search

zap-me / zap_payments

MIT License
0 stars 1 forks source link

added bronze_user table and a way it adds the email to the bronze_use… #23

Closed eoliveros closed 3 years ago

eoliveros commented 3 years ago

…r table. We could add more fields later but need to know those fields

This would add the email address to the table when the user is oauth already and visits the utilities page.

djpnewton commented 3 years ago

I think perhaps we should not use a new user table "BronzeUser" but we should instead create a new table "BronzeData"

We already have a User table and we should just add bronze users to this table..

The bronze data table we can start with:

so..:

this way we can change the app so it blocks if the user does not have "bronze" role and the bronze data "kyc_validated" field is false

eoliveros commented 3 years ago

able to tell me what kind of relationship between User and BronzeData? I'm thinking one-to-one but not sure.

Also "kyc_validated"? is this a boolean or just string?

Also, looking at check_bronze_auth(after renaming it), are we planning on giving access to the flask-admin?

djpnewton commented 3 years ago

able to tell me what kind of relationship between User and BronzeData? I'm thinking one-to-one but not sure.

one to one

Also "kyc_validated"? is this a boolean or just string?

boolean

Also, looking at check_bronze_auth(after renaming it), are we planning on giving access to the flask-admin?

no

eoliveros commented 3 years ago

activate_user is erroring. when i try to use it. same for deactivate_user. its pointing to user.active.... dont know why. It's like the moduleflask-security-too/flask-security is trying to use the function but something is not being triggered or was never triggered causing the error.

Also, if we activate_user, we are essentially giving the bronze user access to flask-admin. We need to deactivate any accounts with that has bronze user account. If the admin(role) is also assigned to the user, there is no way to activate only the admin or bronze account, everything to do with the user will have to be either activate or deactivate

djpnewton commented 3 years ago

activate_user is erroring. when i try to use it. same for deactivate_user. its pointing to user.active.... dont know why. It's like the moduleflask-security-too/flask-security is trying to use the function but something is not being triggered or was never triggered causing the error.

what is the error?

Also, if we activate_user, we are essentially giving the bronze user access to flask-admin. We need to deactivate any accounts with that has bronze user account. If the admin(role) is also assigned to the user, there is no way to activate only the admin or bronze account, everything to do with the user will have to be either activate or deactivate

all our admin tables are restricted to users with the admin role

eoliveros commented 3 years ago

oauth a user, testingzap002@gmail.com:

[2020-11-11 03:56:58,003] ERROR in app: Exception on /utilities [GET]
Traceback (most recent call last):
  File "/root/git/zap_bill_payment/venv/lib/python3.6/site-packages/flask/app.py", line 2292, in wsgi_app
    response = self.full_dispatch_request()
  File "/root/git/zap_bill_payment/venv/lib/python3.6/site-packages/flask/app.py", line 1815, in full_dispatch_request
    rv = self.handle_user_exception(e)
  File "/root/git/zap_bill_payment/venv/lib/python3.6/site-packages/flask/app.py", line 1718, in handle_user_exception
    reraise(exc_type, exc_value, tb)
  File "/root/git/zap_bill_payment/venv/lib/python3.6/site-packages/flask/_compat.py", line 35, in reraise
    raise value
  File "/root/git/zap_bill_payment/venv/lib/python3.6/site-packages/flask/app.py", line 1813, in full_dispatch_request
    rv = self.dispatch_request()
  File "/root/git/zap_bill_payment/venv/lib/python3.6/site-packages/flask/app.py", line 1799, in dispatch_request
    return self.view_functions[rule.endpoint](**req.view_args)
  File "app.py", line 426, in utilities
    if check_bronze_auth(True):
  File "app.py", line 268, in check_bronze_auth
    user_datastore.activate_user(email)
  File "/root/git/zap_bill_payment/venv/lib/python3.6/site-packages/flask_security/datastore.py", line 273, in activate_user
    if not user.active:
AttributeError: 'str' object has no attribute 'active'

the above shows up when im calling this:

if not bronzeuser:
        create_bronzeuser(email)
add_role(email, 'bronze')
user_datastore.activate_user(email)

at the moment. when im selecting user:

sqlite> select * from user;
2|testingzap001@gmail.com||0|2020-11-10 23:52:09.978275
3|testingzap002@gmail.com||1|

I can see the the user being created. asfor the role, im using the function already in the app.py instead of using the one inside the flask_security, which i could but no point especially since the function add_role has some logic in it I could use.

