Example #1
0
    def test_admin_admin_update(self):
        give_user_privilege(self.user, "ADMIN_ADMIN")

        user_id = self.user.id

        forms = create_admin_admin_form()

        my_form = forms[user_id]
        my_form["%d_admin_config" % user_id].data = True
        my_form["%d_admin_admin" % user_id].data = True
        my_form["%d_admin_playback" % user_id].data = True
        my_form["%d_admin_interface" % user_id].data = True

        forms[user_id] = my_form

        # Create a big dict to send back, just like in the real world!
        post_data = {}
        for form in forms.itervalues():
            post_data.update(form.data)

        # Try to update our own privileges!
        response = self.app.post("/admin/admin_admin_update",
            data=post_data,
            follow_redirects=True)

        assert response.status_code == 200
        assert user_has_privilege(user_id, "ADMIN_INTERFACE")
        assert user_has_privilege(user_id, "ADMIN_CONFIG")
        assert user_has_privilege(user_id, "ADMIN_PLAYBACK")
        assert user_has_privilege(user_id, "ADMIN_ADMIN")
Example #2
0
    def test_admin_admin_update(self):
        give_user_privilege(self.user, "ADMIN_ADMIN")

        user_id = self.user.id

        forms = create_admin_admin_form()

        my_form = forms[user_id]
        my_form["%d_admin_config" % user_id].data = True
        my_form["%d_admin_admin" % user_id].data = True
        my_form["%d_admin_playback" % user_id].data = True
        my_form["%d_admin_interface" % user_id].data = True

        forms[user_id] = my_form

        # Create a big dict to send back, just like in the real world!
        post_data = {}
        for form in forms.itervalues():
            post_data.update(form.data)

        # Try to update our own privileges!
        response = self.app.post("/admin/admin_admin_update",
                                 data=post_data,
                                 follow_redirects=True)

        assert response.status_code == 200
        assert user_has_privilege(user_id, "ADMIN_INTERFACE")
        assert user_has_privilege(user_id, "ADMIN_CONFIG")
        assert user_has_privilege(user_id, "ADMIN_PLAYBACK")
        assert user_has_privilege(user_id, "ADMIN_ADMIN")
Example #3
0
def player():
    """Display the player page.

    Sends the user's queue and the global queue along and displays the player page."""
    users_tracks = get_user_queue(session['user']['id'])
    global_queue = get_global_queue()

    config = {'lastfm_api_key': app.config['LASTFM_API_KEY'], 'lastfm_api_secret': app.config['LASTFM_API_SECRET']}

    user = User.query.get(session['user']['id'])

    # Do some logic to figure out if we need to show the admin console (i.e. the hostname or port for the MPD server are blank)
    if app.config['MPD_SERVER_HOSTNAME'] == "" or app.config['MPD_SERVER_PORT'] == "":
        if user_has_privilege(user, "ADMIN_INTERFACE") and user_has_privilege(user, "ADMIN_CONFIG"):
            return redirect(url_for("admin_console"))

    return render_template("player.html", user=user, user_play_queue=users_tracks, global_play_queue=global_queue, config=config, voting_enabled=needs_voting[app.config['SELECTION_SCHEME']], user_privs=dump_user_privileges(user))
Example #4
0
 def wrapped(*args, **kwargs):
     current_user = session['user']['id']
     missing_privs = [p for p in privs if not user_has_privilege(current_user, p)]
     if len(missing_privs) == 0:
         return f(*args, **kwargs)
     else:
         if fail_mode == "redirect":
             return redirect(url_for("player"))
         elif fail_mode == "json":
             return jsonify(status="error", message="You are not authorized to view this page!"), 403
         else:
             return jsonify(status="Not authorized."), 403
Example #5
0
 def wrapped(*args, **kwargs):
     current_user = session['user']['id']
     missing_privs = [
         p for p in privs if not user_has_privilege(current_user, p)
     ]
     if len(missing_privs) == 0:
         return f(*args, **kwargs)
     else:
         if fail_mode == "redirect":
             return redirect(url_for("player"))
         elif fail_mode == "json":
             return jsonify(
                 status="error",
                 message="You are not authorized to view this page!"
             ), 403
         else:
             return jsonify(status="Not authorized."), 403
Example #6
0
    def test_user_has_privilege(self):
        assert not user_has_privilege(self.user, "ADMIN_INTERFACE")

        give_user_privilege(self.user, "ADMIN_INTERFACE")
        assert user_has_privilege(self.user, "ADMIN_INTERFACE")
Example #7
0
    def test_user_has_privilege(self):
        assert not user_has_privilege(self.user, "ADMIN_INTERFACE")

        give_user_privilege(self.user, "ADMIN_INTERFACE")
        assert user_has_privilege(self.user, "ADMIN_INTERFACE")