud/schedule_item.py +4 -2
zou/app/blueprints/crud/software.py +1 -1
zou/app/blueprints/crud/status_automation.py +1 -1
zou/app/blueprints/crud/studio.py +33 -0
zou/app/blueprints/crud/task.py +47 -3
zou/app/blueprints/crud/task_status.py +1 -1
zou/app/blueprints/crud/task_type.py +4 -4
zou/app/blueprints/crud/working_file.py +4 -8
zou/app/blueprints/events/resources.py +13 -12
zou/app/blueprints/export/csv/assets.py +15 -6
zou/app/blueprints/export/csv/edits.py +15 -5
zou/app/blueprints/export/csv/playlists.py +1 -1
zou/app/blueprints/export/csv/shots.py +15 -5
zou/app/blueprints/export/csv/time_spents.py +1 -1
zou/app/blueprints/files/resources.py +22 -23
zou/app/blueprints/index/resources.py +38 -29
zou/app/blueprints/news/resources.py +25 -11
zou/app/blueprints/persons/__init__.py +5 -2
zou/app/blueprints/persons/resources.py +126 -120
zou/app/blueprints/previews/__init__.py +18 -8
zou/app/blueprints/previews/resources.py +569 -328
zou/app/blueprints/projects/resources.py +1 -1
zou/app/blueprints/search/resources.py +18 -6
zou/app/blueprints/shots/__init__.py +5 -0
zou/app/blueprints/shots/resources.py +134 -4
zou/app/blueprints/source/__init__.py +6 -6
zou/app/blueprints/source/csv/assets.py +10 -3
zou/app/blueprints/source/csv/base.py +1 -1
zou/app/blueprints/source/csv/edits.py +10 -3
zou/app/blueprints/source/csv/shots.py +10 -3
zou/app/blueprints/source/{edl.py → otio.py} +84 -41
zou/app/blueprints/tasks/__init__.py +3 -2
zou/app/blueprints/tasks/resources.py +83 -52
zou/app/blueprints/user/__init__.py +9 -0
zou/app/blueprints/user/resources.py +170 -12
zou/app/config.py +10 -0
zou/app/mixin.py +6 -5
zou/app/models/attachment_file.py +10 -4
zou/app/models/base.py +18 -13
zou/app/models/build_job.py +7 -4
zou/app/models/chat.py +44 -0
zou/app/models/chat_message.py +37 -0
zou/app/models/comment.py +1 -0
zou/app/models/day_off.py +3 -0
zou/app/models/entity.py +4 -6
zou/app/models/entity_type.py +2 -0
zou/app/models/organisation.py +14 -15
zou/app/models/person.py +6 -1
zou/app/models/project.py +3 -0
zou/app/models/search_filter.py +11 -0
zou/app/models/search_filter_group.py +10 -0
zou/app/models/serializer.py +17 -17
zou/app/models/status_automation.py +2 -0
zou/app/models/studio.py +13 -0
zou/app/models/subscription.py +2 -2
zou/app/models/task.py +6 -1
zou/app/models/task_status.py +1 -0
zou/app/models/task_type.py +1 -0
zou/app/models/working_file.py +1 -1
zou/app/services/assets_service.py +101 -14
zou/app/services/auth_service.py +17 -44
zou/app/services/breakdown_service.py +37 -5
zou/app/services/chats_service.py +279 -0
zou/app/services/comments_service.py +110 -65
zou/app/services/concepts_service.py +4 -12
zou/app/services/deletion_service.py +43 -30
zou/app/services/edits_service.py +5 -11
zou/app/services/emails_service.py +4 -4
zou/app/services/entities_service.py +17 -2
zou/app/services/events_service.py +12 -4
zou/app/services/exception.py +5 -5
zou/app/services/names_service.py +7 -2
