aji/costapy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Sending invitation and validating allowed roles

Browse Source
This commit is contained in:
Dita Aji Pratama 2025-08-07 11:42:29 +07:00
parent 988f793598
commit e50066ea34
1 changed files with 35 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

39
modules/api/auth.py
View File

@ -238,10 +238,10 @@ class auth:
return response return response
def invite(self, params): def invite(self, params):
APIADDR = "/api/auth/invite" APIADDR = "/api/auth/invite"
response = {} response = {}
allowed_roles = [1,2] allowed_roles = [1,2]
allowed_invitation = globalvar.allowed_invitation allowed_grant = globalvar.allowed_grant
self.cursor.execute("BEGIN;") self.cursor.execute("BEGIN;")
try: try:
loggorilla.prcss(APIADDR, "Define parameters") loggorilla.prcss(APIADDR, "Define parameters")
@ -257,6 +257,37 @@ class auth:
loggorilla.prcss(APIADDR, "Account validation") loggorilla.prcss(APIADDR, "Account validation")
user_validation = procedure_validation.validation().account(APIADDR, allowed_roles, token) user_validation = procedure_validation.validation().account(APIADDR, allowed_roles, token)
user = user_validation['data'] user = user_validation['data']
loggorilla.prcss(APIADDR, "Validating")
if not procedure_grant.is_grant_allowed(user['profile']['roles'], roles, allowed_grant):
loggorilla.accss(APIADDR, f"{user['profile']['username']} do invitation with unallowed role(s)")
loggorilla.accss(APIADDR, f"Rejected roles: {procedure_grant.get_disallowed_roles(user['profile']['roles'], roles, allowed_grant)}")
loggorilla.prcss(APIADDR, "Giving response")
response["status" ] = "failed"
response["desc" ] = "Invitation roles is not allowed"
else:
loggorilla.prcss(APIADDR, "Set expired datetime")
expired = globalvar.invitation_link_expiration
expired_isoformat = expired.isoformat()
loggorilla.prcss(APIADDR, "Generate URL")
payload = {
"expired" : expired_isoformat,
"roles" : roles,
"email" : email,
"username" : username
}
token_encrypt = tokenguard.encode(payload, globalvar.ssh['key']['private'], globalvar.ssh['passphrase'])
invitation_url = globalvar.invitation_url(token_encrypt)
loggorilla.prcss(APIADDR, "Sending email")
webmail_data = {"accept": invitation_url}
result_webmail = procedure_webmail.webmail().invitation(APIADDR, params, webmail_data)
self.smtpconfig['to' ] = email
self.smtpconfig['subject' ] = result_webmail['subject' ]
self.smtpconfig['text' ] = result_webmail['text' ]
self.smtpconfig['html' ] = result_webmail['html' ]
sendwave.smtp(self.smtpconfig)
loggorilla.prcss(APIADDR, "Giving response")
response["status" ] = "success"
response["desc" ] = "Sending invitation success."
except Exception as e: except Exception as e:
self.cursor.execute("ROLLBACK;") self.cursor.execute("ROLLBACK;")
loggorilla.error(APIADDR, str(e) ) loggorilla.error(APIADDR, str(e) )