clearml-server/apiserver/mongo/initialize/user.py

from datetime import datetime
from logging import Logger

import attr

from apiserver.database.model.auth import Role
from apiserver.database.model.auth import User as AuthUser, Credentials
from apiserver.database.model.user import User
from apiserver.service_repo.auth.fixed_user import FixedUser


def _ensure_user_credentials(
    user: AuthUser, key: str, secret: str, log: Logger, revoke: bool = False
) -> None:
    if revoke:
        log.info(f"Revoking credentials for existing user {user.id} ({user.name})")
        user.credentials = []
        user.save()
        return

    if not (key and secret):
        log.info(f"Resetting credentials for existing user {user.id} ({user.name})")
        user.credentials = []
        user.save()
        return

    new_credentials = Credentials(key=key, secret=secret)
    log.info(f"Setting credentials for existing user {user.id} ({user.name})")
    user.credentials = [new_credentials]
    user.save()
    return


def _ensure_auth_user(user_data: dict, company_id: str, log: Logger, revoke: bool = False) -> str:
    user_id = user_data.get("id", f"__{user_data['name']}__")
    role = user_data["role"]
    email = user_data["email"]
    autocreated = user_data.get("autocreated", False)
    key, secret = user_data.get("key"), user_data.get("secret")

    user: AuthUser = AuthUser.objects(id=user_id).first()
    if user:
        _ensure_user_credentials(user=user, key=key, secret=secret, log=log, revoke=revoke)
        if (
            user.role != role
            or user.email != email
            or user.autocreated != autocreated
        ):
            user.email = email
            user.role = role
            user.autocreated = autocreated
            user.save()

        return user.id

    credentials = (
        [Credentials(key=key, secret=secret)]
        if not revoke and key and secret
        else []
    )
    log.info(f"Creating user: {user_data['name']}")

    user = AuthUser(
        id=user_id,
        name=user_data["name"],
        company=company_id,
        role=role,
        email=email,
        created=datetime.utcnow(),
        credentials=credentials,
        autocreated=autocreated,
    )

    user.save()

    return user.id


def _ensure_backend_user(user_id: str, company_id: str, user_name: str):
    given_name, _, family_name = user_name.partition(" ")

    User(
        id=user_id,
        company=company_id,
        name=user_name,
        given_name=given_name,
        family_name=family_name,
        created=datetime.utcnow(),
    ).save()

    return user_id


def ensure_fixed_user(user: FixedUser, log: Logger, emails: set):
    # noinspection PyTypeChecker
    data = attr.asdict(user)
    data["id"] = user.user_id
    email = f"{user.user_id}@example.com"
    data["email"] = email
    data["role"] = Role.guest if user.is_guest else Role.user
    data["autocreated"] = True

    _ensure_auth_user(user_data=data, company_id=user.company, log=log)

    db_user = User.objects(company=user.company, id=user.user_id).first()
    if db_user:
        # noinspection PyBroadException
        try:
            log.info(f"Updating user name: {user.name}")
            given_name, _, family_name = user.name.partition(" ")
            db_user.update(name=user.name, given_name=given_name, family_name=family_name)
        except Exception:
            pass
    else:
        _ensure_backend_user(user.user_id, user.company, user.name)

    emails.add(email)
Add pre-populate feature to allow starting a new server installation with packaged example experiments 2020-03-05 12:54:34 +00:00			`from datetime import datetime`
			`from logging import Logger`

			`import attr`

Use apiserver namespace 2021-01-05 14:28:49 +00:00			`from apiserver.database.model.auth import Role`
			`from apiserver.database.model.auth import User as AuthUser, Credentials`
			`from apiserver.database.model.user import User`
			`from apiserver.service_repo.auth.fixed_user import FixedUser`
Add pre-populate feature to allow starting a new server installation with packaged example experiments 2020-03-05 12:54:34 +00:00

Fix fixed users creation/removal 2024-06-20 14:57:23 +00:00			`def _ensure_user_credentials(`
Support for first and mean value for task last scalar metrics 2024-12-05 17:02:48 +00:00			`user: AuthUser, key: str, secret: str, log: Logger, revoke: bool = False`
Fix fixed users creation/removal 2024-06-20 14:57:23 +00:00			`) -> None:`
			`if revoke:`
			`log.info(f"Revoking credentials for existing user {user.id} ({user.name})")`
			`user.credentials = []`
			`user.save()`
			`return`

Fix server unable to create fixed users due to incorrect access to user_data["key"] 2020-06-21 20:52:01 +00:00			`if not (key and secret):`
Support for first and mean value for task last scalar metrics 2024-12-05 17:02:48 +00:00			`log.info(f"Resetting credentials for existing user {user.id} ({user.name})")`
			`user.credentials = []`
Fix user credentials reset on apiserver restart 2024-07-17 08:22:52 +00:00			`user.save()`
			`return`

