def add_user():
if request.method == "GET":
return render_template("adduser.html")
error = False
(name, passwd, passwd_confirm, mail, admin) = map(
request.form.get, ["name", "passwd", "passwd_confirm", "mail", "admin"]
)
if name in (None, ""):
flash("The name is required.")
error = True
if passwd in (None, ""):
flash("Please provide a password.")
error = True
elif passwd != passwd_confirm:
flash("The passwords don't match.")
error = True
if admin is None:
admin = True if User.query.filter(User.admin == True).count() == 0 else False
else:
admin = True
if not error:
status = UserManager.add(name, passwd, mail, admin)
if status == UserManager.SUCCESS:
flash("User '%s' successfully added" % name)
return redirect(url_for("user_index"))
else:
flash(UserManager.error_str(status))
return render_template("adduser.html")
def add_user():
if request.method == 'GET':
return render_template('adduser.html')
error = False
(name, passwd, passwd_confirm, mail, admin) = map(request.form.get, [ 'name', 'passwd', 'passwd_confirm', 'mail', 'admin' ])
if name in (None, ''):
flash('The name is required.')
error = True
if passwd in (None, ''):
flash('Please provide a password.')
error = True
elif passwd != passwd_confirm:
flash("The passwords don't match.")
error = True
if admin is None:
admin = True if User.query.filter(User.admin == True).count() == 0 else False
else:
admin = True
if not error:
status = UserManager.add(name, passwd, mail, admin)
if status == UserManager.SUCCESS:
flash("User '%s' successfully added" % name)
return redirect(url_for('user_index'))
else:
flash(UserManager.error_str(status))
return render_template('adduser.html')
def login():
return_url = request.args.get('returnUrl') or url_for('index')
if session.get('userid'):
flash('Already logged in')
return redirect(return_url)
if request.method == 'GET':
return render_template('login.html')
name, password = map(request.form.get, [ 'user', 'password' ])
error = False
if name in ('', None):
flash('Missing user name')
error = True
if password in ('', None):
flash('Missing password')
error = True
if not error:
status, user = UserManager.try_auth(name, password)
if status == UserManager.SUCCESS:
session['userid'] = str(user.id)
session['username'] = user.name
flash('Logged in!')
return redirect(return_url)
else:
flash(UserManager.error_str(status))
return render_template('login.html')
def add_user():
if request.method == 'GET':
return render_template('adduser.html')
error = False
(name, passwd, passwd_confirm, mail,
admin) = map(request.form.get,
['name', 'passwd', 'passwd_confirm', 'mail', 'admin'])
if name in (None, ''):
flash('The name is required.')
error = True
if passwd in (None, ''):
flash('Please provide a password.')
error = True
elif passwd != passwd_confirm:
flash("The passwords don't match.")
error = True
if admin is None:
admin = True if User.query.filter(
User.admin == True).count() == 0 else False
else:
admin = True
if not error:
status = UserManager.add(name, passwd, mail, admin)
if status == UserManager.SUCCESS:
flash("User '%s' successfully added" % name)
return redirect(url_for('user_index'))
else:
flash(UserManager.error_str(status))
return render_template('adduser.html')
def change_password():
if request.method == 'POST':
current, new, confirm = map(request.form.get,
['current', 'new', 'confirm'])
error = False
if current in ('', None):
flash('The current password is required')
error = True
if new in ('', None):
flash('The new password is required')
error = True
if new != confirm:
flash("The new password and its confirmation don't match")
error = True
if not error:
status = UserManager.change_password(session.get('userid'),
current, new)
if status != UserManager.SUCCESS:
flash(UserManager.error_str(status))
else:
flash('Password changed')
return redirect(url_for('user_profile'))
return render_template('change_pass.html',
user=UserManager.get(session.get('userid'))[1].name)
def login():
return_url = request.args.get('returnUrl') or url_for('index')
if session.get('userid'):
flash('Already logged in')
return redirect(return_url)
if request.method == 'GET':
return render_template('login.html')
name, password = map(request.form.get, ['user', 'password'])
error = False
if name in ('', None):
flash('Missing user name')
error = True
if password in ('', None):
flash('Missing password')
error = True
if not error:
status, user = UserManager.try_auth(name, password)
if status == UserManager.SUCCESS:
session['userid'] = str(user.id)
session['username'] = user.name
flash('Logged in!')