zou/app/services/news_service.py +17 -9
zou/app/services/persons_service.py +38 -21
zou/app/services/playlists_service.py +8 -7
zou/app/services/preview_files_service.py +137 -10
zou/app/services/projects_service.py +5 -14
zou/app/services/shots_service.py +221 -49
zou/app/services/sync_service.py +46 -42
zou/app/services/tasks_service.py +185 -46
zou/app/services/time_spents_service.py +67 -20
zou/app/services/user_service.py +350 -107
zou/app/stores/auth_tokens_store.py +2 -1
zou/app/stores/file_store.py +18 -0
zou/app/stores/publisher_store.py +7 -7
zou/app/stores/queue_store.py +1 -0
zou/app/swagger.py +36 -20
zou/app/utils/cache.py +2 -0
zou/app/utils/commands.py +104 -7
zou/app/utils/csv_utils.py +1 -4
zou/app/utils/date_helpers.py +33 -17
zou/app/utils/dbhelpers.py +14 -1
zou/app/utils/emails.py +2 -2
zou/app/utils/fido.py +22 -0
zou/app/utils/flask.py +1 -0
zou/app/utils/query.py +54 -6
zou/app/utils/redis.py +11 -0
zou/app/utils/saml.py +51 -0
zou/app/utils/string.py +2 -0
zou/app/utils/thumbnail.py +4 -2
zou/cli.py +76 -18
zou/debug.py +4 -2
zou/event_stream.py +122 -165
zou/job_settings.py +1 -0
zou/migrations/env.py +0 -0
zou/migrations/utils/base.py +6 -6
zou/migrations/versions/1bb55759146f_add_table_studio.py +67 -0
zou/migrations/versions/1fab8c420678_add_attachments_to_message_chats.py +56 -0
zou/migrations/versions/23122f290ca2_add_entity_chat_models.py +149 -0
zou/migrations/versions/32f134ff1201_add_is_shared_flag_to_filters.py +33 -0
zou/migrations/versions/57222395f2be_add_statusautomation_import_last_revision.py +41 -0
zou/migrations/versions/59a7445a966c_add_entity_is_shared.py +41 -0
zou/migrations/versions/5b980f0dc365_add_comment_links.py +35 -0
zou/migrations/versions/680c64565f9d_for_searchfiltergroup_is_shared.py +35 -0
zou/migrations/versions/8e67c183bed7_add_preference_fields.py +71 -0
zou/migrations/versions/92b40d79ad3f_allow_message_attachments.py +38 -0
zou/migrations/versions/971dbf5a0faf_add_short_name_for_asset_type_entity_.py +33 -0
zou/migrations/versions/9b85c14fa8a7_add_day_off_new_columns.py +68 -0
zou/migrations/versions/9d3bb33c6fc6_add_department_keys_to_filter_models.py +73 -0
zou/migrations/versions/a252a094e977_add_descriptions_for_entities_tasks_and_.py +40 -0
zou/migrations/versions/be56dc0fb760_for_is_shared_disallow_nullable.py +102 -0
zou/migrations/versions/ca28796a2a62_add_is_done_field_to_the_task_model.py +108 -0
zou/migrations/versions/f344b867a911_for_description_of_entity_task_working_.py +75 -0
zou/remote/config_payload.py +2 -1
zou/utils/movie.py +14 -4
{zou-0.19.14.dist-info → zou-0.20.11.dist-info}/METADATA +75 -69
{zou-0.19.14.dist-info → zou-0.20.11.dist-info}/RECORD +164 -135
{zou-0.19.14.dist-info → zou-0.20.11.dist-info}/WHEEL +1 -1
{zou-0.19.14.dist-info → zou-0.20.11.dist-info}/LICENSE +0 -0
{zou-0.19.14.dist-info → zou-0.20.11.dist-info}/entry_points.txt +0 -0
{zou-0.19.14.dist-info → zou-0.20.11.dist-info}/top_level.txt +0 -0

zou/__init__.py CHANGED Viewed

	@@ -1 +1 @@
1	- __version__ = "0.19.14"
1	+ __version__ = "0.20.11"

zou/app/__init__.py CHANGED Viewed

@@ -41,6 +41,9 @@ from zou.app.utils.flask import (
     wrong_auth_handler,
 )
+from zou.app.utils.saml import saml_client_for
+from zou.app.utils.fido import get_fido_server
 app = Flask(__name__)
 app.json = ORJSONProvider(app)
 app.request_class.user_agent_class = ParsedUserAgent
@@ -64,6 +67,11 @@ swagger = Swagger(
     app, template=swagger.swagger_template, config=swagger.swagger_config
 )
+if config.SAML_ENABLED:
+    app.extensions["saml_client"] = saml_client_for(config.SAML_METADATA_URL)
+app.extensions["fido_server"] = get_fido_server()
 @app.teardown_appcontext
 def shutdown_session(exception=None):
@@ -88,7 +96,7 @@ def id_parameter_format_error(error):
 @app.errorhandler(WrongParameterException)
 def wrong_parameter(error):
-    return jsonify(error=True, message=str(error)), 400
+    return jsonify(error=True, message=str(error), data=error.dict), 400
 @app.errorhandler(ExpiredSignatureError)
@@ -126,7 +134,7 @@ def indexer_key_error(error):
         raise error
-if not config.DEBUG:
+if config.DEBUG:
     @app.errorhandler(Exception)
     def server_error(error):

zou/app/api.py CHANGED Viewed

@@ -8,6 +8,7 @@ from flask import Blueprint
 from zou.app.blueprints.assets import blueprint as assets_blueprint
 from zou.app.blueprints.auth import blueprint as auth_blueprint
 from zou.app.blueprints.breakdown import blueprint as breakdown_blueprint
+from zou.app.blueprints.chats import blueprint as chats_blueprint
 from zou.app.blueprints.comments import blueprint as comments_blueprint
 from zou.app.blueprints.crud import blueprint as crud_blueprint
 from zou.app.blueprints.entities import blueprint as entities_blueprint
@@ -49,6 +50,7 @@ def configure_api_routes(app):
     app.register_blueprint(auth_blueprint)
     app.register_blueprint(assets_blueprint)
     app.register_blueprint(breakdown_blueprint)
+    app.register_blueprint(chats_blueprint)
     app.register_blueprint(comments_blueprint)
     app.register_blueprint(crud_blueprint)
     app.register_blueprint(entities_blueprint)

zou/app/blueprints/assets/__init__.py CHANGED Viewed

@@ -21,6 +21,11 @@ from zou.app.blueprints.assets.resources import (
     ProjectAssetTypeAssetsResource,
     ProjectAssetTypesResource,
     ShotAssetTypesResource,
+    SetSharedProjectAssetsResource,
+    SetSharedProjectAssetTypeAssetsResource,
+    SetSharedAssetsResource,
+    ProjectAssetsSharedUsedResource,
+    ProjectEpisodeAssetsSharedUsedResource,
 )
@@ -59,6 +64,23 @@ routes = [
     ("/data/projects/<project_id>/asset-types", ProjectAssetTypesResource),
     ("/data/shots/<shot_id>/asset-types", ShotAssetTypesResource),
     ("/data/projects/<project_id>/assets", ProjectAssetsResource),
+    ("/actions/assets/share", SetSharedAssetsResource),
+    (
+        "/actions/projects/<project_id>/assets/share",
+        SetSharedProjectAssetsResource,
+    ),
+    (
+        "/actions/projects/<project_id>/asset-types/<asset_type_id>/assets/share",
+        SetSharedProjectAssetTypeAssetsResource,
+    ),
+    (
+        "/data/projects/<project_id>/assets/shared-used",
+        ProjectAssetsSharedUsedResource,
+    ),
+    (
+        "/data/projects/<project_id>/episodes/<episode_id>/assets/shared-used",
+        ProjectEpisodeAssetsSharedUsedResource,
+    ),
 ]
 blueprint = Blueprint("assets", "assets")