The issue with activate_user/deactivate_user is that if you already have the same email address that is already has an admin role or any other roles, this will affect this role as well.

djpnewton commented 3 years ago

user_datastore.activate_user takes a user object not an email

you should pass in the user created via user_datastore.create_user

eoliveros commented 3 years ago

ill try:


user = user_datastore.get_user(email)
user_datastore.activate_user(user)

but will need to go home since everyone else is about to elave
djpnewton commented 3 years ago

you would be better to return the user from your create_bronzeuser function

eoliveros commented 3 years ago

you would be better to return the user from your create_bronzeuser function

getting following:

2020-11-11 22:40:49,937] ERROR in app: Exception on /utilities [GET]
Traceback (most recent call last):
  File "/root/git/zap_bill_payment/venv/lib/python3.6/site-packages/flask/app.py", line 2292, in wsgi_app
    response = self.full_dispatch_request()
  File "/root/git/zap_bill_payment/venv/lib/python3.6/site-packages/flask/app.py", line 1815, in full_dispatch_request
    rv = self.handle_user_exception(e)
  File "/root/git/zap_bill_payment/venv/lib/python3.6/site-packages/flask/app.py", line 1718, in handle_user_exception
    reraise(exc_type, exc_value, tb)
  File "/root/git/zap_bill_payment/venv/lib/python3.6/site-packages/flask/_compat.py", line 35, in reraise
    raise value
  File "/root/git/zap_bill_payment/venv/lib/python3.6/site-packages/flask/app.py", line 1813, in full_dispatch_request
    rv = self.dispatch_request()
  File "/root/git/zap_bill_payment/venv/lib/python3.6/site-packages/flask/app.py", line 1799, in dispatch_request
    return self.view_functions[rule.endpoint](**req.view_args)
  File "app.py", line 435, in utilities
    if check_bronze_auth(True):
  File "app.py", line 278, in check_bronze_auth
    user_datastore.activate_user(user)
  File "/root/git/zap_bill_payment/venv/lib/python3.6/site-packages/flask_security/datastore.py", line 273, in activate_user
    if not user.active:
  File "/root/git/zap_bill_payment/venv/lib/python3.6/site-packages/sqlalchemy/orm/attributes.py", line 287, in __get__
    return self.impl.get(instance_state(instance), dict_)
  File "/root/git/zap_bill_payment/venv/lib/python3.6/site-packages/sqlalchemy/orm/attributes.py", line 718, in get
    value = state._load_expired(state, passive)
  File "/root/git/zap_bill_payment/venv/lib/python3.6/site-packages/sqlalchemy/orm/state.py", line 652, in _load_expired
    self.manager.deferred_scalar_loader(self, toload)
  File "/root/git/zap_bill_payment/venv/lib/python3.6/site-packages/sqlalchemy/orm/loading.py", line 944, in load_scalar_attributes
    "attribute refresh operation cannot proceed" % (state_str(state))
sqlalchemy.orm.exc.DetachedInstanceError: Instance <User at 0x7f1f69d54be0> is not bound to a Session; attribute refresh operation cannot proceed (Background on this error at: http://sqlalche.me/e/13/bhk3)

when im returning this:

### create users with 'bronze' role
def create_bronzeuser(email):
    if not get_bronzeuser(email):
        logger.info('Adding email address: '+email+' to the DB')
        user_datastore.create_user(email=email)
        db.session.commit()
    return user_datastore.get_user(email)

ok, u mean doing it this way?

### create users with 'bronze' role
def create_bronzeuser(email):
    logger.info('Adding email address: '+email+' to the DB')
    user_datastore.create_user(email=email)
    db.session.commit()
    logger.info('Activating email address: '+email)
    user = user_datastore.get_user(email)
    user_datastore.activate_user(user)
djpnewton commented 3 years ago

no i mean do user = user_datastore.create_user(email=email) and get rid of user = user_datastore.get_user(email)

djpnewton commented 3 years ago

I tested it and made some changes.

It is actually more complicated then I first thought (esp check_bronze_auth function)

What do you think @eoliveros ?