return redirect(return_url)
else:
flash(UserManager.error_str(status))
return render_template('login.html')
def test_get_all_users(self):
mocked_key_dir = MagicMock()
mocked_file = MagicMock()
mocked_dir = MagicMock()
mocked_re = MagicMock()
mocked_user = MagicMock()
mocked_user.get_by_name.return_value = 'test_user'
mocked_path.return_value = mocked_key_dir
mocked_dir.isdir.return_value = True
mocked_file.isdir.return_value = False
mocked_file.__str__ = lambda x: 'ok_file'
mocked_re.compile().findall.return_value = ['file1.pub']
mocked_key_dir.walk.return_value = [mocked_file, mocked_dir]
UserManager.__bases__ = (MockManager, )
with patch.multiple('managers.user', User=mocked_user,
Path=mocked_path, re=mocked_re):
users = UserManager('~/path/to/admin/gitolite/repo')
eq_(users.all(), ['test_user'])
mocked_path.has_calls([call(mocked_path, 'keydir')])
eq_(mocked_key_dir.walk.call_count, 1)
eq_(mocked_dir.isdir.call_count, 1)
eq_(mocked_file.isdir.call_count, 1)
mocked_re.compile.has_calls([call('(\w.pub)')])
mocked_re.compile('\w.pub').findall.assert_called_once_with('ok_file')
mocked_user.get_by_name.assert_called_once_with('file1', mocked_path,
mocked_git)
def login():
return_url = request.args.get("returnUrl") or url_for("index")
if session.get("userid"):
flash("Already logged in")
return redirect(return_url)
if request.method == "GET":
return render_template("login.html")
name, password = map(request.form.get, ["user", "password"])
error = False
if name in ("", None):
flash("Missing user name")
error = True
if password in ("", None):
flash("Missing password")
error = True
if not error:
status, user = UserManager.try_auth(name, password)
if status == UserManager.SUCCESS:
session["userid"] = str(user.id)
session["username"] = user.name
flash("Logged in!")
return redirect(return_url)
else:
flash(UserManager.error_str(status))
return render_template("login.html")
def del_user(uid):
status = UserManager.delete(uid)
if status == UserManager.SUCCESS:
flash('Deleted user')
else:
flash(UserManager.error_str(status))
return redirect(url_for('user_index'))
def del_user(uid):
status = UserManager.delete(uid)
if status == UserManager.SUCCESS:
flash('Deleted user')
else:
flash(UserManager.error_str(status))
return redirect(url_for('user_index'))
def user_add(self, name, admin, password, email):
if not password:
password = getpass.getpass()
confirm = getpass.getpass('Confirm password: '******'t match"
return
status = UserManager.add(name, password, email, admin)
if status != UserManager.SUCCESS:
print >>sys.stderr, UserManager.error_str(status)
def test_create_user_succesfully(self):
mocked_user = MagicMock(return_value='test_username')
UserManager.__bases__ = (MockManager, )
with patch.multiple('managers.user', User=mocked_user,
Manager=MagicMock()):
users = UserManager('~/path/to/admin/gitolite/repo')
eq_('test_username', users.create('test_username', 'key_path'))
mocked_user.assert_called_once_with(mocked_path, mocked_git,
'test_username', keys=['key_path'])
def user_changepass(name, password):
if not password:
password = getpass.getpass()
confirm = getpass.getpass('Confirm password: '******'t match"
return
status = UserManager.change_password2(name, password)
if status != UserManager.SUCCESS:
print >> sys.stderr, UserManager.error_str(status)
else:
print "Successfully changed '{}' password".format(name)
def test_get_user(self):
mocked_user = MagicMock()
mocked_user.get_by_name.return_value = 'test_user'
UserManager.__bases__ = (MockManager, )
with patch.multiple('managers.user', User=mocked_user):
users = UserManager('~/path/to/admin/gitolite/repo')
eq_('test_user', users.get('test_user'))
mocked_user.get_by_name.assert_called_once_with('test_user',
mocked_path,
mocked_git)
def user_changepass(name, password):
if not password:
password = getpass.getpass()
