def test_change_password(self): self.create_data() # With existing users for name in ["alice", "bob", "charlie"]: user = db.User.get(name=name) # Good password UserManager.change_password(user.id, name.upper(), "newpass") self.assertEqual(UserManager.try_auth(name, "newpass"), user) # Old password self.assertEqual(UserManager.try_auth(name, name.upper()), None) # Wrong password self.assertRaises(ValueError, UserManager.change_password, user.id, "badpass", "newpass") # Ensure we still got the same number of users self.assertEqual(db.User.select().count(), 3) # With invalid UUID self.assertRaises( ValueError, UserManager.change_password, "invalid-uuid", "oldpass", "newpass", ) # Non-existent user self.assertRaises( ObjectNotFound, UserManager.change_password, uuid.uuid4(), "oldpass", "newpass", )
def login(): return_url = request.args.get('returnUrl') or url_for('index') if session.get('userid'): flash('Already logged in') return redirect(return_url) if request.method == 'GET': return render_template('login.html') name, password = map(request.form.get, [ 'user', 'password' ]) error = False if name in ('', None): flash('Missing user name') error = True if password in ('', None): flash('Missing password') error = True if not error: status, user = UserManager.try_auth(store, name, password) if status == UserManager.SUCCESS: session['userid'] = str(user.id) session['username'] = user.name flash('Logged in!') return redirect(return_url) else: flash(UserManager.error_str(status)) return render_template('login.html')
def login(): return_url = request.args.get('returnUrl') or url_for('index') if request.user: flash('Already logged in') return redirect(return_url) if request.method == 'GET': return render_template('login.html') name, password = map(request.form.get, [ 'user', 'password' ]) error = False if name in ('', None): flash('Missing user name') error = True if password in ('', None): flash('Missing password') error = True if not error: status, user = UserManager.try_auth(store, name, password) if status == UserManager.SUCCESS: session['userid'] = str(user.id) flash('Logged in!') return redirect(return_url) else: flash(UserManager.error_str(status)) return render_template('login.html')
def change_username_form(uid): code, user = UserManager.get(store, uid) if code != UserManager.SUCCESS: flash(UserManager.error_str(code)) return redirect(url_for('index')) return render_template('change_username.html', user = user)
def add_user_post(): error = False (name, passwd, passwd_confirm, mail, admin) = map(request.form.get, [ 'user', 'passwd', 'passwd_confirm', 'mail', 'admin' ]) if not name: flash('The name is required.') error = True if not passwd: flash('Please provide a password.') error = True elif passwd != passwd_confirm: flash("The passwords don't match.") error = True if admin is None: admin = True if store.find(User, User.admin == True).count() == 0 else False else: admin = True if not error: status = UserManager.add(store, name, passwd, mail, admin) if status == UserManager.SUCCESS: flash("User '%s' successfully added" % name) return redirect(url_for('user_index')) else: flash(UserManager.error_str(status)) return add_user_form()
def change_password_post(uid, user): error = False if user.id == request.user.id: current = request.form.get('current') if not current: flash('The current password is required') error = True new, confirm = map(request.form.get, [ 'new', 'confirm' ]) if not new: flash('The new password is required') error = True if new != confirm: flash("The new password and its confirmation don't match") error = True if not error: if user.id == request.user.id: status = UserManager.change_password(store, user.id, current, new) else: status = UserManager.change_password2(store, user.name, new) if status != UserManager.SUCCESS: flash(UserManager.error_str(status)) else: flash('Password changed') return redirect(url_for('user_profile', uid = uid)) return change_password_form(uid, user)
