# from . import user_bp import uuid from datetime import datetime as dt, timezone as tz from flask import request, redirect, flash, render_template, Blueprint, session, current_app, jsonify from flask_security import hash_password, roles_required, roles_accepted, current_user from itsdangerous import URLSafeTimedSerializer from sqlalchemy.exc import SQLAlchemyError import ast from common.models.user import User, Tenant, Role, TenantDomain from common.extensions import db, security, minio_client, simple_encryption from common.utils.security_utils import send_confirmation_email, send_reset_email from .user_forms import TenantForm, CreateUserForm, EditUserForm, TenantDomainForm from common.utils.database import Database from common.utils.view_assistants import prepare_table_for_macro, form_validation_failed from common.utils.simple_encryption import generate_api_key from common.utils.nginx_utils import prefixed_url_for user_bp = Blueprint('user_bp', __name__, url_prefix='/user') @user_bp.before_request def log_before_request(): current_app.logger.debug(f"Before request (user_bp): {request.method} {request.url}") if current_user and current_user.is_authenticated: current_app.logger.debug(f"After request (user_bp): Current User: {current_user.email}") else: current_app.logger.debug(f"After request (user_bp): No user logged in") @user_bp.after_request def log_after_request(response): current_app.logger.debug(f"After request (user_bp): {request.method} {request.url} - Status: {response.status}") if current_user and current_user.is_authenticated: current_app.logger.debug(f"After request (user_bp): Current User: {current_user.email}") else: current_app.logger.debug(f"After request (user_bp): No user logged in") return response @user_bp.route('/tenant', methods=['GET', 'POST']) @roles_required('Super User') def tenant(): form = TenantForm() if form.validate_on_submit(): current_app.logger.debug('Creating new tenant') # Handle the required attributes new_tenant = Tenant() form.populate_obj(new_tenant) # new_tenant = Tenant(name=form.name.data, # website=form.website.data, # default_language=form.default_language.data, # allowed_languages=form.allowed_languages.data, # timezone=form.timezone.data, # embedding_model=form.embedding_model.data, # llm_model=form.llm_model.data, # license_start_date=form.license_start_date.data, # license_end_date=form.license_end_date.data, # allowed_monthly_interactions=form.allowed_monthly_interactions.data, # embed_tuning=form.embed_tuning.data, # rag_tuning=form.rag_tuning.data) # Handle Embedding Variables new_tenant.html_tags = [tag.strip() for tag in form.html_tags.data.split(',')] if form.html_tags.data else [] new_tenant.html_end_tags = [tag.strip() for tag in form.html_end_tags.data.split(',')] \ if form.html_end_tags.data else [] new_tenant.html_included_elements = [tag.strip() for tag in form.html_included_elements.data.split(',')] \ if form.html_included_elements.data else [] new_tenant.html_excluded_elements = [tag.strip() for tag in form.html_excluded_elements.data.split(',')] \ if form.html_excluded_elements.data else [] new_tenant.html_excluded_classes = [cls.strip() for cls in form.html_excluded_classes.data.split(',')] \ if form.html_excluded_classes.data else [] current_app.logger.debug(f'html_tags: {new_tenant.html_tags},' f'html_end_tags: {new_tenant.html_end_tags},' f'html_included_elements: {new_tenant.html_included_elements},' f'html_excluded_elements: {new_tenant.html_excluded_elements}') # Handle Timestamps timestamp = dt.now(tz.utc) new_tenant.created_at = timestamp new_tenant.updated_at = timestamp # Add the new tenant to the database and commit the changes try: db.session.add(new_tenant) db.session.commit() except SQLAlchemyError as e: current_app.logger.error(f'Failed to add tenant to database. Error: {str(e)}') flash(f'Failed to add tenant to database. Error: {str(e)}') return render_template('user/tenant.html', form=form) current_app.logger.info(f"Successfully created tenant {new_tenant.id} in Database") flash(f"Successfully created tenant {new_tenant.id} in Database") # Create schema for new tenant current_app.logger.info(f"Creating schema for tenant {new_tenant.id}") Database(new_tenant.id).create_tenant_schema() # Create MinIO bucket for new tenant current_app.logger.info(f"Creating MinIO bucket for tenant {new_tenant.id}") minio_client.create_tenant_bucket(new_tenant.id) return