99 lines
4.2 KiB
Python
99 lines
4.2 KiB
Python
# Copyright (c) 2025 Patrick Motsch
|
|
# All rights reserved.
|
|
|
|
"""
|
|
Connection helper for Outlook operations.
|
|
Handles Microsoft connection management and permission checking.
|
|
"""
|
|
|
|
import logging
|
|
import requests
|
|
from typing import Dict, Any, Optional
|
|
|
|
logger = logging.getLogger(__name__)
|
|
|
|
class ConnectionHelper:
|
|
"""Helper for Microsoft connection management in Outlook operations"""
|
|
|
|
def __init__(self, methodInstance):
|
|
"""
|
|
Initialize connection helper.
|
|
|
|
Args:
|
|
methodInstance: Instance of MethodOutlook (for access to services)
|
|
"""
|
|
self.method = methodInstance
|
|
self.services = methodInstance.services
|
|
|
|
def getMicrosoftConnection(self, connectionReference: str) -> Optional[Dict[str, Any]]:
|
|
"""
|
|
Helper function to get Microsoft connection details.
|
|
"""
|
|
try:
|
|
logger.debug(f"Getting Microsoft connection for reference: {connectionReference}")
|
|
|
|
# Get the connection from the service
|
|
userConnection = self.services.chat.getUserConnectionFromConnectionReference(connectionReference)
|
|
if not userConnection:
|
|
logger.error(f"Connection not found: {connectionReference}")
|
|
return None
|
|
|
|
logger.debug(f"Found connection: {userConnection.id}, status: {userConnection.status.value}, authority: {userConnection.authority.value}")
|
|
|
|
# Check status BEFORE fetching token (avoids unnecessary network call)
|
|
if userConnection.status.value != "active":
|
|
logger.error(f"Connection is not active: {userConnection.id}, status: {userConnection.status.value}")
|
|
return None
|
|
|
|
token = self.services.chat.getFreshConnectionToken(userConnection.id)
|
|
if not token:
|
|
logger.error(f"Fresh token not found for connection: {userConnection.id}")
|
|
return None
|
|
|
|
logger.debug(f"Fresh token retrieved for connection {userConnection.id}")
|
|
|
|
return {
|
|
"id": userConnection.id,
|
|
"accessToken": token.tokenAccess,
|
|
}
|
|
except Exception as e:
|
|
logger.error(f"Error getting Microsoft connection: {str(e)}")
|
|
return None
|
|
|
|
async def checkPermissions(self, connection: Dict[str, Any]) -> bool:
|
|
"""
|
|
Check if the current connection has the necessary permissions for Outlook operations.
|
|
"""
|
|
try:
|
|
graph_url = "https://graph.microsoft.com/v1.0"
|
|
headers = {
|
|
"Authorization": f"Bearer {connection['accessToken']}",
|
|
"Content-Type": "application/json"
|
|
}
|
|
|
|
# Test permissions by trying to access the user's mail folder
|
|
test_url = f"{graph_url}/me/mailFolders"
|
|
response = requests.get(test_url, headers=headers)
|
|
|
|
if response.status_code == 200:
|
|
return True
|
|
elif response.status_code == 403:
|
|
logger.error("Permission denied - connection lacks necessary mail permissions")
|
|
logger.error("Required scopes: Mail.ReadWrite, Mail.Send, Mail.ReadWrite.Shared")
|
|
logger.error("Solution: User must reconnect and grant mail permissions")
|
|
return False
|
|
elif response.status_code == 404:
|
|
# 404 on /me/mailFolders typically means the token lacks mail scopes
|
|
# This happens when the connection was created without mail permissions
|
|
logger.error("Mail API not accessible (404) - token likely lacks mail scopes")
|
|
logger.error("This usually means the connection was created without Mail.ReadWrite permission")
|
|
logger.error("Solution: User must delete the connection and reconnect, granting mail permissions")
|
|
return False
|
|
else:
|
|
logger.warning(f"Permission check returned status {response.status_code}")
|
|
return False
|
|
|
|
except Exception as e:
|
|
logger.error(f"Error checking permissions: {str(e)}")
|
|
return False
|
|
|