def update_clients(uid): clients_opts = {} for client in set(map(lambda k: k.rsplit('_', 1)[0], request.form.keys())): clients_opts[client] = { k.rsplit('_', 1)[1]: v for k, v in filter(lambda (k, v): k.startswith(client), request.form.iteritems()) } app.logger.debug(clients_opts) if uid == 'me': userid = uuid.UUID(session.get('userid')) else: if not UserManager.get(store, session.get('userid'))[1].admin or not UserManager.get(store, uid)[0] is UserManager.SUCCESS: return redirect(url_for('index')) userid = uuid.UUID(uid) for client, opts in clients_opts.iteritems(): prefs = store.get(ClientPrefs, (userid, client)) if 'delete' in opts and opts['delete'] in [ 'on', 'true', 'checked', 'selected', '1' ]: store.remove(prefs) continue prefs.format = opts['format'] if 'format' in opts and opts['format'] else None prefs.bitrate = int(opts['bitrate']) if 'bitrate' in opts and opts['bitrate'] else None store.commit() flash('Clients preferences updated.') return user_profile(uid)
def add_user(): if request.method == 'GET': return render_template('adduser.html', admin = UserManager.get(store, session.get('userid'))[1].admin) error = False (name, passwd, passwd_confirm, mail, admin) = map(request.form.get, [ 'user', 'passwd', 'passwd_confirm', 'mail', 'admin' ]) if name in (None, ''): flash('The name is required.') error = True if passwd in (None, ''): flash('Please provide a password.') error = True elif passwd != passwd_confirm: flash("The passwords don't match.") error = True if admin is None: admin = True if store.find(User, User.admin == True).count() == 0 else False else: admin = True if not error: status = UserManager.add(store, name, passwd, mail, admin) if status == UserManager.SUCCESS: flash("User '%s' successfully added" % name) return redirect(url_for('user_index')) else: flash(UserManager.error_str(status)) return render_template('adduser.html', admin = UserManager.get(store, session.get('userid'))[1].admin)
def create_data(self): # Create some users self.assertIsInstance( UserManager.add("alice", "ALICE", "*****@*****.**", True), db.User) self.assertIsInstance( UserManager.add("bob", "BOB", "*****@*****.**", False), db.User) self.assertIsInstance( UserManager.add("charlie", "CHARLIE", "*****@*****.**", False), db.User) folder = db.Folder(name="Root", path="tests/assets", root=True) artist = db.Artist(name="Artist") album = db.Album(name="Album", artist=artist) track = db.Track( title="Track", disc=1, number=1, duration=1, artist=artist, album=album, path="tests/assets/empty", folder=folder, root_folder=folder, bitrate=320, last_modification=0, ) playlist = db.Playlist(name="Playlist", user=db.User.get(name="alice")) playlist.add(track)
def change_username(uid): if not UserManager.get(store, session.get('userid'))[1].admin or not UserManager.get(store, uid)[0] is UserManager.SUCCESS: return redirect(url_for('index')) user = UserManager.get(store, uid)[1] if request.method == 'POST': username = request.form.get('user') if username in ('', None): flash('The username is required') return render_template('change_username.html', user = user, admin = UserManager.get(store, session.get('userid'))[1].admin) if request.form.get('admin') is None: admin = False else: admin = True changed = False if user.name != username or user.admin != admin: user.name = username user.admin = admin store.commit() flash("User '%s' updated." % username) return redirect(url_for('user_profile', uid = uid)) else: flash("No changes for '%s'." % username) return redirect(url_for('user_profile', uid = uid)) return render_template('change_username.html', user = user, admin = UserManager.get(store, session.get('userid'))[1].admin)
def authorize(): if not request.path.startswith('/rest/'): return error = request.error_formatter(40, 'Unauthorized'), 401 if request.authorization: status, user = UserManager.try_auth(store, request.authorization.username, request.authorization.password) if status == UserManager.SUCCESS: request.username = request.authorization.username request.user = user return (username, password) = map(request.values.get, ['u', 'p']) if not username or not password: return error password = decode_password(password) status, user = UserManager.try_auth(store, username, password) if status != UserManager.SUCCESS: return error request.username = username request.user = user
def del_user(uid): status = UserManager.delete(store, uid) if status == UserManager.SUCCESS: flash('Deleted user') else: flash(UserManager.error_str(status)) return redirect(url_for('user_index'))
def test_change_password2(self): # With existing users for name in ['alice', 'bob', 'charlie']: self.assertEqual(UserManager.change_password2(self.store, name, 'newpass'), UserManager.SUCCESS) user = self.store.find(db.User, db.User.name == name).one() self.assertEqual(UserManager.try_auth(self.store, name, 'newpass'), (UserManager.SUCCESS, user)) # Non-existent user self.assertEqual(UserManager.change_password2(self.store, 'null', 'newpass'), UserManager.NO_SUCH_USER)