zou/app/blueprints/assets/resources.py CHANGED Viewed

@@ -1,5 +1,5 @@
 from flask import request
-from flask_restful import Resource
+from flask_restful import Resource, inputs
 from flask_jwt_extended import jwt_required
 from zou.app.utils import permissions, query
@@ -21,7 +21,11 @@ def check_criterion_access(criterions):
     elif "episode_id" in criterions:
         episode_id = criterions.get("episode_id", None)
         project_id = shots_service.get_episode(episode_id)["project_id"]
-    return user_service.check_project_access(project_id)
+    if "project_id" in criterions:
+        user_service.check_project_access(project_id)
+    return True
 class AssetResource(Resource, ArgsMixin):
@@ -106,7 +110,10 @@ class AllAssetsResource(Resource):
             criterions["assigned_to"] = persons_service.get_current_user()[
                 "id"
             ]
-        return assets_service.get_assets(criterions)
+        return assets_service.get_assets(
+            criterions,
+            is_admin=permissions.has_admin_permissions(),
+        )
 class AllAssetsAliasResource(AllAssetsResource):
@@ -431,6 +438,7 @@ class NewAssetResource(Resource, ArgsMixin):
                 - name
                 - description
                 - data
+                - is_shared
                 - source_id
                 properties:
                     name:
@@ -439,6 +447,8 @@ class NewAssetResource(Resource, ArgsMixin):
                         type: string
                     data:
                         type: string
+                    is_shared:
+                        type: boolean
                     source_id:
                         type: string
                         format: UUID
@@ -447,7 +457,7 @@ class NewAssetResource(Resource, ArgsMixin):
             201:
                 description: New asset resource created
         """
-        (name, description, data, source_id) = self.get_arguments()
+        (name, description, data, is_shared, source_id) = self.get_arguments()
         user_service.check_manager_project_access(project_id)
         asset = assets_service.create_asset(
@@ -456,6 +466,7 @@ class NewAssetResource(Resource, ArgsMixin):
             name,
             description,
             data,
+            is_shared,
             source_id,
             created_by=persons_service.get_current_user()["id"],
         )
@@ -471,6 +482,12 @@ class NewAssetResource(Resource, ArgsMixin):
                 },
                 "description",
                 ("data", {}, False, dict),
+                (
+                    "is_shared",
+                    True,
+                    False,
+                    inputs.boolean,
+                ),
                 "episode_id",
             ]
         )
@@ -479,6 +496,7 @@ class NewAssetResource(Resource, ArgsMixin):
             args["name"],
             args.get("description", ""),
             args["data"],
+            args["is_shared"],
             args["episode_id"],
         )
@@ -658,3 +676,222 @@ class AssetAssetInstancesResource(Resource, ArgsMixin):
             asset_id, args["asset_to_instantiate_id"], args["description"]
         )
         return asset_instance, 201
+class BaseSetSharedAssetsResource(Resource, ArgsMixin):
+    @jwt_required()
+    def post(self, project_id=None, asset_type_id=None, asset_ids=None):
+        args = self.get_args(
+            [
+                (
+                    "is_shared",
+                    True,
+                    False,
+                    inputs.boolean,
+                ),
+            ]
+        )
+        return assets_service.set_shared_assets(
+            is_shared=args["is_shared"],
+            project_id=project_id,
+            asset_type_id=asset_type_id,
+            asset_ids=asset_ids,
+        )
+class SetSharedProjectAssetsResource(BaseSetSharedAssetsResource):
+    """
+    Share or unshare all assets (or a list of assets) for given project.
+    """
+    @jwt_required()
+    def post(self, project_id):
+        """
+        Share or unshare all assets (or a list of assets) for given project.
+        ---
+        tags:
+        - Assets
+        consumes:
+            - multipart/form-data
+        parameters:
+          - in: path
+            name: project_id
+            required: True
+            type: string
+            format: UUID
+            x-example: a24a6ea4-ce75-4665-a070-57453082c25
+          - in: formData
+            name: asset_ids
+            default: None,
+            type: array
+            items:
+                type: UUID
+            x-example: ["a24a6ea4-ce75-4665-a070-57453082c25"]
+          - in: formData
+            name: is_shared
+            default: true
+            type: boolean
