def setup():
init_db()
con = engine.connect()
con.execute(users.delete())
con.execute(users.insert(), name='admin', email='admin@localhost', password='******')
con.execute(users.insert(), name='anna', email='anna@localhost', password='******')
return "ok"
def _delete_all_users(self):
"""
Deletes all users from db,
use at your own risk
"""
del_all = users.delete()
self.conn.execute(del_all)
def test_deleting(self):
d = users.delete().where(users.c.user_uuid == self.sample_uuid1)
self.conn.execute(d)
sel = self.conn.execute(select([users]).where(users.c.username == u"konrad")).fetchone()
#Empty tuple
self.assertFalse(sel)
def _delete_all_users(self):
"""
Deletes all users from db,
use at your own risk
"""
del_all = users.delete()
self.conn.execute(del_all)
def delete_users(user_id):
if user_id != request.user.get('id'):
error = {
'error': 'Unauthorized'
}
resp = jsonify(error)
resp.status_code = 401
return resp
stmt = users.delete().where(users.c.id == int(user_id))
conn = engine.connect()
conn.execute(stmt)
result_resp = {
'success': True,
}
resp = jsonify(result_resp)
resp.status_code = 200
return resp
def exposed_delete_user(self, session_id, token, user_id):
if (session_id in self.login_users
and token == self.login_users[session_id]['token']):
# token有效
operator = self.login_users[session_id]['id']
# 检查用户权限
operator_info = users.get(self.host, self.user, self.passwd,
operator)
if (operator_info
and int.from_bytes(operator_info[0]['dominated'], 'big')):
result = users.delete(self.host, self.user, self.passwd,
user_id)
for k, v in list(self.login_users.items()):
if v['id'] == user_id:
del self.login_users[k]
else:
result = 2 # 用户权限不足
mnemosyne.create(self.host, self.user, self.passwd, 'user',
operator, 4, 1 if result else 0)
else:
# token失效
result = -1
return result
def remove_user():
user_id = request.form.get("id_usuario")
if user_id:
users.delete().where(users.c.user_id == user_id).execute()
flash("Usuario eliminado correctamente", 'success')
return redirect(url_for('auth.list_users'))