def update_user(ctx: rest.Context, params: Dict[str, str]) -> rest.Response:
user = users.get_user_by_name(params["user_name"])
versions.verify_version(user, ctx)
versions.bump_version(user)
infix = "self" if ctx.user.user_id == user.user_id else "any"
if ctx.has_param("name"):
auth.verify_privilege(ctx.user, "users:edit:%s:name" % infix)
users.update_user_name(user, ctx.get_param_as_string("name"))
if ctx.has_param("password"):
auth.verify_privilege(ctx.user, "users:edit:%s:pass" % infix)
users.update_user_password(user, ctx.get_param_as_string("password"))
if ctx.has_param("email"):
auth.verify_privilege(ctx.user, "users:edit:%s:email" % infix)
users.update_user_email(user, ctx.get_param_as_string("email"))
if ctx.has_param("rank"):
auth.verify_privilege(ctx.user, "users:edit:%s:rank" % infix)
users.update_user_rank(user, ctx.get_param_as_string("rank"), ctx.user)
if ctx.has_param("avatarStyle"):
auth.verify_privilege(ctx.user, "users:edit:%s:avatar" % infix)
users.update_user_avatar(
user,
ctx.get_param_as_string("avatarStyle"),
ctx.get_file("avatar", default=b""),
)
ctx.session.commit()
return _serialize(ctx, user)
def put(self, ctx, user_name):
user = users.get_user_by_name(user_name)
infix = 'self' if ctx.user.user_id == user.user_id else 'any'
if ctx.has_param('name'):
auth.verify_privilege(ctx.user, 'users:edit:%s:name' % infix)
users.update_user_name(user, ctx.get_param_as_string('name'))
if ctx.has_param('password'):
auth.verify_privilege(ctx.user, 'users:edit:%s:pass' % infix)
users.update_user_password(
user, ctx.get_param_as_string('password'))
if ctx.has_param('email'):
auth.verify_privilege(ctx.user, 'users:edit:%s:email' % infix)
users.update_user_email(user, ctx.get_param_as_string('email'))
if ctx.has_param('rank'):
auth.verify_privilege(ctx.user, 'users:edit:%s:rank' % infix)
users.update_user_rank(
user, ctx.get_param_as_string('rank'), ctx.user)
if ctx.has_param('avatarStyle'):
auth.verify_privilege(ctx.user, 'users:edit:%s:avatar' % infix)
users.update_user_avatar(
user,
ctx.get_param_as_string('avatarStyle'),
ctx.get_file('avatar'))
ctx.session.commit()
return users.serialize_user_with_details(user, ctx.user)
def update_user(ctx, params):
user = users.get_user_by_name(params['user_name'])
versions.verify_version(user, ctx)
versions.bump_version(user)
infix = 'self' if ctx.user.user_id == user.user_id else 'any'
if ctx.has_param('name'):
auth.verify_privilege(ctx.user, 'users:edit:%s:name' % infix)
users.update_user_name(user, ctx.get_param_as_string('name'))
if ctx.has_param('password'):
auth.verify_privilege(ctx.user, 'users:edit:%s:pass' % infix)
users.update_user_password(
user, ctx.get_param_as_string('password'))
if ctx.has_param('email'):
auth.verify_privilege(ctx.user, 'users:edit:%s:email' % infix)
users.update_user_email(user, ctx.get_param_as_string('email'))
if ctx.has_param('rank'):
auth.verify_privilege(ctx.user, 'users:edit:%s:rank' % infix)
users.update_user_rank(
user, ctx.get_param_as_string('rank'), ctx.user)
if ctx.has_param('avatarStyle'):
auth.verify_privilege(ctx.user, 'users:edit:%s:avatar' % infix)
users.update_user_avatar(
user,
ctx.get_param_as_string('avatarStyle'),
ctx.get_file('avatar'))
ctx.session.commit()
return _serialize(ctx, user)
def test_update_user_rank(user_factory):
db.session.add(user_factory())
db.session.flush()
user = user_factory()
auth_user = user_factory()
auth_user.rank = db.User.RANK_ADMINISTRATOR
users.update_user_rank(user, 'regular', auth_user)
users.update_user_rank(auth_user, 'regular', auth_user)
assert user.rank == db.User.RANK_REGULAR
assert auth_user.rank == db.User.RANK_REGULAR
def test_update_user_rank_with_higher_rank_than_possible(user_factory):
db.session.add(user_factory())
db.session.flush()
user = user_factory()
auth_user = user_factory()
auth_user.rank = db.User.RANK_ANONYMOUS
with pytest.raises(errors.AuthError):
