def get_session(cls,cookies): """ returns the session if it's not expired or nonexistant """ cookie = SimpleCookie(cookies) session_id = cookie['session_id'].value db = Database() stmnt = "SELECT SES_USR_ID, SES_EXPIRES FROM SESSIONS WHERE SES_ID = ? ;" cur = db.query(stmnt,(session_id,)) row = cur.fetchonemap() session=None if row is not None: user = User.get_user_by_id(row["SES_USR_ID"]) session = Session(user) session._id = session_id expiration = row["SES_EXPIRES"] if expiration < datetime.now(): raise SessionException(SessionException.get_msg(0)) session._expiration = row["SES_EXPIRES"] else: raise SessionException(SessionException.get_msg(2)) return session
def deleteUser(self, params): user_id = int(params[0]) session_user = Session.get_current_session_user() if session_user.check_permission('skarphed.users.delete'): user = User.get_user_by_id(user_id) user.delete()
def revokeRightFromUser(self,params): user_id = int(params[0]) permission_name = str(params[1]) session_user = Session.get_current_session_user() if session_user.check_permission('skarphed.users.grant_revoke'): user = User.get_user_by_id(user_id) user.revoke_permission(permission_name) return True
def alterPassword(self, params): user_id = int(params[0]) new_password = unicode(params[1]) old_password = unicode(params[2]) session_user = Session.get_current_session_user() if user_id == session_user.get_id(): session_user.alter_password(new_password,old_password) else: if session_user.check_permission("skarphed.users.alter_password"): user = User.get_user_by_id(user_id) user.alter_password(new_password,"",True) return True
def get_user(self): """ returns this session's user """ return User.get_user_by_id(self._user)
def getRightsForUserPage(self,params): user_id = int(params[0]) user = User.get_user_by_id(user_id) return user.get_grantable_permissions()