def test_delete_object_with_flush(self, db_session): user = User(user_name="some_new_user", email="foo") assert user.id is None user.persist(flush=True, db_session=db_session) assert user.id is not None uid = user.id UserService.by_id(uid, db_session=db_session) is not None user.delete() assert UserService.by_id(uid, db_session=db_session) is None
def auth_tokens_POST(request): """ Lists all available alert channels """ if request.matched_route.name == "users_self_property": user = request.user else: user = UserService.by_id(request.matchdict.get("user_id")) if not user: return HTTPNotFound() req_data = request.safe_json_body or {} if not req_data.get("expires"): req_data.pop("expires", None) form = forms.AuthTokenCreateForm(MultiDict(req_data), csrf_context=request) if not form.validate(): return HTTPUnprocessableEntity(body=form.errors_json) token = AuthToken() form.populate_obj(token) if token.expires: interval = h.time_deltas.get(token.expires)["delta"] token.expires = datetime.datetime.utcnow() + interval user.auth_tokens.append(token) DBSession.flush() return token.get_dict()
def get_user(request): userid = request.unauthenticated_userid if try_global_session: # set db_session to none to pass to the UserModel.by_id so it can try to autodiscover db_session = None else: # Else assign the request.session db_session = session_provider_callable(request) if userid is not None: return UserService.by_id(userid, db_session=db_session)
def get_user(request): userid = request.unauthenticated_userid if test_session_callable is None: # set db_session to none to pass to the UserModel.by_id db_session = None else: # Else assign the request.session db_session = session_provider_callable(request) if userid is not None: return UserService.by_id(userid, db_session=db_session)
def get_user(request): userid = request.unauthenticated_userid if try_global_session: # set db_session to none to pass to the UserModel.by_id so it can try to autodiscover db_session = None else: # Else assign the request.session db_session = session_provider_callable(request) if userid is not None: return UserService.by_id(userid, db_session=db_session)
def by_id(cls, user_id, db_session=None): """ .. deprecated:: 0.8 :param user_id: :param db_session: :return: """ db_session = get_db_session(db_session) return UserService.by_id(user_id=user_id, db_session=db_session)
def auth_tokens_list(request): """ Lists all available alert channels """ if request.matched_route.name == "users_self_property": user = request.user else: user = UserService.by_id(request.matchdict.get("user_id")) if not user: return HTTPNotFound() return [c.get_dict() for c in user.auth_tokens]
def users_resource_permissions_list(request): """ Get list of permissions assigned to specific resources """ user = UserService.by_id(request.matchdict.get("user_id")) if not user: return HTTPNotFound() return [ permission_tuple_to_dict(perm) for perm in UserService.resources_with_possible_perms(user) ]
def by_id(cls, user_id, db_session=None): """ .. deprecated:: 0.8 :param user_id: :param db_session: :return: """ db_session = get_db_session(db_session) return UserService.by_id(user_id=user_id, db_session=db_session)
def auth_tokens_DELETE(request): """ Lists all available alert channels """ if request.matched_route.name == "users_self_property": user = request.user else: user = UserService.by_id(request.matchdict.get("user_id")) if not user: return HTTPNotFound() for token in user.auth_tokens: if token.token == request.params.get("token"): user.auth_tokens.remove(token) return True return False
def users_DELETE(request): """ Removes a user permanently from db - makes a check to see if after the operation there will be at least one admin left """ msg = _("There needs to be at least one administrator in the system") user = UserService.by_id(request.matchdict.get("user_id")) if user: users = UserService.users_for_perms(["root_administration"]).all() if len(users) < 2 and user.id == users[0].id: request.session.flash(msg, "warning") else: DBSession.delete(user) request.session.flash(_("User removed")) return True request.response.status = 422 return False
def get_user(request): # type: (Request) -> Optional[User] """ Obtains the authenticated user from the request (if any). :param request: incoming HTTP request potentially containing authentication definitions. :return: the authenticated user if parameters were valid (good credentials, not expired, etc.) or ``None``. """ user_id = request.unauthenticated_userid LOGGER.debug("Current user id is '%s'", user_id) if user_id is not None: user = UserService.by_id(user_id, db_session=request.db) LOGGER.debug("Current user has been resolved has '%s'", user) return user if LOGGER.isEnabledFor(logging.DEBUG): debug_cookie_identify(request) return None
def get_user(request): if not request.path_info.startswith("/static"): user_id = unauthenticated_userid(request) try: user_id = int(user_id) except Exception: return None if user_id: user = UserService.by_id(user_id) if user: request.environ["appenlight.username"] = "******" % ( user_id, user.user_name, ) return user else: return None
def users_update(request): """ Updates user object """ user = UserService.by_id(request.matchdict.get("user_id")) if not user: return HTTPNotFound() post_data = request.safe_json_body or {} if request.method == "PATCH": form = forms.UserUpdateForm(MultiDict(post_data), csrf_context=request) if form.validate(): form.populate_obj(user, ignore_none=True) if form.user_password.data: UserService.set_password(user, user.user_password) if form.status.data: user.status = 1 else: user.status = 0 else: return HTTPUnprocessableEntity(body=form.errors_json) return user.get_dict(exclude_keys=[ "security_code_date", "notes", "security_code", "user_password" ])
def relogin_to_user(request): user = UserService.by_id(request.GET.get("user_id")) if not user: return HTTPNotFound() headers = security.remember(request, user.id) return HTTPFound(location=request.route_url("/"), headers=headers)