users.update_user_rank(user, 'regular', auth_user)
with pytest.raises(errors.AuthError):
users.update_user_rank(auth_user, 'regular', auth_user)
def test_update_user_rank_with_higher_rank_than_possible(user_factory):
db.session.add(user_factory())
db.session.flush()
user = user_factory()
auth_user = user_factory()
auth_user.rank = model.User.RANK_ANONYMOUS
with pytest.raises(errors.AuthError):
users.update_user_rank(user, "regular", auth_user)
with pytest.raises(errors.AuthError):
users.update_user_rank(auth_user, "regular", auth_user)
def test_update_user_rank(user_factory):
db.session.add(user_factory())
db.session.flush()
user = user_factory()
auth_user = user_factory()
auth_user.rank = model.User.RANK_ADMINISTRATOR
users.update_user_rank(user, "regular", auth_user)
users.update_user_rank(auth_user, "regular", auth_user)
assert user.rank == model.User.RANK_REGULAR
assert auth_user.rank == model.User.RANK_REGULAR
def create_user(ctx: rest.Context,
_params: Dict[str, str] = {}) -> rest.Response:
auth.verify_privilege(ctx.user, 'users:create')
name = ctx.get_param_as_string('name')
password = ctx.get_param_as_string('password')
email = ctx.get_param_as_string('email', default='')
user = users.create_user(name, password, email)
if ctx.has_param('rank'):
users.update_user_rank(user, ctx.get_param_as_string('rank'), ctx.user)
if ctx.has_param('avatarStyle'):
users.update_user_avatar(user, ctx.get_param_as_string('avatarStyle'),
ctx.get_file('avatar', default=b''))
ctx.session.add(user)
ctx.session.commit()
return _serialize(ctx, user, force_show_email=True)
def create_user(ctx, _params=None):
auth.verify_privilege(ctx.user, 'users:create')
name = ctx.get_param_as_string('name', required=True)
password = ctx.get_param_as_string('password', required=True)
email = ctx.get_param_as_string('email', required=False, default='')
user = users.create_user(name, password, email)
if ctx.has_param('rank'):
users.update_user_rank(
user, ctx.get_param_as_string('rank'), ctx.user)
if ctx.has_param('avatarStyle'):
users.update_user_avatar(
user,
ctx.get_param_as_string('avatarStyle'),
ctx.get_file('avatar'))
ctx.session.add(user)
ctx.session.commit()
return _serialize(ctx, user, force_show_email=True)
def post(self, ctx):
auth.verify_privilege(ctx.user, 'users:create')
name = ctx.get_param_as_string('name', required=True)
password = ctx.get_param_as_string('password', required=True)
email = ctx.get_param_as_string('email', required=False, default='')
user = users.create_user(name, password, email)
if ctx.has_param('rank'):
users.update_user_rank(user, ctx.get_param_as_string('rank'),
ctx.user)
if ctx.has_param('avatarStyle'):
users.update_user_avatar(user,
ctx.get_param_as_string('avatarStyle'),
ctx.get_file('avatar'))
ctx.session.add(user)
ctx.session.commit()
return users.serialize_user_with_details(user,
ctx.user,
force_show_email=True)
def create_user(
ctx: rest.Context, _params: Dict[str, str] = {}) -> rest.Response:
if ctx.user.user_id is None:
auth.verify_privilege(ctx.user, 'users:create:self')
else:
auth.verify_privilege(ctx.user, 'users:create:any')
name = ctx.get_param_as_string('name')
password = ctx.get_param_as_string('password')
email = ctx.get_param_as_string('email', default='')
user = users.create_user(name, password, email)
if ctx.has_param('rank'):
users.update_user_rank(user, ctx.get_param_as_string('rank'), ctx.user)
if ctx.has_param('avatarStyle'):
users.update_user_avatar(
user,
ctx.get_param_as_string('avatarStyle'),
ctx.get_file('avatar', default=b''))
ctx.session.add(user)
ctx.session.commit()
return _serialize(ctx, user, force_show_email=True)
def update_user(ctx: rest.Context, params: Dict[str, str]) -> rest.Response:
user = users.get_user_by_name(params['user_name'])
versions.verify_version(user, ctx)
versions.bump_version(user)
infix = 'self' if ctx.user.user_id == user.user_id else 'any'
