Closed nataliejschultz closed 5 months ago
First draft of the script is working and ready for review :)
@shankari I realized you're not mentioned here, so probably didn't get my update! The script is ready for review 😄
I would like you to support both. It sounds like the main difference is in authenticating to AWS. So you would have
auth_for_gh_actions
and auth_for_local_run
and have the rest of the code be the same.
You would invoke auth_for_gh_actions
or auth_for_local_run
either by seeing which environmental variables were present, or by using argparse
to have people pass in -g
for gha and -l
for local or something.
@nataliejschultz This looks good to me overall and I am ready to merge it after the task below. Can you please update with "Testing done" (note https://github.com/e-mission/nrel-openpath-deploy-configs/pull/45#discussion_r1417739879) and move it to "Ready for review" once done?
@nataliejschultz Can you please update with "Testing done" (note #45 (comment)) and move it to "Ready for review" once done?
I found an error with running the script from different directories while testing. Testing is now done, the script is updated, and the PR is back in ready for review! I think it's all ready.
@nataliejschultz wrt "Can you please update with "Testing done"" I would like you to actually list the testing done. e.g.
more tests more tests ....
I would like you to actually list the testing done.
I removed myself from the account between each test to see if it would get through the entire process:
running script directly:
python email-config.py -l ../configs/wyoming.nrel-op.json
myemail@nrel.gov not in user pool! Creating account...
Account created! Sending welcome email.
running from one directory up:
python ./email_automation/email-config.py -l configs/wyoming.nrel-op.json
myemail@nrel.gov not in user pool! Creating account...
Account created! Sending welcome email.
running at config file location:
python ../email_automation/email-config.py -l wyoming.nrel-op.json
myemail@nrel.gov not in user pool! Creating account...
Account created! Sending welcome email.
running from far away directory:
python Documents/GitHub/forked-nrel-openpath-deploy-configs/email_automation/email-config.py -l Documents/GitHub/forked-nrel-openpath-deploy-configs/configs/wyoming.nrel-op.json
myemail@nrel.gov not in user pool! Creating account...
Account created! Sending welcome email.
I got an email each time!
I added functionality to remove users who are not in the config file, but are already in the user pool. Previously, I created the user_already_exists
function:
def user_already_exists(pool_id, email, cognito_client):
try:
response = cognito_client.list_users(UserPoolId=pool_id)
users = response["Users"]
result = False
if str(users).find(email) > 1:
result = True
return result
except ClientError as err:
logger.error(
"Couldn't list users for %s. Here's why: %s: %s",
pool_id,
err.response["Error"]["Code"],
err.response["Error"]["Message"],
)
raise
this function takes users
, which is a list of dictionaries containing info on each user in the pool, and searches for a string matching the desired email.
For the new use case, I modified it a bit to create get_users
:
def get_users(pool_id, cognito_client):
try:
response = cognito_client.list_users(UserPoolId=pool_id)
return response["Users"]
except ClientError as err:
logger.error(
"Couldn't list users for %s. Here's why: %s: %s",
pool_id,
err.response["Error"]["Code"],
err.response["Error"]["Message"],
)
raise
This function is called early on in the program, and gives us the users
variable:
users = get_users(pool_id, cognito_client)
Next, each dictionary in users
is looped over, and the email is isolated as user_email
.
for user in users:
for attr_dict in user["Attributes"]:
if attr_dict["Name"] == "email":
user_email = attr_dict["Value"]
if user_email not in emails:
remove_user(pool_id, user_email)
print(f"{user_email} removed from pool.")
If the user_email
is not in the emails
list that was pulled from the config file, another new function named remove_user
is called:
def remove_user(pool_id, user):
response = cognito_client.admin_delete_user(
UserPoolId= pool_id,
Username= str(user)
)
I tested this by adding myself to the pool:
email1@nrel.gov not in user pool! Creating account...
Account created! Sending welcome email.
Then trying to re-add myself AND another new email,
email1@nrel.gov already in user pool!
email2@yahoo.com not in user pool! Creating account...
Account created! Sending welcome email.
And finally, removing my first email from the config to see what happens:
email1@nrel.gov removed from pool.
email2@yahoo.com already in user pool!
I checked the user pool, and my email1@nrel.gov was indeed removed from the pool! I decided to try and follow the welcome email to log in with my removed email, just to see what would happen. I got the following message:
I added functionality to remove users who are not in the config file, but are already in the user pool.
@shankari I haven't pushed these changes yet since this PR is still open; I am happy to put it in a separate PR once this one is merged, or just push it to this one. Wanted to check with you beforehand.
PR for e-mission/e-mission-docs#1008
email-config.py currently:
will: