def test_block_unblock(self, is_user_admin): self.temporary_login(self.admin) # test block user when user is not in db response = self.client.get( "/user/{user_id}/block".format(user_id="random-user-id")) self.assert404(response, "Can't find a user with ID: random-user-id") # make self.admin a moderator is_user_admin.return_value = True # admin blocks tester response = self.client.post( "user/{user_id}/block".format(user_id=self.user.id), data=dict(reason="Test blocking user."), follow_redirects=True, ) self.assertIn("This user account has been blocked.", str(response.data)) user = db_users.get_by_id(self.user.id) self.assertEqual(user["is_blocked"], True) # testing when admin blocks an already blocked user response = self.client.post( "user/{user_id}/block".format(user_id=self.user.id), data=dict(reason="Test blocking already blocker user."), follow_redirects=True, ) self.assertIn("This account is already blocked.", str(response.data)) # test unblock user when user is not in db response = self.client.get( "/user/{user_id}/unblock".format(user_id="random-user-id")) self.assert404(response, "Can't find a user with ID: random-user-id") # admin unblocks tester response = self.client.post( "user/{user_id}/unblock".format(user_id=self.user.id), data=dict(reason="Test unblocking user."), follow_redirects=True, ) self.assertIn("This user account has been unblocked.", str(response.data)) user = db_users.get_by_id(self.user.id) self.assertEqual(user["is_blocked"], False) # testing when admin unblocks a user that is not blocked response = self.client.post( "user/{user_id}/unblock".format(user_id=self.user.id), data=dict(reason="Test unblocking user that is not blocked."), follow_redirects=True, ) self.assertIn("This account is not blocked.", str(response.data))
def reviews(user_id): user_id = str(user_id) if current_user.is_authenticated and current_user.id == user_id: user = current_user else: user = db_users.get_by_id(user_id) if not user: abort(404) user = User(user) page = int(request.args.get('page', default=1)) if page < 1: return redirect(url_for('.reviews')) limit = 12 offset = (page - 1) * limit reviews, count = Review.list(user_id=user_id, sort='created', limit=limit, offset=offset, inc_hidden=current_user.is_admin(), inc_drafts=current_user.is_authenticated and current_user.id == user_id) return render_template('user/reviews.html', section='reviews', user=user, reviews=reviews, page=page, limit=limit, count=count)
def unblock(user_id): user = db_users.get_by_id(user_id) if not user: raise NotFound("Can't find a user with ID: {user_id}".format(user_id=user_id)) db_users.unblock(user['id']) flash.success(gettext("This user account has been unblocked.")) return redirect(url_for('user.reviews', user_id=user['id']))
def user_entity_handler(user_id): """Get profile of a user with a specified UUID. **Request Example:** .. code-block:: bash $ curl https://critiquebrainz.org/ws/1/user/ae5a003f-292c-497e-afbd-8076e9626f2e \\ -X GET **Response Example:** .. code-block:: json { "user": { "created": "Wed, 07 May 2014 14:47:03 GMT", "display_name": "User's Name comes here", "id": "ae5a003f-292c-497e-afbd-8076e9626f2e", "karma": 0, "user_type": "Noob" } } :resheader Content-Type: *application/json* """ user = db_users.get_by_id(str(user_id)) if not user: raise NotFound("Can't find a user with ID: {user_id}".format(user_id=user_id)) inc = Parser.list('uri', 'inc', User.allowed_includes, optional=True) or [] return jsonify(user=User(user).to_dict(inc))
def reviews(user_id): user_id = str(user_id) if current_user.is_authenticated and current_user.id == user_id: user = current_user else: user = db_users.get_by_id(user_id) if not user: raise NotFound( "Can't find a user with ID: {user_id}".format(user_id=user_id)) user = User(user) page = int(request.args.get('page', default=1)) if page < 1: return redirect(url_for('.reviews')) limit = 12 offset = (page - 1) * limit reviews, count = db_review.list_reviews( user_id=user_id, sort='published_on', limit=limit, offset=offset, inc_hidden=current_user.is_admin(), inc_drafts=current_user.is_authenticated and current_user.id == user_id) return render_template('user/reviews.html', section='reviews', user=user, reviews=reviews, page=page, limit=limit, count=count)
def info(user_id): user = db_users.get_by_id(user_id) if not user: raise NotFound( "Can't find a user with ID: {user_id}".format(user_id=user_id)) user = User(user) return render_template('user/info.html', section='info', user=user)
def test_update(self): db_users.update(self.user1.id, user_new_info={ "email": '*****@*****.**', }) user1 = db_users.get_by_id(self.user1.id) self.assertEqual(user1['email'], '*****@*****.**')
def unblock(user_id): user = db_users.get_by_id(user_id) if not user: abort(404) db_users.unblock(user['id']) flash.success(gettext("This user account has been unblocked.")) return redirect(url_for('user.reviews', user_id=user['id']))
def user_entity_handler(user_id): """Get profile of a user with a specified UUID. **Request Example:** .. code-block:: bash $ curl https://critiquebrainz.org/ws/1/user/ae5a003f-292c-497e-afbd-8076e9626f2e \\ -X GET **Response Example:** .. code-block:: json { "user": { "created": "Wed, 07 May 2014 14:47:03 GMT", "display_name": "User's Name comes here", "id": "ae5a003f-292c-497e-afbd-8076e9626f2e", "karma": 0, "user_type": "Noob" } } :resheader Content-Type: *application/json* """ user = db_users.get_by_id(str(user_id)) if not user: raise NotFound( "Can't find a user with ID: {user_id}".format(user_id=user_id)) inc = Parser.list('uri', 'inc', User.allowed_includes, optional=True) or [] return jsonify(user=User(user).to_dict(inc))
def to_dict(review, confidential=False): review["user"] = User(db_users.get_by_id(review.pop("user_id"))) review["user"] = review["user"].to_dict(confidential=confidential) review["id"] = str(review["id"]) review["entity_id"] = str(review["entity_id"]) review["last_updated"] = review["last_revision"]["timestamp"] review["last_revision"]["review_id"] = str( review["last_revision"]["review_id"]) return review
def to_dict(review, confidential=False, connection=None): if connection is not None: review["user"] = User(db_users.get_user_by_id(connection, review.pop("user_id"))) else: review["user"] = User(db_users.get_by_id(review.pop("user_id"))) review["user"] = review["user"].to_dict(confidential=confidential) review["id"] = str(review["id"]) review["entity_id"] = str(review["entity_id"]) review["last_updated"] = review["last_revision"]["timestamp"] review["last_revision"]["review_id"] = str(review["last_revision"]["review_id"]) return review
def block(user_id): user = db_users.get_by_id(user_id) if not user: raise NotFound("Can't find a user with ID: {user_id}".format(user_id=user_id)) if user['is_blocked']: flash.info(gettext("This account is already blocked.")) return redirect(url_for('user.reviews', user_id=user['id'])) form = AdminActionForm() if form.validate_on_submit(): db_users.block(user['id']) db_moderation_log.create(admin_id=current_user.id, action=ACTION_BLOCK_USER, reason=form.reason.data, user_id=user['id']) flash.success(gettext("This user account has been blocked.")) return redirect(url_for('user.reviews', user_id=user['id'])) return render_template('log/action.html', user=user, form=form, action=ACTION_BLOCK_USER)
def get_authorized_user(self, scopes): authorization = request.headers.get('Authorization') if self.validate_authorization_header(authorization) is False: raise NotAuthorized access_token = authorization.split()[1] token = self.fetch_access_token(access_token) if token is None: raise exceptions.InvalidToken if token["expires"] < datetime.now(): raise exceptions.InvalidToken for scope in scopes: if scope not in db_oauth_token.get_scopes(token["id"]): raise exceptions.InvalidToken user = User(db_users.get_by_id(token["user_id"])) return user
def unblock(user_id): user = db_users.get_by_id(user_id) if not user: raise NotFound("Can't find a user with ID: {user_id}".format(user_id=user_id)) if not user['is_blocked']: flash.info(gettext("This account is not blocked.")) return redirect(url_for('user.reviews', user_id=user['id'])) form = AdminActionForm() if form.validate_on_submit(): db_users.unblock(user['id']) db_moderation_log.create(admin_id=current_user.id, action=AdminActions.ACTION_UNBLOCK_USER, reason=form.reason.data, user_id=user['id']) flash.success(gettext("This user account has been unblocked.")) return redirect(url_for('user.reviews', user_id=user['id'])) return render_template('log/action.html', user=user, form=form, action=AdminActions.ACTION_UNBLOCK_USER.value)
def reviews(user_id): user_id = str(user_id) if current_user.is_authenticated and current_user.id == user_id: user = current_user else: user = db_users.get_by_id(user_id) if not user: raise NotFound("Can't find a user with ID: {user_id}".format(user_id=user_id)) user = User(user) page = int(request.args.get('page', default=1)) if page < 1: return redirect(url_for('.reviews')) limit = 12 offset = (page - 1) * limit reviews, count = db_review.list_reviews(user_id=user_id, sort='published_on', limit=limit, offset=offset, inc_hidden=current_user.is_admin(), inc_drafts=current_user.is_authenticated and current_user.id == user_id) return render_template('user/reviews.html', section='reviews', user=user, reviews=reviews, page=page, limit=limit, count=count)
def load_user(user_id): user = db_users.get_by_id(user_id) if not user: return None return User(user)
def test_get_by_id(self): user = db_users.get_by_id(self.user1.id) self.assertEqual(user['display_name'], "test") self.assertEqual(user['musicbrainz_username'], "tester_1")
def load_user(user_id): user = db_users.get_by_id(user_id) if user: return User(user) else: return None
def info(user_id): user = db_users.get_by_id(user_id) if not user: raise NotFound("Can't find a user with ID: {user_id}".format(user_id=user_id)) user = User(user) return render_template('user/info.html', section='info', user=user)
def info(user_id): user = db_users.get_by_id(user_id) if not user: abort(404) user = User(user) return render_template('user/info.html', section='info', user=user)