+            x-example: true
+        responses:
+            201:
+                description: All assets modified.
+        """
+        args = self.get_args(
+            [
+                (
+                    "asset_ids",
+                    None,
+                    False,
+                    str,
+                    "append",
+                ),
+            ]
+        )
+        user_service.check_manager_project_access(project_id)
+        return super().post(project_id=project_id, asset_ids=args["asset_ids"])
+class SetSharedProjectAssetTypeAssetsResource(BaseSetSharedAssetsResource):
+    """
+    Share or unshare all assets for given project and asset type.
+    """
+    @jwt_required()
+    def post(self, project_id, asset_type_id):
+        """
+        Share or unshare all assets for given project and asset type.
+        ---
+        tags:
+        - Assets
+        consumes:
+            - multipart/form-data
+        parameters:
+          - in: path
+            name: project_id
+            required: True
+            type: string
+            format: UUID
+            x-example: a24a6ea4-ce75-4665-a070-57453082c25
+          - in: path
+            name: asset_type_id
+            required: True
+            type: string
+            format: UUID
+            x-example: a24a6ea4-ce75-4665-a070-57453082c25
+          - in: formData
+            name: is_shared
+            default: true
+            type: boolean
+            x-example: true
+        responses:
+            201:
+                description: All assets modified.
+        """
+        user_service.check_manager_project_access(project_id)
+        return super().post(project_id=project_id, asset_type_id=asset_type_id)
+class SetSharedAssetsResource(BaseSetSharedAssetsResource):
+    """
+    Share or unshare all assets (or a list of assets) for given project.
+    """
+    @jwt_required()
+    def post(self):
+        """
+        Share or unshare a list of assets.
+        ---
+        tags:
+        - Assets
+        consumes:
+            - multipart/form-data
+        parameters:
+          - in: formData
+            name: asset_ids
+            default: None,
+            type: array
+            items:
+                type: UUID
+            x-example: ["a24a6ea4-ce75-4665-a070-57453082c25"]
+          - in: formData
+            name: is_shared
+            default: true
+            type: boolean
+            x-example: true
+        responses:
+            201:
+                description: All assets modified.
+        """
+        args = self.get_args(
+            [
+                (
+                    "asset_ids",
+                    [],
+                    True,
+                    str,
+                    "append",
+                ),
+            ]
+        )
+        asset_ids = args["asset_ids"]
+        project_ids = set()
+        for asset_id in asset_ids:
+            project_ids.add(assets_service.get_asset(asset_id)["project_id"])
+        for project_id in project_ids:
+            user_service.check_manager_project_access(project_id)
+        return super().post(asset_ids=asset_ids)
+class ProjectAssetsSharedUsedResource(Resource):
+    @jwt_required()
+    def get(self, project_id):
+        """
+        Retrieve all shared assets used in project.
+        ---
+        tags:
+            - Assets
+        parameters:
+          - in: path
+            name: project_id
+            required: True
+            type: string
+            format: UUID
+            x-example: a24a6ea4-ce75-4665-a070-57453082c25
+        responses:
+            200:
+                description: All shared assets used in project
+        """
+        user_service.check_project_access(project_id)
+        return assets_service.get_shared_assets_used_in_project(project_id)
+class ProjectEpisodeAssetsSharedUsedResource(Resource):
+    @jwt_required()
+    def get(self, project_id, episode_id):
+        """
+        Retrieve all shared assets used in project episode.
+        ---
+        tags:
+            - Assets
+        parameters:
+          - in: path
+            name: project_id
+            required: True
+            type: string
+            format: UUID
+            x-example: a24a6ea4-ce75-4665-a070-57453082c25
+          - in: path
+            name: episode_id
+            required: True
+            type: string
+            format: UUID
+            x-example: a24a6ea4-ce75-4665-a070-57453082c25
+        responses:
+            200:
+                description: All shared assets used in project episode
+        """
+        user_service.check_project_access(project_id)
+        return assets_service.get_shared_assets_used_in_project(
+            project_id, episode_id
+        )