confirm = getpass.getpass('Confirm password: '******'t match"
return
status = UserManager.change_password2(name, password)
if status != UserManager.SUCCESS:
print >>sys.stderr, UserManager.error_str(status)
else:
print "Successfully changed '{}' password".format(name)
def user_changepass():
username, password = map(request.args.get, ['username', 'password'])
if not username or not password:
return request.error_formatter(10, 'Missing parameter')
if username != request.username and not request.user.admin:
return request.error_formatter(50, 'Admin restricted')
status = UserManager.change_password2(username, password)
if status != UserManager.SUCCESS:
return request.error_formatter(0, UserManager.error_str(status))
return request.formatter({})
def user_changepass():
username, password = map(request.args.get, [ 'username', 'password' ])
if not username or not password:
return request.error_formatter(10, 'Missing parameter')
if username != request.username and not request.user.admin:
return request.error_formatter(50, 'Admin restricted')
status = UserManager.change_password2(username, password)
if status != UserManager.SUCCESS:
return request.error_formatter(0, UserManager.error_str(status))
return request.formatter({})
def user_del():
if not request.user.admin:
return request.error_formatter(50, 'Admin restricted')
username = request.args.get('username')
user = User.query.filter(User.name == username).first()
if not user:
return request.error_formatter(70, 'Unknown user')
status = UserManager.delete(user.id)
if status != UserManager.SUCCESS:
return request.error_formatter(0, UserManager.error_str(status))
return request.formatter({})
def user_del():
if not request.user.admin:
return request.error_formatter(50, 'Admin restricted')
username = request.args.get('username')
user = User.query.filter(User.name == username).first()
if not user:
return request.error_formatter(70, 'Unknown user')
status = UserManager.delete(user.id)
if status != UserManager.SUCCESS:
return request.error_formatter(0, UserManager.error_str(status))
return request.formatter({})
class BaseWSHandler(WebSocketHandler):
@property
def db(self):
return self.application.db
CONNECTIONS_BY_VIDEO_ID = {}
def add_connection(self, video_id, connection):
""" Add connection to global manager """
if video_id not in self.CONNECTIONS_BY_VIDEO_ID:
self.CONNECTIONS_BY_VIDEO_ID[video_id] = []
self.CONNECTIONS_BY_VIDEO_ID[video_id].append(connection)
def remove_connection(self, video_id, connection):
""" Remove connection from global manager """
if video_id not in self.CONNECTIONS_BY_VIDEO_ID:
self.CONNECTIONS_BY_VIDEO_ID[video_id] = []
self.CONNECTIONS_BY_VIDEO_ID[video_id].remove(connection)
def get_connections(self, video_id):
""" Gets all connections from global manager """
if video_id not in self.CONNECTIONS_BY_VIDEO_ID:
self.CONNECTIONS_BY_VIDEO_ID[video_id] = []
return self.CONNECTIONS_BY_VIDEO_ID[video_id]
def initialize(self):
""" Constructor. """
self.user_manager = UserManager(self.db)
self.video_manager = VideoManager(self.db)
def check_user(self, id, auth):
""" Given an id and auth, checks if the auth matches the id. """
return self.user_manager.check_auth(id, auth)
def user_profile():
prefs = ClientPrefs.query.filter(
ClientPrefs.user_id == uuid.UUID(session.get('userid')))
return render_template('profile.html',
user=UserManager.get(session.get('userid'))[1],
api_key=config.get('lastfm', 'api_key'),
clients=prefs)
def index():
stats = {
'artists': db.Artist.query.count(),
'albums': db.Album.query.count(),
'tracks': db.Track.query.count()
}
return render_template('home.html', stats = stats, admin = UserManager.get(session.get('userid'))[1].admin)
def check_admin():
if not request.path.startswith('/user'):
return
if request.endpoint in ('user_index', 'add_user', 'del_user',
'export_users', 'import_users',
