def post(self, *args: Any, **kwargs: Any) -> None: name = self.get_path_argument("name") password_id = int(self.get_path_argument("password_id")) user = User.get(self.session, name=name) if not user: return self.notfound() if not self.check_access(self.session, self.current_user, user): return self.forbidden() password = UserPassword.get(self.session, user=user, id=password_id) try: delete_user_password(self.session, password.name, user.id) except PasswordDoesNotExist: # if the password doesn't exist, we can pretend like it did and that we deleted it return self.redirect("/users/{}?refresh=yes".format(user.username)) AuditLog.log( self.session, self.current_user.id, "delete_password", "Deleted password: {}".format(password.name), on_user_id=user.id, ) self.session.commit() return self.redirect("/users/{}?refresh=yes".format(user.username))
def get(self, user_id=None, name=None, pass_id=None): user = User.get(self.session, user_id, name) if not user: return self.notfound() if not self.check_access(self.session, self.current_user, user): return self.forbidden() password = UserPassword.get(self.session, user=user, id=pass_id) return self.render("user-password-delete.html", user=user, password=password)
def get(self, *args: Any, **kwargs: Any) -> None: name = self.get_path_argument("name") password_id = int(self.get_path_argument("password_id")) user = User.get(self.session, name=name) if not user: return self.notfound() if not self.check_access(self.session, self.current_user, user): return self.forbidden() password = UserPassword.get(self.session, user=user, id=password_id) return self.render("user-password-delete.html", user=user, password=password)
def post(self, user_id=None, name=None, pass_id=None): user = User.get(self.session, user_id, name) if not user: return self.notfound() if not self.check_access(self.session, self.current_user, user): return self.forbidden() password = UserPassword.get(self.session, user=user, id=pass_id) try: delete_user_password(self.session, password.name, user.id) except PasswordDoesNotExist: # if the password doesn't exist, we can pretend like it did and that we deleted it return self.redirect("/users/{}?refresh=yes".format(user.id)) AuditLog.log(self.session, self.current_user.id, 'delete_password', 'Deleted password: {}'.format(password.name), on_user_id=user.id) self.session.commit() return self.redirect("/users/{}?refresh=yes".format(user.id))