def user_profile(uid): if uid == 'me': prefs = store.find(ClientPrefs, ClientPrefs.user_id == uuid.UUID(session.get('userid'))) return render_template('profile.html', user = UserManager.get(store, session.get('userid'))[1], api_key = config.get('lastfm', 'api_key'), clients = prefs, admin = UserManager.get(store, session.get('userid'))[1].admin) else: if not UserManager.get(store, session.get('userid'))[1].admin or not UserManager.get(store, uid)[0] is UserManager.SUCCESS: return redirect(url_for('index')) prefs = store.find(ClientPrefs, ClientPrefs.user_id == uuid.UUID(uid)) return render_template('profile.html', user = UserManager.get(store, uid)[1], api_key = config.get('lastfm', 'api_key'), clients = prefs, admin = UserManager.get(store, session.get('userid'))[1].admin)
def test_get_user(self): # Get existing users for name in ['alice', 'bob', 'charlie']: user = self.store.find(db.User, db.User.name == name).one() self.assertEqual(UserManager.get(self.store, user.id), (UserManager.SUCCESS, user)) # Get with invalid UUID self.assertEqual(UserManager.get(self.store, 'invalid-uuid'), (UserManager.INVALID_ID, None)) # Non-existent user self.assertEqual(UserManager.get(self.store, uuid.uuid4()), (UserManager.NO_SUCH_USER, None))
def test_delete_user(self): # Delete existing users for name in ['alice', 'bob', 'charlie']: user = self.store.find(db.User, db.User.name == name).one() self.assertEqual(UserManager.delete(self.store, user.id), UserManager.SUCCESS) # Delete invalid UUID self.assertEqual(UserManager.delete(self.store, 'invalid-uuid'), UserManager.INVALID_ID) # Delete non-existent user self.assertEqual(UserManager.delete(self.store, uuid.uuid4()), UserManager.NO_SUCH_USER)
def test_try_auth(self): # Test authentication for name in ['alice', 'bob', 'charlie']: user = self.store.find(db.User, db.User.name == name).one() self.assertEqual(UserManager.try_auth(self.store, name, name), (UserManager.SUCCESS, user)) # Wrong password self.assertEqual(UserManager.try_auth(self.store, name, 'bad'), (UserManager.WRONG_PASS, None)) # Non-existent user self.assertEqual(UserManager.try_auth(self.store, 'null', 'null'), (UserManager.NO_SUCH_USER, None))
def test_change_password2(self): # With existing users for name in ['alice', 'bob', 'charlie']: self.assertEqual(UserManager.change_password2(self.store, name, 'newpass'), UserManager.SUCCESS) user = self.store.find(db.User, db.User.name == name).one() self.assertEqual(UserManager.try_auth(self.store, name, 'newpass'), (UserManager.SUCCESS, user)) self.assertEqual(UserManager.try_auth(self.store, name, name.upper()), (UserManager.WRONG_PASS, None)) # Non-existent user self.assertEqual(UserManager.change_password2(self.store, 'null', 'newpass'), UserManager.NO_SUCH_USER)
def test_delete_by_name(self): self.create_data() # Delete existing users for name in ["alice", "bob", "charlie"]: UserManager.delete_by_name(name) self.assertFalse(db.User.exists(name=name)) # Delete non-existent user self.assertRaises(ObjectNotFound, UserManager.delete_by_name, "null")
def change_password(uid): if uid == 'me': user = UserManager.get(store, session.get('userid'))[1].name else: if not UserManager.get(store, session.get('userid'))[1].admin or not UserManager.get(store, uid)[0] is UserManager.SUCCESS: return redirect(url_for('index')) user = UserManager.get(store, uid)[1].name if request.method == 'POST': error = False if uid == 'me' or uid == session.get('userid'): current, new, confirm = map(request.form.get, [ 'current', 'new', 'confirm' ]) if current in ('', None): flash('The current password is required') error = True else: new, confirm = map(request.form.get, [ 'new', 'confirm' ]) if new in ('', None): flash('The new password is required') error = True if new != confirm: flash("The new password and its confirmation don't match") error = True if not error: if uid == 'me' or uid == session.get('userid'): status = UserManager.change_password(store, session.get('userid'), current, new) else: status = UserManager.change_password2(store, UserManager.get(store, uid)[1].name, new) if status != UserManager.SUCCESS: flash(UserManager.error_str(status)) else: flash('Password changed') return redirect(url_for('user_profile', uid = uid)) return render_template('change_pass.html', user = user, admin = UserManager.get(store, session.get('userid'))[1].admin)