redirect(prefixed_url_for('basic_bp.index')) else: form_validation_failed(request, form) return render_template('user/tenant.html', form=form) @user_bp.route('/tenant/', methods=['GET', 'POST']) @roles_required('Super User') def edit_tenant(tenant_id): tenant = Tenant.query.get_or_404(tenant_id) # This will return a 404 if no tenant is found form = TenantForm(obj=tenant) if request.method == 'GET': # Populate the form with tenant data form.populate_obj(tenant) if tenant.html_tags: form.html_tags.data = ', '.join(tenant.html_tags) if tenant.html_end_tags: form.html_end_tags.data = ', '.join(tenant.html_end_tags) if tenant.html_included_elements: form.html_included_elements.data = ', '.join(tenant.html_included_elements) if tenant.html_excluded_elements: form.html_excluded_elements.data = ', '.join(tenant.html_excluded_elements) if tenant.html_excluded_classes: form.html_excluded_classes.data = ', '.join(tenant.html_excluded_classes) if form.validate_on_submit(): # Populate the tenant with form data form.populate_obj(tenant) # Then handle the special fields manually tenant.html_tags = [tag.strip() for tag in form.html_tags.data.split(',') if tag.strip()] tenant.html_end_tags = [tag.strip() for tag in form.html_end_tags.data.split(',') if tag.strip()] tenant.html_included_elements = [elem.strip() for elem in form.html_included_elements.data.split(',') if elem.strip()] tenant.html_excluded_elements = [elem.strip() for elem in form.html_excluded_elements.data.split(',') if elem.strip()] tenant.html_excluded_classes = [elem.strip() for elem in form.html_excluded_classes.data.split(',') if elem.strip()] db.session.commit() flash('Tenant updated successfully.', 'success') if session.get('tenant'): if session['tenant'].get('id') == tenant_id: session['tenant'] = tenant.to_dict() # return redirect(url_for(f"user/tenant/tenant_id")) else: form_validation_failed(request, form) return render_template('user/edit_tenant.html', form=form, tenant_id=tenant_id) @user_bp.route('/user', methods=['GET', 'POST']) @roles_accepted('Super User', 'Tenant Admin') def user(): form = CreateUserForm() form.tenant_id.data = session.get('tenant').get('id') # It is only possible to create users for the session tenant if form.validate_on_submit(): current_app.logger.info(f"Adding User for tenant {session['tenant']['id']} ") new_user = User(user_name=form.user_name.data, email=form.email.data, first_name=form.first_name.data, last_name=form.last_name.data, valid_to=form.valid_to.data, tenant_id=form.tenant_id.data, fs_uniquifier=uuid.uuid4().hex, ) timestamp = dt.now(tz.utc) new_user.created_at = timestamp new_user.updated_at = timestamp # Add roles for role_id in form.roles.data: the_role = Role.query.get(role_id) new_user.roles.append(the_role) # Add the new user to the database and commit the changes try: db.session.add(new_user) db.session.commit() # security.datastore.set_uniquifier(new_user) try: send_confirmation_email(new_user) current_app.logger.debug(f'User {new_user.id} with name {new_user.user_name} added to database' f'Confirmation email sent to {new_user.email}') flash('User added successfully and confirmation email sent.', 'success') except Exception as e: current_app.logger.error(f'Failed to send confirmation email to {new_user.email}. Error: {str(e)}') flash('User added successfully, but failed to send confirmation email. ' 'Please contact the administrator.', 'warning') return redirect(prefixed_url_for('user_bp.view_users')) except Exception as e: current_app.logger.error(f'Failed to add user with name {new_user.user_name}. Error: {str(e)}') db.session.rollback() flash(f'Failed to add user. Email or user name already exists.', 'danger') else: form_validation_failed(request, form) return render_template('user/user.html', form=form) @user_bp.route('/user/', methods=['GET', 'POST']) @roles_accepted('Super User', 'Tenant Admin') def edit_user(user_id): user = User.query.get_or_404(user_id) # This will return a 404 if no user is found form = EditUserForm(obj=user) if form.validate_on_submit(): # Populate the user with form data user.first_name = form.first_name.data user.last_name = form.last_name.data user.valid_to = form.valid_to.data user.updated_at = dt.now(tz.utc) # Update roles current_roles = set(role.id for role in user.roles) selected_roles = set(form.roles.data) # Add new roles