forked from ITISFoundation/osparc-simcore
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
✨ web-api: user's privacy settings (ITISFoundation#6904)
- Loading branch information
Showing
22 changed files
with
696 additions
and
245 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
130 changes: 130 additions & 0 deletions
130
packages/models-library/src/models_library/api_schemas_webserver/users.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,130 @@ | ||
import re | ||
from datetime import date | ||
from enum import Enum | ||
from typing import Annotated, Literal | ||
|
||
from models_library.api_schemas_webserver.groups import MyGroupsGet | ||
from models_library.api_schemas_webserver.users_preferences import AggregatedPreferences | ||
from models_library.basic_types import IDStr | ||
from models_library.emails import LowerCaseEmailStr | ||
from models_library.users import FirstNameStr, LastNameStr, UserID | ||
from pydantic import BaseModel, ConfigDict, Field, field_validator | ||
|
||
from ._base import InputSchema, OutputSchema | ||
|
||
|
||
class ProfilePrivacyGet(OutputSchema): | ||
hide_fullname: bool | ||
hide_email: bool | ||
|
||
|
||
class ProfilePrivacyUpdate(InputSchema): | ||
hide_fullname: bool | None = None | ||
hide_email: bool | None = None | ||
|
||
|
||
class ProfileGet(BaseModel): | ||
# WARNING: do not use InputSchema until front-end is updated! | ||
id: UserID | ||
user_name: Annotated[ | ||
IDStr, Field(description="Unique username identifier", alias="userName") | ||
] | ||
first_name: FirstNameStr | None = None | ||
last_name: LastNameStr | None = None | ||
login: LowerCaseEmailStr | ||
|
||
role: Literal["ANONYMOUS", "GUEST", "USER", "TESTER", "PRODUCT_OWNER", "ADMIN"] | ||
groups: MyGroupsGet | None = None | ||
gravatar_id: Annotated[str | None, Field(deprecated=True)] = None | ||
|
||
expiration_date: Annotated[ | ||
date | None, | ||
Field( | ||
description="If user has a trial account, it sets the expiration date, otherwise None", | ||
alias="expirationDate", | ||
), | ||
] = None | ||
|
||
privacy: ProfilePrivacyGet | ||
preferences: AggregatedPreferences | ||
|
||
model_config = ConfigDict( | ||
# NOTE: old models have an hybrid between snake and camel cases! | ||
# Should be unified at some point | ||
populate_by_name=True, | ||
json_schema_extra={ | ||
"examples": [ | ||
{ | ||
"id": 42, | ||
"login": "[email protected]", | ||
"userName": "bla42", | ||
"role": "admin", # pre | ||
"expirationDate": "2022-09-14", # optional | ||
"preferences": {}, | ||
"privacy": {"hide_fullname": 0, "hide_email": 1}, | ||
}, | ||
] | ||
}, | ||
) | ||
|
||
@field_validator("role", mode="before") | ||
@classmethod | ||
def _to_upper_string(cls, v): | ||
if isinstance(v, str): | ||
return v.upper() | ||
if isinstance(v, Enum): | ||
return v.name.upper() | ||
return v | ||
|
||
|
||
class ProfileUpdate(BaseModel): | ||
# WARNING: do not use InputSchema until front-end is updated! | ||
first_name: FirstNameStr | None = None | ||
last_name: LastNameStr | None = None | ||
user_name: Annotated[IDStr | None, Field(alias="userName")] = None | ||
|
||
privacy: ProfilePrivacyUpdate | None = None | ||
|
||
model_config = ConfigDict( | ||
json_schema_extra={ | ||
"example": { | ||
"first_name": "Pedro", | ||
"last_name": "Crespo", | ||
} | ||
} | ||
) | ||
|
||
@field_validator("user_name") | ||
@classmethod | ||
def _validate_user_name(cls, value: str): | ||
# Ensure valid characters (alphanumeric + . _ -) | ||
if not re.match(r"^[a-zA-Z][a-zA-Z0-9._-]*$", value): | ||
msg = f"Username '{value}' must start with a letter and can only contain letters, numbers and '_', '.' or '-'." | ||
raise ValueError(msg) | ||
|
||
# Ensure no consecutive special characters | ||
if re.search(r"[_.-]{2,}", value): | ||
msg = f"Username '{value}' cannot contain consecutive special characters like '__'." | ||
raise ValueError(msg) | ||
|
||
# Ensure it doesn't end with a special character | ||
if {value[0], value[-1]}.intersection({"_", "-", "."}): | ||
msg = f"Username '{value}' cannot end or start with a special character." | ||
raise ValueError(msg) | ||
|
||
# Check reserved words (example list; extend as needed) | ||
reserved_words = { | ||
"admin", | ||
"root", | ||
"system", | ||
"null", | ||
"undefined", | ||
"support", | ||
"moderator", | ||
# NOTE: add here extra via env vars | ||
} | ||
if any(w in value.lower() for w in reserved_words): | ||
msg = f"Username '{value}' cannot be used." | ||
raise ValueError(msg) | ||
|
||
return value |
45 changes: 45 additions & 0 deletions
45
...src/simcore_postgres_database/migration/versions/38c9ac332c58_new_user_privacy_columns.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,45 @@ | ||
"""new user privacy columns | ||
Revision ID: 38c9ac332c58 | ||
Revises: e5555076ef50 | ||
Create Date: 2024-12-05 14:29:27.739650+00:00 | ||
""" | ||
import sqlalchemy as sa | ||
from alembic import op | ||
|
||
# revision identifiers, used by Alembic. | ||
revision = "38c9ac332c58" | ||
down_revision = "e5555076ef50" | ||
branch_labels = None | ||
depends_on = None | ||
|
||
|
||
def upgrade(): | ||
# ### commands auto generated by Alembic - please adjust! ### | ||
op.add_column( | ||
"users", | ||
sa.Column( | ||
"privacy_hide_fullname", | ||
sa.Boolean(), | ||
server_default=sa.text("true"), | ||
nullable=False, | ||
), | ||
) | ||
op.add_column( | ||
"users", | ||
sa.Column( | ||
"privacy_hide_email", | ||
sa.Boolean(), | ||
server_default=sa.text("true"), | ||
nullable=False, | ||
), | ||
) | ||
# ### end Alembic commands ### | ||
|
||
|
||
def downgrade(): | ||
# ### commands auto generated by Alembic - please adjust! ### | ||
op.drop_column("users", "privacy_hide_email") | ||
op.drop_column("users", "privacy_hide_fullname") | ||
# ### end Alembic commands ### |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.