def lastfm_unreg(uid): if uid == 'me': lfm = LastFm(UserManager.get(store, session.get('userid'))[1], app.logger) else: if not UserManager.get(store, session.get('userid'))[1].admin or not UserManager.get(store, uid)[0] is UserManager.SUCCESS: return redirect(url_for('index')) lfm = LastFm(UserManager.get(store, uid)[1], app.logger) lfm.unlink_account() store.commit() flash('Unliked LastFM account') return redirect(url_for('user_profile', uid = uid))
def test_try_auth(self): # Test authentication for name in ['alice', 'bob', 'charlie']: user = self.store.find(db.User, db.User.name == name).one() self.assertEqual(UserManager.try_auth(self.store, name, name.upper()), (UserManager.SUCCESS, user)) # Wrong password self.assertEqual(UserManager.try_auth(self.store, 'alice', 'bad'), (UserManager.WRONG_PASS, None)) self.assertEqual(UserManager.try_auth(self.store, 'alice', 'alice'), (UserManager.WRONG_PASS, None)) # Non-existent user self.assertEqual(UserManager.try_auth(self.store, 'null', 'null'), (UserManager.NO_SUCH_USER, None))
def test_get_user(self): # Get existing users for name in ['alice', 'bob', 'charlie']: user = self.store.find(db.User, db.User.name == name).one() self.assertEqual(UserManager.get(self.store, user.id), (UserManager.SUCCESS, user)) # Get with invalid UUID self.assertEqual(UserManager.get(self.store, 'invalid-uuid'), (UserManager.INVALID_ID, None)) self.assertEqual(UserManager.get(self.store, 0xfee1bad), (UserManager.INVALID_ID, None)) # Non-existent user self.assertEqual(UserManager.get(self.store, uuid.uuid4()), (UserManager.NO_SUCH_USER, None))
def user_changepass(): username, password = map(request.args.get, [ 'username', 'password' ]) if not username or not password: return request.error_formatter(10, 'Missing parameter') if username != request.username and not request.user.admin: return request.error_formatter(50, 'Admin restricted') status = UserManager.change_password2(store, username, password) if status != UserManager.SUCCESS: return request.error_formatter(0, UserManager.error_str(status)) return request.formatter({})
def setUp(self): # Create an empty sqlite database in memory self.store = db.get_store("sqlite:") # Read schema from file with open('schema/sqlite.sql') as sql: schema = sql.read() # Create tables on memory database for command in schema.split(';'): self.store.execute(command) # Create some users self.assertEqual(UserManager.add(self.store, 'alice', 'alice', '*****@*****.**', True), UserManager.SUCCESS) self.assertEqual(UserManager.add(self.store, 'bob', 'bob', '*****@*****.**', False), UserManager.SUCCESS) self.assertEqual(UserManager.add(self.store, 'charlie', 'charlie', '*****@*****.**', False), UserManager.SUCCESS)
def test_change_password(self): # With existing users for name in ['alice', 'bob', 'charlie']: user = self.store.find(db.User, db.User.name == name).one() # God password self.assertEqual(UserManager.change_password(self.store, user.id, name, 'newpass'), UserManager.SUCCESS) self.assertEqual(UserManager.try_auth(self.store, name, 'newpass'), (UserManager.SUCCESS, user)) # Wrong password self.assertEqual(UserManager.change_password(self.store, user.id, 'badpass', 'newpass'), UserManager.WRONG_PASS) # With invalid UUID self.assertEqual(UserManager.change_password(self.store, 'invalid-uuid', 'oldpass', 'newpass'), UserManager.INVALID_ID) # Non-existent user self.assertEqual(UserManager.change_password(self.store, uuid.uuid4(), 'oldpass', 'newpass'), UserManager.NO_SUCH_USER)
def user_changepass(): username, password = map(request.args.get, ['username', 'password']) if not username or not password: return request.error_formatter(10, 'Missing parameter') if username != request.username and not request.user.admin: return request.error_formatter(50, 'Admin restricted') status = UserManager.change_password2(store, username, password) if status != UserManager.SUCCESS: return request.error_formatter(0, UserManager.error_str(status)) return request.formatter({})
def test_change_password2(self): self.create_data() # With existing users for name in ["alice", "bob", "charlie"]: UserManager.change_password2(name, "newpass") user = db.User.get(name=name) self.assertEqual(UserManager.try_auth(name, "newpass"), user) self.assertEqual(UserManager.try_auth(name, name.upper()), None) # Non-existent user self.assertRaises(ObjectNotFound, UserManager.change_password2, "null", "newpass")
