def revoke_user(args, appname): """Revoke someone's permission to a app :<json string username: you know what this is :<json int user_id: must provide either username or user_id """ app = _get_app(appname) if args['username']: user = User.get_by_name(args['username']) else: user = User.get(args['user_id']) return app.revoke_user(user)
def list_users(self): from citadel.models.user import User user_ids = [ r.user_id for r in AppUserRelation.filter_by(appname=self.name).all() ] users = [User.get(id_) for id_ in user_ids] return users
def grant_user(args, appname): """Grant permission to a user :<json string username: you know what this is :<json int user_id: must provide either username or user_id """ app = _get_app(appname) if args['username']: user = User.get_by_name(args['username']) else: user = User.get(args['user_id']) try: app.grant_user(user) except IntegrityError as e: pass return DEFAULT_RETURN_VALUE
def _(*args, **kwargs): if current_app.config['DEBUG']: g.user = User(**FAKE_USER) else: g.user = get_current_user() if not g.user: return redirect(url_for('user.login', next=request.url)) elif privileged and g.user.privileged != 1: abort(403, 'dude you are not administrator') else: return func(*args, **kwargs)
def test_app_user_permission(test_db, client): User.create(**FAKE_USER) res = client.get(url_for('user.list_users')) assert res.status_code == 200 assert len(res.json) == 1 assert res.json[0]['id'] == FAKE_USER['id'] payload = {'username': FAKE_USER['name']} permission_url = url_for('app.grant_user', appname=default_appname) res = client.put(permission_url, data=payload) assert res.status_code == 200 relations = AppUserRelation.query.filter_by(user_id=FAKE_USER['id'], appname=default_appname).all() assert len(relations) == 1 res = client.delete(permission_url, data=payload) assert res.status_code == 200 relations = AppUserRelation.query.filter_by(user_id=FAKE_USER['id'], appname=default_appname).all() assert len(relations) == 0
def test_permissions(test_db, client): FAKE_USER['privileged'] = 0 user = User.create(**FAKE_USER) res = client.get(url_for('app.list_app')) assert res.json == [] res = client.get(url_for('app.get_app', appname=default_appname)) assert res.status_code == 403 app = App.get_by_name(default_appname) app.grant_user(user) res = client.get(url_for('app.list_app')) assert len(res.json) == 1 res = client.get(url_for('app.get_app', appname=default_appname)) assert res.status_code == 200
def validate_username(n): from citadel.models.user import User if not bool(User.get_by_name(n)): raise ValidationError( 'User {} not found, needs to login first'.format(n))
def list_users(): return jsonify([u.to_dict() for u in User.get_all()])