'do_user_import') and not UserManager.get(
session.get('userid'))[1].admin:
return redirect(url_for('index'))
def check_admin():
if not request.path.startswith("/user"):
return
if (
request.endpoint in ("user_index", "add_user", "del_user", "export_users", "import_users", "do_user_import")
and not UserManager.get(session.get("userid"))[1].admin
):
return redirect(url_for("index"))
def change_mail():
user = UserManager.get(session.get("userid"))[1]
if request.method == "POST":
mail = request.form.get("mail")
# No validation, lol.
user.mail = mail
db_sess.commit()
return redirect(url_for("user_profile"))
return render_template("change_mail.html", user=user)
def change_mail():
user = UserManager.get(session.get('userid'))[1]
if request.method == 'POST':
mail = request.form.get('mail')
# No validation, lol.
user.mail = mail
db_sess.commit()
return redirect(url_for('user_profile'))
return render_template('change_mail.html', user=user)
def index():
stats = {
'artists': db.Artist.query.count(),
'albums': db.Album.query.count(),
'tracks': db.Track.query.count()
}
return render_template('home.html',
stats=stats,
admin=UserManager.get(
session.get('userid'))[1].admin)
def change_mail():
user = UserManager.get(session.get('userid'))[1]
if request.method == 'POST':
mail = request.form.get('mail')
# No validation, lol.
user.mail = mail
db_sess.commit()
return redirect(url_for('user_profile'))
return render_template('change_mail.html', user = user)
def lastfm_reg():
token = request.args.get('token')
if token in ('', None):
flash('Missing LastFM auth token')
return redirect(url_for('user_profile'))
lfm = LastFm(UserManager.get(session.get('userid'))[1], app.logger)
status, error = lfm.link_account(token)
flash(error if not status else 'Successfully linked LastFM account')
return redirect(url_for('user_profile'))
def lastfm_reg():
token = request.args.get('token')
if token in ('', None):
flash('Missing LastFM auth token')
return redirect(url_for('user_profile'))
lfm = LastFm(UserManager.get(session.get('userid'))[1], app.logger)
status, error = lfm.link_account(token)
flash(error if not status else 'Successfully linked LastFM account')
return redirect(url_for('user_profile'))
def lastfm_reg():
token = request.args.get("token")
if token in ("", None):
flash("Missing LastFM auth token")
return redirect(url_for("user_profile"))
lfm = LastFm(UserManager.get(session.get("userid"))[1], app.logger)
status, error = lfm.link_account(token)
flash(error if not status else "Successfully linked LastFM account")
return redirect(url_for("user_profile"))
def authorize():
if not request.path.startswith('/rest/'):
return
error = request.error_formatter(40, 'Unauthorized'), 401
if request.authorization:
status, user = UserManager.try_auth(request.authorization.username, request.authorization.password)
if status == UserManager.SUCCESS:
request.username = request.authorization.username
request.user = user
return
(username, password) = map(request.args.get, [ 'u', 'p' ])
if not username or not password:
return error
status, user = UserManager.try_auth(username, password)
if status != UserManager.SUCCESS:
return error
request.username = username
request.user = user
def user_add():
if not request.user.admin:
return request.error_formatter(50, 'Admin restricted')
username, password, email, admin = map(request.args.get, [ 'username', 'password', 'email', 'adminRole' ])
if not username or not password or not email:
return request.error_formatter(10, 'Missing parameter')
admin = True if admin in (True, 'True', 'true', 1, '1') else False
status = UserManager.add(username, password, email, admin)
if status == UserManager.NAME_EXISTS:
return request.error_formatter(0, 'There is already a user with that username')
return request.formatter({})
def authorize():
if not request.path.startswith('/rest/'):
