# By: Riasat Ullah # This file contains all Freshdesk integration related views. from data_syncers import syncer_task_instances from dbqueries import db_events, db_integrations, db_users from dbqueries.integrations import db_freshdesk from exceptions.user_exceptions import InvalidRequest, LockedAccount, NoOneIsOnCall, UnauthorizedRequest from integrations import freshdesk from modules.router import Router from objects.events import AcknowledgeEvent, CustomActionEvent, NotateEvent, ResolveEvent, UrgencyAmendmentEvent from objects.task_payload import TaskPayload from rest_framework.decorators import api_view from rest_framework.response import Response from translators import label_translator as _lt from utils import constants, errors, info, integration_type_names as intt, logging, permissions, times,\ tokenizer, var_names from utils.db_connection import CACHE_CLIENT, CONN_POOL from validations import request_validator import configuration import jwt @api_view(['POST']) def get_freshdesk_account_info(request, conn=None): ''' Get the domain and api key of Freshdesk accounts associated to an organization or integration. :param request: Http request :param conn: db connection :return: Http response ''' if request.method == 'POST': lang = request_validator.get_user_language(request) optional_fields = [var_names.integration_key] try: conn = CONN_POOL.get_db_conn() if conn is None else conn request_validator.validate_fields(request, [], optional_fields) user_id, org_id, user_perm, org_perm = tokenizer.authorize_request(request) integ_key = request.data[var_names.integration_key] if var_names.integration_key in request.data else None if permissions.has_org_permission(org_perm, permissions.ORG_INTEGRATION_CUSTOMER_SERVICE_PERMISSION): if permissions.is_user_admin(user_perm): return Response(db_freshdesk.get_freshdesk_accounts( conn, times.get_current_timestamp(), org_id, integ_key)) else: return Response(_lt.get_label(errors.err_user_rights, lang), status=403) else: return Response(_lt.get_label(errors.err_subscription_rights, lang), status=403) except InvalidRequest as e: logging.exception(str(e)) return Response(_lt.get_label(str(e), lang), status=400) except (UnauthorizedRequest, jwt.ExpiredSignatureError, jwt.InvalidSignatureError) as e: logging.exception(str(e)) return Response(_lt.get_label(errors.err_authorization, lang), status=401) except Exception as e: logging.exception(str(e)) return Response(_lt.get_label(errors.err_system_error, lang), status=500) finally: CONN_POOL.put_db_conn(conn) @api_view(['POST']) def update_freshdesk_account_info(request, conn=None): ''' Checks if a given Freshdesk account is already mapped to a given TaskCall organization or not. This is an internal check. Only TaskCall web server should have access to this process. :param request: Http request :param conn: db connection :return: Http response ''' if request.method == 'POST': lang = request_validator.get_user_language(request) expected_fields = [var_names.service_ref_id, var_names.integration_key, var_names.vendor_endpoint_name, var_names.secret_token] try: conn = CONN_POOL.get_db_conn() if conn is None else conn request_validator.validate_fields(request, expected_fields) user_id, org_id, user_perm, org_perm = tokenizer.authorize_request(request) if permissions.has_org_permission(org_perm, permissions.ORG_INTEGRATION_CUSTOMER_SERVICE_PERMISSION): if permissions.is_user_admin(user_perm): current_time = times.get_current_timestamp() success = db_freshdesk.update_freshdesk_account( conn, current_time, org_id, request.data[var_names.service_ref_id], request.data[var_names.integration_key], request.data[var_names.vendor_endpoint_name], request.data[var_names.secret_token] ) return Response(success) else: return Response(_lt.get_label(errors.err_user_rights, lang), status=403) else: return Response(_lt.get_label(errors.err_subscription_rights, lang), status=403) except InvalidRequest as e: logging.exception(str(e)) return Response(_lt.get_label(str(e), lang), status=400) except (UnauthorizedRequest, jwt.ExpiredSignatureError, jwt.InvalidSignatureError) as e: logging.exception(str(e)) return Response(_lt.get_label(errors.err_authorization, lang), status=401) except Exception as e: logging.exception(str(e)) return Response(_lt.get_label(errors.err_system_error, lang), status=500) finally: CONN_POOL.put_db_conn(conn) @api_view(['POST']) def login_freshdesk_user(request, conn=None): ''' Allow and process login from a Freshdesk user. :param request: Http request :param conn: db connection :return: Http response ''' if request.method == 'POST': lang = request_validator.get_user_language(request) expected_fields = [var_names.domain] try: request_validator.validate_fields(request, expected_fields) conn = CONN_POOL.get_db_conn() if conn is None else conn user_id, org_id, user_perm, org_perm = tokenizer.authorize_request(request) domain = request.data[var_names.domain] current_time = times.get_current_timestamp() if permissions.has_org_permission(org_perm, permissions.ORG_INTEGRATION_CUSTOMER_SERVICE_PERMISSION): curr_freshdesk_accounts = db_freshdesk.get_freshdesk_accounts(conn, current_time, org_id) curr_freshdesk_domains = [x[var_names.vendor_endpoint_name] for x in curr_freshdesk_accounts] if domain in curr_freshdesk_domains: # Get the end time of the refresh token. org_id, user_perm, org_perm, org_end, display_name, user_lang, photo_url =\ db_users.get_user_token_details(conn, current_time, user_id) # Get the org level permissions specifically for the TaskCall Freshdesk app org_perm = permissions.create_advanced_customer_support_access_token_permissions(org_perm) # Get the expiry dates for the access and refresh tokens. access_end = tokenizer.new_access_token_expiry_date(org_end) refresh_end = tokenizer.new_refresh_token_expiry_date(intt.freshdesk) access_token = tokenizer.create_token(user_id, org_id, user_perm, org_perm, access_end) refresh_token = tokenizer.create_refresh_token(user_id, org_id, intt.freshdesk, refresh_end) db_users.save_authentication_tokens(conn, current_time, access_end, user_id, org_id, intt.freshdesk, access_token, refresh_token, None, None) response_data = { var_names.access_token: access_token, var_names.expires_on: access_end, var_names.refresh_token: refresh_token, var_names.valid_end: refresh_end, var_names.display_name: display_name, var_names.language: user_lang } return Response(response_data) else: return Response(_lt.get_label(errors.err_freshdesk_integration_not_found, lang), status=400) else: return Response(_lt.get_label(errors.err_subscription_rights, lang), status=403) except (InvalidRequest, KeyError, LookupError) as e: logging.exception(str(e)) return Response(_lt.get_label(str(e), lang), status=400) except LockedAccount as e: logging.exception(str(e)) return Response(_lt.get_label(str(e), lang), status=403) except Exception as e: logging.exception(str(e)) return Response(_lt.get_label(errors.err_system_error, lang), status=500) finally: CONN_POOL.put_db_conn(conn) @api_view(['POST']) def logout_freshdesk_user(request, conn=None): ''' Logs out a user from their TaskCall Freshdesk app. :param request: Http request :param conn: db connection :return: Http response -> str ''' if request.method == 'POST': lang = request_validator.get_user_language(request) expected_fields = [var_names.access_token] try: conn = CONN_POOL.get_db_conn() if conn is None else conn request_validator.validate_fields(request, expected_fields) token = request.data[var_names.access_token] user_id = tokenizer.read_token(token)[0] db_users.delete_authentication_tokens(conn, times.get_current_timestamp(), user_id, token) return Response(_lt.get_label(info.msg_success, lang)) except (UnauthorizedRequest, jwt.ExpiredSignatureError, jwt.InvalidSignatureError) as e: logging.exception(str(e)) return Response(_lt.get_label(errors.err_authorization, lang), status=401) except Exception as e: logging.exception(str(e)) return Response(_lt.get_label(errors.err_system_error, lang), status=500) finally: CONN_POOL.put_db_conn(conn) @api_view(['POST']) def refresh_freshdesk_access_token(request, conn=None): ''' Refreshes access by issuing a new access token for a Freshdesk user. :param request: Http request :param conn: db connection :return: Http response ''' if request.method == 'POST': lang = request_validator.get_user_language(request) expected_fields = [var_names.access_token, var_names.refresh_token] try: conn = CONN_POOL.get_db_conn() if conn is None else conn request_validator.validate_fields(request, expected_fields) refresh_token = request.data[var_names.refresh_token] user_id, org_id, access_method = tokenizer.read_refresh_token(request.data[var_names.refresh_token]) current_time = times.get_current_timestamp() if access_method == intt.freshdesk: org_id, user_perm, org_perm, org_end, display_name, user_lang, photo_url =\ db_users.get_user_token_details(conn, current_time, user_id) if permissions.has_org_permission(org_perm, permissions.ORG_INTEGRATION_CUSTOMER_SERVICE_PERMISSION): # Get the expiry date for the access token. access_end = tokenizer.new_access_token_expiry_date(org_end) access_token = tokenizer.create_token(user_id, org_id, user_perm, org_perm, access_end) db_users.save_authentication_tokens(conn, current_time, access_end, user_id, org_id, access_method, access_token, refresh_token, None, None) response_data = {var_names.access_token: access_token, var_names.expires_on: access_end, var_names.refresh_token: refresh_token} return Response(response_data) else: return Response(_lt.get_label(errors.err_subscription_rights, lang), status=403) else: raise UnauthorizedRequest(errors.err_authorization) except InvalidRequest as e: logging.exception(str(e)) return Response(_lt.get_label(str(e), lang), status=400) except (UnauthorizedRequest, jwt.ExpiredSignatureError, jwt.InvalidSignatureError) as e: logging.exception(str(e)) return Response(_lt.get_label(errors.err_authorization, lang), status=401) except Exception as e: logging.exception(str(e)) return Response(_lt.get_label(errors.err_system_error, lang), status=500) finally: CONN_POOL.put_db_conn(conn) @api_view(['POST']) def create_instance_from_panel(request, conn=None, cache=None): ''' Create an instance manually from the Freshdesk TaskCall panel. :param request: Http request :param conn: db connection :param cache: cache client :return: JSON response ''' if request.method == 'POST': expected_fields = [var_names.title, var_names.description, var_names.service_ref_id, var_names.urgency_level, var_names.vendor_id] lang = request_validator.get_user_language(request) try: conn = CONN_POOL.get_db_conn() if conn is None else conn cache = CACHE_CLIENT if cache is None else cache request_validator.validate_fields(request, expected_fields) user_id, org_id, user_perm, org_perm = tokenizer.authorize_request(request) if not permissions.has_org_permission(org_perm, permissions.ORG_INTEGRATION_CUSTOMER_SERVICE_PERMISSION): return Response(_lt.get_label(errors.err_subscription_rights, lang), status=403) if not permissions.has_user_permission(user_perm, permissions.USER_INCIDENTS_CREATE_PERMISSION): return Response(_lt.get_label(errors.err_user_rights, lang), status=403) current_time = times.get_current_timestamp() title = request.data[var_names.title] description = request.data[var_names.description] if var_names.description in request.data else None serv_ref_id = request.data[var_names.service_ref_id] if var_names.service_ref_id in request.data else None urgency = request.data[var_names.urgency_level]\ if var_names.urgency_level in request.data else configuration.default_urgency_level ticket_id = str(request.data[var_names.vendor_id]) if var_names.vendor_id in request.data else None if (serv_ref_id is not None and not isinstance(serv_ref_id, str)) or\ (urgency is not None and not isinstance(urgency, int)): raise InvalidRequest(errors.err_invalid_request) source_payload = request.data payload = TaskPayload(current_time, org_id, current_time.date(), title, configuration.standard_timezone, current_time.time(), text_msg=description, urgency_level=urgency, trigger_method=constants.integrations_api, trigger_info=source_payload, service_ref_id=serv_ref_id, dedup_key=intt.freshdesk) inst_id = Router(conn, cache, payload).run() # Link the incident to the ticket db_events.link_instance(conn, current_time, org_id, inst_id, intt.freshdesk, ticket_id, user_id) resp_data = { var_names.instance_id: inst_id, var_names.timestamp: current_time } return Response(resp_data) except InvalidRequest as e: logging.exception(str(e)) return Response(_lt.get_label(str(e), lang), status=400) except (UnauthorizedRequest, jwt.ExpiredSignatureError, jwt.InvalidSignatureError) as e: logging.exception(str(e)) return Response(_lt.get_label(errors.err_authorization, lang), status=401) except NoOneIsOnCall as e: logging.exception(str(e)) return Response(_lt.get_label(str(e), lang), status=412) except PermissionError as e: logging.exception(str(e)) return Response(_lt.get_label(str(e), lang), status=403) except Exception as e: logging.exception(str(e)) return Response(_lt.get_label(errors.err_system_error, lang), status=500) finally: CONN_POOL.put_db_conn(conn) @api_view(['POST']) def process_incoming_webhook(request, integration_key, conn=None, cache=None): ''' Processes the incoming webhook from Freshdesk. :param request: Http request :param integration_key: integration key passed in the url :param conn: db connection :param cache: cache client :return: Http response ''' if request.method == 'POST': logging.info(request.data) lang = request_validator.get_user_language(request) try: conn = CONN_POOL.get_db_conn() if conn is None else conn cache = CACHE_CLIENT if cache is None else cache # Set the default values tkt_id = None tkt_title = freshdesk.default_ticket_subject tkt_desc = str(request.data) tkt_state = None tkt_priority = None tkt_tags = None tkt_event_type = None urgency = constants.critical_urgency