zou/app/blueprints/auth/__init__.py CHANGED Viewed

@@ -13,6 +13,8 @@ from zou.app.blueprints.auth.resources import (
     RegistrationResource,
     ResetPasswordResource,
     TOTPResource,
+    SAMLSSOResource,
+    SAMLLoginResource,
 )
 routes = [
@@ -27,6 +29,8 @@ routes = [
     ("/auth/email-otp", EmailOTPResource),
     ("/auth/recovery-codes", RecoveryCodesResource),
     ("/auth/fido", FIDOResource),
+    ("/auth/saml/sso", SAMLSSOResource),
+    ("/auth/saml/login", SAMLLoginResource),
 ]
 blueprint = Blueprint("auth", "auth")

zou/app/blueprints/auth/resources.py CHANGED Viewed

@@ -1,7 +1,6 @@
-import datetime
 import urllib.parse
-from flask import request, jsonify, current_app
+from flask import request, jsonify, current_app, redirect, make_response
 from flask_restful import Resource
 from flask_principal import (
     Identity,
@@ -15,15 +14,17 @@ from flask_jwt_extended import (
     set_access_cookies,
     set_refresh_cookies,
     unset_jwt_cookies,
+    unset_refresh_cookies,
     get_jwt,
 )
 from sqlalchemy.exc import OperationalError, TimeoutError
 from babel.dates import format_datetime
+from saml2 import entity
 from zou.app import app, config
 from zou.app.mixin import ArgsMixin
-from zou.app.utils import auth, emails, permissions
+from zou.app.utils import auth, emails, permissions, date_helpers
 from zou.app.services import (
     persons_service,
     auth_service,
@@ -78,7 +79,9 @@ class AuthenticatedResource(Resource):
             description: Person not found
         """
         person = persons_service.get_current_user(relations=True)
-        organisation = persons_service.get_organisation()
+        organisation = persons_service.get_organisation(
+            sensitive=permissions.has_admin_permissions()
+        )
         return {
             "authenticated": True,
             "user": person,
@@ -218,7 +221,6 @@ class LoginResource(Resource, ArgsMixin):
                     "identity_type": "person",
                 },
             )
-            auth_service.register_tokens(app, access_token, refresh_token)
             identity_changed.send(
                 current_app._get_current_object(),
                 identity=Identity(user["id"], "person"),
@@ -228,15 +230,21 @@ class LoginResource(Resource, ArgsMixin):
                 "HTTP_X_REAL_IP", request.remote_addr
             )
+            organisation = persons_service.get_organisation(
+                sensitive=user["role"] != "admin"
+            )
+            response = jsonify(
+                {
+                    "user": user,
+                    "organisation": organisation,
+                    "login": True,
+                    "access_token": access_token,
+                    "refresh_token": refresh_token,
+                }
+            )
             if is_from_browser(request.user_agent):
-                organisation = persons_service.get_organisation()
-                response = jsonify(
-                    {
-                        "user": user,
-                        "organisation": organisation,
-                        "login": True,
-                    }
-                )
                 set_access_cookies(response, access_token)
                 set_refresh_cookies(response, refresh_token)
                 events_service.create_login_log(user["id"], ip_address, "web")
@@ -244,12 +252,6 @@ class LoginResource(Resource, ArgsMixin):
                 events_service.create_login_log(
                     user["id"], ip_address, "script"
                 )
-                response = {
-                    "login": True,
-                    "user": user,
-                    "access_token": access_token,
-                    "refresh_token": refresh_token,
-                }
             current_app.logger.info(f"User {email} is logged in.")
             return response
         except WrongUserException:
@@ -384,10 +386,10 @@ class RefreshTokenResource(Resource):
                 "identity_type": "person",
             },
         )
-        auth_service.register_tokens(app, access_token)
         if is_from_browser(request.user_agent):
             response = jsonify({"refresh": True})
             set_access_cookies(response, access_token)
+            unset_refresh_cookies(response)
         else:
             return {"access_token": access_token}
@@ -561,7 +563,7 @@ class ChangePasswordResource(Resource, ArgsMixin):
             )
             organisation = persons_service.get_organisation()
             time_string = format_datetime(
-                datetime.datetime.utcnow(),
+                date_helpers.get_utc_now_datetime(),
                 tzinfo=user["timezone"],
                 locale=user["locale"],
             )
@@ -734,6 +736,11 @@ class ResetPasswordResource(Resource, ArgsMixin):
         try:
             user = persons_service.get_person_by_email(args["email"])
+            if not user["active"]:
+                return (
+                    {"error": True, "message": "This user is inactive."},
+                    400,
+                )
         except PersonNotFoundException:
             return (
                 {"error": True, "message": "Email not listed in database."},
@@ -752,7 +759,7 @@ class ResetPasswordResource(Resource, ArgsMixin):
             query,
         )
         time_string = format_datetime(
-            datetime.datetime.utcnow(),
+            date_helpers.get_utc_now_datetime(),
             tzinfo=user["timezone"],
             locale=user["locale"],
         )
@@ -1329,3 +1336,128 @@ class RecoveryCodesResource(Resource, ArgsMixin):
                 },
                 400,
             )
+class SAMLSSOResource(Resource, ArgsMixin):
+    """
+    Resource to allow a user to login with SAML SSO.
+    """
+    def post(self):
+        """
+        Resource to allow a user to login with SAML SSO.
+        ---
+        description: ""
+        tags:
+            - Authentication
+        responses:
+          302:
+            description: Login successful, redirect to the home page.
+          400:
+            description: Wrong parameter
+        """
+        if not config.SAML_ENABLED:
+            return {"error": "SAML is not enabled."}, 400
+        authn_response = current_app.extensions[
+            "saml_client"
+        ].parse_authn_request_response(
+            request.form["SAMLResponse"], entity.BINDING_HTTP_POST
+        )
+        authn_response.get_identity()
+        email = authn_response.get_subject().text
+        person_info = {
+            k: (
+                " ".join(v)
+                if isinstance(v, list) and k in ["first_name", "last_name"]
+                else v
+            )
+            for k, v in authn_response.ava.items()
+            if k
+            in [
+                "first_name",
+                "last_name",
+                "phone",
+                "role",
+                "departments",
+                "studio_id",
+                "active",
+            ]
+        }
+        try:
+            user = persons_service.get_person_by_email(email)
+            for k, v in person_info.items():
+                if user.get(k) != v:
+                    persons_service.update_person(
+                        user["id"], person_info, bypass_protected_accounts=True
+                    )
+                    break
+        except PersonNotFoundException:
+            user = persons_service.create_person(
+                email, "default".encode("utf-8"), **person_info
+            )
+        response = make_response(
+            redirect(f"{config.DOMAIN_PROTOCOL}://{config.DOMAIN_NAME}")
+        )
+        if user["active"]:
+            access_token = create_access_token(
+                identity=user["id"],
+                additional_claims={
+                    "identity_type": "person",
+                },
+            )
+            refresh_token = create_refresh_token(
+                identity=user["id"],
+                additional_claims={
+                    "identity_type": "person",
+                },
+            )
+            identity_changed.send(
+                current_app._get_current_object(),
+                identity=Identity(user["id"], "person"),
+            )
+            ip_address = request.environ.get(
+                "HTTP_X_REAL_IP", request.remote_addr
+            )
+            set_access_cookies(response, access_token)
+            set_refresh_cookies(response, refresh_token)
+            events_service.create_login_log(user["id"], ip_address, "web")
+        return response
+class SAMLLoginResource(Resource, ArgsMixin):
+    """
+    Resource to allow a user to login with SAML SSO.
+    """
+    def get(self):
+        """
+        Resource to allow a user to login with SAML SSO.
+        ---
+        description: ""
+        tags:
+            - Authentication
+        responses:
+          302:
+            description: Redirect to the SAML IDP.
+          400:
+            description: Wrong parameter.
+        """
+        if not config.SAML_ENABLED:
+            return {"error": "SAML is not enabled."}, 400
+        _, info = current_app.extensions[
+            "saml_client"
+        ].prepare_for_authenticate()
+        redirect_url = None
+        # Select the IdP URL to send the AuthN request to
+        for key, value in info["headers"]:
+            if key == "Location":
+                redirect_url = value
+        return redirect(redirect_url, code=302)

zou/app/blueprints/breakdown/resources.py CHANGED Viewed

@@ -398,14 +398,14 @@ class ProjectEntityLinksResource(Resource, ArgsMixin):
             type: string
             format: Number
             x-example: 2
-          - in: limit
-            name: page
+          - in: query
+            name: limit
             required: False
             type: string
             format: Number
             x-example: 100
-          - in: cursor_created_at
-            name: page
+          - in: query
+            name: cursor_created_at
             required: False
             type: string
             format: Datetime

zou 0.19.14__py3-none-any.whl → 0.20.11__py3-none-any.whl

zou 0.19.14py3-none-any.whl → 0.20.11py3-none-any.whl