return
error = request.error_formatter(40, 'Unauthorized'), 401
if request.authorization:
status, user = UserManager.try_auth(request.authorization.username, request.authorization.password)
if status == UserManager.SUCCESS:
request.username = request.authorization.username
request.user = user
return
(username, password) = map(request.args.get, [ 'u', 'p' ])
if not username or not password:
return error
status, user = UserManager.try_auth(username, password)
if status != UserManager.SUCCESS:
return error
request.username = username
request.user = user
def change_password():
if request.method == 'POST':
current, new, confirm = map(request.form.get, [ 'current', 'new', 'confirm' ])
error = False
if current in ('', None):
flash('The current password is required')
error = True
if new in ('', None):
flash('The new password is required')
error = True
if new != confirm:
flash("The new password and its confirmation don't match")
error = True
if not error:
status = UserManager.change_password(session.get('userid'), current, new)
if status != UserManager.SUCCESS:
flash(UserManager.error_str(status))
else:
flash('Password changed')
return redirect(url_for('user_profile'))
return render_template('change_pass.html', user = UserManager.get(session.get('userid'))[1].name)
def change_password():
if request.method == "POST":
current, new, confirm = map(request.form.get, ["current", "new", "confirm"])
error = False
if current in ("", None):
flash("The current password is required")
error = True
if new in ("", None):
flash("The new password is required")
error = True
if new != confirm:
flash("The new password and its confirmation don't match")
error = True
if not error:
status = UserManager.change_password(session.get("userid"), current, new)
if status != UserManager.SUCCESS:
flash(UserManager.error_str(status))
else:
flash("Password changed")
return redirect(url_for("user_profile"))
return render_template("change_pass.html", user=UserManager.get(session.get("userid"))[1].name)
def login_check():
if request.path.startswith('/rest/'):
return
if request.endpoint != 'login':
should_login = False
if not session.get('userid'):
should_login = True
elif UserManager.get(session.get('userid'))[0] != UserManager.SUCCESS:
session.clear()
should_login = True
if should_login:
flash('Please login')
return redirect(url_for('login', returnUrl = request.script_root + request.url[len(request.url_root)-1:]))
def user_add():
if not request.user.admin:
return request.error_formatter(50, 'Admin restricted')
username, password, email, admin = map(
request.args.get, ['username', 'password', 'email', 'adminRole'])
if not username or not password or not email:
return request.error_formatter(10, 'Missing parameter')
admin = True if admin in (True, 'True', 'true', 1, '1') else False
status = UserManager.add(username, password, email, admin)
if status == UserManager.NAME_EXISTS:
return request.error_formatter(
0, 'There is already a user with that username')
return request.formatter({})
def login_check():
if request.path.startswith('/rest/'):
return
if request.endpoint != 'login':
should_login = False
if not session.get('userid'):
should_login = True
elif UserManager.get(session.get('userid'))[0] != UserManager.SUCCESS:
session.clear()
should_login = True
if should_login:
flash('Please login')
return redirect(
url_for('login',
returnUrl=request.script_root +
request.url[len(request.url_root) - 1:]))
class WebhookController(Resource):
def __init__(self):
super().__init__()
self.user_manager = UserManager()
self.manager = WebhookManager()
def post(self):
if request.json is None or not request.json:
return error_response("Request must be application/json"), 400
schema = WebhookSchema()
load = schema.load(request.json)
if load.errors:
return load.errors, 400
user = self.user_manager.get_user_from_request(request)