def setUp(self): # Create an empty sqlite database in memory self.store = db.get_store("sqlite:") # Read schema from file with io.open('schema/sqlite.sql', 'r') as sql: schema = sql.read() # Create tables on memory database for command in schema.split(';'): self.store.execute(command) # Create some users self.assertEqual(UserManager.add(self.store, 'alice', 'ALICE', '*****@*****.**', True), UserManager.SUCCESS) self.assertEqual(UserManager.add(self.store, 'bob', 'BOB', '*****@*****.**', False), UserManager.SUCCESS) self.assertEqual(UserManager.add(self.store, 'charlie', 'CHARLIE', '*****@*****.**', False), UserManager.SUCCESS) folder = db.Folder() folder.name = 'Root' folder.path = 'tests/assets' folder.root = True artist = db.Artist() artist.name = 'Artist' album = db.Album() album.name = 'Album' album.artist = artist track = db.Track() track.title = 'Track' track.disc = 1 track.number = 1 track.duration = 1 track.artist = artist track.album = album track.path = 'tests/assets/empty' track.folder = folder track.root_folder = folder track.duration = 2 track.content_type = 'audio/mpeg' track.bitrate = 320 track.last_modification = 0 self.store.add(track) self.store.commit() playlist = db.Playlist() playlist.name = 'Playlist' playlist.user = self.store.find(db.User, db.User.name == 'alice').one() playlist.add(track) self.store.add(playlist) self.store.commit()
def user_del(): if not request.user.admin: return request.error_formatter(50, 'Admin restricted') username = request.args.get('username') user = store.find(User, User.name == username).one() if not user: return request.error_formatter(70, 'Unknown user') status = UserManager.delete(store, user.id) if status != UserManager.SUCCESS: return request.error_formatter(0, UserManager.error_str(status)) return request.formatter({})
def test_try_auth(self): self.create_data() # Test authentication for name in ["alice", "bob", "charlie"]: user = db.User.get(name=name) authed = UserManager.try_auth(name, name.upper()) self.assertEqual(authed, user) # Wrong password self.assertIsNone(UserManager.try_auth("alice", "bad")) self.assertIsNone(UserManager.try_auth("alice", "alice")) # Non-existent user self.assertIsNone(UserManager.try_auth("null", "null"))
def change_mail(uid): if uid == 'me': user = UserManager.get(store, session.get('userid'))[1] else: if not UserManager.get(store, session.get('userid'))[1].admin or not UserManager.get(store, uid)[0] is UserManager.SUCCESS: return redirect(url_for('index')) user = UserManager.get(store, uid)[1] if request.method == 'POST': mail = request.form.get('mail') # No validation, lol. user.mail = mail store.commit() return redirect(url_for('user_profile', uid = uid)) return render_template('change_mail.html', user = user, admin = UserManager.get(store, session.get('userid'))[1].admin)
def change_username_post(uid): code, user = UserManager.get(store, uid) if code != UserManager.SUCCESS: return redirect(url_for('index')) username = request.form.get('user') if username in ('', None): flash('The username is required') return render_template('change_username.html', user = user) if user.name != username and store.find(User, User.name == username).one(): flash('This name is already taken') return render_template('change_username.html', user = user) if request.form.get('admin') is None: admin = False else: admin = True if user.name != username or user.admin != admin: user.name = username user.admin = admin store.commit() flash("User '%s' updated." % username) else: flash("No changes for '%s'." % username) return redirect(url_for('user_profile', uid = uid))
def setUp(self): self.__db = tempfile.mkstemp() self.__dir = tempfile.mkdtemp() self.config = TestConfig(self.__with_webui__, self.__with_api__) self.config.BASE["database_uri"] = "sqlite:///" + self.__db[1] self.config.WEBAPP["cache_dir"] = self.__dir init_database(self.config.BASE["database_uri"]) release_database() self.__app = create_application(self.config) self.client = self.__app.test_client() with db_session: UserManager.add("alice", "Alic3", admin=True) UserManager.add("bob", "B0b")
