Integr8sCode/backend/app/services/admin/admin_user_service.py at 110077b926dd0f23be0b56db25352f8b47d044c9 · HardMax71/Integr8sCode · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
import logging
from dataclasses import asdict
from datetime import datetime, timedelta, timezone

from app.core.security import SecurityService
from app.db.repositories.admin.admin_user_repository import AdminUserRepository
from app.domain.admin import AdminUserOverviewDomain, DerivedCountsDomain, RateLimitSummaryDomain
from app.domain.enums.events import EventType
from app.domain.enums.execution import ExecutionStatus
from app.domain.enums.user import UserRole
from app.domain.rate_limit import RateLimitUpdateResult, UserRateLimit, UserRateLimitsResult
from app.domain.user import DomainUserCreate, PasswordReset, User, UserListResult, UserUpdate
from app.schemas_pydantic.user import UserCreate
from app.services.event_service import EventService
from app.services.execution_service import ExecutionService
from app.services.rate_limit_service import RateLimitService


class AdminUserService:
    def __init__(
        self,
        user_repository: AdminUserRepository,
        event_service: EventService,
        execution_service: ExecutionService,
        rate_limit_service: RateLimitService,
        security_service: SecurityService,
        logger: logging.Logger,
    ) -> None:
        self._users = user_repository
        self._events = event_service
        self._executions = execution_service
        self._rate_limits = rate_limit_service
        self._security = security_service
        self.logger = logger

    async def get_user_overview(self, user_id: str, hours: int = 24) -> AdminUserOverviewDomain:
        self.logger.info("Admin getting user overview", extra={"target_user_id": user_id, "hours": hours})
        user = await self._users.get_user_by_id(user_id)
        if not user:
            raise ValueError("User not found")

        now = datetime.now(timezone.utc)
        start = now - timedelta(hours=hours)
        stats_domain = await self._events.get_event_statistics(
            user_id=user_id,
            user_role=UserRole.ADMIN,
            start_time=start,
            end_time=now,
            include_all_users=False,
        )
        exec_stats = await self._executions.get_execution_stats(user_id=user_id, time_range=(start, now))
        by_status = exec_stats.get("by_status", {}) or {}

        def _count(status: ExecutionStatus) -> int:
            return int(by_status.get(status, 0) or by_status.get(status.value, 0) or 0)

        succeeded = _count(ExecutionStatus.COMPLETED)
        failed = _count(ExecutionStatus.FAILED)
        timeout = _count(ExecutionStatus.TIMEOUT)
        cancelled = _count(ExecutionStatus.CANCELLED)
        derived = DerivedCountsDomain(
            succeeded=succeeded,
            failed=failed,
            timeout=timeout,
            cancelled=cancelled,
            terminal_total=succeeded + failed + timeout + cancelled,
        )

        rl = await self._rate_limits.get_user_rate_limit(user_id)
        rl_summary = RateLimitSummaryDomain(
            bypass_rate_limit=rl.bypass_rate_limit if rl else False,
            global_multiplier=rl.global_multiplier if rl else 1.0,
            has_custom_limits=bool(rl.rules) if rl else False,
        )

        # Recent execution-related events (last 10)
        event_types: list[EventType] = [
            EventType.EXECUTION_REQUESTED,
            EventType.EXECUTION_STARTED,
            EventType.EXECUTION_COMPLETED,
            EventType.EXECUTION_FAILED,
            EventType.EXECUTION_TIMEOUT,
            EventType.EXECUTION_CANCELLED,
        ]
        recent_result = await self._events.get_user_events_paginated(
            user_id=user_id,
            event_types=[str(et) for et in event_types],
            start_time=start,
            end_time=now,
            limit=10,
            skip=0,
            sort_order="desc",
        )
        recent_events = recent_result.events

        return AdminUserOverviewDomain(
            user=user,
            stats=stats_domain,
            derived_counts=derived,
            rate_limit_summary=rl_summary,
            recent_events=recent_events,
        )

    async def list_users(
        self, *, admin_username: str, limit: int, offset: int, search: str | None, role: UserRole | None
    ) -> UserListResult:
        self.logger.info(
            "Admin listing users",
            extra={
                "admin_username": admin_username,
                "limit": limit,
                "offset": offset,
                "search": search,
                "role": role,
            },
        )

        return await self._users.list_users(limit=limit, offset=offset, search=search, role=role)

    async def create_user(self, *, admin_username: str, user_data: UserCreate) -> User:
        """Create a new user and return domain user."""
        self.logger.info(
            "Admin creating new user", extra={"admin_username": admin_username, "new_username": user_data.username}
        )
        # Ensure not exists
        search_result = await self._users.list_users(limit=1, offset=0, search=user_data.username)
        for user in search_result.users:
            if user.username == user_data.username:
                raise ValueError("Username already exists")

        hashed_password = self._security.get_password_hash(user_data.password)

        create_data = DomainUserCreate(
            username=user_data.username,
            email=user_data.email,
            hashed_password=hashed_password,
            role=user_data.role,
            is_active=user_data.is_active,
            is_superuser=False,
        )
        created = await self._users.create_user(create_data)
        self.logger.info(
            "User created successfully", extra={"new_username": user_data.username, "admin_username": admin_username}
        )
        return created

    async def get_user(self, *, admin_username: str, user_id: str) -> User | None:
        self.logger.info(
            "Admin getting user details", extra={"admin_username": admin_username, "target_user_id": user_id}
        )
        return await self._users.get_user_by_id(user_id)

    async def update_user(self, *, admin_username: str, user_id: str, update: UserUpdate) -> User | None:
        self.logger.info(
            "Admin updating user",
            extra={"admin_username": admin_username, "target_user_id": user_id},
        )
        return await self._users.update_user(user_id, update)

    async def delete_user(self, *, admin_username: str, user_id: str, cascade: bool) -> dict[str, int]:
        self.logger.info(
            "Admin deleting user",
            extra={"admin_username": admin_username, "target_user_id": user_id, "cascade": cascade},
        )
        # Reset rate limits prior to deletion
        await self._rate_limits.reset_user_limits(user_id)
        deleted_counts = await self._users.delete_user(user_id, cascade=cascade)
        if deleted_counts.get("user", 0) > 0:
            self.logger.info("User deleted successfully", extra={"target_user_id": user_id})
        return deleted_counts

    async def reset_user_password(self, *, admin_username: str, user_id: str, new_password: str) -> bool:
        self.logger.info(
            "Admin resetting user password", extra={"admin_username": admin_username, "target_user_id": user_id}
        )
        pr = PasswordReset(user_id=user_id, new_password=new_password)
        ok = await self._users.reset_user_password(pr)
        if ok:
            self.logger.info("User password reset successfully", extra={"target_user_id": user_id})
        return ok

    async def get_user_rate_limits(self, *, admin_username: str, user_id: str) -> UserRateLimitsResult:
        self.logger.info(
            "Admin getting user rate limits", extra={"admin_username": admin_username, "target_user_id": user_id}
        )
        user_limit = await self._rate_limits.get_user_rate_limit(user_id)
        usage_stats = await self._rate_limits.get_usage_stats(user_id)
        return UserRateLimitsResult(
            user_id=user_id,
            rate_limit_config=user_limit,
            current_usage=usage_stats,
        )

    async def update_user_rate_limits(
        self, *, admin_username: str, user_id: str, config: UserRateLimit
    ) -> RateLimitUpdateResult:
        self.logger.info(
            "Admin updating user rate limits",
            extra={"admin_username": admin_username, "target_user_id": user_id, "config": asdict(config)},
        )
        config.user_id = user_id
        await self._rate_limits.update_user_rate_limit(user_id, config)
        return RateLimitUpdateResult(user_id=user_id, updated=True, config=config)

    async def reset_user_rate_limits(self, *, admin_username: str, user_id: str) -> bool:
        self.logger.info(
            "Admin resetting user rate limits", extra={"admin_username": admin_username, "target_user_id": user_id}
        )
        await self._rate_limits.reset_user_limits(user_id)
        return True