status = constants.open_state data_body = None try: data_body = request.data[freshdesk.var_freshdesk_webhook] tkt_id = str(data_body[freshdesk.var_ticket_id]) if freshdesk.var_ticket_subject in data_body: tkt_title = data_body[freshdesk.var_ticket_subject] if freshdesk.var_ticket_description in data_body: tkt_desc = data_body[freshdesk.var_ticket_description] if freshdesk.var_ticket_status in data_body: tkt_state = freshdesk.fd_label_to_fd_status_map[data_body[freshdesk.var_ticket_status]] if freshdesk.var_ticket_priority in data_body: tkt_priority = data_body[freshdesk.var_ticket_priority] if freshdesk.var_ticket_tags in data_body and data_body[freshdesk.var_ticket_tags] != '': tkt_tags = [x.lstrip().rstrip() for x in data_body[freshdesk.var_ticket_tags].split(',')] if freshdesk.var_triggered_event in data_body: tkt_event_type = freshdesk.get_event_type(data_body[freshdesk.var_triggered_event]) except Exception as e: logging.error('Unexpected Freshdesk payload received. Switching to default values.') logging.error(request.data) current_time = times.get_current_timestamp() org_id, org_perm, serv_id, integ_id, integ_type_id, integ_details = \ db_integrations.get_integration_details(conn, current_time, integration_key, intt.freshdesk) synced_insts = [] if tkt_id is not None: synced_insts = db_integrations.get_vendor_synced_open_instance_ids( conn, current_time, org_id, integ_id, integ_type_id, tkt_id) # internalize attributes sent in the webhook if tkt_priority is not None and var_names.urgency_level in integ_details: urg_map = integ_details[var_names.urgency_level] if urg_map is not None: for key in urg_map: if urg_map[key] == tkt_priority: urgency = int(key) break if tkt_state is not None and var_names.status in integ_details: stat_map = integ_details[var_names.status] if stat_map is not None: for key in stat_map: if stat_map[key] == tkt_state: status = key break # Create a new instance if it is a new issue. if len(synced_insts) > 0: for inst_id, task_id, in_sync in synced_insts: if tkt_event_type is not None: if tkt_event_type == freshdesk.fd_priority_update_event: event = UrgencyAmendmentEvent(inst_id, current_time, constants.integrations_api, urgency) syncer_task_instances.amend_urgency(conn, cache, [event], org_id, is_sys_action=True) elif tkt_event_type in [freshdesk.fd_private_add_note_event, freshdesk.fd_public_add_note_event] and data_body is not None: if tkt_event_type == freshdesk.fd_private_add_note_event: note_msg = data_body[freshdesk.var_ticket_latest_private_comment] else: note_msg = data_body[freshdesk.var_ticket_latest_public_comment] event = NotateEvent(inst_id, current_time, constants.integrations_api, None, note_msg) db_events.book_notate_event(conn, event, org_id, False, False, True) if status == constants.acknowledged_state: event = AcknowledgeEvent(inst_id, current_time, constants.integrations_api, None) syncer_task_instances.acknowledge(conn, cache, event, org_id, is_sys_action=True) elif status == constants.resolved_state: event = ResolveEvent(inst_id, current_time, constants.integrations_api) syncer_task_instances.resolve(conn, cache, event, org_id, is_sys_action=True) else: msg = 'Already synced Freshdesk ticket webhook could not be processed - ' + str(request.data) logging.info(msg) else: if tkt_event_type is None or tkt_event_type == freshdesk.fd_new_ticket_event: payload = TaskPayload( current_time, org_id, current_time.date(), tkt_title, configuration.standard_timezone, current_time.time(), text_msg=tkt_desc, urgency_level=urgency, trigger_method=constants.integrations_api, trigger_info=request.data, integration_id=integ_id, service_id=serv_id, tags=tkt_tags ) inst_id = Router(conn, cache, payload).run() if inst_id is not None and tkt_id is not None: event = CustomActionEvent( inst_id, current_time, constants.internal, integration_id=integ_id, integration_type_id=integ_type_id, vendor_id=tkt_id, vendor_url=None, is_synced=True, configuration_name=integ_details[var_names.configuration_name] ) syncer_task_instances.execute_custom_action( conn, cache, event, org_id=org_id, is_sys_action=True) db_events.link_instance(conn, current_time, org_id, inst_id, intt.freshdesk, tkt_id) else: logging.info('Freshdesk alert received with event type - ' + str(tkt_event_type) + '. No action.') logging.info(request.data) return Response(info.msg_internal_success) except InvalidRequest as e: logging.exception(str(e)) return Response(_lt.get_label(errors.err_invalid_request, lang), status=400) except Exception as e: logging.exception(str(e)) return Response(_lt.get_label(errors.err_system_error, lang), status=500) finally: CONN_POOL.put_db_conn(conn)