def test_delete_user(self): # Delete invalid UUID self.assertEqual(UserManager.delete(self.store, 'invalid-uuid'), UserManager.INVALID_ID) self.assertEqual(UserManager.delete(self.store, 0xfee1b4d), UserManager.INVALID_ID) self.assertEqual(self.store.find(db.User).count(), 3) # Delete non-existent user self.assertEqual(UserManager.delete(self.store, uuid.uuid4()), UserManager.NO_SUCH_USER) self.assertEqual(self.store.find(db.User).count(), 3) # Delete existing users for name in ['alice', 'bob', 'charlie']: user = self.store.find(db.User, db.User.name == name).one() self.assertEqual(UserManager.delete(self.store, user.id), UserManager.SUCCESS) self.assertIsNone(self.store.get(db.User, user.id)) self.assertEqual(self.store.find(db.User).count(), 0)
def do_user_import(): if not request.files['file']: return render_template('importusers.html', admin = UserManager.get(store, session.get('userid'))[1].admin) users = [] reader = csv.reader(request.files['file']) for id, name, mail, password, salt, admin, lfmsess, lfmstatus in reader: mail = None if mail == 'None' else mail admin = admin == 'True' lfmsess = None if lfmsess == 'None' else lfmsess lfmstatus = lfmstatus == 'True' user = User() user.id = uuid.UUID(id) user.name = name user.password = password user.salt = salt user.admin = admin user.lastfm_session = lfmsess user.lastfm_status = lfmstatus users.append(user) store.find(User).remove() for u in users: store.add(u) store.commit() return redirect(url_for('user_index'))
def index(): stats = { 'artists': store.find(Artist).count(), 'albums': store.find(Album).count(), 'tracks': store.find(Track).count() } return render_template('home.html', stats = stats, admin = UserManager.get(store, session.get('userid'))[1].admin)
def lastfm_reg(uid): token = request.args.get('token') if token in ('', None): flash('Missing LastFM auth token') return redirect(url_for('user_profile', uid = uid)) if uid == 'me': lfm = LastFm(UserManager.get(store, session.get('userid'))[1], app.logger) else: if not UserManager.get(store, session.get('userid'))[1].admin or not UserManager.get(store, uid)[0] is UserManager.SUCCESS: return redirect(url_for('index')) lfm = LastFm(UserManager.get(store, uid)[1], app.logger) status, error = lfm.link_account(token) store.commit() flash(error if not status else 'Successfully linked LastFM account') return redirect(url_for('user_profile', uid = uid))
def user_changepass(): username, password = map(request.values.get, ['username', 'password']) if not username or not password: return request.error_formatter(10, 'Missing parameter') if username != request.username and not request.user.admin: return request.error_formatter(50, 'Admin restricted') password = decode_password(password) status = UserManager.change_password2(store, username, password) if status != UserManager.SUCCESS: code = 0 if status == UserManager.NO_SUCH_USER: code = 70 return request.error_formatter(code, UserManager.error_str(status)) return request.formatter({})
def user_changepass(): username, password = map(request.values.get, [ 'username', 'password' ]) if not username or not password: return request.error_formatter(10, 'Missing parameter') if username != request.username and not request.user.admin: return request.error_formatter(50, 'Admin restricted') password = decode_password(password) status = UserManager.change_password2(store, username, password) if status != UserManager.SUCCESS: code = 0 if status == UserManager.NO_SUCH_USER: code = 70 return request.error_formatter(code, UserManager.error_str(status)) return request.formatter({})
def change_mail(): user = UserManager.get(store, session.get('userid'))[1] if request.method == 'POST': mail = request.form.get('mail') # No validation, lol. user.mail = mail store.commit() return redirect(url_for('user_profile')) return render_template('change_mail.html', user = user)
def index(): stats = { 'artists': store.find(Artist).count(), 'albums': store.find(Album).count(), 'tracks': store.find(Track).count() } return render_template('home.html', stats=stats, admin=UserManager.get( store, session.get('userid'))[1].admin)
def test_delete_user(self): self.create_data() # Delete invalid UUID self.assertRaises(ValueError, UserManager.delete, "invalid-uuid") self.assertRaises(ValueError, UserManager.delete, 0xFEE1B4D) self.assertEqual(db.User.select().count(), 3) # Delete non-existent user self.assertRaises(ObjectNotFound, UserManager.delete, uuid.uuid4()) self.assertEqual(db.User.select().count(), 3) # Delete existing users for name in ["alice", "bob", "charlie"]: user = db.User.get(name=name) UserManager.delete(user.id) self.assertRaises(ObjectNotFound, db.User.__getitem__, user.id) commit() self.assertEqual(db.User.select().count(), 0)