if user is None:
return error_response("Couldn't authenticate user from token"), 401
if load.data is None or "id" not in load.data:
return error_response("Error grabbing repository for user"), 400
# TODO: Add webhook user validation back in, this will require allowing users to join organizations
#if user.id != load.data.get("id"):
# return error_response("Repository not owned by requester"), 403
dock_url = "".join(
[settings.JOB_URL, "/repo",
load.data.get("id"), "/job"])
response = self.manager.create_webhook(owner=user,
repo=load.data.get("name"),
url=dock_url)
print(response)
print(response.json())
return {}, 400
def user_add(name, admin=False, email=None):
password = prompt_pass("Please enter a password")
if password:
status = UserManager.add(name, password, email, admin)
if status != UserManager.SUCCESS:
print >>sys.stderr, UserManager.error_str(status)
def user_profile():
return render_template(
"profile.html", user=UserManager.get(session.get("userid"))[1], api_key=config.get("lastfm", "api_key")
)
def test_create_user_with_no_key(self):
with patch.multiple('managers.manager',
Git=MagicMock(),
Path=MagicMock()):
users = UserManager('~/path/to/admin/gitolite/repo')
users.create('test_username')
def check_admin():
if not request.path.startswith('/folder'):
return
if not UserManager.get(fl_sess.get('userid'))[1].admin:
return redirect(url_for('index'))
def initialize(self):
""" Constructor. """
self.user_manager = UserManager(self.db)
self.video_manager = VideoManager(self.db)
self.user = self.login()
def check_admin():
if not request.path.startswith('/user'):
return
if request.endpoint in ('user_index', 'add_user', 'del_user', 'export_users', 'import_users', 'do_user_import') and not UserManager.get(session.get('userid'))[1].admin:
return redirect(url_for('index'))
def lastfm_unreg():
lfm = LastFm(UserManager.get(session.get('userid'))[1], app.logger)
lfm.unlink_account()
flash('Unliked LastFM account')
return redirect(url_for('user_profile'))
def __init__(self, admin_repository):
self.admin_repository = admin_repository
self.users = UserManager(admin_repository)
self.repos = RepositoryManager(admin_repository)
def lastfm_unreg():
lfm = LastFm(UserManager.get(session.get('userid'))[1], app.logger)
lfm.unlink_account()
flash('Unliked LastFM account')
return redirect(url_for('user_profile'))
class BaseHandler(RequestHandler):
@property
def db(self):
return self.application.db
def initialize(self):
""" Constructor. """
self.user_manager = UserManager(self.db)
self.video_manager = VideoManager(self.db)
self.user = self.login()
def render(self, template, title, args={}):
""" Making the render follow our formatting. """
super(BaseHandler, self).render(template, title=title, args=args)
def flash(self, message, m_type="info"):
""" Stores a "flash" cookie with a message and message type to be
destroyed upon consumption. """
self.set_secure_cookie("message", base64.encodestring(message))
self.set_secure_cookie("message_type", base64.encodestring(m_type))
def consume_flash(self):
""" Gets a stored flash cookie and destroys it. """
message = self.get_secure_cookie("message")
m_type = self.get_secure_cookie("message_type")
if not message:
return None
message = base64.decodestring(message)
if not m_type:
m_type = "info"
else:
m_type = base64.decodestring(m_type)
self.clear_cookie("message")
self.clear_cookie("message_type")
return {'message': message, 'message_type': m_type}
def store_auth(self, id):
""" Stores the user's auth cookie. """
auth = self.user_manager.get(id, "auth")
if not auth:
raise Exception(
"Failed to store auth cookie. Could not user_manager.get(" +
str(id) + ", '" + str(auth) + "').")
self.set_secure_cookie("user_auth", auth)
def login(self):
""" Returns the current user's data using UserManager's consume_auth, and store the new cookie.
