feat: Read and display existing/configured user identity

Once an identity is configured users will be able to view it on the update user page

Author: Kartikkumar-Shetty

Access/group_helper.py

@@ -56,6 +56,11 @@
     "msg": "The requested URL is of POST method but was called with other.",
 }
 
+class GroupAccessExistsException(Exception):
+    def __init__(self):
+            self.message = "Group Access Exists"
+            super().__init__(self.message)    
+
 
 class GroupAccessExistsException(Exception):
     def __init__(self):

Access/models.py

@@ -200,6 +200,9 @@ def get_active_identity(self, access_tag):
         return self.module_identity.filter(
             access_tag=access_tag, status="Active"
         ).first()
+    
+    def get_all_active_identity(self):
+        return self.module_identity.filter(status = "Active")
 
     @staticmethod
     def get_user_by_email(email):
@@ -325,7 +328,7 @@ def revoke_membership(self):
     @staticmethod
     def get_membership(membership_id):
         return MembershipV2.objects.get(membership_id=membership_id)
-
+    
     def __str__(self):
         return self.group.name + "-" + self.user.email + "-" + self.status
 
@@ -768,6 +771,8 @@ def getAccessRequestDetails(self, access_module):
         access_request_data["grantOwner"] = ",".join(access_module.grant_owner())
 
         return access_request_data
+    
+    
 
 
 class AccessV2(models.Model):

Access/notifications.py

@@ -22,7 +22,6 @@
 
 GROUP_ACCESS_ADDED_SUBJECT = "Group: {group_name}  new access added"
 
-
 def send_new_group_create_notification(auth_user, date_time, new_group, member_list):
     subject = NEW_GROUP_EMAIL_SUBJECT + auth_user.email + " -- " + date_time
     body = helpers.generateStringFromTemplate(

Access/userlist_helper.py

@@ -3,6 +3,7 @@
 import logging
 from . import helpers as helper
 from django.db import transaction
+import json
 
 logger = logging.getLogger(__name__)
 
@@ -22,35 +23,69 @@
     "msg": "Identity could not be updated for {modulename}. Please connect with admin",
 }
 
-
-ERROR_INVALID_ACCESS_MODULE = {
-    "title": "Invalid Access Module",
-    "msg": "Invalid Access Module - {modulename}",
+IDENTITY_UNCHANGED_ERROR_MESSAGE = {
+    "title": "Identity value not changed",
+    "msg": "Identity could not be updated for {modulename}. The new identity is same as the old identity",
 }
 
 
-def get_identity_templates():
+class IdentityNotChangedException(Exception):
+    def __init__(self):
+            self.message = "Identity Unchanged"
+            super().__init__(self.message)    
+
+
+def get_identity_templates(auth_user):
+    user_identities = auth_user.user.get_all_active_identity()
     context = {}
-    context["identity_template"] = []
-    for mod in helper.get_available_access_modules().values():
-        context["identity_template"].append(
-            {"accessUserTemplatePath": mod.get_identity_template()}
+    context["configured_identity_template"] = []
+    context["unconfigured_identity_template"] = []
+    all_modules = helper.get_available_access_modules()
+    for user_identity in user_identities:
+        is_identity_configured = _is_valid_identity_json(identity=user_identity.identity)
+        if is_identity_configured:
+            module = all_modules[user_identity.access_tag]
+            context["configured_identity_template"].append(
+                {
+                    "accessUserTemplatePath": module.get_identity_template(), 
+                    "identity" : user_identity.identity
+                }            
+            )
+            all_modules.pop(user_identity.access_tag)
+            
+    for mod in all_modules.values():
+        context["unconfigured_identity_template"].append(
+            {
+                "accessUserTemplatePath": mod.get_identity_template(), 
+            }
         )
+    # context["aws_username"] = "some name"
     return context
 
+def _is_valid_identity_json(identity):
+    try:
+        identity_json = json.loads(json.dumps(identity))
+        identity_dict = dict(identity_json)
+        if len(identity_dict)>0:
+            return True
+        return False
+    except Exception:
+        return False
 
 def create_identity(user_identity_form, auth_user):
     user = auth_user.user
     mod_name = user_identity_form.get("modname")
     selected_access_module = helper.get_available_access_modules()[mod_name]
-
+    context = {}
     if selected_access_module:
-        new_module_identity = selected_access_module.verify_identity(
+        new_module_identity_json = selected_access_module.verify_identity(
             user_identity_form, user.email
         )
         existing_user_identity = user.get_active_identity(
             access_tag=selected_access_module.tag()
         )
+        if new_module_identity_json == existing_user_identity.identity:
+            raise IdentityNotChangedException()
         existing_user_access_mapping = None
 
         # get useraccess if an identity already exists
@@ -65,7 +100,7 @@ def create_identity(user_identity_form, auth_user):
             access_tag=selected_access_module.tag(),
             existing_user_identity=existing_user_identity,
             existing_user_access_mapping=existing_user_access_mapping,
-            new_module_identity=new_module_identity,
+            new_module_identity=new_module_identity_json,
         )
         if True:
             for access_mapping in existing_user_access_mapping:
@@ -79,7 +114,7 @@ def create_identity(user_identity_form, auth_user):
                 # mod.approve(membership)
                 raise Exception("Not Implemented")
 