def setUp(self): self.__dir = tempfile.mkdtemp() config = TestConfig(self.__with_webui__, self.__with_api__) config.WEBAPP['cache_dir'] = self.__dir app = create_application(config) self.__ctx = app.app_context() self.__ctx.push() self.store = store with io.open('schema/sqlite.sql', 'r') as sql: schema = sql.read() for statement in schema.split(';'): self.store.execute(statement) self.store.commit() self.client = app.test_client() UserManager.add(self.store, 'alice', 'Alic3', '*****@*****.**', True) UserManager.add(self.store, 'bob', 'B0b', '*****@*****.**', False)
def lastfm_reg(): token = request.args.get('token') if token in ('', None): flash('Missing LastFM auth token') return redirect(url_for('user_profile')) lfm = LastFm(UserManager.get(store, session.get('userid'))[1], app.logger) status, error = lfm.link_account(token) store.commit() flash(error if not status else 'Successfully linked LastFM account') return redirect(url_for('user_profile'))
def login_check(): if request.path.startswith('/rest/'): return if request.path.startswith('/static/'): return if request.endpoint != 'login': should_login = False if not session.get('userid'): should_login = True elif UserManager.get(store, session.get('userid'))[0] != UserManager.SUCCESS: session.clear() should_login = True elif UserManager.get(store, session.get('userid'))[1].name != session.get('username'): session.clear() should_login = True if should_login: flash('Please login') return redirect(url_for('login', returnUrl = request.script_root + request.url[len(request.url_root)-1:]))
def playlist_details(uid): try: uid = uuid.UUID(uid) if type(uid) in (str, unicode) else uid except: flash('Invalid playlist id') return redirect(url_for('playlist_index')) playlist = store.get(Playlist, uid) if not playlist: flash('Unknown playlist') return redirect(url_for('playlist_index')) return render_template('playlist.html', playlist = playlist, admin = UserManager.get(store, session.get('userid'))[1].admin)
def decorated_func(*args, **kwargs): if kwargs: uid = kwargs[arg] else: uid = args[0] if uid == 'me': user = request.user elif not request.user.admin: return redirect(url_for('index')) else: code, user = UserManager.get(store, uid) if code != UserManager.SUCCESS: flash(UserManager.error_str(code)) return redirect(url_for('index')) if kwargs: kwargs['user'] = user else: args = (uid, user) return f(*args, **kwargs)
def test_get_user(self): self.create_data() # Get existing users for name in ["alice", "bob", "charlie"]: user = db.User.get(name=name) self.assertEqual(UserManager.get(user.id), user) # Get with invalid UUID self.assertRaises(ValueError, UserManager.get, "invalid-uuid") self.assertRaises(ValueError, UserManager.get, 0xFEE1BAD) # Non-existent user self.assertRaises(ObjectNotFound, UserManager.get, uuid.uuid4())
def change_password(): if request.method == 'POST': current, new, confirm = map(request.form.get, [ 'current', 'new', 'confirm' ]) error = False if current in ('', None): flash('The current password is required') error = True if new in ('', None): flash('The new password is required') error = True if new != confirm: flash("The new password and its confirmation don't match") error = True if not error: status = UserManager.change_password(store, session.get('userid'), current, new) if status != UserManager.SUCCESS: flash(UserManager.error_str(status)) else: flash('Password changed') return redirect(url_for('user_profile')) return render_template('change_pass.html', user = UserManager.get(store, session.get('userid'))[1].name)
def user_add(): if not request.user.admin: return request.error_formatter(50, 'Admin restricted') username, password, email, admin = map( request.args.get, ['username', 'password', 'email', 'adminRole']) if not username or not password or not email: return request.error_formatter(10, 'Missing parameter') admin = True if admin in (True, 'True', 'true', 1, '1') else False status = UserManager.add(store, username, password, email, admin) if status == UserManager.NAME_EXISTS: return request.error_formatter( 0, 'There is already a user with that username') return request.formatter({})