If the current user doesn't exist, one is created. """
cookie = self.get_secure_cookie("user_auth")
if cookie:
user_id = self.user_manager.consume_auth(cookie)
if (not cookie) or (not user_id):
user_id = self.user_manager.create_new()
self.store_auth(user_id)
return self.user_manager.get(user_id)
def logout(self):
""" Deletes the user's stored cookie, after consuming it for good measure. """
cookie = self.get_secure_cookie("user_auth")
if (cookie):
self.user_manager.consume_auth(cookie)
self.clear_cookie("user_auth")
def check_argument(self, argument):
"Utility method to check if argument exists and isn't blank."
return ((argument in self.request.arguments)
and (self.get_argument(argument) != ''))
class User(AbstractBaseUser):
""" defines a user model """
class Meta:
db_table = 'users'
REGULAR_USER_LEVEL = 'regular_user'
ADMIN_LEVEL = 'website_admin'
SUPERADMIN_LEVEL = 'super_admin'
USER_LEVELS = [(REGULAR_USER_LEVEL, 'Regular User'),
(ADMIN_LEVEL, 'Company admin'),
(SUPERADMIN_LEVEL, 'Super Admin')]
USERNAME_FIELD = 'email'
REQUIRED_FIELDS = ['password', 'first_name', 'last_name']
objects = UserManager()
email = EmailField(max_length=64, unique=True)
password = CharField(max_length=256)
first_name = CharField(max_length=64)
last_name = CharField(max_length=64)
address = CharField(max_length=128, default=None, null=True, blank=True)
level = CharField(max_length=32,
default=REGULAR_USER_LEVEL,
choices=USER_LEVELS)
created_at = DateTimeField(auto_now_add=True)
updated_at = DateTimeField(auto_now=True)
def is_admin(self):
return self.level == self.ADMIN_LEVEL
def is_super_admin(self):
return self.level == self.SUPERADMIN_LEVEL
def is_regular_user(self):
return self.level == self.REGULAR_USER_LEVELx
def get_foreign_key_objects(self):
pass
def to_dict(self):
data = OrderedDict()
data['email'] = self.email
data['surname'] = self.first_name
data['name'] = self.last_name
data['level'] = self.level
data['created'] = self.created_at
data['updated'] = self.updated_at
data['last_login'] = self.last_login
return data
def to_string(self):
return self.first_name + ' ' + self.last_name
def user_add(name, admin=False, email=None):
password = prompt_pass("Please enter a password")
if password:
status = UserManager.add(name, password, email, admin)
if status != UserManager.SUCCESS:
print >> sys.stderr, UserManager.error_str(status)
"""
Endpoints for user management
"""
import json
from flask import Blueprint, request, Response
from sqlalchemy import create_engine
from sqlalchemy.orm import sessionmaker
from managers.user import UserManager
bp_users = Blueprint('users', __name__)
pg_client = create_engine('postgres://127.0.0.1/pixel')
Session = sessionmaker(bind=pg_client)
users = UserManager()
@bp_users.route('/users', methods=['POST'])
def create_user():
session = Session()
data = json.loads(request.data)
username = data['username']
email = data['email']
password = str(data['password'])
try:
user = users.create_user(session, username, email, password)
res = json.dumps(user.json), 201
except Exception as e:
if 'Key (username)' in e.message:
res = 'Username {} is already used'.format(username)
def check_admin():
if not request.path.startswith('/folder'):
return
if not UserManager.get(fl_sess.get('userid'))[1].admin:
return redirect(url_for('index'))
def __init__(self):
super().__init__()
self.user_manager = UserManager()
self.manager = WebhookManager()
def user_profile():
prefs = ClientPrefs.query.filter(ClientPrefs.user_id == uuid.UUID(session.get('userid')))
return render_template('profile.html', user = UserManager.get(session.get('userid'))[1], api_key = config.get('lastfm', 'api_key'), clients = prefs)
