def edit_user(user_id): cuser = None if user_id is not None: cuser = User.get(id=user_id) if not cuser: return abort(404) if cuser.id != request.user.id and not request.user.can_manage: return abort(403) elif not request.user.can_manage: return abort(403) errors = [] if request.method == 'POST': if not cuser and not request.user.can_manage: return abort(403) user_name = request.form.get('user_name') password = request.form.get('user_password') can_manage = request.form.get('user_can_manage') == 'on' can_view_buildlogs = request.form.get( 'user_can_view_buildlogs') == 'on' can_download_artifacts = request.form.get( 'user_can_download_artifacts') == 'on' if not cuser: # Create a new user assert request.user.can_manage other = User.get(name=user_name) if other: errors.append('User {!r} already exists'.format(user_name)) elif len(user_name) == 0: errors.append('Username is empty') elif len(password) == 0: errors.append('Password is empty') else: cuser = User(name=user_name, passhash=utils.hash_pw(password), can_manage=can_manage, can_view_buildlogs=can_view_buildlogs, can_download_artifacts=can_download_artifacts) else: # Update user settings if password: cuser.passhash = utils.hash_pw(password) # The user can only update privileges if he has managing privileges. if request.user.can_manage: cuser.can_manage = can_manage cuser.can_view_buildlogs = can_view_buildlogs cuser.can_download_artifacts = can_download_artifacts if not errors: return redirect(cuser.url()) models.rollback() return render_template('edit_user.html', user=request.user, cuser=cuser, errors=errors)
def login(): errors = [] if request.method == 'POST': user_name = request.form['user_name'] user_password = request.form['user_password'] user = User.get(name=user_name, passhash=utils.hash_pw(user_password)) if user: token = LoginToken.create(request.remote_addr, user) session['flux_login_token'] = token.token return redirect(url_for('dashboard')) errors.append('Username or password invalid.') return render_template('login.html', errors=errors)
def create_or_update_root(cls): root = cls.get_root_user() if root: # Make sure the root has all privileges. root.can_manage = True root.can_download_artifacts = True root.can_view_buildlogs = True root.set_password(config.root_password) root.name = config.root_user else: # Create a new root user. app.logger.info('Creating new root user: {!r}'.format( config.root_user)) root = cls(name=config.root_user, passhash=utils.hash_pw(config.root_password), can_manage=True, can_download_artifacts=True, can_view_buildlogs=True) return root
def get_by_login_details(cls, user_name, password): passhash = utils.hash_pw(password) return orm.select( x for x in cls if x.name == user_name and x.passhash == passhash).first()
def set_password(self, password): self.passhash = utils.hash_pw(password)