-    context = {}
+   
     context["status"] = {
         "title": NEW_IDENTITY_CREATE_SUCCESS_MESSAGE["title"],
         "msg": NEW_IDENTITY_CREATE_SUCCESS_MESSAGE["msg"].format(

Access/views.py

@@ -18,12 +18,7 @@
     create_request,
 )
 from Access.models import User
-from Access.userlist_helper import (
-    getallUserList,
-    get_identity_templates,
-    create_identity,
-    NEW_IDENTITY_CREATE_ERROR_MESSAGE,
-)
+from Access.userlist_helper import getallUserList, get_identity_templates, create_identity, NEW_IDENTITY_CREATE_ERROR_MESSAGE, IDENTITY_UNCHANGED_ERROR_MESSAGE, IdentityNotChangedException
 from Access.views_helper import render_error_message
 from BrowserStackAutomation.settings import PERMISSION_CONSTANTS
 
@@ -94,8 +89,8 @@ def pending_revoke(request):
 
 @login_required
 def updateUserInfo(request):
-    context = get_identity_templates()
-    return render(request, "updateUser.html", context)
+    context = get_identity_templates(request.user)
+    return render(request,'updateUser.html',context)
 
 
 @api_view(["POST"])
@@ -108,6 +103,14 @@ def saveIdentity(request):
                 user_identity_form=request.POST, auth_user=request.user
             )
             return JsonResponse(json.dumps(context), safe=False, status=200)
+    except IdentityNotChangedException:
+        context = {}
+        context["error"] = {
+            "title": IDENTITY_UNCHANGED_ERROR_MESSAGE["title"],
+            "msg": IDENTITY_UNCHANGED_ERROR_MESSAGE["msg"].format(modulename = modname),
+        }
+        return JsonResponse(json.dumps(context), safe=False, status=400)
+        
     except Exception:
         context = {}
         context["error"] = {

templates/updateUser.html

@@ -9,31 +9,55 @@ <h2 class="h5 no-margin-bottom">Update User Info: {{request.user}}</h2>
   </div>
 
   <div class="container">
-    <b>Update Identity</b>
-    {% for each_access in identity_template %}
+    {% for module in configured_identity_template %}
     <section class="content">
       <!-- Horizontal Form -->
       <div class="box box-danger">
-        <form class="form-horizontal" action="create_post" method="post" id="usrform{{ forloop.counter }}" name="usrform">
+        <form class="form-horizontal" action="create_post" method="post" id="config_usrform{{ forloop.counter }}" name="usrform">
             {% csrf_token %}
           <div class="page-header mx-3">
               <div style="color: red;" id="error-msg">
               </div>
               <div style="color: green;" id="success-msg">
               </div>
-              {% with each_access.accessUserTemplatePath as includePath %}
+              {% with module.accessUserTemplatePath as includePath %}
                 {% include includePath %}
               {% endwith %}
             <div class="form-group">
-                <button id="update_identity" onclick = "form_post('usrform{{ forloop.counter }}', 'update')" type="submit" value="update" name="state" class="btn btn-primary" style="border: none;color: white;text-align: center;text-decoration: none;display: inline-block;font-size: 16px;">Update</button>
-                <button id="git_bulk_approve" onclick = "form_post('usrform{{ forloop.counter }}', 'regrant')" type="submit" value="git_bulk_approve" class="btn btn-primary" style="border: none;color: white;text-align: center;text-decoration: none;display: inline-block;font-size: 16px;">Regrant</button>
+                <button id="update_identity" onclick = "form_post('config_usrform{{ forloop.counter }}', 'update')" type="submit" value="update" name="state" class="btn btn-primary" style="border: none;color: white;text-align: center;text-decoration: none;display: inline-block;font-size: 16px;">Update</button>
               </div>
           </div>
         </form>
       </div>
     </section>
     {% endfor %}
   </div>
+  <div class="container">
+    <b>Unconfigured Identity</b>
+    {% for module in unconfigured_identity_template %}
+    <section class="content">
+      <!-- Horizontal Form -->
+      <div class="box box-danger">
+        <form class="form-horizontal" action="create_post" method="post" id="unconfig_usrform{{ forloop.counter }}" name="usrform">
+            {% csrf_token %}
+          <div class="page-header mx-3">
+              <div style="color: red;" id="error-msg">
+              </div>
+              <div style="color: green;" id="success-msg">
+              </div>
+              {% with module.accessUserTemplatePath as includePath %}
+                {% include includePath %}
+              {% endwith %}
+            <div class="form-group">
+                <button id="update_identity" onclick = "form_post('unconfig_usrform{{ forloop.counter }}', 'update')" type="submit" value="update" name="state" class="btn btn-primary" style="border: none;color: white;text-align: center;text-decoration: none;display: inline-block;font-size: 16px;">Update</button>
+              </div>
+          </div>
+        </form>
+      </div>
+    </section>
+    {% endfor %}
+  </div>
+
   <script id="js">
     function form_post(formId, action) {
       if (action == 'update'){