Support for first and mean value for task last scalar metrics 2024-12-05 17:02:48 +00:00			`new_credentials = Credentials(key=key, secret=secret)`
			`log.info(f"Setting credentials for existing user {user.id} ({user.name})")`
			`user.credentials = [new_credentials]`
			`user.save()`
			`return`
Add pre-populate feature to allow starting a new server installation with packaged example experiments 2020-03-05 12:54:34 +00:00
Fix server unable to create fixed users due to incorrect access to user_data["key"] 2020-06-21 20:52:01 +00:00
Support for first and mean value for task last scalar metrics 2024-12-05 17:02:48 +00:00			`def _ensure_auth_user(user_data: dict, company_id: str, log: Logger, revoke: bool = False) -> str:`
Revoke built-in webserver system-role credentials (used by the WebApp) in case we're running in fixed-mode 2020-06-01 08:41:43 +00:00			`user_id = user_data.get("id", f"__{user_data['name']}__")`
Fix fixed users creation/removal 2024-06-20 14:57:23 +00:00			`role = user_data["role"]`
			`email = user_data["email"]`
Improve handling of fixed users 2024-03-18 13:49:42 +00:00			`autocreated = user_data.get("autocreated", False)`
Fix fixed users creation/removal 2024-06-20 14:57:23 +00:00			`key, secret = user_data.get("key"), user_data.get("secret")`
Revoke built-in webserver system-role credentials (used by the WebApp) in case we're running in fixed-mode 2020-06-01 08:41:43 +00:00
Fix fixed users creation/removal 2024-06-20 14:57:23 +00:00			`user: AuthUser = AuthUser.objects(id=user_id).first()`
			`if user:`
Support for first and mean value for task last scalar metrics 2024-12-05 17:02:48 +00:00			`_ensure_user_credentials(user=user, key=key, secret=secret, log=log, revoke=revoke)`
			`if (`
			`user.role != role`
			`or user.email != email`
			`or user.autocreated != autocreated`
			`):`
Fix fixed users creation/removal 2024-06-20 14:57:23 +00:00			`user.email = email`
			`user.role = role`
			`user.autocreated = autocreated`
			`user.save()`

			`return user.id`

			`credentials = (`
Support for first and mean value for task last scalar metrics 2024-12-05 17:02:48 +00:00			`[Credentials(key=key, secret=secret)]`
			`if not revoke and key and secret`
			`else []`
Fix fixed users creation/removal 2024-06-20 14:57:23 +00:00			`)`
Add pre-populate feature to allow starting a new server installation with packaged example experiments 2020-03-05 12:54:34 +00:00			`log.info(f"Creating user: {user_data['name']}")`
Fix server unable to create fixed users due to incorrect access to user_data["key"] 2020-06-21 20:52:01 +00:00
Add pre-populate feature to allow starting a new server installation with packaged example experiments 2020-03-05 12:54:34 +00:00			`user = AuthUser(`
Revoke built-in webserver system-role credentials (used by the WebApp) in case we're running in fixed-mode 2020-06-01 08:41:43 +00:00			`id=user_id,`
Add pre-populate feature to allow starting a new server installation with packaged example experiments 2020-03-05 12:54:34 +00:00			`name=user_data["name"],`
			`company=company_id,`
Fix fixed users creation/removal 2024-06-20 14:57:23 +00:00			`role=role,`
			`email=email,`
Add pre-populate feature to allow starting a new server installation with packaged example experiments 2020-03-05 12:54:34 +00:00			`created=datetime.utcnow(),`
Fix server unable to create fixed users due to incorrect access to user_data["key"] 2020-06-21 20:52:01 +00:00			`credentials=credentials,`
Improve handling of fixed users 2024-03-18 13:49:42 +00:00			`autocreated=autocreated,`
Add pre-populate feature to allow starting a new server installation with packaged example experiments 2020-03-05 12:54:34 +00:00			`)`

			`user.save()`

			`return user.id`


			`def _ensure_backend_user(user_id: str, company_id: str, user_name: str):`
			`given_name, _, family_name = user_name.partition(" ")`

			`User(`
			`id=user_id,`
			`company=company_id,`
			`name=user_name,`
			`given_name=given_name,`
			`family_name=family_name,`
Add created field to backend.user 2022-09-29 16:29:36 +00:00			`created=datetime.utcnow(),`
Add pre-populate feature to allow starting a new server installation with packaged example experiments 2020-03-05 12:54:34 +00:00			`).save()`

			`return user_id`


Improve handling of fixed users 2024-03-18 13:49:42 +00:00			`def ensure_fixed_user(user: FixedUser, log: Logger, emails: set):`
Remove default credentials and reset existing credentials if none were provided 2024-06-26 07:52:42 +00:00			`# noinspection PyTypeChecker`
Fix fixed users creation/removal 2024-06-20 14:57:23 +00:00			`data = attr.asdict(user)`
			`data["id"] = user.user_id`
			`email = f"{user.user_id}@example.com"`
			`data["email"] = email`
			`data["role"] = Role.guest if user.is_guest else Role.user`
			`data["autocreated"] = True`

			`_ensure_auth_user(user_data=data, company_id=user.company, log=log)`

Update fixed user name if user already exists 2020-08-23 12:38:53 +00:00			`db_user = User.objects(company=user.company, id=user.user_id).first()`
			`if db_user:`
			`# noinspection PyBroadException`
			`try:`
			`log.info(f"Updating user name: {user.name}")`
			`given_name, _, family_name = user.name.partition(" ")`
Support for first and mean value for task last scalar metrics 2024-12-05 17:02:48 +00:00			`db_user.update(name=user.name, given_name=given_name, family_name=family_name)`
Update fixed user name if user already exists 2020-08-23 12:38:53 +00:00			`except Exception:`
			`pass`
Fix fixed users creation/removal 2024-06-20 14:57:23 +00:00			`else:`
			`_ensure_backend_user(user.user_id, user.company, user.name)`
Add pre-populate feature to allow starting a new server installation with packaged example experiments 2020-03-05 12:54:34 +00:00
Improve handling of fixed users 2024-03-18 13:49:42 +00:00			`emails.add(email)`