if ctx.has_param('name'):
auth.verify_privilege(ctx.user, 'users:edit:%s:name' % infix)
users.update_user_name(user, ctx.get_param_as_string('name'))
if ctx.has_param('password'):
auth.verify_privilege(ctx.user, 'users:edit:%s:pass' % infix)
users.update_user_password(user, ctx.get_param_as_string('password'))
if ctx.has_param('email'):
auth.verify_privilege(ctx.user, 'users:edit:%s:email' % infix)
users.update_user_email(user, ctx.get_param_as_string('email'))
if ctx.has_param('rank'):
auth.verify_privilege(ctx.user, 'users:edit:%s:rank' % infix)
users.update_user_rank(user, ctx.get_param_as_string('rank'), ctx.user)
if ctx.has_param('avatarStyle'):
auth.verify_privilege(ctx.user, 'users:edit:%s:avatar' % infix)
users.update_user_avatar(user, ctx.get_param_as_string('avatarStyle'),
ctx.get_file('avatar', default=b''))
ctx.session.commit()
return _serialize(ctx, user)
def create_user(ctx: rest.Context,
_params: Dict[str, str] = {}) -> rest.Response:
if ctx.user.user_id is None:
auth.verify_privilege(ctx.user, "users:create:self")
else:
auth.verify_privilege(ctx.user, "users:create:any")
name = ctx.get_param_as_string("name")
password = ctx.get_param_as_string("password")
email = ctx.get_param_as_string("email", default="")
user = users.create_user(name, password, email)
if ctx.has_param("rank"):
users.update_user_rank(user, ctx.get_param_as_string("rank"), ctx.user)
if ctx.has_param("avatarStyle"):
users.update_user_avatar(
user,
ctx.get_param_as_string("avatarStyle"),
ctx.get_file("avatar", default=b""),
)
ctx.session.add(user)
ctx.session.commit()
return _serialize(ctx, user, force_show_email=True)
def test_update_user_rank_with_invalid_string(user_factory):
user = user_factory()
auth_user = user_factory()
with pytest.raises(users.InvalidRankError):
users.update_user_rank(user, 'invalid', auth_user)
with pytest.raises(users.InvalidRankError):
users.update_user_rank(user, 'anonymous', auth_user)
with pytest.raises(users.InvalidRankError):
users.update_user_rank(user, 'nobody', auth_user)
def test_update_user_rank_with_invalid_string(user_factory):
user = user_factory()
auth_user = user_factory()
with pytest.raises(users.InvalidRankError):
users.update_user_rank(user, "invalid", auth_user)
with pytest.raises(users.InvalidRankError):
users.update_user_rank(user, "anonymous", auth_user)
with pytest.raises(users.InvalidRankError):
users.update_user_rank(user, "nobody", auth_user)
def put(self, ctx, user_name):
user = users.get_user_by_name(user_name)
infix = 'self' if ctx.user.user_id == user.user_id else 'any'
if ctx.has_param('name'):
auth.verify_privilege(ctx.user, 'users:edit:%s:name' % infix)
users.update_user_name(user, ctx.get_param_as_string('name'))
if ctx.has_param('password'):
auth.verify_privilege(ctx.user, 'users:edit:%s:pass' % infix)
users.update_user_password(user,
ctx.get_param_as_string('password'))
if ctx.has_param('email'):
auth.verify_privilege(ctx.user, 'users:edit:%s:email' % infix)
users.update_user_email(user, ctx.get_param_as_string('email'))
if ctx.has_param('rank'):
auth.verify_privilege(ctx.user, 'users:edit:%s:rank' % infix)
users.update_user_rank(user, ctx.get_param_as_string('rank'),
ctx.user)
if ctx.has_param('avatarStyle'):
auth.verify_privilege(ctx.user, 'users:edit:%s:avatar' % infix)
users.update_user_avatar(user,
ctx.get_param_as_string('avatarStyle'),
ctx.get_file('avatar'))
ctx.session.commit()
return users.serialize_user_with_details(user, ctx.user)
def test_update_user_rank_with_empty_string(user_factory):
user = user_factory()
auth_user = user_factory()
with pytest.raises(users.InvalidRankError):
users.update_user_rank(user, '', auth_user)
def test_update_user_rank_with_empty_string(user_factory):
user = user_factory()
auth_user = user_factory()
with pytest.raises(users.InvalidRankError):
users.update_user_rank(user, "", auth_user)