for role_id in selected_roles - current_roles: role = Role.query.get(role_id) if role: user.roles.append(role) # Remove unselected roles for role_id in current_roles - selected_roles: role = Role.query.get(role_id) if role: user.roles.remove(role) db.session.commit() flash('User updated successfully.', 'success') return redirect( prefixed_url_for('user_bp.edit_user', user_id=user.id)) # Assuming there's a user profile view to redirect to else: form_validation_failed(request, form) form.roles.data = [role.id for role in user.roles] return render_template('user/edit_user.html', form=form, user_id=user_id) @user_bp.route('/select_tenant') @roles_required('Super User') def select_tenant(): page = request.args.get('page', 1, type=int) per_page = request.args.get('per_page', 10, type=int) query = Tenant.query.order_by(Tenant.name) # Fetch all tenants from the database pagination = query.paginate(page=page, per_page=per_page) tenants = pagination.items rows = prepare_table_for_macro(tenants, [('id', ''), ('name', ''), ('website', '')]) return render_template('user/select_tenant.html', rows=rows, pagination=pagination) @user_bp.route('/handle_tenant_selection', methods=['POST']) @roles_required('Super User') def handle_tenant_selection(): tenant_identification = request.form['selected_row'] tenant_id = ast.literal_eval(tenant_identification).get('value') the_tenant = Tenant.query.get(tenant_id) session['tenant'] = the_tenant.to_dict() session['default_language'] = the_tenant.default_language session['embedding_model'] = the_tenant.embedding_model session['llm_model'] = the_tenant.llm_model action = request.form['action'] match action: case 'view_users': return redirect(prefixed_url_for('user_bp.view_users', tenant_id=tenant_id)) case 'edit_tenant': return redirect(prefixed_url_for('user_bp.edit_tenant', tenant_id=tenant_id)) case 'select_tenant': return redirect(prefixed_url_for('user_bp.tenant_overview')) # Add more conditions for other actions return redirect(prefixed_url_for('select_tenant')) @user_bp.route('/view_users') @roles_accepted('Super User', 'Tenant Admin') def view_users(): page = request.args.get('page', 1, type=int) per_page = request.args.get('per_page', 10, type=int) tenant_id = session.get('tenant').get('id') query = User.query.filter_by(tenant_id=tenant_id).order_by(User.user_name) pagination = query.paginate(page=page, per_page=per_page) users = pagination.items # prepare table data rows = prepare_table_for_macro(users, [('id', ''), ('user_name', ''), ('email', '')]) # Render the users in a template return render_template('user/view_users.html', rows=rows, pagination=pagination) @user_bp.route('/handle_user_action', methods=['POST']) @roles_accepted('Super User', 'Tenant Admin') def handle_user_action(): user_identification = request.form['selected_row'] user_id = ast.literal_eval(user_identification).get('value') user = User.query.get_or_404(user_id) action = request.form['action'] if action == 'edit_user': return redirect(prefixed_url_for('user_bp.edit_user', user_id=user_id)) elif action == 'resend_confirmation_email': send_confirmation_email(user) flash(f'Confirmation email sent to {user.email}.', 'success') elif action == 'send_password_reset_email': send_reset_email(user) flash(f'Password reset email sent to {user.email}.', 'success') elif action == 'reset_uniquifier': reset_uniquifier(user) flash(f'Uniquifier reset for {user.user_name}.', 'success') return redirect(prefixed_url_for('user_bp.view_users')) @user_bp.route('/view_tenant_domains') @roles_accepted('Super User', 'Tenant Admin') def view_tenant_domains(): page = request.args.get('page', 1, type=int) per_page = request.args.get('per_page', 10, type=int) tenant_id = session.get('tenant').get('id') query = TenantDomain.query.filter_by(tenant_id=tenant_id).order_by(TenantDomain.domain) pagination = query.paginate(page=page, per_page=per_page) tenant_domains = pagination.items # prepare table data rows = prepare_table_for_macro(tenant_domains, [('id', ''), ('domain', ''), ('valid_to', '')]) # Render the users in a template return render_template('user/view_tenant_domains.html', rows=rows, pagination=pagination) @user_bp.route('/handle_tenant_domain_action', methods=['POST']) @roles_accepted('Super User', 'Tenant Admin') def handle_tenant_domain_action(): tenant_domain_identification = request.form['selected_row'] tenant_domain_id = ast.literal_eval(tenant_domain_identification).get('value') action = request.form['action'] if action == 'edit_tenant_domain': return redirect(prefixed_url_for('user_bp.edit_tenant_domain', tenant_domain_id=tenant_domain_id)) # Add more conditions for other actions return redirect(prefixed_url_for('view_tenant_domains')) @user_bp.route('/tenant_domain', methods=['GET', 'POST']) @roles_accepted('Super User', 'Tenant Admin') def tenant_domain(): form = TenantDomainForm() if form.validate_on_submit(): new_tenant_domain = TenantDomain() form.populate_obj(new_tenant_domain) new_tenant_domain.tenant_id = session['tenant']['id'] set_logging_information(new_tenant_domain, dt.now(tz.utc)) # Add the new user to the database and commit the changes try: db.session.add(new_tenant_domain) db.session.commit() flash('Tenant Domain added successfully.', 'success') current_app.logger.info(f'Tenant Domain {new_tenant_domain.domain} added for tenant {session["tenant"]["id"]}') except SQLAlchemyError as e: db.session.rollback() flash(f'Failed to add Tenant Domain. Error: {str(e)}', 'danger') current_app.logger.error(f'Failed to create Tenant Domain {new_tenant_domain.domain}. ' f'for tenant {session["tenant"]["id"]}' f'Error: {str(e)}') else: flash('Please fill in all required fields.', 'information') return render_template('user/tenant_domain.html', form=form) @user_bp.route('/tenant_domain/', methods=['GET', 'POST']) @roles_accepted('Super User', 'Tenant Admin') def edit_tenant_domain(tenant_domain_id): tenant_domain = TenantDomain.query.get_or_404(tenant_domain_id) # This will return a 404 if no user is found form = TenantDomainForm(obj=tenant_domain) if request.method == 'POST' and form.validate_on_submit(): form.populate_obj(tenant_domain) update_logging_information(tenant_domain, dt.now(tz.utc)) try: db.session.add(tenant_domain) db.session.commit() flash('Tenant Domain updated successfully.', 'success') except SQLAlchemyError as e: db.session.rollback() flash(f'Failed to update Tenant Domain. Error: {str(e)}', 'danger') current_app.logger.error(f'Failed to update Tenant Domain {tenant_domain.id}. ' f'for tenant {session["tenant"]["id"]}' f'Error: {str(e)}') return redirect( prefixed_url_for('user_bp.view_tenant_domains', tenant_id=session['tenant']['id'])) # Assuming there's a user profile view to redirect to else: form_validation_failed(request, form) return render_template('user/edit_tenant_domain.html', form=form, tenant_domain_id=tenant_domain_id) @user_bp.route('/check_chat_api_key', methods=['POST']) @roles_accepted('Super User', 'Tenant Admin') def check_chat_api_key(): tenant_id = session['tenant']['id'] tenant = Tenant.query.get_or_404(tenant_id) if tenant.encrypted_chat_api_key: return jsonify({'api_key_exists': True}) return jsonify({'api_key_exists': False}) @user_bp.route('/generate_chat_api_key', methods=['POST']) @roles_accepted('Super User', 'Tenant Admin') def generate_chat_api_key(): tenant = Tenant.query.get_or_404(session['tenant']['id']) new_api_key = generate_api_key(prefix="EveAI-CHAT") tenant.encrypted_chat_api_key = simple_encryption.encrypt_api_key(new_api_key) update_logging_information(tenant, dt.now(tz.utc)) try: db.session.add(tenant) db.session.commit() except SQLAlchemyError as e: db.session.rollback() current_app.logger.error(f'Unable to store api key for tenant {tenant.id}. Error: {str(e)}') return jsonify({'api_key': new_api_key}), 200 @user_bp.route('/tenant_overview', methods=['GET']) @roles_accepted('Super User', 'Tenant Admin') def tenant_overview(): current_app.logger.debug('Rendering tenant overview') current_app.logger.debug(f'current_user: {current_user}') current_app.logger.debug(f'Current user roles: {current_user.roles}') tenant_id = session['tenant']['id'] current_app.logger.debug(f'Generating overview for tenant {tenant_id}') tenant = Tenant.query.get_or_404(tenant_id) form = TenantForm(obj=tenant) return render_template('user/tenant_overview.html', form=form) def reset_uniquifier(user): security.datastore.set_uniquifier(user) db.session.add(user) db.session.commit() send_reset_email(user) def set_logging_information(obj, timestamp): obj.created_at = timestamp obj.updated_at = timestamp obj.created_by = current_user.id obj.updated_by = current_user.id def update_logging_information(obj, timestamp): obj.updated_at = timestamp obj.updated_by = current_user.id