def remove_user_account(username, **_):
"""
Remove the account specified by the username.
Variables:
username => Name of the user to get the account info
Arguments:
None
Data Block:
None
Result example:
{
"success": true # Was the remove successful?
}
"""
remove_list = [
username,
"%s_avatar" % username,
"%s_options" % username,
"%s_favorites" % username
]
for key in remove_list:
STORAGE.delete_user(key)
return make_api_response({"success": True})
def save_user_account(username, data, user):
data = validate_settings(data,
ACCOUNT_DEFAULT,
exceptions=[
'avatar', 'agrees_with_tos', 'dn', 'password',
'otp_sk', 'u2f_devices'
])
if username != data['uname']:
raise AccessDeniedException(
"You are not allowed to change the username.")
if username != user['uname'] and not user['is_admin']:
raise AccessDeniedException(
"You are not allowed to change another user then yourself.")
current = STORAGE.get_user_account(username)
if current:
current = validate_settings(current,
ACCOUNT_DEFAULT,
exceptions=[
'avatar', 'agrees_with_tos', 'dn',
'password', 'otp_sk', 'u2f_devices'
])
if not user['is_admin']:
for key in current.iterkeys():
if data[key] != current[
key] and key not in ACCOUNT_USER_MODIFIABLE:
raise AccessDeniedException(
"Only Administrators can change the value of the field [%s]."
% key)
else:
raise InvalidDataException(
"You cannot save a user that does not exists [%s]." % username)
if not data['avatar']:
STORAGE.delete_user(data['uname'] + "_avatar")
else:
STORAGE.set_user_avatar(username, data['avatar'])
data['avatar'] = None
return STORAGE.set_user_account(username, data)
